IPSec теория и практика

Обсуждаем сайт и форум.

Модератор: f0s

drg
рядовой
Сообщения: 10
Зарегистрирован: 2007-08-07 14:40:06

Re: IPSec теория и практика

Непрочитанное сообщение drg » 2011-01-21 13:27:12

Добрый день.

Никак не могу подружить ракун с мобильным девайсом (iPhone).

Код: Выделить всё

2011-01-21 12:20:37: DEBUG: begin.
2011-01-21 12:20:37: DEBUG: seen nptype=5(id)
2011-01-21 12:20:37: DEBUG: seen nptype=6(cert)
2011-01-21 12:20:37: DEBUG: seen nptype=9(sig)
2011-01-21 12:20:37: DEBUG: seen nptype=7(cr)
2011-01-21 12:20:37: DEBUG: seen nptype=11(notify)
2011-01-21 12:20:37: DEBUG: succeed.
2011-01-21 12:20:37: ERROR: Inpropper ID type passed: KEY_ID.
2011-01-21 12:20:37: DEBUG: Discarding CERT: does not match ID.
2011-01-21 12:20:37: DEBUG: CR saved:
2011-01-21 12:20:37: DEBUG:
2011-01-21 12:20:37: DEBUG: Notify Message received
2011-01-21 12:20:37: WARNING: ignore INITIAL-CONTACT notification, because it is only accepted after phase1.
2011-01-21 12:20:37: DEBUG: SIGN passed:
2011-01-21 12:20:37: DEBUG:
19d3e879 6a8f527b 561223d9 1f2ca048 b39a7e35 4fa89a62 45c949a4 1edd6eb7
c95c2bc4 395f77bb 7a0887b1 c35bc5e4 d131c646 13f71055 b106d0f6 41c26868
1e50ed55 64e04345 d1d762fa a2d775e3 9e6bf64d b06aed93 e5d80ede 1947d2ab
b3383f39 d6532053 c3d8c300 87f8247e e78bc715 5a714d67 ea1a0c9f d349ede1
2011-01-21 12:20:37: ERROR: no peer's CERT payload found.
в конфиге копался несколько дней, параллельно проверял работу с компа (IPSec+L2TP и Shrew Soft VPN Client)
периодически все сводилось либо к

Код: Выделить всё

ERROR: failed to get subjectAltName
ERROR: no peer's CERT payload found.
либо

Код: Выделить всё

WARNING: unable to get certificate CRL(3) at depth:0
Если выставить verify_cert off; то работают оба варианта коннекта с компа, а телефон начинает говорить, что не может проверить сертификат сервера (логично).
предложение для него следующее:

Код: Выделить всё

    proposal {
        authentication_method xauth_rsa_server;
        encryption_algorithm aes;
        hash_algorithm sha1;
        dh_group 2; 
    }
Несколько раз переделывал сертификаты (сначала с помощью easy-rsa, потом напрямую). В некоторых источниках говорят, что в сертификате клиента должно быть fqdn клиента в common name и subjectAltName.

Истина где-то рядом, но прячется. В связи с этим вопрос: как правильно заполнять сертификаты и есть ли примеры рабочих сертификатов (например скриншоты заполнения полей)?

Хостинговая компания Host-Food.ru
Хостинг HostFood.ru
 

Услуги хостинговой компании Host-Food.ru

Хостинг HostFood.ru

Тарифы на хостинг в России, от 12 рублей: https://www.host-food.ru/tariffs/hosting/
Тарифы на виртуальные сервера (VPS/VDS/KVM) в РФ, от 189 руб.: https://www.host-food.ru/tariffs/virtualny-server-vps/
Выделенные сервера, Россия, Москва, от 2000 рублей (HP Proliant G5, Intel Xeon E5430 (2.66GHz, Quad-Core, 12Mb), 8Gb RAM, 2x300Gb SAS HDD, P400i, 512Mb, BBU):
https://www.host-food.ru/tariffs/vydelennyi-server-ds/
Недорогие домены в популярных зонах: https://www.host-food.ru/domains/

Al
ст. прапорщик
Сообщения: 501
Зарегистрирован: 2007-10-18 13:42:48
Откуда: Тверь
Контактная информация:

Re: IPSec теория и практика

Непрочитанное сообщение Al » 2011-01-21 13:48:52

WARNING: unable to get certificate CRL(3) at depth:0
Это говорит о том, что нет списка отозванных сертификатов. Это не проблема.
В коммон нейм лучше написать fqdn. В серверный - сервера, в клиентский - клиента. https на это обижается, с ракуном не пробовал. При этом оба должны иметь один СА.
Прочитайте статью. Там и про методы аутентификации, и про аутентификацию по сертификатам с рабочими конфинами, и подробно по созданию сертификатов.
Итог тут.
http://www.lissyara.su/articles/freebsd ... ty/ipsec2/

nnmax
рядовой
Сообщения: 42
Зарегистрирован: 2010-03-28 21:48:28

Re: IPSec теория и практика

Непрочитанное сообщение nnmax » 2011-07-13 1:57:07

drg писал(а):Добрый день.

Никак не могу подружить ракун с мобильным девайсом (iPhone).

Код: Выделить всё

2011-01-21 12:20:37: DEBUG: begin.
2011-01-21 12:20:37: DEBUG: seen nptype=5(id)
2011-01-21 12:20:37: DEBUG: seen nptype=6(cert)
2011-01-21 12:20:37: DEBUG: seen nptype=9(sig)
2011-01-21 12:20:37: DEBUG: seen nptype=7(cr)
2011-01-21 12:20:37: DEBUG: seen nptype=11(notify)
2011-01-21 12:20:37: DEBUG: succeed.
2011-01-21 12:20:37: ERROR: Inpropper ID type passed: KEY_ID.
2011-01-21 12:20:37: DEBUG: Discarding CERT: does not match ID.
2011-01-21 12:20:37: DEBUG: CR saved:
2011-01-21 12:20:37: DEBUG:
2011-01-21 12:20:37: DEBUG: Notify Message received
2011-01-21 12:20:37: WARNING: ignore INITIAL-CONTACT notification, because it is only accepted after phase1.
2011-01-21 12:20:37: DEBUG: SIGN passed:
2011-01-21 12:20:37: DEBUG:
19d3e879 6a8f527b 561223d9 1f2ca048 b39a7e35 4fa89a62 45c949a4 1edd6eb7
c95c2bc4 395f77bb 7a0887b1 c35bc5e4 d131c646 13f71055 b106d0f6 41c26868
1e50ed55 64e04345 d1d762fa a2d775e3 9e6bf64d b06aed93 e5d80ede 1947d2ab
b3383f39 d6532053 c3d8c300 87f8247e e78bc715 5a714d67 ea1a0c9f d349ede1
2011-01-21 12:20:37: ERROR: no peer's CERT payload found.
в конфиге копался несколько дней, параллельно проверял работу с компа (IPSec+L2TP и Shrew Soft VPN Client)
периодически все сводилось либо к

Код: Выделить всё

ERROR: failed to get subjectAltName
ERROR: no peer's CERT payload found.
либо

Код: Выделить всё

WARNING: unable to get certificate CRL(3) at depth:0
Если выставить verify_cert off; то работают оба варианта коннекта с компа, а телефон начинает говорить, что не может проверить сертификат сервера (логично).
предложение для него следующее:

Код: Выделить всё

    proposal {
        authentication_method xauth_rsa_server;
        encryption_algorithm aes;
        hash_algorithm sha1;
        dh_group 2; 
    }
Несколько раз переделывал сертификаты (сначала с помощью easy-rsa, потом напрямую). В некоторых источниках говорят, что в сертификате клиента должно быть fqdn клиента в common name и subjectAltName.

Истина где-то рядом, но прячется. В связи с этим вопрос: как правильно заполнять сертификаты и есть ли примеры рабочих сертификатов (например скриншоты заполнения полей)?

А конфиг есть?

Гость
проходил мимо

Re: IPSec теория и практика

Непрочитанное сообщение Гость » 2011-07-16 19:37:58

Похожая проблема только iphone'ы цепляются, а вот с android'ами затык.

Код: Выделить всё

Jul 16 18:11:05 test racoon: ERROR: failed to get subjectAltName
Jul 16 18:11:05 test racoon: DEBUG: Discarding CERT: does not match ID.
Jul 16 18:11:05 test racoon: DEBUG: CR received:
Jul 16 18:11:05 test racoon: DEBUG:  04
Jul 16 18:11:05 test racoon: DEBUG: SIGN passed:
Jul 16 18:11:05 test racoon: ERROR: no peer's CERT payload found.
поиски в интернете завели меня в гугл, с тем что андройды версий до 2.3 в качестве ID шлют свой IP, хотя в логе я даже этого не увидел, видимо они вообще не присылают ID, и ракун подставляет IP адрес, который потом пытается сверить с полями сертификата.
Кейс в гугле http://code.google.com/p/android/issues/detail?id=13393

Вписывать IP в сертификат это конечно не выход т.к предполагалось юзать гаджеты на динамике.

Может кто решал такие задачи, знаю что на железяках вроде Cisco ASA можно отключить чек peer identity , но вот как это с ракуном провернуть, может есть какие патчи?

masterevil
рядовой
Сообщения: 10
Зарегистрирован: 2011-05-17 15:05:00

Re: IPSec теория и практика

Непрочитанное сообщение masterevil » 2011-12-16 14:38:27

Ребят, наставьте на путь истинный... Вобщем имеется тазик:

Код: Выделить всё

proxy# uname -a
FreeBSD 8.2-RELEASE FreeBSD 8.2-RELEASE #0: Fri Dec 16 01:23:00 EET 2011 i386
Ядро собрано с поддержкой IPSEC и IPSEC_NAT_T. Патчи описаные в статье сделаны. Внутри сети IPSEC работает на ура, но как только клиентская машина оказывается за NAT, то сразу выползают грабли. Наскилько я понимаю за данную функцию отвечает setkey.conf, но там надо указывать адреса, а клиентская машина мало того что за NATом сидит, у нее адрес динамический, дак еще и адрес самого NAT тоже динамический. Каким образом можно видоизменить setkey.conf чтобы получить таки соединение?

Al
ст. прапорщик
Сообщения: 501
Зарегистрирован: 2007-10-18 13:42:48
Откуда: Тверь
Контактная информация:

Re: IPSec теория и практика

Непрочитанное сообщение Al » 2011-12-16 15:03:42

Вы неправильно поняли. setkey для другого. На момент написания статьи реализовать функцию nat-t не получилось. Более детально описано в этой теме ранее и немного в статье.

nnmax
рядовой
Сообщения: 42
Зарегистрирован: 2010-03-28 21:48:28

Re: IPSec теория и практика

Непрочитанное сообщение nnmax » 2011-12-17 12:53:18

Гость писал(а):Похожая проблема только iphone'ы цепляются, а вот с android'ами затык.

Код: Выделить всё

Jul 16 18:11:05 test racoon: ERROR: failed to get subjectAltName
Jul 16 18:11:05 test racoon: DEBUG: Discarding CERT: does not match ID.
Jul 16 18:11:05 test racoon: DEBUG: CR received:
Jul 16 18:11:05 test racoon: DEBUG:  04
Jul 16 18:11:05 test racoon: DEBUG: SIGN passed:
Jul 16 18:11:05 test racoon: ERROR: no peer's CERT payload found.
поиски в интернете завели меня в гугл, с тем что андройды версий до 2.3 в качестве ID шлют свой IP, хотя в логе я даже этого не увидел, видимо они вообще не присылают ID, и ракун подставляет IP адрес, который потом пытается сверить с полями сертификата.
Кейс в гугле http://code.google.com/p/android/issues/detail?id=13393

Вписывать IP в сертификат это конечно не выход т.к предполагалось юзать гаджеты на динамике.

Может кто решал такие задачи, знаю что на железяках вроде Cisco ASA можно отключить чек peer identity , но вот как это с ракуном провернуть, может есть какие патчи?

С ракуном я отключал check-id через исходники(могу описать как, ток это пока не самая главная проблема), но тут же возникла проблема в том что на стороне клиента при верификации сертификата сервера, данная процедура завершается фэйлом.
Ошибка вылетает такая как если бы из цепочки сертификатов CA, выкинули сертификат центра выдачи:
CA_chain = сертификат CA cybertrust + CA mycompany

Более глубокое изучение кейстора на андройде показало что при инсталляции цепочки CA , в кейстор записывается только CAmycompany. Для проверки можно попробывать руками туда записать весь чейн, но у меня щас на руках нет рутованого андройда.

По данному траблу я открыл тикет в HTC , но там они что-то уже очень давно никак не ответят мне.

nnmax
рядовой
Сообщения: 42
Зарегистрирован: 2010-03-28 21:48:28

Re: IPSec теория и практика

Непрочитанное сообщение nnmax » 2011-12-17 12:55:55

masterevil писал(а):Ребят, наставьте на путь истинный... Вобщем имеется тазик:

Код: Выделить всё

proxy# uname -a
FreeBSD 8.2-RELEASE FreeBSD 8.2-RELEASE #0: Fri Dec 16 01:23:00 EET 2011 i386
Ядро собрано с поддержкой IPSEC и IPSEC_NAT_T. Патчи описаные в статье сделаны. Внутри сети IPSEC работает на ура, но как только клиентская машина оказывается за NAT, то сразу выползают грабли. Наскилько я понимаю за данную функцию отвечает setkey.conf, но там надо указывать адреса, а клиентская машина мало того что за NATом сидит, у нее адрес динамический, дак еще и адрес самого NAT тоже динамический. Каким образом можно видоизменить setkey.conf чтобы получить таки соединение?

А вы поддержку нат_т включили в самом ракуне? Конфиг кстати в студию.

masterevil
рядовой
Сообщения: 10
Зарегистрирован: 2011-05-17 15:05:00

Re: IPSec теория и практика

Непрочитанное сообщение masterevil » 2011-12-19 12:13:02

nnmax писал(а):
masterevil писал(а):Ребят, наставьте на путь истинный... Вобщем имеется тазик:

Код: Выделить всё

proxy# uname -a
FreeBSD 8.2-RELEASE FreeBSD 8.2-RELEASE #0: Fri Dec 16 01:23:00 EET 2011 i386
Ядро собрано с поддержкой IPSEC и IPSEC_NAT_T. Патчи описаные в статье сделаны. Внутри сети IPSEC работает на ура, но как только клиентская машина оказывается за NAT, то сразу выползают грабли. Наскилько я понимаю за данную функцию отвечает setkey.conf, но там надо указывать адреса, а клиентская машина мало того что за NATом сидит, у нее адрес динамический, дак еще и адрес самого NAT тоже динамический. Каким образом можно видоизменить setkey.conf чтобы получить таки соединение?

А вы поддержку нат_т включили в самом ракуне? Конфиг кстати в студию.

Код: Выделить всё

proxy# cat /usr/local/etc/racoon/racoon.conf
# $KAME: racoon.conf.in,v 1.18 2001/08/16 06:33:40 itojun Exp $

# "path" affects "include" directives.  "path" must be specified before any
# "include" directive with relative file path.
# you can overwrite "path" directive afterwards, however, doing so may add
# more confusion.
path include "/usr/local/etc/racoon";
#include "remote.conf";

# the file should contain key ID/key pairs, for pre-shared key authentication.
path pre_shared_key "/usr/local/etc/racoon/psk.txt";

# racoon will look for certificate file in the directory,
# if the certificate/certificate request payload is received.
path certificate "/usr/local/etc/racoon/cert";

# "log" specifies logging level.  It is followed by either "notify", "debug"
# or "debug2".
log debug;

# "padding" defines some padding parameters.  You should not touch these.
padding
{
        maximum_length 20;      # maximum padding length.
        randomize off;          # enable randomize length.
        strict_check off;       # enable strict check.
        exclusive_tail off;     # extract last one octet.
}

# if no listen directive is specified, racoon will listen on all
# available interface addresses.
listen
{
        #isakmp ::1 [7000];
        isakmp xxx.xxx.xxx.xxx;
        isakmp_natt xxx.xxx.xxx.xxx [4500];
        #admin [7002];          # administrative port for racoonctl.
        #strict_address;        # requires that all addresses must be bound.
}

# Specify various default timers.
timer
{
        # These value can be changed per remote node.
        counter 5;              # maximum trying count to send.
        interval 20 sec;        # maximum interval to resend.
        persend 1;              # the number of packets per send.

        # maximum time to wait for completing each phase.
        phase1 30 sec;
        phase2 15 sec;
        natt_keepalive 10sec;
}

remote anonymous
{
        exchange_mode main,aggressive;
        lifetime time 24 hour;
        passive off;
        generate_policy on;
        proposal_check obey;
        nat_traversal on;
        ike_frag on;

#       doi ipsec_doi;
#       situation identity_only;

#       my_identifier asn1dn;
#       certificate_type x509 "my.cert.pem" "my.key.pem";

#       nonce_size 16;
#       initial_contact on;
#       proposal_check strict;  # obey, strict, or claim

        proposal {
                encryption_algorithm 3des;
                hash_algorithm sha1;
                authentication_method pre_shared_key;
                dh_group 2;
        }
}

#remote ::1 [8000]
#{
#       #exchange_mode main,aggressive;
#       exchange_mode aggressive,main;
#       doi ipsec_doi;
#       situation identity_only;

#       my_identifier user_fqdn "sakane@kame.net";
#       peers_identifier user_fqdn "sakane@kame.net";
#       #certificate_type x509 "mycert" "mypriv";

#       nonce_size 16;
#       lifetime time 1 min;    # sec,min,hour

#       proposal {
#               encryption_algorithm 3des;
#               hash_algorithm sha1;
#               authentication_method pre_shared_key;
#               dh_group 2;
#       }
#}

sainfo anonymous
{
#       pfs_group 2;
        encryption_algorithm 3des;
        authentication_algorithm hmac_md5, hmac_sha1;
        lifetime time 1 hour;
        compression_algorithm deflate;
}

#sainfo address 203.178.141.209 any address 203.178.141.218 any
#{
#       pfs_group 2;
#       lifetime time 30 sec;
#       encryption_algorithm des;
#       authentication_algorithm hmac_md5;
#       compression_algorithm deflate;
#}

#sainfo address ::1 icmp6 address ::1 icmp6
#{
#       pfs_group 3;
#       lifetime time 60 sec;
#       encryption_algorithm 3des, blowfish, aes;
#       authentication_algorithm hmac_sha1, hmac_md5;
#       compression_algorithm deflate;
#}
Ракун после пересборки ядра с поддержкой ната для IPSEC, пересобрал тоже, в конфиге при сборке включил нат. Вот лист конфига ракуна, собственно ничем от конфигурации в статье не отличается.

nnmax
рядовой
Сообщения: 42
Зарегистрирован: 2010-03-28 21:48:28

Re: IPSec теория и практика

Непрочитанное сообщение nnmax » 2011-12-19 13:03:23

А что вы в логе видите? Клиент у вас тоже бсд ? Как вариант попробуйте nat_traversal force; Но прежде лучше лог изучить, Согласование должно переключаться на порт 4500 при обнаружении ната, если сервер не может его обнаружить то подключения не произойдет.

Немного рфц: http://tools.ietf.org/html/rfc3947

masterevil
рядовой
Сообщения: 10
Зарегистрирован: 2011-05-17 15:05:00

Re: IPSec теория и практика

Непрочитанное сообщение masterevil » 2011-12-19 15:26:25

Код: Выделить всё

Dec 19 14:15:26 proxy racoon: DEBUG: ===
Dec 19 14:15:26 proxy racoon: DEBUG: 312 bytes message received from 10.0.11.2[1022] to XXX.XXX.XXX.XXX[500]
Dec 19 14:15:26 proxy racoon: DEBUG:  cf2eab3d 2641496c 00000000 00000000 01100200 00000000 00000138 0d0000c8 00000001 00000001 000000bc 01010005 03000024 01010000 80010005 80020002 8004000e 80030001 800b0001 000c0004 00007080 03000024 02010000 80010005 80020002 80040002 80030001 800b0001 000c0004 00007080 03000024 03010000 80010005 80020001 80040002 80030001 800b0001 000c0004 00007080 03000024 04010000 80010001 80020002 80040001 80030001 800b0001 000c0004 00007080 00000024 05010000 80010001 80020001 80040001 80030001 800b0001 000c0004 00007080 0d000018 1e2b5169 05991c7d 7c96fcbf b587e461 00000004 0d000014 4048b7d5 6ebce885 25e7de7f 00d6c2d3 0d000014 90cb8091 3ebb696e 086381b5 ec427b1f 00000014 26244d38 eddb61b3 172a36e3 d0cfb819
Dec 19 14:15:26 proxy racoon: DEBUG: ===
Dec 19 14:15:26 proxy racoon: INFO: respond new phase 1 negotiation: XXX.XXX.XXX.XXX[500]<=>10.0.11.2[1022]
Dec 19 14:15:26 proxy racoon: INFO: begin Identity Protection mode.
Dec 19 14:15:26 proxy racoon: DEBUG: begin.
Dec 19 14:15:26 proxy racoon: DEBUG: seen nptype=1(sa)
Dec 19 14:15:26 proxy racoon: DEBUG: seen nptype=13(vid)
Dec 19 14:15:26 proxy last message repeated 3 times
Dec 19 14:15:26 proxy racoon: DEBUG: succeed.
Dec 19 14:15:26 proxy racoon: INFO: received broken Microsoft ID: MS NT5 ISAKMPOAKLEY
Dec 19 14:15:26 proxy racoon: INFO: received Vendor ID: FRAGMENTATION
Dec 19 14:15:26 proxy racoon: INFO: received Vendor ID: draft-ietf-ipsec-nat-t-ike-02 
Dec 19 14:15:26 proxy racoon: DEBUG: received unknown Vendor ID
Dec 19 14:15:26 proxy racoon: DEBUG:  26244d38 eddb61b3 172a36e3 d0cfb819
Dec 19 14:15:26 proxy racoon: [10.0.11.2] INFO: Selected NAT-T version: draft-ietf-ipsec-nat-t-ike-02 
Dec 19 14:15:26 proxy racoon: DEBUG: total SA len=196
Dec 19 14:15:26 proxy racoon: DEBUG:  00000001 00000001 000000bc 01010005 03000024 01010000 80010005 80020002 8004000e 80030001 800b0001 000c0004 00007080 03000024 02010000 80010005 80020002 80040002 80030001 800b0001 000c0004 00007080 03000024 03010000 80010005 80020001 80040002 80030001 800b0001 000c0004 00007080 03000024 04010000 80010001 80020002 80040001 80030001 800b0001 000c0004 00007080 00000024 05010000 80010001 80020001 80040001 80030001 800b0001 000c0004 00007080
Dec 19 14:15:26 proxy racoon: DEBUG: begin.
Dec 19 14:15:26 proxy racoon: DEBUG: seen nptype=2(prop)
Dec 19 14:15:26 proxy racoon: DEBUG: succeed.
Dec 19 14:15:26 proxy racoon: DEBUG: proposal #1 len=188
Dec 19 14:15:26 proxy racoon: DEBUG: begin.
Dec 19 14:15:26 proxy racoon: DEBUG: seen nptype=3(trns)
Dec 19 14:15:26 proxy last message repeated 4 times
Dec 19 14:15:26 proxy racoon: DEBUG: succeed.
Dec 19 14:15:26 proxy racoon: DEBUG: transform #1 len=36
Dec 19 14:15:26 proxy racoon: DEBUG: type=Encryption Algorithm, flag=0x8000, lorv=3DES-CBC
Dec 19 14:15:26 proxy racoon: DEBUG: encryption(3des)
Dec 19 14:15:26 proxy racoon: DEBUG: type=Hash Algorithm, flag=0x8000, lorv=SHA
Dec 19 14:15:26 proxy racoon: DEBUG: hash(sha1)
Dec 19 14:15:26 proxy racoon: DEBUG: type=Group Description, flag=0x8000, lorv=2048-bit MODP group
Dec 19 14:15:26 proxy racoon: DEBUG: hmac(modp2048)
Dec 19 14:15:26 proxy racoon: DEBUG: type=Authentication Method, flag=0x8000, lorv=pre-shared key
Dec 19 14:15:26 proxy racoon: DEBUG: type=Life Type, flag=0x8000, lorv=seconds
Dec 19 14:15:26 proxy racoon: DEBUG: type=Life Duration, flag=0x0000, lorv=4
Dec 19 14:15:26 proxy racoon: DEBUG: transform #2 len=36
Dec 19 14:15:26 proxy racoon: DEBUG: type=Encryption Algorithm, flag=0x8000, lorv=3DES-CBC
Dec 19 14:15:26 proxy racoon: DEBUG: encryption(3des)
Dec 19 14:15:26 proxy racoon: DEBUG: type=Hash Algorithm, flag=0x8000, lorv=SHA
Dec 19 14:15:26 proxy racoon: DEBUG: hash(sha1)
Dec 19 14:15:26 proxy racoon: DEBUG: type=Group Description, flag=0x8000, lorv=1024-bit MODP group
Dec 19 14:15:26 proxy racoon: DEBUG: hmac(modp1024)
Dec 19 14:15:26 proxy racoon: DEBUG: type=Authentication Method, flag=0x8000, lorv=pre-shared key
Dec 19 14:15:26 proxy racoon: DEBUG: type=Life Type, flag=0x8000, lorv=seconds
Dec 19 14:15:26 proxy racoon: DEBUG: type=Life Duration, flag=0x0000, lorv=4
Dec 19 14:15:26 proxy racoon: DEBUG: transform #3 len=36
Dec 19 14:15:26 proxy racoon: DEBUG: type=Encryption Algorithm, flag=0x8000, lorv=3DES-CBC
Dec 19 14:15:26 proxy racoon: DEBUG: encryption(3des)
Dec 19 14:15:26 proxy racoon: DEBUG: type=Hash Algorithm, flag=0x8000, lorv=MD5
Dec 19 14:15:26 proxy racoon: DEBUG: hash(md5)
Dec 19 14:15:26 proxy racoon: DEBUG: type=Group Description, flag=0x8000, lorv=1024-bit MODP group
Dec 19 14:15:26 proxy racoon: DEBUG: hmac(modp1024)
Dec 19 14:15:26 proxy racoon: DEBUG: type=Authentication Method, flag=0x8000, lorv=pre-shared key
Dec 19 14:15:26 proxy racoon: DEBUG: type=Life Type, flag=0x8000, lorv=seconds
Dec 19 14:15:26 proxy racoon: DEBUG: type=Life Duration, flag=0x0000, lorv=4
Dec 19 14:15:26 proxy racoon: DEBUG: transform #4 len=36
Dec 19 14:15:26 proxy racoon: DEBUG: type=Encryption Algorithm, flag=0x8000, lorv=DES-CBC
Dec 19 14:15:26 proxy racoon: DEBUG: encryption(des)
Dec 19 14:15:26 proxy racoon: DEBUG: type=Hash Algorithm, flag=0x8000, lorv=SHA
Dec 19 14:15:26 proxy racoon: DEBUG: hash(sha1)
Dec 19 14:15:26 proxy racoon: DEBUG: type=Group Description, flag=0x8000, lorv=768-bit MODP group
Dec 19 14:15:26 proxy racoon: DEBUG: hmac(modp768)
Dec 19 14:15:26 proxy racoon: DEBUG: type=Authentication Method, flag=0x8000, lorv=pre-shared key
Dec 19 14:15:26 proxy racoon: DEBUG: type=Life Type, flag=0x8000, lorv=seconds
Dec 19 14:15:26 proxy racoon: DEBUG: type=Life Duration, flag=0x0000, lorv=4
Dec 19 14:15:26 proxy racoon: DEBUG: transform #5 len=36
Dec 19 14:15:26 proxy racoon: DEBUG: type=Encryption Algorithm, flag=0x8000, lorv=DES-CBC
Dec 19 14:15:26 proxy racoon: DEBUG: encryption(des)
Dec 19 14:15:26 proxy racoon: DEBUG: type=Hash Algorithm, flag=0x8000, lorv=MD5
Dec 19 14:15:26 proxy racoon: DEBUG: hash(md5)
Dec 19 14:15:26 proxy racoon: DEBUG: type=Group Description, flag=0x8000, lorv=768-bit MODP group
Dec 19 14:15:26 proxy racoon: DEBUG: hmac(modp768)
Dec 19 14:15:26 proxy racoon: DEBUG: type=Authentication Method, flag=0x8000, lorv=pre-shared key
Dec 19 14:15:26 proxy racoon: DEBUG: type=Life Type, flag=0x8000, lorv=seconds
Dec 19 14:15:26 proxy racoon: DEBUG: type=Life Duration, flag=0x0000, lorv=4
Dec 19 14:15:26 proxy racoon: DEBUG: pair 1:
Dec 19 14:15:26 proxy racoon: DEBUG:  0x285173c0: next=0x0 tnext=0x285173e0
Dec 19 14:15:26 proxy racoon: DEBUG:   0x285173e0: next=0x0 tnext=0x285173f0
Dec 19 14:15:26 proxy racoon: DEBUG:    0x285173f0: next=0x0 tnext=0x28517420
Dec 19 14:15:26 proxy racoon: DEBUG:     0x28517420: next=0x0 tnext=0x28517430
Dec 19 14:15:26 proxy racoon: DEBUG:      0x28517430: next=0x0 tnext=0x0
Dec 19 14:15:26 proxy racoon: DEBUG: proposal #1: 5 transform
Dec 19 14:15:26 proxy racoon: DEBUG: type=Encryption Algorithm, flag=0x8000, lorv=3DES-CBC
Dec 19 14:15:26 proxy racoon: DEBUG: type=Hash Algorithm, flag=0x8000, lorv=SHA
Dec 19 14:15:26 proxy racoon: DEBUG: type=Group Description, flag=0x8000, lorv=2048-bit MODP group
Dec 19 14:15:26 proxy racoon: DEBUG: type=Authentication Method, flag=0x8000, lorv=pre-shared key
Dec 19 14:15:26 proxy racoon: DEBUG: type=Life Type, flag=0x8000, lorv=seconds
Dec 19 14:15:26 proxy racoon: DEBUG: type=Life Duration, flag=0x0000, lorv=4
Dec 19 14:15:26 proxy racoon: DEBUG: prop#=1, prot-id=ISAKMP, spi-size=0, #trns=5
Dec 19 14:15:26 proxy racoon: DEBUG: trns#=1, trns-id=IKE
Dec 19 14:15:26 proxy racoon: DEBUG:   lifetime = 28800
Dec 19 14:15:26 proxy racoon: DEBUG:   lifebyte = 0
Dec 19 14:15:26 proxy racoon: DEBUG:   enctype = 3DES-CBC
Dec 19 14:15:26 proxy racoon: DEBUG:   encklen = 0
Dec 19 14:15:26 proxy racoon: DEBUG:   hashtype = SHA
Dec 19 14:15:26 proxy racoon: DEBUG:   authmethod = pre-shared key
Dec 19 14:15:26 proxy racoon: DEBUG:   dh_group = 2048-bit MODP group
Dec 19 14:15:26 proxy racoon: DEBUG: type=Encryption Algorithm, flag=0x8000, lorv=3DES-CBC
Dec 19 14:15:26 proxy racoon: DEBUG: type=Hash Algorithm, flag=0x8000, lorv=SHA
Dec 19 14:15:26 proxy racoon: DEBUG: type=Group Description, flag=0x8000, lorv=1024-bit MODP group
Dec 19 14:15:26 proxy racoon: DEBUG: type=Authentication Method, flag=0x8000, lorv=pre-shared key
Dec 19 14:15:26 proxy racoon: DEBUG: type=Life Type, flag=0x8000, lorv=seconds
Dec 19 14:15:26 proxy racoon: DEBUG: type=Life Duration, flag=0x0000, lorv=4
Dec 19 14:15:26 proxy racoon: DEBUG: prop#=1, prot-id=ISAKMP, spi-size=0, #trns=5
Dec 19 14:15:26 proxy racoon: DEBUG: trns#=2, trns-id=IKE
Dec 19 14:15:26 proxy racoon: DEBUG:   lifetime = 28800
Dec 19 14:15:26 proxy racoon: DEBUG:   lifebyte = 0
Dec 19 14:15:26 proxy racoon: DEBUG:   enctype = 3DES-CBC
Dec 19 14:15:26 proxy racoon: DEBUG:   encklen = 0
Dec 19 14:15:26 proxy racoon: DEBUG:   hashtype = SHA
Dec 19 14:15:26 proxy racoon: DEBUG:   authmethod = pre-shared key
Dec 19 14:15:26 proxy racoon: DEBUG:   dh_group = 1024-bit MODP group
Dec 19 14:15:26 proxy racoon: DEBUG: an acceptable proposal found.
Dec 19 14:15:26 proxy racoon: DEBUG: hmac(modp1024)
Dec 19 14:15:26 proxy racoon: DEBUG: agreed on pre-shared key auth.
Dec 19 14:15:26 proxy racoon: DEBUG: ===
Dec 19 14:15:26 proxy racoon: DEBUG: new cookie: ab201d26e09693f3 
Dec 19 14:15:26 proxy racoon: DEBUG: add payload of len 52, next type 13
Dec 19 14:15:26 proxy racoon: DEBUG: add payload of len 16, next type 0
Dec 19 14:15:26 proxy racoon: DEBUG: 104 bytes from XXX.XXX.XXX.XXX[500] to 10.0.11.2[1022]
Dec 19 14:15:26 proxy racoon: DEBUG: sockname XXX.XXX.XXX.XXX[500]
Dec 19 14:15:26 proxy racoon: DEBUG: send packet from XXX.XXX.XXX.XXX[500]
Dec 19 14:15:26 proxy racoon: DEBUG: send packet to 10.0.11.2[1022]
Dec 19 14:15:26 proxy racoon: DEBUG: 1 times of 104 bytes message will be sent to 10.0.11.2[1022]
Dec 19 14:15:26 proxy racoon: DEBUG:  cf2eab3d 2641496c ab201d26 e09693f3 01100200 00000000 00000068 0d000038 00000001 00000001 0000002c 01010001 00000024 02010000 80010005 80020002 80040002 80030001 800b0001 000c0004 00007080 00000014 90cb8091 3ebb696e 086381b5 ec427b1f
Dec 19 14:15:26 proxy racoon: DEBUG: resend phase1 packet cf2eab3d2641496c:ab201d26e09693f3
Dec 19 14:15:26 proxy racoon: DEBUG: ===
Dec 19 14:15:26 proxy racoon: DEBUG: 232 bytes message received from 10.0.11.2[1022] to XXX.XXX.XXX.XXX[500]
Dec 19 14:15:26 proxy racoon: DEBUG:  cf2eab3d 2641496c ab201d26 e09693f3 04100200 00000000 000000e8 0a000084 04bad87d af49dedf 13dccb86 8fcdcc83 cba32ad9 9bb6be6a aa3851f6 a2c15bd8 4193d7a7 6d4dbd4d 65e793f4 c7614932 d0e12a06 2812ef89 ea71fff2 082387e9 eef311ab d224237f f06209b5 b94ae319 7f3696d7 e4a809af 7b8fd255 0f359ca5 f12998df a84b23e5 50f2d145 66568d7f 05a9c082 e8633fce 8acfb01e 34c548d5 82000018 3520f6d5 dfa90783 9ffa8f67 6d706e7d e9607af3 82000018 f2751b6d 859c9c4b 981086d9 2e01ca58 38e5bfb8 00000018 bd985e38 a605820a 79fa4086 610d75ea 9c5abbb4
Dec 19 14:15:26 proxy racoon: DEBUG: begin.
Dec 19 14:15:26 proxy racoon: DEBUG: seen nptype=4(ke)
Dec 19 14:15:26 proxy racoon: DEBUG: seen nptype=10(nonce)
Dec 19 14:15:26 proxy racoon: DEBUG: seen nptype=130(nat-d)
Dec 19 14:15:26 proxy racoon: DEBUG: seen nptype=130(nat-d)
Dec 19 14:15:26 proxy racoon: DEBUG: succeed.
Dec 19 14:15:26 proxy racoon: [XXX.XXX.XXX.XXX] INFO: Hashing XXX.XXX.XXX.XXX[500] with algo #2 
Dec 19 14:15:26 proxy racoon: DEBUG: hash(sha1)
Dec 19 14:15:26 proxy racoon: INFO: NAT-D payload #0 verified
Dec 19 14:15:26 proxy racoon: [10.0.11.2] INFO: Hashing 10.0.11.2[1022] with algo #2 
Dec 19 14:15:26 proxy racoon: DEBUG: hash(sha1)
Dec 19 14:15:26 proxy racoon: INFO: NAT-D payload #1 doesn't match
Dec 19 14:15:26 proxy racoon: INFO: NAT detected: PEER
Dec 19 14:15:26 proxy racoon: DEBUG: ===
Dec 19 14:15:26 proxy racoon: DEBUG: compute DH's private.
Dec 19 14:15:26 proxy racoon: DEBUG:  44d67d00 27ef1670 3d304163 95c8520d c54ed959 a2a997d0 15123bab a0ed3fdb 190a4ae7 563a861a 08e19fb7 661189fc 9d0d8d23 57c0675f 8601f08a 9d1c2864 b708d8de 7c62e07e c340d8e1 22611d75 c6221966 afc1276f b299cb4b ad0692f9 e12f8fe9 b7ce6a72 c98770a3 c4a2e6bd 5a9f798c 55b87869 e1b586c6 50d0d895
Dec 19 14:15:26 proxy racoon: DEBUG: compute DH's public.
Dec 19 14:15:26 proxy racoon: DEBUG:  eaf21ec7 ae0c19d6 87c22d84 8ed00203 40464a98 c378a019 5cd6d240 4a45a72c 733130b4 6b9d644f ca82fb16 08e20d0b 674ec905 5db06455 51ef9413 1d909129 280893d2 56b827f4 823ce353 4df2d7e5 e258f5f3 f13dd18e 20bace21 c2510042 c481376c 52316c48 338ad5fa c9bc7f26 3cd78394 e9f9831c c1ec2b4b c3dcf68b
Dec 19 14:15:26 proxy racoon: [10.0.11.2] INFO: Hashing 10.0.11.2[1022] with algo #2 
Dec 19 14:15:26 proxy racoon: DEBUG: hash(sha1)
Dec 19 14:15:26 proxy racoon: [XXX.XXX.XXX.XXX] INFO: Hashing XXX.XXX.XXX.XXX[500] with algo #2 
Dec 19 14:15:26 proxy racoon: DEBUG: hash(sha1)
Dec 19 14:15:26 proxy racoon: INFO: Adding remote and local NAT-D payloads.
Dec 19 14:15:26 proxy racoon: DEBUG: add payload of len 128, next type 10
Dec 19 14:15:26 proxy racoon: DEBUG: add payload of len 16, next type 130
Dec 19 14:15:26 proxy racoon: DEBUG: add payload of len 20, next type 130
Dec 19 14:15:26 proxy racoon: DEBUG: add payload of len 20, next type 0
Dec 19 14:15:26 proxy racoon: DEBUG: 228 bytes from XXX.XXX.XXX.XXX[500] to 10.0.11.2[1022]
Dec 19 14:15:26 proxy racoon: DEBUG: sockname XXX.XXX.XXX.XXX[500]
Dec 19 14:15:26 proxy racoon: DEBUG: send packet from XXX.XXX.XXX.XXX[500]
Dec 19 14:15:26 proxy racoon: DEBUG: send packet to 10.0.11.2[1022]
Dec 19 14:15:26 proxy racoon: DEBUG: 1 times of 228 bytes message will be sent to 10.0.11.2[1022]
Dec 19 14:15:26 proxy racoon: DEBUG:  cf2eab3d 2641496c ab201d26 e09693f3 04100200 00000000 000000e4 0a000084 eaf21ec7 ae0c19d6 87c22d84 8ed00203 40464a98 c378a019 5cd6d240 4a45a72c 733130b4 6b9d644f ca82fb16 08e20d0b 674ec905 5db06455 51ef9413 1d909129 280893d2 56b827f4 823ce353 4df2d7e5 e258f5f3 f13dd18e 20bace21 c2510042 c481376c 52316c48 338ad5fa c9bc7f26 3cd78394 e9f9831c c1ec2b4b c3dcf68b 82000014 f32eba11 b0619589 0611789d fd00d369 82000018 d46c4d79 7f01991f 5dc665ff f1309a3e ef6636f8 00000018 f2751b6d 859c9c4b 981086d9 2e01ca58 38e5bfb8
Dec 19 14:15:26 proxy racoon: DEBUG: resend phase1 packet cf2eab3d2641496c:ab201d26e09693f3
Dec 19 14:15:26 proxy racoon: DEBUG: compute DH's shared.
Dec 19 14:15:26 proxy racoon: DEBUG:  67130c59 3674b1d1 a0a8e693 30a66b6c 952744a0 b9c280b3 1e664bfa e9f6f40e 83b06f2c 224ea434 0161d217 99a16674 6011a64d 3d4f02f2 5444f0c6 3583b879 c0f6027e badb2c31 1e046d98 f8f18a7b c4fefb06 8939d707 9d942f4f 19ff418c 19a54ba3 4fec5d30 6102094c 540fe485 786c74a9 48a31da9 0c3c0343 f152d849
Dec 19 14:15:26 proxy racoon: DEBUG: the psk found.
Dec 19 14:15:26 proxy racoon: DEBUG: nonce 1: 
Dec 19 14:15:26 proxy racoon: DEBUG:  3520f6d5 dfa90783 9ffa8f67 6d706e7d e9607af3
Dec 19 14:15:26 proxy racoon: DEBUG: nonce 2: 
Dec 19 14:15:26 proxy racoon: DEBUG:  f32eba11 b0619589 0611789d fd00d369
Dec 19 14:15:26 proxy racoon: DEBUG: hmac(hmac_sha1)
Dec 19 14:15:26 proxy racoon: DEBUG: SKEYID computed:
Dec 19 14:15:26 proxy racoon: DEBUG:  f6b3964e 48fac54a 7b19eb40 3a1b72b1 e2597de1
Dec 19 14:15:26 proxy racoon: DEBUG: hmac(hmac_sha1)
Dec 19 14:15:26 proxy racoon: DEBUG: SKEYID_d computed:
Dec 19 14:15:26 proxy racoon: DEBUG:  3081280e be5b3d82 cc9001e9 d027cd38 fd34d19e
Dec 19 14:15:26 proxy racoon: DEBUG: hmac(hmac_sha1)
Dec 19 14:15:26 proxy racoon: DEBUG: SKEYID_a computed:
Dec 19 14:15:26 proxy racoon: DEBUG:  83dae1da 01bbad8d 6f486621 f3666cdd 0fa2c289
Dec 19 14:15:26 proxy racoon: DEBUG: hmac(hmac_sha1)
Dec 19 14:15:26 proxy racoon: DEBUG: SKEYID_e computed:
Dec 19 14:15:26 proxy racoon: DEBUG:  116502d2 8fea7ae8 1f066401 011f198c a2a2fffa
Dec 19 14:15:26 proxy racoon: DEBUG: encryption(3des)
Dec 19 14:15:26 proxy racoon: DEBUG: hash(sha1)
Dec 19 14:15:26 proxy racoon: DEBUG: len(SKEYID_e) < len(Ka) (20 < 24), generating long key (Ka = K1 | K2 | ...)
Dec 19 14:15:26 proxy racoon: DEBUG: hmac(hmac_sha1)
Dec 19 14:15:26 proxy racoon: DEBUG: compute intermediate encryption key K1
Dec 19 14:15:26 proxy racoon: DEBUG:  00
Dec 19 14:15:26 proxy racoon: DEBUG:  f5d6999e 9f6b626c d0869dc0 79567cf6 4d15bd21
Dec 19 14:15:26 proxy racoon: DEBUG: hmac(hmac_sha1)
Dec 19 14:15:26 proxy racoon: DEBUG: compute intermediate encryption key K2
Dec 19 14:15:26 proxy racoon: DEBUG:  f5d6999e 9f6b626c d0869dc0 79567cf6 4d15bd21
Dec 19 14:15:26 proxy racoon: DEBUG:  386c815e 76b317e3 818a214a 618ae407 89b2090c
Dec 19 14:15:26 proxy racoon: DEBUG: final encryption key computed:
Dec 19 14:15:26 proxy racoon: DEBUG:  f5d6999e 9f6b626c d0869dc0 79567cf6 4d15bd21 386c815e
Dec 19 14:15:26 proxy racoon: DEBUG: hash(sha1)
Dec 19 14:15:26 proxy racoon: DEBUG: encryption(3des)
Dec 19 14:15:26 proxy racoon: DEBUG: IV computed:
Dec 19 14:15:26 proxy racoon: DEBUG:  7e998bbb 1ec25c53
Dec 19 14:15:26 proxy racoon: DEBUG: ===
Dec 19 14:15:26 proxy racoon: DEBUG: 68 bytes message received from 10.0.11.2[61837] to XXX.XXX.XXX.XXX[4500]
Dec 19 14:15:26 proxy racoon: DEBUG:  cf2eab3d 2641496c ab201d26 e09693f3 05100201 00000000 00000044 d0b8c7e6 6941f47e 4fcf323b 5dd19f21 b5c8b357 119e4dd6 67332afa 816edf6e 7c0486d1 68258780
Dec 19 14:15:26 proxy racoon: INFO: NAT-T: ports changed to: 10.0.11.2[61837]<->XXX.XXX.XXX.XXX[4500]
Dec 19 14:15:26 proxy racoon: INFO: KA list add: XXX.XXX.XXX.XXX[4500]->10.0.11.2[61837]
Dec 19 14:15:26 proxy racoon: DEBUG: begin decryption.
Dec 19 14:15:26 proxy racoon: DEBUG: encryption(3des)
Dec 19 14:15:26 proxy racoon: DEBUG: IV was saved for next processing:
Dec 19 14:15:26 proxy racoon: DEBUG:  7c0486d1 68258780
Dec 19 14:15:26 proxy racoon: DEBUG: encryption(3des)
Dec 19 14:15:26 proxy racoon: DEBUG: with key:
Dec 19 14:15:26 proxy racoon: DEBUG:  f5d6999e 9f6b626c d0869dc0 79567cf6 4d15bd21 386c815e
Dec 19 14:15:26 proxy racoon: DEBUG: decrypted payload by IV:
Dec 19 14:15:26 proxy racoon: DEBUG:  7e998bbb 1ec25c53
Dec 19 14:15:26 proxy racoon: DEBUG: decrypted payload, but not trimed.
Dec 19 14:15:26 proxy racoon: DEBUG:  0800000f 02000000 77696e78 70766d00 0000182f cd082eef c0814db1 2b06105a ad559beb 4c221300
Dec 19 14:15:26 proxy racoon: DEBUG: padding len=0
Dec 19 14:15:26 proxy racoon: DEBUG: skip to trim padding.
Dec 19 14:15:26 proxy racoon: DEBUG: decrypted.
Dec 19 14:15:26 proxy racoon: DEBUG:  cf2eab3d 2641496c ab201d26 e09693f3 05100201 00000000 00000044 0800000f 02000000 77696e78 70766d00 0000182f cd082eef c0814db1 2b06105a ad559beb 4c221300
Dec 19 14:15:26 proxy racoon: DEBUG: begin.
Dec 19 14:15:26 proxy racoon: DEBUG: seen nptype=5(id)
Dec 19 14:15:26 proxy racoon: DEBUG: seen nptype=8(hash)
Dec 19 14:15:26 proxy racoon: DEBUG: succeed.
Dec 19 14:15:26 proxy racoon: [10.0.11.2] DEBUG: getrmconf_by_ph1: remote 10.0.11.2[61837], identity winxpvm.
Dec 19 14:15:26 proxy racoon: [10.0.11.2] DEBUG: configuration "anonymous" selected.
Dec 19 14:15:26 proxy racoon: ERROR: Expecting IP address type in main mode, but FQDN.
Dec 19 14:15:26 proxy racoon: [10.0.11.2] ERROR: invalid ID payload.
Dec 19 14:15:27 proxy racoon: DEBUG: ===
Dec 19 14:15:27 proxy racoon: DEBUG: 68 bytes message received from 10.0.11.2[61837] to XXX.XXX.XXX.XXX[4500]
Dec 19 14:15:27 proxy racoon: DEBUG:  cf2eab3d 2641496c ab201d26 e09693f3 05100201 00000000 00000044 d0b8c7e6 6941f47e 4fcf323b 5dd19f21 b5c8b357 119e4dd6 67332afa 816edf6e 7c0486d1 68258780
Dec 19 14:15:27 proxy racoon: DEBUG: begin decryption.
Dec 19 14:15:27 proxy racoon: DEBUG: encryption(3des)
Dec 19 14:15:27 proxy racoon: DEBUG: IV was saved for next processing:
Dec 19 14:15:27 proxy racoon: DEBUG:  7c0486d1 68258780
Dec 19 14:15:27 proxy racoon: DEBUG: encryption(3des)
Dec 19 14:15:27 proxy racoon: DEBUG: with key:
Dec 19 14:15:27 proxy racoon: DEBUG:  f5d6999e 9f6b626c d0869dc0 79567cf6 4d15bd21 386c815e
Dec 19 14:15:27 proxy racoon: DEBUG: decrypted payload by IV:
Dec 19 14:15:27 proxy racoon: DEBUG:  7e998bbb 1ec25c53
Dec 19 14:15:27 proxy racoon: DEBUG: decrypted payload, but not trimed.
Dec 19 14:15:27 proxy racoon: DEBUG:  0800000f 02000000 77696e78 70766d00 0000182f cd082eef c0814db1 2b06105a ad559beb 4c221300
Dec 19 14:15:27 proxy racoon: DEBUG: padding len=0
Dec 19 14:15:27 proxy racoon: DEBUG: skip to trim padding.
Dec 19 14:15:27 proxy racoon: DEBUG: decrypted.
Dec 19 14:15:27 proxy racoon: DEBUG:  cf2eab3d 2641496c ab201d26 e09693f3 05100201 00000000 00000044 0800000f 02000000 77696e78 70766d00 0000182f cd082eef c0814db1 2b06105a ad559beb 4c221300
Dec 19 14:15:27 proxy racoon: DEBUG: begin.
Dec 19 14:15:27 proxy racoon: DEBUG: seen nptype=5(id)
Dec 19 14:15:27 proxy racoon: DEBUG: seen nptype=8(hash)
Dec 19 14:15:27 proxy racoon: DEBUG: succeed.
Dec 19 14:15:27 proxy racoon: [10.0.11.2] DEBUG: getrmconf_by_ph1: remote 10.0.11.2[61837], identity winxpvm.
Dec 19 14:15:27 proxy racoon: [10.0.11.2] DEBUG: configuration "anonymous" selected.
Dec 19 14:15:27 proxy racoon: ERROR: Expecting IP address type in main mode, but FQDN.
Dec 19 14:15:27 proxy racoon: [10.0.11.2] ERROR: invalid ID payload.
Dec 19 14:15:27 proxy racoon: DEBUG: KA: XXX.XXX.XXX.XXX[4500]->10.0.11.2[61837]
Dec 19 14:15:27 proxy racoon: DEBUG: sockname XXX.XXX.XXX.XXX[4500]
Dec 19 14:15:27 proxy racoon: DEBUG: send packet from XXX.XXX.XXX.XXX[4500]
Dec 19 14:15:27 proxy racoon: DEBUG: send packet to 10.0.11.2[61837]
Dec 19 14:15:27 proxy racoon: DEBUG: 1 times of 1 bytes message will be sent to 10.0.11.2[61837]
Dec 19 14:15:27 proxy racoon: DEBUG:  ff
Dec 19 14:15:29 proxy racoon: DEBUG: ===
Dec 19 14:15:29 proxy racoon: DEBUG: 68 bytes message received from 10.0.11.2[61837] to XXX.XXX.XXX.XXX[4500]
Dec 19 14:15:29 proxy racoon: DEBUG:  cf2eab3d 2641496c ab201d26 e09693f3 05100201 00000000 00000044 d0b8c7e6 6941f47e 4fcf323b 5dd19f21 b5c8b357 119e4dd6 67332afa 816edf6e 7c0486d1 68258780
Dec 19 14:15:29 proxy racoon: DEBUG: begin decryption.
Dec 19 14:15:29 proxy racoon: DEBUG: encryption(3des)
Dec 19 14:15:29 proxy racoon: DEBUG: IV was saved for next processing:
Dec 19 14:15:29 proxy racoon: DEBUG:  7c0486d1 68258780
Dec 19 14:15:29 proxy racoon: DEBUG: encryption(3des)
Dec 19 14:15:29 proxy racoon: DEBUG: with key:
Dec 19 14:15:29 proxy racoon: DEBUG:  f5d6999e 9f6b626c d0869dc0 79567cf6 4d15bd21 386c815e
Dec 19 14:15:29 proxy racoon: DEBUG: decrypted payload by IV:
Dec 19 14:15:29 proxy racoon: DEBUG:  7e998bbb 1ec25c53
Dec 19 14:15:29 proxy racoon: DEBUG: decrypted payload, but not trimed.
Dec 19 14:15:29 proxy racoon: DEBUG:  0800000f 02000000 77696e78 70766d00 0000182f cd082eef c0814db1 2b06105a ad559beb 4c221300
Dec 19 14:15:29 proxy racoon: DEBUG: padding len=0
Dec 19 14:15:29 proxy racoon: DEBUG: skip to trim padding.
Dec 19 14:15:29 proxy racoon: DEBUG: decrypted.
Dec 19 14:15:29 proxy racoon: DEBUG:  cf2eab3d 2641496c ab201d26 e09693f3 05100201 00000000 00000044 0800000f 02000000 77696e78 70766d00 0000182f cd082eef c0814db1 2b06105a ad559beb 4c221300
Dec 19 14:15:29 proxy racoon: DEBUG: begin.
Dec 19 14:15:29 proxy racoon: DEBUG: seen nptype=5(id)
Dec 19 14:15:29 proxy racoon: DEBUG: seen nptype=8(hash)
Dec 19 14:15:29 proxy racoon: DEBUG: succeed.
Dec 19 14:15:29 proxy racoon: [10.0.11.2] DEBUG: getrmconf_by_ph1: remote 10.0.11.2[61837], identity winxpvm.
Dec 19 14:15:29 proxy racoon: [10.0.11.2] DEBUG: configuration "anonymous" selected.
Dec 19 14:15:29 proxy racoon: ERROR: Expecting IP address type in main mode, but FQDN.
Dec 19 14:15:29 proxy racoon: [10.0.11.2] ERROR: invalid ID payload.
Dec 19 14:15:33 proxy racoon: DEBUG: ===
Dec 19 14:15:33 proxy racoon: DEBUG: 68 bytes message received from 10.0.11.2[61837] to XXX.XXX.XXX.XXX[4500]
Dec 19 14:15:33 proxy racoon: DEBUG:  cf2eab3d 2641496c ab201d26 e09693f3 05100201 00000000 00000044 d0b8c7e6 6941f47e 4fcf323b 5dd19f21 b5c8b357 119e4dd6 67332afa 816edf6e 7c0486d1 68258780
Dec 19 14:15:33 proxy racoon: DEBUG: begin decryption.
Dec 19 14:15:33 proxy racoon: DEBUG: encryption(3des)
Dec 19 14:15:33 proxy racoon: DEBUG: IV was saved for next processing:
Dec 19 14:15:33 proxy racoon: DEBUG:  7c0486d1 68258780
Dec 19 14:15:33 proxy racoon: DEBUG: encryption(3des)
Dec 19 14:15:33 proxy racoon: DEBUG: with key:
Dec 19 14:15:33 proxy racoon: DEBUG:  f5d6999e 9f6b626c d0869dc0 79567cf6 4d15bd21 386c815e
Dec 19 14:15:33 proxy racoon: DEBUG: decrypted payload by IV:
Dec 19 14:15:33 proxy racoon: DEBUG:  7e998bbb 1ec25c53
Dec 19 14:15:33 proxy racoon: DEBUG: decrypted payload, but not trimed.
Dec 19 14:15:33 proxy racoon: DEBUG:  0800000f 02000000 77696e78 70766d00 0000182f cd082eef c0814db1 2b06105a ad559beb 4c221300
Dec 19 14:15:33 proxy racoon: DEBUG: padding len=0
Dec 19 14:15:33 proxy racoon: DEBUG: skip to trim padding.
Dec 19 14:15:33 proxy racoon: DEBUG: decrypted.
Dec 19 14:15:33 proxy racoon: DEBUG:  cf2eab3d 2641496c ab201d26 e09693f3 05100201 00000000 00000044 0800000f 02000000 77696e78 70766d00 0000182f cd082eef c0814db1 2b06105a ad559beb 4c221300
Dec 19 14:15:33 proxy racoon: DEBUG: begin.
Dec 19 14:15:33 proxy racoon: DEBUG: seen nptype=5(id)
Dec 19 14:15:33 proxy racoon: DEBUG: seen nptype=8(hash)
Dec 19 14:15:33 proxy racoon: DEBUG: succeed.
Dec 19 14:15:33 proxy racoon: [10.0.11.2] DEBUG: getrmconf_by_ph1: remote 10.0.11.2[61837], identity winxpvm.
Dec 19 14:15:33 proxy racoon: [10.0.11.2] DEBUG: configuration "anonymous" selected.
Dec 19 14:15:33 proxy racoon: ERROR: Expecting IP address type in main mode, but FQDN.
Dec 19 14:15:33 proxy racoon: [10.0.11.2] ERROR: invalid ID payload.
Dec 19 14:15:37 proxy racoon: DEBUG: KA: XXX.XXX.XXX.XXX[4500]->10.0.11.2[61837]
Dec 19 14:15:37 proxy racoon: DEBUG: sockname XXX.XXX.XXX.XXX[4500]
Dec 19 14:15:37 proxy racoon: DEBUG: send packet from XXX.XXX.XXX.XXX[4500]
Dec 19 14:15:37 proxy racoon: DEBUG: send packet to 10.0.11.2[61837]
Dec 19 14:15:37 proxy racoon: DEBUG: 1 times of 1 bytes message will be sent to 10.0.11.2[61837]
Dec 19 14:15:37 proxy racoon: DEBUG:  ff
Dec 19 14:15:41 proxy racoon: DEBUG: ===
Dec 19 14:15:41 proxy racoon: DEBUG: 68 bytes message received from 10.0.11.2[61837] to XXX.XXX.XXX.XXX[4500]
Dec 19 14:15:41 proxy racoon: DEBUG:  cf2eab3d 2641496c ab201d26 e09693f3 05100201 00000000 00000044 d0b8c7e6 6941f47e 4fcf323b 5dd19f21 b5c8b357 119e4dd6 67332afa 816edf6e 7c0486d1 68258780
Dec 19 14:15:41 proxy racoon: DEBUG: begin decryption.
Dec 19 14:15:41 proxy racoon: DEBUG: encryption(3des)
Dec 19 14:15:41 proxy racoon: DEBUG: IV was saved for next processing:
Dec 19 14:15:41 proxy racoon: DEBUG:  7c0486d1 68258780
Dec 19 14:15:41 proxy racoon: DEBUG: encryption(3des)
Dec 19 14:15:41 proxy racoon: DEBUG: with key:
Dec 19 14:15:41 proxy racoon: DEBUG:  f5d6999e 9f6b626c d0869dc0 79567cf6 4d15bd21 386c815e
Dec 19 14:15:41 proxy racoon: DEBUG: decrypted payload by IV:
Dec 19 14:15:41 proxy racoon: DEBUG:  7e998bbb 1ec25c53
Dec 19 14:15:41 proxy racoon: DEBUG: decrypted payload, but not trimed.
Dec 19 14:15:41 proxy racoon: DEBUG:  0800000f 02000000 77696e78 70766d00 0000182f cd082eef c0814db1 2b06105a ad559beb 4c221300
Dec 19 14:15:41 proxy racoon: DEBUG: padding len=0
Dec 19 14:15:41 proxy racoon: DEBUG: skip to trim padding.
Dec 19 14:15:41 proxy racoon: DEBUG: decrypted.
Dec 19 14:15:41 proxy racoon: DEBUG:  cf2eab3d 2641496c ab201d26 e09693f3 05100201 00000000 00000044 0800000f 02000000 77696e78 70766d00 0000182f cd082eef c0814db1 2b06105a ad559beb 4c221300
Dec 19 14:15:41 proxy racoon: DEBUG: begin.
Dec 19 14:15:41 proxy racoon: DEBUG: seen nptype=5(id)
Dec 19 14:15:41 proxy racoon: DEBUG: seen nptype=8(hash)
Dec 19 14:15:41 proxy racoon: DEBUG: succeed.
Dec 19 14:15:41 proxy racoon: [10.0.11.2] DEBUG: getrmconf_by_ph1: remote 10.0.11.2[61837], identity winxpvm.
Dec 19 14:15:41 proxy racoon: [10.0.11.2] DEBUG: configuration "anonymous" selected.
Dec 19 14:15:41 proxy racoon: ERROR: Expecting IP address type in main mode, but FQDN.
Dec 19 14:15:41 proxy racoon: [10.0.11.2] ERROR: invalid ID payload.
Dec 19 14:15:46 proxy racoon: DEBUG: Adding NON-ESP marker
Dec 19 14:15:46 proxy racoon: DEBUG: 232 bytes from XXX.XXX.XXX.XXX[4500] to 10.0.11.2[61837]
Dec 19 14:15:46 proxy racoon: DEBUG: sockname XXX.XXX.XXX.XXX[4500]
Dec 19 14:15:46 proxy racoon: DEBUG: send packet from XXX.XXX.XXX.XXX[4500]
Dec 19 14:15:46 proxy racoon: DEBUG: send packet to 10.0.11.2[61837]
Dec 19 14:15:46 proxy racoon: DEBUG: 1 times of 232 bytes message will be sent to 10.0.11.2[61837]
Dec 19 14:15:46 proxy racoon: DEBUG:  00000000 cf2eab3d 2641496c ab201d26 e09693f3 04100200 00000000 000000e4 0a000084 eaf21ec7 ae0c19d6 87c22d84 8ed00203 40464a98 c378a019 5cd6d240 4a45a72c 733130b4 6b9d644f ca82fb16 08e20d0b 674ec905 5db06455 51ef9413 1d909129 280893d2 56b827f4 823ce353 4df2d7e5 e258f5f3 f13dd18e 20bace21 c2510042 c481376c 52316c48 338ad5fa c9bc7f26 3cd78394 e9f9831c c1ec2b4b c3dcf68b 82000014 f32eba11 b0619589 0611789d fd00d369 82000018 d46c4d79 7f01991f 5dc665ff f1309a3e ef6636f8 00000018 f2751b6d 859c9c4b 981086d9 2e01ca58 38e5bfb8
Dec 19 14:15:46 proxy racoon: DEBUG: resend phase1 packet cf2eab3d2641496c:ab201d26e09693f3
Dec 19 14:15:47 proxy racoon: DEBUG: KA: XXX.XXX.XXX.XXX[4500]->10.0.11.2[61837]
Dec 19 14:15:47 proxy racoon: DEBUG: sockname XXX.XXX.XXX.XXX[4500]
Dec 19 14:15:47 proxy racoon: DEBUG: send packet from XXX.XXX.XXX.XXX[4500]
Dec 19 14:15:47 proxy racoon: DEBUG: send packet to 10.0.11.2[61837]
Dec 19 14:15:47 proxy racoon: DEBUG: 1 times of 1 bytes message will be sent to 10.0.11.2[61837]
Dec 19 14:15:47 proxy racoon: DEBUG:  ff
Dec 19 14:15:57 proxy racoon: DEBUG: ===
Dec 19 14:15:57 proxy racoon: DEBUG: 68 bytes message received from 10.0.11.2[61837] to XXX.XXX.XXX.XXX[4500]
Dec 19 14:15:57 proxy racoon: DEBUG:  cf2eab3d 2641496c ab201d26 e09693f3 05100201 00000000 00000044 d0b8c7e6 6941f47e 4fcf323b 5dd19f21 b5c8b357 119e4dd6 67332afa 816edf6e 7c0486d1 68258780
Dec 19 14:15:57 proxy racoon: DEBUG: begin decryption.
Dec 19 14:15:57 proxy racoon: DEBUG: encryption(3des)
Dec 19 14:15:57 proxy racoon: DEBUG: IV was saved for next processing:
Dec 19 14:15:57 proxy racoon: DEBUG:  7c0486d1 68258780
Dec 19 14:15:57 proxy racoon: DEBUG: encryption(3des)
Dec 19 14:15:57 proxy racoon: DEBUG: with key:
Dec 19 14:15:57 proxy racoon: DEBUG:  f5d6999e 9f6b626c d0869dc0 79567cf6 4d15bd21 386c815e
Dec 19 14:15:57 proxy racoon: DEBUG: decrypted payload by IV:
Dec 19 14:15:57 proxy racoon: DEBUG:  7e998bbb 1ec25c53
Dec 19 14:15:57 proxy racoon: DEBUG: decrypted payload, but not trimed.
Dec 19 14:15:57 proxy racoon: DEBUG:  0800000f 02000000 77696e78 70766d00 0000182f cd082eef c0814db1 2b06105a ad559beb 4c221300
Dec 19 14:15:57 proxy racoon: DEBUG: padding len=0
Dec 19 14:15:57 proxy racoon: DEBUG: skip to trim padding.
Dec 19 14:15:57 proxy racoon: DEBUG: decrypted.
Dec 19 14:15:57 proxy racoon: DEBUG:  cf2eab3d 2641496c ab201d26 e09693f3 05100201 00000000 00000044 0800000f 02000000 77696e78 70766d00 0000182f cd082eef c0814db1 2b06105a ad559beb 4c221300
Dec 19 14:15:57 proxy racoon: DEBUG: begin.
Dec 19 14:15:57 proxy racoon: DEBUG: seen nptype=5(id)
Dec 19 14:15:57 proxy racoon: DEBUG: seen nptype=8(hash)
Dec 19 14:15:57 proxy racoon: DEBUG: succeed.
Dec 19 14:15:57 proxy racoon: [10.0.11.2] DEBUG: getrmconf_by_ph1: remote 10.0.11.2[61837], identity winxpvm.
Dec 19 14:15:57 proxy racoon: [10.0.11.2] DEBUG: configuration "anonymous" selected.
Dec 19 14:15:57 proxy racoon: ERROR: Expecting IP address type in main mode, but FQDN.
Dec 19 14:15:57 proxy racoon: [10.0.11.2] ERROR: invalid ID payload.
Dec 19 14:15:57 proxy racoon: DEBUG: KA: XXX.XXX.XXX.XXX[4500]->10.0.11.2[61837]
Dec 19 14:15:57 proxy racoon: DEBUG: sockname XXX.XXX.XXX.XXX[4500]
Dec 19 14:15:57 proxy racoon: DEBUG: send packet from XXX.XXX.XXX.XXX[4500]
Dec 19 14:15:57 proxy racoon: DEBUG: send packet to 10.0.11.2[61837]
Dec 19 14:15:57 proxy racoon: DEBUG: 1 times of 1 bytes message will be sent to 10.0.11.2[61837]
Dec 19 14:15:57 proxy racoon: DEBUG:  ff
Dec 19 14:16:06 proxy racoon: DEBUG: 232 bytes from XXX.XXX.XXX.XXX[4500] to 10.0.11.2[61837]
Dec 19 14:16:06 proxy racoon: DEBUG: sockname XXX.XXX.XXX.XXX[4500]
Dec 19 14:16:06 proxy racoon: DEBUG: send packet from XXX.XXX.XXX.XXX[4500]
Dec 19 14:16:06 proxy racoon: DEBUG: send packet to 10.0.11.2[61837]
Dec 19 14:16:06 proxy racoon: DEBUG: 1 times of 232 bytes message will be sent to 10.0.11.2[61837]
Dec 19 14:16:06 proxy racoon: DEBUG:  00000000 cf2eab3d 2641496c ab201d26 e09693f3 04100200 00000000 000000e4 0a000084 eaf21ec7 ae0c19d6 87c22d84 8ed00203 40464a98 c378a019 5cd6d240 4a45a72c 733130b4 6b9d644f ca82fb16 08e20d0b 674ec905 5db06455 51ef9413 1d909129 280893d2 56b827f4 823ce353 4df2d7e5 e258f5f3 f13dd18e 20bace21 c2510042 c481376c 52316c48 338ad5fa c9bc7f26 3cd78394 e9f9831c c1ec2b4b c3dcf68b 82000014 f32eba11 b0619589 0611789d fd00d369 82000018 d46c4d79 7f01991f 5dc665ff f1309a3e ef6636f8 00000018 f2751b6d 859c9c4b 981086d9 2e01ca58 38e5bfb8
Dec 19 14:16:06 proxy racoon: DEBUG: resend phase1 packet cf2eab3d2641496c:ab201d26e09693f3
Dec 19 14:16:07 proxy racoon: DEBUG: KA: XXX.XXX.XXX.XXX[4500]->10.0.11.2[61837]
Dec 19 14:16:07 proxy racoon: DEBUG: sockname XXX.XXX.XXX.XXX[4500]
Dec 19 14:16:07 proxy racoon: DEBUG: send packet from XXX.XXX.XXX.XXX[4500]
Dec 19 14:16:07 proxy racoon: DEBUG: send packet to 10.0.11.2[61837]
Dec 19 14:16:07 proxy racoon: DEBUG: 1 times of 1 bytes message will be sent to 10.0.11.2[61837]
Dec 19 14:16:07 proxy racoon: DEBUG:  ff
Dec 19 14:16:17 proxy racoon: DEBUG: KA: XXX.XXX.XXX.XXX[4500]->10.0.11.2[61837]
Dec 19 14:16:17 proxy racoon: DEBUG: sockname XXX.XXX.XXX.XXX[4500]
Dec 19 14:16:17 proxy racoon: DEBUG: send packet from XXX.XXX.XXX.XXX[4500]
Dec 19 14:16:17 proxy racoon: DEBUG: send packet to 10.0.11.2[61837]
Dec 19 14:16:17 proxy racoon: DEBUG: 1 times of 1 bytes message will be sent to 10.0.11.2[61837]
Dec 19 14:16:17 proxy racoon: DEBUG:  ff
Dec 19 14:16:26 proxy racoon: DEBUG: 232 bytes from XXX.XXX.XXX.XXX[4500] to 10.0.11.2[61837]
Dec 19 14:16:26 proxy racoon: DEBUG: sockname XXX.XXX.XXX.XXX[4500]
Dec 19 14:16:26 proxy racoon: DEBUG: send packet from XXX.XXX.XXX.XXX[4500]
Dec 19 14:16:26 proxy racoon: DEBUG: send packet to 10.0.11.2[61837]
Dec 19 14:16:26 proxy racoon: DEBUG: 1 times of 232 bytes message will be sent to 10.0.11.2[61837]
Dec 19 14:16:26 proxy racoon: DEBUG:  00000000 cf2eab3d 2641496c ab201d26 e09693f3 04100200 00000000 000000e4 0a000084 eaf21ec7 ae0c19d6 87c22d84 8ed00203 40464a98 c378a019 5cd6d240 4a45a72c 733130b4 6b9d644f ca82fb16 08e20d0b 674ec905 5db06455 51ef9413 1d909129 280893d2 56b827f4 823ce353 4df2d7e5 e258f5f3 f13dd18e 20bace21 c2510042 c481376c 52316c48 338ad5fa c9bc7f26 3cd78394 e9f9831c c1ec2b4b c3dcf68b 82000014 f32eba11 b0619589 0611789d fd00d369 82000018 d46c4d79 7f01991f 5dc665ff f1309a3e ef6636f8 00000018 f2751b6d 859c9c4b 981086d9 2e01ca58 38e5bfb8
Dec 19 14:16:26 proxy racoon: DEBUG: resend phase1 packet cf2eab3d2641496c:ab201d26e09693f3
Dec 19 14:16:27 proxy racoon: DEBUG: KA: XXX.XXX.XXX.XXX[4500]->10.0.11.2[61837]
Dec 19 14:16:27 proxy racoon: DEBUG: sockname XXX.XXX.XXX.XXX[4500]
Dec 19 14:16:27 proxy racoon: DEBUG: send packet from XXX.XXX.XXX.XXX[4500]
Dec 19 14:16:27 proxy racoon: DEBUG: send packet to 10.0.11.2[61837]
Dec 19 14:16:27 proxy racoon: DEBUG: 1 times of 1 bytes message will be sent to 10.0.11.2[61837]
Dec 19 14:16:27 proxy racoon: DEBUG:  ff
Dec 19 14:16:29 proxy racoon: DEBUG: ===
Dec 19 14:16:29 proxy racoon: DEBUG: 84 bytes message received from 10.0.11.2[61838] to XXX.XXX.XXX.XXX[4500]
Dec 19 14:16:29 proxy racoon: DEBUG:  cf2eab3d 2641496c ab201d26 e09693f3 08100501 00d7ac1d 00000054 482b894c f8e9e4e9 46c89d27 dc14ccf8 5a9b8c6c 3a05be15 1bd190fb 487f7fb9 2ec94141 6087dd2e 3d5f289d e7d45831 33d8d737 332fc23a
Dec 19 14:16:29 proxy racoon: [10.0.11.2] WARNING: remote address mismatched. db=10.0.11.2[61837], act=10.0.11.2[61838]
Dec 19 14:16:29 proxy racoon: DEBUG: receive Information.
Dec 19 14:16:29 proxy racoon: DEBUG: compute IV for phase2
Dec 19 14:16:29 proxy racoon: DEBUG: phase1 last IV:
Dec 19 14:16:29 proxy racoon: DEBUG:  7e998bbb 1ec25c53 00d7ac1d
Dec 19 14:16:29 proxy racoon: DEBUG: hash(sha1)
Dec 19 14:16:29 proxy racoon: DEBUG: encryption(3des)
Dec 19 14:16:29 proxy racoon: DEBUG: phase2 IV computed:
Dec 19 14:16:29 proxy racoon: DEBUG:  b35fe62c 3caf7033
Dec 19 14:16:29 proxy racoon: DEBUG: begin decryption.
Dec 19 14:16:29 proxy racoon: DEBUG: encryption(3des)
Dec 19 14:16:29 proxy racoon: DEBUG: IV was saved for next processing:
Dec 19 14:16:29 proxy racoon: DEBUG:  33d8d737 332fc23a
Dec 19 14:16:29 proxy racoon: DEBUG: encryption(3des)
Dec 19 14:16:29 proxy racoon: DEBUG: with key:
Dec 19 14:16:29 proxy racoon: DEBUG:  f5d6999e 9f6b626c d0869dc0 79567cf6 4d15bd21 386c815e
Dec 19 14:16:29 proxy racoon: DEBUG: decrypted payload by IV:
Dec 19 14:16:29 proxy racoon: DEBUG:  b35fe62c 3caf7033
Dec 19 14:16:29 proxy racoon: DEBUG: decrypted payload, but not trimed.
Dec 19 14:16:29 proxy racoon: DEBUG:  b0c0c096 c39bbaf9 addd9fd7 96b1bdd4 907371ba 5529f2d6 0000001c 00000001 01100001 cf2eab3d 2641496c ab201d26 e09693f3 00000000
Dec 19 14:16:29 proxy racoon: DEBUG: padding len=0
Dec 19 14:16:29 proxy racoon: DEBUG: skip to trim padding.
Dec 19 14:16:29 proxy racoon: DEBUG: decrypted.
Dec 19 14:16:29 proxy racoon: DEBUG:  cf2eab3d 2641496c ab201d26 e09693f3 08100501 00d7ac1d 00000054 b0c0c096 c39bbaf9 addd9fd7 96b1bdd4 907371ba 5529f2d6 0000001c 00000001 01100001 cf2eab3d 2641496c ab201d26 e09693f3 00000000
Dec 19 14:16:29 proxy racoon: DEBUG: IV freed
Dec 19 14:16:29 proxy racoon: ERROR: ignore information because ISAKMP-SA has not been established yet.
Dec 19 14:16:37 proxy racoon: DEBUG: KA: XXX.XXX.XXX.XXX[4500]->10.0.11.2[61837]
Dec 19 14:16:37 proxy racoon: DEBUG: sockname XXX.XXX.XXX.XXX[4500]
Dec 19 14:16:37 proxy racoon: DEBUG: send packet from XXX.XXX.XXX.XXX[4500]
Dec 19 14:16:37 proxy racoon: DEBUG: send packet to 10.0.11.2[61837]
Dec 19 14:16:37 proxy racoon: DEBUG: 1 times of 1 bytes message will be sent to 10.0.11.2[61837]
Dec 19 14:16:37 proxy racoon: DEBUG:  ff
Dec 19 14:16:46 proxy racoon: DEBUG: 232 bytes from XXX.XXX.XXX.XXX[4500] to 10.0.11.2[61837]
Dec 19 14:16:46 proxy racoon: DEBUG: sockname XXX.XXX.XXX.XXX[4500]
Dec 19 14:16:46 proxy racoon: DEBUG: send packet from XXX.XXX.XXX.XXX[4500]
Dec 19 14:16:46 proxy racoon: DEBUG: send packet to 10.0.11.2[61837]
Dec 19 14:16:46 proxy racoon: DEBUG: 1 times of 232 bytes message will be sent to 10.0.11.2[61837]
Dec 19 14:16:46 proxy racoon: DEBUG:  00000000 cf2eab3d 2641496c ab201d26 e09693f3 04100200 00000000 000000e4 0a000084 eaf21ec7 ae0c19d6 87c22d84 8ed00203 40464a98 c378a019 5cd6d240 4a45a72c 733130b4 6b9d644f ca82fb16 08e20d0b 674ec905 5db06455 51ef9413 1d909129 280893d2 56b827f4 823ce353 4df2d7e5 e258f5f3 f13dd18e 20bace21 c2510042 c481376c 52316c48 338ad5fa c9bc7f26 3cd78394 e9f9831c c1ec2b4b c3dcf68b 82000014 f32eba11 b0619589 0611789d fd00d369 82000018 d46c4d79 7f01991f 5dc665ff f1309a3e ef6636f8 00000018 f2751b6d 859c9c4b 981086d9 2e01ca58 38e5bfb8
Dec 19 14:16:46 proxy racoon: DEBUG: resend phase1 packet cf2eab3d2641496c:ab201d26e09693f3
Dec 19 14:16:47 proxy racoon: DEBUG: KA: XXX.XXX.XXX.XXX[4500]->10.0.11.2[61837]
Dec 19 14:16:47 proxy racoon: DEBUG: sockname XXX.XXX.XXX.XXX[4500]
Dec 19 14:16:47 proxy racoon: DEBUG: send packet from XXX.XXX.XXX.XXX[4500]
Dec 19 14:16:47 proxy racoon: DEBUG: send packet to 10.0.11.2[61837]
Dec 19 14:16:47 proxy racoon: DEBUG: 1 times of 1 bytes message will be sent to 10.0.11.2[61837]
Dec 19 14:16:47 proxy racoon: DEBUG:  ff
Dec 19 14:16:57 proxy racoon: DEBUG: KA: XXX.XXX.XXX.XXX[4500]->10.0.11.2[61837]
Dec 19 14:16:57 proxy racoon: DEBUG: sockname XXX.XXX.XXX.XXX[4500]
Dec 19 14:16:57 proxy racoon: DEBUG: send packet from XXX.XXX.XXX.XXX[4500]
Dec 19 14:16:57 proxy racoon: DEBUG: send packet to 10.0.11.2[61837]
Dec 19 14:16:57 proxy racoon: DEBUG: 1 times of 1 bytes message will be sent to 10.0.11.2[61837]
Dec 19 14:16:57 proxy racoon: DEBUG:  ff
Dec 19 14:17:06 proxy racoon: ERROR: phase1 negotiation failed due to time up. cf2eab3d2641496c:ab201d26e09693f3
Dec 19 14:17:06 proxy racoon: INFO: KA remove: XXX.XXX.XXX.XXX[4500]->10.0.11.2[61837]
Dec 19 14:17:06 proxy racoon: DEBUG: KA tree dump: XXX.XXX.XXX.XXX[4500]->10.0.11.2[61837] (in_use=1)
Dec 19 14:17:06 proxy racoon: DEBUG: KA removing this one...
Dec 19 14:17:06 proxy racoon: DEBUG: IV freed
Клиент у меня обычный десктоп на Windows XP. Тестирую из VMware. Если сеть стоит как Bridge, тобишь мост, и получает ип адрес от DHCP в сети, то все замечательно коннектится. На как только ставлю ему в свойствах сети нат, то тут же все плохо. Ну и выше лог их общения приложен.

masterevil
рядовой
Сообщения: 10
Зарегистрирован: 2011-05-17 15:05:00

Re: IPSec теория и практика

Непрочитанное сообщение masterevil » 2011-12-19 15:36:16

Код: Выделить всё

Dec 19 14:30:59 proxy racoon: DEBUG: ===
Dec 19 14:30:59 proxy racoon: DEBUG: 312 bytes message received from 10.0.11.141[500] to XXX.XXX.XXX.XXX[500]
Dec 19 14:30:59 proxy racoon: DEBUG:  cc93feae d8819428 00000000 00000000 01100200 00000000 00000138 0d0000c8 00000001 00000001 000000bc 01010005 03000024 01010000 80010005 80020002 8004000e 80030001 800b0001 000c0004 00007080 03000024 02010000 80010005 80020002 80040002 80030001 800b0001 000c0004 00007080 03000024 03010000 80010005 80020001 80040002 80030001 800b0001 000c0004 00007080 03000024 04010000 80010001 80020002 80040001 80030001 800b0001 000c0004 00007080 00000024 05010000 80010001 80020001 80040001 80030001 800b0001 000c0004 00007080 0d000018 1e2b5169 05991c7d 7c96fcbf b587e461 00000004 0d000014 4048b7d5 6ebce885 25e7de7f 00d6c2d3 0d000014 90cb8091 3ebb696e 086381b5 ec427b1f 00000014 26244d38 eddb61b3 172a36e3 d0cfb819
Dec 19 14:30:59 proxy racoon: DEBUG: ===
Dec 19 14:30:59 proxy racoon: INFO: respond new phase 1 negotiation: XXX.XXX.XXX.XXX[500]<=>10.0.11.141[500]
Dec 19 14:30:59 proxy racoon: INFO: begin Identity Protection mode.
Dec 19 14:30:59 proxy racoon: DEBUG: begin.
Dec 19 14:30:59 proxy racoon: DEBUG: seen nptype=1(sa)
Dec 19 14:30:59 proxy racoon: DEBUG: seen nptype=13(vid)
Dec 19 14:30:59 proxy last message repeated 3 times
Dec 19 14:30:59 proxy racoon: DEBUG: succeed.
Dec 19 14:30:59 proxy racoon: INFO: received broken Microsoft ID: MS NT5 ISAKMPOAKLEY
Dec 19 14:30:59 proxy racoon: INFO: received Vendor ID: FRAGMENTATION
Dec 19 14:30:59 proxy racoon: INFO: received Vendor ID: draft-ietf-ipsec-nat-t-ike-02 
Dec 19 14:30:59 proxy racoon: DEBUG: received unknown Vendor ID
Dec 19 14:30:59 proxy racoon: DEBUG:  26244d38 eddb61b3 172a36e3 d0cfb819
Dec 19 14:30:59 proxy racoon: [10.0.11.141] INFO: Selected NAT-T version: draft-ietf-ipsec-nat-t-ike-02 
Dec 19 14:30:59 proxy racoon: DEBUG: total SA len=196
Dec 19 14:30:59 proxy racoon: DEBUG:  00000001 00000001 000000bc 01010005 03000024 01010000 80010005 80020002 8004000e 80030001 800b0001 000c0004 00007080 03000024 02010000 80010005 80020002 80040002 80030001 800b0001 000c0004 00007080 03000024 03010000 80010005 80020001 80040002 80030001 800b0001 000c0004 00007080 03000024 04010000 80010001 80020002 80040001 80030001 800b0001 000c0004 00007080 00000024 05010000 80010001 80020001 80040001 80030001 800b0001 000c0004 00007080
Dec 19 14:30:59 proxy racoon: DEBUG: begin.
Dec 19 14:30:59 proxy racoon: DEBUG: seen nptype=2(prop)
Dec 19 14:30:59 proxy racoon: DEBUG: succeed.
Dec 19 14:30:59 proxy racoon: DEBUG: proposal #1 len=188
Dec 19 14:30:59 proxy racoon: DEBUG: begin.
Dec 19 14:30:59 proxy racoon: DEBUG: seen nptype=3(trns)
Dec 19 14:30:59 proxy last message repeated 4 times
Dec 19 14:30:59 proxy racoon: DEBUG: succeed.
Dec 19 14:30:59 proxy racoon: DEBUG: transform #1 len=36
Dec 19 14:30:59 proxy racoon: DEBUG: type=Encryption Algorithm, flag=0x8000, lorv=3DES-CBC
Dec 19 14:30:59 proxy racoon: DEBUG: encryption(3des)
Dec 19 14:30:59 proxy racoon: DEBUG: type=Hash Algorithm, flag=0x8000, lorv=SHA
Dec 19 14:30:59 proxy racoon: DEBUG: hash(sha1)
Dec 19 14:30:59 proxy racoon: DEBUG: type=Group Description, flag=0x8000, lorv=2048-bit MODP group
Dec 19 14:30:59 proxy racoon: DEBUG: hmac(modp2048)
Dec 19 14:30:59 proxy racoon: DEBUG: type=Authentication Method, flag=0x8000, lorv=pre-shared key
Dec 19 14:30:59 proxy racoon: DEBUG: type=Life Type, flag=0x8000, lorv=seconds
Dec 19 14:30:59 proxy racoon: DEBUG: type=Life Duration, flag=0x0000, lorv=4
Dec 19 14:30:59 proxy racoon: DEBUG: transform #2 len=36
Dec 19 14:30:59 proxy racoon: DEBUG: type=Encryption Algorithm, flag=0x8000, lorv=3DES-CBC
Dec 19 14:30:59 proxy racoon: DEBUG: encryption(3des)
Dec 19 14:30:59 proxy racoon: DEBUG: type=Hash Algorithm, flag=0x8000, lorv=SHA
Dec 19 14:30:59 proxy racoon: DEBUG: hash(sha1)
Dec 19 14:30:59 proxy racoon: DEBUG: type=Group Description, flag=0x8000, lorv=1024-bit MODP group
Dec 19 14:30:59 proxy racoon: DEBUG: hmac(modp1024)
Dec 19 14:30:59 proxy racoon: DEBUG: type=Authentication Method, flag=0x8000, lorv=pre-shared key
Dec 19 14:30:59 proxy racoon: DEBUG: type=Life Type, flag=0x8000, lorv=seconds
Dec 19 14:30:59 proxy racoon: DEBUG: type=Life Duration, flag=0x0000, lorv=4
Dec 19 14:30:59 proxy racoon: DEBUG: transform #3 len=36
Dec 19 14:30:59 proxy racoon: DEBUG: type=Encryption Algorithm, flag=0x8000, lorv=3DES-CBC
Dec 19 14:30:59 proxy racoon: DEBUG: encryption(3des)
Dec 19 14:30:59 proxy racoon: DEBUG: type=Hash Algorithm, flag=0x8000, lorv=MD5
Dec 19 14:30:59 proxy racoon: DEBUG: hash(md5)
Dec 19 14:30:59 proxy racoon: DEBUG: type=Group Description, flag=0x8000, lorv=1024-bit MODP group
Dec 19 14:30:59 proxy racoon: DEBUG: hmac(modp1024)
Dec 19 14:30:59 proxy racoon: DEBUG: type=Authentication Method, flag=0x8000, lorv=pre-shared key
Dec 19 14:30:59 proxy racoon: DEBUG: type=Life Type, flag=0x8000, lorv=seconds
Dec 19 14:30:59 proxy racoon: DEBUG: type=Life Duration, flag=0x0000, lorv=4
Dec 19 14:30:59 proxy racoon: DEBUG: transform #4 len=36
Dec 19 14:30:59 proxy racoon: DEBUG: type=Encryption Algorithm, flag=0x8000, lorv=DES-CBC
Dec 19 14:30:59 proxy racoon: DEBUG: encryption(des)
Dec 19 14:30:59 proxy racoon: DEBUG: type=Hash Algorithm, flag=0x8000, lorv=SHA
Dec 19 14:30:59 proxy racoon: DEBUG: hash(sha1)
Dec 19 14:30:59 proxy racoon: DEBUG: type=Group Description, flag=0x8000, lorv=768-bit MODP group
Dec 19 14:30:59 proxy racoon: DEBUG: hmac(modp768)
Dec 19 14:30:59 proxy racoon: DEBUG: type=Authentication Method, flag=0x8000, lorv=pre-shared key
Dec 19 14:30:59 proxy racoon: DEBUG: type=Life Type, flag=0x8000, lorv=seconds
Dec 19 14:30:59 proxy racoon: DEBUG: type=Life Duration, flag=0x0000, lorv=4
Dec 19 14:30:59 proxy racoon: DEBUG: transform #5 len=36
Dec 19 14:30:59 proxy racoon: DEBUG: type=Encryption Algorithm, flag=0x8000, lorv=DES-CBC
Dec 19 14:30:59 proxy racoon: DEBUG: encryption(des)
Dec 19 14:30:59 proxy racoon: DEBUG: type=Hash Algorithm, flag=0x8000, lorv=MD5
Dec 19 14:30:59 proxy racoon: DEBUG: hash(md5)
Dec 19 14:30:59 proxy racoon: DEBUG: type=Group Description, flag=0x8000, lorv=768-bit MODP group
Dec 19 14:30:59 proxy racoon: DEBUG: hmac(modp768)
Dec 19 14:30:59 proxy racoon: DEBUG: type=Authentication Method, flag=0x8000, lorv=pre-shared key
Dec 19 14:30:59 proxy racoon: DEBUG: type=Life Type, flag=0x8000, lorv=seconds
Dec 19 14:30:59 proxy racoon: DEBUG: type=Life Duration, flag=0x0000, lorv=4
Dec 19 14:30:59 proxy racoon: DEBUG: pair 1:
Dec 19 14:30:59 proxy racoon: DEBUG:  0x285173c0: next=0x0 tnext=0x285173e0
Dec 19 14:30:59 proxy racoon: DEBUG:   0x285173e0: next=0x0 tnext=0x285173f0
Dec 19 14:30:59 proxy racoon: DEBUG:    0x285173f0: next=0x0 tnext=0x28517420
Dec 19 14:30:59 proxy racoon: DEBUG:     0x28517420: next=0x0 tnext=0x28517430
Dec 19 14:30:59 proxy racoon: DEBUG:      0x28517430: next=0x0 tnext=0x0
Dec 19 14:30:59 proxy racoon: DEBUG: proposal #1: 5 transform
Dec 19 14:30:59 proxy racoon: DEBUG: type=Encryption Algorithm, flag=0x8000, lorv=3DES-CBC
Dec 19 14:30:59 proxy racoon: DEBUG: type=Hash Algorithm, flag=0x8000, lorv=SHA
Dec 19 14:30:59 proxy racoon: DEBUG: type=Group Description, flag=0x8000, lorv=2048-bit MODP group
Dec 19 14:30:59 proxy racoon: DEBUG: type=Authentication Method, flag=0x8000, lorv=pre-shared key
Dec 19 14:30:59 proxy racoon: DEBUG: type=Life Type, flag=0x8000, lorv=seconds
Dec 19 14:30:59 proxy racoon: DEBUG: type=Life Duration, flag=0x0000, lorv=4
Dec 19 14:30:59 proxy racoon: DEBUG: prop#=1, prot-id=ISAKMP, spi-size=0, #trns=5
Dec 19 14:30:59 proxy racoon: DEBUG: trns#=1, trns-id=IKE
Dec 19 14:30:59 proxy racoon: DEBUG:   lifetime = 28800
Dec 19 14:30:59 proxy racoon: DEBUG:   lifebyte = 0
Dec 19 14:30:59 proxy racoon: DEBUG:   enctype = 3DES-CBC
Dec 19 14:30:59 proxy racoon: DEBUG:   encklen = 0
Dec 19 14:30:59 proxy racoon: DEBUG:   hashtype = SHA
Dec 19 14:30:59 proxy racoon: DEBUG:   authmethod = pre-shared key
Dec 19 14:30:59 proxy racoon: DEBUG:   dh_group = 2048-bit MODP group
Dec 19 14:30:59 proxy racoon: DEBUG: type=Encryption Algorithm, flag=0x8000, lorv=3DES-CBC
Dec 19 14:30:59 proxy racoon: DEBUG: type=Hash Algorithm, flag=0x8000, lorv=SHA
Dec 19 14:30:59 proxy racoon: DEBUG: type=Group Description, flag=0x8000, lorv=1024-bit MODP group
Dec 19 14:30:59 proxy racoon: DEBUG: type=Authentication Method, flag=0x8000, lorv=pre-shared key
Dec 19 14:30:59 proxy racoon: DEBUG: type=Life Type, flag=0x8000, lorv=seconds
Dec 19 14:30:59 proxy racoon: DEBUG: type=Life Duration, flag=0x0000, lorv=4
Dec 19 14:30:59 proxy racoon: DEBUG: prop#=1, prot-id=ISAKMP, spi-size=0, #trns=5
Dec 19 14:30:59 proxy racoon: DEBUG: trns#=2, trns-id=IKE
Dec 19 14:30:59 proxy racoon: DEBUG:   lifetime = 28800
Dec 19 14:30:59 proxy racoon: DEBUG:   lifebyte = 0
Dec 19 14:30:59 proxy racoon: DEBUG:   enctype = 3DES-CBC
Dec 19 14:30:59 proxy racoon: DEBUG:   encklen = 0
Dec 19 14:30:59 proxy racoon: DEBUG:   hashtype = SHA
Dec 19 14:30:59 proxy racoon: DEBUG:   authmethod = pre-shared key
Dec 19 14:30:59 proxy racoon: DEBUG:   dh_group = 1024-bit MODP group
Dec 19 14:30:59 proxy racoon: DEBUG: an acceptable proposal found.
Dec 19 14:30:59 proxy racoon: DEBUG: hmac(modp1024)
Dec 19 14:30:59 proxy racoon: DEBUG: agreed on pre-shared key auth.
Dec 19 14:30:59 proxy racoon: DEBUG: ===
Dec 19 14:30:59 proxy racoon: DEBUG: new cookie: a4f7ee639e76fdf7 
Dec 19 14:30:59 proxy racoon: DEBUG: add payload of len 52, next type 13
Dec 19 14:30:59 proxy racoon: DEBUG: add payload of len 16, next type 0
Dec 19 14:30:59 proxy racoon: DEBUG: 104 bytes from XXX.XXX.XXX.XXX[500] to 10.0.11.141[500]
Dec 19 14:30:59 proxy racoon: DEBUG: sockname XXX.XXX.XXX.XXX[500]
Dec 19 14:30:59 proxy racoon: DEBUG: send packet from XXX.XXX.XXX.XXX[500]
Dec 19 14:30:59 proxy racoon: DEBUG: send packet to 10.0.11.141[500]
Dec 19 14:30:59 proxy racoon: DEBUG: 1 times of 104 bytes message will be sent to 10.0.11.141[500]
Dec 19 14:30:59 proxy racoon: DEBUG:  cc93feae d8819428 a4f7ee63 9e76fdf7 01100200 00000000 00000068 0d000038 00000001 00000001 0000002c 01010001 00000024 02010000 80010005 80020002 80040002 80030001 800b0001 000c0004 00007080 00000014 90cb8091 3ebb696e 086381b5 ec427b1f
Dec 19 14:30:59 proxy racoon: DEBUG: resend phase1 packet cc93feaed8819428:a4f7ee639e76fdf7
Dec 19 14:30:59 proxy racoon: DEBUG: ===
Dec 19 14:30:59 proxy racoon: DEBUG: 232 bytes message received from 10.0.11.141[500] to XXX.XXX.XXX.XXX[500]
Dec 19 14:30:59 proxy racoon: DEBUG:  cc93feae d8819428 a4f7ee63 9e76fdf7 04100200 00000000 000000e8 0a000084 1f85ff4f d8c1ed2b 281821a8 91aa0a22 c2b6c5d3 1bb7fdaf 985c763b 912ab9ca 78aa0221 a963b6d0 f578124a a7bcf5ed 1bb83b92 b77c6ca6 4f7f5992 38273d79 63f9fe65 210f95f2 e6995014 f913ceef e90a04c2 163bc004 a34b7e5d e87ecbe2 ad3ca91f 7d5fd2c6 45f44f71 efda7bad 5145edc7 a07d929f 104f0d1c cfa63007 82000018 27bb605f b4514f31 9756be66 bf59b36b 771b0b60 82000018 bcc61a0c 3f3e4f13 bd25529f a873c6d8 e340969a 00000018 41fd9aa9 34500bdb d338011a 59868604 5882cd2a
Dec 19 14:30:59 proxy racoon: DEBUG: begin.
Dec 19 14:30:59 proxy racoon: DEBUG: seen nptype=4(ke)
Dec 19 14:30:59 proxy racoon: DEBUG: seen nptype=10(nonce)
Dec 19 14:30:59 proxy racoon: DEBUG: seen nptype=130(nat-d)
Dec 19 14:30:59 proxy racoon: DEBUG: seen nptype=130(nat-d)
Dec 19 14:30:59 proxy racoon: DEBUG: succeed.
Dec 19 14:30:59 proxy racoon: [XXX.XXX.XXX.XXX] INFO: Hashing XXX.XXX.XXX.XXX[500] with algo #2 
Dec 19 14:30:59 proxy racoon: DEBUG: hash(sha1)
Dec 19 14:30:59 proxy racoon: INFO: NAT-D payload #0 verified
Dec 19 14:30:59 proxy racoon: [10.0.11.141] INFO: Hashing 10.0.11.141[500] with algo #2 
Dec 19 14:30:59 proxy racoon: DEBUG: hash(sha1)
Dec 19 14:30:59 proxy racoon: INFO: NAT-D payload #1 verified
Dec 19 14:30:59 proxy racoon: INFO: NAT not detected 
Dec 19 14:30:59 proxy racoon: DEBUG: ===
Dec 19 14:30:59 proxy racoon: DEBUG: compute DH's private.
Dec 19 14:30:59 proxy racoon: DEBUG:  73dd1878 27fa6cdb 73703872 f534e77c eca367fd 711045a1 223368f2 55e8de2a 3de305da cbbffd47 6ecd2658 8e114ba6 9b1b764e 8ed60edb 7e0508ed 8b4e63b4 7dbe6ad2 2466281f 9dc95713 345f3da4 1c567ad0 b5927634 9f880d60 94dd1727 e6f327be a08cabfb 3fa88e7a c390c8d6 f569044e 61e8fd8b d16a27fe d0f0d291
Dec 19 14:30:59 proxy racoon: DEBUG: compute DH's public.
Dec 19 14:30:59 proxy racoon: DEBUG:  55b29f4a ce9bb9ef 82b304d4 ed5c3908 ed57940c ecdb9b9c a06d77dd 2dcd76dc 9c373499 2890a05e ae25c1dd 69b4ecd3 fcb3ac8d 8f665844 83caef4f 63f8014b 91f2194a b88a87fd 5bc2717a 16d73ff2 37af0af9 84bd2e66 98329b06 9a8f4af9 e23323f7 086eda4c 76278b3c 222e38d5 f0c6b513 f60afa0e dfffa348 0234192f
Dec 19 14:30:59 proxy racoon: [10.0.11.141] INFO: Hashing 10.0.11.141[500] with algo #2 
Dec 19 14:30:59 proxy racoon: DEBUG: hash(sha1)
Dec 19 14:30:59 proxy racoon: [XXX.XXX.XXX.XXX] INFO: Hashing XXX.XXX.XXX.XXX[500] with algo #2 
Dec 19 14:30:59 proxy racoon: DEBUG: hash(sha1)
Dec 19 14:30:59 proxy racoon: INFO: Adding remote and local NAT-D payloads.
Dec 19 14:30:59 proxy racoon: DEBUG: add payload of len 128, next type 10
Dec 19 14:30:59 proxy racoon: DEBUG: add payload of len 16, next type 130
Dec 19 14:30:59 proxy racoon: DEBUG: add payload of len 20, next type 130
Dec 19 14:30:59 proxy racoon: DEBUG: add payload of len 20, next type 0
Dec 19 14:30:59 proxy racoon: DEBUG: 228 bytes from XXX.XXX.XXX.XXX[500] to 10.0.11.141[500]
Dec 19 14:30:59 proxy racoon: DEBUG: sockname XXX.XXX.XXX.XXX[500]
Dec 19 14:30:59 proxy racoon: DEBUG: send packet from XXX.XXX.XXX.XXX[500]
Dec 19 14:30:59 proxy racoon: DEBUG: send packet to 10.0.11.141[500]
Dec 19 14:30:59 proxy racoon: DEBUG: 1 times of 228 bytes message will be sent to 10.0.11.141[500]
Dec 19 14:30:59 proxy racoon: DEBUG:  cc93feae d8819428 a4f7ee63 9e76fdf7 04100200 00000000 000000e4 0a000084 55b29f4a ce9bb9ef 82b304d4 ed5c3908 ed57940c ecdb9b9c a06d77dd 2dcd76dc 9c373499 2890a05e ae25c1dd 69b4ecd3 fcb3ac8d 8f665844 83caef4f 63f8014b 91f2194a b88a87fd 5bc2717a 16d73ff2 37af0af9 84bd2e66 98329b06 9a8f4af9 e23323f7 086eda4c 76278b3c 222e38d5 f0c6b513 f60afa0e dfffa348 0234192f 82000014 a7fefbb7 4b38a611 1a12d8c6 8925f47e 82000018 41fd9aa9 34500bdb d338011a 59868604 5882cd2a 00000018 bcc61a0c 3f3e4f13 bd25529f a873c6d8 e340969a
Dec 19 14:30:59 proxy racoon: DEBUG: resend phase1 packet cc93feaed8819428:a4f7ee639e76fdf7
Dec 19 14:30:59 proxy racoon: DEBUG: compute DH's shared.
Dec 19 14:30:59 proxy racoon: DEBUG:  3ebdde52 a942ea94 58654d58 a720f395 dc3dbc2d a8081538 3df443de a0a9ef22 a3b760de 37643e78 4dd31bca 42f7ca2d ab26cf53 dc2639d1 15bfd2e1 1d5c6de6 9adf2ab9 c71b7256 a6ae87af d4b97797 2ec00021 b5b0472d 2cbf40f8 53ed34b4 b8f22624 425f1d80 fba36229 98e7e133 1001722f cc46751e defa22ae 02d4ce75
Dec 19 14:30:59 proxy racoon: DEBUG: the psk found.
Dec 19 14:30:59 proxy racoon: DEBUG: nonce 1: 
Dec 19 14:30:59 proxy racoon: DEBUG:  27bb605f b4514f31 9756be66 bf59b36b 771b0b60
Dec 19 14:30:59 proxy racoon: DEBUG: nonce 2: 
Dec 19 14:30:59 proxy racoon: DEBUG:  a7fefbb7 4b38a611 1a12d8c6 8925f47e
Dec 19 14:30:59 proxy racoon: DEBUG: hmac(hmac_sha1)
Dec 19 14:30:59 proxy racoon: DEBUG: SKEYID computed:
Dec 19 14:30:59 proxy racoon: DEBUG:  d2e6b6c0 83584bbc 49aa3e77 538384fe c769466c
Dec 19 14:30:59 proxy racoon: DEBUG: hmac(hmac_sha1)
Dec 19 14:30:59 proxy racoon: DEBUG: SKEYID_d computed:
Dec 19 14:30:59 proxy racoon: DEBUG:  d971601e 1287559d fe92e899 126ee855 4ef59635
Dec 19 14:30:59 proxy racoon: DEBUG: hmac(hmac_sha1)
Dec 19 14:30:59 proxy racoon: DEBUG: SKEYID_a computed:
Dec 19 14:30:59 proxy racoon: DEBUG:  4a879bfa 3c05f34b bd41e0f1 8f74a12f e6845961
Dec 19 14:30:59 proxy racoon: DEBUG: hmac(hmac_sha1)
Dec 19 14:30:59 proxy racoon: DEBUG: SKEYID_e computed:
Dec 19 14:30:59 proxy racoon: DEBUG:  64b69c09 1cc95547 8be8f7c8 59de0fdc 4ba074fb
Dec 19 14:30:59 proxy racoon: DEBUG: encryption(3des)
Dec 19 14:30:59 proxy racoon: DEBUG: hash(sha1)
Dec 19 14:30:59 proxy racoon: DEBUG: len(SKEYID_e) < len(Ka) (20 < 24), generating long key (Ka = K1 | K2 | ...)
Dec 19 14:30:59 proxy racoon: DEBUG: hmac(hmac_sha1)
Dec 19 14:30:59 proxy racoon: DEBUG: compute intermediate encryption key K1
Dec 19 14:30:59 proxy racoon: DEBUG:  00
Dec 19 14:30:59 proxy racoon: DEBUG:  7775b6a2 b20c8645 06bf8fb5 a0ba6b5b 874afc64
Dec 19 14:30:59 proxy racoon: DEBUG: hmac(hmac_sha1)
Dec 19 14:30:59 proxy racoon: DEBUG: compute intermediate encryption key K2
Dec 19 14:30:59 proxy racoon: DEBUG:  7775b6a2 b20c8645 06bf8fb5 a0ba6b5b 874afc64
Dec 19 14:30:59 proxy racoon: DEBUG:  c657c2cc 6a24141e a8db8ab9 1a609160 bc44725c
Dec 19 14:30:59 proxy racoon: DEBUG: final encryption key computed:
Dec 19 14:30:59 proxy racoon: DEBUG:  7775b6a2 b20c8645 06bf8fb5 a0ba6b5b 874afc64 c657c2cc
Dec 19 14:30:59 proxy racoon: DEBUG: hash(sha1)
Dec 19 14:30:59 proxy racoon: DEBUG: encryption(3des)
Dec 19 14:30:59 proxy racoon: DEBUG: IV computed:
Dec 19 14:30:59 proxy racoon: DEBUG:  487b5b34 269fb9fe
Dec 19 14:30:59 proxy racoon: DEBUG: ===
Dec 19 14:30:59 proxy racoon: DEBUG: 68 bytes message received from 10.0.11.141[500] to XXX.XXX.XXX.XXX[500]
Dec 19 14:30:59 proxy racoon: DEBUG:  cc93feae d8819428 a4f7ee63 9e76fdf7 05100201 00000000 00000044 8388c491 697f5cff faa96133 5e90a00a bc188742 3c0a31b7 867726ad d19e088c 7a3faa10 5293b86d
Dec 19 14:30:59 proxy racoon: DEBUG: begin decryption.
Dec 19 14:30:59 proxy racoon: DEBUG: encryption(3des)
Dec 19 14:30:59 proxy racoon: DEBUG: IV was saved for next processing:
Dec 19 14:30:59 proxy racoon: DEBUG:  7a3faa10 5293b86d
Dec 19 14:30:59 proxy racoon: DEBUG: encryption(3des)
Dec 19 14:30:59 proxy racoon: DEBUG: with key:
Dec 19 14:30:59 proxy racoon: DEBUG:  7775b6a2 b20c8645 06bf8fb5 a0ba6b5b 874afc64 c657c2cc
Dec 19 14:30:59 proxy racoon: DEBUG: decrypted payload by IV:
Dec 19 14:30:59 proxy racoon: DEBUG:  487b5b34 269fb9fe
Dec 19 14:30:59 proxy racoon: DEBUG: decrypted payload, but not trimed.
Dec 19 14:30:59 proxy racoon: DEBUG:  0800000c 01000000 0a000b8d 00000018 e5036767 14a5d932 00cab609 7cc6119d 151042fb 00000000
Dec 19 14:30:59 proxy racoon: DEBUG: padding len=0
Dec 19 14:30:59 proxy racoon: DEBUG: skip to trim padding.
Dec 19 14:30:59 proxy racoon: DEBUG: decrypted.
Dec 19 14:30:59 proxy racoon: DEBUG:  cc93feae d8819428 a4f7ee63 9e76fdf7 05100201 00000000 00000044 0800000c 01000000 0a000b8d 00000018 e5036767 14a5d932 00cab609 7cc6119d 151042fb 00000000
Dec 19 14:30:59 proxy racoon: DEBUG: begin.
Dec 19 14:30:59 proxy racoon: DEBUG: seen nptype=5(id)
Dec 19 14:30:59 proxy racoon: DEBUG: seen nptype=8(hash)
Dec 19 14:30:59 proxy racoon: DEBUG: succeed.
Dec 19 14:30:59 proxy racoon: [10.0.11.141] DEBUG: getrmconf_by_ph1: remote 10.0.11.141[500], identity 10.0.11.141.
Dec 19 14:30:59 proxy racoon: [10.0.11.141] DEBUG: configuration "anonymous" selected.
Dec 19 14:30:59 proxy racoon: [10.0.11.141] DEBUG: getrmconf_by_ph1: remote 10.0.11.141[500], identity 10.0.11.141.
Dec 19 14:30:59 proxy racoon: [10.0.11.141] DEBUG: configuration "anonymous" selected.
Dec 19 14:30:59 proxy racoon: DEBUG: HASH received:
Dec 19 14:30:59 proxy racoon: DEBUG:  e5036767 14a5d932 00cab609 7cc6119d 151042fb
Dec 19 14:30:59 proxy racoon: DEBUG: HASH with:
Dec 19 14:30:59 proxy racoon: DEBUG:  1f85ff4f d8c1ed2b 281821a8 91aa0a22 c2b6c5d3 1bb7fdaf 985c763b 912ab9ca 78aa0221 a963b6d0 f578124a a7bcf5ed 1bb83b92 b77c6ca6 4f7f5992 38273d79 63f9fe65 210f95f2 e6995014 f913ceef e90a04c2 163bc004 a34b7e5d e87ecbe2 ad3ca91f 7d5fd2c6 45f44f71 efda7bad 5145edc7 a07d929f 104f0d1c cfa63007 55b29f4a ce9bb9ef 82b304d4 ed5c3908 ed57940c ecdb9b9c a06d77dd 2dcd76dc 9c373499 2890a05e ae25c1dd 69b4ecd3 fcb3ac8d 8f665844 83caef4f 63f8014b 91f2194a b88a87fd 5bc2717a 16d73ff2 37af0af9 84bd2e66 98329b06 9a8f4af9 e23323f7 086eda4c 76278b3c 222e38d5 f0c6b513 f60afa0e dfffa348 0234192f cc93feae d8819428 a4f7ee63 9e76fdf7 00000001 00000001 000000bc 01010005 03000024 01010000 80010005 80020002 8004000e 80030001 800b0001 000c0004 00007080 03000024 02010000 80010005 80020002 80040002 80030001 800b0001 000c0004 00007080 03000024 03010000 80010005 80020001 80040002 80030001 800b0001 000c0004 00007080 03000024 04010000 80010001 80020002 80040001 80030001 800b0001 000c0004 00007080 00000024 0501000
Dec 19 14:30:59 proxy racoon: DEBUG: hmac(hmac_sha1)
Dec 19 14:30:59 proxy racoon: DEBUG: HASH (resp) computed:
Dec 19 14:30:59 proxy racoon: DEBUG:  e5036767 14a5d932 00cab609 7cc6119d 151042fb
Dec 19 14:30:59 proxy racoon: DEBUG: HASH for PSK validated.
Dec 19 14:30:59 proxy racoon: [10.0.11.141] DEBUG: peer's ID
Dec 19 14:30:59 proxy racoon: DEBUG:  01000000 0a000b8d
Dec 19 14:30:59 proxy racoon: DEBUG: ===
Dec 19 14:30:59 proxy racoon: DEBUG: use ID type of IPv4_address
Dec 19 14:30:59 proxy racoon: DEBUG: generate HASH_R
Dec 19 14:30:59 proxy racoon: DEBUG: HASH with:
Dec 19 14:30:59 proxy racoon: DEBUG:  55b29f4a ce9bb9ef 82b304d4 ed5c3908 ed57940c ecdb9b9c a06d77dd 2dcd76dc 9c373499 2890a05e ae25c1dd 69b4ecd3 fcb3ac8d 8f665844 83caef4f 63f8014b 91f2194a b88a87fd 5bc2717a 16d73ff2 37af0af9 84bd2e66 98329b06 9a8f4af9 e23323f7 086eda4c 76278b3c 222e38d5 f0c6b513 f60afa0e dfffa348 0234192f 1f85ff4f d8c1ed2b 281821a8 91aa0a22 c2b6c5d3 1bb7fdaf 985c763b 912ab9ca 78aa0221 a963b6d0 f578124a a7bcf5ed 1bb83b92 b77c6ca6 4f7f5992 38273d79 63f9fe65 210f95f2 e6995014 f913ceef e90a04c2 163bc004 a34b7e5d e87ecbe2 ad3ca91f 7d5fd2c6 45f44f71 efda7bad 5145edc7 a07d929f 104f0d1c cfa63007 a4f7ee63 9e76fdf7 cc93feae d8819428 00000001 00000001 000000bc 01010005 03000024 01010000 80010005 80020002 8004000e 80030001 800b0001 000c0004 00007080 03000024 02010000 80010005 80020002 80040002 80030001 800b0001 000c0004 00007080 03000024 03010000 80010005 80020001 80040002 80030001 800b0001 000c0004 00007080 03000024 04010000 80010001 80020002 80040001 80030001 800b0001 000c0004 00007080 00000024 0501000
Dec 19 14:30:59 proxy racoon: DEBUG: hmac(hmac_sha1)
Dec 19 14:30:59 proxy racoon: DEBUG: HASH (resp) computed:
Dec 19 14:30:59 proxy racoon: DEBUG:  63351154 20b97a83 3ba55519 e1c0a915 52380e81
Dec 19 14:30:59 proxy racoon: DEBUG: add payload of len 8, next type 8
Dec 19 14:30:59 proxy racoon: DEBUG: add payload of len 20, next type 0
Dec 19 14:30:59 proxy racoon: DEBUG: begin encryption.
Dec 19 14:30:59 proxy racoon: DEBUG: encryption(3des)
Dec 19 14:30:59 proxy racoon: DEBUG: pad length = 4
Dec 19 14:30:59 proxy racoon: DEBUG:  0800000c 011101f4 d5a08b84 00000018 63351154 20b97a83 3ba55519 e1c0a915 52380e81 00000004
Dec 19 14:30:59 proxy racoon: DEBUG: encryption(3des)
Dec 19 14:30:59 proxy racoon: DEBUG: with key:
Dec 19 14:30:59 proxy racoon: DEBUG:  7775b6a2 b20c8645 06bf8fb5 a0ba6b5b 874afc64 c657c2cc
Dec 19 14:30:59 proxy racoon: DEBUG: encrypted payload by IV:
Dec 19 14:30:59 proxy racoon: DEBUG:  7a3faa10 5293b86d
Dec 19 14:30:59 proxy racoon: DEBUG: save IV for next:
Dec 19 14:30:59 proxy racoon: DEBUG:  1854c1be b88f8d60
Dec 19 14:30:59 proxy racoon: DEBUG: encrypted.
Dec 19 14:30:59 proxy racoon: DEBUG: 68 bytes from XXX.XXX.XXX.XXX[500] to 10.0.11.141[500]
Dec 19 14:30:59 proxy racoon: DEBUG: sockname XXX.XXX.XXX.XXX[500]
Dec 19 14:30:59 proxy racoon: DEBUG: send packet from XXX.XXX.XXX.XXX[500]
Dec 19 14:30:59 proxy racoon: DEBUG: send packet to 10.0.11.141[500]
Dec 19 14:30:59 proxy racoon: DEBUG: 1 times of 68 bytes message will be sent to 10.0.11.141[500]
Dec 19 14:30:59 proxy racoon: DEBUG:  cc93feae d8819428 a4f7ee63 9e76fdf7 05100201 00000000 00000044 b1d76643 c7bdf95a 8fe2030d f6a3775e eb06da63 d9d58100 93dc4b3c c2421de5 1854c1be b88f8d60
Dec 19 14:30:59 proxy racoon: DEBUG: compute IV for phase2
Dec 19 14:30:59 proxy racoon: DEBUG: phase1 last IV:
Dec 19 14:30:59 proxy racoon: DEBUG:  1854c1be b88f8d60 f93a0164
Dec 19 14:30:59 proxy racoon: DEBUG: hash(sha1)
Dec 19 14:30:59 proxy racoon: DEBUG: encryption(3des)
Dec 19 14:30:59 proxy racoon: DEBUG: phase2 IV computed:
Dec 19 14:30:59 proxy racoon: DEBUG:  00442404 9dbec4cd
Dec 19 14:30:59 proxy racoon: DEBUG: HASH with:
Dec 19 14:30:59 proxy racoon: DEBUG:  f93a0164 0000001c 00000001 01106002 cc93feae d8819428 a4f7ee63 9e76fdf7
Dec 19 14:30:59 proxy racoon: DEBUG: hmac(hmac_sha1)
Dec 19 14:30:59 proxy racoon: DEBUG: HASH computed:
Dec 19 14:30:59 proxy racoon: DEBUG:  8583eb72 16e0f2e5 c133fea7 753daf92 4c885473
Dec 19 14:30:59 proxy racoon: DEBUG: begin encryption.
Dec 19 14:30:59 proxy racoon: DEBUG: encryption(3des)
Dec 19 14:30:59 proxy racoon: DEBUG: pad length = 4
Dec 19 14:30:59 proxy racoon: DEBUG:  0b000018 8583eb72 16e0f2e5 c133fea7 753daf92 4c885473 0000001c 00000001 01106002 cc93feae d8819428 a4f7ee63 9e76fdf7 00000004
Dec 19 14:30:59 proxy racoon: DEBUG: encryption(3des)
Dec 19 14:30:59 proxy racoon: DEBUG: with key:
Dec 19 14:30:59 proxy racoon: DEBUG:  7775b6a2 b20c8645 06bf8fb5 a0ba6b5b 874afc64 c657c2cc
Dec 19 14:30:59 proxy racoon: DEBUG: encrypted payload by IV:
Dec 19 14:30:59 proxy racoon: DEBUG:  00442404 9dbec4cd
Dec 19 14:30:59 proxy racoon: DEBUG: save IV for next:
Dec 19 14:30:59 proxy racoon: DEBUG:  9faef4a1 0b40e1a3
Dec 19 14:30:59 proxy racoon: DEBUG: encrypted.
Dec 19 14:30:59 proxy racoon: DEBUG: 84 bytes from XXX.XXX.XXX.XXX[500] to 10.0.11.141[500]
Dec 19 14:30:59 proxy racoon: DEBUG: sockname XXX.XXX.XXX.XXX[500]
Dec 19 14:30:59 proxy racoon: DEBUG: send packet from XXX.XXX.XXX.XXX[500]
Dec 19 14:30:59 proxy racoon: DEBUG: send packet to 10.0.11.141[500]
Dec 19 14:30:59 proxy racoon: DEBUG: 1 times of 84 bytes message will be sent to 10.0.11.141[500]
Dec 19 14:30:59 proxy racoon: DEBUG:  cc93feae d8819428 a4f7ee63 9e76fdf7 08100501 f93a0164 00000054 7f9eb750 c28cb6a7 dd18ac59 061ae0f8 9937fa16 89f80e8e a82e0813 d45d829c b4bbe615 3d90d19d 76695f9f 4e15c202 9faef4a1 0b40e1a3
Dec 19 14:30:59 proxy racoon: DEBUG: sendto Information notify.
Dec 19 14:30:59 proxy racoon: DEBUG: IV freed
Dec 19 14:30:59 proxy racoon: INFO: ISAKMP-SA established XXX.XXX.XXX.XXX[500]-10.0.11.141[500] spi:cc93feaed8819428:a4f7ee639e76fdf7
Dec 19 14:30:59 proxy racoon: DEBUG: ===
Dec 19 14:30:59 proxy racoon: DEBUG: ===
Dec 19 14:30:59 proxy racoon: DEBUG: 1300 bytes message received from 10.0.11.141[500] to XXX.XXX.XXX.XXX[500]
Dec 19 14:30:59 proxy racoon: DEBUG:  cc93feae d8819428 a4f7ee63 9e76fdf7 08102001 53f23770 00000514 f3c1f017 be70ab3a 6990035d 8b7688e3 cafee35b f50c47c4 5b09031f 483242b4 bdf238ed 5fa33650 4b63eb0d 5689e6cb 54b8a42a 495afc7d a1ead0b6 bf8af20b 37684532 b79d928d b9dbdcda 24fca0a8 b2387471 5feab5b7 d590c853 63c9c81f 4821b006 d0406d74 0c472834 cad6f505 2c08091a dd768c08 bcb8b5f6 51096941 b89495fc 9fb10aa3 db3b42c9 874db725 b48022cc c4454f76 b096c9fe 4fc835d0 b5065c0a 1ca4f5e3 dd904fb3 af38b717 18943d4c a5d73cbc 8b7c161c 83393873 2b6ed455 8006a427 b41f17f7 65b71d03 e7eb6f95 d278dfdc 55203873 e4c6c056 7fe52faa 2558e7ac 6441b50a 3b468cf3 9b739a53 66c97a1f 819a8705 fee5e7c4 78beed58 27bfe138 588e9998 fab569a3 61e17fe6 783ea8bf fd190fc8 aaf33457 a593183d 83946fb3 30ada850 795b8d8b 4d09a874 d957f4fb d99d1a54 c3801b8d 3fa6bb42 acca9367 4f724d04 60f9ed7f 7fe20ad3 2a76cdf1 b81d6f72 782aad2c 445e39b2 4b0d9735 71250689 b464ab75 7b4bc267 a10d0500 fbda53b2 0852b1bf 10932f6c d0992608 32f9a22c 464dd118 7714ccfb fd4a14df b512ffb
Dec 19 14:30:59 proxy racoon: DEBUG: compute IV for phase2
Dec 19 14:30:59 proxy racoon: DEBUG: phase1 last IV:
Dec 19 14:30:59 proxy racoon: DEBUG:  1854c1be b88f8d60 53f23770
Dec 19 14:30:59 proxy racoon: DEBUG: hash(sha1)
Dec 19 14:30:59 proxy racoon: DEBUG: encryption(3des)
Dec 19 14:30:59 proxy racoon: DEBUG: phase2 IV computed:
Dec 19 14:30:59 proxy racoon: DEBUG:  9142b784 d4b013d4
Dec 19 14:30:59 proxy racoon: DEBUG: ===
Dec 19 14:30:59 proxy racoon: INFO: respond new phase 2 negotiation: XXX.XXX.XXX.XXX[500]<=>10.0.11.141[500]
Dec 19 14:30:59 proxy racoon: DEBUG: begin decryption.
Dec 19 14:30:59 proxy racoon: DEBUG: encryption(3des)
Dec 19 14:30:59 proxy racoon: DEBUG: IV was saved for next processing:
Dec 19 14:30:59 proxy racoon: DEBUG:  df536ce6 a18103ad
Dec 19 14:30:59 proxy racoon: DEBUG: encryption(3des)
Dec 19 14:30:59 proxy racoon: DEBUG: with key:
Dec 19 14:30:59 proxy racoon: DEBUG:  7775b6a2 b20c8645 06bf8fb5 a0ba6b5b 874afc64 c657c2cc
Dec 19 14:30:59 proxy racoon: DEBUG: decrypted payload by IV:
Dec 19 14:30:59 proxy racoon: DEBUG:  9142b784 d4b013d4
Dec 19 14:30:59 proxy racoon: DEBUG: decrypted payload, but not trimed.
Dec 19 14:30:59 proxy racoon: DEBUG:  01000018 69a84275 393f3fac 8ae33b4c 3ef4f456 a87f8bda 0a0004ac 00000001 00000001 0200005c 01030402 ab46a961 03000028 01030000 80010001 00020004 00000e10 80010002 00020004 0003d090 80040002 80050001 00000028 02030000 80010001 00020004 00000e10 80010002 00020004 0003d090 80040002 80050002 02000034 02020401 ab46a961 00000028 01030000 80010001 00020004 00000e10 80010002 00020004 0003d090 80040002 80050002 02000030 02030401 c63589cd 00000024 01030000 80010001 00020004 00000e10 80010002 00020004 0003d090 80040002 02000034 03020401 ab46a961 00000028 01020000 80010001 00020004 00000e10 80010002 00020004 0003d090 80040002 80050001 02000030 03030401 c63589cd 00000024 01030000 80010001 00020004 00000e10 80010002 00020004 0003d090 80040002 02000034 04020401 ab46a961 00000028 01030000 80010001 00020004 00000e10 80010002 00020004 0003d090 80040002 80050002 02000034 04030401 c63589cd 00000028 01030000 80010001 00020004 00000e10 80010002 00020004 0003d090 80040002 80050002 02000034 0502040
Dec 19 14:30:59 proxy racoon: DEBUG: padding len=0
Dec 19 14:30:59 proxy racoon: DEBUG: skip to trim padding.
Dec 19 14:30:59 proxy racoon: DEBUG: decrypted.
Dec 19 14:30:59 proxy racoon: DEBUG:  cc93feae d8819428 a4f7ee63 9e76fdf7 08102001 53f23770 00000514 01000018 69a84275 393f3fac 8ae33b4c 3ef4f456 a87f8bda 0a0004ac 00000001 00000001 0200005c 01030402 ab46a961 03000028 01030000 80010001 00020004 00000e10 80010002 00020004 0003d090 80040002 80050001 00000028 02030000 80010001 00020004 00000e10 80010002 00020004 0003d090 80040002 80050002 02000034 02020401 ab46a961 00000028 01030000 80010001 00020004 00000e10 80010002 00020004 0003d090 80040002 80050002 02000030 02030401 c63589cd 00000024 01030000 80010001 00020004 00000e10 80010002 00020004 0003d090 80040002 02000034 03020401 ab46a961 00000028 01020000 80010001 00020004 00000e10 80010002 00020004 0003d090 80040002 80050001 02000030 03030401 c63589cd 00000024 01030000 80010001 00020004 00000e10 80010002 00020004 0003d090 80040002 02000034 04020401 ab46a961 00000028 01030000 80010001 00020004 00000e10 80010002 00020004 0003d090 80040002 80050002 02000034 04030401 c63589cd 00000028 01030000 80010001 00020004 00000e1
Dec 19 14:30:59 proxy racoon: DEBUG: begin.
Dec 19 14:30:59 proxy racoon: DEBUG: seen nptype=8(hash)
Dec 19 14:30:59 proxy racoon: DEBUG: seen nptype=1(sa)
Dec 19 14:30:59 proxy racoon: DEBUG: seen nptype=10(nonce)
Dec 19 14:30:59 proxy racoon: DEBUG: seen nptype=5(id)
Dec 19 14:30:59 proxy racoon: DEBUG: seen nptype=5(id)
Dec 19 14:30:59 proxy racoon: DEBUG: succeed.
Dec 19 14:30:59 proxy racoon: DEBUG: received IDci2:
Dec 19 14:30:59 proxy racoon: DEBUG:  011106a5 0a000b8d
Dec 19 14:30:59 proxy racoon: DEBUG: received IDcr2:
Dec 19 14:30:59 proxy racoon: DEBUG:  011106a5 d5a08b84
Dec 19 14:30:59 proxy racoon: DEBUG: HASH(1) validate:
Dec 19 14:30:59 proxy racoon: DEBUG:  69a84275 393f3fac 8ae33b4c 3ef4f456 a87f8bda
Dec 19 14:30:59 proxy racoon: DEBUG: HASH with:
Dec 19 14:30:59 proxy racoon: DEBUG:  53f23770 0a0004ac 00000001 00000001 0200005c 01030402 ab46a961 03000028 01030000 80010001 00020004 00000e10 80010002 00020004 0003d090 80040002 80050001 00000028 02030000 80010001 00020004 00000e10 80010002 00020004 0003d090 80040002 80050002 02000034 02020401 ab46a961 00000028 01030000 80010001 00020004 00000e10 80010002 00020004 0003d090 80040002 80050002 02000030 02030401 c63589cd 00000024 01030000 80010001 00020004 00000e10 80010002 00020004 0003d090 80040002 02000034 03020401 ab46a961 00000028 01020000 80010001 00020004 00000e10 80010002 00020004 0003d090 80040002 80050001 02000030 03030401 c63589cd 00000024 01030000 80010001 00020004 00000e10 80010002 00020004 0003d090 80040002 02000034 04020401 ab46a961 00000028 01030000 80010001 00020004 00000e10 80010002 00020004 0003d090 80040002 80050002 02000034 04030401 c63589cd 00000028 01030000 80010001 00020004 00000e10 80010002 00020004 0003d090 80040002 80050002 02000034 05020401 ab46a961 00000028 01020000 80010001 0002000
Dec 19 14:30:59 proxy racoon: DEBUG: hmac(hmac_sha1)
Dec 19 14:30:59 proxy racoon: DEBUG: HASH computed:
Dec 19 14:30:59 proxy racoon: DEBUG:  69a84275 393f3fac 8ae33b4c 3ef4f456 a87f8bda
Dec 19 14:30:59 proxy racoon: DEBUG: getsainfo params: loc='XXX.XXX.XXX.XXX' rmt='10.0.11.141' peer='10.0.11.141' client='10.0.11.141' id=0
Dec 19 14:30:59 proxy racoon: DEBUG: evaluating sainfo: loc='ANONYMOUS', rmt='ANONYMOUS', peer='ANY', id=0
Dec 19 14:30:59 proxy racoon: DEBUG: check and compare ids : values matched (ANONYMOUS)
Dec 19 14:30:59 proxy racoon: DEBUG: check and compare ids : values matched (ANONYMOUS)
Dec 19 14:30:59 proxy racoon: DEBUG: selected sainfo: loc='ANONYMOUS', rmt='ANONYMOUS', peer='ANY', id=0
Dec 19 14:30:59 proxy racoon: DEBUG: Either family (2 - 2), types (1 - 1) of ID from initiator differ or matching sainfo has no id_i defined for the peer. Not filling iph2->sa_src and iph2->sa_dst.
Dec 19 14:30:59 proxy racoon: DEBUG: get src address from ID payload 10.0.11.141[1701] prefixlen=32 ul_proto=17
Dec 19 14:30:59 proxy racoon: DEBUG: get dst address from ID payload XXX.XXX.XXX.XXX[1701] prefixlen=32 ul_proto=17
Dec 19 14:30:59 proxy racoon: DEBUG: sub:0xbfbfe274: 10.0.11.141/32[1701] XXX.XXX.XXX.XXX/32[1701] proto=udp dir=in
Dec 19 14:30:59 proxy racoon: DEBUG: db :0x28547148: XXX.XXX.XXX.XXX/32[1701] 0.0.0.0/0[0] proto=udp dir=out
Dec 19 14:30:59 proxy racoon: DEBUG: sub:0xbfbfe274: 10.0.11.141/32[1701] XXX.XXX.XXX.XXX/32[1701] proto=udp dir=in
Dec 19 14:30:59 proxy racoon: DEBUG: db: 0x28547148: XXX.XXX.XXX.XXX/32[1701] 0.0.0.0/0[0] proto=udp dir=out
Dec 19 14:30:59 proxy racoon: DEBUG: sub:0xbfbfe274: 10.0.11.141/32[1701] XXX.XXX.XXX.XXX/32[1701] proto=udp dir=in
Dec 19 14:30:59 proxy racoon: DEBUG: db :0x285473c8: 0.0.0.0/0[0] XXX.XXX.XXX.XXX/32[1701] proto=udp dir=in
Dec 19 14:30:59 proxy racoon: DEBUG: sub:0xbfbfe274: 10.0.11.141/32[1701] XXX.XXX.XXX.XXX/32[1701] proto=udp dir=in
Dec 19 14:30:59 proxy racoon: DEBUG: db: 0x285473c8: 0.0.0.0/0[0] XXX.XXX.XXX.XXX/32[1701] proto=udp dir=in
Dec 19 14:30:59 proxy racoon: DEBUG: 0xbfbfe274 masked with /0: 0.0.0.0[1701]
Dec 19 14:30:59 proxy racoon: DEBUG: 0x285473c8 masked with /0: 0.0.0.0[0]
Dec 19 14:30:59 proxy racoon: DEBUG: 0xbfbfe274 masked with /32: XXX.XXX.XXX.XXX[1701]
Dec 19 14:30:59 proxy racoon: DEBUG: 0x285473c8 masked with /32: XXX.XXX.XXX.XXX[1701]
Dec 19 14:30:59 proxy racoon: INFO: Update the generated policy : 10.0.11.141/32[1701] XXX.XXX.XXX.XXX/32[1701] proto=udp dir=in
Dec 19 14:30:59 proxy racoon: DEBUG: sub:0xbfbfe274: XXX.XXX.XXX.XXX/32[1701] 10.0.11.141/32[1701] proto=udp dir=out
Dec 19 14:30:59 proxy racoon: DEBUG: db :0x28547148: XXX.XXX.XXX.XXX/32[1701] 0.0.0.0/0[0] proto=udp dir=out
Dec 19 14:30:59 proxy racoon: DEBUG: sub:0xbfbfe274: XXX.XXX.XXX.XXX/32[1701] 10.0.11.141/32[1701] proto=udp dir=out
Dec 19 14:30:59 proxy racoon: DEBUG: db: 0x28547148: XXX.XXX.XXX.XXX/32[1701] 0.0.0.0/0[0] proto=udp dir=out
Dec 19 14:30:59 proxy racoon: DEBUG: 0xbfbfe274 masked with /32: XXX.XXX.XXX.XXX[1701]
Dec 19 14:30:59 proxy racoon: DEBUG: 0x28547148 masked with /32: XXX.XXX.XXX.XXX[1701]
Dec 19 14:30:59 proxy racoon: DEBUG: 0xbfbfe274 masked with /0: 0.0.0.0[1701]
Dec 19 14:30:59 proxy racoon: DEBUG: 0x28547148 masked with /0: 0.0.0.0[0]
Dec 19 14:30:59 proxy racoon: DEBUG: sub:0xbfbfe274: XXX.XXX.XXX.XXX/32[1701] 10.0.11.141/32[1701] proto=udp dir=out
Dec 19 14:30:59 proxy racoon: DEBUG: db :0x285473c8: 0.0.0.0/0[0] XXX.XXX.XXX.XXX/32[1701] proto=udp dir=in
Dec 19 14:30:59 proxy racoon: DEBUG: suitable SP found:XXX.XXX.XXX.XXX/32[1701] 10.0.11.141/32[1701] proto=udp dir=out
Dec 19 14:30:59 proxy racoon: DEBUG:  (proto_id=ESP spisize=4 spi=00000000 spi_p=00000000 encmode=Transport reqid=0:0)
Dec 19 14:30:59 proxy racoon: DEBUG:   (trns_id=3DES encklen=0 authtype=hmac-md5)
Dec 19 14:30:59 proxy racoon: DEBUG:   (trns_id=3DES encklen=0 authtype=hmac-sha)
Dec 19 14:30:59 proxy racoon: DEBUG: total SA len=1192
Dec 19 14:30:59 proxy racoon: DEBUG:  00000001 00000001 0200005c 01030402 ab46a961 03000028 01030000 80010001 00020004 00000e10 80010002 00020004 0003d090 80040002 80050001 00000028 02030000 80010001 00020004 00000e10 80010002 00020004 0003d090 80040002 80050002 02000034 02020401 ab46a961 00000028 01030000 80010001 00020004 00000e10 80010002 00020004 0003d090 80040002 80050002 02000030 02030401 c63589cd 00000024 01030000 80010001 00020004 00000e10 80010002 00020004 0003d090 80040002 02000034 03020401 ab46a961 00000028 01020000 80010001 00020004 00000e10 80010002 00020004 0003d090 80040002 80050001 02000030 03030401 c63589cd 00000024 01030000 80010001 00020004 00000e10 80010002 00020004 0003d090 80040002 02000034 04020401 ab46a961 00000028 01030000 80010001 00020004 00000e10 80010002 00020004 0003d090 80040002 80050002 02000034 04030401 c63589cd 00000028 01030000 80010001 00020004 00000e10 80010002 00020004 0003d090 80040002 80050002 02000034 05020401 ab46a961 00000028 01020000 80010001 00020004 00000e10 8001000
Dec 19 14:30:59 proxy racoon: DEBUG: begin.
Dec 19 14:30:59 proxy racoon: DEBUG: seen nptype=2(prop)
Dec 19 14:30:59 proxy last message repeated 19 times
Dec 19 14:30:59 proxy racoon: DEBUG: succeed.
Dec 19 14:30:59 proxy racoon: DEBUG: proposal #1 len=92
Dec 19 14:30:59 proxy racoon: DEBUG: begin.
Dec 19 14:30:59 proxy racoon: DEBUG: seen nptype=3(trns)
Dec 19 14:30:59 proxy racoon: DEBUG: seen nptype=3(trns)
Dec 19 14:30:59 proxy racoon: DEBUG: succeed.
Dec 19 14:30:59 proxy racoon: DEBUG: transform #1 len=40
Dec 19 14:30:59 proxy racoon: DEBUG: type=SA Life Type, flag=0x8000, lorv=seconds
Dec 19 14:30:59 proxy racoon: DEBUG: type=SA Life Duration, flag=0x0000, lorv=4
Dec 19 14:30:59 proxy racoon: DEBUG: type=SA Life Type, flag=0x8000, lorv=kilobytes
Dec 19 14:30:59 proxy racoon: DEBUG: type=SA Life Duration, flag=0x0000, lorv=4
Dec 19 14:30:59 proxy racoon: DEBUG: type=Encryption Mode, flag=0x8000, lorv=Transport
Dec 19 14:30:59 proxy racoon: DEBUG: type=Authentication Algorithm, flag=0x8000, lorv=hmac-md5
Dec 19 14:30:59 proxy racoon: DEBUG: transform #2 len=40
Dec 19 14:30:59 proxy racoon: DEBUG: type=SA Life Type, flag=0x8000, lorv=seconds
Dec 19 14:30:59 proxy racoon: DEBUG: type=SA Life Duration, flag=0x0000, lorv=4
Dec 19 14:30:59 proxy racoon: DEBUG: type=SA Life Type, flag=0x8000, lorv=kilobytes
Dec 19 14:30:59 proxy racoon: DEBUG: type=SA Life Duration, flag=0x0000, lorv=4
Dec 19 14:30:59 proxy racoon: DEBUG: type=Encryption Mode, flag=0x8000, lorv=Transport
Dec 19 14:30:59 proxy racoon: DEBUG: type=Authentication Algorithm, flag=0x8000, lorv=hmac-sha
Dec 19 14:30:59 proxy racoon: DEBUG: proposal #2 len=52
Dec 19 14:30:59 proxy racoon: DEBUG: begin.
Dec 19 14:30:59 proxy racoon: DEBUG: seen nptype=3(trns)
Dec 19 14:30:59 proxy racoon: DEBUG: succeed.
Dec 19 14:30:59 proxy racoon: DEBUG: transform #1 len=40
Dec 19 14:30:59 proxy racoon: DEBUG: type=SA Life Type, flag=0x8000, lorv=seconds
Dec 19 14:30:59 proxy racoon: DEBUG: type=SA Life Duration, flag=0x0000, lorv=4
Dec 19 14:30:59 proxy racoon: DEBUG: type=SA Life Type, flag=0x8000, lorv=kilobytes
Dec 19 14:30:59 proxy racoon: DEBUG: type=SA Life Duration, flag=0x0000, lorv=4
Dec 19 14:30:59 proxy racoon: DEBUG: type=Encryption Mode, flag=0x8000, lorv=Transport
Dec 19 14:30:59 proxy racoon: DEBUG: type=Authentication Algorithm, flag=0x8000, lorv=hmac-sha
Dec 19 14:30:59 proxy racoon: DEBUG: proposal #2 len=48
Dec 19 14:30:59 proxy racoon: DEBUG: begin.
Dec 19 14:30:59 proxy racoon: DEBUG: seen nptype=3(trns)
Dec 19 14:30:59 proxy racoon: DEBUG: succeed.
Dec 19 14:30:59 proxy racoon: DEBUG: transform #1 len=36
Dec 19 14:30:59 proxy racoon: DEBUG: type=SA Life Type, flag=0x8000, lorv=seconds
Dec 19 14:30:59 proxy racoon: DEBUG: type=SA Life Duration, flag=0x0000, lorv=4
Dec 19 14:30:59 proxy racoon: DEBUG: type=SA Life Type, flag=0x8000, lorv=kilobytes
Dec 19 14:30:59 proxy racoon: DEBUG: type=SA Life Duration, flag=0x0000, lorv=4
Dec 19 14:30:59 proxy racoon: DEBUG: type=Encryption Mode, flag=0x8000, lorv=Transport
Dec 19 14:30:59 proxy racoon: DEBUG: proposal #3 len=52
Dec 19 14:30:59 proxy racoon: DEBUG: begin.
Dec 19 14:30:59 proxy racoon: DEBUG: seen nptype=3(trns)
Dec 19 14:30:59 proxy racoon: DEBUG: succeed.
Dec 19 14:30:59 proxy racoon: DEBUG: transform #1 len=40
Dec 19 14:30:59 proxy racoon: DEBUG: type=SA Life Type, flag=0x8000, lorv=seconds
Dec 19 14:30:59 proxy racoon: DEBUG: type=SA Life Duration, flag=0x0000, lorv=4
Dec 19 14:30:59 proxy racoon: DEBUG: type=SA Life Type, flag=0x8000, lorv=kilobytes
Dec 19 14:30:59 proxy racoon: DEBUG: type=SA Life Duration, flag=0x0000, lorv=4
Dec 19 14:30:59 proxy racoon: DEBUG: type=Encryption Mode, flag=0x8000, lorv=Transport
Dec 19 14:30:59 proxy racoon: DEBUG: type=Authentication Algorithm, flag=0x8000, lorv=hmac-md5
Dec 19 14:30:59 proxy racoon: DEBUG: proposal #3 len=48
Dec 19 14:30:59 proxy racoon: DEBUG: begin.
Dec 19 14:30:59 proxy racoon: DEBUG: seen nptype=3(trns)
Dec 19 14:30:59 proxy racoon: DEBUG: succeed.
Dec 19 14:30:59 proxy racoon: DEBUG: transform #1 len=36
Dec 19 14:30:59 proxy racoon: DEBUG: type=SA Life Type, flag=0x8000, lorv=seconds
Dec 19 14:30:59 proxy racoon: DEBUG: type=SA Life Duration, flag=0x0000, lorv=4
Dec 19 14:30:59 proxy racoon: DEBUG: type=SA Life Type, flag=0x8000, lorv=kilobytes
Dec 19 14:30:59 proxy racoon: DEBUG: type=SA Life Duration, flag=0x0000, lorv=4
Dec 19 14:30:59 proxy racoon: DEBUG: type=Encryption Mode, flag=0x8000, lorv=Transport
Dec 19 14:30:59 proxy racoon: DEBUG: proposal #4 len=52
Dec 19 14:30:59 proxy racoon: DEBUG: begin.
Dec 19 14:30:59 proxy racoon: DEBUG: seen nptype=3(trns)
Dec 19 14:30:59 proxy racoon: DEBUG: succeed.
Dec 19 14:30:59 proxy racoon: DEBUG: transform #1 len=40
Dec 19 14:30:59 proxy racoon: DEBUG: type=SA Life Type, flag=0x8000, lorv=seconds
Dec 19 14:30:59 proxy racoon: DEBUG: type=SA Life Duration, flag=0x0000, lorv=4
Dec 19 14:30:59 proxy racoon: DEBUG: type=SA Life Type, flag=0x8000, lorv=kilobytes
Dec 19 14:30:59 proxy racoon: DEBUG: type=SA Life Duration, flag=0x0000, lorv=4
Dec 19 14:30:59 proxy racoon: DEBUG: type=Encryption Mode, flag=0x8000, lorv=Transport
Dec 19 14:30:59 proxy racoon: DEBUG: type=Authentication Algorithm, flag=0x8000, lorv=hmac-sha
Dec 19 14:30:59 proxy racoon: DEBUG: proposal #4 len=52
Dec 19 14:30:59 proxy racoon: DEBUG: begin.
Dec 19 14:30:59 proxy racoon: DEBUG: seen nptype=3(trns)
Dec 19 14:30:59 proxy racoon: DEBUG: succeed.
Dec 19 14:30:59 proxy racoon: DEBUG: transform #1 len=40
Dec 19 14:30:59 proxy racoon: DEBUG: type=SA Life Type, flag=0x8000, lorv=seconds
Dec 19 14:30:59 proxy racoon: DEBUG: type=SA Life Duration, flag=0x0000, lorv=4
Dec 19 14:30:59 proxy racoon: DEBUG: type=SA Life Type, flag=0x8000, lorv=kilobytes
Dec 19 14:30:59 proxy racoon: DEBUG: type=SA Life Duration, flag=0x0000, lorv=4
Dec 19 14:30:59 proxy racoon: DEBUG: type=Encryption Mode, flag=0x8000, lorv=Transport
Dec 19 14:30:59 proxy racoon: DEBUG: type=Authentication Algorithm, flag=0x8000, lorv=hmac-sha
Dec 19 14:30:59 proxy racoon: DEBUG: proposal #5 len=52
Dec 19 14:30:59 proxy racoon: DEBUG: begin.
Dec 19 14:30:59 proxy racoon: DEBUG: seen nptype=3(trns)
Dec 19 14:30:59 proxy racoon: DEBUG: succeed.
Dec 19 14:30:59 proxy racoon: DEBUG: transform #1 len=40
Dec 19 14:30:59 proxy racoon: DEBUG: type=SA Life Type, flag=0x8000, lorv=seconds
Dec 19 14:30:59 proxy racoon: DEBUG: type=SA Life Duration, flag=0x0000, lorv=4
Dec 19 14:30:59 proxy racoon: DEBUG: type=SA Life Type, flag=0x8000, lorv=kilobytes
Dec 19 14:30:59 proxy racoon: DEBUG: type=SA Life Duration, flag=0x0000, lorv=4
Dec 19 14:30:59 proxy racoon: DEBUG: type=Encryption Mode, flag=0x8000, lorv=Transport
Dec 19 14:30:59 proxy racoon: DEBUG: type=Authentication Algorithm, flag=0x8000, lorv=hmac-md5
Dec 19 14:30:59 proxy racoon: DEBUG: proposal #5 len=52
Dec 19 14:30:59 proxy racoon: DEBUG: begin.
Dec 19 14:30:59 proxy racoon: DEBUG: seen nptype=3(trns)
Dec 19 14:30:59 proxy racoon: DEBUG: succeed.
Dec 19 14:30:59 proxy racoon: DEBUG: transform #1 len=40
Dec 19 14:30:59 proxy racoon: DEBUG: type=SA Life Type, flag=0x8000, lorv=seconds
Dec 19 14:30:59 proxy racoon: DEBUG: type=SA Life Duration, flag=0x0000, lorv=4
Dec 19 14:30:59 proxy racoon: DEBUG: type=SA Life Type, flag=0x8000, lorv=kilobytes
Dec 19 14:30:59 proxy racoon: DEBUG: type=SA Life Duration, flag=0x0000, lorv=4
Dec 19 14:30:59 proxy racoon: DEBUG: type=Encryption Mode, flag=0x8000, lorv=Transport
Dec 19 14:30:59 proxy racoon: DEBUG: type=Authentication Algorithm, flag=0x8000, lorv=hmac-md5
Dec 19 14:30:59 proxy racoon: DEBUG: proposal #6 len=92
Dec 19 14:30:59 proxy racoon: DEBUG: begin.
Dec 19 14:30:59 proxy racoon: DEBUG: seen nptype=3(trns)
Dec 19 14:30:59 proxy racoon: DEBUG: seen nptype=3(trns)
Dec 19 14:30:59 proxy racoon: DEBUG: succeed.
Dec 19 14:30:59 proxy racoon: DEBUG: transform #1 len=40
Dec 19 14:30:59 proxy racoon: DEBUG: type=SA Life Type, flag=0x8000, lorv=seconds
Dec 19 14:30:59 proxy racoon: DEBUG: type=SA Life Duration, flag=0x0000, lorv=4
Dec 19 14:30:59 proxy racoon: DEBUG: type=SA Life Type, flag=0x8000, lorv=kilobytes
Dec 19 14:30:59 proxy racoon: DEBUG: type=SA Life Duration, flag=0x0000, lorv=4
Dec 19 14:30:59 proxy racoon: DEBUG: type=Encryption Mode, flag=0x8000, lorv=Transport
Dec 19 14:30:59 proxy racoon: DEBUG: type=Authentication Algorithm, flag=0x8000, lorv=hmac-md5
Dec 19 14:30:59 proxy racoon: DEBUG: transform #2 len=40
Dec 19 14:30:59 proxy racoon: DEBUG: type=SA Life Type, flag=0x8000, lorv=seconds
Dec 19 14:30:59 proxy racoon: DEBUG: type=SA Life Duration, flag=0x0000, lorv=4
Dec 19 14:30:59 proxy racoon: DEBUG: type=SA Life Type, flag=0x8000, lorv=kilobytes
Dec 19 14:30:59 proxy racoon: DEBUG: type=SA Life Duration, flag=0x0000, lorv=4
Dec 19 14:30:59 proxy racoon: DEBUG: type=Encryption Mode, flag=0x8000, lorv=Transport
Dec 19 14:30:59 proxy racoon: DEBUG: type=Authentication Algorithm, flag=0x8000, lorv=hmac-sha
Dec 19 14:30:59 proxy racoon: DEBUG: proposal #7 len=52
Dec 19 14:30:59 proxy racoon: DEBUG: begin.
Dec 19 14:30:59 proxy racoon: DEBUG: seen nptype=3(trns)
Dec 19 14:30:59 proxy racoon: DEBUG: succeed.
Dec 19 14:30:59 proxy racoon: DEBUG: transform #1 len=40
Dec 19 14:30:59 proxy racoon: DEBUG: type=SA Life Type, flag=0x8000, lorv=seconds
Dec 19 14:30:59 proxy racoon: DEBUG: type=SA Life Duration, flag=0x0000, lorv=4
Dec 19 14:30:59 proxy racoon: DEBUG: type=SA Life Type, flag=0x8000, lorv=kilobytes
Dec 19 14:30:59 proxy racoon: DEBUG: type=SA Life Duration, flag=0x0000, lorv=4
Dec 19 14:30:59 proxy racoon: DEBUG: type=Encryption Mode, flag=0x8000, lorv=Transport
Dec 19 14:30:59 proxy racoon: DEBUG: type=Authentication Algorithm, flag=0x8000, lorv=hmac-sha
Dec 19 14:30:59 proxy racoon: DEBUG: proposal #7 len=48
Dec 19 14:30:59 proxy racoon: DEBUG: begin.
Dec 19 14:30:59 proxy racoon: DEBUG: seen nptype=3(trns)
Dec 19 14:30:59 proxy racoon: DEBUG: succeed.
Dec 19 14:30:59 proxy racoon: DEBUG: transform #1 len=36
Dec 19 14:30:59 proxy racoon: DEBUG: type=SA Life Type, flag=0x8000, lorv=seconds
Dec 19 14:30:59 proxy racoon: DEBUG: type=SA Life Duration, flag=0x0000, lorv=4
Dec 19 14:30:59 proxy racoon: DEBUG: type=SA Life Type, flag=0x8000, lorv=kilobytes
Dec 19 14:30:59 proxy racoon: DEBUG: type=SA Life Duration, flag=0x0000, lorv=4
Dec 19 14:30:59 proxy racoon: DEBUG: type=Encryption Mode, flag=0x8000, lorv=Transport
Dec 19 14:30:59 proxy racoon: DEBUG: proposal #8 len=52
Dec 19 14:30:59 proxy racoon: DEBUG: begin.
Dec 19 14:30:59 proxy racoon: DEBUG: seen nptype=3(trns)
Dec 19 14:30:59 proxy racoon: DEBUG: succeed.
Dec 19 14:30:59 proxy racoon: DEBUG: transform #1 len=40
Dec 19 14:30:59 proxy racoon: DEBUG: type=SA Life Type, flag=0x8000, lorv=seconds
Dec 19 14:30:59 proxy racoon: DEBUG: type=SA Life Duration, flag=0x0000, lorv=4
Dec 19 14:30:59 proxy racoon: DEBUG: type=SA Life Type, flag=0x8000, lorv=kilobytes
Dec 19 14:30:59 proxy racoon: DEBUG: type=SA Life Duration, flag=0x0000, lorv=4
Dec 19 14:30:59 proxy racoon: DEBUG: type=Encryption Mode, flag=0x8000, lorv=Transport
Dec 19 14:30:59 proxy racoon: DEBUG: type=Authentication Algorithm, flag=0x8000, lorv=hmac-md5
Dec 19 14:30:59 proxy racoon: DEBUG: proposal #8 len=48
Dec 19 14:30:59 proxy racoon: DEBUG: begin.
Dec 19 14:30:59 proxy racoon: DEBUG: seen nptype=3(trns)
Dec 19 14:30:59 proxy racoon: DEBUG: succeed.
Dec 19 14:30:59 proxy racoon: DEBUG: transform #1 len=36
Dec 19 14:30:59 proxy racoon: DEBUG: type=SA Life Type, flag=0x8000, lorv=seconds
Dec 19 14:30:59 proxy racoon: DEBUG: type=SA Life Duration, flag=0x0000, lorv=4
Dec 19 14:30:59 proxy racoon: DEBUG: type=SA Life Type, flag=0x8000, lorv=kilobytes
Dec 19 14:30:59 proxy racoon: DEBUG: type=SA Life Duration, flag=0x0000, lorv=4
Dec 19 14:30:59 proxy racoon: DEBUG: type=Encryption Mode, flag=0x8000, lorv=Transport
Dec 19 14:30:59 proxy racoon: DEBUG: proposal #9 len=52
Dec 19 14:30:59 proxy racoon: DEBUG: begin.
Dec 19 14:30:59 proxy racoon: DEBUG: seen nptype=3(trns)
Dec 19 14:30:59 proxy racoon: DEBUG: succeed.
Dec 19 14:30:59 proxy racoon: DEBUG: transform #1 len=40
Dec 19 14:30:59 proxy racoon: DEBUG: type=SA Life Type, flag=0x8000, lorv=seconds
Dec 19 14:30:59 proxy racoon: DEBUG: type=SA Life Duration, flag=0x0000, lorv=4
Dec 19 14:30:59 proxy racoon: DEBUG: type=SA Life Type, flag=0x8000, lorv=kilobytes
Dec 19 14:30:59 proxy racoon: DEBUG: type=SA Life Duration, flag=0x0000, lorv=4
Dec 19 14:30:59 proxy racoon: DEBUG: type=Encryption Mode, flag=0x8000, lorv=Transport
Dec 19 14:30:59 proxy racoon: DEBUG: type=Authentication Algorithm, flag=0x8000, lorv=hmac-sha
Dec 19 14:30:59 proxy racoon: DEBUG: proposal #9 len=52
Dec 19 14:30:59 proxy racoon: DEBUG: begin.
Dec 19 14:30:59 proxy racoon: DEBUG: seen nptype=3(trns)
Dec 19 14:30:59 proxy racoon: DEBUG: succeed.
Dec 19 14:30:59 proxy racoon: DEBUG: transform #1 len=40
Dec 19 14:30:59 proxy racoon: DEBUG: type=SA Life Type, flag=0x8000, lorv=seconds
Dec 19 14:30:59 proxy racoon: DEBUG: type=SA Life Duration, flag=0x0000, lorv=4
Dec 19 14:30:59 proxy racoon: DEBUG: type=SA Life Type, flag=0x8000, lorv=kilobytes
Dec 19 14:30:59 proxy racoon: DEBUG: type=SA Life Duration, flag=0x0000, lorv=4
Dec 19 14:30:59 proxy racoon: DEBUG: type=Encryption Mode, flag=0x8000, lorv=Transport
Dec 19 14:30:59 proxy racoon: DEBUG: type=Authentication Algorithm, flag=0x8000, lorv=hmac-sha
Dec 19 14:30:59 proxy racoon: DEBUG: proposal #10 len=52
Dec 19 14:30:59 proxy racoon: DEBUG: begin.
Dec 19 14:30:59 proxy racoon: DEBUG: seen nptype=3(trns)
Dec 19 14:30:59 proxy racoon: DEBUG: succeed.
Dec 19 14:30:59 proxy racoon: DEBUG: transform #1 len=40
Dec 19 14:30:59 proxy racoon: DEBUG: type=SA Life Type, flag=0x8000, lorv=seconds
Dec 19 14:30:59 proxy racoon: DEBUG: type=SA Life Duration, flag=0x0000, lorv=4
Dec 19 14:30:59 proxy racoon: DEBUG: type=SA Life Type, flag=0x8000, lorv=kilobytes
Dec 19 14:30:59 proxy racoon: DEBUG: type=SA Life Duration, flag=0x0000, lorv=4
Dec 19 14:30:59 proxy racoon: DEBUG: type=Encryption Mode, flag=0x8000, lorv=Transport
Dec 19 14:30:59 proxy racoon: DEBUG: type=Authentication Algorithm, flag=0x8000, lorv=hmac-md5
Dec 19 14:30:59 proxy racoon: DEBUG: proposal #10 len=52
Dec 19 14:30:59 proxy racoon: DEBUG: begin.
Dec 19 14:30:59 proxy racoon: DEBUG: seen nptype=3(trns)
Dec 19 14:30:59 proxy racoon: DEBUG: succeed.
Dec 19 14:30:59 proxy racoon: DEBUG: transform #1 len=40
Dec 19 14:30:59 proxy racoon: DEBUG: type=SA Life Type, flag=0x8000, lorv=seconds
Dec 19 14:30:59 proxy racoon: DEBUG: type=SA Life Duration, flag=0x0000, lorv=4
Dec 19 14:30:59 proxy racoon: DEBUG: type=SA Life Type, flag=0x8000, lorv=kilobytes
Dec 19 14:30:59 proxy racoon: DEBUG: type=SA Life Duration, flag=0x0000, lorv=4
Dec 19 14:30:59 proxy racoon: DEBUG: type=Encryption Mode, flag=0x8000, lorv=Transport
Dec 19 14:30:59 proxy racoon: DEBUG: type=Authentication Algorithm, flag=0x8000, lorv=hmac-md5
Dec 19 14:30:59 proxy racoon: DEBUG: proposal #11 len=92
Dec 19 14:30:59 proxy racoon: DEBUG: begin.
Dec 19 14:30:59 proxy racoon: DEBUG: seen nptype=3(trns)
Dec 19 14:30:59 proxy racoon: DEBUG: seen nptype=3(trns)
Dec 19 14:30:59 proxy racoon: DEBUG: succeed.
Dec 19 14:30:59 proxy racoon: DEBUG: transform #1 len=40
Dec 19 14:30:59 proxy racoon: DEBUG: type=SA Life Type, flag=0x8000, lorv=seconds
Dec 19 14:30:59 proxy racoon: DEBUG: type=SA Life Duration, flag=0x0000, lorv=4
Dec 19 14:30:59 proxy racoon: DEBUG: type=SA Life Type, flag=0x8000, lorv=kilobytes
Dec 19 14:30:59 proxy racoon: DEBUG: type=SA Life Duration, flag=0x0000, lorv=4
Dec 19 14:30:59 proxy racoon: DEBUG: type=Encryption Mode, flag=0x8000, lorv=Transport
Dec 19 14:30:59 proxy racoon: DEBUG: type=Authentication Algorithm, flag=0x8000, lorv=hmac-sha
Dec 19 14:30:59 proxy racoon: DEBUG: transform #2 len=40
Dec 19 14:30:59 proxy racoon: DEBUG: type=SA Life Type, flag=0x8000, lorv=seconds
Dec 19 14:30:59 proxy racoon: DEBUG: type=SA Life Duration, flag=0x0000, lorv=4
Dec 19 14:30:59 proxy racoon: DEBUG: type=SA Life Type, flag=0x8000, lorv=kilobytes
Dec 19 14:30:59 proxy racoon: DEBUG: type=SA Life Duration, flag=0x0000, lorv=4
Dec 19 14:30:59 proxy racoon: DEBUG: type=Encryption Mode, flag=0x8000, lorv=Transport
Dec 19 14:30:59 proxy racoon: DEBUG: type=Authentication Algorithm, flag=0x8000, lorv=hmac-md5
Dec 19 14:30:59 proxy racoon: DEBUG: proposal #12 len=92
Dec 19 14:30:59 proxy racoon: DEBUG: begin.
Dec 19 14:30:59 proxy racoon: DEBUG: seen nptype=3(trns)
Dec 19 14:30:59 proxy racoon: DEBUG: seen nptype=3(trns)
Dec 19 14:30:59 proxy racoon: DEBUG: succeed.
Dec 19 14:30:59 proxy racoon: DEBUG: transform #1 len=40
Dec 19 14:30:59 proxy racoon: DEBUG: type=SA Life Type, flag=0x8000, lorv=seconds
Dec 19 14:30:59 proxy racoon: DEBUG: type=SA Life Duration, flag=0x0000, lorv=4
Dec 19 14:30:59 proxy racoon: DEBUG: type=SA Life Type, flag=0x8000, lorv=kilobytes
Dec 19 14:30:59 proxy racoon: DEBUG: type=SA Life Duration, flag=0x0000, lorv=4
Dec 19 14:30:59 proxy racoon: DEBUG: type=Encryption Mode, flag=0x8000, lorv=Transport
Dec 19 14:30:59 proxy racoon: DEBUG: type=Authentication Algorithm, flag=0x8000, lorv=hmac-sha
Dec 19 14:30:59 proxy racoon: DEBUG: transform #2 len=40
Dec 19 14:30:59 proxy racoon: DEBUG: type=SA Life Type, flag=0x8000, lorv=seconds
Dec 19 14:30:59 proxy racoon: DEBUG: type=SA Life Duration, flag=0x0000, lorv=4
Dec 19 14:30:59 proxy racoon: DEBUG: type=SA Life Type, flag=0x8000, lorv=kilobytes
Dec 19 14:30:59 proxy racoon: DEBUG: type=SA Life Duration, flag=0x0000, lorv=4
Dec 19 14:30:59 proxy racoon: DEBUG: type=Encryption Mode, flag=0x8000, lorv=Transport
Dec 19 14:30:59 proxy racoon: DEBUG: type=Authentication Algorithm, flag=0x8000, lorv=hmac-md5
Dec 19 14:30:59 proxy racoon: DEBUG: pair 1:
Dec 19 14:30:59 proxy racoon: DEBUG:  0x28517530: next=0x0 tnext=0x28517540
Dec 19 14:30:59 proxy racoon: DEBUG:   0x28517540: next=0x0 tnext=0x0
Dec 19 14:30:59 proxy racoon: DEBUG: proposal #1: 2 transform
Dec 19 14:30:59 proxy racoon: DEBUG: pair 2:
Dec 19 14:30:59 proxy racoon: DEBUG:  0x28517550: next=0x28517560 tnext=0x0
Dec 19 14:30:59 proxy racoon: DEBUG:   0x28517560: next=0x0 tnext=0x0
Dec 19 14:30:59 proxy racoon: DEBUG: proposal #2: 2 transform
Dec 19 14:30:59 proxy racoon: DEBUG: pair 3:
Dec 19 14:30:59 proxy racoon: DEBUG:  0x28517570: next=0x28517580 tnext=0x0
Dec 19 14:30:59 proxy racoon: DEBUG:   0x28517580: next=0x0 tnext=0x0
Dec 19 14:30:59 proxy racoon: DEBUG: proposal #3: 2 transform
Dec 19 14:30:59 proxy racoon: DEBUG: pair 4:
Dec 19 14:30:59 proxy racoon: DEBUG:  0x28517590: next=0x285175a0 tnext=0x0
Dec 19 14:30:59 proxy racoon: DEBUG:   0x285175a0: next=0x0 tnext=0x0
Dec 19 14:30:59 proxy racoon: DEBUG: proposal #4: 2 transform
Dec 19 14:30:59 proxy racoon: DEBUG: pair 5:
Dec 19 14:30:59 proxy racoon: DEBUG:  0x285175b0: next=0x285175c0 tnext=0x0
Dec 19 14:30:59 proxy racoon: DEBUG:   0x285175c0: next=0x0 tnext=0x0
Dec 19 14:30:59 proxy racoon: DEBUG: proposal #5: 2 transform
Dec 19 14:30:59 proxy racoon: DEBUG: pair 6:
Dec 19 14:30:59 proxy racoon: DEBUG:  0x285175d0: next=0x0 tnext=0x285175e0
Dec 19 14:30:59 proxy racoon: DEBUG:   0x285175e0: next=0x0 tnext=0x0
Dec 19 14:30:59 proxy racoon: DEBUG: proposal #6: 2 transform
Dec 19 14:30:59 proxy racoon: DEBUG: pair 7:
Dec 19 14:30:59 proxy racoon: DEBUG:  0x285175f0: next=0x28517600 tnext=0x0
Dec 19 14:30:59 proxy racoon: DEBUG:   0x28517600: next=0x0 tnext=0x0
Dec 19 14:30:59 proxy racoon: DEBUG: proposal #7: 2 transform
Dec 19 14:30:59 proxy racoon: DEBUG: pair 8:
Dec 19 14:30:59 proxy racoon: DEBUG:  0x28517610: next=0x28517620 tnext=0x0
Dec 19 14:30:59 proxy racoon: DEBUG:   0x28517620: next=0x0 tnext=0x0
Dec 19 14:30:59 proxy racoon: DEBUG: proposal #8: 2 transform
Dec 19 14:30:59 proxy racoon: DEBUG: pair 9:
Dec 19 14:30:59 proxy racoon: DEBUG:  0x28517630: next=0x28517640 tnext=0x0
Dec 19 14:30:59 proxy racoon: DEBUG:   0x28517640: next=0x0 tnext=0x0
Dec 19 14:30:59 proxy racoon: DEBUG: proposal #9: 2 transform
Dec 19 14:30:59 proxy racoon: DEBUG: pair 10:
Dec 19 14:30:59 proxy racoon: DEBUG:  0x28517650: next=0x28517660 tnext=0x0
Dec 19 14:30:59 proxy racoon: DEBUG:   0x28517660: next=0x0 tnext=0x0
Dec 19 14:30:59 proxy racoon: DEBUG: proposal #10: 2 transform
Dec 19 14:30:59 proxy racoon: DEBUG: pair 11:
Dec 19 14:30:59 proxy racoon: DEBUG:  0x28517670: next=0x0 tnext=0x28517680
Dec 19 14:30:59 proxy racoon: DEBUG:   0x28517680: next=0x0 tnext=0x0
Dec 19 14:30:59 proxy racoon: DEBUG: proposal #11: 2 transform
Dec 19 14:30:59 proxy racoon: DEBUG: pair 12:
Dec 19 14:30:59 proxy racoon: DEBUG:  0x28517690: next=0x0 tnext=0x285176a0
Dec 19 14:30:59 proxy racoon: DEBUG:   0x285176a0: next=0x0 tnext=0x0
Dec 19 14:30:59 proxy racoon: DEBUG: proposal #12: 2 transform
Dec 19 14:30:59 proxy racoon: DEBUG: begin compare proposals.
Dec 19 14:30:59 proxy racoon: DEBUG: pair[1]: 0x28517530
Dec 19 14:30:59 proxy racoon: DEBUG:  0x28517530: next=0x0 tnext=0x28517540
Dec 19 14:30:59 proxy racoon: DEBUG:   0x28517540: next=0x0 tnext=0x0
Dec 19 14:30:59 proxy racoon: DEBUG: prop#=1 prot-id=ESP spi-size=4 #trns=2 trns#=1 trns-id=3DES
Dec 19 14:30:59 proxy racoon: DEBUG: type=SA Life Type, flag=0x8000, lorv=seconds
Dec 19 14:30:59 proxy racoon: DEBUG: type=SA Life Duration, flag=0x0000, lorv=4
Dec 19 14:30:59 proxy racoon: DEBUG: type=SA Life Type, flag=0x8000, lorv=kilobytes
Dec 19 14:30:59 proxy racoon: DEBUG: type=SA Life Duration, flag=0x0000, lorv=4
Dec 19 14:30:59 proxy racoon: DEBUG: type=Encryption Mode, flag=0x8000, lorv=Transport
Dec 19 14:30:59 proxy racoon: DEBUG: type=Authentication Algorithm, flag=0x8000, lorv=hmac-md5
Dec 19 14:30:59 proxy racoon: DEBUG: prop#=1 prot-id=ESP spi-size=4 #trns=2 trns#=2 trns-id=3DES
Dec 19 14:30:59 proxy racoon: DEBUG: type=SA Life Type, flag=0x8000, lorv=seconds
Dec 19 14:30:59 proxy racoon: DEBUG: type=SA Life Duration, flag=0x0000, lorv=4
Dec 19 14:30:59 proxy racoon: DEBUG: type=SA Life Type, flag=0x8000, lorv=kilobytes
Dec 19 14:30:59 proxy racoon: DEBUG: type=SA Life Duration, flag=0x0000, lorv=4
Dec 19 14:30:59 proxy racoon: DEBUG: type=Encryption Mode, flag=0x8000, lorv=Transport
Dec 19 14:30:59 proxy racoon: DEBUG: type=Authentication Algorithm, flag=0x8000, lorv=hmac-sha
Dec 19 14:30:59 proxy racoon: DEBUG: peer's single bundle:
Dec 19 14:30:59 proxy racoon: DEBUG:  (proto_id=ESP spisize=4 spi=ab46a961 spi_p=00000000 encmode=Transport reqid=0:0)
Dec 19 14:30:59 proxy racoon: DEBUG:   (trns_id=3DES encklen=0 authtype=hmac-md5)
Dec 19 14:30:59 proxy racoon: DEBUG:   (trns_id=3DES encklen=0 authtype=hmac-sha)
Dec 19 14:30:59 proxy racoon: DEBUG: my single bundle:
Dec 19 14:30:59 proxy racoon: DEBUG:  (proto_id=ESP spisize=4 spi=00000000 spi_p=00000000 encmode=Transport reqid=0:0)
Dec 19 14:30:59 proxy racoon: DEBUG:   (trns_id=3DES encklen=0 authtype=hmac-md5)
Dec 19 14:30:59 proxy racoon: DEBUG:   (trns_id=3DES encklen=0 authtype=hmac-sha)
Dec 19 14:30:59 proxy racoon: DEBUG: matched
Dec 19 14:30:59 proxy racoon: DEBUG: ===
Dec 19 14:30:59 proxy racoon: DEBUG: call pfkey_send_getspi
Dec 19 14:30:59 proxy racoon: DEBUG: pfkey GETSPI sent: ESP/Transport 10.0.11.141[500]->XXX.XXX.XXX.XXX[500] 
Dec 19 14:30:59 proxy racoon: DEBUG: pfkey getspi sent.
Dec 19 14:30:59 proxy racoon: DEBUG: pk_recv: retry[0] recv() 
Dec 19 14:30:59 proxy racoon: DEBUG: got pfkey GETSPI message
Dec 19 14:30:59 proxy racoon: DEBUG: pfkey GETSPI succeeded: ESP/Transport 10.0.11.141[500]->XXX.XXX.XXX.XXX[500] spi=265928198(0xfd9be06)
Dec 19 14:30:59 proxy racoon: DEBUG: total SA len=60
Dec 19 14:30:59 proxy racoon: DEBUG:  00000001 00000001 00000034 01030401 00000000 00000028 01030000 80010001 00020004 00000e10 80010002 00020004 0003d090 80040002 80050001
Dec 19 14:30:59 proxy racoon: DEBUG: begin.
Dec 19 14:30:59 proxy racoon: DEBUG: seen nptype=2(prop)
Dec 19 14:30:59 proxy racoon: DEBUG: succeed.
Dec 19 14:30:59 proxy racoon: DEBUG: proposal #1 len=52
Dec 19 14:30:59 proxy racoon: DEBUG: begin.
Dec 19 14:30:59 proxy racoon: DEBUG: seen nptype=3(trns)
Dec 19 14:30:59 proxy racoon: DEBUG: succeed.
Dec 19 14:30:59 proxy racoon: DEBUG: transform #1 len=40
Dec 19 14:30:59 proxy racoon: DEBUG: type=SA Life Type, flag=0x8000, lorv=seconds
Dec 19 14:30:59 proxy racoon: DEBUG: type=SA Life Duration, flag=0x0000, lorv=4
Dec 19 14:30:59 proxy racoon: DEBUG: type=SA Life Type, flag=0x8000, lorv=kilobytes
Dec 19 14:30:59 proxy racoon: DEBUG: type=SA Life Duration, flag=0x0000, lorv=4
Dec 19 14:30:59 proxy racoon: DEBUG: type=Encryption Mode, flag=0x8000, lorv=Transport
Dec 19 14:30:59 proxy racoon: DEBUG: type=Authentication Algorithm, flag=0x8000, lorv=hmac-md5
Dec 19 14:30:59 proxy racoon: DEBUG: pair 1:
Dec 19 14:30:59 proxy racoon: DEBUG:  0x28517530: next=0x0 tnext=0x0
Dec 19 14:30:59 proxy racoon: DEBUG: proposal #1: 1 transform
Dec 19 14:30:59 proxy racoon: DEBUG: add payload of len 60, next type 10
Dec 19 14:30:59 proxy racoon: DEBUG: add payload of len 16, next type 5
Dec 19 14:30:59 proxy racoon: DEBUG: add payload of len 8, next type 5
Dec 19 14:30:59 proxy racoon: DEBUG: add payload of len 8, next type 0
Dec 19 14:30:59 proxy racoon: DEBUG: HASH with:
Dec 19 14:30:59 proxy racoon: DEBUG:  53f23770 a1551fc7 b6eeb9ec a833a448 22fd1d75 41addc5d 0a000040 00000001 00000001 00000034 01030401 0fd9be06 00000028 01030000 80010001 00020004 00000e10 80010002 00020004 0003d090 80040002 80050001 05000014 d9b505f8 167b1c4f 99b106cb e304e08c 0500000c 011106a5 0a000b8d 0000000c 011106a5 d5a08b84
Dec 19 14:30:59 proxy racoon: DEBUG: hmac(hmac_sha1)
Dec 19 14:30:59 proxy racoon: DEBUG: HASH computed:
Dec 19 14:30:59 proxy racoon: DEBUG:  ec697d98 07024098 58f77a77 e2f9ceca 822f4edc
Dec 19 14:30:59 proxy racoon: DEBUG: add payload of len 20, next type 1
Dec 19 14:30:59 proxy racoon: DEBUG: begin encryption.
Dec 19 14:30:59 proxy racoon: DEBUG: encryption(3des)
Dec 19 14:30:59 proxy racoon: DEBUG: pad length = 4
Dec 19 14:30:59 proxy racoon: DEBUG:  01000018 ec697d98 07024098 58f77a77 e2f9ceca 822f4edc 0a000040 00000001 00000001 00000034 01030401 0fd9be06 00000028 01030000 80010001 00020004 00000e10 80010002 00020004 0003d090 80040002 80050001 05000014 d9b505f8 167b1c4f 99b106cb e304e08c 0500000c 011106a5 0a000b8d 0000000c 011106a5 d5a08b84 00000004
Dec 19 14:30:59 proxy racoon: DEBUG: encryption(3des)
Dec 19 14:30:59 proxy racoon: DEBUG: with key:
Dec 19 14:30:59 proxy racoon: DEBUG:  7775b6a2 b20c8645 06bf8fb5 a0ba6b5b 874afc64 c657c2cc
Dec 19 14:30:59 proxy racoon: DEBUG: encrypted payload by IV:
Dec 19 14:30:59 proxy racoon: DEBUG:  df536ce6 a18103ad
Dec 19 14:30:59 proxy racoon: DEBUG: save IV for next:
Dec 19 14:30:59 proxy racoon: DEBUG:  a2f086e7 d987b25d
Dec 19 14:30:59 proxy racoon: DEBUG: encrypted.
Dec 19 14:30:59 proxy racoon: DEBUG: 164 bytes from XXX.XXX.XXX.XXX[500] to 10.0.11.141[500]
Dec 19 14:30:59 proxy racoon: DEBUG: sockname XXX.XXX.XXX.XXX[500]
Dec 19 14:30:59 proxy racoon: DEBUG: send packet from XXX.XXX.XXX.XXX[500]
Dec 19 14:30:59 proxy racoon: DEBUG: send packet to 10.0.11.141[500]
Dec 19 14:30:59 proxy racoon: DEBUG: 1 times of 164 bytes message will be sent to 10.0.11.141[500]
Dec 19 14:30:59 proxy racoon: DEBUG:  cc93feae d8819428 a4f7ee63 9e76fdf7 08102001 53f23770 000000a4 fd945288 a5281d51 a4743af5 ec0546f3 9751acd4 7509a0f9 5668bc70 96cdb8fe cb88f908 52a61879 20e2cb65 b9a0368a 2e93218c b94d1558 d66db49e 5ca860ee c78ad100 d8f35451 8ac3cf99 414a4b67 6afe71d0 27b09261 7bedd569 2908a2f3 a33eb095 aaa5d594 81aa3091 9a6e9e88 3b7ec021 565c94a2 72f63fa8 25645161 a2f086e7 d987b25d
Dec 19 14:30:59 proxy racoon: DEBUG: resend phase2 packet cc93feaed8819428:a4f7ee639e76fdf7:000053f2
Dec 19 14:30:59 proxy racoon: DEBUG: ===
Dec 19 14:30:59 proxy racoon: DEBUG: 52 bytes message received from 10.0.11.141[500] to XXX.XXX.XXX.XXX[500]
Dec 19 14:30:59 proxy racoon: DEBUG:  cc93feae d8819428 a4f7ee63 9e76fdf7 08102001 53f23770 00000034 38325ccc 4aaedf5a a9f26ae6 4dbc2950 63c29436 77a05047
Dec 19 14:30:59 proxy racoon: DEBUG: begin decryption.
Dec 19 14:30:59 proxy racoon: DEBUG: encryption(3des)
Dec 19 14:30:59 proxy racoon: DEBUG: IV was saved for next processing:
Dec 19 14:30:59 proxy racoon: DEBUG:  63c29436 77a05047
Dec 19 14:30:59 proxy racoon: DEBUG: encryption(3des)
Dec 19 14:30:59 proxy racoon: DEBUG: with key:
Dec 19 14:30:59 proxy racoon: DEBUG:  7775b6a2 b20c8645 06bf8fb5 a0ba6b5b 874afc64 c657c2cc
Dec 19 14:30:59 proxy racoon: DEBUG: decrypted payload by IV:
Dec 19 14:30:59 proxy racoon: DEBUG:  a2f086e7 d987b25d
Dec 19 14:30:59 proxy racoon: DEBUG: decrypted payload, but not trimed.
Dec 19 14:30:59 proxy racoon: DEBUG:  00000018 498b1c64 50c34bb6 ec8ae9c8 6f7c647e 696d0798
Dec 19 14:30:59 proxy racoon: DEBUG: padding len=152
Dec 19 14:30:59 proxy racoon: DEBUG: skip to trim padding.
Dec 19 14:30:59 proxy racoon: DEBUG: decrypted.
Dec 19 14:30:59 proxy racoon: DEBUG:  cc93feae d8819428 a4f7ee63 9e76fdf7 08102001 53f23770 00000034 00000018 498b1c64 50c34bb6 ec8ae9c8 6f7c647e 696d0798
Dec 19 14:30:59 proxy racoon: DEBUG: begin.
Dec 19 14:30:59 proxy racoon: DEBUG: seen nptype=8(hash)
Dec 19 14:30:59 proxy racoon: DEBUG: succeed.
Dec 19 14:30:59 proxy racoon: DEBUG: HASH(3) validate:
Dec 19 14:30:59 proxy racoon: DEBUG:  498b1c64 50c34bb6 ec8ae9c8 6f7c647e 696d0798
Dec 19 14:30:59 proxy racoon: DEBUG: HASH with: 
Dec 19 14:30:59 proxy racoon: DEBUG:  0053f237 70a1551f c7b6eeb9 eca833a4 4822fd1d 7541addc 5dd9b505 f8167b1c 4f99b106 cbe304e0 8c
Dec 19 14:30:59 proxy racoon: DEBUG: hmac(hmac_sha1)
Dec 19 14:30:59 proxy racoon: DEBUG: HASH computed:
Dec 19 14:30:59 proxy racoon: DEBUG:  498b1c64 50c34bb6 ec8ae9c8 6f7c647e 696d0798
Dec 19 14:30:59 proxy racoon: DEBUG: ===
Dec 19 14:30:59 proxy racoon: DEBUG: KEYMAT compute with
Dec 19 14:30:59 proxy racoon: DEBUG:  030fd9be 06a1551f c7b6eeb9 eca833a4 4822fd1d 7541addc 5dd9b505 f8167b1c 4f99b106 cbe304e0 8c
Dec 19 14:30:59 proxy racoon: DEBUG: hmac(hmac_sha1)
Dec 19 14:30:59 proxy racoon: DEBUG: encryption(3des)
Dec 19 14:30:59 proxy racoon: DEBUG: hmac(md5)
Dec 19 14:30:59 proxy racoon: DEBUG: encklen=192 authklen=128
Dec 19 14:30:59 proxy racoon: DEBUG: generating 640 bits of key (dupkeymat=4)
Dec 19 14:30:59 proxy racoon: DEBUG: generating K1...K4 for KEYMAT.
Dec 19 14:30:59 proxy racoon: DEBUG: hmac(hmac_sha1)
Dec 19 14:30:59 proxy last message repeated 2 times
Dec 19 14:30:59 proxy racoon: DEBUG:  84581db6 88498717 e63a9ac2 e53acbf5 8adb80b8 8c4828d9 85f4fde5 3da6f852 535da0b8 8b423477 7d8a5396 1927c7c8 22eceeaf 37928040 357f4c60 eadd5395 c42a5821 a124d1e3 3887d556 eac5c2eb
Dec 19 14:30:59 proxy racoon: DEBUG: KEYMAT compute with
Dec 19 14:30:59 proxy racoon: DEBUG:  03ab46a9 61a1551f c7b6eeb9 eca833a4 4822fd1d 7541addc 5dd9b505 f8167b1c 4f99b106 cbe304e0 8c
Dec 19 14:30:59 proxy racoon: DEBUG: hmac(hmac_sha1)
Dec 19 14:30:59 proxy racoon: DEBUG: encryption(3des)
Dec 19 14:30:59 proxy racoon: DEBUG: hmac(md5)
Dec 19 14:30:59 proxy racoon: DEBUG: encklen=192 authklen=128
Dec 19 14:30:59 proxy racoon: DEBUG: generating 640 bits of key (dupkeymat=4)
Dec 19 14:30:59 proxy racoon: DEBUG: generating K1...K4 for KEYMAT.
Dec 19 14:30:59 proxy racoon: DEBUG: hmac(hmac_sha1)
Dec 19 14:30:59 proxy last message repeated 2 times
Dec 19 14:30:59 proxy racoon: DEBUG:  dbc5bf27 5bc4d1ce 322e425c 6818d071 132abbb9 7b3a9fc3 86c5b1df 73aa3170 a4d653b2 7a252e62 d8fa3b0d ced3a2bc 53d72f8c 8edcea88 72a28d94 7bd703f8 b063a0a7 86891d09 4de08b6e 08493967
Dec 19 14:30:59 proxy racoon: DEBUG: KEYMAT computed.
Dec 19 14:30:59 proxy racoon: DEBUG: call pk_sendupdate
Dec 19 14:30:59 proxy racoon: DEBUG: encryption(3des)
Dec 19 14:30:59 proxy racoon: DEBUG: hmac(md5)
Dec 19 14:30:59 proxy racoon: DEBUG: call pfkey_send_update2
Dec 19 14:30:59 proxy racoon: DEBUG: pfkey update sent.
Dec 19 14:30:59 proxy racoon: DEBUG: encryption(3des)
Dec 19 14:30:59 proxy racoon: DEBUG: hmac(md5)
Dec 19 14:30:59 proxy racoon: DEBUG: call pfkey_send_add2 (NAT flavor)
Dec 19 14:30:59 proxy racoon: DEBUG: call pfkey_send_add2
Dec 19 14:30:59 proxy racoon: DEBUG: pfkey add sent.
Dec 19 14:30:59 proxy racoon: DEBUG: call pfkey_send_spdupdate2
Dec 19 14:30:59 proxy racoon: DEBUG: pfkey spdupdate2(inbound) sent.
Dec 19 14:30:59 proxy racoon: DEBUG: call pfkey_send_spdupdate2
Dec 19 14:30:59 proxy racoon: DEBUG: pfkey spdupdate2(outbound) sent.
Dec 19 14:30:59 proxy racoon: DEBUG: sub:0xbfbfe2bc: 10.0.11.141/32[1701] XXX.XXX.XXX.XXX/32[1701] proto=udp dir=in
Dec 19 14:30:59 proxy racoon: DEBUG: db :0x28547148: XXX.XXX.XXX.XXX/32[1701] 0.0.0.0/0[0] proto=udp dir=out
Dec 19 14:30:59 proxy racoon: DEBUG: sub:0xbfbfe2bc: 10.0.11.141/32[1701] XXX.XXX.XXX.XXX/32[1701] proto=udp dir=in
Dec 19 14:30:59 proxy racoon: DEBUG: db :0x285473c8: 0.0.0.0/0[0] XXX.XXX.XXX.XXX/32[1701] proto=udp dir=in
Dec 19 14:30:59 proxy racoon: DEBUG: sub:0xbfbfe2bc: XXX.XXX.XXX.XXX/32[1701] 10.0.11.141/32[1701] proto=udp dir=out
Dec 19 14:30:59 proxy racoon: DEBUG: db :0x28547148: XXX.XXX.XXX.XXX/32[1701] 0.0.0.0/0[0] proto=udp dir=out
Dec 19 14:30:59 proxy racoon: DEBUG: sub:0xbfbfe2bc: XXX.XXX.XXX.XXX/32[1701] 10.0.11.141/32[1701] proto=udp dir=out
Dec 19 14:30:59 proxy racoon: DEBUG: db :0x285473c8: 0.0.0.0/0[0] XXX.XXX.XXX.XXX/32[1701] proto=udp dir=in
Dec 19 14:30:59 proxy racoon: DEBUG: pk_recv: retry[0] recv() 
Dec 19 14:30:59 proxy racoon: DEBUG: got pfkey UPDATE message
Dec 19 14:30:59 proxy racoon: DEBUG: pfkey UPDATE succeeded: ESP/Transport XXX.XXX.XXX.XXX[500]->10.0.11.141[500] spi=265928198(0xfd9be06)
Dec 19 14:30:59 proxy racoon: INFO: IPsec-SA established: ESP/Transport XXX.XXX.XXX.XXX[500]->10.0.11.141[500] spi=265928198(0xfd9be06)
Dec 19 14:30:59 proxy racoon: DEBUG: ===
Dec 19 14:30:59 proxy racoon: DEBUG: pk_recv: retry[0] recv() 
Dec 19 14:30:59 proxy racoon: DEBUG: got pfkey ADD message
Dec 19 14:30:59 proxy racoon: INFO: IPsec-SA established: ESP/Transport XXX.XXX.XXX.XXX[500]->10.0.11.141[500] spi=2873534817(0xab46a961)
Dec 19 14:30:59 proxy racoon: DEBUG: ===
Dec 19 14:30:59 proxy racoon: DEBUG: pk_recv: retry[0] recv() 
Dec 19 14:30:59 proxy racoon: DEBUG: got pfkey X_SPDUPDATE message
Dec 19 14:30:59 proxy racoon: DEBUG: sub:0xbfbfe4f0: 10.0.11.141/32[1701] XXX.XXX.XXX.XXX/32[1701] proto=udp dir=in
Dec 19 14:30:59 proxy racoon: DEBUG: db :0x28547148: XXX.XXX.XXX.XXX/32[1701] 0.0.0.0/0[0] proto=udp dir=out
Dec 19 14:30:59 proxy racoon: DEBUG: sub:0xbfbfe4f0: 10.0.11.141/32[1701] XXX.XXX.XXX.XXX/32[1701] proto=udp dir=in
Dec 19 14:30:59 proxy racoon: DEBUG: db :0x285473c8: 0.0.0.0/0[0] XXX.XXX.XXX.XXX/32[1701] proto=udp dir=in
Dec 19 14:30:59 proxy racoon: DEBUG: this policy did not exist for removal: "10.0.11.141/32[1701] XXX.XXX.XXX.XXX/32[1701] proto=udp dir=in"
Dec 19 14:30:59 proxy racoon: DEBUG: pk_recv: retry[0] recv() 
Dec 19 14:30:59 proxy racoon: DEBUG: got pfkey X_SPDUPDATE message
Dec 19 14:30:59 proxy racoon: DEBUG: sub:0xbfbfe4f0: XXX.XXX.XXX.XXX/32[1701] 10.0.11.141/32[1701] proto=udp dir=out
Dec 19 14:30:59 proxy racoon: DEBUG: db :0x28547148: XXX.XXX.XXX.XXX/32[1701] 0.0.0.0/0[0] proto=udp dir=out
Dec 19 14:30:59 proxy racoon: DEBUG: sub:0xbfbfe4f0: XXX.XXX.XXX.XXX/32[1701] 10.0.11.141/32[1701] proto=udp dir=out
Dec 19 14:30:59 proxy racoon: DEBUG: db :0x285473c8: 0.0.0.0/0[0] XXX.XXX.XXX.XXX/32[1701] proto=udp dir=in
Dec 19 14:30:59 proxy racoon: DEBUG: sub:0xbfbfe4f0: XXX.XXX.XXX.XXX/32[1701] 10.0.11.141/32[1701] proto=udp dir=out
Dec 19 14:30:59 proxy racoon: DEBUG: db :0x28547648: 10.0.11.141/32[1701] XXX.XXX.XXX.XXX/32[1701] proto=udp dir=in
Dec 19 14:30:59 proxy racoon: DEBUG: this policy did not exist for removal: "XXX.XXX.XXX.XXX/32[1701] 10.0.11.141/32[1701] proto=udp dir=out"
Dec 19 14:31:07 proxy racoon: DEBUG: ===
Dec 19 14:31:07 proxy racoon: DEBUG: 68 bytes message received from 10.0.11.141[500] to XXX.XXX.XXX.XXX[500]
Dec 19 14:31:07 proxy racoon: DEBUG:  cc93feae d8819428 a4f7ee63 9e76fdf7 08100501 2894cdcc 00000044 fd8dd8be 3999f5d4 094fd29e 4f296fa9 a5092445 9de46840 7501bf85 a0b926ae 904fc82d a296be47
Dec 19 14:31:07 proxy racoon: DEBUG: receive Information.
Dec 19 14:31:07 proxy racoon: DEBUG: compute IV for phase2
Dec 19 14:31:07 proxy racoon: DEBUG: phase1 last IV:
Dec 19 14:31:07 proxy racoon: DEBUG:  1854c1be b88f8d60 2894cdcc
Dec 19 14:31:07 proxy racoon: DEBUG: hash(sha1)
Dec 19 14:31:07 proxy racoon: DEBUG: encryption(3des)
Dec 19 14:31:07 proxy racoon: DEBUG: phase2 IV computed:
Dec 19 14:31:07 proxy racoon: DEBUG:  8d3bc4e4 c19475a1
Dec 19 14:31:07 proxy racoon: DEBUG: begin decryption.
Dec 19 14:31:07 proxy racoon: DEBUG: encryption(3des)
Dec 19 14:31:07 proxy racoon: DEBUG: IV was saved for next processing:
Dec 19 14:31:07 proxy racoon: DEBUG:  904fc82d a296be47
Dec 19 14:31:07 proxy racoon: DEBUG: encryption(3des)
Dec 19 14:31:07 proxy racoon: DEBUG: with key:
Dec 19 14:31:07 proxy racoon: DEBUG:  7775b6a2 b20c8645 06bf8fb5 a0ba6b5b 874afc64 c657c2cc
Dec 19 14:31:07 proxy racoon: DEBUG: decrypted payload by IV:
Dec 19 14:31:07 proxy racoon: DEBUG:  8d3bc4e4 c19475a1
Dec 19 14:31:07 proxy racoon: DEBUG: decrypted payload, but not trimed.
Dec 19 14:31:07 proxy racoon: DEBUG:  0c000018 1e79db0c b4fe7299 27b1a620 0df640df 6da33ea4 00000010 00000001 03040001 ab46a961
Dec 19 14:31:07 proxy racoon: DEBUG: padding len=97
Dec 19 14:31:07 proxy racoon: DEBUG: skip to trim padding.
Dec 19 14:31:07 proxy racoon: DEBUG: decrypted.
Dec 19 14:31:07 proxy racoon: DEBUG:  cc93feae d8819428 a4f7ee63 9e76fdf7 08100501 2894cdcc 00000044 0c000018 1e79db0c b4fe7299 27b1a620 0df640df 6da33ea4 00000010 00000001 03040001 ab46a961
Dec 19 14:31:07 proxy racoon: DEBUG: IV freed
Dec 19 14:31:07 proxy racoon: DEBUG: HASH with:
Dec 19 14:31:07 proxy racoon: DEBUG:  2894cdcc 00000010 00000001 03040001 ab46a961
Dec 19 14:31:07 proxy racoon: DEBUG: hmac(hmac_sha1)
Dec 19 14:31:07 proxy racoon: DEBUG: HASH computed:
Dec 19 14:31:07 proxy racoon: DEBUG:  1e79db0c b4fe7299 27b1a620 0df640df 6da33ea4
Dec 19 14:31:07 proxy racoon: DEBUG: hash validated.
Dec 19 14:31:07 proxy racoon: DEBUG: begin.
Dec 19 14:31:07 proxy racoon: DEBUG: seen nptype=8(hash)
Dec 19 14:31:07 proxy racoon: DEBUG: seen nptype=12(delete)
Dec 19 14:31:07 proxy racoon: DEBUG: succeed.
Dec 19 14:31:07 proxy racoon: [10.0.11.141] DEBUG: delete payload for protocol ESP
Dec 19 14:31:07 proxy racoon: DEBUG: call pfkey_send_dump
Dec 19 14:31:07 proxy racoon: DEBUG: pk_recv: retry[0] recv() 
Dec 19 14:31:07 proxy racoon: DEBUG: pk_recv: retry[0] recv() 
Dec 19 14:31:07 proxy racoon: DEBUG: check spi(packet)=2873534817 spi(db)=2873534817.
Dec 19 14:31:07 proxy racoon: INFO: deleting a generated policy.
Dec 19 14:31:07 proxy racoon: DEBUG: get a src address from ID payload 10.0.11.141[1701] prefixlen=32 ul_proto=17
Dec 19 14:31:07 proxy racoon: DEBUG: get dst address from ID payload XXX.XXX.XXX.XXX[1701] prefixlen=32 ul_proto=17
Dec 19 14:31:07 proxy racoon: DEBUG: sub:0xbfbfe1fc: 10.0.11.141/32[1701] XXX.XXX.XXX.XXX/32[1701] proto=udp dir=in
Dec 19 14:31:07 proxy racoon: DEBUG: db :0x28547148: XXX.XXX.XXX.XXX/32[1701] 0.0.0.0/0[0] proto=udp dir=out
Dec 19 14:31:07 proxy racoon: DEBUG: sub:0xbfbfe1fc: 10.0.11.141/32[1701] XXX.XXX.XXX.XXX/32[1701] proto=udp dir=in
Dec 19 14:31:07 proxy racoon: DEBUG: db :0x285473c8: 0.0.0.0/0[0] XXX.XXX.XXX.XXX/32[1701] proto=udp dir=in
Dec 19 14:31:07 proxy racoon: DEBUG: sub:0xbfbfe1fc: 10.0.11.141/32[1701] XXX.XXX.XXX.XXX/32[1701] proto=udp dir=in
Dec 19 14:31:07 proxy racoon: DEBUG: db :0x28547648: 10.0.11.141/32[1701] XXX.XXX.XXX.XXX/32[1701] proto=udp dir=in
Dec 19 14:31:07 proxy racoon: DEBUG: call pfkey_send_spddelete
Dec 19 14:31:07 proxy racoon: DEBUG: pfkey spddelete(inbound) sent.
Dec 19 14:31:07 proxy racoon: DEBUG: call pfkey_send_spddelete
Dec 19 14:31:07 proxy racoon: DEBUG: pfkey spddelete(outbound) sent.
Dec 19 14:31:07 proxy racoon: DEBUG: IV freed
Dec 19 14:31:07 proxy racoon: INFO: purged IPsec-SA proto_id=ESP spi=2873534817.
Dec 19 14:31:07 proxy racoon: DEBUG: purged SAs.
Dec 19 14:31:07 proxy racoon: DEBUG: pk_recv: retry[0] recv() 
Dec 19 14:31:07 proxy racoon: DEBUG: got pfkey DELETE message
Dec 19 14:31:07 proxy racoon: DEBUG: DELETE message is not interesting because the message was originated by me.
Dec 19 14:31:07 proxy racoon: DEBUG: pk_recv: retry[0] recv() 
Dec 19 14:31:07 proxy racoon: DEBUG: got pfkey X_SPDDELETE message
Dec 19 14:31:07 proxy racoon: DEBUG: sub:0xbfbfe500: 10.0.11.141/32[1701] XXX.XXX.XXX.XXX/32[1701] proto=udp dir=in
Dec 19 14:31:07 proxy racoon: DEBUG: db :0x28547148: XXX.XXX.XXX.XXX/32[1701] 0.0.0.0/0[0] proto=udp dir=out
Dec 19 14:31:07 proxy racoon: DEBUG: sub:0xbfbfe500: 10.0.11.141/32[1701] XXX.XXX.XXX.XXX/32[1701] proto=udp dir=in
Dec 19 14:31:07 proxy racoon: DEBUG: db :0x285473c8: 0.0.0.0/0[0] XXX.XXX.XXX.XXX/32[1701] proto=udp dir=in
Dec 19 14:31:07 proxy racoon: DEBUG: sub:0xbfbfe500: 10.0.11.141/32[1701] XXX.XXX.XXX.XXX/32[1701] proto=udp dir=in
Dec 19 14:31:07 proxy racoon: DEBUG: db :0x28547648: 10.0.11.141/32[1701] XXX.XXX.XXX.XXX/32[1701] proto=udp dir=in
Dec 19 14:31:07 proxy racoon: DEBUG: pk_recv: retry[0] recv() 
Dec 19 14:31:07 proxy racoon: DEBUG: got pfkey X_SPDDELETE message
Dec 19 14:31:07 proxy racoon: DEBUG: sub:0xbfbfe500: XXX.XXX.XXX.XXX/32[1701] 10.0.11.141/32[1701] proto=udp dir=out
Dec 19 14:31:07 proxy racoon: DEBUG: db :0x28547148: XXX.XXX.XXX.XXX/32[1701] 0.0.0.0/0[0] proto=udp dir=out
Dec 19 14:31:07 proxy racoon: DEBUG: sub:0xbfbfe500: XXX.XXX.XXX.XXX/32[1701] 10.0.11.141/32[1701] proto=udp dir=out
Dec 19 14:31:07 proxy racoon: DEBUG: db :0x285473c8: 0.0.0.0/0[0] XXX.XXX.XXX.XXX/32[1701] proto=udp dir=in
Dec 19 14:31:07 proxy racoon: DEBUG: sub:0xbfbfe500: XXX.XXX.XXX.XXX/32[1701] 10.0.11.141/32[1701] proto=udp dir=out
Dec 19 14:31:07 proxy racoon: DEBUG: db :0x285478c8: XXX.XXX.XXX.XXX/32[1701] 10.0.11.141/32[1701] proto=udp dir=out
Dec 19 14:31:07 proxy racoon: DEBUG: ===
Dec 19 14:31:07 proxy racoon: DEBUG: 84 bytes message received from 10.0.11.141[500] to XXX.XXX.XXX.XXX[500]
Dec 19 14:31:07 proxy racoon: DEBUG:  cc93feae d8819428 a4f7ee63 9e76fdf7 08100501 60baebb6 00000054 208d3259 96edbb61 89cc57e3 bf7d6d8f b5f1e207 0020403e 64e40ade bace3a8c acf0d6f0 6dd9eb5e 7d19faae 8aa1eef0 b7ff6dec cc7f9522
Dec 19 14:31:07 proxy racoon: DEBUG: receive Information.
Dec 19 14:31:07 proxy racoon: DEBUG: compute IV for phase2
Dec 19 14:31:07 proxy racoon: DEBUG: phase1 last IV:
Dec 19 14:31:07 proxy racoon: DEBUG:  1854c1be b88f8d60 60baebb6
Dec 19 14:31:07 proxy racoon: DEBUG: hash(sha1)
Dec 19 14:31:07 proxy racoon: DEBUG: encryption(3des)
Dec 19 14:31:07 proxy racoon: DEBUG: phase2 IV computed:
Dec 19 14:31:07 proxy racoon: DEBUG:  df49ae29 92a6c7f4
Dec 19 14:31:07 proxy racoon: DEBUG: begin decryption.
Dec 19 14:31:07 proxy racoon: DEBUG: encryption(3des)
Dec 19 14:31:07 proxy racoon: DEBUG: IV was saved for next processing:
Dec 19 14:31:07 proxy racoon: DEBUG:  b7ff6dec cc7f9522
Dec 19 14:31:07 proxy racoon: DEBUG: encryption(3des)
Dec 19 14:31:07 proxy racoon: DEBUG: with key:
Dec 19 14:31:07 proxy racoon: DEBUG:  7775b6a2 b20c8645 06bf8fb5 a0ba6b5b 874afc64 c657c2cc
Dec 19 14:31:07 proxy racoon: DEBUG: decrypted payload by IV:
Dec 19 14:31:07 proxy racoon: DEBUG:  df49ae29 92a6c7f4
Dec 19 14:31:07 proxy racoon: DEBUG: decrypted payload, but not trimed.
Dec 19 14:31:07 proxy racoon: DEBUG:  0c000018 e03858ee f83e2004 fcc75d3f 455b6a6f 83d31a28 0000001c 00000001 01100001 cc93feae d8819428 a4f7ee63 9e76fdf7 00000000
Dec 19 14:31:07 proxy racoon: DEBUG: padding len=0
Dec 19 14:31:07 proxy racoon: DEBUG: skip to trim padding.
Dec 19 14:31:07 proxy racoon: DEBUG: decrypted.
Dec 19 14:31:07 proxy racoon: DEBUG:  cc93feae d8819428 a4f7ee63 9e76fdf7 08100501 60baebb6 00000054 0c000018 e03858ee f83e2004 fcc75d3f 455b6a6f 83d31a28 0000001c 00000001 01100001 cc93feae d8819428 a4f7ee63 9e76fdf7 00000000
Dec 19 14:31:07 proxy racoon: DEBUG: IV freed
Dec 19 14:31:07 proxy racoon: DEBUG: HASH with:
Dec 19 14:31:07 proxy racoon: DEBUG:  60baebb6 0000001c 00000001 01100001 cc93feae d8819428 a4f7ee63 9e76fdf7
Dec 19 14:31:07 proxy racoon: DEBUG: hmac(hmac_sha1)
Dec 19 14:31:07 proxy racoon: DEBUG: HASH computed:
Dec 19 14:31:07 proxy racoon: DEBUG:  e03858ee f83e2004 fcc75d3f 455b6a6f 83d31a28
Dec 19 14:31:07 proxy racoon: DEBUG: hash validated.
Dec 19 14:31:07 proxy racoon: DEBUG: begin.
Dec 19 14:31:07 proxy racoon: DEBUG: seen nptype=8(hash)
Dec 19 14:31:07 proxy racoon: DEBUG: seen nptype=12(delete)
Dec 19 14:31:07 proxy racoon: DEBUG: succeed.
Dec 19 14:31:07 proxy racoon: [10.0.11.141] DEBUG: delete payload for protocol ISAKMP
Dec 19 14:31:07 proxy racoon: INFO: ISAKMP-SA expired XXX.XXX.XXX.XXX[500]-10.0.11.141[500] spi:cc93feaed8819428:a4f7ee639e76fdf7
Dec 19 14:31:07 proxy racoon: INFO: ISAKMP-SA deleted XXX.XXX.XXX.XXX[500]-10.0.11.141[500] spi:cc93feaed8819428:a4f7ee639e76fdf7
Dec 19 14:31:07 proxy racoon: DEBUG: IV freed
Dec 19 14:31:07 proxy racoon: DEBUG: purged SAs. 
Вот лог успешного соединения того же самого виртуального "Тазика". Без перезагрузок и прочего, просто изменил тип подключения на Bridged.

nnmax
рядовой
Сообщения: 42
Зарегистрирован: 2010-03-28 21:48:28

Re: IPSec теория и практика

Непрочитанное сообщение nnmax » 2011-12-19 17:12:04

Вы вообще что то невообразимое строите. Получается сервер запихиваете за нат и что это вообще?

masterevil
рядовой
Сообщения: 10
Зарегистрирован: 2011-05-17 15:05:00

Re: IPSec теория и практика

Непрочитанное сообщение masterevil » 2011-12-19 18:15:25

nnmax писал(а):Вы вообще что то невообразимое строите. Получается сервер запихиваете за нат и что это вообще?
Какой сервер за нат? За натом стоит клиент! Сервер обычная железка с фрей! Так как не могу тестировать клиентский компьютер напрямую, сделал виртуальную машину в тех же условиях. Что еще не понятно? У сервера белый IP в инете, с ним все вполне впорядке. На нем много чего полезного работает как часы уже более полутора лет! Но появилась необходимость получать удаленный доступ посредством VPN. Вот приходится сидеть докручивать очередной сервис.

nnmax
рядовой
Сообщения: 42
Зарегистрирован: 2010-03-28 21:48:28

Re: IPSec теория и практика

Непрочитанное сообщение nnmax » 2011-12-19 20:21:16

что за софт у вас в качестве клиента? Вам необходим туннель именно в транспортном режиме?

masterevil
рядовой
Сообщения: 10
Зарегистрирован: 2011-05-17 15:05:00

Re: IPSec теория и практика

Непрочитанное сообщение masterevil » 2011-12-20 2:15:35

nnmax писал(а):что за софт у вас в качестве клиента? Вам необходим туннель именно в транспортном режиме?
Софт клиентский - Microsoft Windows XP в режиме l2tp. На фре связка mpd+ipsec. В туннельном режиме через нат, насколько я понял из информации в инете, невозможно сделать ipsec, ибо весь пает шифруется, и тогда нат просто не разберется что и кому слать. Остается единственный выход - транспорт, ибо шифруется тело пакета, но заголовки от кого и кому остаются прозрачными, тоесть нат сможет их успешно разрулить. Хм... вроде тут я в качестве неопытного и прошу помощи, но как выходит из диалога то уже я начинаю обьяснять что и к чему вообще в ipsec и как работает :)

nnmax
рядовой
Сообщения: 42
Зарегистрирован: 2010-03-28 21:48:28

Re: IPSec теория и практика

Непрочитанное сообщение nnmax » 2011-12-20 2:30:39

Вы можете использовать обычный ipsec , и нат этому не помеха, ток конечно нативные средства тут не применимы со стороны клиента, но ракун очень даже хорошо работает с cisco_vpn_client'ом , да и с Shrew тоже работает.

masterevil
рядовой
Сообщения: 10
Зарегистрирован: 2011-05-17 15:05:00

Re: IPSec теория и практика

Непрочитанное сообщение masterevil » 2011-12-20 12:41:55

nnmax писал(а):Вы можете использовать обычный ipsec , и нат этому не помеха, ток конечно нативные средства тут не применимы со стороны клиента, но ракун очень даже хорошо работает с cisco_vpn_client'ом , да и с Shrew тоже работает.
Попробую зайти с другой стороны.
В режиме тунеля шифруется пакет целиком, включая заголовки. Т.е. создается виртуальный тунель. В конечном итоге невозможно понять, откуда и куда идет инкапсулированный пакет. Но тут возникает проблема, если клиент находится за натом. Т.к. нат меняет заголовки пакета, то все перестает работать. Решение - NAT-T.
Это из самой статьи на сайте, по которой и строился мой сервер. нат_т как раз и есть транспорт.
http://ru.wikipedia.org/wiki/NAT_traversal
Протокол NAT Traversal (NAT-T) инкапсулирует трафик IPSec и одновременно создает пакеты UDP, которые NAT корректно пересылает. Для этого NAT-T помещает дополнительный заголовок UDP перед пакетом IPSec, чтобы он во всей сети обрабатывался как обычный пакет UDP и хост получателя не проводил никаких проверок целостности. После поступления пакета по месту назначения заголовок UDP удаляется, и пакет данных продолжает свой дальнейший путь как инкапсулированный пакет IPSec. Итак, с помощью техники NAT-T возможно установление связи между клиентами IPSec в защищённых сетях и общедоступными хостами IPSec через межсетевые экраны.
Все почти работает, просто сервер и клиент не могут договориться между собой при наличии ната, коннект идет и они общаются, но где то в районе второй фазы происходит затык. Сервер шлет пакет клиенту, а клиент его толи не получает, толи игнорирует. Процесс киннекта висит, и потом вылазит на клиенте сообщение про обрыв коннекта с сервером.
В фаерволе открыл все что только возможно, пакеты бегают свободно. Но вот где собака зарыта так и не пойму. :st:

nnmax
рядовой
Сообщения: 42
Зарегистрирован: 2010-03-28 21:48:28

Re: IPSec теория и практика

Непрочитанное сообщение nnmax » 2011-12-20 13:11:53

У вас же в логе черным побелому нарисована ошибка

masterevil
рядовой
Сообщения: 10
Зарегистрирован: 2011-05-17 15:05:00

Re: IPSec теория и практика

Непрочитанное сообщение masterevil » 2011-12-20 13:40:47

Вот лог от реального компа с Win 7 на борту. Даже серый IP видно.
Dec 20 12:00:00 proxy newsyslog[40866]: logfile turned over due to size>100K
Dec 20 12:14:48 proxy racoon: DEBUG: ===
Dec 20 12:14:48 proxy racoon: DEBUG: 384 bytes message received from YYY.YYY.YYY.YYY[500] to XXX.XXX.XXX.XXX[500]
Dec 20 12:14:48 proxy racoon: DEBUG: fa6975cc b8108e36 00000000 00000000 01100200 00000000 00000180 0d0000d4 00000001 00000001 000000c8 01010005 03000028 01010000 80010007 800e0100 80020002 80040014 80030001 800b0001 000c0004 00007080 03000028 02010000 80010007 800e0080 80020002 80040013 80030001 800b0001 000c0004 00007080 03000028 03010000 80010007 800e0100 80020002 8004000e 80030001 800b0001 000c0004 00007080 03000024 04010000 80010005 80020002 8004000e 80030001 800b0001 000c0004 00007080 00000024 05010000 80010005 80020002 80040002 80030001 800b0001 000c0004 00007080 0d000018 1e2b5169 05991c7d 7c96fcbf b587e461 00000008 0d000014 4a131c81 07035845 5c5728f2 0e95452f 0d000014 90cb8091 3ebb696e 086381b5 ec427b1f 0d000014 4048b7d5 6ebce885 25e7de7f 00d6c2d3 0d000014 fb1de3cd f341b7ea 16b7e5be 0855f120 0d000014 26244d38 eddb61b3 172a36e3 d0cfb819 00000014 e3a5966a 76379fe7 07228231 e5ce8652
Dec 20 12:14:48 proxy racoon: DEBUG: ===
Dec 20 12:14:48 proxy racoon: INFO: respond new phase 1 negotiation: XXX.XXX.XXX.XXX[500]<=>YYY.YYY.YYY.YYY[500]
Dec 20 12:14:48 proxy racoon: INFO: begin Identity Protection mode.
Dec 20 12:14:48 proxy racoon: DEBUG: begin.
Dec 20 12:14:48 proxy racoon: DEBUG: seen nptype=1(sa)
Dec 20 12:14:48 proxy racoon: DEBUG: seen nptype=13(vid)
Dec 20 12:14:48 proxy last message repeated 6 times
Dec 20 12:14:48 proxy racoon: DEBUG: succeed.
Dec 20 12:14:48 proxy racoon: INFO: received broken Microsoft ID: MS NT5 ISAKMPOAKLEY
Dec 20 12:14:48 proxy racoon: INFO: received Vendor ID: RFC 3947
Dec 20 12:14:48 proxy racoon: INFO: received Vendor ID: draft-ietf-ipsec-nat-t-ike-02
Dec 20 12:14:48 proxy racoon: INFO: received Vendor ID: FRAGMENTATION
Dec 20 12:14:48 proxy racoon: DEBUG: received unknown Vendor ID
Dec 20 12:14:48 proxy racoon: DEBUG: fb1de3cd f341b7ea 16b7e5be 0855f120
Dec 20 12:14:48 proxy racoon: DEBUG: received unknown Vendor ID
Dec 20 12:14:48 proxy racoon: DEBUG: 26244d38 eddb61b3 172a36e3 d0cfb819
Dec 20 12:14:48 proxy racoon: DEBUG: received unknown Vendor ID
Dec 20 12:14:48 proxy racoon: DEBUG: e3a5966a 76379fe7 07228231 e5ce8652
Dec 20 12:14:48 proxy racoon: [YYY.YYY.YYY.YYY] INFO: Selected NAT-T version: RFC 3947
Dec 20 12:14:48 proxy racoon: DEBUG: total SA len=208
Dec 20 12:14:48 proxy racoon: DEBUG: 00000001 00000001 000000c8 01010005 03000028 01010000 80010007 800e0100 80020002 80040014 80030001 800b0001 000c0004 00007080 03000028 02010000 80010007 800e0080 80020002 80040013 80030001 800b0001 000c0004 00007080 03000028 03010000 80010007 800e0100 80020002 8004000e 80030001 800b0001 000c0004 00007080 03000024 04010000 80010005 80020002 8004000e 80030001 800b0001 000c0004 00007080 00000024 05010000 80010005 80020002 80040002 80030001 800b0001 000c0004 00007080
Dec 20 12:14:48 proxy racoon: DEBUG: begin.
Dec 20 12:14:48 proxy racoon: DEBUG: seen nptype=2(prop)
Dec 20 12:14:48 proxy racoon: DEBUG: succeed.
Dec 20 12:14:48 proxy racoon: DEBUG: proposal #1 len=200
Dec 20 12:14:48 proxy racoon: DEBUG: begin.
Dec 20 12:14:48 proxy racoon: DEBUG: seen nptype=3(trns)
Dec 20 12:14:48 proxy last message repeated 4 times
Dec 20 12:14:48 proxy racoon: DEBUG: succeed.
Dec 20 12:14:48 proxy racoon: DEBUG: transform #1 len=40
Dec 20 12:14:48 proxy racoon: DEBUG: type=Encryption Algorithm, flag=0x8000, lorv=AES-CBC
Dec 20 12:14:48 proxy racoon: DEBUG: encryption(aes)
Dec 20 12:14:48 proxy racoon: DEBUG: type=Key Length, flag=0x8000, lorv=256
Dec 20 12:14:48 proxy racoon: DEBUG: type=Hash Algorithm, flag=0x8000, lorv=SHA
Dec 20 12:14:48 proxy racoon: DEBUG: hash(sha1)
Dec 20 12:14:48 proxy racoon: DEBUG: type=Group Description, flag=0x8000, lorv=20
Dec 20 12:14:48 proxy racoon: ERROR: invalid DH group 20.
Dec 20 12:14:48 proxy racoon: DEBUG: transform #2 len=40
Dec 20 12:14:48 proxy racoon: DEBUG: type=Encryption Algorithm, flag=0x8000, lorv=AES-CBC
Dec 20 12:14:48 proxy racoon: DEBUG: encryption(aes)
Dec 20 12:14:48 proxy racoon: DEBUG: type=Key Length, flag=0x8000, lorv=128
Dec 20 12:14:48 proxy racoon: DEBUG: type=Hash Algorithm, flag=0x8000, lorv=SHA
Dec 20 12:14:48 proxy racoon: DEBUG: hash(sha1)
Dec 20 12:14:48 proxy racoon: DEBUG: type=Group Description, flag=0x8000, lorv=19
Dec 20 12:14:48 proxy racoon: ERROR: invalid DH group 19.
Dec 20 12:14:48 proxy racoon: DEBUG: transform #3 len=40
Dec 20 12:14:48 proxy racoon: DEBUG: type=Encryption Algorithm, flag=0x8000, lorv=AES-CBC
Dec 20 12:14:48 proxy racoon: DEBUG: encryption(aes)
Dec 20 12:14:48 proxy racoon: DEBUG: type=Key Length, flag=0x8000, lorv=256
Dec 20 12:14:48 proxy racoon: DEBUG: type=Hash Algorithm, flag=0x8000, lorv=SHA
Dec 20 12:14:48 proxy racoon: DEBUG: hash(sha1)
Dec 20 12:14:48 proxy racoon: DEBUG: type=Group Description, flag=0x8000, lorv=2048-bit MODP group
Dec 20 12:14:48 proxy racoon: DEBUG: hmac(modp2048)
Dec 20 12:14:48 proxy racoon: DEBUG: type=Authentication Method, flag=0x8000, lorv=pre-shared key
Dec 20 12:14:48 proxy racoon: DEBUG: type=Life Type, flag=0x8000, lorv=seconds
Dec 20 12:14:48 proxy racoon: DEBUG: type=Life Duration, flag=0x0000, lorv=4
Dec 20 12:14:48 proxy racoon: DEBUG: transform #4 len=36
Dec 20 12:14:48 proxy racoon: DEBUG: type=Encryption Algorithm, flag=0x8000, lorv=3DES-CBC
Dec 20 12:14:48 proxy racoon: DEBUG: encryption(3des)
Dec 20 12:14:48 proxy racoon: DEBUG: type=Hash Algorithm, flag=0x8000, lorv=SHA
Dec 20 12:14:48 proxy racoon: DEBUG: hash(sha1)
Dec 20 12:14:48 proxy racoon: DEBUG: type=Group Description, flag=0x8000, lorv=2048-bit MODP group
Dec 20 12:14:48 proxy racoon: DEBUG: hmac(modp2048)
Dec 20 12:14:48 proxy racoon: DEBUG: type=Authentication Method, flag=0x8000, lorv=pre-shared key
Dec 20 12:14:48 proxy racoon: DEBUG: type=Life Type, flag=0x8000, lorv=seconds
Dec 20 12:14:48 proxy racoon: DEBUG: type=Life Duration, flag=0x0000, lorv=4
Dec 20 12:14:48 proxy racoon: DEBUG: transform #5 len=36
Dec 20 12:14:48 proxy racoon: DEBUG: type=Encryption Algorithm, flag=0x8000, lorv=3DES-CBC
Dec 20 12:14:48 proxy racoon: DEBUG: encryption(3des)
Dec 20 12:14:48 proxy racoon: DEBUG: type=Hash Algorithm, flag=0x8000, lorv=SHA
Dec 20 12:14:48 proxy racoon: DEBUG: hash(sha1)
Dec 20 12:14:48 proxy racoon: DEBUG: type=Group Description, flag=0x8000, lorv=1024-bit MODP group
Dec 20 12:14:48 proxy racoon: DEBUG: hmac(modp1024)
Dec 20 12:14:48 proxy racoon: DEBUG: type=Authentication Method, flag=0x8000, lorv=pre-shared key
Dec 20 12:14:48 proxy racoon: DEBUG: type=Life Type, flag=0x8000, lorv=seconds
Dec 20 12:14:48 proxy racoon: DEBUG: type=Life Duration, flag=0x0000, lorv=4
Dec 20 12:14:48 proxy racoon: DEBUG: pair 1:
Dec 20 12:14:48 proxy racoon: DEBUG: 0x285173c0: next=0x0 tnext=0x285173e0
Dec 20 12:14:48 proxy racoon: DEBUG: 0x285173e0: next=0x0 tnext=0x285173f0
Dec 20 12:14:48 proxy racoon: DEBUG: 0x285173f0: next=0x0 tnext=0x0
Dec 20 12:14:48 proxy racoon: DEBUG: proposal #1: 3 transform
Dec 20 12:14:48 proxy racoon: DEBUG: type=Encryption Algorithm, flag=0x8000, lorv=AES-CBC
Dec 20 12:14:48 proxy racoon: DEBUG: type=Key Length, flag=0x8000, lorv=256
Dec 20 12:14:48 proxy racoon: DEBUG: type=Hash Algorithm, flag=0x8000, lorv=SHA
Dec 20 12:14:48 proxy racoon: DEBUG: type=Group Description, flag=0x8000, lorv=2048-bit MODP group
Dec 20 12:14:48 proxy racoon: DEBUG: type=Authentication Method, flag=0x8000, lorv=pre-shared key
Dec 20 12:14:48 proxy racoon: DEBUG: type=Life Type, flag=0x8000, lorv=seconds
Dec 20 12:14:48 proxy racoon: DEBUG: type=Life Duration, flag=0x0000, lorv=4
Dec 20 12:14:48 proxy racoon: DEBUG: prop#=1, prot-id=ISAKMP, spi-size=0, #trns=5
Dec 20 12:14:48 proxy racoon: DEBUG: trns#=3, trns-id=IKE
Dec 20 12:14:48 proxy racoon: DEBUG: lifetime = 28800
Dec 20 12:14:48 proxy racoon: DEBUG: lifebyte = 0
Dec 20 12:14:48 proxy racoon: DEBUG: enctype = AES-CBC
Dec 20 12:14:48 proxy racoon: DEBUG: encklen = 256
Dec 20 12:14:48 proxy racoon: DEBUG: hashtype = SHA
Dec 20 12:14:48 proxy racoon: DEBUG: authmethod = pre-shared key
Dec 20 12:14:48 proxy racoon: DEBUG: dh_group = 2048-bit MODP group
Dec 20 12:14:48 proxy racoon: DEBUG: type=Encryption Algorithm, flag=0x8000, lorv=3DES-CBC
Dec 20 12:14:48 proxy racoon: DEBUG: type=Hash Algorithm, flag=0x8000, lorv=SHA
Dec 20 12:14:48 proxy racoon: DEBUG: type=Group Description, flag=0x8000, lorv=2048-bit MODP group
Dec 20 12:14:48 proxy racoon: DEBUG: type=Authentication Method, flag=0x8000, lorv=pre-shared key
Dec 20 12:14:48 proxy racoon: DEBUG: type=Life Type, flag=0x8000, lorv=seconds
Dec 20 12:14:48 proxy racoon: DEBUG: type=Life Duration, flag=0x0000, lorv=4
Dec 20 12:14:48 proxy racoon: DEBUG: prop#=1, prot-id=ISAKMP, spi-size=0, #trns=5
Dec 20 12:14:48 proxy racoon: DEBUG: trns#=4, trns-id=IKE
Dec 20 12:14:48 proxy racoon: DEBUG: lifetime = 28800
Dec 20 12:14:48 proxy racoon: DEBUG: lifebyte = 0
Dec 20 12:14:48 proxy racoon: DEBUG: enctype = 3DES-CBC
Dec 20 12:14:48 proxy racoon: DEBUG: encklen = 0
Dec 20 12:14:48 proxy racoon: DEBUG: hashtype = SHA
Dec 20 12:14:48 proxy racoon: DEBUG: authmethod = pre-shared key
Dec 20 12:14:48 proxy racoon: DEBUG: dh_group = 2048-bit MODP group
Dec 20 12:14:48 proxy racoon: DEBUG: type=Encryption Algorithm, flag=0x8000, lorv=3DES-CBC
Dec 20 12:14:48 proxy racoon: DEBUG: type=Hash Algorithm, flag=0x8000, lorv=SHA
Dec 20 12:14:48 proxy racoon: DEBUG: type=Group Description, flag=0x8000, lorv=1024-bit MODP group
Dec 20 12:14:48 proxy racoon: DEBUG: type=Authentication Method, flag=0x8000, lorv=pre-shared key
Dec 20 12:14:48 proxy racoon: DEBUG: type=Life Type, flag=0x8000, lorv=seconds
Dec 20 12:14:48 proxy racoon: DEBUG: type=Life Duration, flag=0x0000, lorv=4
Dec 20 12:14:48 proxy racoon: DEBUG: prop#=1, prot-id=ISAKMP, spi-size=0, #trns=5
Dec 20 12:14:48 proxy racoon: DEBUG: trns#=5, trns-id=IKE
Dec 20 12:14:48 proxy racoon: DEBUG: lifetime = 28800
Dec 20 12:14:48 proxy racoon: DEBUG: lifebyte = 0
Dec 20 12:14:48 proxy racoon: DEBUG: enctype = 3DES-CBC
Dec 20 12:14:48 proxy racoon: DEBUG: encklen = 0
Dec 20 12:14:48 proxy racoon: DEBUG: hashtype = SHA
Dec 20 12:14:48 proxy racoon: DEBUG: authmethod = pre-shared key
Dec 20 12:14:48 proxy racoon: DEBUG: dh_group = 1024-bit MODP group
Dec 20 12:14:48 proxy racoon: DEBUG: an acceptable proposal found.
Dec 20 12:14:48 proxy racoon: DEBUG: hmac(modp1024)
Dec 20 12:14:48 proxy racoon: DEBUG: agreed on pre-shared key auth.
Dec 20 12:14:48 proxy racoon: DEBUG: ===
Dec 20 12:14:48 proxy racoon: DEBUG: new cookie: 2ec90ca982855fc3
Dec 20 12:14:48 proxy racoon: DEBUG: add payload of len 52, next type 13
Dec 20 12:14:48 proxy racoon: DEBUG: add payload of len 16, next type 0
Dec 20 12:14:48 proxy racoon: DEBUG: 104 bytes from XXX.XXX.XXX.XXX[500] to YYY.YYY.YYY.YYY[500]
Dec 20 12:14:48 proxy racoon: DEBUG: sockname XXX.XXX.XXX.XXX[500]
Dec 20 12:14:48 proxy racoon: DEBUG: send packet from XXX.XXX.XXX.XXX[500]
Dec 20 12:14:48 proxy racoon: DEBUG: send packet to YYY.YYY.YYY.YYY[500]
Dec 20 12:14:48 proxy racoon: DEBUG: 1 times of 104 bytes message will be sent to YYY.YYY.YYY.YYY[500]
Dec 20 12:14:48 proxy racoon: DEBUG: fa6975cc b8108e36 2ec90ca9 82855fc3 01100200 00000000 00000068 0d000038 00000001 00000001 0000002c 01010001 00000024 05010000 80010005 80020002 80040002 80030001 800b0001 000c0004 00007080 00000014 4a131c81 07035845 5c5728f2 0e95452f
Dec 20 12:14:48 proxy racoon: DEBUG: resend phase1 packet fa6975ccb8108e36:2ec90ca982855fc3
Dec 20 12:14:48 proxy racoon: DEBUG: ===
Dec 20 12:14:48 proxy racoon: DEBUG: 260 bytes message received from YYY.YYY.YYY.YYY[500] to XXX.XXX.XXX.XXX[500]
Dec 20 12:14:48 proxy racoon: DEBUG: fa6975cc b8108e36 2ec90ca9 82855fc3 04100200 00000000 00000104 0a000084 3ab1d855 f2503a82 81dbf344 09e4d2a5 e822c409 255751fe 8ab897f6 33f10cee 6a8330cb b8985565 d26b089d e4e8bf9d 70aecb3a 269fc1a4 3274d7b5 36774634 7a65af2c 2b6a4bbb 349c09cc bdd2ccf6 86fe8045 7459d1e5 8355bf53 0f348068 25d6fc80 69047118 43ad7652 560b9d85 879ad1fa 43119ab6 c03059b8 5a18453b 14000034 c3d3aa4a d26d4fac 59c2fa5e b772f462 b3664cad 158ce780 44c10d67 b17a43ce fc6fdb37 f709cb54 a26c5a95 c7fb93f4 14000018 31e76a4d 8f4d405c ddf022d2 93060dcd bda04492 00000018 df1b99ca b8e0aa1d 7089609b 7ed3c4fa 2deab5ed
Dec 20 12:14:48 proxy racoon: DEBUG: begin.
Dec 20 12:14:48 proxy racoon: DEBUG: seen nptype=4(ke)
Dec 20 12:14:48 proxy racoon: DEBUG: seen nptype=10(nonce)
Dec 20 12:14:48 proxy racoon: DEBUG: seen nptype=20(nat-d)
Dec 20 12:14:48 proxy racoon: DEBUG: seen nptype=20(nat-d)
Dec 20 12:14:48 proxy racoon: DEBUG: succeed.
Dec 20 12:14:48 proxy racoon: [XXX.XXX.XXX.XXX] INFO: Hashing XXX.XXX.XXX.XXX[500] with algo #2
Dec 20 12:14:48 proxy racoon: DEBUG: hash(sha1)
Dec 20 12:14:48 proxy racoon: INFO: NAT-D payload #0 verified
Dec 20 12:14:48 proxy racoon: [YYY.YYY.YYY.YYY] INFO: Hashing YYY.YYY.YYY.YYY[500] with algo #2
Dec 20 12:14:48 proxy racoon: DEBUG: hash(sha1)
Dec 20 12:14:48 proxy racoon: INFO: NAT-D payload #1 doesn't match
Dec 20 12:14:48 proxy racoon: INFO: NAT detected: PEER
Dec 20 12:14:48 proxy racoon: DEBUG: ===
Dec 20 12:14:48 proxy racoon: DEBUG: compute DH's private.
Dec 20 12:14:48 proxy racoon: DEBUG: 6297508b fdb9e576 e5678291 250ed41b c2d471db 647e901f 38d0f482 60ba1bb9 78f7d376 b88135e2 7dbda9a2 99c13e40 11652ac1 83e86a5e c1c52fb3 2c644f43 5acf7b1b a07e5f0f 9a1656c1 e4d3c66d 3c6aa512 0e017bea 1876e870 5d992e13 ad012e89 af1ffe12 48c7e820 13fe9468 0fdfea85 06648c0f 6710b8d0 b1b25c60
Dec 20 12:14:48 proxy racoon: DEBUG: compute DH's public.
Dec 20 12:14:48 proxy racoon: DEBUG: c777b6a8 9d8c5104 c10f86fc d61d0062 4e6651f5 687837d1 ccc7fc5d b9344964 cb5600f2 d73ac121 791d29c0 2b9112fa b8750563 a4220482 23aa2685 50395d4a b8e4e9cd 3a5e8aad 1616d3dd 377b7ece 8dac4f54 102c0381 6ab8c223 c7f96f1e a14cd536 11297bb6 1ba5cfc8 297f89e0 11b386fb ad738eb6 7985aa73 3ae0fd68
Dec 20 12:14:48 proxy racoon: [YYY.YYY.YYY.YYY] INFO: Hashing YYY.YYY.YYY.YYY[500] with algo #2
Dec 20 12:14:48 proxy racoon: DEBUG: hash(sha1)
Dec 20 12:14:48 proxy racoon: [XXX.XXX.XXX.XXX] INFO: Hashing XXX.XXX.XXX.XXX[500] with algo #2
Dec 20 12:14:48 proxy racoon: DEBUG: hash(sha1)
Dec 20 12:14:48 proxy racoon: INFO: Adding remote and local NAT-D payloads.
Dec 20 12:14:48 proxy racoon: DEBUG: add payload of len 128, next type 10
Dec 20 12:14:48 proxy racoon: DEBUG: add payload of len 16, next type 20
Dec 20 12:14:48 proxy racoon: DEBUG: add payload of len 20, next type 20
Dec 20 12:14:48 proxy racoon: DEBUG: add payload of len 20, next type 0
Dec 20 12:14:48 proxy racoon: DEBUG: 228 bytes from XXX.XXX.XXX.XXX[500] to YYY.YYY.YYY.YYY[500]
Dec 20 12:14:48 proxy racoon: DEBUG: sockname XXX.XXX.XXX.XXX[500]
Dec 20 12:14:48 proxy racoon: DEBUG: send packet from XXX.XXX.XXX.XXX[500]
Dec 20 12:14:48 proxy racoon: DEBUG: send packet to YYY.YYY.YYY.YYY[500]
Dec 20 12:14:48 proxy racoon: DEBUG: 1 times of 228 bytes message will be sent to YYY.YYY.YYY.YYY[500]
Dec 20 12:14:48 proxy racoon: DEBUG: fa6975cc b8108e36 2ec90ca9 82855fc3 04100200 00000000 000000e4 0a000084 c777b6a8 9d8c5104 c10f86fc d61d0062 4e6651f5 687837d1 ccc7fc5d b9344964 cb5600f2 d73ac121 791d29c0 2b9112fa b8750563 a4220482 23aa2685 50395d4a b8e4e9cd 3a5e8aad 1616d3dd 377b7ece 8dac4f54 102c0381 6ab8c223 c7f96f1e a14cd536 11297bb6 1ba5cfc8 297f89e0 11b386fb ad738eb6 7985aa73 3ae0fd68 14000014 ea3864e8 2ad7fc02 751dbcce aa43b06c 14000018 6ca18f6a a7ac32af febfdeb6 11281b95 f7226589 00000018 31e76a4d 8f4d405c ddf022d2 93060dcd bda04492
Dec 20 12:14:48 proxy racoon: DEBUG: resend phase1 packet fa6975ccb8108e36:2ec90ca982855fc3
Dec 20 12:14:48 proxy racoon: DEBUG: compute DH's shared.
Dec 20 12:14:48 proxy racoon: DEBUG: 940177dd feddcb1b 6ecb06ad 6dc7e819 54a00ef3 8b76e6fa 6e81cd45 c0b3cebc 282bf5c1 afc95466 5e7c566d 83cf20a4 b163f8f9 1dc0a282 f0bb7712 774eacb2 0c99eb8e 3b114e6f 551bc670 fdaff3ac 1209f8d5 08080351 2380e5c9 7697f83b b7a79ceb 44b1c299 a1021790 959adae9 59262d07 d8f78854 4e512acf a6266525
Dec 20 12:14:48 proxy racoon: DEBUG: the psk found.
Dec 20 12:14:48 proxy racoon: DEBUG: nonce 1:
Dec 20 12:14:48 proxy racoon: DEBUG: c3d3aa4a d26d4fac 59c2fa5e b772f462 b3664cad 158ce780 44c10d67 b17a43ce fc6fdb37 f709cb54 a26c5a95 c7fb93f4
Dec 20 12:14:48 proxy racoon: DEBUG: nonce 2:
Dec 20 12:14:48 proxy racoon: DEBUG: ea3864e8 2ad7fc02 751dbcce aa43b06c
Dec 20 12:14:48 proxy racoon: DEBUG: hmac(hmac_sha1)
Dec 20 12:14:48 proxy racoon: DEBUG: SKEYID computed:
Dec 20 12:14:48 proxy racoon: DEBUG: 01d35946 5aa7de9b a9576c90 64fb7261 becaeece
Dec 20 12:14:48 proxy racoon: DEBUG: hmac(hmac_sha1)
Dec 20 12:14:48 proxy racoon: DEBUG: SKEYID_d computed:
Dec 20 12:14:48 proxy racoon: DEBUG: 40c6d700 cb96ec57 aa653334 b6135d97 8798844b
Dec 20 12:14:48 proxy racoon: DEBUG: hmac(hmac_sha1)
Dec 20 12:14:48 proxy racoon: DEBUG: SKEYID_a computed:
Dec 20 12:14:48 proxy racoon: DEBUG: 928bbd2e 736ca2bc b8ea0d16 50588d32 8def4ace
Dec 20 12:14:48 proxy racoon: DEBUG: hmac(hmac_sha1)
Dec 20 12:14:48 proxy racoon: DEBUG: SKEYID_e computed:
Dec 20 12:14:48 proxy racoon: DEBUG: 7fd96bcd 973cfdd7 8f3c3ddf 613675ba 2126de14
Dec 20 12:14:48 proxy racoon: DEBUG: encryption(3des)
Dec 20 12:14:48 proxy racoon: DEBUG: hash(sha1)
Dec 20 12:14:48 proxy racoon: DEBUG: len(SKEYID_e) < len(Ka) (20 < 24), generating long key (Ka = K1 | K2 | ...)
Dec 20 12:14:48 proxy racoon: DEBUG: hmac(hmac_sha1)
Dec 20 12:14:48 proxy racoon: DEBUG: compute intermediate encryption key K1
Dec 20 12:14:48 proxy racoon: DEBUG: 00
Dec 20 12:14:48 proxy racoon: DEBUG: 6d1961b4 215951d7 01c1eddc 21cf45fa 59094492
Dec 20 12:14:48 proxy racoon: DEBUG: hmac(hmac_sha1)
Dec 20 12:14:48 proxy racoon: DEBUG: compute intermediate encryption key K2
Dec 20 12:14:48 proxy racoon: DEBUG: 6d1961b4 215951d7 01c1eddc 21cf45fa 59094492
Dec 20 12:14:48 proxy racoon: DEBUG: 66febc63 51833c8b 84bf3f9f 7bca70d8 b40ae8c8
Dec 20 12:14:48 proxy racoon: DEBUG: final encryption key computed:
Dec 20 12:14:48 proxy racoon: DEBUG: 6d1961b4 215951d7 01c1eddc 21cf45fa 59094492 66febc63
Dec 20 12:14:48 proxy racoon: DEBUG: hash(sha1)
Dec 20 12:14:48 proxy racoon: DEBUG: encryption(3des)
Dec 20 12:14:48 proxy racoon: DEBUG: IV computed:
Dec 20 12:14:48 proxy racoon: DEBUG: db9163cf 3a2abd9b
Dec 20 12:14:48 proxy racoon: DEBUG: ===
Dec 20 12:14:48 proxy racoon: DEBUG: 68 bytes message received from YYY.YYY.YYY.YYY[4500] to XXX.XXX.XXX.XXX[4500]
Dec 20 12:14:48 proxy racoon: DEBUG: fa6975cc b8108e36 2ec90ca9 82855fc3 05100201 00000000 00000044 3f06f2d4 f6215d4d 9f8843b4 5cf68e84 7b1970a3 191516d1 e37aa4f8 305ad659 b7987eb2 b0f34296
Dec 20 12:14:48 proxy racoon: INFO: NAT-T: ports changed to: YYY.YYY.YYY.YYY[4500]<->XXX.XXX.XXX.XXX[4500]
Dec 20 12:14:48 proxy racoon: INFO: KA list add: XXX.XXX.XXX.XXX[4500]->YYY.YYY.YYY.YYY[4500]
Dec 20 12:14:48 proxy racoon: DEBUG: begin decryption.
Dec 20 12:14:48 proxy racoon: DEBUG: encryption(3des)
Dec 20 12:14:48 proxy racoon: DEBUG: IV was saved for next processing:
Dec 20 12:14:48 proxy racoon: DEBUG: b7987eb2 b0f34296
Dec 20 12:14:48 proxy racoon: DEBUG: encryption(3des)
Dec 20 12:14:48 proxy racoon: DEBUG: with key:
Dec 20 12:14:48 proxy racoon: DEBUG: 6d1961b4 215951d7 01c1eddc 21cf45fa 59094492 66febc63
Dec 20 12:14:48 proxy racoon: DEBUG: decrypted payload by IV:
Dec 20 12:14:48 proxy racoon: DEBUG: db9163cf 3a2abd9b
Dec 20 12:14:48 proxy racoon: DEBUG: decrypted payload, but not trimed.
Dec 20 12:14:48 proxy racoon: DEBUG: 0800000c 01000000 c0a80182 00000018 2ff81724 121bce31 9dffa041 aa4408c8 e98d2e0a 00000000
Dec 20 12:14:48 proxy racoon: DEBUG: padding len=0
Dec 20 12:14:48 proxy racoon: DEBUG: skip to trim padding.
Dec 20 12:14:48 proxy racoon: DEBUG: decrypted.
Dec 20 12:14:48 proxy racoon: DEBUG: fa6975cc b8108e36 2ec90ca9 82855fc3 05100201 00000000 00000044 0800000c 01000000 c0a80182 00000018 2ff81724 121bce31 9dffa041 aa4408c8 e98d2e0a 00000000
Dec 20 12:14:48 proxy racoon: DEBUG: begin.
Dec 20 12:14:48 proxy racoon: DEBUG: seen nptype=5(id)
Dec 20 12:14:48 proxy racoon: DEBUG: seen nptype=8(hash)
Dec 20 12:14:48 proxy racoon: DEBUG: succeed.
Dec 20 12:14:48 proxy racoon: [YYY.YYY.YYY.YYY] DEBUG: getrmconf_by_ph1: remote YYY.YYY.YYY.YYY[4500], identity 192.168.1.130.
Dec 20 12:14:48 proxy racoon: [YYY.YYY.YYY.YYY] DEBUG: configuration "anonymous" selected.
Dec 20 12:14:48 proxy racoon: [YYY.YYY.YYY.YYY] DEBUG: getrmconf_by_ph1: remote YYY.YYY.YYY.YYY[4500], identity 192.168.1.130.
Dec 20 12:14:48 proxy racoon: [YYY.YYY.YYY.YYY] DEBUG: configuration "anonymous" selected.
Dec 20 12:14:48 proxy racoon: DEBUG: HASH received:
Dec 20 12:14:48 proxy racoon: DEBUG: 2ff81724 121bce31 9dffa041 aa4408c8 e98d2e0a
Dec 20 12:14:48 proxy racoon: DEBUG: HASH with:
Dec 20 12:14:48 proxy racoon: DEBUG: 3ab1d855 f2503a82 81dbf344 09e4d2a5 e822c409 255751fe 8ab897f6 33f10cee 6a8330cb b8985565 d26b089d e4e8bf9d 70aecb3a 269fc1a4 3274d7b5 36774634 7a65af2c 2b6a4bbb 349c09cc bdd2ccf6 86fe8045 7459d1e5 8355bf53 0f348068 25d6fc80 69047118 43ad7652 560b9d85 879ad1fa 43119ab6 c03059b8 5a18453b c777b6a8 9d8c5104 c10f86fc d61d0062 4e6651f5 687837d1 ccc7fc5d b9344964 cb5600f2 d73ac121 791d29c0 2b9112fa b8750563 a4220482 23aa2685 50395d4a b8e4e9cd 3a5e8aad 1616d3dd 377b7ece 8dac4f54 102c0381 6ab8c223 c7f96f1e a14cd536 11297bb6 1ba5cfc8 297f89e0 11b386fb ad738eb6 7985aa73 3ae0fd68 fa6975cc b8108e36 2ec90ca9 82855fc3 00000001 00000001 000000c8 01010005 03000028 01010000 80010007 800e0100 80020002 80040014 80030001 800b0001 000c0004 00007080 03000028 02010000 80010007 800e0080 80020002 80040013 80030001 800b0001 000c0004 00007080 03000028 03010000 80010007 800e0100 80020002 8004000e 80030001 800b0001 000c0004 00007080 03000024 04010000 80010005 80020002 8004000e 80030001 800b0001 000c000
Dec 20 12:14:48 proxy racoon: DEBUG: hmac(hmac_sha1)
Dec 20 12:14:48 proxy racoon: DEBUG: HASH (resp) computed:
Dec 20 12:14:48 proxy racoon: DEBUG: 2ff81724 121bce31 9dffa041 aa4408c8 e98d2e0a
Dec 20 12:14:48 proxy racoon: DEBUG: HASH for PSK validated.
Dec 20 12:14:48 proxy racoon: [YYY.YYY.YYY.YYY] DEBUG: peer's ID
Dec 20 12:14:48 proxy racoon: DEBUG: 01000000 c0a80182
Dec 20 12:14:48 proxy racoon: DEBUG: ===
Dec 20 12:14:48 proxy racoon: DEBUG: use ID type of IPv4_address
Dec 20 12:14:48 proxy racoon: DEBUG: generate HASH_R
Dec 20 12:14:48 proxy racoon: DEBUG: HASH with:
Dec 20 12:14:48 proxy racoon: DEBUG: c777b6a8 9d8c5104 c10f86fc d61d0062 4e6651f5 687837d1 ccc7fc5d b9344964 cb5600f2 d73ac121 791d29c0 2b9112fa b8750563 a4220482 23aa2685 50395d4a b8e4e9cd 3a5e8aad 1616d3dd 377b7ece 8dac4f54 102c0381 6ab8c223 c7f96f1e a14cd536 11297bb6 1ba5cfc8 297f89e0 11b386fb ad738eb6 7985aa73 3ae0fd68 3ab1d855 f2503a82 81dbf344 09e4d2a5 e822c409 255751fe 8ab897f6 33f10cee 6a8330cb b8985565 d26b089d e4e8bf9d 70aecb3a 269fc1a4 3274d7b5 36774634 7a65af2c 2b6a4bbb 349c09cc bdd2ccf6 86fe8045 7459d1e5 8355bf53 0f348068 25d6fc80 69047118 43ad7652 560b9d85 879ad1fa 43119ab6 c03059b8 5a18453b 2ec90ca9 82855fc3 fa6975cc b8108e36 00000001 00000001 000000c8 01010005 03000028 01010000 80010007 800e0100 80020002 80040014 80030001 800b0001 000c0004 00007080 03000028 02010000 80010007 800e0080 80020002 80040013 80030001 800b0001 000c0004 00007080 03000028 03010000 80010007 800e0100 80020002 8004000e 80030001 800b0001 000c0004 00007080 03000024 04010000 80010005 80020002 8004000e 80030001 800b0001 000c000
Dec 20 12:14:48 proxy racoon: DEBUG: hmac(hmac_sha1)
Dec 20 12:14:48 proxy racoon: DEBUG: HASH (resp) computed:
Dec 20 12:14:48 proxy racoon: DEBUG: 5a4d377e 6858eddd 4b7d6599 0f00be70 61b6f1b7
Dec 20 12:14:48 proxy racoon: DEBUG: add payload of len 8, next type 8
Dec 20 12:14:48 proxy racoon: DEBUG: add payload of len 20, next type 0
Dec 20 12:14:48 proxy racoon: DEBUG: begin encryption.
Dec 20 12:14:48 proxy racoon: DEBUG: encryption(3des)
Dec 20 12:14:48 proxy racoon: DEBUG: pad length = 4
Dec 20 12:14:48 proxy racoon: DEBUG: 0800000c 011101f4 d5a08b84 00000018 5a4d377e 6858eddd 4b7d6599 0f00be70 61b6f1b7 00000004
Dec 20 12:14:48 proxy racoon: DEBUG: encryption(3des)
Dec 20 12:14:48 proxy racoon: DEBUG: with key:
Dec 20 12:14:48 proxy racoon: DEBUG: 6d1961b4 215951d7 01c1eddc 21cf45fa 59094492 66febc63
Dec 20 12:14:48 proxy racoon: DEBUG: encrypted payload by IV:
Dec 20 12:14:48 proxy racoon: DEBUG: b7987eb2 b0f34296
Dec 20 12:14:48 proxy racoon: DEBUG: save IV for next:
Dec 20 12:14:48 proxy racoon: DEBUG: 9e88afc8 f154547f
Dec 20 12:14:48 proxy racoon: DEBUG: encrypted.
Dec 20 12:14:48 proxy racoon: DEBUG: Adding NON-ESP marker
Dec 20 12:14:48 proxy racoon: DEBUG: 72 bytes from XXX.XXX.XXX.XXX[4500] to YYY.YYY.YYY.YYY[4500]
Dec 20 12:14:48 proxy racoon: DEBUG: sockname XXX.XXX.XXX.XXX[4500]
Dec 20 12:14:48 proxy racoon: DEBUG: send packet from XXX.XXX.XXX.XXX[4500]
Dec 20 12:14:48 proxy racoon: DEBUG: send packet to YYY.YYY.YYY.YYY[4500]
Dec 20 12:14:48 proxy racoon: DEBUG: 1 times of 72 bytes message will be sent to YYY.YYY.YYY.YYY[4500]
Dec 20 12:14:48 proxy racoon: DEBUG: 00000000 fa6975cc b8108e36 2ec90ca9 82855fc3 05100201 00000000 00000044 4dc301b7 976470fc f6ac575a 0d14001a d0ea2bcb e5a8e70e 7583573a fb46df45 9e88afc8 f154547f
Dec 20 12:14:48 proxy racoon: INFO: ISAKMP-SA established XXX.XXX.XXX.XXX[4500]-YYY.YYY.YYY.YYY[4500] spi:fa6975ccb8108e36:2ec90ca982855fc3
Dec 20 12:14:48 proxy racoon: DEBUG: ===
Dec 20 12:14:48 proxy racoon: DEBUG: ===
Dec 20 12:14:48 proxy racoon: DEBUG: 220 bytes message received from YYY.YYY.YYY.YYY[4500] to XXX.XXX.XXX.XXX[4500]
Dec 20 12:14:48 proxy racoon: DEBUG: fa6975cc b8108e36 2ec90ca9 82855fc3 08102001 00000001 000000dc f845f1d9 6a295096 0aa7c111 178fd0e8 c7bb991a 73a31f4c dca1e0e7 537170e9 5e8ea52c ab10c942 4469f83d c7a03df0 50925b26 927ff53a b86011b8 ac0f3f35 8907163e f26bb738 6769158b 55359b6c 740026bb afa93173 58b4c3d5 4701e50b 12b07a18 c8840b4c cb486257 93ed30f3 b5a3eb57 b6a47414 c6c28f49 bd8d7441 4be4f1af 7923e9d9 a923a4a9 df2cf431 bcdc0c75 e45dccbb d9aecc0c 31ec2df0 996a3e25 1ec0fa25 a3d7e48c 3b7f94e4 96df481d 209eb356 350e8b12 c14b0199
Dec 20 12:14:48 proxy racoon: DEBUG: compute IV for phase2
Dec 20 12:14:48 proxy racoon: DEBUG: phase1 last IV:
Dec 20 12:14:48 proxy racoon: DEBUG: 9e88afc8 f154547f 00000001
Dec 20 12:14:48 proxy racoon: DEBUG: hash(sha1)
Dec 20 12:14:48 proxy racoon: DEBUG: encryption(3des)
Dec 20 12:14:48 proxy racoon: DEBUG: phase2 IV computed:
Dec 20 12:14:48 proxy racoon: DEBUG: cb9f45f5 0af2a3a4
Dec 20 12:14:48 proxy racoon: DEBUG: ===
Dec 20 12:14:48 proxy racoon: INFO: respond new phase 2 negotiation: XXX.XXX.XXX.XXX[4500]<=>YYY.YYY.YYY.YYY[4500]
Dec 20 12:14:48 proxy racoon: DEBUG: begin decryption.
Dec 20 12:14:48 proxy racoon: DEBUG: encryption(3des)
Dec 20 12:14:48 proxy racoon: DEBUG: IV was saved for next processing:
Dec 20 12:14:48 proxy racoon: DEBUG: 350e8b12 c14b0199
Dec 20 12:14:48 proxy racoon: DEBUG: encryption(3des)
Dec 20 12:14:48 proxy racoon: DEBUG: with key:
Dec 20 12:14:48 proxy racoon: DEBUG: 6d1961b4 215951d7 01c1eddc 21cf45fa 59094492 66febc63
Dec 20 12:14:48 proxy racoon: DEBUG: decrypted payload by IV:
Dec 20 12:14:48 proxy racoon: DEBUG: cb9f45f5 0af2a3a4
Dec 20 12:14:48 proxy racoon: DEBUG: decrypted payload, but not trimed.
Dec 20 12:14:48 proxy racoon: DEBUG: 01000018 e01f51db 8ee2ea30 624ac805 6b2fa347 dfedaf7b 0a000040 00000001 00000001 00000034 01030401 f591bc4d 00000028 010b0000 80040004 80050002 80010001 00020004 00000e10 80010002 00020004 0003d090 05000034 f8734eb1 cf2dfbb5 ec7e1ec7 c039ba83 a8e2e395 29436515 2101946c badb4cd1 ef32483a 96b9f8ec 503e3950 84c11db5 0500000c 011106a5 c0a80182 1500000c 011106a5 d5a08b84 1500000c 01000000 c0a80182 0000000c 01000000 d5a08b84 00000000
Dec 20 12:14:48 proxy racoon: DEBUG: padding len=0
Dec 20 12:14:48 proxy racoon: DEBUG: skip to trim padding.
Dec 20 12:14:48 proxy racoon: DEBUG: decrypted.
Dec 20 12:14:48 proxy racoon: DEBUG: fa6975cc b8108e36 2ec90ca9 82855fc3 08102001 00000001 000000dc 01000018 e01f51db 8ee2ea30 624ac805 6b2fa347 dfedaf7b 0a000040 00000001 00000001 00000034 01030401 f591bc4d 00000028 010b0000 80040004 80050002 80010001 00020004 00000e10 80010002 00020004 0003d090 05000034 f8734eb1 cf2dfbb5 ec7e1ec7 c039ba83 a8e2e395 29436515 2101946c badb4cd1 ef32483a 96b9f8ec 503e3950 84c11db5 0500000c 011106a5 c0a80182 1500000c 011106a5 d5a08b84 1500000c 01000000 c0a80182 0000000c 01000000 d5a08b84 00000000
Dec 20 12:14:48 proxy racoon: DEBUG: begin.
Dec 20 12:14:48 proxy racoon: DEBUG: seen nptype=8(hash)
Dec 20 12:14:48 proxy racoon: DEBUG: seen nptype=1(sa)
Dec 20 12:14:48 proxy racoon: DEBUG: seen nptype=10(nonce)
Dec 20 12:14:48 proxy racoon: DEBUG: seen nptype=5(id)
Dec 20 12:14:48 proxy racoon: DEBUG: seen nptype=5(id)
Dec 20 12:14:48 proxy racoon: DEBUG: seen nptype=21(nat-oa)
Dec 20 12:14:48 proxy racoon: DEBUG: seen nptype=21(nat-oa)
Dec 20 12:14:48 proxy racoon: DEBUG: succeed.
Dec 20 12:14:48 proxy racoon: DEBUG: received IDci2:
Dec 20 12:14:48 proxy racoon: DEBUG: 011106a5 c0a80182
Dec 20 12:14:48 proxy racoon: DEBUG: received IDcr2:
Dec 20 12:14:48 proxy racoon: DEBUG: 011106a5 d5a08b84
Dec 20 12:14:48 proxy racoon: DEBUG: HASH(1) validate:
Dec 20 12:14:48 proxy racoon: DEBUG: e01f51db 8ee2ea30 624ac805 6b2fa347 dfedaf7b
Dec 20 12:14:48 proxy racoon: DEBUG: HASH with:
Dec 20 12:14:48 proxy racoon: DEBUG: 00000001 0a000040 00000001 00000001 00000034 01030401 f591bc4d 00000028 010b0000 80040004 80050002 80010001 00020004 00000e10 80010002 00020004 0003d090 05000034 f8734eb1 cf2dfbb5 ec7e1ec7 c039ba83 a8e2e395 29436515 2101946c badb4cd1 ef32483a 96b9f8ec 503e3950 84c11db5 0500000c 011106a5 c0a80182 1500000c 011106a5 d5a08b84 1500000c 01000000 c0a80182 0000000c 01000000 d5a08b84
Dec 20 12:14:48 proxy racoon: DEBUG: hmac(hmac_sha1)
Dec 20 12:14:48 proxy racoon: DEBUG: HASH computed:
Dec 20 12:14:48 proxy racoon: DEBUG: e01f51db 8ee2ea30 624ac805 6b2fa347 dfedaf7b
Dec 20 12:14:48 proxy racoon: DEBUG: getsainfo params: loc='XXX.XXX.XXX.XXX' rmt='192.168.1.130' peer='192.168.1.130' client='YYY.YYY.YYY.YYY' id=0
Dec 20 12:14:48 proxy racoon: DEBUG: evaluating sainfo: loc='ANONYMOUS', rmt='ANONYMOUS', peer='ANY', id=0
Dec 20 12:14:48 proxy racoon: DEBUG: check and compare ids : values matched (ANONYMOUS)
Dec 20 12:14:48 proxy racoon: DEBUG: check and compare ids : values matched (ANONYMOUS)
Dec 20 12:14:48 proxy racoon: DEBUG: selected sainfo: loc='ANONYMOUS', rmt='ANONYMOUS', peer='ANY', id=0
Dec 20 12:14:48 proxy racoon: DEBUG: Either family (2 - 2), types (1 - 1) of ID from initiator differ or matching sainfo has no id_i defined for the peer. Not filling iph2->sa_src and iph2->sa_dst.
Dec 20 12:14:48 proxy racoon: DEBUG: get src address from ID payload 192.168.1.130[1701] prefixlen=32 ul_proto=17
Dec 20 12:14:48 proxy racoon: DEBUG: get dst address from ID payload XXX.XXX.XXX.XXX[1701] prefixlen=32 ul_proto=17
Dec 20 12:14:48 proxy racoon: DEBUG: sub:0xbfbfe2a4: 192.168.1.130/32[1701] XXX.XXX.XXX.XXX/32[1701] proto=udp dir=in
Dec 20 12:14:48 proxy racoon: DEBUG: db :0x28547148: 0.0.0.0/0[0] XXX.XXX.XXX.XXX/32[1701] proto=udp dir=in
Dec 20 12:14:48 proxy racoon: DEBUG: sub:0xbfbfe2a4: 192.168.1.130/32[1701] XXX.XXX.XXX.XXX/32[1701] proto=udp dir=in
Dec 20 12:14:48 proxy racoon: DEBUG: db: 0x28547148: 0.0.0.0/0[0] XXX.XXX.XXX.XXX/32[1701] proto=udp dir=in
Dec 20 12:14:48 proxy racoon: DEBUG: 0xbfbfe2a4 masked with /0: 0.0.0.0[1701]
Dec 20 12:14:48 proxy racoon: DEBUG: 0x28547148 masked with /0: 0.0.0.0[0]
Dec 20 12:14:48 proxy racoon: DEBUG: 0xbfbfe2a4 masked with /32: XXX.XXX.XXX.XXX[1701]
Dec 20 12:14:48 proxy racoon: DEBUG: 0x28547148 masked with /32: XXX.XXX.XXX.XXX[1701]
Dec 20 12:14:48 proxy racoon: DEBUG: sub:0xbfbfe2a4: 192.168.1.130/32[1701] XXX.XXX.XXX.XXX/32[1701] proto=udp dir=in
Dec 20 12:14:48 proxy racoon: DEBUG: db :0x285473c8: XXX.XXX.XXX.XXX/32[1701] 0.0.0.0/0[0] proto=udp dir=out
Dec 20 12:14:48 proxy racoon: INFO: Update the generated policy : 192.168.1.130/32[1701] XXX.XXX.XXX.XXX/32[1701] proto=udp dir=in
Dec 20 12:14:48 proxy racoon: DEBUG: sub:0xbfbfe2a4: XXX.XXX.XXX.XXX/32[1701] 192.168.1.130/32[1701] proto=udp dir=out
Dec 20 12:14:48 proxy racoon: DEBUG: db :0x28547148: 0.0.0.0/0[0] XXX.XXX.XXX.XXX/32[1701] proto=udp dir=in
Dec 20 12:14:48 proxy racoon: DEBUG: sub:0xbfbfe2a4: XXX.XXX.XXX.XXX/32[1701] 192.168.1.130/32[1701] proto=udp dir=out
Dec 20 12:14:48 proxy racoon: DEBUG: db: 0x28547148: 0.0.0.0/0[0] XXX.XXX.XXX.XXX/32[1701] proto=udp dir=in
Dec 20 12:14:48 proxy racoon: DEBUG: sub:0xbfbfe2a4: XXX.XXX.XXX.XXX/32[1701] 192.168.1.130/32[1701] proto=udp dir=out
Dec 20 12:14:48 proxy racoon: DEBUG: db :0x285473c8: XXX.XXX.XXX.XXX/32[1701] 0.0.0.0/0[0] proto=udp dir=out
Dec 20 12:14:48 proxy racoon: DEBUG: sub:0xbfbfe2a4: XXX.XXX.XXX.XXX/32[1701] 192.168.1.130/32[1701] proto=udp dir=out
Dec 20 12:14:48 proxy racoon: DEBUG: db: 0x285473c8: XXX.XXX.XXX.XXX/32[1701] 0.0.0.0/0[0] proto=udp dir=out
Dec 20 12:14:48 proxy racoon: DEBUG: 0xbfbfe2a4 masked with /32: XXX.XXX.XXX.XXX[1701]
Dec 20 12:14:48 proxy racoon: DEBUG: 0x285473c8 masked with /32: XXX.XXX.XXX.XXX[1701]
Dec 20 12:14:48 proxy racoon: DEBUG: 0xbfbfe2a4 masked with /0: 0.0.0.0[1701]
Dec 20 12:14:48 proxy racoon: DEBUG: 0x285473c8 masked with /0: 0.0.0.0[0]
Dec 20 12:14:48 proxy racoon: DEBUG: suitable SP found:XXX.XXX.XXX.XXX/32[1701] 192.168.1.130/32[1701] proto=udp dir=out
Dec 20 12:14:48 proxy racoon: DEBUG: (proto_id=ESP spisize=4 spi=00000000 spi_p=00000000 encmode=UDP-Transport reqid=0:0)
Dec 20 12:14:48 proxy racoon: DEBUG: (trns_id=3DES encklen=0 authtype=hmac-md5)
Dec 20 12:14:48 proxy racoon: DEBUG: (trns_id=3DES encklen=0 authtype=hmac-sha)
Dec 20 12:14:48 proxy racoon: DEBUG: total SA len=60
Dec 20 12:14:48 proxy racoon: DEBUG: 00000001 00000001 00000034 01030401 f591bc4d 00000028 010b0000 80040004 80050002 80010001 00020004 00000e10 80010002 00020004 0003d090
Dec 20 12:14:48 proxy racoon: DEBUG: begin.
Dec 20 12:14:48 proxy racoon: DEBUG: seen nptype=2(prop)
Dec 20 12:14:48 proxy racoon: DEBUG: succeed.
Dec 20 12:14:48 proxy racoon: DEBUG: proposal #1 len=52
Dec 20 12:14:48 proxy racoon: DEBUG: begin.
Dec 20 12:14:48 proxy racoon: DEBUG: seen nptype=3(trns)
Dec 20 12:14:48 proxy racoon: DEBUG: succeed.
Dec 20 12:14:48 proxy racoon: DEBUG: transform #1 len=40
Dec 20 12:14:48 proxy racoon: DEBUG: type=Encryption Mode, flag=0x8000, lorv=UDP-Transport
Dec 20 12:14:48 proxy racoon: DEBUG: UDP encapsulation requested
Dec 20 12:14:48 proxy racoon: DEBUG: type=Authentication Algorithm, flag=0x8000, lorv=hmac-sha
Dec 20 12:14:48 proxy racoon: DEBUG: type=SA Life Type, flag=0x8000, lorv=seconds
Dec 20 12:14:48 proxy racoon: DEBUG: type=SA Life Duration, flag=0x0000, lorv=4
Dec 20 12:14:48 proxy racoon: DEBUG: type=SA Life Type, flag=0x8000, lorv=kilobytes
Dec 20 12:14:48 proxy racoon: DEBUG: type=SA Life Duration, flag=0x0000, lorv=4
Dec 20 12:14:48 proxy racoon: DEBUG: pair 1:
Dec 20 12:14:48 proxy racoon: DEBUG: 0x28517510: next=0x0 tnext=0x0
Dec 20 12:14:48 proxy racoon: DEBUG: proposal #1: 1 transform
Dec 20 12:14:48 proxy racoon: DEBUG: begin compare proposals.
Dec 20 12:14:48 proxy racoon: DEBUG: pair[1]: 0x28517510
Dec 20 12:14:48 proxy racoon: DEBUG: 0x28517510: next=0x0 tnext=0x0
Dec 20 12:14:48 proxy racoon: DEBUG: prop#=1 prot-id=ESP spi-size=4 #trns=1 trns#=1 trns-id=NULL
Dec 20 12:14:48 proxy racoon: DEBUG: type=Encryption Mode, flag=0x8000, lorv=UDP-Transport
Dec 20 12:14:48 proxy racoon: DEBUG: type=Authentication Algorithm, flag=0x8000, lorv=hmac-sha
Dec 20 12:14:48 proxy racoon: DEBUG: type=SA Life Type, flag=0x8000, lorv=seconds
Dec 20 12:14:48 proxy racoon: DEBUG: type=SA Life Duration, flag=0x0000, lorv=4
Dec 20 12:14:48 proxy racoon: DEBUG: type=SA Life Type, flag=0x8000, lorv=kilobytes
Dec 20 12:14:48 proxy racoon: DEBUG: type=SA Life Duration, flag=0x0000, lorv=4
Dec 20 12:14:48 proxy racoon: DEBUG: peer's single bundle:
Dec 20 12:14:48 proxy racoon: DEBUG: (proto_id=ESP spisize=4 spi=f591bc4d spi_p=00000000 encmode=UDP-Transport reqid=0:0)
Dec 20 12:14:48 proxy racoon: DEBUG: (trns_id=NULL encklen=0 authtype=hmac-sha)
Dec 20 12:14:48 proxy racoon: DEBUG: my single bundle:
Dec 20 12:14:48 proxy racoon: DEBUG: (proto_id=ESP spisize=4 spi=00000000 spi_p=00000000 encmode=UDP-Transport reqid=0:0)
Dec 20 12:14:48 proxy racoon: DEBUG: (trns_id=3DES encklen=0 authtype=hmac-md5)
Dec 20 12:14:48 proxy racoon: DEBUG: (trns_id=3DES encklen=0 authtype=hmac-sha)
Dec 20 12:14:48 proxy racoon: INFO: Adjusting my encmode UDP-Transport->Transport
Dec 20 12:14:48 proxy racoon: INFO: Adjusting peer's encmode UDP-Transport(4)->Transport(2)
Dec 20 12:14:48 proxy racoon: WARNING: trns_id mismatched: my:3DES peer:NULL
Dec 20 12:14:48 proxy racoon: WARNING: trns_id mismatched: my:3DES peer:NULL
Dec 20 12:14:48 proxy racoon: ERROR: not matched
Dec 20 12:14:48 proxy racoon: ERROR: no suitable policy found.
Dec 20 12:14:48 proxy racoon: [YYY.YYY.YYY.YYY] ERROR: no proposal chosen.
Dec 20 12:14:48 proxy racoon: [YYY.YYY.YYY.YYY] ERROR: failed to pre-process ph2 packet (side: 1, status: 1).
Dec 20 12:14:48 proxy racoon: DEBUG: compute IV for phase2
Dec 20 12:14:48 proxy racoon: DEBUG: phase1 last IV:
Dec 20 12:14:48 proxy racoon: DEBUG: 9e88afc8 f154547f 82e89e50
Dec 20 12:14:48 proxy racoon: DEBUG: hash(sha1)
Dec 20 12:14:48 proxy racoon: DEBUG: encryption(3des)
Dec 20 12:14:48 proxy racoon: DEBUG: phase2 IV computed:
Dec 20 12:14:48 proxy racoon: DEBUG: f0998314 e35449b7
Dec 20 12:14:48 proxy racoon: DEBUG: HASH with:
Dec 20 12:14:48 proxy racoon: DEBUG: 82e89e50 0000000c 00000001 0100000e
Dec 20 12:14:48 proxy racoon: DEBUG: hmac(hmac_sha1)
Dec 20 12:14:48 proxy racoon: DEBUG: HASH computed:
Dec 20 12:14:48 proxy racoon: DEBUG: c7078f93 bf82e6a0 31d98da9 6d5deb60 c1a62129
Dec 20 12:14:48 proxy racoon: DEBUG: begin encryption.
Dec 20 12:14:48 proxy racoon: DEBUG: encryption(3des)
Dec 20 12:14:48 proxy racoon: DEBUG: pad length = 4
Dec 20 12:14:48 proxy racoon: DEBUG: 0b000018 c7078f93 bf82e6a0 31d98da9 6d5deb60 c1a62129 0000000c 00000001 0100000e 00000004
Dec 20 12:14:48 proxy racoon: DEBUG: encryption(3des)
Dec 20 12:14:48 proxy racoon: DEBUG: with key:
Dec 20 12:14:48 proxy racoon: DEBUG: 6d1961b4 215951d7 01c1eddc 21cf45fa 59094492 66febc63
Dec 20 12:14:48 proxy racoon: DEBUG: encrypted payload by IV:
Dec 20 12:14:48 proxy racoon: DEBUG: f0998314 e35449b7
Dec 20 12:14:48 proxy racoon: DEBUG: save IV for next:
Dec 20 12:14:48 proxy racoon: DEBUG: d7a95dd6 ba319ba7
Dec 20 12:14:48 proxy racoon: DEBUG: encrypted.
Dec 20 12:14:48 proxy racoon: DEBUG: Adding NON-ESP marker
Dec 20 12:14:48 proxy racoon: DEBUG: 72 bytes from XXX.XXX.XXX.XXX[4500] to YYY.YYY.YYY.YYY[4500]
Dec 20 12:14:48 proxy racoon: DEBUG: sockname XXX.XXX.XXX.XXX[4500]
Dec 20 12:14:48 proxy racoon: DEBUG: send packet from XXX.XXX.XXX.XXX[4500]
Dec 20 12:14:48 proxy racoon: DEBUG: send packet to YYY.YYY.YYY.YYY[4500]
Dec 20 12:14:48 proxy racoon: DEBUG: 1 times of 72 bytes message will be sent to YYY.YYY.YYY.YYY[4500]
Dec 20 12:14:48 proxy racoon: DEBUG: 00000000 fa6975cc b8108e36 2ec90ca9 82855fc3 08100501 82e89e50 00000044 8c8f52cb c7525af8 a063505c 8839aff0 09402a99 51f441e1 87637d13 fa6f78d1 d7a95dd6 ba319ba7
Dec 20 12:14:48 proxy racoon: DEBUG: sendto Information notify.
Dec 20 12:14:48 proxy racoon: DEBUG: IV freed
Dec 20 12:14:48 proxy racoon: DEBUG: sub:0xbfbfe37c: 192.168.1.130/32[1701] XXX.XXX.XXX.XXX/32[1701] proto=udp dir=in
Dec 20 12:14:48 proxy racoon: DEBUG: db :0x28547148: 0.0.0.0/0[0] XXX.XXX.XXX.XXX/32[1701] proto=udp dir=in
Dec 20 12:14:48 proxy racoon: DEBUG: sub:0xbfbfe37c: 192.168.1.130/32[1701] XXX.XXX.XXX.XXX/32[1701] proto=udp dir=in
Dec 20 12:14:48 proxy racoon: DEBUG: db :0x285473c8: XXX.XXX.XXX.XXX/32[1701] 0.0.0.0/0[0] proto=udp dir=out
Dec 20 12:14:48 proxy racoon: DEBUG: sub:0xbfbfe37c: XXX.XXX.XXX.XXX/32[1701] 192.168.1.130/32[1701] proto=udp dir=out
Dec 20 12:14:48 proxy racoon: DEBUG: db :0x28547148: 0.0.0.0/0[0] XXX.XXX.XXX.XXX/32[1701] proto=udp dir=in
Dec 20 12:14:48 proxy racoon: DEBUG: sub:0xbfbfe37c: XXX.XXX.XXX.XXX/32[1701] 192.168.1.130/32[1701] proto=udp dir=out
Dec 20 12:14:48 proxy racoon: DEBUG: db :0x285473c8: XXX.XXX.XXX.XXX/32[1701] 0.0.0.0/0[0] proto=udp dir=out
Dec 20 12:14:48 proxy racoon: DEBUG: IV freed
Dec 20 12:14:49 proxy racoon: DEBUG: ===
Dec 20 12:14:49 proxy racoon: DEBUG: 220 bytes message received from YYY.YYY.YYY.YYY[4500] to XXX.XXX.XXX.XXX[4500]
Dec 20 12:14:49 proxy racoon: DEBUG: fa6975cc b8108e36 2ec90ca9 82855fc3 08102001 00000001 000000dc f845f1d9 6a295096 0aa7c111 178fd0e8 c7bb991a 73a31f4c dca1e0e7 537170e9 5e8ea52c ab10c942 4469f83d c7a03df0 50925b26 927ff53a b86011b8 ac0f3f35 8907163e f26bb738 6769158b 55359b6c 740026bb afa93173 58b4c3d5 4701e50b 12b07a18 c8840b4c cb486257 93ed30f3 b5a3eb57 b6a47414 c6c28f49 bd8d7441 4be4f1af 7923e9d9 a923a4a9 df2cf431 bcdc0c75 e45dccbb d9aecc0c 31ec2df0 996a3e25 1ec0fa25 a3d7e48c 3b7f94e4 96df481d 209eb356 350e8b12 c14b0199
Dec 20 12:14:49 proxy racoon: DEBUG: compute IV for phase2
Dec 20 12:14:49 proxy racoon: DEBUG: phase1 last IV:
Dec 20 12:14:49 proxy racoon: DEBUG: 9e88afc8 f154547f 00000001
Dec 20 12:14:49 proxy racoon: DEBUG: hash(sha1)
Dec 20 12:14:49 proxy racoon: DEBUG: encryption(3des)
Dec 20 12:14:49 proxy racoon: DEBUG: phase2 IV computed:
Dec 20 12:14:49 proxy racoon: DEBUG: cb9f45f5 0af2a3a4
Dec 20 12:14:49 proxy racoon: DEBUG: ===
Dec 20 12:14:49 proxy racoon: INFO: respond new phase 2 negotiation: XXX.XXX.XXX.XXX[4500]<=>YYY.YYY.YYY.YYY[4500]
Dec 20 12:14:49 proxy racoon: DEBUG: begin decryption.
Dec 20 12:14:49 proxy racoon: DEBUG: encryption(3des)
Dec 20 12:14:49 proxy racoon: DEBUG: IV was saved for next processing:
Dec 20 12:14:49 proxy racoon: DEBUG: 350e8b12 c14b0199
Dec 20 12:14:49 proxy racoon: DEBUG: encryption(3des)
Dec 20 12:14:49 proxy racoon: DEBUG: with key:
Dec 20 12:14:49 proxy racoon: DEBUG: 6d1961b4 215951d7 01c1eddc 21cf45fa 59094492 66febc63
Dec 20 12:14:49 proxy racoon: DEBUG: decrypted payload by IV:
Dec 20 12:14:49 proxy racoon: DEBUG: cb9f45f5 0af2a3a4
Dec 20 12:14:49 proxy racoon: DEBUG: decrypted payload, but not trimed.
Dec 20 12:14:49 proxy racoon: DEBUG: 01000018 e01f51db 8ee2ea30 624ac805 6b2fa347 dfedaf7b 0a000040 00000001 00000001 00000034 01030401 f591bc4d 00000028 010b0000 80040004 80050002 80010001 00020004 00000e10 80010002 00020004 0003d090 05000034 f8734eb1 cf2dfbb5 ec7e1ec7 c039ba83 a8e2e395 29436515 2101946c badb4cd1 ef32483a 96b9f8ec 503e3950 84c11db5 0500000c 011106a5 c0a80182 1500000c 011106a5 d5a08b84 1500000c 01000000 c0a80182 0000000c 01000000 d5a08b84 00000000
Dec 20 12:14:49 proxy racoon: DEBUG: padding len=0
Dec 20 12:14:49 proxy racoon: DEBUG: skip to trim padding.
Dec 20 12:14:49 proxy racoon: DEBUG: decrypted.
Dec 20 12:14:49 proxy racoon: DEBUG: fa6975cc b8108e36 2ec90ca9 82855fc3 08102001 00000001 000000dc 01000018 e01f51db 8ee2ea30 624ac805 6b2fa347 dfedaf7b 0a000040 00000001 00000001 00000034 01030401 f591bc4d 00000028 010b0000 80040004 80050002 80010001 00020004 00000e10 80010002 00020004 0003d090 05000034 f8734eb1 cf2dfbb5 ec7e1ec7 c039ba83 a8e2e395 29436515 2101946c badb4cd1 ef32483a 96b9f8ec 503e3950 84c11db5 0500000c 011106a5 c0a80182 1500000c 011106a5 d5a08b84 1500000c 01000000 c0a80182 0000000c 01000000 d5a08b84 00000000
Dec 20 12:14:49 proxy racoon: DEBUG: begin.
Dec 20 12:14:49 proxy racoon: DEBUG: seen nptype=8(hash)
Dec 20 12:14:49 proxy racoon: DEBUG: seen nptype=1(sa)
Dec 20 12:14:49 proxy racoon: DEBUG: seen nptype=10(nonce)
Dec 20 12:14:49 proxy racoon: DEBUG: seen nptype=5(id)
Dec 20 12:14:49 proxy racoon: DEBUG: seen nptype=5(id)
Dec 20 12:14:49 proxy racoon: DEBUG: seen nptype=21(nat-oa)
Dec 20 12:14:49 proxy racoon: DEBUG: seen nptype=21(nat-oa)
Dec 20 12:14:49 proxy racoon: DEBUG: succeed.
Dec 20 12:14:49 proxy racoon: DEBUG: received IDci2:
Dec 20 12:14:49 proxy racoon: DEBUG: 011106a5 c0a80182
Dec 20 12:14:49 proxy racoon: DEBUG: received IDcr2:
Dec 20 12:14:49 proxy racoon: DEBUG: 011106a5 d5a08b84
Dec 20 12:14:49 proxy racoon: DEBUG: HASH(1) validate:
Dec 20 12:14:49 proxy racoon: DEBUG: e01f51db 8ee2ea30 624ac805 6b2fa347 dfedaf7b
Dec 20 12:14:49 proxy racoon: DEBUG: HASH with:
Dec 20 12:14:49 proxy racoon: DEBUG: 00000001 0a000040 00000001 00000001 00000034 01030401 f591bc4d 00000028 010b0000 80040004 80050002 80010001 00020004 00000e10 80010002 00020004 0003d090 05000034 f8734eb1 cf2dfbb5 ec7e1ec7 c039ba83 a8e2e395 29436515 2101946c badb4cd1 ef32483a 96b9f8ec 503e3950 84c11db5 0500000c 011106a5 c0a80182 1500000c 011106a5 d5a08b84 1500000c 01000000 c0a80182 0000000c 01000000 d5a08b84
Dec 20 12:14:49 proxy racoon: DEBUG: hmac(hmac_sha1)
Dec 20 12:14:49 proxy racoon: DEBUG: HASH computed:
Dec 20 12:14:49 proxy racoon: DEBUG: e01f51db 8ee2ea30 624ac805 6b2fa347 dfedaf7b
Dec 20 12:14:49 proxy racoon: DEBUG: getsainfo params: loc='XXX.XXX.XXX.XXX' rmt='192.168.1.130' peer='192.168.1.130' client='YYY.YYY.YYY.YYY' id=0
Dec 20 12:14:49 proxy racoon: DEBUG: evaluating sainfo: loc='ANONYMOUS', rmt='ANONYMOUS', peer='ANY', id=0
Dec 20 12:14:49 proxy racoon: DEBUG: check and compare ids : values matched (ANONYMOUS)
Dec 20 12:14:49 proxy racoon: DEBUG: check and compare ids : values matched (ANONYMOUS)
Dec 20 12:14:49 proxy racoon: DEBUG: selected sainfo: loc='ANONYMOUS', rmt='ANONYMOUS', peer='ANY', id=0
Dec 20 12:14:49 proxy racoon: DEBUG: Either family (2 - 2), types (1 - 1) of ID from initiator differ or matching sainfo has no id_i defined for the peer. Not filling iph2->sa_src and iph2->sa_dst.
Dec 20 12:14:49 proxy racoon: DEBUG: get src address from ID payload 192.168.1.130[1701] prefixlen=32 ul_proto=17
Dec 20 12:14:49 proxy racoon: DEBUG: get dst address from ID payload XXX.XXX.XXX.XXX[1701] prefixlen=32 ul_proto=17
Dec 20 12:14:49 proxy racoon: DEBUG: sub:0xbfbfe2a4: 192.168.1.130/32[1701] XXX.XXX.XXX.XXX/32[1701] proto=udp dir=in
Dec 20 12:14:49 proxy racoon: DEBUG: db :0x28547148: 0.0.0.0/0[0] XXX.XXX.XXX.XXX/32[1701] proto=udp dir=in
Dec 20 12:14:49 proxy racoon: DEBUG: sub:0xbfbfe2a4: 192.168.1.130/32[1701] XXX.XXX.XXX.XXX/32[1701] proto=udp dir=in
Dec 20 12:14:49 proxy racoon: DEBUG: db: 0x28547148: 0.0.0.0/0[0] XXX.XXX.XXX.XXX/32[1701] proto=udp dir=in
Dec 20 12:14:49 proxy racoon: DEBUG: 0xbfbfe2a4 masked with /0: 0.0.0.0[1701]
Dec 20 12:14:49 proxy racoon: DEBUG: 0x28547148 masked with /0: 0.0.0.0[0]
Dec 20 12:14:49 proxy racoon: DEBUG: 0xbfbfe2a4 masked with /32: XXX.XXX.XXX.XXX[1701]
Dec 20 12:14:49 proxy racoon: DEBUG: 0x28547148 masked with /32: XXX.XXX.XXX.XXX[1701]
Dec 20 12:14:49 proxy racoon: DEBUG: sub:0xbfbfe2a4: 192.168.1.130/32[1701] XXX.XXX.XXX.XXX/32[1701] proto=udp dir=in
Dec 20 12:14:49 proxy racoon: DEBUG: db :0x285473c8: XXX.XXX.XXX.XXX/32[1701] 0.0.0.0/0[0] proto=udp dir=out
Dec 20 12:14:49 proxy racoon: INFO: Update the generated policy : 192.168.1.130/32[1701] XXX.XXX.XXX.XXX/32[1701] proto=udp dir=in
Dec 20 12:14:49 proxy racoon: DEBUG: sub:0xbfbfe2a4: XXX.XXX.XXX.XXX/32[1701] 192.168.1.130/32[1701] proto=udp dir=out
Dec 20 12:14:49 proxy racoon: DEBUG: db :0x28547148: 0.0.0.0/0[0] XXX.XXX.XXX.XXX/32[1701] proto=udp dir=in
Dec 20 12:14:49 proxy racoon: DEBUG: sub:0xbfbfe2a4: XXX.XXX.XXX.XXX/32[1701] 192.168.1.130/32[1701] proto=udp dir=out
Dec 20 12:14:49 proxy racoon: DEBUG: db: 0x28547148: 0.0.0.0/0[0] XXX.XXX.XXX.XXX/32[1701] proto=udp dir=in
Dec 20 12:14:49 proxy racoon: DEBUG: sub:0xbfbfe2a4: XXX.XXX.XXX.XXX/32[1701] 192.168.1.130/32[1701] proto=udp dir=out
Dec 20 12:14:49 proxy racoon: DEBUG: db :0x285473c8: XXX.XXX.XXX.XXX/32[1701] 0.0.0.0/0[0] proto=udp dir=out
Dec 20 12:14:49 proxy racoon: DEBUG: sub:0xbfbfe2a4: XXX.XXX.XXX.XXX/32[1701] 192.168.1.130/32[1701] proto=udp dir=out
Dec 20 12:14:49 proxy racoon: DEBUG: db: 0x285473c8: XXX.XXX.XXX.XXX/32[1701] 0.0.0.0/0[0] proto=udp dir=out
Dec 20 12:14:49 proxy racoon: DEBUG: 0xbfbfe2a4 masked with /32: XXX.XXX.XXX.XXX[1701]
Dec 20 12:14:49 proxy racoon: DEBUG: 0x285473c8 masked with /32: XXX.XXX.XXX.XXX[1701]
Dec 20 12:14:49 proxy racoon: DEBUG: 0xbfbfe2a4 masked with /0: 0.0.0.0[1701]
Dec 20 12:14:49 proxy racoon: DEBUG: 0x285473c8 masked with /0: 0.0.0.0[0]
Dec 20 12:14:49 proxy racoon: DEBUG: suitable SP found:XXX.XXX.XXX.XXX/32[1701] 192.168.1.130/32[1701] proto=udp dir=out
Dec 20 12:14:49 proxy racoon: DEBUG: (proto_id=ESP spisize=4 spi=00000000 spi_p=00000000 encmode=UDP-Transport reqid=0:0)
Dec 20 12:14:49 proxy racoon: DEBUG: (trns_id=3DES encklen=0 authtype=hmac-md5)
Dec 20 12:14:49 proxy racoon: DEBUG: (trns_id=3DES encklen=0 authtype=hmac-sha)
Dec 20 12:14:49 proxy racoon: DEBUG: total SA len=60
Dec 20 12:14:49 proxy racoon: DEBUG: 00000001 00000001 00000034 01030401 f591bc4d 00000028 010b0000 80040004 80050002 80010001 00020004 00000e10 80010002 00020004 0003d090
Dec 20 12:14:49 proxy racoon: DEBUG: begin.
Dec 20 12:14:49 proxy racoon: DEBUG: seen nptype=2(prop)
Dec 20 12:14:49 proxy racoon: DEBUG: succeed.
Dec 20 12:14:49 proxy racoon: DEBUG: proposal #1 len=52
Dec 20 12:14:49 proxy racoon: DEBUG: begin.
Dec 20 12:14:49 proxy racoon: DEBUG: seen nptype=3(trns)
Dec 20 12:14:49 proxy racoon: DEBUG: succeed.
Dec 20 12:14:49 proxy racoon: DEBUG: transform #1 len=40
Dec 20 12:14:49 proxy racoon: DEBUG: type=Encryption Mode, flag=0x8000, lorv=UDP-Transport
Dec 20 12:14:49 proxy racoon: DEBUG: UDP encapsulation requested
Dec 20 12:14:49 proxy racoon: DEBUG: type=Authentication Algorithm, flag=0x8000, lorv=hmac-sha
Dec 20 12:14:49 proxy racoon: DEBUG: type=SA Life Type, flag=0x8000, lorv=seconds
Dec 20 12:14:49 proxy racoon: DEBUG: type=SA Life Duration, flag=0x0000, lorv=4
Dec 20 12:14:49 proxy racoon: DEBUG: type=SA Life Type, flag=0x8000, lorv=kilobytes
Dec 20 12:14:49 proxy racoon: DEBUG: type=SA Life Duration, flag=0x0000, lorv=4
Dec 20 12:14:49 proxy racoon: DEBUG: pair 1:
Dec 20 12:14:49 proxy racoon: DEBUG: 0x28517510: next=0x0 tnext=0x0
Dec 20 12:14:49 proxy racoon: DEBUG: proposal #1: 1 transform
Dec 20 12:14:49 proxy racoon: DEBUG: begin compare proposals.
Dec 20 12:14:49 proxy racoon: DEBUG: pair[1]: 0x28517510
Dec 20 12:14:49 proxy racoon: DEBUG: 0x28517510: next=0x0 tnext=0x0
Dec 20 12:14:49 proxy racoon: DEBUG: prop#=1 prot-id=ESP spi-size=4 #trns=1 trns#=1 trns-id=NULL
Dec 20 12:14:49 proxy racoon: DEBUG: type=Encryption Mode, flag=0x8000, lorv=UDP-Transport
Dec 20 12:14:49 proxy racoon: DEBUG: type=Authentication Algorithm, flag=0x8000, lorv=hmac-sha
Dec 20 12:14:49 proxy racoon: DEBUG: type=SA Life Type, flag=0x8000, lorv=seconds
Dec 20 12:14:49 proxy racoon: DEBUG: type=SA Life Duration, flag=0x0000, lorv=4
Dec 20 12:14:49 proxy racoon: DEBUG: type=SA Life Type, flag=0x8000, lorv=kilobytes
Dec 20 12:14:49 proxy racoon: DEBUG: type=SA Life Duration, flag=0x0000, lorv=4
Dec 20 12:14:49 proxy racoon: DEBUG: peer's single bundle:
Dec 20 12:14:49 proxy racoon: DEBUG: (proto_id=ESP spisize=4 spi=f591bc4d spi_p=00000000 encmode=UDP-Transport reqid=0:0)
Dec 20 12:14:49 proxy racoon: DEBUG: (trns_id=NULL encklen=0 authtype=hmac-sha)
Dec 20 12:14:49 proxy racoon: DEBUG: my single bundle:
Dec 20 12:14:49 proxy racoon: DEBUG: (proto_id=ESP spisize=4 spi=00000000 spi_p=00000000 encmode=UDP-Transport reqid=0:0)
Dec 20 12:14:49 proxy racoon: DEBUG: (trns_id=3DES encklen=0 authtype=hmac-md5)
Dec 20 12:14:49 proxy racoon: DEBUG: (trns_id=3DES encklen=0 authtype=hmac-sha)
Dec 20 12:14:49 proxy racoon: INFO: Adjusting my encmode UDP-Transport->Transport
Dec 20 12:14:49 proxy racoon: INFO: Adjusting peer's encmode UDP-Transport(4)->Transport(2)
Dec 20 12:14:49 proxy racoon: WARNING: trns_id mismatched: my:3DES peer:NULL
Dec 20 12:14:49 proxy racoon: WARNING: trns_id mismatched: my:3DES peer:NULL
Dec 20 12:14:49 proxy racoon: ERROR: not matched
Dec 20 12:14:49 proxy racoon: ERROR: no suitable policy found.
Dec 20 12:14:49 proxy racoon: [YYY.YYY.YYY.YYY] ERROR: no proposal chosen.
Dec 20 12:14:49 proxy racoon: [YYY.YYY.YYY.YYY] ERROR: failed to pre-process ph2 packet (side: 1, status: 1).
Dec 20 12:14:49 proxy racoon: DEBUG: compute IV for phase2
Dec 20 12:14:49 proxy racoon: DEBUG: phase1 last IV:
Dec 20 12:14:49 proxy racoon: DEBUG: 9e88afc8 f154547f 9ff10fa8
Dec 20 12:14:49 proxy racoon: DEBUG: hash(sha1)
Dec 20 12:14:49 proxy racoon: DEBUG: encryption(3des)
Dec 20 12:14:49 proxy racoon: DEBUG: phase2 IV computed:
Dec 20 12:14:49 proxy racoon: DEBUG: 94d3b8c4 25089566
Dec 20 12:14:49 proxy racoon: DEBUG: HASH with:
Dec 20 12:14:49 proxy racoon: DEBUG: 9ff10fa8 0000000c 00000001 0100000e
Dec 20 12:14:49 proxy racoon: DEBUG: hmac(hmac_sha1)
Dec 20 12:14:49 proxy racoon: DEBUG: HASH computed:
Dec 20 12:14:49 proxy racoon: DEBUG: 60189b86 0b7649b5 1c469090 b165cf96 69054ffc
Dec 20 12:14:49 proxy racoon: DEBUG: begin encryption.
Dec 20 12:14:49 proxy racoon: DEBUG: encryption(3des)
Dec 20 12:14:49 proxy racoon: DEBUG: pad length = 4
Dec 20 12:14:49 proxy racoon: DEBUG: 0b000018 60189b86 0b7649b5 1c469090 b165cf96 69054ffc 0000000c 00000001 0100000e 00000004
Dec 20 12:14:49 proxy racoon: DEBUG: encryption(3des)
Dec 20 12:14:49 proxy racoon: DEBUG: with key:
Dec 20 12:14:49 proxy racoon: DEBUG: 6d1961b4 215951d7 01c1eddc 21cf45fa 59094492 66febc63
Dec 20 12:14:49 proxy racoon: DEBUG: encrypted payload by IV:
Dec 20 12:14:49 proxy racoon: DEBUG: 94d3b8c4 25089566
Dec 20 12:14:49 proxy racoon: DEBUG: save IV for next:
Dec 20 12:14:49 proxy racoon: DEBUG: fc30454f e52a0710
Dec 20 12:14:49 proxy racoon: DEBUG: encrypted.
Dec 20 12:14:49 proxy racoon: DEBUG: Adding NON-ESP marker
Dec 20 12:14:49 proxy racoon: DEBUG: 72 bytes from XXX.XXX.XXX.XXX[4500] to YYY.YYY.YYY.YYY[4500]
Dec 20 12:14:49 proxy racoon: DEBUG: sockname XXX.XXX.XXX.XXX[4500]
Dec 20 12:14:49 proxy racoon: DEBUG: send packet from XXX.XXX.XXX.XXX[4500]
Dec 20 12:14:49 proxy racoon: DEBUG: send packet to YYY.YYY.YYY.YYY[4500]
Dec 20 12:14:49 proxy racoon: DEBUG: 1 times of 72 bytes message will be sent to YYY.YYY.YYY.YYY[4500]
Dec 20 12:14:49 proxy racoon: DEBUG: 00000000 fa6975cc b8108e36 2ec90ca9 82855fc3 08100501 9ff10fa8 00000044 1352be32 00e66e85 757fa24f e1d47641 4322c144 92129ff3 ad6cf195 6db60ce1 fc30454f e52a0710
Dec 20 12:14:49 proxy racoon: DEBUG: sendto Information notify.
Dec 20 12:14:49 proxy racoon: DEBUG: IV freed
Dec 20 12:14:49 proxy racoon: DEBUG: sub:0xbfbfe37c: 192.168.1.130/32[1701] XXX.XXX.XXX.XXX/32[1701] proto=udp dir=in
Dec 20 12:14:49 proxy racoon: DEBUG: db :0x28547148: 0.0.0.0/0[0] XXX.XXX.XXX.XXX/32[1701] proto=udp dir=in
Dec 20 12:14:49 proxy racoon: DEBUG: sub:0xbfbfe37c: 192.168.1.130/32[1701] XXX.XXX.XXX.XXX/32[1701] proto=udp dir=in
Dec 20 12:14:49 proxy racoon: DEBUG: db :0x285473c8: XXX.XXX.XXX.XXX/32[1701] 0.0.0.0/0[0] proto=udp dir=out
Dec 20 12:14:49 proxy racoon: DEBUG: sub:0xbfbfe37c: XXX.XXX.XXX.XXX/32[1701] 192.168.1.130/32[1701] proto=udp dir=out
Dec 20 12:14:49 proxy racoon: DEBUG: db :0x28547148: 0.0.0.0/0[0] XXX.XXX.XXX.XXX/32[1701] proto=udp dir=in
Dec 20 12:14:49 proxy racoon: DEBUG: sub:0xbfbfe37c: XXX.XXX.XXX.XXX/32[1701] 192.168.1.130/32[1701] proto=udp dir=out
Dec 20 12:14:49 proxy racoon: DEBUG: db :0x285473c8: XXX.XXX.XXX.XXX/32[1701] 0.0.0.0/0[0] proto=udp dir=out
Dec 20 12:14:49 proxy racoon: DEBUG: IV freed
Dec 20 12:14:51 proxy racoon: DEBUG: ===
Dec 20 12:14:51 proxy racoon: DEBUG: 220 bytes message received from YYY.YYY.YYY.YYY[4500] to XXX.XXX.XXX.XXX[4500]
Dec 20 12:14:51 proxy racoon: DEBUG: fa6975cc b8108e36 2ec90ca9 82855fc3 08102001 00000001 000000dc f845f1d9 6a295096 0aa7c111 178fd0e8 c7bb991a 73a31f4c dca1e0e7 537170e9 5e8ea52c ab10c942 4469f83d c7a03df0 50925b26 927ff53a b86011b8 ac0f3f35 8907163e f26bb738 6769158b 55359b6c 740026bb afa93173 58b4c3d5 4701e50b 12b07a18 c8840b4c cb486257 93ed30f3 b5a3eb57 b6a47414 c6c28f49 bd8d7441 4be4f1af 7923e9d9 a923a4a9 df2cf431 bcdc0c75 e45dccbb d9aecc0c 31ec2df0 996a3e25 1ec0fa25 a3d7e48c 3b7f94e4 96df481d 209eb356 350e8b12 c14b0199
Dec 20 12:14:51 proxy racoon: DEBUG: compute IV for phase2
Dec 20 12:14:51 proxy racoon: DEBUG: phase1 last IV:
Dec 20 12:14:51 proxy racoon: DEBUG: 9e88afc8 f154547f 00000001
Dec 20 12:14:51 proxy racoon: DEBUG: hash(sha1)
Dec 20 12:14:51 proxy racoon: DEBUG: encryption(3des)
Dec 20 12:14:51 proxy racoon: DEBUG: phase2 IV computed:
Dec 20 12:14:51 proxy racoon: DEBUG: cb9f45f5 0af2a3a4
Dec 20 12:14:51 proxy racoon: DEBUG: ===
Dec 20 12:14:51 proxy racoon: INFO: respond new phase 2 negotiation: XXX.XXX.XXX.XXX[4500]<=>YYY.YYY.YYY.YYY[4500]
Dec 20 12:14:51 proxy racoon: DEBUG: begin decryption.
Dec 20 12:14:51 proxy racoon: DEBUG: encryption(3des)
Dec 20 12:14:51 proxy racoon: DEBUG: IV was saved for next processing:
Dec 20 12:14:51 proxy racoon: DEBUG: 350e8b12 c14b0199
Dec 20 12:14:51 proxy racoon: DEBUG: encryption(3des)
Dec 20 12:14:51 proxy racoon: DEBUG: with key:
Dec 20 12:14:51 proxy racoon: DEBUG: 6d1961b4 215951d7 01c1eddc 21cf45fa 59094492 66febc63
Dec 20 12:14:51 proxy racoon: DEBUG: decrypted payload by IV:
Dec 20 12:14:51 proxy racoon: DEBUG: cb9f45f5 0af2a3a4
Dec 20 12:14:51 proxy racoon: DEBUG: decrypted payload, but not trimed.
Dec 20 12:14:51 proxy racoon: DEBUG: 01000018 e01f51db 8ee2ea30 624ac805 6b2fa347 dfedaf7b 0a000040 00000001 00000001 00000034 01030401 f591bc4d 00000028 010b0000 80040004 80050002 80010001 00020004 00000e10 80010002 00020004 0003d090 05000034 f8734eb1 cf2dfbb5 ec7e1ec7 c039ba83 a8e2e395 29436515 2101946c badb4cd1 ef32483a 96b9f8ec 503e3950 84c11db5 0500000c 011106a5 c0a80182 1500000c 011106a5 d5a08b84 1500000c 01000000 c0a80182 0000000c 01000000 d5a08b84 00000000
Dec 20 12:14:51 proxy racoon: DEBUG: padding len=0
Dec 20 12:14:51 proxy racoon: DEBUG: skip to trim padding.
Dec 20 12:14:51 proxy racoon: DEBUG: decrypted.
Dec 20 12:14:51 proxy racoon: DEBUG: fa6975cc b8108e36 2ec90ca9 82855fc3 08102001 00000001 000000dc 01000018 e01f51db 8ee2ea30 624ac805 6b2fa347 dfedaf7b 0a000040 00000001 00000001 00000034 01030401 f591bc4d 00000028 010b0000 80040004 80050002 80010001 00020004 00000e10 80010002 00020004 0003d090 05000034 f8734eb1 cf2dfbb5 ec7e1ec7 c039ba83 a8e2e395 29436515 2101946c badb4cd1 ef32483a 96b9f8ec 503e3950 84c11db5 0500000c 011106a5 c0a80182 1500000c 011106a5 d5a08b84 1500000c 01000000 c0a80182 0000000c 01000000 d5a08b84 00000000
Dec 20 12:14:51 proxy racoon: DEBUG: begin.
Dec 20 12:14:51 proxy racoon: DEBUG: seen nptype=8(hash)
Dec 20 12:14:51 proxy racoon: DEBUG: seen nptype=1(sa)
Dec 20 12:14:51 proxy racoon: DEBUG: seen nptype=10(nonce)
Dec 20 12:14:51 proxy racoon: DEBUG: seen nptype=5(id)
Dec 20 12:14:51 proxy racoon: DEBUG: seen nptype=5(id)
Dec 20 12:14:51 proxy racoon: DEBUG: seen nptype=21(nat-oa)
Dec 20 12:14:51 proxy racoon: DEBUG: seen nptype=21(nat-oa)
Dec 20 12:14:51 proxy racoon: DEBUG: succeed.
Dec 20 12:14:51 proxy racoon: DEBUG: received IDci2:
Dec 20 12:14:51 proxy racoon: DEBUG: 011106a5 c0a80182
Dec 20 12:14:51 proxy racoon: DEBUG: received IDcr2:
Dec 20 12:14:51 proxy racoon: DEBUG: 011106a5 d5a08b84
Dec 20 12:14:51 proxy racoon: DEBUG: HASH(1) validate:
Dec 20 12:14:51 proxy racoon: DEBUG: e01f51db 8ee2ea30 624ac805 6b2fa347 dfedaf7b
Dec 20 12:14:51 proxy racoon: DEBUG: HASH with:
Dec 20 12:14:51 proxy racoon: DEBUG: 00000001 0a000040 00000001 00000001 00000034 01030401 f591bc4d 00000028 010b0000 80040004 80050002 80010001 00020004 00000e10 80010002 00020004 0003d090 05000034 f8734eb1 cf2dfbb5 ec7e1ec7 c039ba83 a8e2e395 29436515 2101946c badb4cd1 ef32483a 96b9f8ec 503e3950 84c11db5 0500000c 011106a5 c0a80182 1500000c 011106a5 d5a08b84 1500000c 01000000 c0a80182 0000000c 01000000 d5a08b84
Dec 20 12:14:51 proxy racoon: DEBUG: hmac(hmac_sha1)
Dec 20 12:14:51 proxy racoon: DEBUG: HASH computed:
Dec 20 12:14:51 proxy racoon: DEBUG: e01f51db 8ee2ea30 624ac805 6b2fa347 dfedaf7b
Dec 20 12:14:51 proxy racoon: DEBUG: getsainfo params: loc='XXX.XXX.XXX.XXX' rmt='192.168.1.130' peer='192.168.1.130' client='YYY.YYY.YYY.YYY' id=0
Dec 20 12:14:51 proxy racoon: DEBUG: evaluating sainfo: loc='ANONYMOUS', rmt='ANONYMOUS', peer='ANY', id=0
Dec 20 12:14:51 proxy racoon: DEBUG: check and compare ids : values matched (ANONYMOUS)
Dec 20 12:14:51 proxy racoon: DEBUG: check and compare ids : values matched (ANONYMOUS)
Dec 20 12:14:51 proxy racoon: DEBUG: selected sainfo: loc='ANONYMOUS', rmt='ANONYMOUS', peer='ANY', id=0
Dec 20 12:14:51 proxy racoon: DEBUG: Either family (2 - 2), types (1 - 1) of ID from initiator differ or matching sainfo has no id_i defined for the peer. Not filling iph2->sa_src and iph2->sa_dst.
Dec 20 12:14:51 proxy racoon: DEBUG: get src address from ID payload 192.168.1.130[1701] prefixlen=32 ul_proto=17
Dec 20 12:14:51 proxy racoon: DEBUG: get dst address from ID payload XXX.XXX.XXX.XXX[1701] prefixlen=32 ul_proto=17
Dec 20 12:14:51 proxy racoon: DEBUG: sub:0xbfbfe2a4: 192.168.1.130/32[1701] XXX.XXX.XXX.XXX/32[1701] proto=udp dir=in
Dec 20 12:14:51 proxy racoon: DEBUG: db :0x28547148: 0.0.0.0/0[0] XXX.XXX.XXX.XXX/32[1701] proto=udp dir=in
Dec 20 12:14:51 proxy racoon: DEBUG: sub:0xbfbfe2a4: 192.168.1.130/32[1701] XXX.XXX.XXX.XXX/32[1701] proto=udp dir=in
Dec 20 12:14:51 proxy racoon: DEBUG: db: 0x28547148: 0.0.0.0/0[0] XXX.XXX.XXX.XXX/32[1701] proto=udp dir=in
Dec 20 12:14:51 proxy racoon: DEBUG: 0xbfbfe2a4 masked with /0: 0.0.0.0[1701]
Dec 20 12:14:51 proxy racoon: DEBUG: 0x28547148 masked with /0: 0.0.0.0[0]
Dec 20 12:14:51 proxy racoon: DEBUG: 0xbfbfe2a4 masked with /32: XXX.XXX.XXX.XXX[1701]
Dec 20 12:14:51 proxy racoon: DEBUG: 0x28547148 masked with /32: XXX.XXX.XXX.XXX[1701]
Dec 20 12:14:51 proxy racoon: DEBUG: sub:0xbfbfe2a4: 192.168.1.130/32[1701] XXX.XXX.XXX.XXX/32[1701] proto=udp dir=in
Dec 20 12:14:51 proxy racoon: DEBUG: db :0x285473c8: XXX.XXX.XXX.XXX/32[1701] 0.0.0.0/0[0] proto=udp dir=out
Dec 20 12:14:51 proxy racoon: INFO: Update the generated policy : 192.168.1.130/32[1701] XXX.XXX.XXX.XXX/32[1701] proto=udp dir=in
Dec 20 12:14:51 proxy racoon: DEBUG: sub:0xbfbfe2a4: XXX.XXX.XXX.XXX/32[1701] 192.168.1.130/32[1701] proto=udp dir=out
Dec 20 12:14:51 proxy racoon: DEBUG: db :0x28547148: 0.0.0.0/0[0] XXX.XXX.XXX.XXX/32[1701] proto=udp dir=in
Dec 20 12:14:51 proxy racoon: DEBUG: sub:0xbfbfe2a4: XXX.XXX.XXX.XXX/32[1701] 192.168.1.130/32[1701] proto=udp dir=out
Dec 20 12:14:51 proxy racoon: DEBUG: db: 0x28547148: 0.0.0.0/0[0] XXX.XXX.XXX.XXX/32[1701] proto=udp dir=in
Dec 20 12:14:51 proxy racoon: DEBUG: sub:0xbfbfe2a4: XXX.XXX.XXX.XXX/32[1701] 192.168.1.130/32[1701] proto=udp dir=out
Dec 20 12:14:51 proxy racoon: DEBUG: db :0x285473c8: XXX.XXX.XXX.XXX/32[1701] 0.0.0.0/0[0] proto=udp dir=out
Dec 20 12:14:51 proxy racoon: DEBUG: sub:0xbfbfe2a4: XXX.XXX.XXX.XXX/32[1701] 192.168.1.130/32[1701] proto=udp dir=out
Dec 20 12:14:51 proxy racoon: DEBUG: db: 0x285473c8: XXX.XXX.XXX.XXX/32[1701] 0.0.0.0/0[0] proto=udp dir=out
Dec 20 12:14:51 proxy racoon: DEBUG: 0xbfbfe2a4 masked with /32: XXX.XXX.XXX.XXX[1701]
Dec 20 12:14:51 proxy racoon: DEBUG: 0x285473c8 masked with /32: XXX.XXX.XXX.XXX[1701]
Dec 20 12:14:51 proxy racoon: DEBUG: 0xbfbfe2a4 masked with /0: 0.0.0.0[1701]
Dec 20 12:14:51 proxy racoon: DEBUG: 0x285473c8 masked with /0: 0.0.0.0[0]
Dec 20 12:14:51 proxy racoon: DEBUG: suitable SP found:XXX.XXX.XXX.XXX/32[1701] 192.168.1.130/32[1701] proto=udp dir=out
Dec 20 12:14:51 proxy racoon: DEBUG: (proto_id=ESP spisize=4 spi=00000000 spi_p=00000000 encmode=UDP-Transport reqid=0:0)
Dec 20 12:14:51 proxy racoon: DEBUG: (trns_id=3DES encklen=0 authtype=hmac-md5)
Dec 20 12:14:51 proxy racoon: DEBUG: (trns_id=3DES encklen=0 authtype=hmac-sha)
Dec 20 12:14:51 proxy racoon: DEBUG: total SA len=60
Dec 20 12:14:51 proxy racoon: DEBUG: 00000001 00000001 00000034 01030401 f591bc4d 00000028 010b0000 80040004 80050002 80010001 00020004 00000e10 80010002 00020004 0003d090
Dec 20 12:14:51 proxy racoon: DEBUG: begin.
Dec 20 12:14:51 proxy racoon: DEBUG: seen nptype=2(prop)
Dec 20 12:14:51 proxy racoon: DEBUG: succeed.
Dec 20 12:14:51 proxy racoon: DEBUG: proposal #1 len=52
Dec 20 12:14:51 proxy racoon: DEBUG: begin.
Dec 20 12:14:51 proxy racoon: DEBUG: seen nptype=3(trns)
Dec 20 12:14:51 proxy racoon: DEBUG: succeed.
Dec 20 12:14:51 proxy racoon: DEBUG: transform #1 len=40
Dec 20 12:14:51 proxy racoon: DEBUG: type=Encryption Mode, flag=0x8000, lorv=UDP-Transport
Dec 20 12:14:51 proxy racoon: DEBUG: UDP encapsulation requested
Dec 20 12:14:51 proxy racoon: DEBUG: type=Authentication Algorithm, flag=0x8000, lorv=hmac-sha
Dec 20 12:14:51 proxy racoon: DEBUG: type=SA Life Type, flag=0x8000, lorv=seconds
Dec 20 12:14:51 proxy racoon: DEBUG: type=SA Life Duration, flag=0x0000, lorv=4
Dec 20 12:14:51 proxy racoon: DEBUG: type=SA Life Type, flag=0x8000, lorv=kilobytes
Dec 20 12:14:51 proxy racoon: DEBUG: type=SA Life Duration, flag=0x0000, lorv=4
Dec 20 12:14:51 proxy racoon: DEBUG: pair 1:
Dec 20 12:14:51 proxy racoon: DEBUG: 0x28517510: next=0x0 tnext=0x0
Dec 20 12:14:51 proxy racoon: DEBUG: proposal #1: 1 transform
Dec 20 12:14:51 proxy racoon: DEBUG: begin compare proposals.
Dec 20 12:14:51 proxy racoon: DEBUG: pair[1]: 0x28517510
Dec 20 12:14:51 proxy racoon: DEBUG: 0x28517510: next=0x0 tnext=0x0
Dec 20 12:14:51 proxy racoon: DEBUG: prop#=1 prot-id=ESP spi-size=4 #trns=1 trns#=1 trns-id=NULL
Dec 20 12:14:51 proxy racoon: DEBUG: type=Encryption Mode, flag=0x8000, lorv=UDP-Transport
Dec 20 12:14:51 proxy racoon: DEBUG: type=Authentication Algorithm, flag=0x8000, lorv=hmac-sha
Dec 20 12:14:51 proxy racoon: DEBUG: type=SA Life Type, flag=0x8000, lorv=seconds
Dec 20 12:14:51 proxy racoon: DEBUG: type=SA Life Duration, flag=0x0000, lorv=4
Dec 20 12:14:51 proxy racoon: DEBUG: type=SA Life Type, flag=0x8000, lorv=kilobytes
Dec 20 12:14:51 proxy racoon: DEBUG: type=SA Life Duration, flag=0x0000, lorv=4
Dec 20 12:14:51 proxy racoon: DEBUG: peer's single bundle:
Dec 20 12:14:51 proxy racoon: DEBUG: (proto_id=ESP spisize=4 spi=f591bc4d spi_p=00000000 encmode=UDP-Transport reqid=0:0)
Dec 20 12:14:51 proxy racoon: DEBUG: (trns_id=NULL encklen=0 authtype=hmac-sha)
Dec 20 12:14:51 proxy racoon: DEBUG: my single bundle:
Dec 20 12:14:51 proxy racoon: DEBUG: (proto_id=ESP spisize=4 spi=00000000 spi_p=00000000 encmode=UDP-Transport reqid=0:0)
Dec 20 12:14:51 proxy racoon: DEBUG: (trns_id=3DES encklen=0 authtype=hmac-md5)
Dec 20 12:14:51 proxy racoon: DEBUG: (trns_id=3DES encklen=0 authtype=hmac-sha)
Dec 20 12:14:51 proxy racoon: INFO: Adjusting my encmode UDP-Transport->Transport
Dec 20 12:14:51 proxy racoon: INFO: Adjusting peer's encmode UDP-Transport(4)->Transport(2)
Dec 20 12:14:51 proxy racoon: WARNING: trns_id mismatched: my:3DES peer:NULL
Dec 20 12:14:51 proxy racoon: WARNING: trns_id mismatched: my:3DES peer:NULL
Dec 20 12:14:51 proxy racoon: ERROR: not matched
Dec 20 12:14:51 proxy racoon: ERROR: no suitable policy found.
Dec 20 12:14:51 proxy racoon: [YYY.YYY.YYY.YYY] ERROR: no proposal chosen.
Dec 20 12:14:51 proxy racoon: [YYY.YYY.YYY.YYY] ERROR: failed to pre-process ph2 packet (side: 1, status: 1).
Dec 20 12:14:51 proxy racoon: DEBUG: compute IV for phase2
Dec 20 12:14:51 proxy racoon: DEBUG: phase1 last IV:
Dec 20 12:14:51 proxy racoon: DEBUG: 9e88afc8 f154547f 8249b08e
Dec 20 12:14:51 proxy racoon: DEBUG: hash(sha1)
Dec 20 12:14:51 proxy racoon: DEBUG: encryption(3des)
Dec 20 12:14:51 proxy racoon: DEBUG: phase2 IV computed:
Dec 20 12:14:51 proxy racoon: DEBUG: 2612a69a 831e94ea
Dec 20 12:14:51 proxy racoon: DEBUG: HASH with:
Dec 20 12:14:51 proxy racoon: DEBUG: 8249b08e 0000000c 00000001 0100000e
Dec 20 12:14:51 proxy racoon: DEBUG: hmac(hmac_sha1)
Dec 20 12:14:51 proxy racoon: DEBUG: HASH computed:
Dec 20 12:14:51 proxy racoon: DEBUG: 247549ca f00c9d0d 848275e3 10c763be 2a1ab93f
Dec 20 12:14:51 proxy racoon: DEBUG: begin encryption.
Dec 20 12:14:51 proxy racoon: DEBUG: encryption(3des)
Dec 20 12:14:51 proxy racoon: DEBUG: pad length = 4
Dec 20 12:14:51 proxy racoon: DEBUG: 0b000018 247549ca f00c9d0d 848275e3 10c763be 2a1ab93f 0000000c 00000001 0100000e 00000004
Dec 20 12:14:51 proxy racoon: DEBUG: encryption(3des)
Dec 20 12:14:51 proxy racoon: DEBUG: with key:
Dec 20 12:14:51 proxy racoon: DEBUG: 6d1961b4 215951d7 01c1eddc 21cf45fa 59094492 66febc63
Dec 20 12:14:51 proxy racoon: DEBUG: encrypted payload by IV:
Dec 20 12:14:51 proxy racoon: DEBUG: 2612a69a 831e94ea
Dec 20 12:14:51 proxy racoon: DEBUG: save IV for next:
Dec 20 12:14:51 proxy racoon: DEBUG: 9adbf3a5 433350c2
Dec 20 12:14:51 proxy racoon: DEBUG: encrypted.
Dec 20 12:14:51 proxy racoon: DEBUG: Adding NON-ESP marker
Dec 20 12:14:51 proxy racoon: DEBUG: 72 bytes from XXX.XXX.XXX.XXX[4500] to YYY.YYY.YYY.YYY[4500]
Dec 20 12:14:51 proxy racoon: DEBUG: sockname XXX.XXX.XXX.XXX[4500]
Dec 20 12:14:51 proxy racoon: DEBUG: send packet from XXX.XXX.XXX.XXX[4500]
Dec 20 12:14:51 proxy racoon: DEBUG: send packet to YYY.YYY.YYY.YYY[4500]
Dec 20 12:14:51 proxy racoon: DEBUG: 1 times of 72 bytes message will be sent to YYY.YYY.YYY.YYY[4500]
Dec 20 12:14:51 proxy racoon: DEBUG: 00000000 fa6975cc b8108e36 2ec90ca9 82855fc3 08100501 8249b08e 00000044 fc84f0ef da16e6df b03e4b0b 73b549c6 763a8497 d7bdf8ae 51f62ef8 acdaa62b 9adbf3a5 433350c2
Dec 20 12:14:51 proxy racoon: DEBUG: sendto Information notify.
Dec 20 12:14:51 proxy racoon: DEBUG: IV freed
Dec 20 12:14:51 proxy racoon: DEBUG: sub:0xbfbfe37c: 192.168.1.130/32[1701] XXX.XXX.XXX.XXX/32[1701] proto=udp dir=in
Dec 20 12:14:51 proxy racoon: DEBUG: db :0x28547148: 0.0.0.0/0[0] XXX.XXX.XXX.XXX/32[1701] proto=udp dir=in
Dec 20 12:14:51 proxy racoon: DEBUG: sub:0xbfbfe37c: 192.168.1.130/32[1701] XXX.XXX.XXX.XXX/32[1701] proto=udp dir=in
Dec 20 12:14:51 proxy racoon: DEBUG: db :0x285473c8: XXX.XXX.XXX.XXX/32[1701] 0.0.0.0/0[0] proto=udp dir=out
Dec 20 12:14:51 proxy racoon: DEBUG: sub:0xbfbfe37c: XXX.XXX.XXX.XXX/32[1701] 192.168.1.130/32[1701] proto=udp dir=out
Dec 20 12:14:51 proxy racoon: DEBUG: db :0x28547148: 0.0.0.0/0[0] XXX.XXX.XXX.XXX/32[1701] proto=udp dir=in
Dec 20 12:14:51 proxy racoon: DEBUG: sub:0xbfbfe37c: XXX.XXX.XXX.XXX/32[1701] 192.168.1.130/32[1701] proto=udp dir=out
Dec 20 12:14:51 proxy racoon: DEBUG: db :0x285473c8: XXX.XXX.XXX.XXX/32[1701] 0.0.0.0/0[0] proto=udp dir=out
Dec 20 12:14:51 proxy racoon: DEBUG: IV freed
Dec 20 12:14:52 proxy racoon: DEBUG: KA: XXX.XXX.XXX.XXX[4500]->YYY.YYY.YYY.YYY[4500]
Dec 20 12:14:52 proxy racoon: DEBUG: sockname XXX.XXX.XXX.XXX[4500]
Dec 20 12:14:52 proxy racoon: DEBUG: send packet from XXX.XXX.XXX.XXX[4500]
Dec 20 12:14:52 proxy racoon: DEBUG: send packet to YYY.YYY.YYY.YYY[4500]
Dec 20 12:14:52 proxy racoon: DEBUG: 1 times of 1 bytes message will be sent to YYY.YYY.YYY.YYY[4500]
Dec 20 12:14:52 proxy racoon: DEBUG: ff
Dec 20 12:14:55 proxy racoon: DEBUG: ===
Dec 20 12:14:55 proxy racoon: DEBUG: 220 bytes message received from YYY.YYY.YYY.YYY[4500] to XXX.XXX.XXX.XXX[4500]
Dec 20 12:14:55 proxy racoon: DEBUG: fa6975cc b8108e36 2ec90ca9 82855fc3 08102001 00000001 000000dc f845f1d9 6a295096 0aa7c111 178fd0e8 c7bb991a 73a31f4c dca1e0e7 537170e9 5e8ea52c ab10c942 4469f83d c7a03df0 50925b26 927ff53a b86011b8 ac0f3f35 8907163e f26bb738 6769158b 55359b6c 740026bb afa93173 58b4c3d5 4701e50b 12b07a18 c8840b4c cb486257 93ed30f3 b5a3eb57 b6a47414 c6c28f49 bd8d7441 4be4f1af 7923e9d9 a923a4a9 df2cf431 bcdc0c75 e45dccbb d9aecc0c 31ec2df0 996a3e25 1ec0fa25 a3d7e48c 3b7f94e4 96df481d 209eb356 350e8b12 c14b0199
Dec 20 12:14:55 proxy racoon: DEBUG: compute IV for phase2
Dec 20 12:14:55 proxy racoon: DEBUG: phase1 last IV:
Dec 20 12:14:55 proxy racoon: DEBUG: 9e88afc8 f154547f 00000001
Dec 20 12:14:55 proxy racoon: DEBUG: hash(sha1)
Dec 20 12:14:55 proxy racoon: DEBUG: encryption(3des)
Dec 20 12:14:55 proxy racoon: DEBUG: phase2 IV computed:
Dec 20 12:14:55 proxy racoon: DEBUG: cb9f45f5 0af2a3a4
Dec 20 12:14:55 proxy racoon: DEBUG: ===
Dec 20 12:14:55 proxy racoon: INFO: respond new phase 2 negotiation: XXX.XXX.XXX.XXX[4500]<=>YYY.YYY.YYY.YYY[4500]
Dec 20 12:14:55 proxy racoon: DEBUG: begin decryption.
Dec 20 12:14:55 proxy racoon: DEBUG: encryption(3des)
Dec 20 12:14:55 proxy racoon: DEBUG: IV was saved for next processing:
Dec 20 12:14:55 proxy racoon: DEBUG: 350e8b12 c14b0199
Dec 20 12:14:55 proxy racoon: DEBUG: encryption(3des)
Dec 20 12:14:55 proxy racoon: DEBUG: with key:
Dec 20 12:14:55 proxy racoon: DEBUG: 6d1961b4 215951d7 01c1eddc 21cf45fa 59094492 66febc63
Dec 20 12:14:55 proxy racoon: DEBUG: decrypted payload by IV:
Dec 20 12:14:55 proxy racoon: DEBUG: cb9f45f5 0af2a3a4
Dec 20 12:14:55 proxy racoon: DEBUG: decrypted payload, but not trimed.
Dec 20 12:14:55 proxy racoon: DEBUG: 01000018 e01f51db 8ee2ea30 624ac805 6b2fa347 dfedaf7b 0a000040 00000001 00000001 00000034 01030401 f591bc4d 00000028 010b0000 80040004 80050002 80010001 00020004 00000e10 80010002 00020004 0003d090 05000034 f8734eb1 cf2dfbb5 ec7e1ec7 c039ba83 a8e2e395 29436515 2101946c badb4cd1 ef32483a 96b9f8ec 503e3950 84c11db5 0500000c 011106a5 c0a80182 1500000c 011106a5 d5a08b84 1500000c 01000000 c0a80182 0000000c 01000000 d5a08b84 00000000
Dec 20 12:14:55 proxy racoon: DEBUG: padding len=0
Dec 20 12:14:55 proxy racoon: DEBUG: skip to trim padding.
Dec 20 12:14:55 proxy racoon: DEBUG: decrypted.
Dec 20 12:14:55 proxy racoon: DEBUG: fa6975cc b8108e36 2ec90ca9 82855fc3 08102001 00000001 000000dc 01000018 e01f51db 8ee2ea30 624ac805 6b2fa347 dfedaf7b 0a000040 00000001 00000001 00000034 01030401 f591bc4d 00000028 010b0000 80040004 80050002 80010001 00020004 00000e10 80010002 00020004 0003d090 05000034 f8734eb1 cf2dfbb5 ec7e1ec7 c039ba83 a8e2e395 29436515 2101946c badb4cd1 ef32483a 96b9f8ec 503e3950 84c11db5 0500000c 011106a5 c0a80182 1500000c 011106a5 d5a08b84 1500000c 01000000 c0a80182 0000000c 01000000 d5a08b84 00000000
Dec 20 12:14:55 proxy racoon: DEBUG: begin.
Dec 20 12:14:55 proxy racoon: DEBUG: seen nptype=8(hash)
Dec 20 12:14:55 proxy racoon: DEBUG: seen nptype=1(sa)
Dec 20 12:14:55 proxy racoon: DEBUG: seen nptype=10(nonce)
Dec 20 12:14:55 proxy racoon: DEBUG: seen nptype=5(id)
Dec 20 12:14:55 proxy racoon: DEBUG: seen nptype=5(id)
Dec 20 12:14:55 proxy racoon: DEBUG: seen nptype=21(nat-oa)
Dec 20 12:14:55 proxy racoon: DEBUG: seen nptype=21(nat-oa)
Dec 20 12:14:55 proxy racoon: DEBUG: succeed.
Dec 20 12:14:55 proxy racoon: DEBUG: received IDci2:
Dec 20 12:14:55 proxy racoon: DEBUG: 011106a5 c0a80182
Dec 20 12:14:55 proxy racoon: DEBUG: received IDcr2:
Dec 20 12:14:55 proxy racoon: DEBUG: 011106a5 d5a08b84
Dec 20 12:14:55 proxy racoon: DEBUG: HASH(1) validate:
Dec 20 12:14:55 proxy racoon: DEBUG: e01f51db 8ee2ea30 624ac805 6b2fa347 dfedaf7b
Dec 20 12:14:55 proxy racoon: DEBUG: HASH with:
Dec 20 12:14:55 proxy racoon: DEBUG: 00000001 0a000040 00000001 00000001 00000034 01030401 f591bc4d 00000028 010b0000 80040004 80050002 80010001 00020004 00000e10 80010002 00020004 0003d090 05000034 f8734eb1 cf2dfbb5 ec7e1ec7 c039ba83 a8e2e395 29436515 2101946c badb4cd1 ef32483a 96b9f8ec 503e3950 84c11db5 0500000c 011106a5 c0a80182 1500000c 011106a5 d5a08b84 1500000c 01000000 c0a80182 0000000c 01000000 d5a08b84
Dec 20 12:14:55 proxy racoon: DEBUG: hmac(hmac_sha1)
Dec 20 12:14:55 proxy racoon: DEBUG: HASH computed:
Dec 20 12:14:55 proxy racoon: DEBUG: e01f51db 8ee2ea30 624ac805 6b2fa347 dfedaf7b
Dec 20 12:14:55 proxy racoon: DEBUG: getsainfo params: loc='XXX.XXX.XXX.XXX' rmt='192.168.1.130' peer='192.168.1.130' client='YYY.YYY.YYY.YYY' id=0
Dec 20 12:14:55 proxy racoon: DEBUG: evaluating sainfo: loc='ANONYMOUS', rmt='ANONYMOUS', peer='ANY', id=0
Dec 20 12:14:55 proxy racoon: DEBUG: check and compare ids : values matched (ANONYMOUS)
Dec 20 12:14:55 proxy racoon: DEBUG: check and compare ids : values matched (ANONYMOUS)
Dec 20 12:14:55 proxy racoon: DEBUG: selected sainfo: loc='ANONYMOUS', rmt='ANONYMOUS', peer='ANY', id=0
Dec 20 12:14:55 proxy racoon: DEBUG: Either family (2 - 2), types (1 - 1) of ID from initiator differ or matching sainfo has no id_i defined for the peer. Not filling iph2->sa_src and iph2->sa_dst.
Dec 20 12:14:55 proxy racoon: DEBUG: get src address from ID payload 192.168.1.130[1701] prefixlen=32 ul_proto=17
Dec 20 12:14:55 proxy racoon: DEBUG: get dst address from ID payload XXX.XXX.XXX.XXX[1701] prefixlen=32 ul_proto=17
Dec 20 12:14:55 proxy racoon: DEBUG: sub:0xbfbfe2a4: 192.168.1.130/32[1701] XXX.XXX.XXX.XXX/32[1701] proto=udp dir=in
Dec 20 12:14:55 proxy racoon: DEBUG: db :0x28547148: 0.0.0.0/0[0] XXX.XXX.XXX.XXX/32[1701] proto=udp dir=in
Dec 20 12:14:55 proxy racoon: DEBUG: sub:0xbfbfe2a4: 192.168.1.130/32[1701] XXX.XXX.XXX.XXX/32[1701] proto=udp dir=in
Dec 20 12:14:55 proxy racoon: DEBUG: db: 0x28547148: 0.0.0.0/0[0] XXX.XXX.XXX.XXX/32[1701] proto=udp dir=in
Dec 20 12:14:55 proxy racoon: DEBUG: 0xbfbfe2a4 masked with /0: 0.0.0.0[1701]
Dec 20 12:14:55 proxy racoon: DEBUG: 0x28547148 masked with /0: 0.0.0.0[0]
Dec 20 12:14:55 proxy racoon: DEBUG: 0xbfbfe2a4 masked with /32: XXX.XXX.XXX.XXX[1701]
Dec 20 12:14:55 proxy racoon: DEBUG: 0x28547148 masked with /32: XXX.XXX.XXX.XXX[1701]
Dec 20 12:14:55 proxy racoon: DEBUG: sub:0xbfbfe2a4: 192.168.1.130/32[1701] XXX.XXX.XXX.XXX/32[1701] proto=udp dir=in
Dec 20 12:14:55 proxy racoon: DEBUG: db :0x285473c8: XXX.XXX.XXX.XXX/32[1701] 0.0.0.0/0[0] proto=udp dir=out
Dec 20 12:14:55 proxy racoon: INFO: Update the generated policy : 192.168.1.130/32[1701] XXX.XXX.XXX.XXX/32[1701] proto=udp dir=in
Dec 20 12:14:55 proxy racoon: DEBUG: sub:0xbfbfe2a4: XXX.XXX.XXX.XXX/32[1701] 192.168.1.130/32[1701] proto=udp dir=out
Dec 20 12:14:55 proxy racoon: DEBUG: db :0x28547148: 0.0.0.0/0[0] XXX.XXX.XXX.XXX/32[1701] proto=udp dir=in
Dec 20 12:14:55 proxy racoon: DEBUG: sub:0xbfbfe2a4: XXX.XXX.XXX.XXX/32[1701] 192.168.1.130/32[1701] proto=udp dir=out
Dec 20 12:14:55 proxy racoon: DEBUG: db: 0x28547148: 0.0.0.0/0[0] XXX.XXX.XXX.XXX/32[1701] proto=udp dir=in
Dec 20 12:14:55 proxy racoon: DEBUG: sub:0xbfbfe2a4: XXX.XXX.XXX.XXX/32[1701] 192.168.1.130/32[1701] proto=udp dir=out
Dec 20 12:14:55 proxy racoon: DEBUG: db :0x285473c8: XXX.XXX.XXX.XXX/32[1701] 0.0.0.0/0[0] proto=udp dir=out
Dec 20 12:14:55 proxy racoon: DEBUG: sub:0xbfbfe2a4: XXX.XXX.XXX.XXX/32[1701] 192.168.1.130/32[1701] proto=udp dir=out
Dec 20 12:14:55 proxy racoon: DEBUG: db: 0x285473c8: XXX.XXX.XXX.XXX/32[1701] 0.0.0.0/0[0] proto=udp dir=out
Dec 20 12:14:55 proxy racoon: DEBUG: 0xbfbfe2a4 masked with /32: XXX.XXX.XXX.XXX[1701]
Dec 20 12:14:55 proxy racoon: DEBUG: 0x285473c8 masked with /32: XXX.XXX.XXX.XXX[1701]
Dec 20 12:14:55 proxy racoon: DEBUG: 0xbfbfe2a4 masked with /0: 0.0.0.0[1701]
Dec 20 12:14:55 proxy racoon: DEBUG: 0x285473c8 masked with /0: 0.0.0.0[0]
Dec 20 12:14:55 proxy racoon: DEBUG: suitable SP found:XXX.XXX.XXX.XXX/32[1701] 192.168.1.130/32[1701] proto=udp dir=out
Dec 20 12:14:55 proxy racoon: DEBUG: (proto_id=ESP spisize=4 spi=00000000 spi_p=00000000 encmode=UDP-Transport reqid=0:0)
Dec 20 12:14:55 proxy racoon: DEBUG: (trns_id=3DES encklen=0 authtype=hmac-md5)
Dec 20 12:14:55 proxy racoon: DEBUG: (trns_id=3DES encklen=0 authtype=hmac-sha)
Dec 20 12:14:55 proxy racoon: DEBUG: total SA len=60
Dec 20 12:14:55 proxy racoon: DEBUG: 00000001 00000001 00000034 01030401 f591bc4d 00000028 010b0000 80040004 80050002 80010001 00020004 00000e10 80010002 00020004 0003d090
Dec 20 12:14:55 proxy racoon: DEBUG: begin.
Dec 20 12:14:55 proxy racoon: DEBUG: seen nptype=2(prop)
Dec 20 12:14:55 proxy racoon: DEBUG: succeed.
Dec 20 12:14:55 proxy racoon: DEBUG: proposal #1 len=52
Dec 20 12:14:55 proxy racoon: DEBUG: begin.
Dec 20 12:14:55 proxy racoon: DEBUG: seen nptype=3(trns)
Dec 20 12:14:55 proxy racoon: DEBUG: succeed.
Dec 20 12:14:55 proxy racoon: DEBUG: transform #1 len=40
Dec 20 12:14:55 proxy racoon: DEBUG: type=Encryption Mode, flag=0x8000, lorv=UDP-Transport
Dec 20 12:14:55 proxy racoon: DEBUG: UDP encapsulation requested
Dec 20 12:14:55 proxy racoon: DEBUG: type=Authentication Algorithm, flag=0x8000, lorv=hmac-sha
Dec 20 12:14:55 proxy racoon: DEBUG: type=SA Life Type, flag=0x8000, lorv=seconds
Dec 20 12:14:55 proxy racoon: DEBUG: type=SA Life Duration, flag=0x0000, lorv=4
Dec 20 12:14:55 proxy racoon: DEBUG: type=SA Life Type, flag=0x8000, lorv=kilobytes
Dec 20 12:14:55 proxy racoon: DEBUG: type=SA Life Duration, flag=0x0000, lorv=4
Dec 20 12:14:55 proxy racoon: DEBUG: pair 1:
Dec 20 12:14:55 proxy racoon: DEBUG: 0x28517510: next=0x0 tnext=0x0
Dec 20 12:14:55 proxy racoon: DEBUG: proposal #1: 1 transform
Dec 20 12:14:55 proxy racoon: DEBUG: begin compare proposals.
Dec 20 12:14:55 proxy racoon: DEBUG: pair[1]: 0x28517510
Dec 20 12:14:55 proxy racoon: DEBUG: 0x28517510: next=0x0 tnext=0x0
Dec 20 12:14:55 proxy racoon: DEBUG: prop#=1 prot-id=ESP spi-size=4 #trns=1 trns#=1 trns-id=NULL
Dec 20 12:14:55 proxy racoon: DEBUG: type=Encryption Mode, flag=0x8000, lorv=UDP-Transport
Dec 20 12:14:55 proxy racoon: DEBUG: type=Authentication Algorithm, flag=0x8000, lorv=hmac-sha
Dec 20 12:14:55 proxy racoon: DEBUG: type=SA Life Type, flag=0x8000, lorv=seconds
Dec 20 12:14:55 proxy racoon: DEBUG: type=SA Life Duration, flag=0x0000, lorv=4
Dec 20 12:14:55 proxy racoon: DEBUG: type=SA Life Type, flag=0x8000, lorv=kilobytes
Dec 20 12:14:55 proxy racoon: DEBUG: type=SA Life Duration, flag=0x0000, lorv=4
Dec 20 12:14:55 proxy racoon: DEBUG: peer's single bundle:
Dec 20 12:14:55 proxy racoon: DEBUG: (proto_id=ESP spisize=4 spi=f591bc4d spi_p=00000000 encmode=UDP-Transport reqid=0:0)
Dec 20 12:14:55 proxy racoon: DEBUG: (trns_id=NULL encklen=0 authtype=hmac-sha)
Dec 20 12:14:55 proxy racoon: DEBUG: my single bundle:
Dec 20 12:14:55 proxy racoon: DEBUG: (proto_id=ESP spisize=4 spi=00000000 spi_p=00000000 encmode=UDP-Transport reqid=0:0)
Dec 20 12:14:55 proxy racoon: DEBUG: (trns_id=3DES encklen=0 authtype=hmac-md5)
Dec 20 12:14:55 proxy racoon: DEBUG: (trns_id=3DES encklen=0 authtype=hmac-sha)
Dec 20 12:14:55 proxy racoon: INFO: Adjusting my encmode UDP-Transport->Transport
Dec 20 12:14:55 proxy racoon: INFO: Adjusting peer's encmode UDP-Transport(4)->Transport(2)
Dec 20 12:14:55 proxy racoon: WARNING: trns_id mismatched: my:3DES peer:NULL
Dec 20 12:14:55 proxy racoon: WARNING: trns_id mismatched: my:3DES peer:NULL
Dec 20 12:14:55 proxy racoon: ERROR: not matched
Dec 20 12:14:55 proxy racoon: ERROR: no suitable policy found.
Dec 20 12:14:55 proxy racoon: [YYY.YYY.YYY.YYY] ERROR: no proposal chosen.
Dec 20 12:14:55 proxy racoon: [YYY.YYY.YYY.YYY] ERROR: failed to pre-process ph2 packet (side: 1, status: 1).
Dec 20 12:14:55 proxy racoon: DEBUG: compute IV for phase2
Dec 20 12:14:55 proxy racoon: DEBUG: phase1 last IV:
Dec 20 12:14:55 proxy racoon: DEBUG: 9e88afc8 f154547f c2d3ce93
Dec 20 12:14:55 proxy racoon: DEBUG: hash(sha1)
Dec 20 12:14:55 proxy racoon: DEBUG: encryption(3des)
Dec 20 12:14:55 proxy racoon: DEBUG: phase2 IV computed:
Dec 20 12:14:55 proxy racoon: DEBUG: 3935a77e 537cb3b7
Dec 20 12:14:55 proxy racoon: DEBUG: HASH with:
Dec 20 12:14:55 proxy racoon: DEBUG: c2d3ce93 0000000c 00000001 0100000e
Dec 20 12:14:55 proxy racoon: DEBUG: hmac(hmac_sha1)
Dec 20 12:14:55 proxy racoon: DEBUG: HASH computed:
Dec 20 12:14:55 proxy racoon: DEBUG: fa98730f 88e30edc bb3b9819 af692547 1d1d6c14
Dec 20 12:14:55 proxy racoon: DEBUG: begin encryption.
Dec 20 12:14:55 proxy racoon: DEBUG: encryption(3des)
Dec 20 12:14:55 proxy racoon: DEBUG: pad length = 4
Dec 20 12:14:55 proxy racoon: DEBUG: 0b000018 fa98730f 88e30edc bb3b9819 af692547 1d1d6c14 0000000c 00000001 0100000e 00000004
Dec 20 12:14:55 proxy racoon: DEBUG: encryption(3des)
Dec 20 12:14:55 proxy racoon: DEBUG: with key:
Dec 20 12:14:55 proxy racoon: DEBUG: 6d1961b4 215951d7 01c1eddc 21cf45fa 59094492 66febc63
Dec 20 12:14:55 proxy racoon: DEBUG: encrypted payload by IV:
Dec 20 12:14:55 proxy racoon: DEBUG: 3935a77e 537cb3b7
Dec 20 12:14:55 proxy racoon: DEBUG: save IV for next:
Dec 20 12:14:55 proxy racoon: DEBUG: 4401e427 61e4a7ea
Dec 20 12:14:55 proxy racoon: DEBUG: encrypted.
Dec 20 12:14:55 proxy racoon: DEBUG: Adding NON-ESP marker
Dec 20 12:14:55 proxy racoon: DEBUG: 72 bytes from XXX.XXX.XXX.XXX[4500] to YYY.YYY.YYY.YYY[4500]
Dec 20 12:14:55 proxy racoon: DEBUG: sockname XXX.XXX.XXX.XXX[4500]
Dec 20 12:14:55 proxy racoon: DEBUG: send packet from XXX.XXX.XXX.XXX[4500]
Dec 20 12:14:55 proxy racoon: DEBUG: send packet to YYY.YYY.YYY.YYY[4500]
Dec 20 12:14:55 proxy racoon: DEBUG: 1 times of 72 bytes message will be sent to YYY.YYY.YYY.YYY[4500]
Dec 20 12:14:55 proxy racoon: DEBUG: 00000000 fa6975cc b8108e36 2ec90ca9 82855fc3 08100501 c2d3ce93 00000044 7a68d153 09bdb8a4 3acbfe28 0bf0243d 23d98654 3ceb2535 9941f7fb d957fec9 4401e427 61e4a7ea
Dec 20 12:14:55 proxy racoon: DEBUG: sendto Information notify.
Dec 20 12:14:55 proxy racoon: DEBUG: IV freed
Dec 20 12:14:55 proxy racoon: DEBUG: sub:0xbfbfe37c: 192.168.1.130/32[1701] XXX.XXX.XXX.XXX/32[1701] proto=udp dir=in
Dec 20 12:14:55 proxy racoon: DEBUG: db :0x28547148: 0.0.0.0/0[0] XXX.XXX.XXX.XXX/32[1701] proto=udp dir=in
Dec 20 12:14:55 proxy racoon: DEBUG: sub:0xbfbfe37c: 192.168.1.130/32[1701] XXX.XXX.XXX.XXX/32[1701] proto=udp dir=in
Dec 20 12:14:55 proxy racoon: DEBUG: db :0x285473c8: XXX.XXX.XXX.XXX/32[1701] 0.0.0.0/0[0] proto=udp dir=out
Dec 20 12:14:55 proxy racoon: DEBUG: sub:0xbfbfe37c: XXX.XXX.XXX.XXX/32[1701] 192.168.1.130/32[1701] proto=udp dir=out
Dec 20 12:14:55 proxy racoon: DEBUG: db :0x28547148: 0.0.0.0/0[0] XXX.XXX.XXX.XXX/32[1701] proto=udp dir=in
Dec 20 12:14:55 proxy racoon: DEBUG: sub:0xbfbfe37c: XXX.XXX.XXX.XXX/32[1701] 192.168.1.130/32[1701] proto=udp dir=out
Dec 20 12:14:55 proxy racoon: DEBUG: db :0x285473c8: XXX.XXX.XXX.XXX/32[1701] 0.0.0.0/0[0] proto=udp dir=out
Dec 20 12:14:55 proxy racoon: DEBUG: IV freed
Dec 20 12:15:02 proxy racoon: DEBUG: KA: XXX.XXX.XXX.XXX[4500]->YYY.YYY.YYY.YYY[4500]
Dec 20 12:15:02 proxy racoon: DEBUG: sockname XXX.XXX.XXX.XXX[4500]
Dec 20 12:15:02 proxy racoon: DEBUG: send packet from XXX.XXX.XXX.XXX[4500]
Dec 20 12:15:02 proxy racoon: DEBUG: send packet to YYY.YYY.YYY.YYY[4500]
Dec 20 12:15:02 proxy racoon: DEBUG: 1 times of 1 bytes message will be sent to YYY.YYY.YYY.YYY[4500]
Dec 20 12:15:02 proxy racoon: DEBUG: ff
Dec 20 12:15:03 proxy racoon: DEBUG: ===
Dec 20 12:15:03 proxy racoon: DEBUG: 220 bytes message received from YYY.YYY.YYY.YYY[4500] to XXX.XXX.XXX.XXX[4500]
Dec 20 12:15:03 proxy racoon: DEBUG: fa6975cc b8108e36 2ec90ca9 82855fc3 08102001 00000001 000000dc f845f1d9 6a295096 0aa7c111 178fd0e8 c7bb991a 73a31f4c dca1e0e7 537170e9 5e8ea52c ab10c942 4469f83d c7a03df0 50925b26 927ff53a b86011b8 ac0f3f35 8907163e f26bb738 6769158b 55359b6c 740026bb afa93173 58b4c3d5 4701e50b 12b07a18 c8840b4c cb486257 93ed30f3 b5a3eb57 b6a47414 c6c28f49 bd8d7441 4be4f1af 7923e9d9 a923a4a9 df2cf431 bcdc0c75 e45dccbb d9aecc0c 31ec2df0 996a3e25 1ec0fa25 a3d7e48c 3b7f94e4 96df481d 209eb356 350e8b12 c14b0199
Dec 20 12:15:03 proxy racoon: DEBUG: compute IV for phase2
Dec 20 12:15:03 proxy racoon: DEBUG: phase1 last IV:
Dec 20 12:15:03 proxy racoon: DEBUG: 9e88afc8 f154547f 00000001
Dec 20 12:15:03 proxy racoon: DEBUG: hash(sha1)
Dec 20 12:15:03 proxy racoon: DEBUG: encryption(3des)
Dec 20 12:15:03 proxy racoon: DEBUG: phase2 IV computed:
Dec 20 12:15:03 proxy racoon: DEBUG: cb9f45f5 0af2a3a4
Dec 20 12:15:03 proxy racoon: DEBUG: ===
Dec 20 12:15:03 proxy racoon: INFO: respond new phase 2 negotiation: XXX.XXX.XXX.XXX[4500]<=>YYY.YYY.YYY.YYY[4500]
Dec 20 12:15:03 proxy racoon: DEBUG: begin decryption.
Dec 20 12:15:03 proxy racoon: DEBUG: encryption(3des)
Dec 20 12:15:03 proxy racoon: DEBUG: IV was saved for next processing:
Dec 20 12:15:03 proxy racoon: DEBUG: 350e8b12 c14b0199
Dec 20 12:15:03 proxy racoon: DEBUG: encryption(3des)
Dec 20 12:15:03 proxy racoon: DEBUG: with key:
Dec 20 12:15:03 proxy racoon: DEBUG: 6d1961b4 215951d7 01c1eddc 21cf45fa 59094492 66febc63
Dec 20 12:15:03 proxy racoon: DEBUG: decrypted payload by IV:
Dec 20 12:15:03 proxy racoon: DEBUG: cb9f45f5 0af2a3a4
Dec 20 12:15:03 proxy racoon: DEBUG: decrypted payload, but not trimed.
Dec 20 12:15:03 proxy racoon: DEBUG: 01000018 e01f51db 8ee2ea30 624ac805 6b2fa347 dfedaf7b 0a000040 00000001 00000001 00000034 01030401 f591bc4d 00000028 010b0000 80040004 80050002 80010001 00020004 00000e10 80010002 00020004 0003d090 05000034 f8734eb1 cf2dfbb5 ec7e1ec7 c039ba83 a8e2e395 29436515 2101946c badb4cd1 ef32483a 96b9f8ec 503e3950 84c11db5 0500000c 011106a5 c0a80182 1500000c 011106a5 d5a08b84 1500000c 01000000 c0a80182 0000000c 01000000 d5a08b84 00000000
Dec 20 12:15:03 proxy racoon: DEBUG: padding len=0
Dec 20 12:15:03 proxy racoon: DEBUG: skip to trim padding.
Dec 20 12:15:03 proxy racoon: DEBUG: decrypted.
Dec 20 12:15:03 proxy racoon: DEBUG: fa6975cc b8108e36 2ec90ca9 82855fc3 08102001 00000001 000000dc 01000018 e01f51db 8ee2ea30 624ac805 6b2fa347 dfedaf7b 0a000040 00000001 00000001 00000034 01030401 f591bc4d 00000028 010b0000 80040004 80050002 80010001 00020004 00000e10 80010002 00020004 0003d090 05000034 f8734eb1 cf2dfbb5 ec7e1ec7 c039ba83 a8e2e395 29436515 2101946c badb4cd1 ef32483a 96b9f8ec 503e3950 84c11db5 0500000c 011106a5 c0a80182 1500000c 011106a5 d5a08b84 1500000c 01000000 c0a80182 0000000c 01000000 d5a08b84 00000000
Dec 20 12:15:03 proxy racoon: DEBUG: begin.
Dec 20 12:15:03 proxy racoon: DEBUG: seen nptype=8(hash)
Dec 20 12:15:03 proxy racoon: DEBUG: seen nptype=1(sa)
Dec 20 12:15:03 proxy racoon: DEBUG: seen nptype=10(nonce)
Dec 20 12:15:03 proxy racoon: DEBUG: seen nptype=5(id)
Dec 20 12:15:03 proxy racoon: DEBUG: seen nptype=5(id)
Dec 20 12:15:03 proxy racoon: DEBUG: seen nptype=21(nat-oa)
Dec 20 12:15:03 proxy racoon: DEBUG: seen nptype=21(nat-oa)
Dec 20 12:15:03 proxy racoon: DEBUG: succeed.
Dec 20 12:15:03 proxy racoon: DEBUG: received IDci2:
Dec 20 12:15:03 proxy racoon: DEBUG: 011106a5 c0a80182
Dec 20 12:15:03 proxy racoon: DEBUG: received IDcr2:
Dec 20 12:15:03 proxy racoon: DEBUG: 011106a5 d5a08b84
Dec 20 12:15:03 proxy racoon: DEBUG: HASH(1) validate:
Dec 20 12:15:03 proxy racoon: DEBUG: e01f51db 8ee2ea30 624ac805 6b2fa347 dfedaf7b
Dec 20 12:15:03 proxy racoon: DEBUG: HASH with:
Dec 20 12:15:03 proxy racoon: DEBUG: 00000001 0a000040 00000001 00000001 00000034 01030401 f591bc4d 00000028 010b0000 80040004 80050002 80010001 00020004 00000e10 80010002 00020004 0003d090 05000034 f8734eb1 cf2dfbb5 ec7e1ec7 c039ba83 a8e2e395 29436515 2101946c badb4cd1 ef32483a 96b9f8ec 503e3950 84c11db5 0500000c 011106a5 c0a80182 1500000c 011106a5 d5a08b84 1500000c 01000000 c0a80182 0000000c 01000000 d5a08b84
Dec 20 12:15:03 proxy racoon: DEBUG: hmac(hmac_sha1)
Dec 20 12:15:03 proxy racoon: DEBUG: HASH computed:
Dec 20 12:15:03 proxy racoon: DEBUG: e01f51db 8ee2ea30 624ac805 6b2fa347 dfedaf7b
Dec 20 12:15:03 proxy racoon: DEBUG: getsainfo params: loc='XXX.XXX.XXX.XXX' rmt='192.168.1.130' peer='192.168.1.130' client='YYY.YYY.YYY.YYY' id=0
Dec 20 12:15:03 proxy racoon: DEBUG: evaluating sainfo: loc='ANONYMOUS', rmt='ANONYMOUS', peer='ANY', id=0
Dec 20 12:15:03 proxy racoon: DEBUG: check and compare ids : values matched (ANONYMOUS)
Dec 20 12:15:03 proxy racoon: DEBUG: check and compare ids : values matched (ANONYMOUS)
Dec 20 12:15:03 proxy racoon: DEBUG: selected sainfo: loc='ANONYMOUS', rmt='ANONYMOUS', peer='ANY', id=0
Dec 20 12:15:03 proxy racoon: DEBUG: Either family (2 - 2), types (1 - 1) of ID from initiator differ or matching sainfo has no id_i defined for the peer. Not filling iph2->sa_src and iph2->sa_dst.
Dec 20 12:15:03 proxy racoon: DEBUG: get src address from ID payload 192.168.1.130[1701] prefixlen=32 ul_proto=17
Dec 20 12:15:03 proxy racoon: DEBUG: get dst address from ID payload XXX.XXX.XXX.XXX[1701] prefixlen=32 ul_proto=17
Dec 20 12:15:03 proxy racoon: DEBUG: sub:0xbfbfe2a4: 192.168.1.130/32[1701] XXX.XXX.XXX.XXX/32[1701] proto=udp dir=in
Dec 20 12:15:03 proxy racoon: DEBUG: db :0x28547148: 0.0.0.0/0[0] XXX.XXX.XXX.XXX/32[1701] proto=udp dir=in
Dec 20 12:15:03 proxy racoon: DEBUG: sub:0xbfbfe2a4: 192.168.1.130/32[1701] XXX.XXX.XXX.XXX/32[1701] proto=udp dir=in
Dec 20 12:15:03 proxy racoon: DEBUG: db: 0x28547148: 0.0.0.0/0[0] XXX.XXX.XXX.XXX/32[1701] proto=udp dir=in
Dec 20 12:15:03 proxy racoon: DEBUG: 0xbfbfe2a4 masked with /0: 0.0.0.0[1701]
Dec 20 12:15:03 proxy racoon: DEBUG: 0x28547148 masked with /0: 0.0.0.0[0]
Dec 20 12:15:03 proxy racoon: DEBUG: 0xbfbfe2a4 masked with /32: XXX.XXX.XXX.XXX[1701]
Dec 20 12:15:03 proxy racoon: DEBUG: 0x28547148 masked with /32: XXX.XXX.XXX.XXX[1701]
Dec 20 12:15:03 proxy racoon: DEBUG: sub:0xbfbfe2a4: 192.168.1.130/32[1701] XXX.XXX.XXX.XXX/32[1701] proto=udp dir=in
Dec 20 12:15:03 proxy racoon: DEBUG: db :0x285473c8: XXX.XXX.XXX.XXX/32[1701] 0.0.0.0/0[0] proto=udp dir=out
Dec 20 12:15:03 proxy racoon: INFO: Update the generated policy : 192.168.1.130/32[1701] XXX.XXX.XXX.XXX/32[1701] proto=udp dir=in
Dec 20 12:15:03 proxy racoon: DEBUG: sub:0xbfbfe2a4: XXX.XXX.XXX.XXX/32[1701] 192.168.1.130/32[1701] proto=udp dir=out
Dec 20 12:15:03 proxy racoon: DEBUG: db :0x28547148: 0.0.0.0/0[0] XXX.XXX.XXX.XXX/32[1701] proto=udp dir=in
Dec 20 12:15:03 proxy racoon: DEBUG: sub:0xbfbfe2a4: XXX.XXX.XXX.XXX/32[1701] 192.168.1.130/32[1701] proto=udp dir=out
Dec 20 12:15:03 proxy racoon: DEBUG: db: 0x28547148: 0.0.0.0/0[0] XXX.XXX.XXX.XXX/32[1701] proto=udp dir=in
Dec 20 12:15:03 proxy racoon: DEBUG: sub:0xbfbfe2a4: XXX.XXX.XXX.XXX/32[1701] 192.168.1.130/32[1701] proto=udp dir=out
Dec 20 12:15:03 proxy racoon: DEBUG: db :0x285473c8: XXX.XXX.XXX.XXX/32[1701] 0.0.0.0/0[0] proto=udp dir=out
Dec 20 12:15:03 proxy racoon: DEBUG: sub:0xbfbfe2a4: XXX.XXX.XXX.XXX/32[1701] 192.168.1.130/32[1701] proto=udp dir=out
Dec 20 12:15:03 proxy racoon: DEBUG: db: 0x285473c8: XXX.XXX.XXX.XXX/32[1701] 0.0.0.0/0[0] proto=udp dir=out
Dec 20 12:15:03 proxy racoon: DEBUG: 0xbfbfe2a4 masked with /32: XXX.XXX.XXX.XXX[1701]
Dec 20 12:15:03 proxy racoon: DEBUG: 0x285473c8 masked with /32: XXX.XXX.XXX.XXX[1701]
Dec 20 12:15:03 proxy racoon: DEBUG: 0xbfbfe2a4 masked with /0: 0.0.0.0[1701]
Dec 20 12:15:03 proxy racoon: DEBUG: 0x285473c8 masked with /0: 0.0.0.0[0]
Dec 20 12:15:03 proxy racoon: DEBUG: suitable SP found:XXX.XXX.XXX.XXX/32[1701] 192.168.1.130/32[1701] proto=udp dir=out
Dec 20 12:15:03 proxy racoon: DEBUG: (proto_id=ESP spisize=4 spi=00000000 spi_p=00000000 encmode=UDP-Transport reqid=0:0)
Dec 20 12:15:03 proxy racoon: DEBUG: (trns_id=3DES encklen=0 authtype=hmac-md5)
Dec 20 12:15:03 proxy racoon: DEBUG: (trns_id=3DES encklen=0 authtype=hmac-sha)
Dec 20 12:15:03 proxy racoon: DEBUG: total SA len=60
Dec 20 12:15:03 proxy racoon: DEBUG: 00000001 00000001 00000034 01030401 f591bc4d 00000028 010b0000 80040004 80050002 80010001 00020004 00000e10 80010002 00020004 0003d090
Dec 20 12:15:03 proxy racoon: DEBUG: begin.
Dec 20 12:15:03 proxy racoon: DEBUG: seen nptype=2(prop)
Dec 20 12:15:03 proxy racoon: DEBUG: succeed.
Dec 20 12:15:03 proxy racoon: DEBUG: proposal #1 len=52
Dec 20 12:15:03 proxy racoon: DEBUG: begin.
Dec 20 12:15:03 proxy racoon: DEBUG: seen nptype=3(trns)
Dec 20 12:15:03 proxy racoon: DEBUG: succeed.
Dec 20 12:15:03 proxy racoon: DEBUG: transform #1 len=40
Dec 20 12:15:03 proxy racoon: DEBUG: type=Encryption Mode, flag=0x8000, lorv=UDP-Transport
Dec 20 12:15:03 proxy racoon: DEBUG: UDP encapsulation requested
Dec 20 12:15:03 proxy racoon: DEBUG: type=Authentication Algorithm, flag=0x8000, lorv=hmac-sha
Dec 20 12:15:03 proxy racoon: DEBUG: type=SA Life Type, flag=0x8000, lorv=seconds
Dec 20 12:15:03 proxy racoon: DEBUG: type=SA Life Duration, flag=0x0000, lorv=4
Dec 20 12:15:03 proxy racoon: DEBUG: type=SA Life Type, flag=0x8000, lorv=kilobytes
Dec 20 12:15:03 proxy racoon: DEBUG: type=SA Life Duration, flag=0x0000, lorv=4
Dec 20 12:15:03 proxy racoon: DEBUG: pair 1:
Dec 20 12:15:03 proxy racoon: DEBUG: 0x28517510: next=0x0 tnext=0x0
Dec 20 12:15:03 proxy racoon: DEBUG: proposal #1: 1 transform
Dec 20 12:15:03 proxy racoon: DEBUG: begin compare proposals.
Dec 20 12:15:03 proxy racoon: DEBUG: pair[1]: 0x28517510
Dec 20 12:15:03 proxy racoon: DEBUG: 0x28517510: next=0x0 tnext=0x0
Dec 20 12:15:03 proxy racoon: DEBUG: prop#=1 prot-id=ESP spi-size=4 #trns=1 trns#=1 trns-id=NULL
Dec 20 12:15:03 proxy racoon: DEBUG: type=Encryption Mode, flag=0x8000, lorv=UDP-Transport
Dec 20 12:15:03 proxy racoon: DEBUG: type=Authentication Algorithm, flag=0x8000, lorv=hmac-sha
Dec 20 12:15:03 proxy racoon: DEBUG: type=SA Life Type, flag=0x8000, lorv=seconds
Dec 20 12:15:03 proxy racoon: DEBUG: type=SA Life Duration, flag=0x0000, lorv=4
Dec 20 12:15:03 proxy racoon: DEBUG: type=SA Life Type, flag=0x8000, lorv=kilobytes
Dec 20 12:15:03 proxy racoon: DEBUG: type=SA Life Duration, flag=0x0000, lorv=4
Dec 20 12:15:03 proxy racoon: DEBUG: peer's single bundle:
Dec 20 12:15:03 proxy racoon: DEBUG: (proto_id=ESP spisize=4 spi=f591bc4d spi_p=00000000 encmode=UDP-Transport reqid=0:0)
Dec 20 12:15:03 proxy racoon: DEBUG: (trns_id=NULL encklen=0 authtype=hmac-sha)
Dec 20 12:15:03 proxy racoon: DEBUG: my single bundle:
Dec 20 12:15:03 proxy racoon: DEBUG: (proto_id=ESP spisize=4 spi=00000000 spi_p=00000000 encmode=UDP-Transport reqid=0:0)
Dec 20 12:15:03 proxy racoon: DEBUG: (trns_id=3DES encklen=0 authtype=hmac-md5)
Dec 20 12:15:03 proxy racoon: DEBUG: (trns_id=3DES encklen=0 authtype=hmac-sha)
Dec 20 12:15:03 proxy racoon: INFO: Adjusting my encmode UDP-Transport->Transport
Dec 20 12:15:03 proxy racoon: INFO: Adjusting peer's encmode UDP-Transport(4)->Transport(2)
Dec 20 12:15:03 proxy racoon: WARNING: trns_id mismatched: my:3DES peer:NULL
Dec 20 12:15:03 proxy racoon: WARNING: trns_id mismatched: my:3DES peer:NULL
Dec 20 12:15:03 proxy racoon: ERROR: not matched
Dec 20 12:15:03 proxy racoon: ERROR: no suitable policy found.
Dec 20 12:15:03 proxy racoon: [YYY.YYY.YYY.YYY] ERROR: no proposal chosen.
Dec 20 12:15:03 proxy racoon: [YYY.YYY.YYY.YYY] ERROR: failed to pre-process ph2 packet (side: 1, status: 1).
Dec 20 12:15:03 proxy racoon: DEBUG: compute IV for phase2
Dec 20 12:15:03 proxy racoon: DEBUG: phase1 last IV:
Dec 20 12:15:03 proxy racoon: DEBUG: 9e88afc8 f154547f afbdf0ea
Dec 20 12:15:03 proxy racoon: DEBUG: hash(sha1)
Dec 20 12:15:03 proxy racoon: DEBUG: encryption(3des)
Dec 20 12:15:03 proxy racoon: DEBUG: phase2 IV computed:
Dec 20 12:15:03 proxy racoon: DEBUG: 9d16d8a4 8953d9a2
Dec 20 12:15:03 proxy racoon: DEBUG: HASH with:
Dec 20 12:15:03 proxy racoon: DEBUG: afbdf0ea 0000000c 00000001 0100000e
Dec 20 12:15:03 proxy racoon: DEBUG: hmac(hmac_sha1)
Dec 20 12:15:03 proxy racoon: DEBUG: HASH computed:
Dec 20 12:15:03 proxy racoon: DEBUG: ff14ced4 c55ea53b b3589559 bf32dd98 0a3966d3
Dec 20 12:15:03 proxy racoon: DEBUG: begin encryption.
Dec 20 12:15:03 proxy racoon: DEBUG: encryption(3des)
Dec 20 12:15:03 proxy racoon: DEBUG: pad length = 4
Dec 20 12:15:03 proxy racoon: DEBUG: 0b000018 ff14ced4 c55ea53b b3589559 bf32dd98 0a3966d3 0000000c 00000001 0100000e 00000004
Dec 20 12:15:03 proxy racoon: DEBUG: encryption(3des)
Dec 20 12:15:03 proxy racoon: DEBUG: with key:
Dec 20 12:15:03 proxy racoon: DEBUG: 6d1961b4 215951d7 01c1eddc 21cf45fa 59094492 66febc63
Dec 20 12:15:03 proxy racoon: DEBUG: encrypted payload by IV:
Dec 20 12:15:03 proxy racoon: DEBUG: 9d16d8a4 8953d9a2
Dec 20 12:15:03 proxy racoon: DEBUG: save IV for next:
Dec 20 12:15:03 proxy racoon: DEBUG: 89428d06 73483791
Dec 20 12:15:03 proxy racoon: DEBUG: encrypted.
Dec 20 12:15:03 proxy racoon: DEBUG: Adding NON-ESP marker
Dec 20 12:15:03 proxy racoon: DEBUG: 72 bytes from XXX.XXX.XXX.XXX[4500] to YYY.YYY.YYY.YYY[4500]
Dec 20 12:15:03 proxy racoon: DEBUG: sockname XXX.XXX.XXX.XXX[4500]
Dec 20 12:15:03 proxy racoon: DEBUG: send packet from XXX.XXX.XXX.XXX[4500]
Dec 20 12:15:03 proxy racoon: DEBUG: send packet to YYY.YYY.YYY.YYY[4500]
Dec 20 12:15:03 proxy racoon: DEBUG: 1 times of 72 bytes message will be sent to YYY.YYY.YYY.YYY[4500]
Dec 20 12:15:03 proxy racoon: DEBUG: 00000000 fa6975cc b8108e36 2ec90ca9 82855fc3 08100501 afbdf0ea 00000044 38a0b775 2ba1187e 4500901a b7daa29f 603c7ff4 2b5a7d4d 93f13ea7 ae3f2c17 89428d06 73483791
Dec 20 12:15:03 proxy racoon: DEBUG: sendto Information notify.
Dec 20 12:15:03 proxy racoon: DEBUG: IV freed
Dec 20 12:15:03 proxy racoon: DEBUG: sub:0xbfbfe37c: 192.168.1.130/32[1701] XXX.XXX.XXX.XXX/32[1701] proto=udp dir=in
Dec 20 12:15:03 proxy racoon: DEBUG: db :0x28547148: 0.0.0.0/0[0] XXX.XXX.XXX.XXX/32[1701] proto=udp dir=in
Dec 20 12:15:03 proxy racoon: DEBUG: sub:0xbfbfe37c: 192.168.1.130/32[1701] XXX.XXX.XXX.XXX/32[1701] proto=udp dir=in
Dec 20 12:15:03 proxy racoon: DEBUG: db :0x285473c8: XXX.XXX.XXX.XXX/32[1701] 0.0.0.0/0[0] proto=udp dir=out
Dec 20 12:15:03 proxy racoon: DEBUG: sub:0xbfbfe37c: XXX.XXX.XXX.XXX/32[1701] 192.168.1.130/32[1701] proto=udp dir=out
Dec 20 12:15:03 proxy racoon: DEBUG: db :0x28547148: 0.0.0.0/0[0] XXX.XXX.XXX.XXX/32[1701] proto=udp dir=in
Dec 20 12:15:03 proxy racoon: DEBUG: sub:0xbfbfe37c: XXX.XXX.XXX.XXX/32[1701] 192.168.1.130/32[1701] proto=udp dir=out
Dec 20 12:15:03 proxy racoon: DEBUG: db :0x285473c8: XXX.XXX.XXX.XXX/32[1701] 0.0.0.0/0[0] proto=udp dir=out
Dec 20 12:15:03 proxy racoon: DEBUG: IV freed
Dec 20 12:15:12 proxy racoon: DEBUG: KA: XXX.XXX.XXX.XXX[4500]->YYY.YYY.YYY.YYY[4500]
Dec 20 12:15:12 proxy racoon: DEBUG: sockname XXX.XXX.XXX.XXX[4500]
Dec 20 12:15:12 proxy racoon: DEBUG: send packet from XXX.XXX.XXX.XXX[4500]
Dec 20 12:15:12 proxy racoon: DEBUG: send packet to YYY.YYY.YYY.YYY[4500]
Dec 20 12:15:12 proxy racoon: DEBUG: 1 times of 1 bytes message will be sent to YYY.YYY.YYY.YYY[4500]
Dec 20 12:15:12 proxy racoon: DEBUG: ff
Dec 20 12:15:19 proxy racoon: DEBUG: ===
Dec 20 12:15:19 proxy racoon: DEBUG: 220 bytes message received from YYY.YYY.YYY.YYY[4500] to XXX.XXX.XXX.XXX[4500]
Dec 20 12:15:19 proxy racoon: DEBUG: fa6975cc b8108e36 2ec90ca9 82855fc3 08102001 00000001 000000dc f845f1d9 6a295096 0aa7c111 178fd0e8 c7bb991a 73a31f4c dca1e0e7 537170e9 5e8ea52c ab10c942 4469f83d c7a03df0 50925b26 927ff53a b86011b8 ac0f3f35 8907163e f26bb738 6769158b 55359b6c 740026bb afa93173 58b4c3d5 4701e50b 12b07a18 c8840b4c cb486257 93ed30f3 b5a3eb57 b6a47414 c6c28f49 bd8d7441 4be4f1af 7923e9d9 a923a4a9 df2cf431 bcdc0c75 e45dccbb d9aecc0c 31ec2df0 996a3e25 1ec0fa25 a3d7e48c 3b7f94e4 96df481d 209eb356 350e8b12 c14b0199
Dec 20 12:15:19 proxy racoon: DEBUG: compute IV for phase2
Dec 20 12:15:19 proxy racoon: DEBUG: phase1 last IV:
Dec 20 12:15:19 proxy racoon: DEBUG: 9e88afc8 f154547f 00000001
Dec 20 12:15:19 proxy racoon: DEBUG: hash(sha1)
Dec 20 12:15:19 proxy racoon: DEBUG: encryption(3des)
Dec 20 12:15:19 proxy racoon: DEBUG: phase2 IV computed:
Dec 20 12:15:19 proxy racoon: DEBUG: cb9f45f5 0af2a3a4
Dec 20 12:15:19 proxy racoon: DEBUG: ===
Dec 20 12:15:19 proxy racoon: INFO: respond new phase 2 negotiation: XXX.XXX.XXX.XXX[4500]<=>YYY.YYY.YYY.YYY[4500]
Dec 20 12:15:19 proxy racoon: DEBUG: begin decryption.
Dec 20 12:15:19 proxy racoon: DEBUG: encryption(3des)
Dec 20 12:15:19 proxy racoon: DEBUG: IV was saved for next processing:
Dec 20 12:15:19 proxy racoon: DEBUG: 350e8b12 c14b0199
Dec 20 12:15:19 proxy racoon: DEBUG: encryption(3des)
Dec 20 12:15:19 proxy racoon: DEBUG: with key:
Dec 20 12:15:19 proxy racoon: DEBUG: 6d1961b4 215951d7 01c1eddc 21cf45fa 59094492 66febc63
Dec 20 12:15:19 proxy racoon: DEBUG: decrypted payload by IV:
Dec 20 12:15:19 proxy racoon: DEBUG: cb9f45f5 0af2a3a4
Dec 20 12:15:19 proxy racoon: DEBUG: decrypted payload, but not trimed.
Dec 20 12:15:19 proxy racoon: DEBUG: 01000018 e01f51db 8ee2ea30 624ac805 6b2fa347 dfedaf7b 0a000040 00000001 00000001 00000034 01030401 f591bc4d 00000028 010b0000 80040004 80050002 80010001 00020004 00000e10 80010002 00020004 0003d090 05000034 f8734eb1 cf2dfbb5 ec7e1ec7 c039ba83 a8e2e395 29436515 2101946c badb4cd1 ef32483a 96b9f8ec 503e3950 84c11db5 0500000c 011106a5 c0a80182 1500000c 011106a5 d5a08b84 1500000c 01000000 c0a80182 0000000c 01000000 d5a08b84 00000000
Dec 20 12:15:19 proxy racoon: DEBUG: padding len=0
Dec 20 12:15:19 proxy racoon: DEBUG: skip to trim padding.
Dec 20 12:15:19 proxy racoon: DEBUG: decrypted.
Dec 20 12:15:19 proxy racoon: DEBUG: fa6975cc b8108e36 2ec90ca9 82855fc3 08102001 00000001 000000dc 01000018 e01f51db 8ee2ea30 624ac805 6b2fa347 dfedaf7b 0a000040 00000001 00000001 00000034 01030401 f591bc4d 00000028 010b0000 80040004 80050002 80010001 00020004 00000e10 80010002 00020004 0003d090 05000034 f8734eb1 cf2dfbb5 ec7e1ec7 c039ba83 a8e2e395 29436515 2101946c badb4cd1 ef32483a 96b9f8ec 503e3950 84c11db5 0500000c 011106a5 c0a80182 1500000c 011106a5 d5a08b84 1500000c 01000000 c0a80182 0000000c 01000000 d5a08b84 00000000
Dec 20 12:15:19 proxy racoon: DEBUG: begin.
Dec 20 12:15:19 proxy racoon: DEBUG: seen nptype=8(hash)
Dec 20 12:15:19 proxy racoon: DEBUG: seen nptype=1(sa)
Dec 20 12:15:19 proxy racoon: DEBUG: seen nptype=10(nonce)
Dec 20 12:15:19 proxy racoon: DEBUG: seen nptype=5(id)
Dec 20 12:15:19 proxy racoon: DEBUG: seen nptype=5(id)
Dec 20 12:15:19 proxy racoon: DEBUG: seen nptype=21(nat-oa)
Dec 20 12:15:19 proxy racoon: DEBUG: seen nptype=21(nat-oa)
Dec 20 12:15:19 proxy racoon: DEBUG: succeed.
Dec 20 12:15:19 proxy racoon: DEBUG: received IDci2:
Dec 20 12:15:19 proxy racoon: DEBUG: 011106a5 c0a80182
Dec 20 12:15:19 proxy racoon: DEBUG: received IDcr2:
Dec 20 12:15:19 proxy racoon: DEBUG: 011106a5 d5a08b84
Dec 20 12:15:19 proxy racoon: DEBUG: HASH(1) validate:
Dec 20 12:15:19 proxy racoon: DEBUG: e01f51db 8ee2ea30 624ac805 6b2fa347 dfedaf7b
Dec 20 12:15:19 proxy racoon: DEBUG: HASH with:
Dec 20 12:15:19 proxy racoon: DEBUG: 00000001 0a000040 00000001 00000001 00000034 01030401 f591bc4d 00000028 010b0000 80040004 80050002 80010001 00020004 00000e10 80010002 00020004 0003d090 05000034 f8734eb1 cf2dfbb5 ec7e1ec7 c039ba83 a8e2e395 29436515 2101946c badb4cd1 ef32483a 96b9f8ec 503e3950 84c11db5 0500000c 011106a5 c0a80182 1500000c 011106a5 d5a08b84 1500000c 01000000 c0a80182 0000000c 01000000 d5a08b84
Dec 20 12:15:19 proxy racoon: DEBUG: hmac(hmac_sha1)
Dec 20 12:15:19 proxy racoon: DEBUG: HASH computed:
Dec 20 12:15:19 proxy racoon: DEBUG: e01f51db 8ee2ea30 624ac805 6b2fa347 dfedaf7b
Dec 20 12:15:19 proxy racoon: DEBUG: getsainfo params: loc='XXX.XXX.XXX.XXX' rmt='192.168.1.130' peer='192.168.1.130' client='YYY.YYY.YYY.YYY' id=0
Dec 20 12:15:19 proxy racoon: DEBUG: evaluating sainfo: loc='ANONYMOUS', rmt='ANONYMOUS', peer='ANY', id=0
Dec 20 12:15:19 proxy racoon: DEBUG: check and compare ids : values matched (ANONYMOUS)
Dec 20 12:15:19 proxy racoon: DEBUG: check and compare ids : values matched (ANONYMOUS)
Dec 20 12:15:19 proxy racoon: DEBUG: selected sainfo: loc='ANONYMOUS', rmt='ANONYMOUS', peer='ANY', id=0
Dec 20 12:15:19 proxy racoon: DEBUG: Either family (2 - 2), types (1 - 1) of ID from initiator differ or matching sainfo has no id_i defined for the peer. Not filling iph2->sa_src and iph2->sa_dst.
Dec 20 12:15:19 proxy racoon: DEBUG: get src address from ID payload 192.168.1.130[1701] prefixlen=32 ul_proto=17
Dec 20 12:15:19 proxy racoon: DEBUG: get dst address from ID payload XXX.XXX.XXX.XXX[1701] prefixlen=32 ul_proto=17
Dec 20 12:15:19 proxy racoon: DEBUG: sub:0xbfbfe2a4: 192.168.1.130/32[1701] XXX.XXX.XXX.XXX/32[1701] proto=udp dir=in
Dec 20 12:15:19 proxy racoon: DEBUG: db :0x28547148: 0.0.0.0/0[0] XXX.XXX.XXX.XXX/32[1701] proto=udp dir=in
Dec 20 12:15:19 proxy racoon: DEBUG: sub:0xbfbfe2a4: 192.168.1.130/32[1701] XXX.XXX.XXX.XXX/32[1701] proto=udp dir=in
Dec 20 12:15:19 proxy racoon: DEBUG: db: 0x28547148: 0.0.0.0/0[0] XXX.XXX.XXX.XXX/32[1701] proto=udp dir=in
Dec 20 12:15:19 proxy racoon: DEBUG: 0xbfbfe2a4 masked with /0: 0.0.0.0[1701]
Dec 20 12:15:19 proxy racoon: DEBUG: 0x28547148 masked with /0: 0.0.0.0[0]
Dec 20 12:15:19 proxy racoon: DEBUG: 0xbfbfe2a4 masked with /32: XXX.XXX.XXX.XXX[1701]
Dec 20 12:15:19 proxy racoon: DEBUG: 0x28547148 masked with /32: XXX.XXX.XXX.XXX[1701]
Dec 20 12:15:19 proxy racoon: DEBUG: sub:0xbfbfe2a4: 192.168.1.130/32[1701] XXX.XXX.XXX.XXX/32[1701] proto=udp dir=in
Dec 20 12:15:19 proxy racoon: DEBUG: db :0x285473c8: XXX.XXX.XXX.XXX/32[1701] 0.0.0.0/0[0] proto=udp dir=out
Dec 20 12:15:19 proxy racoon: INFO: Update the generated policy : 192.168.1.130/32[1701] XXX.XXX.XXX.XXX/32[1701] proto=udp dir=in
Dec 20 12:15:19 proxy racoon: DEBUG: sub:0xbfbfe2a4: XXX.XXX.XXX.XXX/32[1701] 192.168.1.130/32[1701] proto=udp dir=out
Dec 20 12:15:19 proxy racoon: DEBUG: db :0x28547148: 0.0.0.0/0[0] XXX.XXX.XXX.XXX/32[1701] proto=udp dir=in
Dec 20 12:15:19 proxy racoon: DEBUG: sub:0xbfbfe2a4: XXX.XXX.XXX.XXX/32[1701] 192.168.1.130/32[1701] proto=udp dir=out
Dec 20 12:15:19 proxy racoon: DEBUG: db: 0x28547148: 0.0.0.0/0[0] XXX.XXX.XXX.XXX/32[1701] proto=udp dir=in
Dec 20 12:15:19 proxy racoon: DEBUG: sub:0xbfbfe2a4: XXX.XXX.XXX.XXX/32[1701] 192.168.1.130/32[1701] proto=udp dir=out
Dec 20 12:15:19 proxy racoon: DEBUG: db :0x285473c8: XXX.XXX.XXX.XXX/32[1701] 0.0.0.0/0[0] proto=udp dir=out
Dec 20 12:15:19 proxy racoon: DEBUG: sub:0xbfbfe2a4: XXX.XXX.XXX.XXX/32[1701] 192.168.1.130/32[1701] proto=udp dir=out
Dec 20 12:15:19 proxy racoon: DEBUG: db: 0x285473c8: XXX.XXX.XXX.XXX/32[1701] 0.0.0.0/0[0] proto=udp dir=out
Dec 20 12:15:19 proxy racoon: DEBUG: 0xbfbfe2a4 masked with /32: XXX.XXX.XXX.XXX[1701]
Dec 20 12:15:19 proxy racoon: DEBUG: 0x285473c8 masked with /32: XXX.XXX.XXX.XXX[1701]
Dec 20 12:15:19 proxy racoon: DEBUG: 0xbfbfe2a4 masked with /0: 0.0.0.0[1701]
Dec 20 12:15:19 proxy racoon: DEBUG: 0x285473c8 masked with /0: 0.0.0.0[0]
Dec 20 12:15:19 proxy racoon: DEBUG: suitable SP found:XXX.XXX.XXX.XXX/32[1701] 192.168.1.130/32[1701] proto=udp dir=out
Dec 20 12:15:19 proxy racoon: DEBUG: (proto_id=ESP spisize=4 spi=00000000 spi_p=00000000 encmode=UDP-Transport reqid=0:0)
Dec 20 12:15:19 proxy racoon: DEBUG: (trns_id=3DES encklen=0 authtype=hmac-md5)
Dec 20 12:15:19 proxy racoon: DEBUG: (trns_id=3DES encklen=0 authtype=hmac-sha)
Dec 20 12:15:19 proxy racoon: DEBUG: total SA len=60
Dec 20 12:15:19 proxy racoon: DEBUG: 00000001 00000001 00000034 01030401 f591bc4d 00000028 010b0000 80040004 80050002 80010001 00020004 00000e10 80010002 00020004 0003d090
Dec 20 12:15:19 proxy racoon: DEBUG: begin.
Dec 20 12:15:19 proxy racoon: DEBUG: seen nptype=2(prop)
Dec 20 12:15:19 proxy racoon: DEBUG: succeed.
Dec 20 12:15:19 proxy racoon: DEBUG: proposal #1 len=52
Dec 20 12:15:19 proxy racoon: DEBUG: begin.
Dec 20 12:15:19 proxy racoon: DEBUG: seen nptype=3(trns)
Dec 20 12:15:19 proxy racoon: DEBUG: succeed.
Dec 20 12:15:19 proxy racoon: DEBUG: transform #1 len=40
Dec 20 12:15:19 proxy racoon: DEBUG: type=Encryption Mode, flag=0x8000, lorv=UDP-Transport
Dec 20 12:15:19 proxy racoon: DEBUG: UDP encapsulation requested
Dec 20 12:15:19 proxy racoon: DEBUG: type=Authentication Algorithm, flag=0x8000, lorv=hmac-sha
Dec 20 12:15:19 proxy racoon: DEBUG: type=SA Life Type, flag=0x8000, lorv=seconds
Dec 20 12:15:19 proxy racoon: DEBUG: type=SA Life Duration, flag=0x0000, lorv=4
Dec 20 12:15:19 proxy racoon: DEBUG: type=SA Life Type, flag=0x8000, lorv=kilobytes
Dec 20 12:15:19 proxy racoon: DEBUG: type=SA Life Duration, flag=0x0000, lorv=4
Dec 20 12:15:19 proxy racoon: DEBUG: pair 1:
Dec 20 12:15:19 proxy racoon: DEBUG: 0x28517510: next=0x0 tnext=0x0
Dec 20 12:15:19 proxy racoon: DEBUG: proposal #1: 1 transform
Dec 20 12:15:19 proxy racoon: DEBUG: begin compare proposals.
Dec 20 12:15:19 proxy racoon: DEBUG: pair[1]: 0x28517510
Dec 20 12:15:19 proxy racoon: DEBUG: 0x28517510: next=0x0 tnext=0x0
Dec 20 12:15:19 proxy racoon: DEBUG: prop#=1 prot-id=ESP spi-size=4 #trns=1 trns#=1 trns-id=NULL
Dec 20 12:15:19 proxy racoon: DEBUG: type=Encryption Mode, flag=0x8000, lorv=UDP-Transport
Dec 20 12:15:19 proxy racoon: DEBUG: type=Authentication Algorithm, flag=0x8000, lorv=hmac-sha
Dec 20 12:15:19 proxy racoon: DEBUG: type=SA Life Type, flag=0x8000, lorv=seconds
Dec 20 12:15:19 proxy racoon: DEBUG: type=SA Life Duration, flag=0x0000, lorv=4
Dec 20 12:15:19 proxy racoon: DEBUG: type=SA Life Type, flag=0x8000, lorv=kilobytes
Dec 20 12:15:19 proxy racoon: DEBUG: type=SA Life Duration, flag=0x0000, lorv=4
Dec 20 12:15:19 proxy racoon: DEBUG: peer's single bundle:
Dec 20 12:15:19 proxy racoon: DEBUG: (proto_id=ESP spisize=4 spi=f591bc4d spi_p=00000000 encmode=UDP-Transport reqid=0:0)
Dec 20 12:15:19 proxy racoon: DEBUG: (trns_id=NULL encklen=0 authtype=hmac-sha)
Dec 20 12:15:19 proxy racoon: DEBUG: my single bundle:
Dec 20 12:15:19 proxy racoon: DEBUG: (proto_id=ESP spisize=4 spi=00000000 spi_p=00000000 encmode=UDP-Transport reqid=0:0)
Dec 20 12:15:19 proxy racoon: DEBUG: (trns_id=3DES encklen=0 authtype=hmac-md5)
Dec 20 12:15:19 proxy racoon: DEBUG: (trns_id=3DES encklen=0 authtype=hmac-sha)
Dec 20 12:15:19 proxy racoon: INFO: Adjusting my encmode UDP-Transport->Transport
Dec 20 12:15:19 proxy racoon: INFO: Adjusting peer's encmode UDP-Transport(4)->Transport(2)
Dec 20 12:15:19 proxy racoon: WARNING: trns_id mismatched: my:3DES peer:NULL
Dec 20 12:15:19 proxy racoon: WARNING: trns_id mismatched: my:3DES peer:NULL
Dec 20 12:15:19 proxy racoon: ERROR: not matched
Dec 20 12:15:19 proxy racoon: ERROR: no suitable policy found.
Dec 20 12:15:19 proxy racoon: [YYY.YYY.YYY.YYY] ERROR: no proposal chosen.
Dec 20 12:15:19 proxy racoon: [YYY.YYY.YYY.YYY] ERROR: failed to pre-process ph2 packet (side: 1, status: 1).
Dec 20 12:15:19 proxy racoon: DEBUG: compute IV for phase2
Dec 20 12:15:19 proxy racoon: DEBUG: phase1 last IV:
Dec 20 12:15:19 proxy racoon: DEBUG: 9e88afc8 f154547f b36cdb40
Dec 20 12:15:19 proxy racoon: DEBUG: hash(sha1)
Dec 20 12:15:19 proxy racoon: DEBUG: encryption(3des)
Dec 20 12:15:19 proxy racoon: DEBUG: phase2 IV computed:
Dec 20 12:15:19 proxy racoon: DEBUG: 557cc9aa 1afd948e
Dec 20 12:15:19 proxy racoon: DEBUG: HASH with:
Dec 20 12:15:19 proxy racoon: DEBUG: b36cdb40 0000000c 00000001 0100000e
Dec 20 12:15:19 proxy racoon: DEBUG: hmac(hmac_sha1)
Dec 20 12:15:19 proxy racoon: DEBUG: HASH computed:
Dec 20 12:15:19 proxy racoon: DEBUG: 603730ab 5afa4627 bda5f581 b2708b90 1ab8da51
Dec 20 12:15:19 proxy racoon: DEBUG: begin encryption.
Dec 20 12:15:19 proxy racoon: DEBUG: encryption(3des)
Dec 20 12:15:19 proxy racoon: DEBUG: pad length = 4
Dec 20 12:15:19 proxy racoon: DEBUG: 0b000018 603730ab 5afa4627 bda5f581 b2708b90 1ab8da51 0000000c 00000001 0100000e 00000004
Dec 20 12:15:19 proxy racoon: DEBUG: encryption(3des)
Dec 20 12:15:19 proxy racoon: DEBUG: with key:
Dec 20 12:15:19 proxy racoon: DEBUG: 6d1961b4 215951d7 01c1eddc 21cf45fa 59094492 66febc63
Dec 20 12:15:19 proxy racoon: DEBUG: encrypted payload by IV:
Dec 20 12:15:19 proxy racoon: DEBUG: 557cc9aa 1afd948e
Dec 20 12:15:19 proxy racoon: DEBUG: save IV for next:
Dec 20 12:15:19 proxy racoon: DEBUG: 9a1191d7 006ad142
Dec 20 12:15:19 proxy racoon: DEBUG: encrypted.
Dec 20 12:15:19 proxy racoon: DEBUG: Adding NON-ESP marker
Dec 20 12:15:19 proxy racoon: DEBUG: 72 bytes from XXX.XXX.XXX.XXX[4500] to YYY.YYY.YYY.YYY[4500]
Dec 20 12:15:19 proxy racoon: DEBUG: sockname XXX.XXX.XXX.XXX[4500]
Dec 20 12:15:19 proxy racoon: DEBUG: send packet from XXX.XXX.XXX.XXX[4500]
Dec 20 12:15:19 proxy racoon: DEBUG: send packet to YYY.YYY.YYY.YYY[4500]
Dec 20 12:15:19 proxy racoon: DEBUG: 1 times of 72 bytes message will be sent to YYY.YYY.YYY.YYY[4500]
Dec 20 12:15:19 proxy racoon: DEBUG: 00000000 fa6975cc b8108e36 2ec90ca9 82855fc3 08100501 b36cdb40 00000044 41d293a7 8249c26f 6fc6666d 6ca7e2e5 5b11fae6 3f3517e1 f63b4ab0 942dd011 9a1191d7 006ad142
Dec 20 12:15:19 proxy racoon: DEBUG: sendto Information notify.
Dec 20 12:15:19 proxy racoon: DEBUG: IV freed
Dec 20 12:15:19 proxy racoon: DEBUG: sub:0xbfbfe37c: 192.168.1.130/32[1701] XXX.XXX.XXX.XXX/32[1701] proto=udp dir=in
Dec 20 12:15:19 proxy racoon: DEBUG: db :0x28547148: 0.0.0.0/0[0] XXX.XXX.XXX.XXX/32[1701] proto=udp dir=in
Dec 20 12:15:19 proxy racoon: DEBUG: sub:0xbfbfe37c: 192.168.1.130/32[1701] XXX.XXX.XXX.XXX/32[1701] proto=udp dir=in
Dec 20 12:15:19 proxy racoon: DEBUG: db :0x285473c8: XXX.XXX.XXX.XXX/32[1701] 0.0.0.0/0[0] proto=udp dir=out
Dec 20 12:15:19 proxy racoon: DEBUG: sub:0xbfbfe37c: XXX.XXX.XXX.XXX/32[1701] 192.168.1.130/32[1701] proto=udp dir=out
Dec 20 12:15:19 proxy racoon: DEBUG: db :0x28547148: 0.0.0.0/0[0] XXX.XXX.XXX.XXX/32[1701] proto=udp dir=in
Dec 20 12:15:19 proxy racoon: DEBUG: sub:0xbfbfe37c: XXX.XXX.XXX.XXX/32[1701] 192.168.1.130/32[1701] proto=udp dir=out
Dec 20 12:15:19 proxy racoon: DEBUG: db :0x285473c8: XXX.XXX.XXX.XXX/32[1701] 0.0.0.0/0[0] proto=udp dir=out
Dec 20 12:15:19 proxy racoon: DEBUG: IV freed
Dec 20 12:15:22 proxy racoon: DEBUG: KA: XXX.XXX.XXX.XXX[4500]->YYY.YYY.YYY.YYY[4500]
Dec 20 12:15:22 proxy racoon: DEBUG: sockname XXX.XXX.XXX.XXX[4500]
Dec 20 12:15:22 proxy racoon: DEBUG: send packet from XXX.XXX.XXX.XXX[4500]
Dec 20 12:15:22 proxy racoon: DEBUG: send packet to YYY.YYY.YYY.YYY[4500]
Dec 20 12:15:22 proxy racoon: DEBUG: 1 times of 1 bytes message will be sent to YYY.YYY.YYY.YYY[4500]
Dec 20 12:15:22 proxy racoon: DEBUG: ff
Dec 20 12:15:32 proxy racoon: DEBUG: KA: XXX.XXX.XXX.XXX[4500]->YYY.YYY.YYY.YYY[4500]
Dec 20 12:15:32 proxy racoon: DEBUG: sockname XXX.XXX.XXX.XXX[4500]
Dec 20 12:15:32 proxy racoon: DEBUG: send packet from XXX.XXX.XXX.XXX[4500]
Dec 20 12:15:32 proxy racoon: DEBUG: send packet to YYY.YYY.YYY.YYY[4500]
Dec 20 12:15:32 proxy racoon: DEBUG: 1 times of 1 bytes message will be sent to YYY.YYY.YYY.YYY[4500]
Dec 20 12:15:32 proxy racoon: DEBUG: ff
Dec 20 12:15:35 proxy racoon: DEBUG: ===
Dec 20 12:15:35 proxy racoon: DEBUG: 220 bytes message received from YYY.YYY.YYY.YYY[4500] to XXX.XXX.XXX.XXX[4500]
Dec 20 12:15:35 proxy racoon: DEBUG: fa6975cc b8108e36 2ec90ca9 82855fc3 08102001 00000001 000000dc f845f1d9 6a295096 0aa7c111 178fd0e8 c7bb991a 73a31f4c dca1e0e7 537170e9 5e8ea52c ab10c942 4469f83d c7a03df0 50925b26 927ff53a b86011b8 ac0f3f35 8907163e f26bb738 6769158b 55359b6c 740026bb afa93173 58b4c3d5 4701e50b 12b07a18 c8840b4c cb486257 93ed30f3 b5a3eb57 b6a47414 c6c28f49 bd8d7441 4be4f1af 7923e9d9 a923a4a9 df2cf431 bcdc0c75 e45dccbb d9aecc0c 31ec2df0 996a3e25 1ec0fa25 a3d7e48c 3b7f94e4 96df481d 209eb356 350e8b12 c14b0199
Dec 20 12:15:35 proxy racoon: DEBUG: compute IV for phase2
Dec 20 12:15:35 proxy racoon: DEBUG: phase1 last IV:
Dec 20 12:15:35 proxy racoon: DEBUG: 9e88afc8 f154547f 00000001
Dec 20 12:15:36 proxy racoon: DEBUG: hash(sha1)
Dec 20 12:15:36 proxy racoon: DEBUG: encryption(3des)
Dec 20 12:15:36 proxy racoon: DEBUG: phase2 IV computed:
Dec 20 12:15:36 proxy racoon: DEBUG: cb9f45f5 0af2a3a4
Dec 20 12:15:36 proxy racoon: DEBUG: ===
Dec 20 12:15:36 proxy racoon: INFO: respond new phase 2 negotiation: XXX.XXX.XXX.XXX[4500]<=>YYY.YYY.YYY.YYY[4500]
Dec 20 12:15:36 proxy racoon: DEBUG: begin decryption.
Dec 20 12:15:36 proxy racoon: DEBUG: encryption(3des)
Dec 20 12:15:36 proxy racoon: DEBUG: IV was saved for next processing:
Dec 20 12:15:36 proxy racoon: DEBUG: 350e8b12 c14b0199
Dec 20 12:15:36 proxy racoon: DEBUG: encryption(3des)
Dec 20 12:15:36 proxy racoon: DEBUG: with key:
Dec 20 12:15:36 proxy racoon: DEBUG: 6d1961b4 215951d7 01c1eddc 21cf45fa 59094492 66febc63
Dec 20 12:15:36 proxy racoon: DEBUG: decrypted payload by IV:
Dec 20 12:15:36 proxy racoon: DEBUG: cb9f45f5 0af2a3a4
Dec 20 12:15:36 proxy racoon: DEBUG: decrypted payload, but not trimed.
Dec 20 12:15:36 proxy racoon: DEBUG: 01000018 e01f51db 8ee2ea30 624ac805 6b2fa347 dfedaf7b 0a000040 00000001 00000001 00000034 01030401 f591bc4d 00000028 010b0000 80040004 80050002 80010001 00020004 00000e10 80010002 00020004 0003d090 05000034 f8734eb1 cf2dfbb5 ec7e1ec7 c039ba83 a8e2e395 29436515 2101946c badb4cd1 ef32483a 96b9f8ec 503e3950 84c11db5 0500000c 011106a5 c0a80182 1500000c 011106a5 d5a08b84 1500000c 01000000 c0a80182 0000000c 01000000 d5a08b84 00000000
Dec 20 12:15:36 proxy racoon: DEBUG: padding len=0
Dec 20 12:15:36 proxy racoon: DEBUG: skip to trim padding.
Dec 20 12:15:36 proxy racoon: DEBUG: decrypted.
Dec 20 12:15:36 proxy racoon: DEBUG: fa6975cc b8108e36 2ec90ca9 82855fc3 08102001 00000001 000000dc 01000018 e01f51db 8ee2ea30 624ac805 6b2fa347 dfedaf7b 0a000040 00000001 00000001 00000034 01030401 f591bc4d 00000028 010b0000 80040004 80050002 80010001 00020004 00000e10 80010002 00020004 0003d090 05000034 f8734eb1 cf2dfbb5 ec7e1ec7 c039ba83 a8e2e395 29436515 2101946c badb4cd1 ef32483a 96b9f8ec 503e3950 84c11db5 0500000c 011106a5 c0a80182 1500000c 011106a5 d5a08b84 1500000c 01000000 c0a80182 0000000c 01000000 d5a08b84 00000000
Dec 20 12:15:36 proxy racoon: DEBUG: begin.
Dec 20 12:15:36 proxy racoon: DEBUG: seen nptype=8(hash)
Dec 20 12:15:36 proxy racoon: DEBUG: seen nptype=1(sa)
Dec 20 12:15:36 proxy racoon: DEBUG: seen nptype=10(nonce)
Dec 20 12:15:36 proxy racoon: DEBUG: seen nptype=5(id)
Dec 20 12:15:36 proxy racoon: DEBUG: seen nptype=5(id)
Dec 20 12:15:36 proxy racoon: DEBUG: seen nptype=21(nat-oa)
Dec 20 12:15:36 proxy racoon: DEBUG: seen nptype=21(nat-oa)
Dec 20 12:15:36 proxy racoon: DEBUG: succeed.
Dec 20 12:15:36 proxy racoon: DEBUG: received IDci2:
Dec 20 12:15:36 proxy racoon: DEBUG: 011106a5 c0a80182
Dec 20 12:15:36 proxy racoon: DEBUG: received IDcr2:
Dec 20 12:15:36 proxy racoon: DEBUG: 011106a5 d5a08b84
Dec 20 12:15:36 proxy racoon: DEBUG: HASH(1) validate:
Dec 20 12:15:36 proxy racoon: DEBUG: e01f51db 8ee2ea30 624ac805 6b2fa347 dfedaf7b
Dec 20 12:15:36 proxy racoon: DEBUG: HASH with:
Dec 20 12:15:36 proxy racoon: DEBUG: 00000001 0a000040 00000001 00000001 00000034 01030401 f591bc4d 00000028 010b0000 80040004 80050002 80010001 00020004 00000e10 80010002 00020004 0003d090 05000034 f8734eb1 cf2dfbb5 ec7e1ec7 c039ba83 a8e2e395 29436515 2101946c badb4cd1 ef32483a 96b9f8ec 503e3950 84c11db5 0500000c 011106a5 c0a80182 1500000c 011106a5 d5a08b84 1500000c 01000000 c0a80182 0000000c 01000000 d5a08b84
Dec 20 12:15:36 proxy racoon: DEBUG: hmac(hmac_sha1)
Dec 20 12:15:36 proxy racoon: DEBUG: HASH computed:
Dec 20 12:15:36 proxy racoon: DEBUG: e01f51db 8ee2ea30 624ac805 6b2fa347 dfedaf7b
Dec 20 12:15:36 proxy racoon: DEBUG: getsainfo params: loc='XXX.XXX.XXX.XXX' rmt='192.168.1.130' peer='192.168.1.130' client='YYY.YYY.YYY.YYY' id=0
Dec 20 12:15:36 proxy racoon: DEBUG: evaluating sainfo: loc='ANONYMOUS', rmt='ANONYMOUS', peer='ANY', id=0
Dec 20 12:15:36 proxy racoon: DEBUG: check and compare ids : values matched (ANONYMOUS)
Dec 20 12:15:36 proxy racoon: DEBUG: check and compare ids : values matched (ANONYMOUS)
Dec 20 12:15:36 proxy racoon: DEBUG: selected sainfo: loc='ANONYMOUS', rmt='ANONYMOUS', peer='ANY', id=0
Dec 20 12:15:36 proxy racoon: DEBUG: Either family (2 - 2), types (1 - 1) of ID from initiator differ or matching sainfo has no id_i defined for the peer. Not filling iph2->sa_src and iph2->sa_dst.
Dec 20 12:15:36 proxy racoon: DEBUG: get src address from ID payload 192.168.1.130[1701] prefixlen=32 ul_proto=17
Dec 20 12:15:36 proxy racoon: DEBUG: get dst address from ID payload XXX.XXX.XXX.XXX[1701] prefixlen=32 ul_proto=17
Dec 20 12:15:36 proxy racoon: DEBUG: sub:0xbfbfe2a4: 192.168.1.130/32[1701] XXX.XXX.XXX.XXX/32[1701] proto=udp dir=in
Dec 20 12:15:36 proxy racoon: DEBUG: db :0x28547148: 0.0.0.0/0[0] XXX.XXX.XXX.XXX/32[1701] proto=udp dir=in
Dec 20 12:15:36 proxy racoon: DEBUG: sub:0xbfbfe2a4: 192.168.1.130/32[1701] XXX.XXX.XXX.XXX/32[1701] proto=udp dir=in
Dec 20 12:15:36 proxy racoon: DEBUG: db: 0x28547148: 0.0.0.0/0[0] XXX.XXX.XXX.XXX/32[1701] proto=udp dir=in
Dec 20 12:15:36 proxy racoon: DEBUG: 0xbfbfe2a4 masked with /0: 0.0.0.0[1701]
Dec 20 12:15:36 proxy racoon: DEBUG: 0x28547148 masked with /0: 0.0.0.0[0]
Dec 20 12:15:36 proxy racoon: DEBUG: 0xbfbfe2a4 masked with /32: XXX.XXX.XXX.XXX[1701]
Dec 20 12:15:36 proxy racoon: DEBUG: 0x28547148 masked with /32: XXX.XXX.XXX.XXX[1701]
Dec 20 12:15:36 proxy racoon: DEBUG: sub:0xbfbfe2a4: 192.168.1.130/32[1701] XXX.XXX.XXX.XXX/32[1701] proto=udp dir=in
Dec 20 12:15:36 proxy racoon: DEBUG: db :0x285473c8: XXX.XXX.XXX.XXX/32[1701] 0.0.0.0/0[0] proto=udp dir=out
Dec 20 12:15:36 proxy racoon: INFO: Update the generated policy : 192.168.1.130/32[1701] XXX.XXX.XXX.XXX/32[1701] proto=udp dir=in
Dec 20 12:15:36 proxy racoon: DEBUG: sub:0xbfbfe2a4: XXX.XXX.XXX.XXX/32[1701] 192.168.1.130/32[1701] proto=udp dir=out
Dec 20 12:15:36 proxy racoon: DEBUG: db :0x28547148: 0.0.0.0/0[0] XXX.XXX.XXX.XXX/32[1701] proto=udp dir=in
Dec 20 12:15:36 proxy racoon: DEBUG: sub:0xbfbfe2a4: XXX.XXX.XXX.XXX/32[1701] 192.168.1.130/32[1701] proto=udp dir=out
Dec 20 12:15:36 proxy racoon: DEBUG: db: 0x28547148: 0.0.0.0/0[0] XXX.XXX.XXX.XXX/32[1701] proto=udp dir=in
Dec 20 12:15:36 proxy racoon: DEBUG: sub:0xbfbfe2a4: XXX.XXX.XXX.XXX/32[1701] 192.168.1.130/32[1701] proto=udp dir=out
Dec 20 12:15:36 proxy racoon: DEBUG: db :0x285473c8: XXX.XXX.XXX.XXX/32[1701] 0.0.0.0/0[0] proto=udp dir=out
Dec 20 12:15:36 proxy racoon: DEBUG: sub:0xbfbfe2a4: XXX.XXX.XXX.XXX/32[1701] 192.168.1.130/32[1701] proto=udp dir=out
Dec 20 12:15:36 proxy racoon: DEBUG: db: 0x285473c8: XXX.XXX.XXX.XXX/32[1701] 0.0.0.0/0[0] proto=udp dir=out
Dec 20 12:15:36 proxy racoon: DEBUG: 0xbfbfe2a4 masked with /32: XXX.XXX.XXX.XXX[1701]
Dec 20 12:15:36 proxy racoon: DEBUG: 0x285473c8 masked with /32: XXX.XXX.XXX.XXX[1701]
Dec 20 12:15:36 proxy racoon: DEBUG: 0xbfbfe2a4 masked with /0: 0.0.0.0[1701]
Dec 20 12:15:36 proxy racoon: DEBUG: 0x285473c8 masked with /0: 0.0.0.0[0]
Dec 20 12:15:36 proxy racoon: DEBUG: suitable SP found:XXX.XXX.XXX.XXX/32[1701] 192.168.1.130/32[1701] proto=udp dir=out
Dec 20 12:15:36 proxy racoon: DEBUG: (proto_id=ESP spisize=4 spi=00000000 spi_p=00000000 encmode=UDP-Transport reqid=0:0)
Dec 20 12:15:36 proxy racoon: DEBUG: (trns_id=3DES encklen=0 authtype=hmac-md5)
Dec 20 12:15:36 proxy racoon: DEBUG: (trns_id=3DES encklen=0 authtype=hmac-sha)
Dec 20 12:15:36 proxy racoon: DEBUG: total SA len=60
Dec 20 12:15:36 proxy racoon: DEBUG: 00000001 00000001 00000034 01030401 f591bc4d 00000028 010b0000 80040004 80050002 80010001 00020004 00000e10 80010002 00020004 0003d090
Dec 20 12:15:36 proxy racoon: DEBUG: begin.
Dec 20 12:15:36 proxy racoon: DEBUG: seen nptype=2(prop)
Dec 20 12:15:36 proxy racoon: DEBUG: succeed.
Dec 20 12:15:36 proxy racoon: DEBUG: proposal #1 len=52
Dec 20 12:15:36 proxy racoon: DEBUG: begin.
Dec 20 12:15:36 proxy racoon: DEBUG: seen nptype=3(trns)
Dec 20 12:15:36 proxy racoon: DEBUG: succeed.
Dec 20 12:15:36 proxy racoon: DEBUG: transform #1 len=40
Dec 20 12:15:36 proxy racoon: DEBUG: type=Encryption Mode, flag=0x8000, lorv=UDP-Transport
Dec 20 12:15:36 proxy racoon: DEBUG: UDP encapsulation requested
Dec 20 12:15:36 proxy racoon: DEBUG: type=Authentication Algorithm, flag=0x8000, lorv=hmac-sha
Dec 20 12:15:36 proxy racoon: DEBUG: type=SA Life Type, flag=0x8000, lorv=seconds
Dec 20 12:15:36 proxy racoon: DEBUG: type=SA Life Duration, flag=0x0000, lorv=4
Dec 20 12:15:36 proxy racoon: DEBUG: type=SA Life Type, flag=0x8000, lorv=kilobytes
Dec 20 12:15:36 proxy racoon: DEBUG: type=SA Life Duration, flag=0x0000, lorv=4
Dec 20 12:15:36 proxy racoon: DEBUG: pair 1:
Dec 20 12:15:36 proxy racoon: DEBUG: 0x28517510: next=0x0 tnext=0x0
Dec 20 12:15:36 proxy racoon: DEBUG: proposal #1: 1 transform
Dec 20 12:15:36 proxy racoon: DEBUG: begin compare proposals.
Dec 20 12:15:36 proxy racoon: DEBUG: pair[1]: 0x28517510
Dec 20 12:15:36 proxy racoon: DEBUG: 0x28517510: next=0x0 tnext=0x0
Dec 20 12:15:36 proxy racoon: DEBUG: prop#=1 prot-id=ESP spi-size=4 #trns=1 trns#=1 trns-id=NULL
Dec 20 12:15:36 proxy racoon: DEBUG: type=Encryption Mode, flag=0x8000, lorv=UDP-Transport
Dec 20 12:15:36 proxy racoon: DEBUG: type=Authentication Algorithm, flag=0x8000, lorv=hmac-sha
Dec 20 12:15:36 proxy racoon: DEBUG: type=SA Life Type, flag=0x8000, lorv=seconds
Dec 20 12:15:36 proxy racoon: DEBUG: type=SA Life Duration, flag=0x0000, lorv=4
Dec 20 12:15:36 proxy racoon: DEBUG: type=SA Life Type, flag=0x8000, lorv=kilobytes
Dec 20 12:15:36 proxy racoon: DEBUG: type=SA Life Duration, flag=0x0000, lorv=4
Dec 20 12:15:36 proxy racoon: DEBUG: peer's single bundle:
Dec 20 12:15:36 proxy racoon: DEBUG: (proto_id=ESP spisize=4 spi=f591bc4d spi_p=00000000 encmode=UDP-Transport reqid=0:0)
Dec 20 12:15:36 proxy racoon: DEBUG: (trns_id=NULL encklen=0 authtype=hmac-sha)
Dec 20 12:15:36 proxy racoon: DEBUG: my single bundle:
Dec 20 12:15:36 proxy racoon: DEBUG: (proto_id=ESP spisize=4 spi=00000000 spi_p=00000000 encmode=UDP-Transport reqid=0:0)
Dec 20 12:15:36 proxy racoon: DEBUG: (trns_id=3DES encklen=0 authtype=hmac-md5)
Dec 20 12:15:36 proxy racoon: DEBUG: (trns_id=3DES encklen=0 authtype=hmac-sha)
Dec 20 12:15:36 proxy racoon: INFO: Adjusting my encmode UDP-Transport->Transport
Dec 20 12:15:36 proxy racoon: INFO: Adjusting peer's encmode UDP-Transport(4)->Transport(2)
Dec 20 12:15:36 proxy racoon: WARNING: trns_id mismatched: my:3DES peer:NULL
Dec 20 12:15:36 proxy racoon: WARNING: trns_id mismatched: my:3DES peer:NULL
Dec 20 12:15:36 proxy racoon: ERROR: not matched
Dec 20 12:15:36 proxy racoon: ERROR: no suitable policy found.
Dec 20 12:15:36 proxy racoon: [YYY.YYY.YYY.YYY] ERROR: no proposal chosen.
Dec 20 12:15:36 proxy racoon: [YYY.YYY.YYY.YYY] ERROR: failed to pre-process ph2 packet (side: 1, status: 1).
Dec 20 12:15:36 proxy racoon: DEBUG: compute IV for phase2
Dec 20 12:15:36 proxy racoon: DEBUG: phase1 last IV:
Dec 20 12:15:36 proxy racoon: DEBUG: 9e88afc8 f154547f 995236ba
Dec 20 12:15:36 proxy racoon: DEBUG: hash(sha1)
Dec 20 12:15:36 proxy racoon: DEBUG: encryption(3des)
Dec 20 12:15:36 proxy racoon: DEBUG: phase2 IV computed:
Dec 20 12:15:36 proxy racoon: DEBUG: 95afd506 af97cd5e
Dec 20 12:15:36 proxy racoon: DEBUG: HASH with:
Dec 20 12:15:36 proxy racoon: DEBUG: 995236ba 0000000c 00000001 0100000e
Dec 20 12:15:36 proxy racoon: DEBUG: hmac(hmac_sha1)
Dec 20 12:15:36 proxy racoon: DEBUG: HASH computed:
Dec 20 12:15:36 proxy racoon: DEBUG: 6fa63aed 209e982d d17502f8 39e27550 1928f795
Dec 20 12:15:36 proxy racoon: DEBUG: begin encryption.
Dec 20 12:15:36 proxy racoon: DEBUG: encryption(3des)
Dec 20 12:15:36 proxy racoon: DEBUG: pad length = 4
Dec 20 12:15:36 proxy racoon: DEBUG: 0b000018 6fa63aed 209e982d d17502f8 39e27550 1928f795 0000000c 00000001 0100000e 00000004
Dec 20 12:15:36 proxy racoon: DEBUG: encryption(3des)
Dec 20 12:15:36 proxy racoon: DEBUG: with key:
Dec 20 12:15:36 proxy racoon: DEBUG: 6d1961b4 215951d7 01c1eddc 21cf45fa 59094492 66febc63
Dec 20 12:15:36 proxy racoon: DEBUG: encrypted payload by IV:
Dec 20 12:15:36 proxy racoon: DEBUG: 95afd506 af97cd5e
Dec 20 12:15:36 proxy racoon: DEBUG: save IV for next:
Dec 20 12:15:36 proxy racoon: DEBUG: 53935f43 0edc9899
Dec 20 12:15:36 proxy racoon: DEBUG: encrypted.
Dec 20 12:15:36 proxy racoon: DEBUG: Adding NON-ESP marker
Dec 20 12:15:36 proxy racoon: DEBUG: 72 bytes from XXX.XXX.XXX.XXX[4500] to YYY.YYY.YYY.YYY[4500]
Dec 20 12:15:36 proxy racoon: DEBUG: sockname XXX.XXX.XXX.XXX[4500]
Dec 20 12:15:36 proxy racoon: DEBUG: send packet from XXX.XXX.XXX.XXX[4500]
Dec 20 12:15:36 proxy racoon: DEBUG: send packet to YYY.YYY.YYY.YYY[4500]
Dec 20 12:15:36 proxy racoon: DEBUG: 1 times of 72 bytes message will be sent to YYY.YYY.YYY.YYY[4500]
Dec 20 12:15:36 proxy racoon: DEBUG: 00000000 fa6975cc b8108e36 2ec90ca9 82855fc3 08100501 995236ba 00000044 56121cd0 6a6c47ac 89bb7fec d129ab5c 3da581d8 6e33f69e b7baa580 1814814b 53935f43 0edc9899
Dec 20 12:15:36 proxy racoon: DEBUG: sendto Information notify.
Dec 20 12:15:36 proxy racoon: DEBUG: IV freed
Dec 20 12:15:36 proxy racoon: DEBUG: sub:0xbfbfe37c: 192.168.1.130/32[1701] XXX.XXX.XXX.XXX/32[1701] proto=udp dir=in
Dec 20 12:15:36 proxy racoon: DEBUG: db :0x28547148: 0.0.0.0/0[0] XXX.XXX.XXX.XXX/32[1701] proto=udp dir=in
Dec 20 12:15:36 proxy racoon: DEBUG: sub:0xbfbfe37c: 192.168.1.130/32[1701] XXX.XXX.XXX.XXX/32[1701] proto=udp dir=in
Dec 20 12:15:36 proxy racoon: DEBUG: db :0x285473c8: XXX.XXX.XXX.XXX/32[1701] 0.0.0.0/0[0] proto=udp dir=out
Dec 20 12:15:36 proxy racoon: DEBUG: sub:0xbfbfe37c: XXX.XXX.XXX.XXX/32[1701] 192.168.1.130/32[1701] proto=udp dir=out
Dec 20 12:15:36 proxy racoon: DEBUG: db :0x28547148: 0.0.0.0/0[0] XXX.XXX.XXX.XXX/32[1701] proto=udp dir=in
Dec 20 12:15:36 proxy racoon: DEBUG: sub:0xbfbfe37c: XXX.XXX.XXX.XXX/32[1701] 192.168.1.130/32[1701] proto=udp dir=out
Dec 20 12:15:36 proxy racoon: DEBUG: db :0x285473c8: XXX.XXX.XXX.XXX/32[1701] 0.0.0.0/0[0] proto=udp dir=out
Dec 20 12:15:36 proxy racoon: DEBUG: IV freed
Dec 20 12:15:42 proxy racoon: DEBUG: KA: XXX.XXX.XXX.XXX[4500]->YYY.YYY.YYY.YYY[4500]
Dec 20 12:15:42 proxy racoon: DEBUG: sockname XXX.XXX.XXX.XXX[4500]
Dec 20 12:15:42 proxy racoon: DEBUG: send packet from XXX.XXX.XXX.XXX[4500]
Dec 20 12:15:42 proxy racoon: DEBUG: send packet to YYY.YYY.YYY.YYY[4500]
Dec 20 12:15:42 proxy racoon: DEBUG: 1 times of 1 bytes message will be sent to YYY.YYY.YYY.YYY[4500]
Dec 20 12:15:42 proxy racoon: DEBUG: ff
Dec 20 12:15:52 proxy racoon: DEBUG: ===
Dec 20 12:15:52 proxy racoon: DEBUG: 84 bytes message received from YYY.YYY.YYY.YYY[4500] to XXX.XXX.XXX.XXX[4500]
Dec 20 12:15:52 proxy racoon: DEBUG: fa6975cc b8108e36 2ec90ca9 82855fc3 08100501 adde450f 00000054 151480ab f9d1eef3 884b2ae4 ed5c350e d74c3d80 6b6e13ca 0a8d41d8 200e2d0a b2cdde08 74c85ea8 75454737 a7ee9504 130ce206 3f5340b0
Dec 20 12:15:52 proxy racoon: DEBUG: receive Information.
Dec 20 12:15:52 proxy racoon: DEBUG: compute IV for phase2
Dec 20 12:15:52 proxy racoon: DEBUG: phase1 last IV:
Dec 20 12:15:52 proxy racoon: DEBUG: 9e88afc8 f154547f adde450f
Dec 20 12:15:52 proxy racoon: DEBUG: hash(sha1)
Dec 20 12:15:52 proxy racoon: DEBUG: encryption(3des)
Dec 20 12:15:52 proxy racoon: DEBUG: phase2 IV computed:
Dec 20 12:15:52 proxy racoon: DEBUG: c07b5268 4b37ecbc
Dec 20 12:15:52 proxy racoon: DEBUG: begin decryption.
Dec 20 12:15:52 proxy racoon: DEBUG: encryption(3des)
Dec 20 12:15:52 proxy racoon: DEBUG: IV was saved for next processing:
Dec 20 12:15:52 proxy racoon: DEBUG: 130ce206 3f5340b0
Dec 20 12:15:52 proxy racoon: DEBUG: encryption(3des)
Dec 20 12:15:52 proxy racoon: DEBUG: with key:
Dec 20 12:15:52 proxy racoon: DEBUG: 6d1961b4 215951d7 01c1eddc 21cf45fa 59094492 66febc63
Dec 20 12:15:52 proxy racoon: DEBUG: decrypted payload by IV:
Dec 20 12:15:52 proxy racoon: DEBUG: c07b5268 4b37ecbc
Dec 20 12:15:52 proxy racoon: DEBUG: decrypted payload, but not trimed.
Dec 20 12:15:52 proxy racoon: DEBUG: 0c000018 a20476c2 31aa0117 d415d4c5 8a6fae8a 5da93275 0000001c 00000001 01100001 fa6975cc b8108e36 2ec90ca9 82855fc3 00000000
Dec 20 12:15:52 proxy racoon: DEBUG: padding len=0
Dec 20 12:15:52 proxy racoon: DEBUG: skip to trim padding.
Dec 20 12:15:52 proxy racoon: DEBUG: decrypted.
Dec 20 12:15:52 proxy racoon: DEBUG: fa6975cc b8108e36 2ec90ca9 82855fc3 08100501 adde450f 00000054 0c000018 a20476c2 31aa0117 d415d4c5 8a6fae8a 5da93275 0000001c 00000001 01100001 fa6975cc b8108e36 2ec90ca9 82855fc3 00000000
Dec 20 12:15:52 proxy racoon: DEBUG: IV freed
Dec 20 12:15:52 proxy racoon: DEBUG: HASH with:
Dec 20 12:15:52 proxy racoon: DEBUG: adde450f 0000001c 00000001 01100001 fa6975cc b8108e36 2ec90ca9 82855fc3
Dec 20 12:15:52 proxy racoon: DEBUG: hmac(hmac_sha1)
Dec 20 12:15:52 proxy racoon: DEBUG: HASH computed:
Dec 20 12:15:52 proxy racoon: DEBUG: a20476c2 31aa0117 d415d4c5 8a6fae8a 5da93275
Dec 20 12:15:52 proxy racoon: DEBUG: hash validated.
Dec 20 12:15:52 proxy racoon: DEBUG: begin.
Dec 20 12:15:52 proxy racoon: DEBUG: seen nptype=8(hash)
Dec 20 12:15:52 proxy racoon: DEBUG: seen nptype=12(delete)
Dec 20 12:15:52 proxy racoon: DEBUG: succeed.
Dec 20 12:15:52 proxy racoon: [YYY.YYY.YYY.YYY] DEBUG: delete payload for protocol ISAKMP
Dec 20 12:15:52 proxy racoon: INFO: ISAKMP-SA expired XXX.XXX.XXX.XXX[4500]-YYY.YYY.YYY.YYY[4500] spi:fa6975ccb8108e36:2ec90ca982855fc3
Dec 20 12:15:52 proxy racoon: INFO: ISAKMP-SA deleted XXX.XXX.XXX.XXX[4500]-YYY.YYY.YYY.YYY[4500] spi:fa6975ccb8108e36:2ec90ca982855fc3
Dec 20 12:15:52 proxy racoon: INFO: KA remove: XXX.XXX.XXX.XXX[4500]->YYY.YYY.YYY.YYY[4500]
Dec 20 12:15:52 proxy racoon: DEBUG: KA tree dump: XXX.XXX.XXX.XXX[4500]->YYY.YYY.YYY.YYY[4500] (in_use=1)
Dec 20 12:15:52 proxy racoon: DEBUG: KA removing this one...
Dec 20 12:15:52 proxy racoon: DEBUG: IV freed
Dec 20 12:15:52 proxy racoon: DEBUG: purged SAs.
Dec 20 12:15:52 proxy racoon: DEBUG: ===
Dec 20 12:15:52 proxy racoon: DEBUG: 384 bytes message received from YYY.YYY.YYY.YYY[500] to XXX.XXX.XXX.XXX[500]
Dec 20 12:15:52 proxy racoon: DEBUG: 1c7e1dd1 4ffc68c8 00000000 00000000 01100200 00000000 00000180 0d0000d4 00000001 00000001 000000c8 01010005 03000028 01010000 80010007 800e0100 80020002 80040014 80030001 800b0001 000c0004 00007080 03000028 02010000 80010007 800e0080 80020002 80040013 80030001 800b0001 000c0004 00007080 03000028 03010000 80010007 800e0100 80020002 8004000e 80030001 800b0001 000c0004 00007080 03000024 04010000 80010005 80020002 8004000e 80030001 800b0001 000c0004 00007080 00000024 05010000 80010005 80020002 80040002 80030001 800b0001 000c0004 00007080 0d000018 1e2b5169 05991c7d 7c96fcbf b587e461 00000008 0d000014 4a131c81 07035845 5c5728f2 0e95452f 0d000014 90cb8091 3ebb696e 086381b5 ec427b1f 0d000014 4048b7d5 6ebce885 25e7de7f 00d6c2d3 0d000014 fb1de3cd f341b7ea 16b7e5be 0855f120 0d000014 26244d38 eddb61b3 172a36e3 d0cfb819 00000014 e3a5966a 76379fe7 07228231 e5ce8652
Dec 20 12:15:52 proxy racoon: DEBUG: ===
Dec 20 12:15:52 proxy racoon: INFO: respond new phase 1 negotiation: XXX.XXX.XXX.XXX[500]<=>YYY.YYY.YYY.YYY[500]
Dec 20 12:15:52 proxy racoon: INFO: begin Identity Protection mode.
Dec 20 12:15:52 proxy racoon: DEBUG: begin.
Dec 20 12:15:52 proxy racoon: DEBUG: seen nptype=1(sa)
Dec 20 12:15:52 proxy racoon: DEBUG: seen nptype=13(vid)
Dec 20 12:15:52 proxy last message repeated 6 times
Dec 20 12:15:52 proxy racoon: DEBUG: succeed.
Dec 20 12:15:52 proxy racoon: INFO: received broken Microsoft ID: MS NT5 ISAKMPOAKLEY
Dec 20 12:15:52 proxy racoon: INFO: received Vendor ID: RFC 3947
Dec 20 12:15:52 proxy racoon: INFO: received Vendor ID: draft-ietf-ipsec-nat-t-ike-02
Dec 20 12:15:52 proxy racoon: INFO: received Vendor ID: FRAGMENTATION
Dec 20 12:15:52 proxy racoon: DEBUG: received unknown Vendor ID
Dec 20 12:15:52 proxy racoon: DEBUG: fb1de3cd f341b7ea 16b7e5be 0855f120
Dec 20 12:15:52 proxy racoon: DEBUG: received unknown Vendor ID
Dec 20 12:15:52 proxy racoon: DEBUG: 26244d38 eddb61b3 172a36e3 d0cfb819
Dec 20 12:15:52 proxy racoon: DEBUG: received unknown Vendor ID
Dec 20 12:15:52 proxy racoon: DEBUG: e3a5966a 76379fe7 07228231 e5ce8652
Dec 20 12:15:52 proxy racoon: [YYY.YYY.YYY.YYY] INFO: Selected NAT-T version: RFC 3947
Dec 20 12:15:52 proxy racoon: DEBUG: total SA len=208
Dec 20 12:15:52 proxy racoon: DEBUG: 00000001 00000001 000000c8 01010005 03000028 01010000 80010007 800e0100 80020002 80040014 80030001 800b0001 000c0004 00007080 03000028 02010000 80010007 800e0080 80020002 80040013 80030001 800b0001 000c0004 00007080 03000028 03010000 80010007 800e0100 80020002 8004000e 80030001 800b0001 000c0004 00007080 03000024 04010000 80010005 80020002 8004000e 80030001 800b0001 000c0004 00007080 00000024 05010000 80010005 80020002 80040002 80030001 800b0001 000c0004 00007080
Dec 20 12:15:52 proxy racoon: DEBUG: begin.
Dec 20 12:15:52 proxy racoon: DEBUG: seen nptype=2(prop)
Dec 20 12:15:52 proxy racoon: DEBUG: succeed.
Dec 20 12:15:52 proxy racoon: DEBUG: proposal #1 len=200
Dec 20 12:15:52 proxy racoon: DEBUG: begin.
Dec 20 12:15:52 proxy racoon: DEBUG: seen nptype=3(trns)
Dec 20 12:15:52 proxy last message repeated 4 times
Dec 20 12:15:52 proxy racoon: DEBUG: succeed.
Dec 20 12:15:52 proxy racoon: DEBUG: transform #1 len=40
Dec 20 12:15:52 proxy racoon: DEBUG: type=Encryption Algorithm, flag=0x8000, lorv=AES-CBC
Dec 20 12:15:52 proxy racoon: DEBUG: encryption(aes)
Dec 20 12:15:52 proxy racoon: DEBUG: type=Key Length, flag=0x8000, lorv=256
Dec 20 12:15:52 proxy racoon: DEBUG: type=Hash Algorithm, flag=0x8000, lorv=SHA
Dec 20 12:15:52 proxy racoon: DEBUG: hash(sha1)
Dec 20 12:15:52 proxy racoon: DEBUG: type=Group Description, flag=0x8000, lorv=20
Dec 20 12:15:52 proxy racoon: ERROR: invalid DH group 20.
Dec 20 12:15:52 proxy racoon: DEBUG: transform #2 len=40
Dec 20 12:15:52 proxy racoon: DEBUG: type=Encryption Algorithm, flag=0x8000, lorv=AES-CBC
Dec 20 12:15:52 proxy racoon: DEBUG: encryption(aes)
Dec 20 12:15:52 proxy racoon: DEBUG: type=Key Length, flag=0x8000, lorv=128
Dec 20 12:15:52 proxy racoon: DEBUG: type=Hash Algorithm, flag=0x8000, lorv=SHA
Dec 20 12:15:52 proxy racoon: DEBUG: hash(sha1)
Dec 20 12:15:52 proxy racoon: DEBUG: type=Group Description, flag=0x8000, lorv=19
Dec 20 12:15:52 proxy racoon: ERROR: invalid DH group 19.
Dec 20 12:15:52 proxy racoon: DEBUG: transform #3 len=40
Dec 20 12:15:52 proxy racoon: DEBUG: type=Encryption Algorithm, flag=0x8000, lorv=AES-CBC
Dec 20 12:15:52 proxy racoon: DEBUG: encryption(aes)
Dec 20 12:15:52 proxy racoon: DEBUG: type=Key Length, flag=0x8000, lorv=256
Dec 20 12:15:52 proxy racoon: DEBUG: type=Hash Algorithm, flag=0x8000, lorv=SHA
Dec 20 12:15:52 proxy racoon: DEBUG: hash(sha1)
Dec 20 12:15:52 proxy racoon: DEBUG: type=Group Description, flag=0x8000, lorv=2048-bit MODP group
Dec 20 12:15:52 proxy racoon: DEBUG: hmac(modp2048)
Dec 20 12:15:52 proxy racoon: DEBUG: type=Authentication Method, flag=0x8000, lorv=pre-shared key
Dec 20 12:15:52 proxy racoon: DEBUG: type=Life Type, flag=0x8000, lorv=seconds
Dec 20 12:15:52 proxy racoon: DEBUG: type=Life Duration, flag=0x0000, lorv=4
Dec 20 12:15:52 proxy racoon: DEBUG: transform #4 len=36
Dec 20 12:15:52 proxy racoon: DEBUG: type=Encryption Algorithm, flag=0x8000, lorv=3DES-CBC
Dec 20 12:15:52 proxy racoon: DEBUG: encryption(3des)
Dec 20 12:15:52 proxy racoon: DEBUG: type=Hash Algorithm, flag=0x8000, lorv=SHA
Dec 20 12:15:52 proxy racoon: DEBUG: hash(sha1)
Dec 20 12:15:52 proxy racoon: DEBUG: type=Group Description, flag=0x8000, lorv=2048-bit MODP group
Dec 20 12:15:52 proxy racoon: DEBUG: hmac(modp2048)
Dec 20 12:15:52 proxy racoon: DEBUG: type=Authentication Method, flag=0x8000, lorv=pre-shared key
Dec 20 12:15:52 proxy racoon: DEBUG: type=Life Type, flag=0x8000, lorv=seconds
Dec 20 12:15:52 proxy racoon: DEBUG: type=Life Duration, flag=0x0000, lorv=4
Dec 20 12:15:52 proxy racoon: DEBUG: transform #5 len=36
Dec 20 12:15:52 proxy racoon: DEBUG: type=Encryption Algorithm, flag=0x8000, lorv=3DES-CBC
Dec 20 12:15:52 proxy racoon: DEBUG: encryption(3des)
Dec 20 12:15:52 proxy racoon: DEBUG: type=Hash Algorithm, flag=0x8000, lorv=SHA
Dec 20 12:15:52 proxy racoon: DEBUG: hash(sha1)
Dec 20 12:15:52 proxy racoon: DEBUG: type=Group Description, flag=0x8000, lorv=1024-bit MODP group
Dec 20 12:15:52 proxy racoon: DEBUG: hmac(modp1024)
Dec 20 12:15:52 proxy racoon: DEBUG: type=Authentication Method, flag=0x8000, lorv=pre-shared key
Dec 20 12:15:52 proxy racoon: DEBUG: type=Life Type, flag=0x8000, lorv=seconds
Dec 20 12:15:52 proxy racoon: DEBUG: type=Life Duration, flag=0x0000, lorv=4
Dec 20 12:15:52 proxy racoon: DEBUG: pair 1:
Dec 20 12:15:52 proxy racoon: DEBUG: 0x285173e0: next=0x0 tnext=0x28517460
Dec 20 12:15:52 proxy racoon: DEBUG: 0x28517460: next=0x0 tnext=0x28517470
Dec 20 12:15:52 proxy racoon: DEBUG: 0x28517470: next=0x0 tnext=0x0
Dec 20 12:15:52 proxy racoon: DEBUG: proposal #1: 3 transform
Dec 20 12:15:52 proxy racoon: DEBUG: type=Encryption Algorithm, flag=0x8000, lorv=AES-CBC
Dec 20 12:15:52 proxy racoon: DEBUG: type=Key Length, flag=0x8000, lorv=256
Dec 20 12:15:52 proxy racoon: DEBUG: type=Hash Algorithm, flag=0x8000, lorv=SHA
Dec 20 12:15:52 proxy racoon: DEBUG: type=Group Description, flag=0x8000, lorv=2048-bit MODP group
Dec 20 12:15:52 proxy racoon: DEBUG: type=Authentication Method, flag=0x8000, lorv=pre-shared key
Dec 20 12:15:52 proxy racoon: DEBUG: type=Life Type, flag=0x8000, lorv=seconds
Dec 20 12:15:52 proxy racoon: DEBUG: type=Life Duration, flag=0x0000, lorv=4
Dec 20 12:15:52 proxy racoon: DEBUG: prop#=1, prot-id=ISAKMP, spi-size=0, #trns=5
Dec 20 12:15:52 proxy racoon: DEBUG: trns#=3, trns-id=IKE
Dec 20 12:15:52 proxy racoon: DEBUG: lifetime = 28800
Dec 20 12:15:52 proxy racoon: DEBUG: lifebyte = 0
Dec 20 12:15:52 proxy racoon: DEBUG: enctype = AES-CBC
Dec 20 12:15:52 proxy racoon: DEBUG: encklen = 256
Dec 20 12:15:52 proxy racoon: DEBUG: hashtype = SHA
Dec 20 12:15:52 proxy racoon: DEBUG: authmethod = pre-shared key
Dec 20 12:15:52 proxy racoon: DEBUG: dh_group = 2048-bit MODP group
Dec 20 12:15:52 proxy racoon: DEBUG: type=Encryption Algorithm, flag=0x8000, lorv=3DES-CBC
Dec 20 12:15:52 proxy racoon: DEBUG: type=Hash Algorithm, flag=0x8000, lorv=SHA
Dec 20 12:15:52 proxy racoon: DEBUG: type=Group Description, flag=0x8000, lorv=2048-bit MODP group
Dec 20 12:15:52 proxy racoon: DEBUG: type=Authentication Method, flag=0x8000, lorv=pre-shared key
Dec 20 12:15:52 proxy racoon: DEBUG: type=Life Type, flag=0x8000, lorv=seconds
Dec 20 12:15:52 proxy racoon: DEBUG: type=Life Duration, flag=0x0000, lorv=4
Dec 20 12:15:52 proxy racoon: DEBUG: prop#=1, prot-id=ISAKMP, spi-size=0, #trns=5
Dec 20 12:15:52 proxy racoon: DEBUG: trns#=4, trns-id=IKE
Dec 20 12:15:52 proxy racoon: DEBUG: lifetime = 28800
Dec 20 12:15:52 proxy racoon: DEBUG: lifebyte = 0
Dec 20 12:15:52 proxy racoon: DEBUG: enctype = 3DES-CBC
Dec 20 12:15:52 proxy racoon: DEBUG: encklen = 0
Dec 20 12:15:52 proxy racoon: DEBUG: hashtype = SHA
Dec 20 12:15:52 proxy racoon: DEBUG: authmethod = pre-shared key
Dec 20 12:15:52 proxy racoon: DEBUG: dh_group = 2048-bit MODP group
Dec 20 12:15:52 proxy racoon: DEBUG: type=Encryption Algorithm, flag=0x8000, lorv=3DES-CBC
Dec 20 12:15:52 proxy racoon: DEBUG: type=Hash Algorithm, flag=0x8000, lorv=SHA
Dec 20 12:15:52 proxy racoon: DEBUG: type=Group Description, flag=0x8000, lorv=1024-bit MODP group
Dec 20 12:15:52 proxy racoon: DEBUG: type=Authentication Method, flag=0x8000, lorv=pre-shared key
Dec 20 12:15:52 proxy racoon: DEBUG: type=Life Type, flag=0x8000, lorv=seconds
Dec 20 12:15:52 proxy racoon: DEBUG: type=Life Duration, flag=0x0000, lorv=4
Dec 20 12:15:52 proxy racoon: DEBUG: prop#=1, prot-id=ISAKMP, spi-size=0, #trns=5
Dec 20 12:15:52 proxy racoon: DEBUG: trns#=5, trns-id=IKE
Dec 20 12:15:52 proxy racoon: DEBUG: lifetime = 28800
Dec 20 12:15:52 proxy racoon: DEBUG: lifebyte = 0
Dec 20 12:15:52 proxy racoon: DEBUG: enctype = 3DES-CBC
Dec 20 12:15:52 proxy racoon: DEBUG: encklen = 0
Dec 20 12:15:52 proxy racoon: DEBUG: hashtype = SHA
Dec 20 12:15:52 proxy racoon: DEBUG: authmethod = pre-shared key
Dec 20 12:15:52 proxy racoon: DEBUG: dh_group = 1024-bit MODP group
Dec 20 12:15:52 proxy racoon: DEBUG: an acceptable proposal found.
Dec 20 12:15:52 proxy racoon: DEBUG: hmac(modp1024)
Dec 20 12:15:52 proxy racoon: DEBUG: agreed on pre-shared key auth.
Dec 20 12:15:52 proxy racoon: DEBUG: ===
Dec 20 12:15:52 proxy racoon: DEBUG: new cookie: 3d61b2bfde8ac120
Dec 20 12:15:52 proxy racoon: DEBUG: add payload of len 52, next type 13
Dec 20 12:15:52 proxy racoon: DEBUG: add payload of len 16, next type 0
Dec 20 12:15:52 proxy racoon: DEBUG: 104 bytes from XXX.XXX.XXX.XXX[500] to YYY.YYY.YYY.YYY[500]
Dec 20 12:15:52 proxy racoon: DEBUG: sockname XXX.XXX.XXX.XXX[500]
Dec 20 12:15:52 proxy racoon: DEBUG: send packet from XXX.XXX.XXX.XXX[500]
Dec 20 12:15:52 proxy racoon: DEBUG: send packet to YYY.YYY.YYY.YYY[500]
Dec 20 12:15:52 proxy racoon: DEBUG: 1 times of 104 bytes message will be sent to YYY.YYY.YYY.YYY[500]
Dec 20 12:15:52 proxy racoon: DEBUG: 1c7e1dd1 4ffc68c8 3d61b2bf de8ac120 01100200 00000000 00000068 0d000038 00000001 00000001 0000002c 01010001 00000024 05010000 80010005 80020002 80040002 80030001 800b0001 000c0004 00007080 00000014 4a131c81 07035845 5c5728f2 0e95452f
Dec 20 12:15:52 proxy racoon: DEBUG: resend phase1 packet 1c7e1dd14ffc68c8:3d61b2bfde8ac120
Dec 20 12:15:52 proxy racoon: DEBUG: ===
Dec 20 12:15:52 proxy racoon: DEBUG: 260 bytes message received from YYY.YYY.YYY.YYY[500] to XXX.XXX.XXX.XXX[500]
Dec 20 12:15:52 proxy racoon: DEBUG: 1c7e1dd1 4ffc68c8 3d61b2bf de8ac120 04100200 00000000 00000104 0a000084 13f28670 e733c9ec 67b21423 0b472c20 acec3b5d cfd5f11c 28e34bcf 71765a59 95a1f2b0 69feff3c e28326a8 51da2e9d e3fdec2e ccb17a67 bc250b8a f4bf81ee da61287a d8cc2894 2557742d d9aa06ed cf8e1e7e cb37c518 57d05135 54942889 90d20bbc cdd71775 c09b7ac2 98b0e86a b3682a4e 7b457773 4750a3d6 ddf5f062 14000034 9c008c61 87675075 22410026 e9e33600 d96c5174 00323490 acc686a7 c44b8883 a9b841bb 4d54d45b d91b72fb b1d0d94d 14000018 7b995f1b 6c71a6bf 4c8a02e5 e7d6e5f5 63fc7104 00000018 6f7db51a 41b2a24b 91d1a578 0d6f12a7 494074c4
Dec 20 12:15:52 proxy racoon: DEBUG: begin.
Dec 20 12:15:52 proxy racoon: DEBUG: seen nptype=4(ke)
Dec 20 12:15:52 proxy racoon: DEBUG: seen nptype=10(nonce)
Dec 20 12:15:52 proxy racoon: DEBUG: seen nptype=20(nat-d)
Dec 20 12:15:52 proxy racoon: DEBUG: seen nptype=20(nat-d)
Dec 20 12:15:52 proxy racoon: DEBUG: succeed.
Dec 20 12:15:52 proxy racoon: [XXX.XXX.XXX.XXX] INFO: Hashing XXX.XXX.XXX.XXX[500] with algo #2
Dec 20 12:15:52 proxy racoon: DEBUG: hash(sha1)
Dec 20 12:15:52 proxy racoon: INFO: NAT-D payload #0 verified
Dec 20 12:15:52 proxy racoon: [YYY.YYY.YYY.YYY] INFO: Hashing YYY.YYY.YYY.YYY[500] with algo #2
Dec 20 12:15:52 proxy racoon: DEBUG: hash(sha1)
Dec 20 12:15:52 proxy racoon: INFO: NAT-D payload #1 doesn't match
Dec 20 12:15:52 proxy racoon: INFO: NAT detected: PEER
Dec 20 12:15:52 proxy racoon: DEBUG: ===
Dec 20 12:15:52 proxy racoon: DEBUG: compute DH's private.
Dec 20 12:15:52 proxy racoon: DEBUG: 7d49d8fb abe5563a b70bd6c3 5022eac9 c6bc2001 a70fae0d 9e73216e 301401e8 7214b631 c148ed23 a7750de1 7d642152 050c008f 254128ae d04a5c38 7e2a5ffc 40ef8186 2ffc6d67 341af7f9 d0033c01 238d82ec d671f763 fa38e5ac 97303448 3c467a0e 93dff11d 2c3e92e1 f4841cf8 899ab65c 7db3f05b c87533db d66998e3
Dec 20 12:15:52 proxy racoon: DEBUG: compute DH's public.
Dec 20 12:15:52 proxy racoon: DEBUG: 5d193b54 30efc3b9 82863caf 580e0de9 3a5f2e63 eeeea781 6aac174c c5215f62 376f5b35 e03a568e ec4f1aff 72278d03 0234454d 16aea8b1 b04c0379 4aa2b391 04d2c417 5f16cab4 d219ccc2 06355abf bcc7211c 21ed0d8c 01d5a563 1bafde27 b2a53f2b 82438da9 5c525984 b691e329 8eba6daf 6ccaa25c 18866ee8 ad8dcf90
Dec 20 12:15:52 proxy racoon: [YYY.YYY.YYY.YYY] INFO: Hashing YYY.YYY.YYY.YYY[500] with algo #2
Dec 20 12:15:52 proxy racoon: DEBUG: hash(sha1)
Dec 20 12:15:52 proxy racoon: [XXX.XXX.XXX.XXX] INFO: Hashing XXX.XXX.XXX.XXX[500] with algo #2
Dec 20 12:15:52 proxy racoon: DEBUG: hash(sha1)
Dec 20 12:15:52 proxy racoon: INFO: Adding remote and local NAT-D payloads.
Dec 20 12:15:52 proxy racoon: DEBUG: add payload of len 128, next type 10
Dec 20 12:15:52 proxy racoon: DEBUG: add payload of len 16, next type 20
Dec 20 12:15:52 proxy racoon: DEBUG: add payload of len 20, next type 20
Dec 20 12:15:52 proxy racoon: DEBUG: add payload of len 20, next type 0
Dec 20 12:15:52 proxy racoon: DEBUG: 228 bytes from XXX.XXX.XXX.XXX[500] to YYY.YYY.YYY.YYY[500]
Dec 20 12:15:52 proxy racoon: DEBUG: sockname XXX.XXX.XXX.XXX[500]
Dec 20 12:15:52 proxy racoon: DEBUG: send packet from XXX.XXX.XXX.XXX[500]
Dec 20 12:15:52 proxy racoon: DEBUG: send packet to YYY.YYY.YYY.YYY[500]
Dec 20 12:15:52 proxy racoon: DEBUG: 1 times of 228 bytes message will be sent to YYY.YYY.YYY.YYY[500]
Dec 20 12:15:52 proxy racoon: DEBUG: 1c7e1dd1 4ffc68c8 3d61b2bf de8ac120 04100200 00000000 000000e4 0a000084 5d193b54 30efc3b9 82863caf 580e0de9 3a5f2e63 eeeea781 6aac174c c5215f62 376f5b35 e03a568e ec4f1aff 72278d03 0234454d 16aea8b1 b04c0379 4aa2b391 04d2c417 5f16cab4 d219ccc2 06355abf bcc7211c 21ed0d8c 01d5a563 1bafde27 b2a53f2b 82438da9 5c525984 b691e329 8eba6daf 6ccaa25c 18866ee8 ad8dcf90 14000014 d3eb85f6 904e6111 61a48040 604c531e 14000018 8a135bfc af8bc3d7 1b8dfaac a0514be5 fb226e26 00000018 7b995f1b 6c71a6bf 4c8a02e5 e7d6e5f5 63fc7104
Dec 20 12:15:52 proxy racoon: DEBUG: resend phase1 packet 1c7e1dd14ffc68c8:3d61b2bfde8ac120
Dec 20 12:15:52 proxy racoon: DEBUG: compute DH's shared.
Dec 20 12:15:52 proxy racoon: DEBUG: adbda99a b41b308a 5b9547ec 20e8875d 43fbcc34 88408b98 15a84202 bb9cf0b4 70029f52 4f80439b 9dfa3490 755cbccb a9bb3b49 9d7c0f33 7f87dbe0 5b03ef40 f1dcba0e 2302f57f 90bd5c3f 72a4e256 800111de 62e94a74 0590ca50 6956002b d8d2a766 0babe66e 9f962aa5 00975d33 b870bb5d b14d6496 74874b39 65bfd99e
Dec 20 12:15:52 proxy racoon: DEBUG: the psk found.
Dec 20 12:15:52 proxy racoon: DEBUG: nonce 1:
Dec 20 12:15:52 proxy racoon: DEBUG: 9c008c61 87675075 22410026 e9e33600 d96c5174 00323490 acc686a7 c44b8883 a9b841bb 4d54d45b d91b72fb b1d0d94d
Dec 20 12:15:52 proxy racoon: DEBUG: nonce 2:
Dec 20 12:15:52 proxy racoon: DEBUG: d3eb85f6 904e6111 61a48040 604c531e
Dec 20 12:15:52 proxy racoon: DEBUG: hmac(hmac_sha1)
Dec 20 12:15:52 proxy racoon: DEBUG: SKEYID computed:
Dec 20 12:15:52 proxy racoon: DEBUG: e8930422 33d8a0f0 6efb3d43 11924196 77d437e5
Dec 20 12:15:52 proxy racoon: DEBUG: hmac(hmac_sha1)
Dec 20 12:15:52 proxy racoon: DEBUG: SKEYID_d computed:
Dec 20 12:15:52 proxy racoon: DEBUG: 45f432dd b900549b c7d20e92 a51fb24c c2efae37
Dec 20 12:15:52 proxy racoon: DEBUG: hmac(hmac_sha1)
Dec 20 12:15:52 proxy racoon: DEBUG: SKEYID_a computed:
Dec 20 12:15:52 proxy racoon: DEBUG: d7f69ca4 9daed0fc 716d76fa 60eb8e60 19558ce5
Dec 20 12:15:52 proxy racoon: DEBUG: hmac(hmac_sha1)
Dec 20 12:15:52 proxy racoon: DEBUG: SKEYID_e computed:
Dec 20 12:15:52 proxy racoon: DEBUG: 07d02adb 5deaf5c2 a58a062d 13181da7 6c4a8300
Dec 20 12:15:52 proxy racoon: DEBUG: encryption(3des)
Dec 20 12:15:52 proxy racoon: DEBUG: hash(sha1)
Dec 20 12:15:52 proxy racoon: DEBUG: len(SKEYID_e) < len(Ka) (20 < 24), generating long key (Ka = K1 | K2 | ...)
Dec 20 12:15:52 proxy racoon: DEBUG: hmac(hmac_sha1)
Dec 20 12:15:52 proxy racoon: DEBUG: compute intermediate encryption key K1
Dec 20 12:15:52 proxy racoon: DEBUG: 00
Dec 20 12:15:52 proxy racoon: DEBUG: 1922a669 fb091a20 6689f254 952aacd2 8574d7d8
Dec 20 12:15:52 proxy racoon: DEBUG: hmac(hmac_sha1)
Dec 20 12:15:52 proxy racoon: DEBUG: compute intermediate encryption key K2
Dec 20 12:15:52 proxy racoon: DEBUG: 1922a669 fb091a20 6689f254 952aacd2 8574d7d8
Dec 20 12:15:52 proxy racoon: DEBUG: 05c46dee 7ccf8cfc abdf2695 b663738d aeb83f0e
Dec 20 12:15:52 proxy racoon: DEBUG: final encryption key computed:
Dec 20 12:15:52 proxy racoon: DEBUG: 1922a669 fb091a20 6689f254 952aacd2 8574d7d8 05c46dee
Dec 20 12:15:52 proxy racoon: DEBUG: hash(sha1)
Dec 20 12:15:52 proxy racoon: DEBUG: encryption(3des)
Dec 20 12:15:52 proxy racoon: DEBUG: IV computed:
Dec 20 12:15:52 proxy racoon: DEBUG: 4fef2bed 3467288f
Dec 20 12:16:12 proxy racoon: DEBUG: 228 bytes from XXX.XXX.XXX.XXX[500] to YYY.YYY.YYY.YYY[500]
Dec 20 12:16:12 proxy racoon: DEBUG: sockname XXX.XXX.XXX.XXX[500]
Dec 20 12:16:12 proxy racoon: DEBUG: send packet from XXX.XXX.XXX.XXX[500]
Dec 20 12:16:12 proxy racoon: DEBUG: send packet to YYY.YYY.YYY.YYY[500]
Dec 20 12:16:12 proxy racoon: DEBUG: 1 times of 228 bytes message will be sent to YYY.YYY.YYY.YYY[500]
Dec 20 12:16:12 proxy racoon: DEBUG: 1c7e1dd1 4ffc68c8 3d61b2bf de8ac120 04100200 00000000 000000e4 0a000084 5d193b54 30efc3b9 82863caf 580e0de9 3a5f2e63 eeeea781 6aac174c c5215f62 376f5b35 e03a568e ec4f1aff 72278d03 0234454d 16aea8b1 b04c0379 4aa2b391 04d2c417 5f16cab4 d219ccc2 06355abf bcc7211c 21ed0d8c 01d5a563 1bafde27 b2a53f2b 82438da9 5c525984 b691e329 8eba6daf 6ccaa25c 18866ee8 ad8dcf90 14000014 d3eb85f6 904e6111 61a48040 604c531e 14000018 8a135bfc af8bc3d7 1b8dfaac a0514be5 fb226e26 00000018 7b995f1b 6c71a6bf 4c8a02e5 e7d6e5f5 63fc7104
Dec 20 12:16:12 proxy racoon: DEBUG: resend phase1 packet 1c7e1dd14ffc68c8:3d61b2bfde8ac120
Dec 20 12:16:32 proxy racoon: DEBUG: 228 bytes from XXX.XXX.XXX.XXX[500] to YYY.YYY.YYY.YYY[500]
Dec 20 12:16:32 proxy racoon: DEBUG: sockname XXX.XXX.XXX.XXX[500]
Dec 20 12:16:32 proxy racoon: DEBUG: send packet from XXX.XXX.XXX.XXX[500]
Dec 20 12:16:32 proxy racoon: DEBUG: send packet to YYY.YYY.YYY.YYY[500]
Dec 20 12:16:32 proxy racoon: DEBUG: 1 times of 228 bytes message will be sent to YYY.YYY.YYY.YYY[500]
Dec 20 12:16:32 proxy racoon: DEBUG: 1c7e1dd1 4ffc68c8 3d61b2bf de8ac120 04100200 00000000 000000e4 0a000084 5d193b54 30efc3b9 82863caf 580e0de9 3a5f2e63 eeeea781 6aac174c c5215f62 376f5b35 e03a568e ec4f1aff 72278d03 0234454d 16aea8b1 b04c0379 4aa2b391 04d2c417 5f16cab4 d219ccc2 06355abf bcc7211c 21ed0d8c 01d5a563 1bafde27 b2a53f2b 82438da9 5c525984 b691e329 8eba6daf 6ccaa25c 18866ee8 ad8dcf90 14000014 d3eb85f6 904e6111 61a48040 604c531e 14000018 8a135bfc af8bc3d7 1b8dfaac a0514be5 fb226e26 00000018 7b995f1b 6c71a6bf 4c8a02e5 e7d6e5f5 63fc7104
Dec 20 12:16:32 proxy racoon: DEBUG: resend phase1 packet 1c7e1dd14ffc68c8:3d61b2bfde8ac120
Dec 20 12:16:52 proxy racoon: DEBUG: 228 bytes from XXX.XXX.XXX.XXX[500] to YYY.YYY.YYY.YYY[500]
Dec 20 12:16:52 proxy racoon: DEBUG: sockname XXX.XXX.XXX.XXX[500]
Dec 20 12:16:52 proxy racoon: DEBUG: send packet from XXX.XXX.XXX.XXX[500]
Dec 20 12:16:52 proxy racoon: DEBUG: send packet to YYY.YYY.YYY.YYY[500]
Dec 20 12:16:52 proxy racoon: DEBUG: 1 times of 228 bytes message will be sent to YYY.YYY.YYY.YYY[500]
Dec 20 12:16:52 proxy racoon: DEBUG: 1c7e1dd1 4ffc68c8 3d61b2bf de8ac120 04100200 00000000 000000e4 0a000084 5d193b54 30efc3b9 82863caf 580e0de9 3a5f2e63 eeeea781 6aac174c c5215f62 376f5b35 e03a568e ec4f1aff 72278d03 0234454d 16aea8b1 b04c0379 4aa2b391 04d2c417 5f16cab4 d219ccc2 06355abf bcc7211c 21ed0d8c 01d5a563 1bafde27 b2a53f2b 82438da9 5c525984 b691e329 8eba6daf 6ccaa25c 18866ee8 ad8dcf90 14000014 d3eb85f6 904e6111 61a48040 604c531e 14000018 8a135bfc af8bc3d7 1b8dfaac a0514be5 fb226e26 00000018 7b995f1b 6c71a6bf 4c8a02e5 e7d6e5f5 63fc7104
Dec 20 12:16:52 proxy racoon: DEBUG: resend phase1 packet 1c7e1dd14ffc68c8:3d61b2bfde8ac120
Dec 20 12:17:12 proxy racoon: DEBUG: 228 bytes from XXX.XXX.XXX.XXX[500] to YYY.YYY.YYY.YYY[500]
Dec 20 12:17:12 proxy racoon: DEBUG: sockname XXX.XXX.XXX.XXX[500]
Dec 20 12:17:12 proxy racoon: DEBUG: send packet from XXX.XXX.XXX.XXX[500]
Dec 20 12:17:12 proxy racoon: DEBUG: send packet to YYY.YYY.YYY.YYY[500]
Dec 20 12:17:12 proxy racoon: DEBUG: 1 times of 228 bytes message will be sent to YYY.YYY.YYY.YYY[500]
Dec 20 12:17:12 proxy racoon: DEBUG: 1c7e1dd1 4ffc68c8 3d61b2bf de8ac120 04100200 00000000 000000e4 0a000084 5d193b54 30efc3b9 82863caf 580e0de9 3a5f2e63 eeeea781 6aac174c c5215f62 376f5b35 e03a568e ec4f1aff 72278d03 0234454d 16aea8b1 b04c0379 4aa2b391 04d2c417 5f16cab4 d219ccc2 06355abf bcc7211c 21ed0d8c 01d5a563 1bafde27 b2a53f2b 82438da9 5c525984 b691e329 8eba6daf 6ccaa25c 18866ee8 ad8dcf90 14000014 d3eb85f6 904e6111 61a48040 604c531e 14000018 8a135bfc af8bc3d7 1b8dfaac a0514be5 fb226e26 00000018 7b995f1b 6c71a6bf 4c8a02e5 e7d6e5f5 63fc7104
Dec 20 12:17:12 proxy racoon: DEBUG: resend phase1 packet 1c7e1dd14ffc68c8:3d61b2bfde8ac120
Dec 20 12:17:32 proxy racoon: ERROR: phase1 negotiation failed due to time up. 1c7e1dd14ffc68c8:3d61b2bfde8ac120
Dec 20 12:17:32 proxy racoon: DEBUG: IV freed
Прошу прощения за лог в цитате, но тег код просто не работает тут :(

nnmax
рядовой
Сообщения: 42
Зарегистрирован: 2010-03-28 21:48:28

Re: IPSec теория и практика

Непрочитанное сообщение nnmax » 2011-12-20 13:48:37

Помоему параметры отключающие проверку чек суммы в есп и без патча есть, по крайней мере на 8

nnmax
рядовой
Сообщения: 42
Зарегистрирован: 2010-03-28 21:48:28

Re: IPSec теория и практика

Непрочитанное сообщение nnmax » 2011-12-20 13:52:13

Грепайте варнинги и ерроры

nnmax
рядовой
Сообщения: 42
Зарегистрирован: 2010-03-28 21:48:28

Re: IPSec теория и практика

Непрочитанное сообщение nnmax » 2011-12-21 0:47:29

nnmax писал(а):Помоему параметры отключающие проверку чек суммы в есп и без патча есть, по крайней мере на 8
Этот месаг я написал не туда, не обращайте внимание

masterevil
рядовой
Сообщения: 10
Зарегистрирован: 2011-05-17 15:05:00

Re: IPSec теория и практика

Непрочитанное сообщение masterevil » 2011-12-27 18:31:29

Все же IPsec через нат ну нивкакую не лезет.

nnmax
рядовой
Сообщения: 42
Зарегистрирован: 2010-03-28 21:48:28

Re: IPSec теория и практика

Непрочитанное сообщение nnmax » 2011-12-27 19:32:49

Попробуйте поставить Cisco VPN client, у меня он работает отлично из под ната