[Oct 14 10:43:43][LOCAL_IP <-> REMOTE_IP] ike_st_i_ke: Ke[0..128] = 97c6500a a0922015 ... [Oct 14 10:43:43][LOCAL_IP <-> REMOTE_IP] ike_st_i_cr: Start [Oct 14 10:43:43][LOCAL_IP <-> REMOTE_IP] ike_st_i_cert: Start [Oct 14 10:43:43][LOCAL_IP <-> REMOTE_IP] ike_st_i_private: Start [Oct 14 10:43:43][LOCAL_IP <-> REMOTE_IP] ike_st_o_id: Start [Oct 14 10:43:43][LOCAL_IP <-> REMOTE_IP] ike_st_o_hash: Start [Oct 14 10:43:43][LOCAL_IP <-> REMOTE_IP] iked_dh_get_group: DH Group 2 [Oct 14 10:43:43][LOCAL_IP <-> REMOTE_IP] iked_dh_compute_synch: Requested DH group 2 [Oct 14 10:43:43][LOCAL_IP <-> REMOTE_IP] juniper_dlp_diffie_hellman_final_async: DH Compute Secs [0] USecs [7795] [Oct 14 10:43:43][LOCAL_IP <-> REMOTE_IP] juniper_dlp_diffie_hellman_final_async: Computed DH using hardware [Oct 14 10:43:43][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { bce184cc c68164c3 - 24dc2d71 3f7ea90a [-1] / 0x00000000 } IP; Diffie-hellman secret g^xy[128] = 0x094b18f8 c0566b8a 3253d90e c37ad553 57 [Oct 14 10:43:43][LOCAL_IP <-> REMOTE_IP] ike_find_pre_shared_key: Find pre shared key key for LOCAL_IP:500, id = ipv4(any:0,[0..3]=LOCAL_IP) -> REMOTE_IP:500, id = No Id [Oct 14 10:43:43][LOCAL_IP <-> REMOTE_IP] ike_policy_reply_find_pre_shared_key: Start [Oct 14 10:43:43][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { bce184cc c68164c3 - 24dc2d71 3f7ea90a [-1] / 0x00000000 } IP; Hash algorithm = hmac-sha1 [Oct 14 10:43:43][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { bce184cc c68164c3 - 24dc2d71 3f7ea90a [-1] / 0x00000000 } IP; Prf key[11] = 0x32303135 4d696172 657465 [Oct 14 10:43:43][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { bce184cc c68164c3 - 24dc2d71 3f7ea90a [-1] / 0x00000000 } IP; Calculating SKEYID [Oct 14 10:43:43][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { bce184cc c68164c3 - 24dc2d71 3f7ea90a [-1] / 0x00000000 } IP; Output of SKEYID hash[20] = 0x96b1cfb7 898fd5eb 8b917a2d eea60247 97a49c48 [Oct 14 10:43:43][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { bce184cc c68164c3 - 24dc2d71 3f7ea90a [-1] / 0x00000000 } IP; Output of SKEYID_d hash[20] = 0x614392ad 8c8f9d76 72fe7afe a5434107 83d5ec [Oct 14 10:43:43][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { bce184cc c68164c3 - 24dc2d71 3f7ea90a [-1] / 0x00000000 } IP; Output of SKEYID_a hash[20] = 0x1672e80f 51912c93 a6f5d11d ce772786 0ccce0 [Oct 14 10:43:43][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { bce184cc c68164c3 - 24dc2d71 3f7ea90a [-1] / 0x00000000 } IP; Output SKEYID_e hash[20] = 0x5b08cc7c 1959013f 9c382d00 a61f584e e18d9c10 [Oct 14 10:43:43][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { bce184cc c68164c3 - 24dc2d71 3f7ea90a [-1] / 0x00000000 } IP; Final encryption key[16] = 0x5b08cc7c 1959013f 9c382d00 a61f584e [Oct 14 10:43:43][LOCAL_IP <-> REMOTE_IP] ike_calc_mac: Start, initiator = true, local = true [Oct 14 10:43:43][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { bce184cc c68164c3 - 24dc2d71 3f7ea90a [-1] / 0x00000000 } IP; Output of HASH_I hash[20] = 0x9690edd3 8dab9fdb b5d78545 2a67b016 202a04e2 [Oct 14 10:43:43][LOCAL_IP <-> REMOTE_IP] ike_st_o_status_n: Start [Oct 14 10:43:43][LOCAL_IP <-> REMOTE_IP] ike_st_o_private: Start [Oct 14 10:43:43][LOCAL_IP <-> REMOTE_IP] ike_policy_reply_private_payload_out: Start [Oct 14 10:43:43][LOCAL_IP <-> REMOTE_IP] ike_st_o_encrypt: Marking encryption for packet [Oct 14 10:43:43][LOCAL_IP <-> REMOTE_IP] ike_state_step: All done, new state = MM final I (7) [Oct 14 10:43:43][LOCAL_IP <-> REMOTE_IP] ike_encode_packet: Start, SA = { 0xbce184cc c68164c3 - 24dc2d71 3f7ea90a } / 00000000, nego = -1 [Oct 14 10:43:43][LOCAL_IP <-> REMOTE_IP] ike_encode_packet: Encrypting packet [Oct 14 10:43:43][LOCAL_IP <-> REMOTE_IP] ike_encode_packet: Final length = 76 [Oct 14 10:43:43][LOCAL_IP <-> REMOTE_IP] ike_send_packet: Start, send SA = { bce184cc c68164c3 - 24dc2d71 3f7ea90a}, nego = -1, dst = REMOTE_IP:500, routing table id = 0 [Oct 14 10:43:43][LOCAL_IP <-> REMOTE_IP] ike_sa_find: Found SA = { bce184cc c68164c3 - 24dc2d71 3f7ea90a } [Oct 14 10:43:43][LOCAL_IP <-> REMOTE_IP] ikev2_packet_v1_start: Passing IKE v1.0 packet to IKEv1 library [Oct 14 10:43:43][LOCAL_IP <-> REMOTE_IP] ike_get_sa: Start, SA = { bce184cc c68164c3 - 24dc2d71 3f7ea90a } / 00000000, remote = REMOTE_IP:500 [Oct 14 10:43:43][LOCAL_IP <-> REMOTE_IP] ike_sa_find: Found SA = { bce184cc c68164c3 - 24dc2d71 3f7ea90a } [Oct 14 10:43:43][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { bce184cc c68164c3 - 24dc2d71 3f7ea90a [-1] / 0x00000000 } IP; Packet to old negotiation [Oct 14 10:43:43][LOCAL_IP <-> REMOTE_IP] ike_decode_packet: Start [Oct 14 10:43:43][LOCAL_IP <-> REMOTE_IP] ike_decode_packet: Start, SA = { bce184cc c68164c3 - 24dc2d71 3f7ea90a} / 00000000, nego = -1 [Oct 14 10:43:43][LOCAL_IP <-> REMOTE_IP] ike_decode_packet: Decrypting packet [Oct 14 10:43:43][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { bce184cc c68164c3 - 24dc2d71 3f7ea90a [-1] / 0x00000000 } IP; Version = 1.0, Input packet fields = 0024 ID HASH [Oct 14 10:43:43][LOCAL_IP <-> REMOTE_IP] ike_state_step: Current state = MM final I (7)/-1, exchange = 2, auth_method = pre shared key, Initiator [Oct 14 10:43:43][LOCAL_IP <-> REMOTE_IP] ike_st_i_encrypt: Check that packet was encrypted succeeded [Oct 14 10:43:43][LOCAL_IP <-> REMOTE_IP] ike_st_i_id: Start [Oct 14 10:43:43][LOCAL_IP <-> REMOTE_IP] ike_st_i_hash: Start, hash[0..20] = 07022422 9a1bac73 ... [Oct 14 10:43:43][LOCAL_IP <-> REMOTE_IP] ike_calc_mac: Start, initiator = true, local = false [Oct 14 10:43:43][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { bce184cc c68164c3 - 24dc2d71 3f7ea90a [-1] / 0x00000000 } IP; Output of HASH_R hash[20] = 0x07022422 9a1bac73 d54df274 a3f2adb5 845eb37d [Oct 14 10:43:43][LOCAL_IP <-> REMOTE_IP] ike_st_i_cert: Start [Oct 14 10:43:43][LOCAL_IP <-> REMOTE_IP] ike_st_i_private: Start [Oct 14 10:43:43][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { bce184cc c68164c3 - 24dc2d71 3f7ea90a [-1] / 0x00000000 } IP; dec->enc iv[16] = 0x429f09c8 9333274e 5fd4127c 8684cd3c [Oct 14 10:43:43][LOCAL_IP <-> REMOTE_IP] ike_st_o_wait_done: Marking for waiting for done [Oct 14 10:43:43][LOCAL_IP <-> REMOTE_IP] ike_st_o_all_done: MESSAGE: Phase 1 { 0xbce184cc c68164c3 - 0x24dc2d71 3f7ea90a } / 00000000, version = 1.0, xchg = Identity protect, auth_method = Pre shared keys, Initiator, cipher = aes- [Oct 14 10:43:43][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { bce184cc c68164c3 - 24dc2d71 3f7ea90a [-1] / 0x00000000 } IP; MESSAGE: Phase 1 version = 1.0, auth_method = Pre shared keys, cipher = ae [Oct 14 10:43:43][LOCAL_IP <-> REMOTE_IP] ike_state_step: All done, new state = MM done I (9) [Oct 14 10:43:43][LOCAL_IP <-> REMOTE_IP] ikev2_fallback_negotiation_free: Fallback negotiation dfc800 has still 1 references [Oct 14 10:43:43][LOCAL_IP <-> REMOTE_IP] ike_send_notify: Connected, SA = { bce184cc c68164c3 - 24dc2d71 3f7ea90a}, nego = -1 [Oct 14 10:43:43][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { bce184cc c68164c3 - 24dc2d71 3f7ea90a [-1] / 0x00000000 } IP; Connected [Oct 14 10:43:43][LOCAL_IP <-> REMOTE_IP] ike_process_packet: No output packet, returning [Oct 14 10:43:43][LOCAL_IP <-> REMOTE_IP] iked_pm_ike_sa_done: local:LOCAL_IP, remote:REMOTE_IP IKEv1 [Oct 14 10:43:43][LOCAL_IP <-> REMOTE_IP] IKE negotiation done for local:LOCAL_IP, remote:REMOTE_IP IKEv1 with status: Error ok [Oct 14 10:43:43][LOCAL_IP <-> REMOTE_IP] Parsing notification payload for local:LOCAL_IP, remote:REMOTE_IP IKEv1 [Oct 14 10:43:43][LOCAL_IP <-> REMOTE_IP] P1 SA 2593416 stop timer. timer duration 30, reason 1. [Oct 14 10:43:43][LOCAL_IP <-> REMOTE_IP] ssh_ike_connect_notify: Start, remote_name = :500, flags = 00010000 [Oct 14 10:43:43][LOCAL_IP <-> REMOTE_IP] ike_sa_find_ip_port: Remote = all:500, Found SA = { bce184cc c68164c3 - 24dc2d71 3f7ea90a} [Oct 14 10:43:43][LOCAL_IP <-> REMOTE_IP] ike_alloc_negotiation: Start, SA = { bce184cc c68164c3 - 24dc2d71 3f7ea90a} [Oct 14 10:43:43][LOCAL_IP <-> REMOTE_IP] ike_alloc_negotiation: Found slot 0, max 1 [Oct 14 10:43:43][LOCAL_IP <-> REMOTE_IP] :500 (Initiator) <-> REMOTE_IP:500 { bce184cc c68164c3 - 24dc2d71 3f7ea90a [0] / 0x4c34d2cb } Info; Output of phase 2 IV hash[16] = 0xbb8801f9 ede467eb ad2f983e 57f912a6 [Oct 14 10:43:43][LOCAL_IP <-> REMOTE_IP] ike_init_info_exchange: Created random message id = 4c34d2cb [Oct 14 10:43:43][LOCAL_IP <-> REMOTE_IP] ike_init_info_exchange: Phase 1 done, use HASH and N or D payload [Oct 14 10:43:43][LOCAL_IP <-> REMOTE_IP] ssh_ike_connect_notify: SA = { bce184cc c68164c3 - 24dc2d71 3f7ea90a}, nego = 0 [Oct 14 10:43:43][LOCAL_IP <-> REMOTE_IP] :500 (Initiator) <-> REMOTE_IP:500 { bce184cc c68164c3 - 24dc2d71 3f7ea90a [0] / 0x4c34d2cb } Info; Start notify negotiation [Oct 14 10:43:43][LOCAL_IP <-> REMOTE_IP] ike_encode_packet: Start, SA = { 0xbce184cc c68164c3 - 24dc2d71 3f7ea90a } / 4c34d2cb, nego = 0 [Oct 14 10:43:43][LOCAL_IP <-> REMOTE_IP] ike_encode_packet: Encrypting packet [Oct 14 10:43:43][LOCAL_IP <-> REMOTE_IP] ike_encode_packet: Final length = 92 [Oct 14 10:43:43][LOCAL_IP <-> REMOTE_IP] ssh_ike_connect_notify: Sending notification to (null):500 [Oct 14 10:43:43][LOCAL_IP <-> REMOTE_IP] ike_send_packet: Start, send SA = { bce184cc c68164c3 - 24dc2d71 3f7ea90a}, nego = 0, dst = REMOTE_IP:500, routing table id = 0 [Oct 14 10:43:43][LOCAL_IP <-> REMOTE_IP] ike_delete_negotiation: Start, SA = { bce184cc c68164c3 - 24dc2d71 3f7ea90a}, nego = 0 [Oct 14 10:43:43][LOCAL_IP <-> REMOTE_IP] :500 (Initiator) <-> REMOTE_IP:500 { bce184cc c68164c3 - 24dc2d71 3f7ea90a [0] / 0x4c34d2cb } Info; Deleting negotiation [Oct 14 10:43:43][LOCAL_IP <-> REMOTE_IP] ike_free_negotiation_info: Start, nego = 0 [Oct 14 10:43:43][LOCAL_IP <-> REMOTE_IP] ike_free_negotiation: Start, nego = 0 [Oct 14 10:43:43][LOCAL_IP <-> REMOTE_IP] iked_pm_ike_info_done_callback: P1 SA 2593416 (ref 2). pending req? 0, status: Error ok [Oct 14 10:43:43][LOCAL_IP <-> REMOTE_IP] ikev2_fallback_negotiation_free: Freeing fallback negotiation dfc800 [Oct 14 10:43:43][LOCAL_IP <-> REMOTE_IP] ike_sa_find: Found SA = { bce184cc c68164c3 - 24dc2d71 3f7ea90a } [Oct 14 10:43:43][LOCAL_IP <-> REMOTE_IP] ikev2_packet_v1_start: Passing IKE v1.0 packet to IKEv1 library [Oct 14 10:43:43][LOCAL_IP <-> REMOTE_IP] ike_get_sa: Start, SA = { bce184cc c68164c3 - 24dc2d71 3f7ea90a } / 99209b62, remote = REMOTE_IP:500 [Oct 14 10:43:43][LOCAL_IP <-> REMOTE_IP] ike_sa_find: Found SA = { bce184cc c68164c3 - 24dc2d71 3f7ea90a } [Oct 14 10:43:43][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { bce184cc c68164c3 - 24dc2d71 3f7ea90a [-1] / 0x00000000 } IP; Version = 1.0, Input packet fields = 0024 ID HASH [Oct 14 10:43:43][LOCAL_IP <-> REMOTE_IP] ike_state_step: Current state = MM done I (9)/-1, exchange = 2, auth_method = pre shared key, Initiator [Oct 14 10:43:43][LOCAL_IP <-> REMOTE_IP] ike_st_o_done: ISAKMP SA negotiation done [Oct 14 10:43:43][LOCAL_IP <-> REMOTE_IP] ike_state_step: All done, new state = Done (30) [Oct 14 10:43:43][LOCAL_IP <-> REMOTE_IP] ike_udp_callback_common: Connected, sending notify [Oct 14 10:43:43][LOCAL_IP <-> REMOTE_IP] ike_send_notify: Connected, SA = { bce184cc c68164c3 - 24dc2d71 3f7ea90a}, nego = -1 [Oct 14 10:43:43][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { bce184cc c68164c3 - 24dc2d71 3f7ea90a [-1] / 0x00000000 } IP; Connected [Oct 14 10:43:43][LOCAL_IP <-> REMOTE_IP] ike_free_negotiation_isakmp: Start, nego = -1 [Oct 14 10:43:43][LOCAL_IP <-> REMOTE_IP] ike_free_negotiation: Start, nego = -1 [Oct 14 10:43:43][LOCAL_IP <-> REMOTE_IP] ike_alloc_negotiation: Start, SA = { bce184cc c68164c3 - 24dc2d71 3f7ea90a} [Oct 14 10:43:43][LOCAL_IP <-> REMOTE_IP] ike_alloc_negotiation: Found slot 0, max 1 [Oct 14 10:43:43][LOCAL_IP <-> REMOTE_IP] ike_init_cfg_negotiation: Start, initiator = 0, message_id = 99209b62 [Oct 14 10:43:43][LOCAL_IP <-> REMOTE_IP] :500 (Responder) <-> REMOTE_IP:500 { bce184cc c68164c3 - 24dc2d71 3f7ea90a [0] / 0x99209b62 } CFG; New negotiation [Oct 14 10:43:43][LOCAL_IP <-> REMOTE_IP] ikev2_fallback_negotiation_alloc: Allocated fallback negotiation dfc800 [Oct 14 10:43:43][LOCAL_IP <-> REMOTE_IP] ikev2_fb_alloc_cfgmode_negotiation: Accepting new Cfg/XAuth negotiation: local=:500, remote=REMOTE_IP:500 [Oct 14 10:43:43][LOCAL_IP <-> REMOTE_IP] :500 (Responder) <-> REMOTE_IP:500 { bce184cc c68164c3 - 24dc2d71 3f7ea90a [0] / 0x99209b62 } CFG; Output of phase 2 IV hash[16] = 0x73332b79 99c76dd1 a2884c22 b193603c [Oct 14 10:43:43][LOCAL_IP <-> REMOTE_IP] ike_decode_packet: Start [Oct 14 10:43:43][LOCAL_IP <-> REMOTE_IP] ike_decode_packet: Start, SA = { bce184cc c68164c3 - 24dc2d71 3f7ea90a} / 99209b62, nego = 0 [Oct 14 10:43:43][LOCAL_IP <-> REMOTE_IP] ike_decode_packet: Decrypting packet [Oct 14 10:43:43][LOCAL_IP <-> REMOTE_IP] ike_decode_payload_attr: Start [Oct 14 10:43:43][LOCAL_IP <-> REMOTE_IP] :500 (Responder) <-> REMOTE_IP:500 { bce184cc c68164c3 - 24dc2d71 3f7ea90a [0] / 0x99209b62 } CFG; Version = 1.0, Input packet fields = 0820 HASH ATTR [Oct 14 10:43:43][LOCAL_IP <-> REMOTE_IP] ike_state_step: Current state = Start CFG R (26)/-1, exchange = 6, auth_method = any, Responder [Oct 14 10:43:43][LOCAL_IP <-> REMOTE_IP] ike_st_i_encrypt: Check that packet was encrypted succeeded [Oct 14 10:43:43][LOCAL_IP <-> REMOTE_IP] ike_st_i_gen_hash: Start, hash[0..20] = 6345485c 45767bbc ... [Oct 14 10:43:43][LOCAL_IP <-> REMOTE_IP] ike_st_i_cfg_attr: Start [Oct 14 10:43:43][LOCAL_IP <-> REMOTE_IP] ike_process_packet: No output packet, returning [Oct 14 10:43:43][LOCAL_IP <-> REMOTE_IP] ike_cfg_attrs_reply: Start [Oct 14 10:43:43][LOCAL_IP <-> REMOTE_IP] ikev2_fallback_negotiation_free: Fallback negotiation dfc800 has still 2 references [Oct 14 10:43:43][LOCAL_IP <-> REMOTE_IP] ikev2_fallback_negotiation_free: Fallback negotiation dfc800 has still 1 references [Oct 14 10:43:43][LOCAL_IP <-> REMOTE_IP] ikev2_fallback_negotiation_free: Freeing fallback negotiation dfc800 [Oct 14 10:43:43][LOCAL_IP <-> REMOTE_IP] ike_sa_find: Found SA = { bce184cc c68164c3 - 24dc2d71 3f7ea90a } [Oct 14 10:43:43][LOCAL_IP <-> REMOTE_IP] ikev2_packet_v1_start: Passing IKE v1.0 packet to IKEv1 library [Oct 14 10:43:43][LOCAL_IP <-> REMOTE_IP] ike_get_sa: Start, SA = { bce184cc c68164c3 - 24dc2d71 3f7ea90a } / d14c523d, remote = REMOTE_IP:500 [Oct 14 10:43:43][LOCAL_IP <-> REMOTE_IP] ike_sa_find: Found SA = { bce184cc c68164c3 - 24dc2d71 3f7ea90a } [Oct 14 10:43:43][LOCAL_IP <-> REMOTE_IP] ike_alloc_negotiation: Start, SA = { bce184cc c68164c3 - 24dc2d71 3f7ea90a} [Oct 14 10:43:43][LOCAL_IP <-> REMOTE_IP] ike_alloc_negotiation: Found slot 1, max 2 [Oct 14 10:43:43][LOCAL_IP <-> REMOTE_IP] :500 (Responder) <-> REMOTE_IP:500 { bce184cc c68164c3 - 24dc2d71 3f7ea90a [1] / 0xd14c523d } Info; New informational negotiation [Oct 14 10:43:43][LOCAL_IP <-> REMOTE_IP] :500 (Responder) <-> REMOTE_IP:500 { bce184cc c68164c3 - 24dc2d71 3f7ea90a [1] / 0xd14c523d } Info; Packet to old negotiation [Oct 14 10:43:43][LOCAL_IP <-> REMOTE_IP] :500 (Responder) <-> REMOTE_IP:500 { bce184cc c68164c3 - 24dc2d71 3f7ea90a [1] / 0xd14c523d } Info; Output of phase 2 IV hash[16] = 0x845d8466 3cada628 4f2d751e d7e0427a [Oct 14 10:43:43][LOCAL_IP <-> REMOTE_IP] ike_decode_packet: Start [Oct 14 10:43:43][LOCAL_IP <-> REMOTE_IP] ike_decode_packet: Start, SA = { bce184cc c68164c3 - 24dc2d71 3f7ea90a} / d14c523d, nego = 1 [Oct 14 10:43:43][LOCAL_IP <-> REMOTE_IP] ike_decode_packet: Decrypting packet [Oct 14 10:43:43][LOCAL_IP <-> REMOTE_IP] :500 (Responder) <-> REMOTE_IP:500 { bce184cc c68164c3 - 24dc2d71 3f7ea90a [1] / 0xd14c523d } Info; Version = 1.0, Input packet fields = 0220 HASH N [Oct 14 10:43:43][LOCAL_IP <-> REMOTE_IP] ike_state_step: Current state = Done (30)/-1, exchange = 5, auth_method = any, Responder [Oct 14 10:43:43][LOCAL_IP <-> REMOTE_IP] ike_st_i_encrypt: Check that packet was encrypted succeeded [Oct 14 10:43:43][LOCAL_IP <-> REMOTE_IP] ike_st_i_gen_hash: Start, hash[0..20] = 103a3c10 87cda24b ... [Oct 14 10:43:43][LOCAL_IP <-> REMOTE_IP] ike_st_i_n: Start, doi = 1, protocol = 1, code = Payload malformed (16), spi[0..0] = 00000000 00000000 ..., data[0..0] = 00000000 00000000 ... [Oct 14 10:43:43][LOCAL_IP <-> REMOTE_IP] :500 (Responder) <-> REMOTE_IP:500 { bce184cc c68164c3 - 24dc2d71 3f7ea90a [1] / 0xd14c523d } Info; Received notify err = Payload malformed (16) to isakmp sa, delete it [Oct 14 10:43:43][LOCAL_IP <-> REMOTE_IP] ike_st_i_private: Start [Oct 14 10:43:43][LOCAL_IP <-> REMOTE_IP] ike_state_step: All done, new state = Done (30) [Oct 14 10:43:43][LOCAL_IP <-> REMOTE_IP] ike_process_packet: Connected, sending notify [Oct 14 10:43:43][LOCAL_IP <-> REMOTE_IP] ike_send_notify: Connected, SA = { bce184cc c68164c3 - 24dc2d71 3f7ea90a}, nego = 1 [Oct 14 10:43:43][LOCAL_IP <-> REMOTE_IP] :500 (Responder) <-> REMOTE_IP:500 { bce184cc c68164c3 - 24dc2d71 3f7ea90a [1] / 0xd14c523d } Info; Connected [Oct 14 10:43:43][LOCAL_IP <-> REMOTE_IP] ike_delete_negotiation: Start, SA = { bce184cc c68164c3 - 24dc2d71 3f7ea90a}, nego = 1 [Oct 14 10:43:43][LOCAL_IP <-> REMOTE_IP] :500 (Responder) <-> REMOTE_IP:500 { bce184cc c68164c3 - 24dc2d71 3f7ea90a [1] / 0xd14c523d } Info; Deleting negotiation [Oct 14 10:43:43][LOCAL_IP <-> REMOTE_IP] ike_free_negotiation_info: Start, nego = 1 [Oct 14 10:43:43][LOCAL_IP <-> REMOTE_IP] ike_free_negotiation: Start, nego = 1 [Oct 14 10:43:43][LOCAL_IP <-> REMOTE_IP] ike_remove_callback: Start, delete SA = { bce184cc c68164c3 - 24dc2d71 3f7ea90a}, nego = -1 [Oct 14 10:43:43][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { bce184cc c68164c3 - 24dc2d71 3f7ea90a [-1] / unknown } IP; Removing negotiation [Oct 14 10:43:43][LOCAL_IP <-> REMOTE_IP] ike_delete_negotiation: Start, SA = { bce184cc c68164c3 - 24dc2d71 3f7ea90a}, nego = -1 [Oct 14 10:43:43][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { bce184cc c68164c3 - 24dc2d71 3f7ea90a [-1] / unknown } IP; Deleting negotiation [Oct 14 10:43:43][LOCAL_IP <-> REMOTE_IP] ssh_ike_tunnel_table_entry_delete: Deleting tunnel_id: 0 from IKE tunnel table [Oct 14 10:43:43][LOCAL_IP <-> REMOTE_IP] ssh_ike_tunnel_table_entry_delete: The tunnel id: 0 doesn't exist in IKE tunnel table [Oct 14 10:43:43][LOCAL_IP <-> REMOTE_IP] ike_sa_delete: Start, SA = { bce184cc c68164c3 - 24dc2d71 3f7ea90a } [Oct 14 10:43:43][LOCAL_IP <-> REMOTE_IP] ike_free_negotiation_cfg: Start, nego = 0 [Oct 14 10:43:43][LOCAL_IP <-> REMOTE_IP] ike_free_negotiation: Start, nego = 0 [Oct 14 10:43:43][LOCAL_IP <-> REMOTE_IP] ike_free_negotiation_isakmp: Start, nego = -1 [Oct 14 10:43:43][LOCAL_IP <-> REMOTE_IP] ike_free_negotiation: Start, nego = -1 [Oct 14 10:43:43][LOCAL_IP <-> REMOTE_IP] ikev2_fb_isakmp_sa_freed: Received notification from the ISAKMP library that the IKE SA df6400 is freed [Oct 14 10:43:43][LOCAL_IP <-> REMOTE_IP] IKE SA delete called for p1 sa 2593416 (ref cnt 1) local:LOCAL_IP, remote:REMOTE_IP, IKEv1 [Oct 14 10:43:43][LOCAL_IP <-> REMOTE_IP] P1 SA 2593416 stop timer. timer duration 30, reason 0. [Oct 14 10:43:43][LOCAL_IP <-> REMOTE_IP] iked_pm_p1_sa_destroy: p1 sa 2593416 (ref cnt 0), waiting_for_del 0x0 [Oct 14 10:43:43][LOCAL_IP <-> REMOTE_IP] iked_peer_remove_p1sa_entry: Remove p1 sa 2593416 from peer entry 0x9cc400 [Oct 14 10:43:43][LOCAL_IP <-> REMOTE_IP] ike_free_id_payload: Start, id type = 1 [Oct 14 10:43:43][LOCAL_IP <-> REMOTE_IP] ike_free_id_payload: Start, id type = 1 [Oct 14 10:43:43][LOCAL_IP <-> REMOTE_IP] ike_free_sa: Start [Oct 14 10:43:47][LOCAL_IP <-> REMOTE_IP] ike_sa_find: Not found SA = { bce184cc c68164c3 - 24dc2d71 3f7ea90a } [Oct 14 10:43:47][LOCAL_IP <-> REMOTE_IP] ikev2_packet_v1_start: Passing IKE v1.0 packet to IKEv1 library [Oct 14 10:43:47][LOCAL_IP <-> REMOTE_IP] ike_get_sa: Start, SA = { bce184cc c68164c3 - 24dc2d71 3f7ea90a } / 99209b62, remote = REMOTE_IP:500 [Oct 14 10:43:47][LOCAL_IP <-> REMOTE_IP] ike_sa_find: Not found SA = { bce184cc c68164c3 - 24dc2d71 3f7ea90a } [Oct 14 10:43:47][LOCAL_IP <-> REMOTE_IP] ike_sa_find_half: Not found half SA = { bce184cc c68164c3 - 00000000 00000000 } [Oct 14 10:43:47][LOCAL_IP <-> REMOTE_IP] ike_get_sa: Invalid cookie, no sa found, SA = { bce184cc c68164c3 - 24dc2d71 3f7ea90a } / 99209b62, remote = REMOTE_IP:500 [Oct 14 10:43:47][LOCAL_IP <-> REMOTE_IP] iked_pv_audit_callback: Empty SSH audit event [Oct 14 10:43:47][LOCAL_IP <-> REMOTE_IP] unknown (unknown) <-> unknown { unknown [unknown] / unknown } unknown; Packet to unknown Isakmp SA, ip = REMOTE_IP:500 [Oct 14 10:43:53][LOCAL_IP <-> REMOTE_IP] Received DPD Trigger message with local_gw_addr = LOCAL_IP remote_gw_addr = REMOTE_IP [Oct 14 10:43:53][LOCAL_IP <-> REMOTE_IP] DPD -> TTL decrement 4 (no-response) for remote peer REMOTE_IP [Oct 14 10:43:53][LOCAL_IP <-> REMOTE_IP] P1 SA 2593417 start timer. timer duration 30, reason 1. [Oct 14 10:43:53][LOCAL_IP <-> REMOTE_IP] iked_peer_insert_p1sa_entry: Insert p1 sa 2593417 in peer entry 0x9cc400 [Oct 14 10:43:53][LOCAL_IP <-> REMOTE_IP] ikev2_fallback_negotiation_alloc: Allocated fallback negotiation dfc800 [Oct 14 10:43:53][LOCAL_IP <-> REMOTE_IP] Parsing notification payload for local:LOCAL_IP, remote:REMOTE_IP IKEv1 [Oct 14 10:43:53][LOCAL_IP <-> REMOTE_IP] IKE SA fill called for negotiation of local:LOCAL_IP, remote:REMOTE_IP IKEv1 [Oct 14 10:43:53][LOCAL_IP <-> REMOTE_IP] ikev2_fallback_negotiation_free: Fallback negotiation dfc800 has still 1 references [Oct 14 10:43:53][LOCAL_IP <-> REMOTE_IP] ssh_ike_connect: Start, remote_name = REMOTE_IP:500, xchg = 2, flags = 00080000 [Oct 14 10:43:53][LOCAL_IP <-> REMOTE_IP] ike_sa_allocate: Start, SA = { 76a6de05 afff9570 - 00000000 00000000 } [Oct 14 10:43:53][LOCAL_IP <-> REMOTE_IP] ike_init_isakmp_sa: Start, remote = REMOTE_IP:500, initiator = 1 [Oct 14 10:43:53][LOCAL_IP <-> REMOTE_IP] ssh_ike_connect: SA = { 76a6de05 afff9570 - 00000000 00000000}, nego = -1 [Oct 14 10:43:53][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { 76a6de05 afff9570 - 00000000 00000000 [-1] / 0x00000000 } IP; Start isakmp sa negotiation [Oct 14 10:43:53][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { 76a6de05 afff9570 - 00000000 00000000 [-1] / 0x00000000 } IP; Version = 1.0, Input packet fields = 0000 [Oct 14 10:43:53][LOCAL_IP <-> REMOTE_IP] ike_state_step: Current state = Start sa negotiation I (1)/-1, exchange = 2, auth_method = pre shared key, Initiator [Oct 14 10:43:53][LOCAL_IP <-> REMOTE_IP] ike_st_o_sa_proposal: Start [Oct 14 10:43:53][LOCAL_IP <-> REMOTE_IP] ike_policy_reply_isakmp_vendor_ids: Start [Oct 14 10:43:53][LOCAL_IP <-> REMOTE_IP] ike_st_o_private: Start [Oct 14 10:43:53][LOCAL_IP <-> REMOTE_IP] ike_policy_reply_private_payload_out: Start [Oct 14 10:43:53][LOCAL_IP <-> REMOTE_IP] ike_state_step: All done, new state = MM SA I (3) [Oct 14 10:43:53][LOCAL_IP <-> REMOTE_IP] ike_encode_packet: Start, SA = { 0x76a6de05 afff9570 - 00000000 00000000 } / 00000000, nego = -1 [Oct 14 10:43:53][LOCAL_IP <-> REMOTE_IP] ike_encode_packet: Final length = 288 [Oct 14 10:43:53][LOCAL_IP <-> REMOTE_IP] ike_send_packet: Start, send SA = { 76a6de05 afff9570 - 00000000 00000000}, nego = -1, dst = REMOTE_IP:500, routing table id = 0 [Oct 14 10:43:53][LOCAL_IP <-> REMOTE_IP] ike_sa_find: Not found SA = { 76a6de05 afff9570 - 42447045 3cb81f44 } [Oct 14 10:43:53][LOCAL_IP <-> REMOTE_IP] ikev2_packet_v1_start: Passing IKE v1.0 packet to IKEv1 library [Oct 14 10:43:53][LOCAL_IP <-> REMOTE_IP] ike_get_sa: Start, SA = { 76a6de05 afff9570 - 42447045 3cb81f44 } / 00000000, remote = REMOTE_IP:500 [Oct 14 10:43:53][LOCAL_IP <-> REMOTE_IP] ike_sa_find: Not found SA = { 76a6de05 afff9570 - 42447045 3cb81f44 } [Oct 14 10:43:53][LOCAL_IP <-> REMOTE_IP] ike_sa_find_half: Found half SA = { 76a6de05 afff9570 - 00000000 00000000 } [Oct 14 10:43:53][LOCAL_IP <-> REMOTE_IP] ike_get_sa: We are intiator, first response packet [Oct 14 10:43:53][LOCAL_IP <-> REMOTE_IP] ike_sa_upgrade: Start, SA = { 76a6de05 afff9570 - 00000000 00000000 } -> { ... - 42447045 3cb81f44 } [Oct 14 10:43:53][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { 76a6de05 afff9570 - 42447045 3cb81f44 [-1] / 0x00000000 } IP; Packet to old negotiation [Oct 14 10:43:53][LOCAL_IP <-> REMOTE_IP] ike_decode_packet: Start [Oct 14 10:43:53][LOCAL_IP <-> REMOTE_IP] ike_decode_packet: Start, SA = { 76a6de05 afff9570 - 42447045 3cb81f44} / 00000000, nego = -1 [Oct 14 10:43:53][LOCAL_IP <-> REMOTE_IP] ike_decode_payload_sa: Start [Oct 14 10:43:53][LOCAL_IP <-> REMOTE_IP] ike_decode_payload_sa: Found 1 proposals [Oct 14 10:43:53][LOCAL_IP <-> REMOTE_IP] ike_decode_payload_t: Start, # trans = 1 [Oct 14 10:43:53][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { 76a6de05 afff9570 - 42447045 3cb81f44 [-1] / 0x00000000 } IP; Version = 1.0, Input packet fields = 0401 SA VID [Oct 14 10:43:53][LOCAL_IP <-> REMOTE_IP] ike_state_step: Current state = MM SA I (3)/-1, exchange = 2, auth_method = pre shared key, Initiator [Oct 14 10:43:53][LOCAL_IP <-> REMOTE_IP] ike_st_i_sa_value: Start [Oct 14 10:43:53][LOCAL_IP <-> REMOTE_IP] ike_st_i_cr: Start [Oct 14 10:43:53][LOCAL_IP <-> REMOTE_IP] ike_st_i_cert: Start [Oct 14 10:43:53][LOCAL_IP <-> REMOTE_IP] ike_st_i_vid: VID[0..8] = 09002689 dfd6b712 ... [Oct 14 10:43:53][LOCAL_IP <-> REMOTE_IP] ike_st_i_vid: VID[0..16] = afcad713 68a1f1c9 ... [Oct 14 10:43:53][LOCAL_IP <-> REMOTE_IP] ike_st_i_vid: VID[0..16] = 12f5f28c 457168a9 ... [Oct 14 10:43:53][LOCAL_IP <-> REMOTE_IP] ike_st_i_vid: VID[0..16] = 4a131c81 07035845 ... [Oct 14 10:43:53][LOCAL_IP <-> REMOTE_IP] ike_st_i_private: Start [Oct 14 10:43:53][LOCAL_IP <-> REMOTE_IP] ike_st_o_ke: Start [Oct 14 10:43:53][LOCAL_IP <-> REMOTE_IP] iked_dh_get_group: DH Group 2 [Oct 14 10:43:53][LOCAL_IP <-> REMOTE_IP] iked_dh_generate_sync: Requested DH group 2 [Oct 14 10:43:53][LOCAL_IP <-> REMOTE_IP] iked_dh_generate_sync: Generated DH keys using hardware for DH group 2 [Oct 14 10:43:53][LOCAL_IP <-> REMOTE_IP] juniper_dlp_diffie_hellman_generate_async: DH Generate Secs [0] USecs [6045] [Oct 14 10:43:53][LOCAL_IP <-> REMOTE_IP] juniper_dlp_diffie_hellman_generate_async: Generated DH using hardware [Oct 14 10:43:53][LOCAL_IP <-> REMOTE_IP] ike_st_o_nonce: Start [Oct 14 10:43:53][LOCAL_IP <-> REMOTE_IP] ike_policy_reply_isakmp_nonce_data_len: Start [Oct 14 10:43:53][LOCAL_IP <-> REMOTE_IP] ike_st_o_private: Start [Oct 14 10:43:53][LOCAL_IP <-> REMOTE_IP] ike_policy_reply_private_payload_out: Start [Oct 14 10:43:53][LOCAL_IP <-> REMOTE_IP] ike_policy_reply_private_payload_out: Start [Oct 14 10:43:53][LOCAL_IP <-> REMOTE_IP] ike_policy_reply_private_payload_out: Start [Oct 14 10:43:53][LOCAL_IP <-> REMOTE_IP] ike_state_step: All done, new state = MM KE I (5) [Oct 14 10:43:53][LOCAL_IP <-> REMOTE_IP] ike_encode_packet: Start, SA = { 0x76a6de05 afff9570 - 42447045 3cb81f44 } / 00000000, nego = -1 [Oct 14 10:43:53][LOCAL_IP <-> REMOTE_IP] ike_encode_packet: Final length = 228 [Oct 14 10:43:53][LOCAL_IP <-> REMOTE_IP] ike_send_packet: Start, send SA = { 76a6de05 afff9570 - 42447045 3cb81f44}, nego = -1, dst = REMOTE_IP:500, routing table id = 0 [Oct 14 10:43:53][LOCAL_IP <-> REMOTE_IP] ike_sa_find: Found SA = { 76a6de05 afff9570 - 42447045 3cb81f44 } [Oct 14 10:43:53][LOCAL_IP <-> REMOTE_IP] ikev2_packet_v1_start: Passing IKE v1.0 packet to IKEv1 library [Oct 14 10:43:53][LOCAL_IP <-> REMOTE_IP] ike_get_sa: Start, SA = { 76a6de05 afff9570 - 42447045 3cb81f44 } / 00000000, remote = REMOTE_IP:500 [Oct 14 10:43:53][LOCAL_IP <-> REMOTE_IP] ike_sa_find: Found SA = { 76a6de05 afff9570 - 42447045 3cb81f44 } [Oct 14 10:43:53][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { 76a6de05 afff9570 - 42447045 3cb81f44 [-1] / 0x00000000 } IP; Packet to old negotiation [Oct 14 10:43:53][LOCAL_IP <-> REMOTE_IP] ike_decode_packet: Start [Oct 14 10:43:53][LOCAL_IP <-> REMOTE_IP] ike_decode_packet: Start, SA = { 76a6de05 afff9570 - 42447045 3cb81f44} / 00000000, nego = -1 [Oct 14 10:43:53][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { 76a6de05 afff9570 - 42447045 3cb81f44 [-1] / 0x00000000 } IP; Version = 1.0, Input packet fields = 0012 KE NONCE [Oct 14 10:43:53][LOCAL_IP <-> REMOTE_IP] ike_state_step: Current state = MM KE I (5)/-1, exchange = 2, auth_method = pre shared key, Initiator [Oct 14 10:43:53][LOCAL_IP <-> REMOTE_IP] ike_st_i_nonce: Start, nonce[0..32] = 69071e2f 294bf17e ... [Oct 14 10:43:53][LOCAL_IP <-> REMOTE_IP] ike_st_i_ke: Ke[0..128] = d0b34890 2f2bc57c ... [Oct 14 10:43:53][LOCAL_IP <-> REMOTE_IP] ike_st_i_cr: Start [Oct 14 10:43:53][LOCAL_IP <-> REMOTE_IP] ike_st_i_cert: Start [Oct 14 10:43:53][LOCAL_IP <-> REMOTE_IP] ike_st_i_private: Start [Oct 14 10:43:53][LOCAL_IP <-> REMOTE_IP] ike_st_o_id: Start [Oct 14 10:43:53][LOCAL_IP <-> REMOTE_IP] ike_st_o_hash: Start [Oct 14 10:43:53][LOCAL_IP <-> REMOTE_IP] iked_dh_get_group: DH Group 2 [Oct 14 10:43:53][LOCAL_IP <-> REMOTE_IP] iked_dh_compute_synch: Requested DH group 2 [Oct 14 10:43:53][LOCAL_IP <-> REMOTE_IP] juniper_dlp_diffie_hellman_final_async: DH Compute Secs [0] USecs [5335] [Oct 14 10:43:53][LOCAL_IP <-> REMOTE_IP] juniper_dlp_diffie_hellman_final_async: Computed DH using hardware [Oct 14 10:43:53][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { 76a6de05 afff9570 - 42447045 3cb81f44 [-1] / 0x00000000 } IP; Diffie-hellman secret g^xy[128] = 0xac369305 febfb36d b6b072e8 0b1c226e 3f [Oct 14 10:43:53][LOCAL_IP <-> REMOTE_IP] ike_find_pre_shared_key: Find pre shared key key for LOCAL_IP:500, id = ipv4(any:0,[0..3]=LOCAL_IP) -> REMOTE_IP:500, id = No Id [Oct 14 10:43:53][LOCAL_IP <-> REMOTE_IP] ike_policy_reply_find_pre_shared_key: Start [Oct 14 10:43:53][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { 76a6de05 afff9570 - 42447045 3cb81f44 [-1] / 0x00000000 } IP; Hash algorithm = hmac-sha1 [Oct 14 10:43:53][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { 76a6de05 afff9570 - 42447045 3cb81f44 [-1] / 0x00000000 } IP; Prf key[11] = 0x32303135 4d696172 657465 [Oct 14 10:43:53][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { 76a6de05 afff9570 - 42447045 3cb81f44 [-1] / 0x00000000 } IP; Calculating SKEYID [Oct 14 10:43:53][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { 76a6de05 afff9570 - 42447045 3cb81f44 [-1] / 0x00000000 } IP; Output of SKEYID hash[20] = 0x74f48016 2c8e781c 70069790 ad90b464 12fa7b66 [Oct 14 10:43:53][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { 76a6de05 afff9570 - 42447045 3cb81f44 [-1] / 0x00000000 } IP; Output of SKEYID_d hash[20] = 0x2e4f0d40 a76c5415 21c781f6 f027fc8a bbfc43 [Oct 14 10:43:53][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { 76a6de05 afff9570 - 42447045 3cb81f44 [-1] / 0x00000000 } IP; Output of SKEYID_a hash[20] = 0x75d0c134 431f9210 3c3e5953 2e003470 fe97c5 [Oct 14 10:43:53][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { 76a6de05 afff9570 - 42447045 3cb81f44 [-1] / 0x00000000 } IP; Output SKEYID_e hash[20] = 0xa2e47ef3 2a7c16ec f8826272 e7ab2b62 1cfd7d02 [Oct 14 10:43:53][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { 76a6de05 afff9570 - 42447045 3cb81f44 [-1] / 0x00000000 } IP; Final encryption key[16] = 0xa2e47ef3 2a7c16ec f8826272 e7ab2b62 [Oct 14 10:43:53][LOCAL_IP <-> REMOTE_IP] ike_calc_mac: Start, initiator = true, local = true [Oct 14 10:43:53][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { 76a6de05 afff9570 - 42447045 3cb81f44 [-1] / 0x00000000 } IP; Output of HASH_I hash[20] = 0xbe1489d9 a1301420 04cb82ae 9609d557 bc70fa21 [Oct 14 10:43:53][LOCAL_IP <-> REMOTE_IP] ike_st_o_status_n: Start [Oct 14 10:43:53][LOCAL_IP <-> REMOTE_IP] ike_st_o_private: Start [Oct 14 10:43:53][LOCAL_IP <-> REMOTE_IP] ike_policy_reply_private_payload_out: Start [Oct 14 10:43:53][LOCAL_IP <-> REMOTE_IP] ike_st_o_encrypt: Marking encryption for packet [Oct 14 10:43:53][LOCAL_IP <-> REMOTE_IP] ike_state_step: All done, new state = MM final I (7) [Oct 14 10:43:53][LOCAL_IP <-> REMOTE_IP] ike_encode_packet: Start, SA = { 0x76a6de05 afff9570 - 42447045 3cb81f44 } / 00000000, nego = -1 [Oct 14 10:43:53][LOCAL_IP <-> REMOTE_IP] ike_encode_packet: Encrypting packet [Oct 14 10:43:53][LOCAL_IP <-> REMOTE_IP] ike_encode_packet: Final length = 76 [Oct 14 10:43:53][LOCAL_IP <-> REMOTE_IP] ike_send_packet: Start, send SA = { 76a6de05 afff9570 - 42447045 3cb81f44}, nego = -1, dst = REMOTE_IP:500, routing table id = 0 [Oct 14 10:43:53][LOCAL_IP <-> REMOTE_IP] ike_sa_find: Found SA = { 76a6de05 afff9570 - 42447045 3cb81f44 } [Oct 14 10:43:53][LOCAL_IP <-> REMOTE_IP] ikev2_packet_v1_start: Passing IKE v1.0 packet to IKEv1 library [Oct 14 10:43:53][LOCAL_IP <-> REMOTE_IP] ike_get_sa: Start, SA = { 76a6de05 afff9570 - 42447045 3cb81f44 } / 00000000, remote = REMOTE_IP:500 [Oct 14 10:43:53][LOCAL_IP <-> REMOTE_IP] ike_sa_find: Found SA = { 76a6de05 afff9570 - 42447045 3cb81f44 } [Oct 14 10:43:53][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { 76a6de05 afff9570 - 42447045 3cb81f44 [-1] / 0x00000000 } IP; Packet to old negotiation [Oct 14 10:43:53][LOCAL_IP <-> REMOTE_IP] ike_decode_packet: Start [Oct 14 10:43:53][LOCAL_IP <-> REMOTE_IP] ike_decode_packet: Start, SA = { 76a6de05 afff9570 - 42447045 3cb81f44} / 00000000, nego = -1 [Oct 14 10:43:53][LOCAL_IP <-> REMOTE_IP] ike_decode_packet: Decrypting packet [Oct 14 10:43:53][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { 76a6de05 afff9570 - 42447045 3cb81f44 [-1] / 0x00000000 } IP; Version = 1.0, Input packet fields = 0024 ID HASH [Oct 14 10:43:53][LOCAL_IP <-> REMOTE_IP] ike_state_step: Current state = MM final I (7)/-1, exchange = 2, auth_method = pre shared key, Initiator [Oct 14 10:43:53][LOCAL_IP <-> REMOTE_IP] ike_st_i_encrypt: Check that packet was encrypted succeeded [Oct 14 10:43:53][LOCAL_IP <-> REMOTE_IP] ike_st_i_id: Start [Oct 14 10:43:53][LOCAL_IP <-> REMOTE_IP] ike_st_i_hash: Start, hash[0..20] = 8c1384f2 1ca522b9 ... [Oct 14 10:43:53][LOCAL_IP <-> REMOTE_IP] ike_calc_mac: Start, initiator = true, local = false [Oct 14 10:43:53][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { 76a6de05 afff9570 - 42447045 3cb81f44 [-1] / 0x00000000 } IP; Output of HASH_R hash[20] = 0x8c1384f2 1ca522b9 d1c280c3 eb9f8ff8 7660c011 [Oct 14 10:43:53][LOCAL_IP <-> REMOTE_IP] ike_st_i_cert: Start [Oct 14 10:43:53][LOCAL_IP <-> REMOTE_IP] ike_st_i_private: Start [Oct 14 10:43:53][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { 76a6de05 afff9570 - 42447045 3cb81f44 [-1] / 0x00000000 } IP; dec->enc iv[16] = 0x79f0c29c c4e7a318 6fcd817c fa81ceac [Oct 14 10:43:53][LOCAL_IP <-> REMOTE_IP] ike_st_o_wait_done: Marking for waiting for done [Oct 14 10:43:53][LOCAL_IP <-> REMOTE_IP] ike_st_o_all_done: MESSAGE: Phase 1 { 0x76a6de05 afff9570 - 0x42447045 3cb81f44 } / 00000000, version = 1.0, xchg = Identity protect, auth_method = Pre shared keys, Initiator, cipher = aes- [Oct 14 10:43:53][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { 76a6de05 afff9570 - 42447045 3cb81f44 [-1] / 0x00000000 } IP; MESSAGE: Phase 1 version = 1.0, auth_method = Pre shared keys, cipher = ae [Oct 14 10:43:53][LOCAL_IP <-> REMOTE_IP] ike_state_step: All done, new state = MM done I (9) [Oct 14 10:43:53][LOCAL_IP <-> REMOTE_IP] ikev2_fallback_negotiation_free: Fallback negotiation dfc800 has still 1 references [Oct 14 10:43:53][LOCAL_IP <-> REMOTE_IP] ike_send_notify: Connected, SA = { 76a6de05 afff9570 - 42447045 3cb81f44}, nego = -1 [Oct 14 10:43:53][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { 76a6de05 afff9570 - 42447045 3cb81f44 [-1] / 0x00000000 } IP; Connected [Oct 14 10:43:53][LOCAL_IP <-> REMOTE_IP] ike_process_packet: No output packet, returning [Oct 14 10:43:53][LOCAL_IP <-> REMOTE_IP] iked_pm_ike_sa_done: local:LOCAL_IP, remote:REMOTE_IP IKEv1 [Oct 14 10:43:53][LOCAL_IP <-> REMOTE_IP] IKE negotiation done for local:LOCAL_IP, remote:REMOTE_IP IKEv1 with status: Error ok [Oct 14 10:43:53][LOCAL_IP <-> REMOTE_IP] Parsing notification payload for local:LOCAL_IP, remote:REMOTE_IP IKEv1 [Oct 14 10:43:53][LOCAL_IP <-> REMOTE_IP] P1 SA 2593417 stop timer. timer duration 30, reason 1. [Oct 14 10:43:53][LOCAL_IP <-> REMOTE_IP] ssh_ike_connect_notify: Start, remote_name = :500, flags = 00010000 [Oct 14 10:43:53][LOCAL_IP <-> REMOTE_IP] ike_sa_find_ip_port: Remote = all:500, Found SA = { 76a6de05 afff9570 - 42447045 3cb81f44} [Oct 14 10:43:53][LOCAL_IP <-> REMOTE_IP] ike_alloc_negotiation: Start, SA = { 76a6de05 afff9570 - 42447045 3cb81f44} [Oct 14 10:43:53][LOCAL_IP <-> REMOTE_IP] ike_alloc_negotiation: Found slot 0, max 1 [Oct 14 10:43:53][LOCAL_IP <-> REMOTE_IP] :500 (Initiator) <-> REMOTE_IP:500 { 76a6de05 afff9570 - 42447045 3cb81f44 [0] / 0x260c9223 } Info; Output of phase 2 IV hash[16] = 0x8818c50f ff91a5b7 3af50ce3 cddfd6eb [Oct 14 10:43:53][LOCAL_IP <-> REMOTE_IP] ike_init_info_exchange: Created random message id = 260c9223 [Oct 14 10:43:53][LOCAL_IP <-> REMOTE_IP] ike_init_info_exchange: Phase 1 done, use HASH and N or D payload [Oct 14 10:43:53][LOCAL_IP <-> REMOTE_IP] ssh_ike_connect_notify: SA = { 76a6de05 afff9570 - 42447045 3cb81f44}, nego = 0 [Oct 14 10:43:53][LOCAL_IP <-> REMOTE_IP] :500 (Initiator) <-> REMOTE_IP:500 { 76a6de05 afff9570 - 42447045 3cb81f44 [0] / 0x260c9223 } Info; Start notify negotiation [Oct 14 10:43:53][LOCAL_IP <-> REMOTE_IP] ike_encode_packet: Start, SA = { 0x76a6de05 afff9570 - 42447045 3cb81f44 } / 260c9223, nego = 0 [Oct 14 10:43:53][LOCAL_IP <-> REMOTE_IP] ike_encode_packet: Encrypting packet [Oct 14 10:43:53][LOCAL_IP <-> REMOTE_IP] ike_encode_packet: Final length = 92 [Oct 14 10:43:53][LOCAL_IP <-> REMOTE_IP] ssh_ike_connect_notify: Sending notification to (null):500 [Oct 14 10:43:53][LOCAL_IP <-> REMOTE_IP] ike_send_packet: Start, send SA = { 76a6de05 afff9570 - 42447045 3cb81f44}, nego = 0, dst = REMOTE_IP:500, routing table id = 0 [Oct 14 10:43:53][LOCAL_IP <-> REMOTE_IP] ike_delete_negotiation: Start, SA = { 76a6de05 afff9570 - 42447045 3cb81f44}, nego = 0 [Oct 14 10:43:53][LOCAL_IP <-> REMOTE_IP] :500 (Initiator) <-> REMOTE_IP:500 { 76a6de05 afff9570 - 42447045 3cb81f44 [0] / 0x260c9223 } Info; Deleting negotiation [Oct 14 10:43:53][LOCAL_IP <-> REMOTE_IP] ike_free_negotiation_info: Start, nego = 0 [Oct 14 10:43:53][LOCAL_IP <-> REMOTE_IP] ike_free_negotiation: Start, nego = 0 [Oct 14 10:43:53][LOCAL_IP <-> REMOTE_IP] iked_pm_ike_info_done_callback: P1 SA 2593417 (ref 2). pending req? 0, status: Error ok [Oct 14 10:43:53][LOCAL_IP <-> REMOTE_IP] ikev2_fallback_negotiation_free: Freeing fallback negotiation dfc800 [Oct 14 10:43:53][LOCAL_IP <-> REMOTE_IP] ike_sa_find: Found SA = { 76a6de05 afff9570 - 42447045 3cb81f44 } [Oct 14 10:43:53][LOCAL_IP <-> REMOTE_IP] ikev2_packet_v1_start: Passing IKE v1.0 packet to IKEv1 library [Oct 14 10:43:53][LOCAL_IP <-> REMOTE_IP] ike_get_sa: Start, SA = { 76a6de05 afff9570 - 42447045 3cb81f44 } / d022cf11, remote = REMOTE_IP:500 [Oct 14 10:43:53][LOCAL_IP <-> REMOTE_IP] ike_sa_find: Found SA = { 76a6de05 afff9570 - 42447045 3cb81f44 } [Oct 14 10:43:53][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { 76a6de05 afff9570 - 42447045 3cb81f44 [-1] / 0x00000000 } IP; Version = 1.0, Input packet fields = 0024 ID HASH [Oct 14 10:43:53][LOCAL_IP <-> REMOTE_IP] ike_state_step: Current state = MM done I (9)/-1, exchange = 2, auth_method = pre shared key, Initiator [Oct 14 10:43:53][LOCAL_IP <-> REMOTE_IP] ike_st_o_done: ISAKMP SA negotiation done [Oct 14 10:43:53][LOCAL_IP <-> REMOTE_IP] ike_state_step: All done, new state = Done (30) [Oct 14 10:43:53][LOCAL_IP <-> REMOTE_IP] ike_udp_callback_common: Connected, sending notify [Oct 14 10:43:53][LOCAL_IP <-> REMOTE_IP] ike_send_notify: Connected, SA = { 76a6de05 afff9570 - 42447045 3cb81f44}, nego = -1 [Oct 14 10:43:53][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { 76a6de05 afff9570 - 42447045 3cb81f44 [-1] / 0x00000000 } IP; Connected [Oct 14 10:43:53][LOCAL_IP <-> REMOTE_IP] ike_free_negotiation_isakmp: Start, nego = -1 [Oct 14 10:43:53][LOCAL_IP <-> REMOTE_IP] ike_free_negotiation: Start, nego = -1 [Oct 14 10:43:53][LOCAL_IP <-> REMOTE_IP] ike_alloc_negotiation: Start, SA = { 76a6de05 afff9570 - 42447045 3cb81f44} [Oct 14 10:43:53][LOCAL_IP <-> REMOTE_IP] ike_alloc_negotiation: Found slot 0, max 1 [Oct 14 10:43:53][LOCAL_IP <-> REMOTE_IP] ike_init_cfg_negotiation: Start, initiator = 0, message_id = d022cf11 [Oct 14 10:43:53][LOCAL_IP <-> REMOTE_IP] :500 (Responder) <-> REMOTE_IP:500 { 76a6de05 afff9570 - 42447045 3cb81f44 [0] / 0xd022cf11 } CFG; New negotiation [Oct 14 10:43:53][LOCAL_IP <-> REMOTE_IP] ikev2_fallback_negotiation_alloc: Allocated fallback negotiation dfc800 [Oct 14 10:43:53][LOCAL_IP <-> REMOTE_IP] ikev2_fb_alloc_cfgmode_negotiation: Accepting new Cfg/XAuth negotiation: local=:500, remote=REMOTE_IP:500 [Oct 14 10:43:53][LOCAL_IP <-> REMOTE_IP] :500 (Responder) <-> REMOTE_IP:500 { 76a6de05 afff9570 - 42447045 3cb81f44 [0] / 0xd022cf11 } CFG; Output of phase 2 IV hash[16] = 0x50d56ac4 f7542ba3 99b574f8 f6a5d95f [Oct 14 10:43:53][LOCAL_IP <-> REMOTE_IP] ike_decode_packet: Start [Oct 14 10:43:53][LOCAL_IP <-> REMOTE_IP] ike_decode_packet: Start, SA = { 76a6de05 afff9570 - 42447045 3cb81f44} / d022cf11, nego = 0 [Oct 14 10:43:53][LOCAL_IP <-> REMOTE_IP] ike_decode_packet: Decrypting packet [Oct 14 10:43:53][LOCAL_IP <-> REMOTE_IP] ike_decode_payload_attr: Start [Oct 14 10:43:53][LOCAL_IP <-> REMOTE_IP] :500 (Responder) <-> REMOTE_IP:500 { 76a6de05 afff9570 - 42447045 3cb81f44 [0] / 0xd022cf11 } CFG; Version = 1.0, Input packet fields = 0820 HASH ATTR [Oct 14 10:43:53][LOCAL_IP <-> REMOTE_IP] ike_state_step: Current state = Start CFG R (26)/-1, exchange = 6, auth_method = any, Responder [Oct 14 10:43:53][LOCAL_IP <-> REMOTE_IP] ike_st_i_encrypt: Check that packet was encrypted succeeded [Oct 14 10:43:53][LOCAL_IP <-> REMOTE_IP] ike_st_i_gen_hash: Start, hash[0..20] = 3f510413 68b71a20 ... [Oct 14 10:43:53][LOCAL_IP <-> REMOTE_IP] ike_st_i_cfg_attr: Start [Oct 14 10:43:53][LOCAL_IP <-> REMOTE_IP] ike_process_packet: No output packet, returning [Oct 14 10:43:53][LOCAL_IP <-> REMOTE_IP] ike_cfg_attrs_reply: Start [Oct 14 10:43:53][LOCAL_IP <-> REMOTE_IP] ikev2_fallback_negotiation_free: Fallback negotiation dfc800 has still 2 references [Oct 14 10:43:53][LOCAL_IP <-> REMOTE_IP] ikev2_fallback_negotiation_free: Fallback negotiation dfc800 has still 1 references [Oct 14 10:43:53][LOCAL_IP <-> REMOTE_IP] ikev2_fallback_negotiation_free: Freeing fallback negotiation dfc800 [Oct 14 10:43:53][LOCAL_IP <-> REMOTE_IP] ike_sa_find: Found SA = { 76a6de05 afff9570 - 42447045 3cb81f44 } [Oct 14 10:43:53][LOCAL_IP <-> REMOTE_IP] ikev2_packet_v1_start: Passing IKE v1.0 packet to IKEv1 library [Oct 14 10:43:53][LOCAL_IP <-> REMOTE_IP] ike_get_sa: Start, SA = { 76a6de05 afff9570 - 42447045 3cb81f44 } / 6607b198, remote = REMOTE_IP:500 [Oct 14 10:43:53][LOCAL_IP <-> REMOTE_IP] ike_sa_find: Found SA = { 76a6de05 afff9570 - 42447045 3cb81f44 } [Oct 14 10:43:53][LOCAL_IP <-> REMOTE_IP] ike_alloc_negotiation: Start, SA = { 76a6de05 afff9570 - 42447045 3cb81f44} [Oct 14 10:43:53][LOCAL_IP <-> REMOTE_IP] ike_alloc_negotiation: Found slot 1, max 2 [Oct 14 10:43:53][LOCAL_IP <-> REMOTE_IP] :500 (Responder) <-> REMOTE_IP:500 { 76a6de05 afff9570 - 42447045 3cb81f44 [1] / 0x6607b198 } Info; New informational negotiation [Oct 14 10:43:53][LOCAL_IP <-> REMOTE_IP] :500 (Responder) <-> REMOTE_IP:500 { 76a6de05 afff9570 - 42447045 3cb81f44 [1] / 0x6607b198 } Info; Packet to old negotiation [Oct 14 10:43:53][LOCAL_IP <-> REMOTE_IP] :500 (Responder) <-> REMOTE_IP:500 { 76a6de05 afff9570 - 42447045 3cb81f44 [1] / 0x6607b198 } Info; Output of phase 2 IV hash[16] = 0x187c41aa f2f7fb30 6f1a1992 8f936911 [Oct 14 10:43:53][LOCAL_IP <-> REMOTE_IP] ike_decode_packet: Start [Oct 14 10:43:53][LOCAL_IP <-> REMOTE_IP] ike_decode_packet: Start, SA = { 76a6de05 afff9570 - 42447045 3cb81f44} / 6607b198, nego = 1 [Oct 14 10:43:53][LOCAL_IP <-> REMOTE_IP] ike_decode_packet: Decrypting packet [Oct 14 10:43:53][LOCAL_IP <-> REMOTE_IP] :500 (Responder) <-> REMOTE_IP:500 { 76a6de05 afff9570 - 42447045 3cb81f44 [1] / 0x6607b198 } Info; Version = 1.0, Input packet fields = 0220 HASH N [Oct 14 10:43:53][LOCAL_IP <-> REMOTE_IP] ike_state_step: Current state = Done (30)/-1, exchange = 5, auth_method = any, Responder [Oct 14 10:43:53][LOCAL_IP <-> REMOTE_IP] ike_st_i_encrypt: Check that packet was encrypted succeeded [Oct 14 10:43:53][LOCAL_IP <-> REMOTE_IP] ike_st_i_gen_hash: Start, hash[0..20] = 8a957219 dc085c3f ... [Oct 14 10:43:53][LOCAL_IP <-> REMOTE_IP] ike_st_i_n: Start, doi = 1, protocol = 1, code = Payload malformed (16), spi[0..0] = 00000000 00000000 ..., data[0..0] = 00000000 00000000 ... [Oct 14 10:43:53][LOCAL_IP <-> REMOTE_IP] :500 (Responder) <-> REMOTE_IP:500 { 76a6de05 afff9570 - 42447045 3cb81f44 [1] / 0x6607b198 } Info; Received notify err = Payload malformed (16) to isakmp sa, delete it [Oct 14 10:43:53][LOCAL_IP <-> REMOTE_IP] ike_st_i_private: Start [Oct 14 10:43:53][LOCAL_IP <-> REMOTE_IP] ike_state_step: All done, new state = Done (30) [Oct 14 10:43:53][LOCAL_IP <-> REMOTE_IP] ike_process_packet: Connected, sending notify [Oct 14 10:43:53][LOCAL_IP <-> REMOTE_IP] ike_send_notify: Connected, SA = { 76a6de05 afff9570 - 42447045 3cb81f44}, nego = 1 [Oct 14 10:43:53][LOCAL_IP <-> REMOTE_IP] :500 (Responder) <-> REMOTE_IP:500 { 76a6de05 afff9570 - 42447045 3cb81f44 [1] / 0x6607b198 } Info; Connected [Oct 14 10:43:53][LOCAL_IP <-> REMOTE_IP] ike_delete_negotiation: Start, SA = { 76a6de05 afff9570 - 42447045 3cb81f44}, nego = 1 [Oct 14 10:43:53][LOCAL_IP <-> REMOTE_IP] :500 (Responder) <-> REMOTE_IP:500 { 76a6de05 afff9570 - 42447045 3cb81f44 [1] / 0x6607b198 } Info; Deleting negotiation [Oct 14 10:43:53][LOCAL_IP <-> REMOTE_IP] ike_free_negotiation_info: Start, nego = 1 [Oct 14 10:43:53][LOCAL_IP <-> REMOTE_IP] ike_free_negotiation: Start, nego = 1 [Oct 14 10:43:53][LOCAL_IP <-> REMOTE_IP] ike_remove_callback: Start, delete SA = { 76a6de05 afff9570 - 42447045 3cb81f44}, nego = -1 [Oct 14 10:43:53][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { 76a6de05 afff9570 - 42447045 3cb81f44 [-1] / unknown } IP; Removing negotiation [Oct 14 10:43:53][LOCAL_IP <-> REMOTE_IP] ike_delete_negotiation: Start, SA = { 76a6de05 afff9570 - 42447045 3cb81f44}, nego = -1 [Oct 14 10:43:53][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { 76a6de05 afff9570 - 42447045 3cb81f44 [-1] / unknown } IP; Deleting negotiation [Oct 14 10:43:53][LOCAL_IP <-> REMOTE_IP] ssh_ike_tunnel_table_entry_delete: Deleting tunnel_id: 0 from IKE tunnel table [Oct 14 10:43:53][LOCAL_IP <-> REMOTE_IP] ssh_ike_tunnel_table_entry_delete: The tunnel id: 0 doesn't exist in IKE tunnel table [Oct 14 10:43:53][LOCAL_IP <-> REMOTE_IP] ike_sa_delete: Start, SA = { 76a6de05 afff9570 - 42447045 3cb81f44 } [Oct 14 10:43:53][LOCAL_IP <-> REMOTE_IP] ike_free_negotiation_cfg: Start, nego = 0 [Oct 14 10:43:53][LOCAL_IP <-> REMOTE_IP] ike_free_negotiation: Start, nego = 0 [Oct 14 10:43:53][LOCAL_IP <-> REMOTE_IP] ike_free_negotiation_isakmp: Start, nego = -1 [Oct 14 10:43:53][LOCAL_IP <-> REMOTE_IP] ike_free_negotiation: Start, nego = -1 [Oct 14 10:43:53][LOCAL_IP <-> REMOTE_IP] ikev2_fb_isakmp_sa_freed: Received notification from the ISAKMP library that the IKE SA df6400 is freed [Oct 14 10:43:53][LOCAL_IP <-> REMOTE_IP] IKE SA delete called for p1 sa 2593417 (ref cnt 1) local:LOCAL_IP, remote:REMOTE_IP, IKEv1 [Oct 14 10:43:53][LOCAL_IP <-> REMOTE_IP] P1 SA 2593417 stop timer. timer duration 30, reason 0. [Oct 14 10:43:53][LOCAL_IP <-> REMOTE_IP] iked_pm_p1_sa_destroy: p1 sa 2593417 (ref cnt 0), waiting_for_del 0x0 [Oct 14 10:43:53][LOCAL_IP <-> REMOTE_IP] iked_peer_remove_p1sa_entry: Remove p1 sa 2593417 from peer entry 0x9cc400 [Oct 14 10:43:53][LOCAL_IP <-> REMOTE_IP] ike_free_id_payload: Start, id type = 1 [Oct 14 10:43:53][LOCAL_IP <-> REMOTE_IP] ike_free_id_payload: Start, id type = 1 [Oct 14 10:43:53][LOCAL_IP <-> REMOTE_IP] ike_free_sa: Start [Oct 14 10:43:57][LOCAL_IP <-> REMOTE_IP] ike_sa_find: Not found SA = { 76a6de05 afff9570 - 42447045 3cb81f44 } [Oct 14 10:43:57][LOCAL_IP <-> REMOTE_IP] ikev2_packet_v1_start: Passing IKE v1.0 packet to IKEv1 library [Oct 14 10:43:57][LOCAL_IP <-> REMOTE_IP] ike_get_sa: Start, SA = { 76a6de05 afff9570 - 42447045 3cb81f44 } / d022cf11, remote = REMOTE_IP:500 [Oct 14 10:43:57][LOCAL_IP <-> REMOTE_IP] ike_sa_find: Not found SA = { 76a6de05 afff9570 - 42447045 3cb81f44 } [Oct 14 10:43:57][LOCAL_IP <-> REMOTE_IP] ike_sa_find_half: Not found half SA = { 76a6de05 afff9570 - 00000000 00000000 } [Oct 14 10:43:57][LOCAL_IP <-> REMOTE_IP] ike_get_sa: Invalid cookie, no sa found, SA = { 76a6de05 afff9570 - 42447045 3cb81f44 } / d022cf11, remote = REMOTE_IP:500 [Oct 14 10:43:57][LOCAL_IP <-> REMOTE_IP] iked_pv_audit_callback: Empty SSH audit event [Oct 14 10:43:57][LOCAL_IP <-> REMOTE_IP] unknown (unknown) <-> unknown { unknown [unknown] / unknown } unknown; Packet to unknown Isakmp SA, ip = REMOTE_IP:500 [Oct 14 10:44:03][LOCAL_IP <-> REMOTE_IP] Received DPD Trigger message with local_gw_addr = LOCAL_IP remote_gw_addr = REMOTE_IP [Oct 14 10:44:03][LOCAL_IP <-> REMOTE_IP] DPD -> TTL decrement 4 (no-response) for remote peer REMOTE_IP [Oct 14 10:44:03][LOCAL_IP <-> REMOTE_IP] P1 SA 2593418 start timer. timer duration 30, reason 1. [Oct 14 10:44:03][LOCAL_IP <-> REMOTE_IP] iked_peer_insert_p1sa_entry: Insert p1 sa 2593418 in peer entry 0x9cc400 [Oct 14 10:44:03][LOCAL_IP <-> REMOTE_IP] ikev2_fallback_negotiation_alloc: Allocated fallback negotiation dfc800 [Oct 14 10:44:03][LOCAL_IP <-> REMOTE_IP] Parsing notification payload for local:LOCAL_IP, remote:REMOTE_IP IKEv1 [Oct 14 10:44:03][LOCAL_IP <-> REMOTE_IP] IKE SA fill called for negotiation of local:LOCAL_IP, remote:REMOTE_IP IKEv1 [Oct 14 10:44:03][LOCAL_IP <-> REMOTE_IP] ikev2_fallback_negotiation_free: Fallback negotiation dfc800 has still 1 references [Oct 14 10:44:03][LOCAL_IP <-> REMOTE_IP] ssh_ike_connect: Start, remote_name = REMOTE_IP:500, xchg = 2, flags = 00080000 [Oct 14 10:44:03][LOCAL_IP <-> REMOTE_IP] ike_sa_allocate: Start, SA = { c0c77999 161b64d9 - 00000000 00000000 } [Oct 14 10:44:03][LOCAL_IP <-> REMOTE_IP] ike_init_isakmp_sa: Start, remote = REMOTE_IP:500, initiator = 1 [Oct 14 10:44:03][LOCAL_IP <-> REMOTE_IP] ssh_ike_connect: SA = { c0c77999 161b64d9 - 00000000 00000000}, nego = -1 [Oct 14 10:44:03][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { c0c77999 161b64d9 - 00000000 00000000 [-1] / 0x00000000 } IP; Start isakmp sa negotiation [Oct 14 10:44:03][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { c0c77999 161b64d9 - 00000000 00000000 [-1] / 0x00000000 } IP; Version = 1.0, Input packet fields = 0000 [Oct 14 10:44:03][LOCAL_IP <-> REMOTE_IP] ike_state_step: Current state = Start sa negotiation I (1)/-1, exchange = 2, auth_method = pre shared key, Initiator [Oct 14 10:44:03][LOCAL_IP <-> REMOTE_IP] ike_st_o_sa_proposal: Start [Oct 14 10:44:03][LOCAL_IP <-> REMOTE_IP] ike_policy_reply_isakmp_vendor_ids: Start [Oct 14 10:44:03][LOCAL_IP <-> REMOTE_IP] ike_st_o_private: Start [Oct 14 10:44:03][LOCAL_IP <-> REMOTE_IP] ike_policy_reply_private_payload_out: Start [Oct 14 10:44:03][LOCAL_IP <-> REMOTE_IP] ike_state_step: All done, new state = MM SA I (3) [Oct 14 10:44:03][LOCAL_IP <-> REMOTE_IP] ike_encode_packet: Start, SA = { 0xc0c77999 161b64d9 - 00000000 00000000 } / 00000000, nego = -1 [Oct 14 10:44:03][LOCAL_IP <-> REMOTE_IP] ike_encode_packet: Final length = 288 [Oct 14 10:44:03][LOCAL_IP <-> REMOTE_IP] ike_send_packet: Start, send SA = { c0c77999 161b64d9 - 00000000 00000000}, nego = -1, dst = REMOTE_IP:500, routing table id = 0 [Oct 14 10:44:03][LOCAL_IP <-> REMOTE_IP] ike_sa_find: Not found SA = { c0c77999 161b64d9 - 478469ef fb1c6a4b } [Oct 14 10:44:03][LOCAL_IP <-> REMOTE_IP] ikev2_packet_v1_start: Passing IKE v1.0 packet to IKEv1 library [Oct 14 10:44:03][LOCAL_IP <-> REMOTE_IP] ike_get_sa: Start, SA = { c0c77999 161b64d9 - 478469ef fb1c6a4b } / 00000000, remote = REMOTE_IP:500 [Oct 14 10:44:03][LOCAL_IP <-> REMOTE_IP] ike_sa_find: Not found SA = { c0c77999 161b64d9 - 478469ef fb1c6a4b } [Oct 14 10:44:03][LOCAL_IP <-> REMOTE_IP] ike_sa_find_half: Found half SA = { c0c77999 161b64d9 - 00000000 00000000 } [Oct 14 10:44:03][LOCAL_IP <-> REMOTE_IP] ike_get_sa: We are intiator, first response packet [Oct 14 10:44:03][LOCAL_IP <-> REMOTE_IP] ike_sa_upgrade: Start, SA = { c0c77999 161b64d9 - 00000000 00000000 } -> { ... - 478469ef fb1c6a4b } [Oct 14 10:44:03][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { c0c77999 161b64d9 - 478469ef fb1c6a4b [-1] / 0x00000000 } IP; Packet to old negotiation [Oct 14 10:44:03][LOCAL_IP <-> REMOTE_IP] ike_decode_packet: Start [Oct 14 10:44:03][LOCAL_IP <-> REMOTE_IP] ike_decode_packet: Start, SA = { c0c77999 161b64d9 - 478469ef fb1c6a4b} / 00000000, nego = -1 [Oct 14 10:44:03][LOCAL_IP <-> REMOTE_IP] ike_decode_payload_sa: Start [Oct 14 10:44:03][LOCAL_IP <-> REMOTE_IP] ike_decode_payload_sa: Found 1 proposals [Oct 14 10:44:03][LOCAL_IP <-> REMOTE_IP] ike_decode_payload_t: Start, # trans = 1 [Oct 14 10:44:03][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { c0c77999 161b64d9 - 478469ef fb1c6a4b [-1] / 0x00000000 } IP; Version = 1.0, Input packet fields = 0401 SA VID [Oct 14 10:44:03][LOCAL_IP <-> REMOTE_IP] ike_state_step: Current state = MM SA I (3)/-1, exchange = 2, auth_method = pre shared key, Initiator [Oct 14 10:44:03][LOCAL_IP <-> REMOTE_IP] ike_st_i_sa_value: Start [Oct 14 10:44:03][LOCAL_IP <-> REMOTE_IP] ike_st_i_cr: Start [Oct 14 10:44:03][LOCAL_IP <-> REMOTE_IP] ike_st_i_cert: Start [Oct 14 10:44:03][LOCAL_IP <-> REMOTE_IP] ike_st_i_vid: VID[0..8] = 09002689 dfd6b712 ... [Oct 14 10:44:03][LOCAL_IP <-> REMOTE_IP] ike_st_i_vid: VID[0..16] = afcad713 68a1f1c9 ... [Oct 14 10:44:03][LOCAL_IP <-> REMOTE_IP] ike_st_i_vid: VID[0..16] = 12f5f28c 457168a9 ... [Oct 14 10:44:03][LOCAL_IP <-> REMOTE_IP] ike_st_i_vid: VID[0..16] = 4a131c81 07035845 ... [Oct 14 10:44:03][LOCAL_IP <-> REMOTE_IP] ike_st_i_private: Start [Oct 14 10:44:03][LOCAL_IP <-> REMOTE_IP] ike_st_o_ke: Start [Oct 14 10:44:03][LOCAL_IP <-> REMOTE_IP] iked_dh_get_group: DH Group 2 [Oct 14 10:44:03][LOCAL_IP <-> REMOTE_IP] iked_dh_generate_sync: Requested DH group 2 [Oct 14 10:44:03][LOCAL_IP <-> REMOTE_IP] iked_dh_generate_sync: Generated DH keys using hardware for DH group 2 [Oct 14 10:44:03][LOCAL_IP <-> REMOTE_IP] juniper_dlp_diffie_hellman_generate_async: DH Generate Secs [0] USecs [6199] [Oct 14 10:44:03][LOCAL_IP <-> REMOTE_IP] juniper_dlp_diffie_hellman_generate_async: Generated DH using hardware [Oct 14 10:44:03][LOCAL_IP <-> REMOTE_IP] ike_st_o_nonce: Start [Oct 14 10:44:03][LOCAL_IP <-> REMOTE_IP] ike_policy_reply_isakmp_nonce_data_len: Start [Oct 14 10:44:03][LOCAL_IP <-> REMOTE_IP] ike_st_o_private: Start [Oct 14 10:44:03][LOCAL_IP <-> REMOTE_IP] ike_policy_reply_private_payload_out: Start [Oct 14 10:44:03][LOCAL_IP <-> REMOTE_IP] ike_policy_reply_private_payload_out: Start [Oct 14 10:44:03][LOCAL_IP <-> REMOTE_IP] ike_policy_reply_private_payload_out: Start [Oct 14 10:44:03][LOCAL_IP <-> REMOTE_IP] ike_state_step: All done, new state = MM KE I (5) [Oct 14 10:44:03][LOCAL_IP <-> REMOTE_IP] ike_encode_packet: Start, SA = { 0xc0c77999 161b64d9 - 478469ef fb1c6a4b } / 00000000, nego = -1 [Oct 14 10:44:03][LOCAL_IP <-> REMOTE_IP] ike_encode_packet: Final length = 228 [Oct 14 10:44:03][LOCAL_IP <-> REMOTE_IP] ike_send_packet: Start, send SA = { c0c77999 161b64d9 - 478469ef fb1c6a4b}, nego = -1, dst = REMOTE_IP:500, routing table id = 0 [Oct 14 10:44:03][LOCAL_IP <-> REMOTE_IP] ike_sa_find: Found SA = { c0c77999 161b64d9 - 478469ef fb1c6a4b } [Oct 14 10:44:03][LOCAL_IP <-> REMOTE_IP] ikev2_packet_v1_start: Passing IKE v1.0 packet to IKEv1 library [Oct 14 10:44:03][LOCAL_IP <-> REMOTE_IP] ike_get_sa: Start, SA = { c0c77999 161b64d9 - 478469ef fb1c6a4b } / 00000000, remote = REMOTE_IP:500 [Oct 14 10:44:03][LOCAL_IP <-> REMOTE_IP] ike_sa_find: Found SA = { c0c77999 161b64d9 - 478469ef fb1c6a4b } [Oct 14 10:44:03][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { c0c77999 161b64d9 - 478469ef fb1c6a4b [-1] / 0x00000000 } IP; Packet to old negotiation [Oct 14 10:44:03][LOCAL_IP <-> REMOTE_IP] ike_decode_packet: Start [Oct 14 10:44:03][LOCAL_IP <-> REMOTE_IP] ike_decode_packet: Start, SA = { c0c77999 161b64d9 - 478469ef fb1c6a4b} / 00000000, nego = -1 [Oct 14 10:44:03][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { c0c77999 161b64d9 - 478469ef fb1c6a4b [-1] / 0x00000000 } IP; Version = 1.0, Input packet fields = 0012 KE NONCE [Oct 14 10:44:03][LOCAL_IP <-> REMOTE_IP] ike_state_step: Current state = MM KE I (5)/-1, exchange = 2, auth_method = pre shared key, Initiator [Oct 14 10:44:03][LOCAL_IP <-> REMOTE_IP] ike_st_i_nonce: Start, nonce[0..32] = 6fa89427 dfbb8e76 ... [Oct 14 10:44:03][LOCAL_IP <-> REMOTE_IP] ike_st_i_ke: Ke[0..128] = 9d42bdac ffb0d8cf ... [Oct 14 10:44:03][LOCAL_IP <-> REMOTE_IP] ike_st_i_cr: Start [Oct 14 10:44:03][LOCAL_IP <-> REMOTE_IP] ike_st_i_cert: Start [Oct 14 10:44:03][LOCAL_IP <-> REMOTE_IP] ike_st_i_private: Start [Oct 14 10:44:03][LOCAL_IP <-> REMOTE_IP] ike_st_o_id: Start [Oct 14 10:44:03][LOCAL_IP <-> REMOTE_IP] ike_st_o_hash: Start [Oct 14 10:44:03][LOCAL_IP <-> REMOTE_IP] iked_dh_get_group: DH Group 2 [Oct 14 10:44:03][LOCAL_IP <-> REMOTE_IP] iked_dh_compute_synch: Requested DH group 2 [Oct 14 10:44:03][LOCAL_IP <-> REMOTE_IP] juniper_dlp_diffie_hellman_final_async: DH Compute Secs [0] USecs [5047] [Oct 14 10:44:03][LOCAL_IP <-> REMOTE_IP] juniper_dlp_diffie_hellman_final_async: Computed DH using hardware [Oct 14 10:44:03][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { c0c77999 161b64d9 - 478469ef fb1c6a4b [-1] / 0x00000000 } IP; Diffie-hellman secret g^xy[128] = 0xfc099282 0bc6664a a9e057ac 50ac70e0 a5 [Oct 14 10:44:03][LOCAL_IP <-> REMOTE_IP] ike_find_pre_shared_key: Find pre shared key key for LOCAL_IP:500, id = ipv4(any:0,[0..3]=LOCAL_IP) -> REMOTE_IP:500, id = No Id [Oct 14 10:44:03][LOCAL_IP <-> REMOTE_IP] ike_policy_reply_find_pre_shared_key: Start [Oct 14 10:44:03][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { c0c77999 161b64d9 - 478469ef fb1c6a4b [-1] / 0x00000000 } IP; Hash algorithm = hmac-sha1 [Oct 14 10:44:03][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { c0c77999 161b64d9 - 478469ef fb1c6a4b [-1] / 0x00000000 } IP; Prf key[11] = 0x32303135 4d696172 657465 [Oct 14 10:44:03][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { c0c77999 161b64d9 - 478469ef fb1c6a4b [-1] / 0x00000000 } IP; Calculating SKEYID [Oct 14 10:44:03][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { c0c77999 161b64d9 - 478469ef fb1c6a4b [-1] / 0x00000000 } IP; Output of SKEYID hash[20] = 0xabccc763 401b55cf eb36790e 227ab42b d7456908 [Oct 14 10:44:03][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { c0c77999 161b64d9 - 478469ef fb1c6a4b [-1] / 0x00000000 } IP; Output of SKEYID_d hash[20] = 0x442d0734 7b39cf7c c1beedbe 0a76bb44 d9cb76 [Oct 14 10:44:03][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { c0c77999 161b64d9 - 478469ef fb1c6a4b [-1] / 0x00000000 } IP; Output of SKEYID_a hash[20] = 0x8e4b7e1b 1e815c34 7b3c646e db1c4245 fba45a [Oct 14 10:44:03][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { c0c77999 161b64d9 - 478469ef fb1c6a4b [-1] / 0x00000000 } IP; Output SKEYID_e hash[20] = 0x803b10cb d164a247 5916325a 483edcd5 200aef57 [Oct 14 10:44:03][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { c0c77999 161b64d9 - 478469ef fb1c6a4b [-1] / 0x00000000 } IP; Final encryption key[16] = 0x803b10cb d164a247 5916325a 483edcd5 [Oct 14 10:44:03][LOCAL_IP <-> REMOTE_IP] ike_calc_mac: Start, initiator = true, local = true [Oct 14 10:44:03][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { c0c77999 161b64d9 - 478469ef fb1c6a4b [-1] / 0x00000000 } IP; Output of HASH_I hash[20] = 0xdcd16074 74cb139c 023e52d0 ee16275c 32a1c599 [Oct 14 10:44:03][LOCAL_IP <-> REMOTE_IP] ike_st_o_status_n: Start [Oct 14 10:44:03][LOCAL_IP <-> REMOTE_IP] ike_st_o_private: Start [Oct 14 10:44:03][LOCAL_IP <-> REMOTE_IP] ike_policy_reply_private_payload_out: Start [Oct 14 10:44:03][LOCAL_IP <-> REMOTE_IP] ike_st_o_encrypt: Marking encryption for packet [Oct 14 10:44:03][LOCAL_IP <-> REMOTE_IP] ike_state_step: All done, new state = MM final I (7) [Oct 14 10:44:03][LOCAL_IP <-> REMOTE_IP] ike_encode_packet: Start, SA = { 0xc0c77999 161b64d9 - 478469ef fb1c6a4b } / 00000000, nego = -1 [Oct 14 10:44:03][LOCAL_IP <-> REMOTE_IP] ike_encode_packet: Encrypting packet [Oct 14 10:44:03][LOCAL_IP <-> REMOTE_IP] ike_encode_packet: Final length = 76 [Oct 14 10:44:03][LOCAL_IP <-> REMOTE_IP] ike_send_packet: Start, send SA = { c0c77999 161b64d9 - 478469ef fb1c6a4b}, nego = -1, dst = REMOTE_IP:500, routing table id = 0 [Oct 14 10:44:03][LOCAL_IP <-> REMOTE_IP] ike_sa_find: Found SA = { c0c77999 161b64d9 - 478469ef fb1c6a4b } [Oct 14 10:44:03][LOCAL_IP <-> REMOTE_IP] ikev2_packet_v1_start: Passing IKE v1.0 packet to IKEv1 library [Oct 14 10:44:03][LOCAL_IP <-> REMOTE_IP] ike_get_sa: Start, SA = { c0c77999 161b64d9 - 478469ef fb1c6a4b } / 00000000, remote = REMOTE_IP:500 [Oct 14 10:44:03][LOCAL_IP <-> REMOTE_IP] ike_sa_find: Found SA = { c0c77999 161b64d9 - 478469ef fb1c6a4b } [Oct 14 10:44:03][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { c0c77999 161b64d9 - 478469ef fb1c6a4b [-1] / 0x00000000 } IP; Packet to old negotiation [Oct 14 10:44:03][LOCAL_IP <-> REMOTE_IP] ike_decode_packet: Start [Oct 14 10:44:03][LOCAL_IP <-> REMOTE_IP] ike_decode_packet: Start, SA = { c0c77999 161b64d9 - 478469ef fb1c6a4b} / 00000000, nego = -1 [Oct 14 10:44:03][LOCAL_IP <-> REMOTE_IP] ike_decode_packet: Decrypting packet [Oct 14 10:44:03][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { c0c77999 161b64d9 - 478469ef fb1c6a4b [-1] / 0x00000000 } IP; Version = 1.0, Input packet fields = 0024 ID HASH [Oct 14 10:44:03][LOCAL_IP <-> REMOTE_IP] ike_state_step: Current state = MM final I (7)/-1, exchange = 2, auth_method = pre shared key, Initiator [Oct 14 10:44:03][LOCAL_IP <-> REMOTE_IP] ike_st_i_encrypt: Check that packet was encrypted succeeded [Oct 14 10:44:03][LOCAL_IP <-> REMOTE_IP] ike_st_i_id: Start [Oct 14 10:44:03][LOCAL_IP <-> REMOTE_IP] ike_st_i_hash: Start, hash[0..20] = a8b6a763 13b5b2ba ... [Oct 14 10:44:03][LOCAL_IP <-> REMOTE_IP] ike_calc_mac: Start, initiator = true, local = false [Oct 14 10:44:03][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { c0c77999 161b64d9 - 478469ef fb1c6a4b [-1] / 0x00000000 } IP; Output of HASH_R hash[20] = 0xa8b6a763 13b5b2ba 56eacf12 0a91192b 04d162c3 [Oct 14 10:44:03][LOCAL_IP <-> REMOTE_IP] ike_st_i_cert: Start [Oct 14 10:44:03][LOCAL_IP <-> REMOTE_IP] ike_st_i_private: Start [Oct 14 10:44:03][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { c0c77999 161b64d9 - 478469ef fb1c6a4b [-1] / 0x00000000 } IP; dec->enc iv[16] = 0x7c7abe10 60db317f cbda2274 b89f25b1 [Oct 14 10:44:03][LOCAL_IP <-> REMOTE_IP] ike_st_o_wait_done: Marking for waiting for done [Oct 14 10:44:03][LOCAL_IP <-> REMOTE_IP] ike_st_o_all_done: MESSAGE: Phase 1 { 0xc0c77999 161b64d9 - 0x478469ef fb1c6a4b } / 00000000, version = 1.0, xchg = Identity protect, auth_method = Pre shared keys, Initiator, cipher = aes- [Oct 14 10:44:03][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { c0c77999 161b64d9 - 478469ef fb1c6a4b [-1] / 0x00000000 } IP; MESSAGE: Phase 1 version = 1.0, auth_method = Pre shared keys, cipher = ae [Oct 14 10:44:03][LOCAL_IP <-> REMOTE_IP] ike_state_step: All done, new state = MM done I (9) [Oct 14 10:44:03][LOCAL_IP <-> REMOTE_IP] ikev2_fallback_negotiation_free: Fallback negotiation dfc800 has still 1 references [Oct 14 10:44:03][LOCAL_IP <-> REMOTE_IP] ike_send_notify: Connected, SA = { c0c77999 161b64d9 - 478469ef fb1c6a4b}, nego = -1 [Oct 14 10:44:03][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { c0c77999 161b64d9 - 478469ef fb1c6a4b [-1] / 0x00000000 } IP; Connected [Oct 14 10:44:03][LOCAL_IP <-> REMOTE_IP] ike_process_packet: No output packet, returning [Oct 14 10:44:03][LOCAL_IP <-> REMOTE_IP] iked_pm_ike_sa_done: local:LOCAL_IP, remote:REMOTE_IP IKEv1 [Oct 14 10:44:03][LOCAL_IP <-> REMOTE_IP] IKE negotiation done for local:LOCAL_IP, remote:REMOTE_IP IKEv1 with status: Error ok [Oct 14 10:44:03][LOCAL_IP <-> REMOTE_IP] Parsing notification payload for local:LOCAL_IP, remote:REMOTE_IP IKEv1 [Oct 14 10:44:03][LOCAL_IP <-> REMOTE_IP] P1 SA 2593418 stop timer. timer duration 30, reason 1. [Oct 14 10:44:03][LOCAL_IP <-> REMOTE_IP] ssh_ike_connect_notify: Start, remote_name = :500, flags = 00010000 [Oct 14 10:44:03][LOCAL_IP <-> REMOTE_IP] ike_sa_find_ip_port: Remote = all:500, Found SA = { c0c77999 161b64d9 - 478469ef fb1c6a4b} [Oct 14 10:44:03][LOCAL_IP <-> REMOTE_IP] ike_alloc_negotiation: Start, SA = { c0c77999 161b64d9 - 478469ef fb1c6a4b} [Oct 14 10:44:03][LOCAL_IP <-> REMOTE_IP] ike_alloc_negotiation: Found slot 0, max 1 [Oct 14 10:44:03][LOCAL_IP <-> REMOTE_IP] :500 (Initiator) <-> REMOTE_IP:500 { c0c77999 161b64d9 - 478469ef fb1c6a4b [0] / 0x889897d5 } Info; Output of phase 2 IV hash[16] = 0x17b14953 a8ee82f2 476fa905 f3252fe5 [Oct 14 10:44:03][LOCAL_IP <-> REMOTE_IP] ike_init_info_exchange: Created random message id = 889897d5 [Oct 14 10:44:03][LOCAL_IP <-> REMOTE_IP] ike_init_info_exchange: Phase 1 done, use HASH and N or D payload [Oct 14 10:44:03][LOCAL_IP <-> REMOTE_IP] ssh_ike_connect_notify: SA = { c0c77999 161b64d9 - 478469ef fb1c6a4b}, nego = 0 [Oct 14 10:44:03][LOCAL_IP <-> REMOTE_IP] :500 (Initiator) <-> REMOTE_IP:500 { c0c77999 161b64d9 - 478469ef fb1c6a4b [0] / 0x889897d5 } Info; Start notify negotiation [Oct 14 10:44:03][LOCAL_IP <-> REMOTE_IP] ike_encode_packet: Start, SA = { 0xc0c77999 161b64d9 - 478469ef fb1c6a4b } / 889897d5, nego = 0 [Oct 14 10:44:03][LOCAL_IP <-> REMOTE_IP] ike_encode_packet: Encrypting packet [Oct 14 10:44:03][LOCAL_IP <-> REMOTE_IP] ike_encode_packet: Final length = 92 [Oct 14 10:44:03][LOCAL_IP <-> REMOTE_IP] ssh_ike_connect_notify: Sending notification to (null):500 [Oct 14 10:44:03][LOCAL_IP <-> REMOTE_IP] ike_send_packet: Start, send SA = { c0c77999 161b64d9 - 478469ef fb1c6a4b}, nego = 0, dst = REMOTE_IP:500, routing table id = 0 [Oct 14 10:44:03][LOCAL_IP <-> REMOTE_IP] ike_delete_negotiation: Start, SA = { c0c77999 161b64d9 - 478469ef fb1c6a4b}, nego = 0 [Oct 14 10:44:03][LOCAL_IP <-> REMOTE_IP] :500 (Initiator) <-> REMOTE_IP:500 { c0c77999 161b64d9 - 478469ef fb1c6a4b [0] / 0x889897d5 } Info; Deleting negotiation [Oct 14 10:44:03][LOCAL_IP <-> REMOTE_IP] ike_free_negotiation_info: Start, nego = 0 [Oct 14 10:44:03][LOCAL_IP <-> REMOTE_IP] ike_free_negotiation: Start, nego = 0 [Oct 14 10:44:03][LOCAL_IP <-> REMOTE_IP] iked_pm_ike_info_done_callback: P1 SA 2593418 (ref 2). pending req? 0, status: Error ok [Oct 14 10:44:03][LOCAL_IP <-> REMOTE_IP] ikev2_fallback_negotiation_free: Freeing fallback negotiation dfc800 [Oct 14 10:44:03][LOCAL_IP <-> REMOTE_IP] ike_sa_find: Found SA = { c0c77999 161b64d9 - 478469ef fb1c6a4b } [Oct 14 10:44:03][LOCAL_IP <-> REMOTE_IP] ikev2_packet_v1_start: Passing IKE v1.0 packet to IKEv1 library [Oct 14 10:44:03][LOCAL_IP <-> REMOTE_IP] ike_get_sa: Start, SA = { c0c77999 161b64d9 - 478469ef fb1c6a4b } / 22c02736, remote = REMOTE_IP:500 [Oct 14 10:44:03][LOCAL_IP <-> REMOTE_IP] ike_sa_find: Found SA = { c0c77999 161b64d9 - 478469ef fb1c6a4b } [Oct 14 10:44:03][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { c0c77999 161b64d9 - 478469ef fb1c6a4b [-1] / 0x00000000 } IP; Version = 1.0, Input packet fields = 0024 ID HASH [Oct 14 10:44:03][LOCAL_IP <-> REMOTE_IP] ike_state_step: Current state = MM done I (9)/-1, exchange = 2, auth_method = pre shared key, Initiator [Oct 14 10:44:03][LOCAL_IP <-> REMOTE_IP] ike_st_o_done: ISAKMP SA negotiation done [Oct 14 10:44:03][LOCAL_IP <-> REMOTE_IP] ike_state_step: All done, new state = Done (30) [Oct 14 10:44:03][LOCAL_IP <-> REMOTE_IP] ike_udp_callback_common: Connected, sending notify [Oct 14 10:44:03][LOCAL_IP <-> REMOTE_IP] ike_send_notify: Connected, SA = { c0c77999 161b64d9 - 478469ef fb1c6a4b}, nego = -1 [Oct 14 10:44:03][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { c0c77999 161b64d9 - 478469ef fb1c6a4b [-1] / 0x00000000 } IP; Connected [Oct 14 10:44:03][LOCAL_IP <-> REMOTE_IP] ike_free_negotiation_isakmp: Start, nego = -1 [Oct 14 10:44:03][LOCAL_IP <-> REMOTE_IP] ike_free_negotiation: Start, nego = -1 [Oct 14 10:44:03][LOCAL_IP <-> REMOTE_IP] ike_alloc_negotiation: Start, SA = { c0c77999 161b64d9 - 478469ef fb1c6a4b} [Oct 14 10:44:03][LOCAL_IP <-> REMOTE_IP] ike_alloc_negotiation: Found slot 0, max 1 [Oct 14 10:44:03][LOCAL_IP <-> REMOTE_IP] ike_init_cfg_negotiation: Start, initiator = 0, message_id = 22c02736 [Oct 14 10:44:03][LOCAL_IP <-> REMOTE_IP] :500 (Responder) <-> REMOTE_IP:500 { c0c77999 161b64d9 - 478469ef fb1c6a4b [0] / 0x22c02736 } CFG; New negotiation [Oct 14 10:44:03][LOCAL_IP <-> REMOTE_IP] ikev2_fallback_negotiation_alloc: Allocated fallback negotiation dfc800 [Oct 14 10:44:03][LOCAL_IP <-> REMOTE_IP] ikev2_fb_alloc_cfgmode_negotiation: Accepting new Cfg/XAuth negotiation: local=:500, remote=REMOTE_IP:500 [Oct 14 10:44:03][LOCAL_IP <-> REMOTE_IP] :500 (Responder) <-> REMOTE_IP:500 { c0c77999 161b64d9 - 478469ef fb1c6a4b [0] / 0x22c02736 } CFG; Output of phase 2 IV hash[16] = 0x09a997be 67a79aa6 721062d7 a780f366 [Oct 14 10:44:03][LOCAL_IP <-> REMOTE_IP] ike_decode_packet: Start [Oct 14 10:44:03][LOCAL_IP <-> REMOTE_IP] ike_decode_packet: Start, SA = { c0c77999 161b64d9 - 478469ef fb1c6a4b} / 22c02736, nego = 0 [Oct 14 10:44:03][LOCAL_IP <-> REMOTE_IP] ike_decode_packet: Decrypting packet [Oct 14 10:44:03][LOCAL_IP <-> REMOTE_IP] ike_decode_payload_attr: Start [Oct 14 10:44:03][LOCAL_IP <-> REMOTE_IP] :500 (Responder) <-> REMOTE_IP:500 { c0c77999 161b64d9 - 478469ef fb1c6a4b [0] / 0x22c02736 } CFG; Version = 1.0, Input packet fields = 0820 HASH ATTR [Oct 14 10:44:03][LOCAL_IP <-> REMOTE_IP] ike_state_step: Current state = Start CFG R (26)/-1, exchange = 6, auth_method = any, Responder [Oct 14 10:44:03][LOCAL_IP <-> REMOTE_IP] ike_st_i_encrypt: Check that packet was encrypted succeeded [Oct 14 10:44:03][LOCAL_IP <-> REMOTE_IP] ike_st_i_gen_hash: Start, hash[0..20] = 33a976a6 fea81a41 ... [Oct 14 10:44:03][LOCAL_IP <-> REMOTE_IP] ike_st_i_cfg_attr: Start [Oct 14 10:44:03][LOCAL_IP <-> REMOTE_IP] ike_process_packet: No output packet, returning [Oct 14 10:44:03][LOCAL_IP <-> REMOTE_IP] ike_cfg_attrs_reply: Start [Oct 14 10:44:03][LOCAL_IP <-> REMOTE_IP] ikev2_fallback_negotiation_free: Fallback negotiation dfc800 has still 2 references [Oct 14 10:44:03][LOCAL_IP <-> REMOTE_IP] ikev2_fallback_negotiation_free: Fallback negotiation dfc800 has still 1 references [Oct 14 10:44:03][LOCAL_IP <-> REMOTE_IP] ikev2_fallback_negotiation_free: Freeing fallback negotiation dfc800 [Oct 14 10:44:03][LOCAL_IP <-> REMOTE_IP] ike_sa_find: Found SA = { c0c77999 161b64d9 - 478469ef fb1c6a4b } [Oct 14 10:44:03][LOCAL_IP <-> REMOTE_IP] ikev2_packet_v1_start: Passing IKE v1.0 packet to IKEv1 library [Oct 14 10:44:03][LOCAL_IP <-> REMOTE_IP] ike_get_sa: Start, SA = { c0c77999 161b64d9 - 478469ef fb1c6a4b } / f06e7c86, remote = REMOTE_IP:500 [Oct 14 10:44:03][LOCAL_IP <-> REMOTE_IP] ike_sa_find: Found SA = { c0c77999 161b64d9 - 478469ef fb1c6a4b } [Oct 14 10:44:03][LOCAL_IP <-> REMOTE_IP] ike_alloc_negotiation: Start, SA = { c0c77999 161b64d9 - 478469ef fb1c6a4b} [Oct 14 10:44:03][LOCAL_IP <-> REMOTE_IP] ike_alloc_negotiation: Found slot 1, max 2 [Oct 14 10:44:03][LOCAL_IP <-> REMOTE_IP] :500 (Responder) <-> REMOTE_IP:500 { c0c77999 161b64d9 - 478469ef fb1c6a4b [1] / 0xf06e7c86 } Info; New informational negotiation [Oct 14 10:44:03][LOCAL_IP <-> REMOTE_IP] :500 (Responder) <-> REMOTE_IP:500 { c0c77999 161b64d9 - 478469ef fb1c6a4b [1] / 0xf06e7c86 } Info; Packet to old negotiation [Oct 14 10:44:03][LOCAL_IP <-> REMOTE_IP] :500 (Responder) <-> REMOTE_IP:500 { c0c77999 161b64d9 - 478469ef fb1c6a4b [1] / 0xf06e7c86 } Info; Output of phase 2 IV hash[16] = 0x0b704a2a f4b560ee 96b2a45b 157aab28 [Oct 14 10:44:03][LOCAL_IP <-> REMOTE_IP] ike_decode_packet: Start [Oct 14 10:44:03][LOCAL_IP <-> REMOTE_IP] ike_decode_packet: Start, SA = { c0c77999 161b64d9 - 478469ef fb1c6a4b} / f06e7c86, nego = 1 [Oct 14 10:44:03][LOCAL_IP <-> REMOTE_IP] ike_decode_packet: Decrypting packet [Oct 14 10:44:03][LOCAL_IP <-> REMOTE_IP] :500 (Responder) <-> REMOTE_IP:500 { c0c77999 161b64d9 - 478469ef fb1c6a4b [1] / 0xf06e7c86 } Info; Version = 1.0, Input packet fields = 0220 HASH N [Oct 14 10:44:03][LOCAL_IP <-> REMOTE_IP] ike_state_step: Current state = Done (30)/-1, exchange = 5, auth_method = any, Responder [Oct 14 10:44:03][LOCAL_IP <-> REMOTE_IP] ike_st_i_encrypt: Check that packet was encrypted succeeded [Oct 14 10:44:03][LOCAL_IP <-> REMOTE_IP] ike_st_i_gen_hash: Start, hash[0..20] = 4ff82f55 665434ef ... [Oct 14 10:44:03][LOCAL_IP <-> REMOTE_IP] ike_st_i_n: Start, doi = 1, protocol = 1, code = Payload malformed (16), spi[0..0] = 00000000 00000000 ..., data[0..0] = 00000000 00000000 ... [Oct 14 10:44:03][LOCAL_IP <-> REMOTE_IP] :500 (Responder) <-> REMOTE_IP:500 { c0c77999 161b64d9 - 478469ef fb1c6a4b [1] / 0xf06e7c86 } Info; Received notify err = Payload malformed (16) to isakmp sa, delete it [Oct 14 10:44:03][LOCAL_IP <-> REMOTE_IP] ike_st_i_private: Start [Oct 14 10:44:03][LOCAL_IP <-> REMOTE_IP] ike_state_step: All done, new state = Done (30) [Oct 14 10:44:03][LOCAL_IP <-> REMOTE_IP] ike_process_packet: Connected, sending notify [Oct 14 10:44:03][LOCAL_IP <-> REMOTE_IP] ike_send_notify: Connected, SA = { c0c77999 161b64d9 - 478469ef fb1c6a4b}, nego = 1 [Oct 14 10:44:03][LOCAL_IP <-> REMOTE_IP] :500 (Responder) <-> REMOTE_IP:500 { c0c77999 161b64d9 - 478469ef fb1c6a4b [1] / 0xf06e7c86 } Info; Connected [Oct 14 10:44:03][LOCAL_IP <-> REMOTE_IP] ike_delete_negotiation: Start, SA = { c0c77999 161b64d9 - 478469ef fb1c6a4b}, nego = 1 [Oct 14 10:44:03][LOCAL_IP <-> REMOTE_IP] :500 (Responder) <-> REMOTE_IP:500 { c0c77999 161b64d9 - 478469ef fb1c6a4b [1] / 0xf06e7c86 } Info; Deleting negotiation [Oct 14 10:44:03][LOCAL_IP <-> REMOTE_IP] ike_free_negotiation_info: Start, nego = 1 [Oct 14 10:44:03][LOCAL_IP <-> REMOTE_IP] ike_free_negotiation: Start, nego = 1 [Oct 14 10:44:03][LOCAL_IP <-> REMOTE_IP] ike_remove_callback: Start, delete SA = { c0c77999 161b64d9 - 478469ef fb1c6a4b}, nego = -1 [Oct 14 10:44:03][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { c0c77999 161b64d9 - 478469ef fb1c6a4b [-1] / unknown } IP; Removing negotiation [Oct 14 10:44:03][LOCAL_IP <-> REMOTE_IP] ike_delete_negotiation: Start, SA = { c0c77999 161b64d9 - 478469ef fb1c6a4b}, nego = -1 [Oct 14 10:44:03][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { c0c77999 161b64d9 - 478469ef fb1c6a4b [-1] / unknown } IP; Deleting negotiation [Oct 14 10:44:03][LOCAL_IP <-> REMOTE_IP] ssh_ike_tunnel_table_entry_delete: Deleting tunnel_id: 0 from IKE tunnel table [Oct 14 10:44:03][LOCAL_IP <-> REMOTE_IP] ssh_ike_tunnel_table_entry_delete: The tunnel id: 0 doesn't exist in IKE tunnel table [Oct 14 10:44:03][LOCAL_IP <-> REMOTE_IP] ike_sa_delete: Start, SA = { c0c77999 161b64d9 - 478469ef fb1c6a4b } [Oct 14 10:44:03][LOCAL_IP <-> REMOTE_IP] ike_free_negotiation_cfg: Start, nego = 0 [Oct 14 10:44:03][LOCAL_IP <-> REMOTE_IP] ike_free_negotiation: Start, nego = 0 [Oct 14 10:44:03][LOCAL_IP <-> REMOTE_IP] ike_free_negotiation_isakmp: Start, nego = -1 [Oct 14 10:44:03][LOCAL_IP <-> REMOTE_IP] ike_free_negotiation: Start, nego = -1 [Oct 14 10:44:03][LOCAL_IP <-> REMOTE_IP] ikev2_fb_isakmp_sa_freed: Received notification from the ISAKMP library that the IKE SA df6400 is freed [Oct 14 10:44:03][LOCAL_IP <-> REMOTE_IP] IKE SA delete called for p1 sa 2593418 (ref cnt 1) local:LOCAL_IP, remote:REMOTE_IP, IKEv1 [Oct 14 10:44:03][LOCAL_IP <-> REMOTE_IP] P1 SA 2593418 stop timer. timer duration 30, reason 0. [Oct 14 10:44:03][LOCAL_IP <-> REMOTE_IP] iked_pm_p1_sa_destroy: p1 sa 2593418 (ref cnt 0), waiting_for_del 0x0 [Oct 14 10:44:03][LOCAL_IP <-> REMOTE_IP] iked_peer_remove_p1sa_entry: Remove p1 sa 2593418 from peer entry 0x9cc400 [Oct 14 10:44:03][LOCAL_IP <-> REMOTE_IP] ike_free_id_payload: Start, id type = 1 [Oct 14 10:44:03][LOCAL_IP <-> REMOTE_IP] ike_free_id_payload: Start, id type = 1 [Oct 14 10:44:03][LOCAL_IP <-> REMOTE_IP] ike_free_sa: Start [Oct 14 10:44:07][LOCAL_IP <-> REMOTE_IP] ike_sa_find: Not found SA = { c0c77999 161b64d9 - 478469ef fb1c6a4b } [Oct 14 10:44:07][LOCAL_IP <-> REMOTE_IP] ikev2_packet_v1_start: Passing IKE v1.0 packet to IKEv1 library [Oct 14 10:44:07][LOCAL_IP <-> REMOTE_IP] ike_get_sa: Start, SA = { c0c77999 161b64d9 - 478469ef fb1c6a4b } / 22c02736, remote = REMOTE_IP:500 [Oct 14 10:44:07][LOCAL_IP <-> REMOTE_IP] ike_sa_find: Not found SA = { c0c77999 161b64d9 - 478469ef fb1c6a4b } [Oct 14 10:44:07][LOCAL_IP <-> REMOTE_IP] ike_sa_find_half: Not found half SA = { c0c77999 161b64d9 - 00000000 00000000 } [Oct 14 10:44:07][LOCAL_IP <-> REMOTE_IP] ike_get_sa: Invalid cookie, no sa found, SA = { c0c77999 161b64d9 - 478469ef fb1c6a4b } / 22c02736, remote = REMOTE_IP:500 [Oct 14 10:44:07][LOCAL_IP <-> REMOTE_IP] iked_pv_audit_callback: Empty SSH audit event [Oct 14 10:44:07][LOCAL_IP <-> REMOTE_IP] unknown (unknown) <-> unknown { unknown [unknown] / unknown } unknown; Packet to unknown Isakmp SA, ip = REMOTE_IP:500 [Oct 14 10:44:13][LOCAL_IP <-> REMOTE_IP] Received DPD Trigger message with local_gw_addr = LOCAL_IP remote_gw_addr = REMOTE_IP [Oct 14 10:44:13][LOCAL_IP <-> REMOTE_IP] DPD -> TTL decrement 4 (no-response) for remote peer REMOTE_IP [Oct 14 10:44:13][LOCAL_IP <-> REMOTE_IP] P1 SA 2593419 start timer. timer duration 30, reason 1. [Oct 14 10:44:13][LOCAL_IP <-> REMOTE_IP] iked_peer_insert_p1sa_entry: Insert p1 sa 2593419 in peer entry 0x9cc400 [Oct 14 10:44:13][LOCAL_IP <-> REMOTE_IP] ikev2_fallback_negotiation_alloc: Allocated fallback negotiation dfc800 [Oct 14 10:44:13][LOCAL_IP <-> REMOTE_IP] Parsing notification payload for local:LOCAL_IP, remote:REMOTE_IP IKEv1 [Oct 14 10:44:13][LOCAL_IP <-> REMOTE_IP] IKE SA fill called for negotiation of local:LOCAL_IP, remote:REMOTE_IP IKEv1 [Oct 14 10:44:13][LOCAL_IP <-> REMOTE_IP] ikev2_fallback_negotiation_free: Fallback negotiation dfc800 has still 1 references [Oct 14 10:44:13][LOCAL_IP <-> REMOTE_IP] ssh_ike_connect: Start, remote_name = REMOTE_IP:500, xchg = 2, flags = 00080000 [Oct 14 10:44:13][LOCAL_IP <-> REMOTE_IP] ike_sa_allocate: Start, SA = { e256e824 54874245 - 00000000 00000000 } [Oct 14 10:44:13][LOCAL_IP <-> REMOTE_IP] ike_init_isakmp_sa: Start, remote = REMOTE_IP:500, initiator = 1 [Oct 14 10:44:13][LOCAL_IP <-> REMOTE_IP] ssh_ike_connect: SA = { e256e824 54874245 - 00000000 00000000}, nego = -1 [Oct 14 10:44:13][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { e256e824 54874245 - 00000000 00000000 [-1] / 0x00000000 } IP; Start isakmp sa negotiation [Oct 14 10:44:13][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { e256e824 54874245 - 00000000 00000000 [-1] / 0x00000000 } IP; Version = 1.0, Input packet fields = 0000 [Oct 14 10:44:13][LOCAL_IP <-> REMOTE_IP] ike_state_step: Current state = Start sa negotiation I (1)/-1, exchange = 2, auth_method = pre shared key, Initiator [Oct 14 10:44:13][LOCAL_IP <-> REMOTE_IP] ike_st_o_sa_proposal: Start [Oct 14 10:44:13][LOCAL_IP <-> REMOTE_IP] ike_policy_reply_isakmp_vendor_ids: Start [Oct 14 10:44:13][LOCAL_IP <-> REMOTE_IP] ike_st_o_private: Start [Oct 14 10:44:13][LOCAL_IP <-> REMOTE_IP] ike_policy_reply_private_payload_out: Start [Oct 14 10:44:13][LOCAL_IP <-> REMOTE_IP] ike_state_step: All done, new state = MM SA I (3) [Oct 14 10:44:13][LOCAL_IP <-> REMOTE_IP] ike_encode_packet: Start, SA = { 0xe256e824 54874245 - 00000000 00000000 } / 00000000, nego = -1 [Oct 14 10:44:13][LOCAL_IP <-> REMOTE_IP] ike_encode_packet: Final length = 288 [Oct 14 10:44:13][LOCAL_IP <-> REMOTE_IP] ike_send_packet: Start, send SA = { e256e824 54874245 - 00000000 00000000}, nego = -1, dst = REMOTE_IP:500, routing table id = 0 [Oct 14 10:44:13][LOCAL_IP <-> REMOTE_IP] ike_sa_find: Not found SA = { e256e824 54874245 - 9f5e6a43 7004dbda } [Oct 14 10:44:13][LOCAL_IP <-> REMOTE_IP] ikev2_packet_v1_start: Passing IKE v1.0 packet to IKEv1 library [Oct 14 10:44:13][LOCAL_IP <-> REMOTE_IP] ike_get_sa: Start, SA = { e256e824 54874245 - 9f5e6a43 7004dbda } / 00000000, remote = REMOTE_IP:500 [Oct 14 10:44:13][LOCAL_IP <-> REMOTE_IP] ike_sa_find: Not found SA = { e256e824 54874245 - 9f5e6a43 7004dbda } [Oct 14 10:44:13][LOCAL_IP <-> REMOTE_IP] ike_sa_find_half: Found half SA = { e256e824 54874245 - 00000000 00000000 } [Oct 14 10:44:13][LOCAL_IP <-> REMOTE_IP] ike_get_sa: We are intiator, first response packet [Oct 14 10:44:13][LOCAL_IP <-> REMOTE_IP] ike_sa_upgrade: Start, SA = { e256e824 54874245 - 00000000 00000000 } -> { ... - 9f5e6a43 7004dbda } [Oct 14 10:44:13][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { e256e824 54874245 - 9f5e6a43 7004dbda [-1] / 0x00000000 } IP; Packet to old negotiation [Oct 14 10:44:13][LOCAL_IP <-> REMOTE_IP] ike_decode_packet: Start [Oct 14 10:44:13][LOCAL_IP <-> REMOTE_IP] ike_decode_packet: Start, SA = { e256e824 54874245 - 9f5e6a43 7004dbda} / 00000000, nego = -1 [Oct 14 10:44:13][LOCAL_IP <-> REMOTE_IP] ike_decode_payload_sa: Start [Oct 14 10:44:13][LOCAL_IP <-> REMOTE_IP] ike_decode_payload_sa: Found 1 proposals [Oct 14 10:44:13][LOCAL_IP <-> REMOTE_IP] ike_decode_payload_t: Start, # trans = 1 [Oct 14 10:44:13][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { e256e824 54874245 - 9f5e6a43 7004dbda [-1] / 0x00000000 } IP; Version = 1.0, Input packet fields = 0401 SA VID [Oct 14 10:44:13][LOCAL_IP <-> REMOTE_IP] ike_state_step: Current state = MM SA I (3)/-1, exchange = 2, auth_method = pre shared key, Initiator [Oct 14 10:44:13][LOCAL_IP <-> REMOTE_IP] ike_st_i_sa_value: Start [Oct 14 10:44:13][LOCAL_IP <-> REMOTE_IP] ike_st_i_cr: Start [Oct 14 10:44:13][LOCAL_IP <-> REMOTE_IP] ike_st_i_cert: Start [Oct 14 10:44:13][LOCAL_IP <-> REMOTE_IP] ike_st_i_vid: VID[0..8] = 09002689 dfd6b712 ... [Oct 14 10:44:13][LOCAL_IP <-> REMOTE_IP] ike_st_i_vid: VID[0..16] = afcad713 68a1f1c9 ... [Oct 14 10:44:13][LOCAL_IP <-> REMOTE_IP] ike_st_i_vid: VID[0..16] = 12f5f28c 457168a9 ... [Oct 14 10:44:13][LOCAL_IP <-> REMOTE_IP] ike_st_i_vid: VID[0..16] = 4a131c81 07035845 ... [Oct 14 10:44:13][LOCAL_IP <-> REMOTE_IP] ike_st_i_private: Start [Oct 14 10:44:13][LOCAL_IP <-> REMOTE_IP] ike_st_o_ke: Start [Oct 14 10:44:13][LOCAL_IP <-> REMOTE_IP] iked_dh_get_group: DH Group 2 [Oct 14 10:44:13][LOCAL_IP <-> REMOTE_IP] iked_dh_generate_sync: Requested DH group 2 [Oct 14 10:44:13][LOCAL_IP <-> REMOTE_IP] iked_dh_generate_sync: Generated DH keys using hardware for DH group 2 [Oct 14 10:44:13][LOCAL_IP <-> REMOTE_IP] juniper_dlp_diffie_hellman_generate_async: DH Generate Secs [0] USecs [6117] [Oct 14 10:44:13][LOCAL_IP <-> REMOTE_IP] juniper_dlp_diffie_hellman_generate_async: Generated DH using hardware [Oct 14 10:44:13][LOCAL_IP <-> REMOTE_IP] ike_st_o_nonce: Start [Oct 14 10:44:13][LOCAL_IP <-> REMOTE_IP] ike_policy_reply_isakmp_nonce_data_len: Start [Oct 14 10:44:13][LOCAL_IP <-> REMOTE_IP] ike_st_o_private: Start [Oct 14 10:44:13][LOCAL_IP <-> REMOTE_IP] ike_policy_reply_private_payload_out: Start [Oct 14 10:44:13][LOCAL_IP <-> REMOTE_IP] ike_policy_reply_private_payload_out: Start [Oct 14 10:44:13][LOCAL_IP <-> REMOTE_IP] ike_policy_reply_private_payload_out: Start [Oct 14 10:44:13][LOCAL_IP <-> REMOTE_IP] ike_state_step: All done, new state = MM KE I (5) [Oct 14 10:44:13][LOCAL_IP <-> REMOTE_IP] ike_encode_packet: Start, SA = { 0xe256e824 54874245 - 9f5e6a43 7004dbda } / 00000000, nego = -1 [Oct 14 10:44:13][LOCAL_IP <-> REMOTE_IP] ike_encode_packet: Final length = 228 [Oct 14 10:44:13][LOCAL_IP <-> REMOTE_IP] ike_send_packet: Start, send SA = { e256e824 54874245 - 9f5e6a43 7004dbda}, nego = -1, dst = REMOTE_IP:500, routing table id = 0 [Oct 14 10:44:13][LOCAL_IP <-> REMOTE_IP] ike_sa_find: Found SA = { e256e824 54874245 - 9f5e6a43 7004dbda } [Oct 14 10:44:13][LOCAL_IP <-> REMOTE_IP] ikev2_packet_v1_start: Passing IKE v1.0 packet to IKEv1 library [Oct 14 10:44:13][LOCAL_IP <-> REMOTE_IP] ike_get_sa: Start, SA = { e256e824 54874245 - 9f5e6a43 7004dbda } / 00000000, remote = REMOTE_IP:500 [Oct 14 10:44:13][LOCAL_IP <-> REMOTE_IP] ike_sa_find: Found SA = { e256e824 54874245 - 9f5e6a43 7004dbda } [Oct 14 10:44:13][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { e256e824 54874245 - 9f5e6a43 7004dbda [-1] / 0x00000000 } IP; Packet to old negotiation [Oct 14 10:44:13][LOCAL_IP <-> REMOTE_IP] ike_decode_packet: Start [Oct 14 10:44:13][LOCAL_IP <-> REMOTE_IP] ike_decode_packet: Start, SA = { e256e824 54874245 - 9f5e6a43 7004dbda} / 00000000, nego = -1 [Oct 14 10:44:13][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { e256e824 54874245 - 9f5e6a43 7004dbda [-1] / 0x00000000 } IP; Version = 1.0, Input packet fields = 0012 KE NONCE [Oct 14 10:44:13][LOCAL_IP <-> REMOTE_IP] ike_state_step: Current state = MM KE I (5)/-1, exchange = 2, auth_method = pre shared key, Initiator [Oct 14 10:44:13][LOCAL_IP <-> REMOTE_IP] ike_st_i_nonce: Start, nonce[0..32] = a2c89a86 412f4cf0 ... [Oct 14 10:44:13][LOCAL_IP <-> REMOTE_IP] ike_st_i_ke: Ke[0..128] = 455986cf 05aa5def ... [Oct 14 10:44:13][LOCAL_IP <-> REMOTE_IP] ike_st_i_cr: Start [Oct 14 10:44:13][LOCAL_IP <-> REMOTE_IP] ike_st_i_cert: Start [Oct 14 10:44:13][LOCAL_IP <-> REMOTE_IP] ike_st_i_private: Start [Oct 14 10:44:13][LOCAL_IP <-> REMOTE_IP] ike_st_o_id: Start [Oct 14 10:44:13][LOCAL_IP <-> REMOTE_IP] ike_st_o_hash: Start [Oct 14 10:44:13][LOCAL_IP <-> REMOTE_IP] iked_dh_get_group: DH Group 2 [Oct 14 10:44:13][LOCAL_IP <-> REMOTE_IP] iked_dh_compute_synch: Requested DH group 2 [Oct 14 10:44:13][LOCAL_IP <-> REMOTE_IP] juniper_dlp_diffie_hellman_final_async: DH Compute Secs [0] USecs [5219] [Oct 14 10:44:13][LOCAL_IP <-> REMOTE_IP] juniper_dlp_diffie_hellman_final_async: Computed DH using hardware [Oct 14 10:44:13][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { e256e824 54874245 - 9f5e6a43 7004dbda [-1] / 0x00000000 } IP; Diffie-hellman secret g^xy[128] = 0x76b7b102 e06ee06c 184e8d02 f80b35d6 f1 [Oct 14 10:44:13][LOCAL_IP <-> REMOTE_IP] ike_find_pre_shared_key: Find pre shared key key for LOCAL_IP:500, id = ipv4(any:0,[0..3]=LOCAL_IP) -> REMOTE_IP:500, id = No Id [Oct 14 10:44:13][LOCAL_IP <-> REMOTE_IP] ike_policy_reply_find_pre_shared_key: Start [Oct 14 10:44:13][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { e256e824 54874245 - 9f5e6a43 7004dbda [-1] / 0x00000000 } IP; Hash algorithm = hmac-sha1 [Oct 14 10:44:13][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { e256e824 54874245 - 9f5e6a43 7004dbda [-1] / 0x00000000 } IP; Prf key[11] = 0x32303135 4d696172 657465 [Oct 14 10:44:13][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { e256e824 54874245 - 9f5e6a43 7004dbda [-1] / 0x00000000 } IP; Calculating SKEYID [Oct 14 10:44:13][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { e256e824 54874245 - 9f5e6a43 7004dbda [-1] / 0x00000000 } IP; Output of SKEYID hash[20] = 0x9a9ff605 01d7f295 1c6fb720 7a9a9702 443becb0 [Oct 14 10:44:13][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { e256e824 54874245 - 9f5e6a43 7004dbda [-1] / 0x00000000 } IP; Output of SKEYID_d hash[20] = 0xdf8550a6 edaf525f e7618ab6 202bccbf ac6138 [Oct 14 10:44:13][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { e256e824 54874245 - 9f5e6a43 7004dbda [-1] / 0x00000000 } IP; Output of SKEYID_a hash[20] = 0xa6b822e8 e6de6939 648b6a1a 542d18e4 863644 [Oct 14 10:44:13][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { e256e824 54874245 - 9f5e6a43 7004dbda [-1] / 0x00000000 } IP; Output SKEYID_e hash[20] = 0x4336c8d8 db419617 cfeb0d05 ded85d29 9c1c3568 [Oct 14 10:44:13][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { e256e824 54874245 - 9f5e6a43 7004dbda [-1] / 0x00000000 } IP; Final encryption key[16] = 0x4336c8d8 db419617 cfeb0d05 ded85d29 [Oct 14 10:44:13][LOCAL_IP <-> REMOTE_IP] ike_calc_mac: Start, initiator = true, local = true [Oct 14 10:44:13][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { e256e824 54874245 - 9f5e6a43 7004dbda [-1] / 0x00000000 } IP; Output of HASH_I hash[20] = 0x47d31791 40d17e38 0b20ac53 b30fbc0f 9243630a [Oct 14 10:44:13][LOCAL_IP <-> REMOTE_IP] ike_st_o_status_n: Start [Oct 14 10:44:13][LOCAL_IP <-> REMOTE_IP] ike_st_o_private: Start [Oct 14 10:44:13][LOCAL_IP <-> REMOTE_IP] ike_policy_reply_private_payload_out: Start [Oct 14 10:44:13][LOCAL_IP <-> REMOTE_IP] ike_st_o_encrypt: Marking encryption for packet [Oct 14 10:44:13][LOCAL_IP <-> REMOTE_IP] ike_state_step: All done, new state = MM final I (7) [Oct 14 10:44:13][LOCAL_IP <-> REMOTE_IP] ike_encode_packet: Start, SA = { 0xe256e824 54874245 - 9f5e6a43 7004dbda } / 00000000, nego = -1 [Oct 14 10:44:13][LOCAL_IP <-> REMOTE_IP] ike_encode_packet: Encrypting packet [Oct 14 10:44:13][LOCAL_IP <-> REMOTE_IP] ike_encode_packet: Final length = 76 [Oct 14 10:44:13][LOCAL_IP <-> REMOTE_IP] ike_send_packet: Start, send SA = { e256e824 54874245 - 9f5e6a43 7004dbda}, nego = -1, dst = REMOTE_IP:500, routing table id = 0 [Oct 14 10:44:13][LOCAL_IP <-> REMOTE_IP] ike_sa_find: Found SA = { e256e824 54874245 - 9f5e6a43 7004dbda } [Oct 14 10:44:13][LOCAL_IP <-> REMOTE_IP] ikev2_packet_v1_start: Passing IKE v1.0 packet to IKEv1 library [Oct 14 10:44:13][LOCAL_IP <-> REMOTE_IP] ike_get_sa: Start, SA = { e256e824 54874245 - 9f5e6a43 7004dbda } / 00000000, remote = REMOTE_IP:500 [Oct 14 10:44:13][LOCAL_IP <-> REMOTE_IP] ike_sa_find: Found SA = { e256e824 54874245 - 9f5e6a43 7004dbda } [Oct 14 10:44:13][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { e256e824 54874245 - 9f5e6a43 7004dbda [-1] / 0x00000000 } IP; Packet to old negotiation [Oct 14 10:44:13][LOCAL_IP <-> REMOTE_IP] ike_decode_packet: Start [Oct 14 10:44:13][LOCAL_IP <-> REMOTE_IP] ike_decode_packet: Start, SA = { e256e824 54874245 - 9f5e6a43 7004dbda} / 00000000, nego = -1 [Oct 14 10:44:13][LOCAL_IP <-> REMOTE_IP] ike_decode_packet: Decrypting packet [Oct 14 10:44:13][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { e256e824 54874245 - 9f5e6a43 7004dbda [-1] / 0x00000000 } IP; Version = 1.0, Input packet fields = 0024 ID HASH [Oct 14 10:44:13][LOCAL_IP <-> REMOTE_IP] ike_state_step: Current state = MM final I (7)/-1, exchange = 2, auth_method = pre shared key, Initiator [Oct 14 10:44:13][LOCAL_IP <-> REMOTE_IP] ike_st_i_encrypt: Check that packet was encrypted succeeded [Oct 14 10:44:13][LOCAL_IP <-> REMOTE_IP] ike_st_i_id: Start [Oct 14 10:44:13][LOCAL_IP <-> REMOTE_IP] ike_st_i_hash: Start, hash[0..20] = be8a07c3 f3a77a82 ... [Oct 14 10:44:13][LOCAL_IP <-> REMOTE_IP] ike_calc_mac: Start, initiator = true, local = false [Oct 14 10:44:13][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { e256e824 54874245 - 9f5e6a43 7004dbda [-1] / 0x00000000 } IP; Output of HASH_R hash[20] = 0xbe8a07c3 f3a77a82 5767a8a6 787ef07f b6803cd9 [Oct 14 10:44:13][LOCAL_IP <-> REMOTE_IP] ike_st_i_cert: Start [Oct 14 10:44:13][LOCAL_IP <-> REMOTE_IP] ike_st_i_private: Start [Oct 14 10:44:13][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { e256e824 54874245 - 9f5e6a43 7004dbda [-1] / 0x00000000 } IP; dec->enc iv[16] = 0x2c4ceeab ef9456a9 bbf7fa0b f2772097 [Oct 14 10:44:13][LOCAL_IP <-> REMOTE_IP] ike_st_o_wait_done: Marking for waiting for done [Oct 14 10:44:13][LOCAL_IP <-> REMOTE_IP] ike_st_o_all_done: MESSAGE: Phase 1 { 0xe256e824 54874245 - 0x9f5e6a43 7004dbda } / 00000000, version = 1.0, xchg = Identity protect, auth_method = Pre shared keys, Initiator, cipher = aes- [Oct 14 10:44:13][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { e256e824 54874245 - 9f5e6a43 7004dbda [-1] / 0x00000000 } IP; MESSAGE: Phase 1 version = 1.0, auth_method = Pre shared keys, cipher = ae [Oct 14 10:44:13][LOCAL_IP <-> REMOTE_IP] ike_state_step: All done, new state = MM done I (9) [Oct 14 10:44:13][LOCAL_IP <-> REMOTE_IP] ikev2_fallback_negotiation_free: Fallback negotiation dfc800 has still 1 references [Oct 14 10:44:13][LOCAL_IP <-> REMOTE_IP] ike_send_notify: Connected, SA = { e256e824 54874245 - 9f5e6a43 7004dbda}, nego = -1 [Oct 14 10:44:13][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { e256e824 54874245 - 9f5e6a43 7004dbda [-1] / 0x00000000 } IP; Connected [Oct 14 10:44:13][LOCAL_IP <-> REMOTE_IP] ike_process_packet: No output packet, returning [Oct 14 10:44:13][LOCAL_IP <-> REMOTE_IP] iked_pm_ike_sa_done: local:LOCAL_IP, remote:REMOTE_IP IKEv1 [Oct 14 10:44:13][LOCAL_IP <-> REMOTE_IP] IKE negotiation done for local:LOCAL_IP, remote:REMOTE_IP IKEv1 with status: Error ok [Oct 14 10:44:13][LOCAL_IP <-> REMOTE_IP] Parsing notification payload for local:LOCAL_IP, remote:REMOTE_IP IKEv1 [Oct 14 10:44:13][LOCAL_IP <-> REMOTE_IP] P1 SA 2593419 stop timer. timer duration 30, reason 1. [Oct 14 10:44:13][LOCAL_IP <-> REMOTE_IP] ssh_ike_connect_notify: Start, remote_name = :500, flags = 00010000 [Oct 14 10:44:13][LOCAL_IP <-> REMOTE_IP] ike_sa_find_ip_port: Remote = all:500, Found SA = { e256e824 54874245 - 9f5e6a43 7004dbda} [Oct 14 10:44:13][LOCAL_IP <-> REMOTE_IP] ike_alloc_negotiation: Start, SA = { e256e824 54874245 - 9f5e6a43 7004dbda} [Oct 14 10:44:13][LOCAL_IP <-> REMOTE_IP] ike_alloc_negotiation: Found slot 0, max 1 [Oct 14 10:44:13][LOCAL_IP <-> REMOTE_IP] :500 (Initiator) <-> REMOTE_IP:500 { e256e824 54874245 - 9f5e6a43 7004dbda [0] / 0x5b7a278c } Info; Output of phase 2 IV hash[16] = 0x9a3ced92 c20d6845 3cc5a977 fb3d9e63 [Oct 14 10:44:13][LOCAL_IP <-> REMOTE_IP] ike_init_info_exchange: Created random message id = 5b7a278c [Oct 14 10:44:13][LOCAL_IP <-> REMOTE_IP] ike_init_info_exchange: Phase 1 done, use HASH and N or D payload [Oct 14 10:44:13][LOCAL_IP <-> REMOTE_IP] ssh_ike_connect_notify: SA = { e256e824 54874245 - 9f5e6a43 7004dbda}, nego = 0 [Oct 14 10:44:13][LOCAL_IP <-> REMOTE_IP] :500 (Initiator) <-> REMOTE_IP:500 { e256e824 54874245 - 9f5e6a43 7004dbda [0] / 0x5b7a278c } Info; Start notify negotiation [Oct 14 10:44:13][LOCAL_IP <-> REMOTE_IP] ike_encode_packet: Start, SA = { 0xe256e824 54874245 - 9f5e6a43 7004dbda } / 5b7a278c, nego = 0 [Oct 14 10:44:13][LOCAL_IP <-> REMOTE_IP] ike_encode_packet: Encrypting packet [Oct 14 10:44:13][LOCAL_IP <-> REMOTE_IP] ike_encode_packet: Final length = 92 [Oct 14 10:44:13][LOCAL_IP <-> REMOTE_IP] ssh_ike_connect_notify: Sending notification to (null):500 [Oct 14 10:44:13][LOCAL_IP <-> REMOTE_IP] ike_send_packet: Start, send SA = { e256e824 54874245 - 9f5e6a43 7004dbda}, nego = 0, dst = REMOTE_IP:500, routing table id = 0 [Oct 14 10:44:13][LOCAL_IP <-> REMOTE_IP] ike_delete_negotiation: Start, SA = { e256e824 54874245 - 9f5e6a43 7004dbda}, nego = 0 [Oct 14 10:44:13][LOCAL_IP <-> REMOTE_IP] :500 (Initiator) <-> REMOTE_IP:500 { e256e824 54874245 - 9f5e6a43 7004dbda [0] / 0x5b7a278c } Info; Deleting negotiation [Oct 14 10:44:13][LOCAL_IP <-> REMOTE_IP] ike_free_negotiation_info: Start, nego = 0 [Oct 14 10:44:13][LOCAL_IP <-> REMOTE_IP] ike_free_negotiation: Start, nego = 0 [Oct 14 10:44:13][LOCAL_IP <-> REMOTE_IP] iked_pm_ike_info_done_callback: P1 SA 2593419 (ref 2). pending req? 0, status: Error ok [Oct 14 10:44:13][LOCAL_IP <-> REMOTE_IP] ikev2_fallback_negotiation_free: Freeing fallback negotiation dfc800 [Oct 14 10:44:13][LOCAL_IP <-> REMOTE_IP] ike_sa_find: Found SA = { e256e824 54874245 - 9f5e6a43 7004dbda } [Oct 14 10:44:13][LOCAL_IP <-> REMOTE_IP] ikev2_packet_v1_start: Passing IKE v1.0 packet to IKEv1 library [Oct 14 10:44:13][LOCAL_IP <-> REMOTE_IP] ike_get_sa: Start, SA = { e256e824 54874245 - 9f5e6a43 7004dbda } / 6bffb82f, remote = REMOTE_IP:500 [Oct 14 10:44:13][LOCAL_IP <-> REMOTE_IP] ike_sa_find: Found SA = { e256e824 54874245 - 9f5e6a43 7004dbda } [Oct 14 10:44:13][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { e256e824 54874245 - 9f5e6a43 7004dbda [-1] / 0x00000000 } IP; Version = 1.0, Input packet fields = 0024 ID HASH [Oct 14 10:44:13][LOCAL_IP <-> REMOTE_IP] ike_state_step: Current state = MM done I (9)/-1, exchange = 2, auth_method = pre shared key, Initiator [Oct 14 10:44:13][LOCAL_IP <-> REMOTE_IP] ike_st_o_done: ISAKMP SA negotiation done [Oct 14 10:44:13][LOCAL_IP <-> REMOTE_IP] ike_state_step: All done, new state = Done (30) [Oct 14 10:44:13][LOCAL_IP <-> REMOTE_IP] ike_udp_callback_common: Connected, sending notify [Oct 14 10:44:13][LOCAL_IP <-> REMOTE_IP] ike_send_notify: Connected, SA = { e256e824 54874245 - 9f5e6a43 7004dbda}, nego = -1 [Oct 14 10:44:13][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { e256e824 54874245 - 9f5e6a43 7004dbda [-1] / 0x00000000 } IP; Connected [Oct 14 10:44:13][LOCAL_IP <-> REMOTE_IP] ike_free_negotiation_isakmp: Start, nego = -1 [Oct 14 10:44:13][LOCAL_IP <-> REMOTE_IP] ike_free_negotiation: Start, nego = -1 [Oct 14 10:44:13][LOCAL_IP <-> REMOTE_IP] ike_alloc_negotiation: Start, SA = { e256e824 54874245 - 9f5e6a43 7004dbda} [Oct 14 10:44:13][LOCAL_IP <-> REMOTE_IP] ike_alloc_negotiation: Found slot 0, max 1 [Oct 14 10:44:13][LOCAL_IP <-> REMOTE_IP] ike_init_cfg_negotiation: Start, initiator = 0, message_id = 6bffb82f [Oct 14 10:44:13][LOCAL_IP <-> REMOTE_IP] :500 (Responder) <-> REMOTE_IP:500 { e256e824 54874245 - 9f5e6a43 7004dbda [0] / 0x6bffb82f } CFG; New negotiation [Oct 14 10:44:13][LOCAL_IP <-> REMOTE_IP] ikev2_fallback_negotiation_alloc: Allocated fallback negotiation dfc800 [Oct 14 10:44:13][LOCAL_IP <-> REMOTE_IP] ikev2_fb_alloc_cfgmode_negotiation: Accepting new Cfg/XAuth negotiation: local=:500, remote=REMOTE_IP:500 [Oct 14 10:44:13][LOCAL_IP <-> REMOTE_IP] :500 (Responder) <-> REMOTE_IP:500 { e256e824 54874245 - 9f5e6a43 7004dbda [0] / 0x6bffb82f } CFG; Output of phase 2 IV hash[16] = 0x732e6968 00e87f26 6ffaef61 9f5ca9b6 [Oct 14 10:44:13][LOCAL_IP <-> REMOTE_IP] ike_decode_packet: Start [Oct 14 10:44:13][LOCAL_IP <-> REMOTE_IP] ike_decode_packet: Start, SA = { e256e824 54874245 - 9f5e6a43 7004dbda} / 6bffb82f, nego = 0 [Oct 14 10:44:13][LOCAL_IP <-> REMOTE_IP] ike_decode_packet: Decrypting packet [Oct 14 10:44:13][LOCAL_IP <-> REMOTE_IP] ike_decode_payload_attr: Start [Oct 14 10:44:13][LOCAL_IP <-> REMOTE_IP] :500 (Responder) <-> REMOTE_IP:500 { e256e824 54874245 - 9f5e6a43 7004dbda [0] / 0x6bffb82f } CFG; Version = 1.0, Input packet fields = 0820 HASH ATTR [Oct 14 10:44:13][LOCAL_IP <-> REMOTE_IP] ike_state_step: Current state = Start CFG R (26)/-1, exchange = 6, auth_method = any, Responder [Oct 14 10:44:13][LOCAL_IP <-> REMOTE_IP] ike_st_i_encrypt: Check that packet was encrypted succeeded [Oct 14 10:44:13][LOCAL_IP <-> REMOTE_IP] ike_st_i_gen_hash: Start, hash[0..20] = 8fc68f18 a0cc4a53 ... [Oct 14 10:44:13][LOCAL_IP <-> REMOTE_IP] ike_st_i_cfg_attr: Start [Oct 14 10:44:13][LOCAL_IP <-> REMOTE_IP] ike_process_packet: No output packet, returning [Oct 14 10:44:13][LOCAL_IP <-> REMOTE_IP] ike_cfg_attrs_reply: Start [Oct 14 10:44:13][LOCAL_IP <-> REMOTE_IP] ikev2_fallback_negotiation_free: Fallback negotiation dfc800 has still 2 references [Oct 14 10:44:13][LOCAL_IP <-> REMOTE_IP] ikev2_fallback_negotiation_free: Fallback negotiation dfc800 has still 1 references [Oct 14 10:44:13][LOCAL_IP <-> REMOTE_IP] ikev2_fallback_negotiation_free: Freeing fallback negotiation dfc800 [Oct 14 10:44:13][LOCAL_IP <-> REMOTE_IP] ike_sa_find: Found SA = { e256e824 54874245 - 9f5e6a43 7004dbda } [Oct 14 10:44:13][LOCAL_IP <-> REMOTE_IP] ikev2_packet_v1_start: Passing IKE v1.0 packet to IKEv1 library [Oct 14 10:44:13][LOCAL_IP <-> REMOTE_IP] ike_get_sa: Start, SA = { e256e824 54874245 - 9f5e6a43 7004dbda } / ecf9971f, remote = REMOTE_IP:500 [Oct 14 10:44:13][LOCAL_IP <-> REMOTE_IP] ike_sa_find: Found SA = { e256e824 54874245 - 9f5e6a43 7004dbda } [Oct 14 10:44:13][LOCAL_IP <-> REMOTE_IP] ike_alloc_negotiation: Start, SA = { e256e824 54874245 - 9f5e6a43 7004dbda} [Oct 14 10:44:13][LOCAL_IP <-> REMOTE_IP] ike_alloc_negotiation: Found slot 1, max 2 [Oct 14 10:44:13][LOCAL_IP <-> REMOTE_IP] :500 (Responder) <-> REMOTE_IP:500 { e256e824 54874245 - 9f5e6a43 7004dbda [1] / 0xecf9971f } Info; New informational negotiation [Oct 14 10:44:13][LOCAL_IP <-> REMOTE_IP] :500 (Responder) <-> REMOTE_IP:500 { e256e824 54874245 - 9f5e6a43 7004dbda [1] / 0xecf9971f } Info; Packet to old negotiation [Oct 14 10:44:13][LOCAL_IP <-> REMOTE_IP] :500 (Responder) <-> REMOTE_IP:500 { e256e824 54874245 - 9f5e6a43 7004dbda [1] / 0xecf9971f } Info; Output of phase 2 IV hash[16] = 0xb4a97630 b45019e1 59db6ccf 47a5722a [Oct 14 10:44:13][LOCAL_IP <-> REMOTE_IP] ike_decode_packet: Start [Oct 14 10:44:13][LOCAL_IP <-> REMOTE_IP] ike_decode_packet: Start, SA = { e256e824 54874245 - 9f5e6a43 7004dbda} / ecf9971f, nego = 1 [Oct 14 10:44:13][LOCAL_IP <-> REMOTE_IP] ike_decode_packet: Decrypting packet [Oct 14 10:44:13][LOCAL_IP <-> REMOTE_IP] :500 (Responder) <-> REMOTE_IP:500 { e256e824 54874245 - 9f5e6a43 7004dbda [1] / 0xecf9971f } Info; Version = 1.0, Input packet fields = 0220 HASH N [Oct 14 10:44:13][LOCAL_IP <-> REMOTE_IP] ike_state_step: Current state = Done (30)/-1, exchange = 5, auth_method = any, Responder [Oct 14 10:44:13][LOCAL_IP <-> REMOTE_IP] ike_st_i_encrypt: Check that packet was encrypted succeeded [Oct 14 10:44:13][LOCAL_IP <-> REMOTE_IP] ike_st_i_gen_hash: Start, hash[0..20] = a61eef20 331c952a ... [Oct 14 10:44:13][LOCAL_IP <-> REMOTE_IP] ike_st_i_n: Start, doi = 1, protocol = 1, code = Payload malformed (16), spi[0..0] = 00000000 00000000 ..., data[0..0] = 00000000 00000000 ... [Oct 14 10:44:13][LOCAL_IP <-> REMOTE_IP] :500 (Responder) <-> REMOTE_IP:500 { e256e824 54874245 - 9f5e6a43 7004dbda [1] / 0xecf9971f } Info; Received notify err = Payload malformed (16) to isakmp sa, delete it [Oct 14 10:44:13][LOCAL_IP <-> REMOTE_IP] ike_st_i_private: Start [Oct 14 10:44:13][LOCAL_IP <-> REMOTE_IP] ike_state_step: All done, new state = Done (30) [Oct 14 10:44:13][LOCAL_IP <-> REMOTE_IP] ike_process_packet: Connected, sending notify [Oct 14 10:44:13][LOCAL_IP <-> REMOTE_IP] ike_send_notify: Connected, SA = { e256e824 54874245 - 9f5e6a43 7004dbda}, nego = 1 [Oct 14 10:44:13][LOCAL_IP <-> REMOTE_IP] :500 (Responder) <-> REMOTE_IP:500 { e256e824 54874245 - 9f5e6a43 7004dbda [1] / 0xecf9971f } Info; Connected [Oct 14 10:44:13][LOCAL_IP <-> REMOTE_IP] ike_delete_negotiation: Start, SA = { e256e824 54874245 - 9f5e6a43 7004dbda}, nego = 1 [Oct 14 10:44:13][LOCAL_IP <-> REMOTE_IP] :500 (Responder) <-> REMOTE_IP:500 { e256e824 54874245 - 9f5e6a43 7004dbda [1] / 0xecf9971f } Info; Deleting negotiation [Oct 14 10:44:13][LOCAL_IP <-> REMOTE_IP] ike_free_negotiation_info: Start, nego = 1 [Oct 14 10:44:13][LOCAL_IP <-> REMOTE_IP] ike_free_negotiation: Start, nego = 1 [Oct 14 10:44:13][LOCAL_IP <-> REMOTE_IP] ike_remove_callback: Start, delete SA = { e256e824 54874245 - 9f5e6a43 7004dbda}, nego = -1 [Oct 14 10:44:13][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { e256e824 54874245 - 9f5e6a43 7004dbda [-1] / unknown } IP; Removing negotiation [Oct 14 10:44:13][LOCAL_IP <-> REMOTE_IP] ike_delete_negotiation: Start, SA = { e256e824 54874245 - 9f5e6a43 7004dbda}, nego = -1 [Oct 14 10:44:13][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { e256e824 54874245 - 9f5e6a43 7004dbda [-1] / unknown } IP; Deleting negotiation [Oct 14 10:44:13][LOCAL_IP <-> REMOTE_IP] ssh_ike_tunnel_table_entry_delete: Deleting tunnel_id: 0 from IKE tunnel table [Oct 14 10:44:13][LOCAL_IP <-> REMOTE_IP] ssh_ike_tunnel_table_entry_delete: The tunnel id: 0 doesn't exist in IKE tunnel table [Oct 14 10:44:13][LOCAL_IP <-> REMOTE_IP] ike_sa_delete: Start, SA = { e256e824 54874245 - 9f5e6a43 7004dbda } [Oct 14 10:44:13][LOCAL_IP <-> REMOTE_IP] ike_free_negotiation_cfg: Start, nego = 0 [Oct 14 10:44:13][LOCAL_IP <-> REMOTE_IP] ike_free_negotiation: Start, nego = 0 [Oct 14 10:44:13][LOCAL_IP <-> REMOTE_IP] ike_free_negotiation_isakmp: Start, nego = -1 [Oct 14 10:44:13][LOCAL_IP <-> REMOTE_IP] ike_free_negotiation: Start, nego = -1 [Oct 14 10:44:13][LOCAL_IP <-> REMOTE_IP] ikev2_fb_isakmp_sa_freed: Received notification from the ISAKMP library that the IKE SA df6400 is freed [Oct 14 10:44:13][LOCAL_IP <-> REMOTE_IP] IKE SA delete called for p1 sa 2593419 (ref cnt 1) local:LOCAL_IP, remote:REMOTE_IP, IKEv1 [Oct 14 10:44:13][LOCAL_IP <-> REMOTE_IP] P1 SA 2593419 stop timer. timer duration 30, reason 0. [Oct 14 10:44:13][LOCAL_IP <-> REMOTE_IP] iked_pm_p1_sa_destroy: p1 sa 2593419 (ref cnt 0), waiting_for_del 0x0 [Oct 14 10:44:13][LOCAL_IP <-> REMOTE_IP] iked_peer_remove_p1sa_entry: Remove p1 sa 2593419 from peer entry 0x9cc400 [Oct 14 10:44:13][LOCAL_IP <-> REMOTE_IP] ike_free_id_payload: Start, id type = 1 [Oct 14 10:44:13][LOCAL_IP <-> REMOTE_IP] ike_free_id_payload: Start, id type = 1 [Oct 14 10:44:13][LOCAL_IP <-> REMOTE_IP] ike_free_sa: Start [Oct 14 10:44:17][LOCAL_IP <-> REMOTE_IP] ike_sa_find: Not found SA = { e256e824 54874245 - 9f5e6a43 7004dbda } [Oct 14 10:44:17][LOCAL_IP <-> REMOTE_IP] ikev2_packet_v1_start: Passing IKE v1.0 packet to IKEv1 library [Oct 14 10:44:17][LOCAL_IP <-> REMOTE_IP] ike_get_sa: Start, SA = { e256e824 54874245 - 9f5e6a43 7004dbda } / 6bffb82f, remote = REMOTE_IP:500 [Oct 14 10:44:17][LOCAL_IP <-> REMOTE_IP] ike_sa_find: Not found SA = { e256e824 54874245 - 9f5e6a43 7004dbda } [Oct 14 10:44:17][LOCAL_IP <-> REMOTE_IP] ike_sa_find_half: Not found half SA = { e256e824 54874245 - 00000000 00000000 } [Oct 14 10:44:17][LOCAL_IP <-> REMOTE_IP] ike_get_sa: Invalid cookie, no sa found, SA = { e256e824 54874245 - 9f5e6a43 7004dbda } / 6bffb82f, remote = REMOTE_IP:500 [Oct 14 10:44:17][LOCAL_IP <-> REMOTE_IP] iked_pv_audit_callback: Empty SSH audit event [Oct 14 10:44:17][LOCAL_IP <-> REMOTE_IP] unknown (unknown) <-> unknown { unknown [unknown] / unknown } unknown; Packet to unknown Isakmp SA, ip = REMOTE_IP:500 [Oct 14 10:44:23][LOCAL_IP <-> REMOTE_IP] Received DPD Trigger message with local_gw_addr = LOCAL_IP remote_gw_addr = REMOTE_IP [Oct 14 10:44:23][LOCAL_IP <-> REMOTE_IP] DPD -> TTL decrement 4 (no-response) for remote peer REMOTE_IP [Oct 14 10:44:23][LOCAL_IP <-> REMOTE_IP] P1 SA 2593420 start timer. timer duration 30, reason 1. [Oct 14 10:44:23][LOCAL_IP <-> REMOTE_IP] iked_peer_insert_p1sa_entry: Insert p1 sa 2593420 in peer entry 0x9cc400 [Oct 14 10:44:23][LOCAL_IP <-> REMOTE_IP] ikev2_fallback_negotiation_alloc: Allocated fallback negotiation dfc800 [Oct 14 10:44:23][LOCAL_IP <-> REMOTE_IP] Parsing notification payload for local:LOCAL_IP, remote:REMOTE_IP IKEv1 [Oct 14 10:44:23][LOCAL_IP <-> REMOTE_IP] IKE SA fill called for negotiation of local:LOCAL_IP, remote:REMOTE_IP IKEv1 [Oct 14 10:44:23][LOCAL_IP <-> REMOTE_IP] ikev2_fallback_negotiation_free: Fallback negotiation dfc800 has still 1 references [Oct 14 10:44:23][LOCAL_IP <-> REMOTE_IP] ssh_ike_connect: Start, remote_name = REMOTE_IP:500, xchg = 2, flags = 00080000 [Oct 14 10:44:23][LOCAL_IP <-> REMOTE_IP] ike_sa_allocate: Start, SA = { 6d79e6f2 1e787e95 - 00000000 00000000 } [Oct 14 10:44:23][LOCAL_IP <-> REMOTE_IP] ike_init_isakmp_sa: Start, remote = REMOTE_IP:500, initiator = 1 [Oct 14 10:44:23][LOCAL_IP <-> REMOTE_IP] ssh_ike_connect: SA = { 6d79e6f2 1e787e95 - 00000000 00000000}, nego = -1 [Oct 14 10:44:23][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { 6d79e6f2 1e787e95 - 00000000 00000000 [-1] / 0x00000000 } IP; Start isakmp sa negotiation [Oct 14 10:44:23][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { 6d79e6f2 1e787e95 - 00000000 00000000 [-1] / 0x00000000 } IP; Version = 1.0, Input packet fields = 0000 [Oct 14 10:44:23][LOCAL_IP <-> REMOTE_IP] ike_state_step: Current state = Start sa negotiation I (1)/-1, exchange = 2, auth_method = pre shared key, Initiator [Oct 14 10:44:23][LOCAL_IP <-> REMOTE_IP] ike_st_o_sa_proposal: Start [Oct 14 10:44:23][LOCAL_IP <-> REMOTE_IP] ike_policy_reply_isakmp_vendor_ids: Start [Oct 14 10:44:23][LOCAL_IP <-> REMOTE_IP] ike_st_o_private: Start [Oct 14 10:44:23][LOCAL_IP <-> REMOTE_IP] ike_policy_reply_private_payload_out: Start [Oct 14 10:44:23][LOCAL_IP <-> REMOTE_IP] ike_state_step: All done, new state = MM SA I (3) [Oct 14 10:44:23][LOCAL_IP <-> REMOTE_IP] ike_encode_packet: Start, SA = { 0x6d79e6f2 1e787e95 - 00000000 00000000 } / 00000000, nego = -1 [Oct 14 10:44:23][LOCAL_IP <-> REMOTE_IP] ike_encode_packet: Final length = 288 [Oct 14 10:44:23][LOCAL_IP <-> REMOTE_IP] ike_send_packet: Start, send SA = { 6d79e6f2 1e787e95 - 00000000 00000000}, nego = -1, dst = REMOTE_IP:500, routing table id = 0 [Oct 14 10:44:23][LOCAL_IP <-> REMOTE_IP] ike_sa_find: Not found SA = { 6d79e6f2 1e787e95 - c04acc80 0d51c9c7 } [Oct 14 10:44:23][LOCAL_IP <-> REMOTE_IP] ikev2_packet_v1_start: Passing IKE v1.0 packet to IKEv1 library [Oct 14 10:44:23][LOCAL_IP <-> REMOTE_IP] ike_get_sa: Start, SA = { 6d79e6f2 1e787e95 - c04acc80 0d51c9c7 } / 00000000, remote = REMOTE_IP:500 [Oct 14 10:44:23][LOCAL_IP <-> REMOTE_IP] ike_sa_find: Not found SA = { 6d79e6f2 1e787e95 - c04acc80 0d51c9c7 } [Oct 14 10:44:23][LOCAL_IP <-> REMOTE_IP] ike_sa_find_half: Found half SA = { 6d79e6f2 1e787e95 - 00000000 00000000 } [Oct 14 10:44:23][LOCAL_IP <-> REMOTE_IP] ike_get_sa: We are intiator, first response packet [Oct 14 10:44:23][LOCAL_IP <-> REMOTE_IP] ike_sa_upgrade: Start, SA = { 6d79e6f2 1e787e95 - 00000000 00000000 } -> { ... - c04acc80 0d51c9c7 } [Oct 14 10:44:23][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { 6d79e6f2 1e787e95 - c04acc80 0d51c9c7 [-1] / 0x00000000 } IP; Packet to old negotiation [Oct 14 10:44:23][LOCAL_IP <-> REMOTE_IP] ike_decode_packet: Start [Oct 14 10:44:23][LOCAL_IP <-> REMOTE_IP] ike_decode_packet: Start, SA = { 6d79e6f2 1e787e95 - c04acc80 0d51c9c7} / 00000000, nego = -1 [Oct 14 10:44:23][LOCAL_IP <-> REMOTE_IP] ike_decode_payload_sa: Start [Oct 14 10:44:23][LOCAL_IP <-> REMOTE_IP] ike_decode_payload_sa: Found 1 proposals [Oct 14 10:44:23][LOCAL_IP <-> REMOTE_IP] ike_decode_payload_t: Start, # trans = 1 [Oct 14 10:44:23][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { 6d79e6f2 1e787e95 - c04acc80 0d51c9c7 [-1] / 0x00000000 } IP; Version = 1.0, Input packet fields = 0401 SA VID [Oct 14 10:44:23][LOCAL_IP <-> REMOTE_IP] ike_state_step: Current state = MM SA I (3)/-1, exchange = 2, auth_method = pre shared key, Initiator [Oct 14 10:44:23][LOCAL_IP <-> REMOTE_IP] ike_st_i_sa_value: Start [Oct 14 10:44:23][LOCAL_IP <-> REMOTE_IP] ike_st_i_cr: Start [Oct 14 10:44:23][LOCAL_IP <-> REMOTE_IP] ike_st_i_cert: Start [Oct 14 10:44:23][LOCAL_IP <-> REMOTE_IP] ike_st_i_vid: VID[0..8] = 09002689 dfd6b712 ... [Oct 14 10:44:23][LOCAL_IP <-> REMOTE_IP] ike_st_i_vid: VID[0..16] = afcad713 68a1f1c9 ... [Oct 14 10:44:23][LOCAL_IP <-> REMOTE_IP] ike_st_i_vid: VID[0..16] = 12f5f28c 457168a9 ... [Oct 14 10:44:23][LOCAL_IP <-> REMOTE_IP] ike_st_i_vid: VID[0..16] = 4a131c81 07035845 ... [Oct 14 10:44:23][LOCAL_IP <-> REMOTE_IP] ike_st_i_private: Start [Oct 14 10:44:23][LOCAL_IP <-> REMOTE_IP] ike_st_o_ke: Start [Oct 14 10:44:23][LOCAL_IP <-> REMOTE_IP] iked_dh_get_group: DH Group 2 [Oct 14 10:44:23][LOCAL_IP <-> REMOTE_IP] iked_dh_generate_sync: Requested DH group 2 [Oct 14 10:44:23][LOCAL_IP <-> REMOTE_IP] iked_dh_generate_sync: Generated DH keys using hardware for DH group 2 [Oct 14 10:44:23][LOCAL_IP <-> REMOTE_IP] juniper_dlp_diffie_hellman_generate_async: DH Generate Secs [0] USecs [6126] [Oct 14 10:44:23][LOCAL_IP <-> REMOTE_IP] juniper_dlp_diffie_hellman_generate_async: Generated DH using hardware [Oct 14 10:44:23][LOCAL_IP <-> REMOTE_IP] ike_st_o_nonce: Start [Oct 14 10:44:23][LOCAL_IP <-> REMOTE_IP] ike_policy_reply_isakmp_nonce_data_len: Start [Oct 14 10:44:23][LOCAL_IP <-> REMOTE_IP] ike_st_o_private: Start [Oct 14 10:44:23][LOCAL_IP <-> REMOTE_IP] ike_policy_reply_private_payload_out: Start [Oct 14 10:44:23][LOCAL_IP <-> REMOTE_IP] ike_policy_reply_private_payload_out: Start [Oct 14 10:44:23][LOCAL_IP <-> REMOTE_IP] ike_policy_reply_private_payload_out: Start [Oct 14 10:44:23][LOCAL_IP <-> REMOTE_IP] ike_state_step: All done, new state = MM KE I (5) [Oct 14 10:44:23][LOCAL_IP <-> REMOTE_IP] ike_encode_packet: Start, SA = { 0x6d79e6f2 1e787e95 - c04acc80 0d51c9c7 } / 00000000, nego = -1 [Oct 14 10:44:23][LOCAL_IP <-> REMOTE_IP] ike_encode_packet: Final length = 228 [Oct 14 10:44:23][LOCAL_IP <-> REMOTE_IP] ike_send_packet: Start, send SA = { 6d79e6f2 1e787e95 - c04acc80 0d51c9c7}, nego = -1, dst = REMOTE_IP:500, routing table id = 0 [Oct 14 10:44:23][LOCAL_IP <-> REMOTE_IP] ike_sa_find: Found SA = { 6d79e6f2 1e787e95 - c04acc80 0d51c9c7 } [Oct 14 10:44:23][LOCAL_IP <-> REMOTE_IP] ikev2_packet_v1_start: Passing IKE v1.0 packet to IKEv1 library [Oct 14 10:44:23][LOCAL_IP <-> REMOTE_IP] ike_get_sa: Start, SA = { 6d79e6f2 1e787e95 - c04acc80 0d51c9c7 } / 00000000, remote = REMOTE_IP:500 [Oct 14 10:44:23][LOCAL_IP <-> REMOTE_IP] ike_sa_find: Found SA = { 6d79e6f2 1e787e95 - c04acc80 0d51c9c7 } [Oct 14 10:44:23][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { 6d79e6f2 1e787e95 - c04acc80 0d51c9c7 [-1] / 0x00000000 } IP; Packet to old negotiation [Oct 14 10:44:23][LOCAL_IP <-> REMOTE_IP] ike_decode_packet: Start [Oct 14 10:44:23][LOCAL_IP <-> REMOTE_IP] ike_decode_packet: Start, SA = { 6d79e6f2 1e787e95 - c04acc80 0d51c9c7} / 00000000, nego = -1 [Oct 14 10:44:23][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { 6d79e6f2 1e787e95 - c04acc80 0d51c9c7 [-1] / 0x00000000 } IP; Version = 1.0, Input packet fields = 0012 KE NONCE [Oct 14 10:44:23][LOCAL_IP <-> REMOTE_IP] ike_state_step: Current state = MM KE I (5)/-1, exchange = 2, auth_method = pre shared key, Initiator [Oct 14 10:44:23][LOCAL_IP <-> REMOTE_IP] ike_st_i_nonce: Start, nonce[0..32] = d9555ab9 9a802e05 ... [Oct 14 10:44:23][LOCAL_IP <-> REMOTE_IP] ike_st_i_ke: Ke[0..128] = 777373a2 c939e1d0 ... [Oct 14 10:44:23][LOCAL_IP <-> REMOTE_IP] ike_st_i_cr: Start [Oct 14 10:44:23][LOCAL_IP <-> REMOTE_IP] ike_st_i_cert: Start [Oct 14 10:44:23][LOCAL_IP <-> REMOTE_IP] ike_st_i_private: Start [Oct 14 10:44:23][LOCAL_IP <-> REMOTE_IP] ike_st_o_id: Start [Oct 14 10:44:23][LOCAL_IP <-> REMOTE_IP] ike_st_o_hash: Start [Oct 14 10:44:23][LOCAL_IP <-> REMOTE_IP] iked_dh_get_group: DH Group 2 [Oct 14 10:44:23][LOCAL_IP <-> REMOTE_IP] iked_dh_compute_synch: Requested DH group 2 [Oct 14 10:44:23][LOCAL_IP <-> REMOTE_IP] juniper_dlp_diffie_hellman_final_async: DH Compute Secs [0] USecs [5122] [Oct 14 10:44:23][LOCAL_IP <-> REMOTE_IP] juniper_dlp_diffie_hellman_final_async: Computed DH using hardware [Oct 14 10:44:23][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { 6d79e6f2 1e787e95 - c04acc80 0d51c9c7 [-1] / 0x00000000 } IP; Diffie-hellman secret g^xy[128] = 0x6458cb9a 2dea3fa9 9b7ede5e 55ad7b15 b1 [Oct 14 10:44:23][LOCAL_IP <-> REMOTE_IP] ike_find_pre_shared_key: Find pre shared key key for LOCAL_IP:500, id = ipv4(any:0,[0..3]=LOCAL_IP) -> REMOTE_IP:500, id = No Id [Oct 14 10:44:23][LOCAL_IP <-> REMOTE_IP] ike_policy_reply_find_pre_shared_key: Start [Oct 14 10:44:23][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { 6d79e6f2 1e787e95 - c04acc80 0d51c9c7 [-1] / 0x00000000 } IP; Hash algorithm = hmac-sha1 [Oct 14 10:44:23][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { 6d79e6f2 1e787e95 - c04acc80 0d51c9c7 [-1] / 0x00000000 } IP; Prf key[11] = 0x32303135 4d696172 657465 [Oct 14 10:44:23][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { 6d79e6f2 1e787e95 - c04acc80 0d51c9c7 [-1] / 0x00000000 } IP; Calculating SKEYID [Oct 14 10:44:23][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { 6d79e6f2 1e787e95 - c04acc80 0d51c9c7 [-1] / 0x00000000 } IP; Output of SKEYID hash[20] = 0x5f1a9468 4d0557f1 e0360a0a 69f5a57f 75d9f4bc [Oct 14 10:44:23][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { 6d79e6f2 1e787e95 - c04acc80 0d51c9c7 [-1] / 0x00000000 } IP; Output of SKEYID_d hash[20] = 0x08ab9d9b 3e42657f 6bb80701 9135be34 b7f9e6 [Oct 14 10:44:23][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { 6d79e6f2 1e787e95 - c04acc80 0d51c9c7 [-1] / 0x00000000 } IP; Output of SKEYID_a hash[20] = 0xbd079845 57631d21 e5f46549 7cf3b179 f2b950 [Oct 14 10:44:23][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { 6d79e6f2 1e787e95 - c04acc80 0d51c9c7 [-1] / 0x00000000 } IP; Output SKEYID_e hash[20] = 0x1a67856c a08143a4 9e1b86e0 200724bd c23544ac [Oct 14 10:44:23][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { 6d79e6f2 1e787e95 - c04acc80 0d51c9c7 [-1] / 0x00000000 } IP; Final encryption key[16] = 0x1a67856c a08143a4 9e1b86e0 200724bd [Oct 14 10:44:23][LOCAL_IP <-> REMOTE_IP] ike_calc_mac: Start, initiator = true, local = true [Oct 14 10:44:23][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { 6d79e6f2 1e787e95 - c04acc80 0d51c9c7 [-1] / 0x00000000 } IP; Output of HASH_I hash[20] = 0x12aa9fad c8e368ba a14e06cf 27651815 ed72c8f0 [Oct 14 10:44:23][LOCAL_IP <-> REMOTE_IP] ike_st_o_status_n: Start [Oct 14 10:44:23][LOCAL_IP <-> REMOTE_IP] ike_st_o_private: Start [Oct 14 10:44:23][LOCAL_IP <-> REMOTE_IP] ike_policy_reply_private_payload_out: Start [Oct 14 10:44:23][LOCAL_IP <-> REMOTE_IP] ike_st_o_encrypt: Marking encryption for packet [Oct 14 10:44:23][LOCAL_IP <-> REMOTE_IP] ike_state_step: All done, new state = MM final I (7) [Oct 14 10:44:23][LOCAL_IP <-> REMOTE_IP] ike_encode_packet: Start, SA = { 0x6d79e6f2 1e787e95 - c04acc80 0d51c9c7 } / 00000000, nego = -1 [Oct 14 10:44:23][LOCAL_IP <-> REMOTE_IP] ike_encode_packet: Encrypting packet [Oct 14 10:44:23][LOCAL_IP <-> REMOTE_IP] ike_encode_packet: Final length = 76 [Oct 14 10:44:23][LOCAL_IP <-> REMOTE_IP] ike_send_packet: Start, send SA = { 6d79e6f2 1e787e95 - c04acc80 0d51c9c7}, nego = -1, dst = REMOTE_IP:500, routing table id = 0 [Oct 14 10:44:23][LOCAL_IP <-> REMOTE_IP] ike_sa_find: Found SA = { 6d79e6f2 1e787e95 - c04acc80 0d51c9c7 } [Oct 14 10:44:23][LOCAL_IP <-> REMOTE_IP] ikev2_packet_v1_start: Passing IKE v1.0 packet to IKEv1 library [Oct 14 10:44:23][LOCAL_IP <-> REMOTE_IP] ike_get_sa: Start, SA = { 6d79e6f2 1e787e95 - c04acc80 0d51c9c7 } / 00000000, remote = REMOTE_IP:500 [Oct 14 10:44:23][LOCAL_IP <-> REMOTE_IP] ike_sa_find: Found SA = { 6d79e6f2 1e787e95 - c04acc80 0d51c9c7 } [Oct 14 10:44:23][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { 6d79e6f2 1e787e95 - c04acc80 0d51c9c7 [-1] / 0x00000000 } IP; Packet to old negotiation [Oct 14 10:44:23][LOCAL_IP <-> REMOTE_IP] ike_decode_packet: Start [Oct 14 10:44:23][LOCAL_IP <-> REMOTE_IP] ike_decode_packet: Start, SA = { 6d79e6f2 1e787e95 - c04acc80 0d51c9c7} / 00000000, nego = -1 [Oct 14 10:44:23][LOCAL_IP <-> REMOTE_IP] ike_decode_packet: Decrypting packet [Oct 14 10:44:23][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { 6d79e6f2 1e787e95 - c04acc80 0d51c9c7 [-1] / 0x00000000 } IP; Version = 1.0, Input packet fields = 0024 ID HASH [Oct 14 10:44:23][LOCAL_IP <-> REMOTE_IP] ike_state_step: Current state = MM final I (7)/-1, exchange = 2, auth_method = pre shared key, Initiator [Oct 14 10:44:23][LOCAL_IP <-> REMOTE_IP] ike_st_i_encrypt: Check that packet was encrypted succeeded [Oct 14 10:44:23][LOCAL_IP <-> REMOTE_IP] ike_st_i_id: Start [Oct 14 10:44:23][LOCAL_IP <-> REMOTE_IP] ike_st_i_hash: Start, hash[0..20] = e78d5e74 cd9e8f0f ... [Oct 14 10:44:23][LOCAL_IP <-> REMOTE_IP] ike_calc_mac: Start, initiator = true, local = false [Oct 14 10:44:23][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { 6d79e6f2 1e787e95 - c04acc80 0d51c9c7 [-1] / 0x00000000 } IP; Output of HASH_R hash[20] = 0xe78d5e74 cd9e8f0f 348397e1 beeb7876 c4d796a7 [Oct 14 10:44:23][LOCAL_IP <-> REMOTE_IP] ike_st_i_cert: Start [Oct 14 10:44:23][LOCAL_IP <-> REMOTE_IP] ike_st_i_private: Start [Oct 14 10:44:23][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { 6d79e6f2 1e787e95 - c04acc80 0d51c9c7 [-1] / 0x00000000 } IP; dec->enc iv[16] = 0x393124c4 f25c9004 fe614122 0622742a [Oct 14 10:44:23][LOCAL_IP <-> REMOTE_IP] ike_st_o_wait_done: Marking for waiting for done [Oct 14 10:44:23][LOCAL_IP <-> REMOTE_IP] ike_st_o_all_done: MESSAGE: Phase 1 { 0x6d79e6f2 1e787e95 - 0xc04acc80 0d51c9c7 } / 00000000, version = 1.0, xchg = Identity protect, auth_method = Pre shared keys, Initiator, cipher = aes- [Oct 14 10:44:23][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { 6d79e6f2 1e787e95 - c04acc80 0d51c9c7 [-1] / 0x00000000 } IP; MESSAGE: Phase 1 version = 1.0, auth_method = Pre shared keys, cipher = ae [Oct 14 10:44:23][LOCAL_IP <-> REMOTE_IP] ike_state_step: All done, new state = MM done I (9) [Oct 14 10:44:23][LOCAL_IP <-> REMOTE_IP] ikev2_fallback_negotiation_free: Fallback negotiation dfc800 has still 1 references [Oct 14 10:44:23][LOCAL_IP <-> REMOTE_IP] ike_send_notify: Connected, SA = { 6d79e6f2 1e787e95 - c04acc80 0d51c9c7}, nego = -1 [Oct 14 10:44:23][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { 6d79e6f2 1e787e95 - c04acc80 0d51c9c7 [-1] / 0x00000000 } IP; Connected [Oct 14 10:44:23][LOCAL_IP <-> REMOTE_IP] ike_process_packet: No output packet, returning [Oct 14 10:44:23][LOCAL_IP <-> REMOTE_IP] iked_pm_ike_sa_done: local:LOCAL_IP, remote:REMOTE_IP IKEv1 [Oct 14 10:44:23][LOCAL_IP <-> REMOTE_IP] IKE negotiation done for local:LOCAL_IP, remote:REMOTE_IP IKEv1 with status: Error ok [Oct 14 10:44:23][LOCAL_IP <-> REMOTE_IP] Parsing notification payload for local:LOCAL_IP, remote:REMOTE_IP IKEv1 [Oct 14 10:44:23][LOCAL_IP <-> REMOTE_IP] P1 SA 2593420 stop timer. timer duration 30, reason 1. [Oct 14 10:44:23][LOCAL_IP <-> REMOTE_IP] ssh_ike_connect_notify: Start, remote_name = :500, flags = 00010000 [Oct 14 10:44:23][LOCAL_IP <-> REMOTE_IP] ike_sa_find_ip_port: Remote = all:500, Found SA = { 6d79e6f2 1e787e95 - c04acc80 0d51c9c7} [Oct 14 10:44:23][LOCAL_IP <-> REMOTE_IP] ike_alloc_negotiation: Start, SA = { 6d79e6f2 1e787e95 - c04acc80 0d51c9c7} [Oct 14 10:44:23][LOCAL_IP <-> REMOTE_IP] ike_alloc_negotiation: Found slot 0, max 1 [Oct 14 10:44:23][LOCAL_IP <-> REMOTE_IP] :500 (Initiator) <-> REMOTE_IP:500 { 6d79e6f2 1e787e95 - c04acc80 0d51c9c7 [0] / 0x3d8d9075 } Info; Output of phase 2 IV hash[16] = 0xa0b23733 c318fcb7 fed932f3 1b173508 [Oct 14 10:44:23][LOCAL_IP <-> REMOTE_IP] ike_init_info_exchange: Created random message id = 3d8d9075 [Oct 14 10:44:23][LOCAL_IP <-> REMOTE_IP] ike_init_info_exchange: Phase 1 done, use HASH and N or D payload [Oct 14 10:44:23][LOCAL_IP <-> REMOTE_IP] ssh_ike_connect_notify: SA = { 6d79e6f2 1e787e95 - c04acc80 0d51c9c7}, nego = 0 [Oct 14 10:44:23][LOCAL_IP <-> REMOTE_IP] :500 (Initiator) <-> REMOTE_IP:500 { 6d79e6f2 1e787e95 - c04acc80 0d51c9c7 [0] / 0x3d8d9075 } Info; Start notify negotiation [Oct 14 10:44:23][LOCAL_IP <-> REMOTE_IP] ike_encode_packet: Start, SA = { 0x6d79e6f2 1e787e95 - c04acc80 0d51c9c7 } / 3d8d9075, nego = 0 [Oct 14 10:44:23][LOCAL_IP <-> REMOTE_IP] ike_encode_packet: Encrypting packet [Oct 14 10:44:23][LOCAL_IP <-> REMOTE_IP] ike_encode_packet: Final length = 92 [Oct 14 10:44:23][LOCAL_IP <-> REMOTE_IP] ssh_ike_connect_notify: Sending notification to (null):500 [Oct 14 10:44:23][LOCAL_IP <-> REMOTE_IP] ike_send_packet: Start, send SA = { 6d79e6f2 1e787e95 - c04acc80 0d51c9c7}, nego = 0, dst = REMOTE_IP:500, routing table id = 0 [Oct 14 10:44:23][LOCAL_IP <-> REMOTE_IP] ike_delete_negotiation: Start, SA = { 6d79e6f2 1e787e95 - c04acc80 0d51c9c7}, nego = 0 [Oct 14 10:44:23][LOCAL_IP <-> REMOTE_IP] :500 (Initiator) <-> REMOTE_IP:500 { 6d79e6f2 1e787e95 - c04acc80 0d51c9c7 [0] / 0x3d8d9075 } Info; Deleting negotiation [Oct 14 10:44:23][LOCAL_IP <-> REMOTE_IP] ike_free_negotiation_info: Start, nego = 0 [Oct 14 10:44:23][LOCAL_IP <-> REMOTE_IP] ike_free_negotiation: Start, nego = 0 [Oct 14 10:44:23][LOCAL_IP <-> REMOTE_IP] iked_pm_ike_info_done_callback: P1 SA 2593420 (ref 2). pending req? 0, status: Error ok [Oct 14 10:44:23][LOCAL_IP <-> REMOTE_IP] ikev2_fallback_negotiation_free: Freeing fallback negotiation dfc800 [Oct 14 10:44:23][LOCAL_IP <-> REMOTE_IP] ike_sa_find: Found SA = { 6d79e6f2 1e787e95 - c04acc80 0d51c9c7 } [Oct 14 10:44:23][LOCAL_IP <-> REMOTE_IP] ikev2_packet_v1_start: Passing IKE v1.0 packet to IKEv1 library [Oct 14 10:44:23][LOCAL_IP <-> REMOTE_IP] ike_get_sa: Start, SA = { 6d79e6f2 1e787e95 - c04acc80 0d51c9c7 } / c6f7f580, remote = REMOTE_IP:500 [Oct 14 10:44:23][LOCAL_IP <-> REMOTE_IP] ike_sa_find: Found SA = { 6d79e6f2 1e787e95 - c04acc80 0d51c9c7 } [Oct 14 10:44:23][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { 6d79e6f2 1e787e95 - c04acc80 0d51c9c7 [-1] / 0x00000000 } IP; Version = 1.0, Input packet fields = 0024 ID HASH [Oct 14 10:44:23][LOCAL_IP <-> REMOTE_IP] ike_state_step: Current state = MM done I (9)/-1, exchange = 2, auth_method = pre shared key, Initiator [Oct 14 10:44:23][LOCAL_IP <-> REMOTE_IP] ike_st_o_done: ISAKMP SA negotiation done [Oct 14 10:44:23][LOCAL_IP <-> REMOTE_IP] ike_state_step: All done, new state = Done (30) [Oct 14 10:44:23][LOCAL_IP <-> REMOTE_IP] ike_udp_callback_common: Connected, sending notify [Oct 14 10:44:23][LOCAL_IP <-> REMOTE_IP] ike_send_notify: Connected, SA = { 6d79e6f2 1e787e95 - c04acc80 0d51c9c7}, nego = -1 [Oct 14 10:44:23][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { 6d79e6f2 1e787e95 - c04acc80 0d51c9c7 [-1] / 0x00000000 } IP; Connected [Oct 14 10:44:23][LOCAL_IP <-> REMOTE_IP] ike_free_negotiation_isakmp: Start, nego = -1 [Oct 14 10:44:23][LOCAL_IP <-> REMOTE_IP] ike_free_negotiation: Start, nego = -1 [Oct 14 10:44:23][LOCAL_IP <-> REMOTE_IP] ike_alloc_negotiation: Start, SA = { 6d79e6f2 1e787e95 - c04acc80 0d51c9c7} [Oct 14 10:44:23][LOCAL_IP <-> REMOTE_IP] ike_alloc_negotiation: Found slot 0, max 1 [Oct 14 10:44:23][LOCAL_IP <-> REMOTE_IP] ike_init_cfg_negotiation: Start, initiator = 0, message_id = c6f7f580 [Oct 14 10:44:23][LOCAL_IP <-> REMOTE_IP] :500 (Responder) <-> REMOTE_IP:500 { 6d79e6f2 1e787e95 - c04acc80 0d51c9c7 [0] / 0xc6f7f580 } CFG; New negotiation [Oct 14 10:44:23][LOCAL_IP <-> REMOTE_IP] ikev2_fallback_negotiation_alloc: Allocated fallback negotiation dfc800 [Oct 14 10:44:23][LOCAL_IP <-> REMOTE_IP] ikev2_fb_alloc_cfgmode_negotiation: Accepting new Cfg/XAuth negotiation: local=:500, remote=REMOTE_IP:500 [Oct 14 10:44:23][LOCAL_IP <-> REMOTE_IP] :500 (Responder) <-> REMOTE_IP:500 { 6d79e6f2 1e787e95 - c04acc80 0d51c9c7 [0] / 0xc6f7f580 } CFG; Output of phase 2 IV hash[16] = 0x418b791d 33f87fca e152060a 6f8427f1 [Oct 14 10:44:23][LOCAL_IP <-> REMOTE_IP] ike_decode_packet: Start [Oct 14 10:44:23][LOCAL_IP <-> REMOTE_IP] ike_decode_packet: Start, SA = { 6d79e6f2 1e787e95 - c04acc80 0d51c9c7} / c6f7f580, nego = 0 [Oct 14 10:44:23][LOCAL_IP <-> REMOTE_IP] ike_decode_packet: Decrypting packet [Oct 14 10:44:23][LOCAL_IP <-> REMOTE_IP] ike_decode_payload_attr: Start [Oct 14 10:44:23][LOCAL_IP <-> REMOTE_IP] :500 (Responder) <-> REMOTE_IP:500 { 6d79e6f2 1e787e95 - c04acc80 0d51c9c7 [0] / 0xc6f7f580 } CFG; Version = 1.0, Input packet fields = 0820 HASH ATTR [Oct 14 10:44:23][LOCAL_IP <-> REMOTE_IP] ike_state_step: Current state = Start CFG R (26)/-1, exchange = 6, auth_method = any, Responder [Oct 14 10:44:23][LOCAL_IP <-> REMOTE_IP] ike_st_i_encrypt: Check that packet was encrypted succeeded [Oct 14 10:44:23][LOCAL_IP <-> REMOTE_IP] ike_st_i_gen_hash: Start, hash[0..20] = 395e3de7 d94cacef ... [Oct 14 10:44:23][LOCAL_IP <-> REMOTE_IP] ike_st_i_cfg_attr: Start [Oct 14 10:44:23][LOCAL_IP <-> REMOTE_IP] ike_process_packet: No output packet, returning [Oct 14 10:44:23][LOCAL_IP <-> REMOTE_IP] ike_cfg_attrs_reply: Start [Oct 14 10:44:23][LOCAL_IP <-> REMOTE_IP] ikev2_fallback_negotiation_free: Fallback negotiation dfc800 has still 2 references [Oct 14 10:44:23][LOCAL_IP <-> REMOTE_IP] ikev2_fallback_negotiation_free: Fallback negotiation dfc800 has still 1 references [Oct 14 10:44:23][LOCAL_IP <-> REMOTE_IP] ikev2_fallback_negotiation_free: Freeing fallback negotiation dfc800 [Oct 14 10:44:23][LOCAL_IP <-> REMOTE_IP] ike_sa_find: Found SA = { 6d79e6f2 1e787e95 - c04acc80 0d51c9c7 } [Oct 14 10:44:23][LOCAL_IP <-> REMOTE_IP] ikev2_packet_v1_start: Passing IKE v1.0 packet to IKEv1 library [Oct 14 10:44:23][LOCAL_IP <-> REMOTE_IP] ike_get_sa: Start, SA = { 6d79e6f2 1e787e95 - c04acc80 0d51c9c7 } / ab2a31a8, remote = REMOTE_IP:500 [Oct 14 10:44:23][LOCAL_IP <-> REMOTE_IP] ike_sa_find: Found SA = { 6d79e6f2 1e787e95 - c04acc80 0d51c9c7 } [Oct 14 10:44:23][LOCAL_IP <-> REMOTE_IP] ike_alloc_negotiation: Start, SA = { 6d79e6f2 1e787e95 - c04acc80 0d51c9c7} [Oct 14 10:44:23][LOCAL_IP <-> REMOTE_IP] ike_alloc_negotiation: Found slot 1, max 2 [Oct 14 10:44:23][LOCAL_IP <-> REMOTE_IP] :500 (Responder) <-> REMOTE_IP:500 { 6d79e6f2 1e787e95 - c04acc80 0d51c9c7 [1] / 0xab2a31a8 } Info; New informational negotiation [Oct 14 10:44:23][LOCAL_IP <-> REMOTE_IP] :500 (Responder) <-> REMOTE_IP:500 { 6d79e6f2 1e787e95 - c04acc80 0d51c9c7 [1] / 0xab2a31a8 } Info; Packet to old negotiation [Oct 14 10:44:23][LOCAL_IP <-> REMOTE_IP] :500 (Responder) <-> REMOTE_IP:500 { 6d79e6f2 1e787e95 - c04acc80 0d51c9c7 [1] / 0xab2a31a8 } Info; Output of phase 2 IV hash[16] = 0x9849d7ea d8aad787 39c684d6 b968d090 [Oct 14 10:44:23][LOCAL_IP <-> REMOTE_IP] ike_decode_packet: Start [Oct 14 10:44:23][LOCAL_IP <-> REMOTE_IP] ike_decode_packet: Start, SA = { 6d79e6f2 1e787e95 - c04acc80 0d51c9c7} / ab2a31a8, nego = 1 [Oct 14 10:44:23][LOCAL_IP <-> REMOTE_IP] ike_decode_packet: Decrypting packet [Oct 14 10:44:23][LOCAL_IP <-> REMOTE_IP] :500 (Responder) <-> REMOTE_IP:500 { 6d79e6f2 1e787e95 - c04acc80 0d51c9c7 [1] / 0xab2a31a8 } Info; Version = 1.0, Input packet fields = 0220 HASH N [Oct 14 10:44:23][LOCAL_IP <-> REMOTE_IP] ike_state_step: Current state = Done (30)/-1, exchange = 5, auth_method = any, Responder [Oct 14 10:44:23][LOCAL_IP <-> REMOTE_IP] ike_st_i_encrypt: Check that packet was encrypted succeeded [Oct 14 10:44:23][LOCAL_IP <-> REMOTE_IP] ike_st_i_gen_hash: Start, hash[0..20] = caf3bbff 0ddd74da ... [Oct 14 10:44:23][LOCAL_IP <-> REMOTE_IP] ike_st_i_n: Start, doi = 1, protocol = 1, code = Payload malformed (16), spi[0..0] = 00000000 00000000 ..., data[0..0] = 00000000 00000000 ... [Oct 14 10:44:23][LOCAL_IP <-> REMOTE_IP] :500 (Responder) <-> REMOTE_IP:500 { 6d79e6f2 1e787e95 - c04acc80 0d51c9c7 [1] / 0xab2a31a8 } Info; Received notify err = Payload malformed (16) to isakmp sa, delete it [Oct 14 10:44:23][LOCAL_IP <-> REMOTE_IP] ike_st_i_private: Start [Oct 14 10:44:23][LOCAL_IP <-> REMOTE_IP] ike_state_step: All done, new state = Done (30) [Oct 14 10:44:23][LOCAL_IP <-> REMOTE_IP] ike_process_packet: Connected, sending notify [Oct 14 10:44:23][LOCAL_IP <-> REMOTE_IP] ike_send_notify: Connected, SA = { 6d79e6f2 1e787e95 - c04acc80 0d51c9c7}, nego = 1 [Oct 14 10:44:23][LOCAL_IP <-> REMOTE_IP] :500 (Responder) <-> REMOTE_IP:500 { 6d79e6f2 1e787e95 - c04acc80 0d51c9c7 [1] / 0xab2a31a8 } Info; Connected [Oct 14 10:44:23][LOCAL_IP <-> REMOTE_IP] ike_delete_negotiation: Start, SA = { 6d79e6f2 1e787e95 - c04acc80 0d51c9c7}, nego = 1 [Oct 14 10:44:23][LOCAL_IP <-> REMOTE_IP] :500 (Responder) <-> REMOTE_IP:500 { 6d79e6f2 1e787e95 - c04acc80 0d51c9c7 [1] / 0xab2a31a8 } Info; Deleting negotiation [Oct 14 10:44:23][LOCAL_IP <-> REMOTE_IP] ike_free_negotiation_info: Start, nego = 1 [Oct 14 10:44:23][LOCAL_IP <-> REMOTE_IP] ike_free_negotiation: Start, nego = 1 [Oct 14 10:44:23][LOCAL_IP <-> REMOTE_IP] ike_remove_callback: Start, delete SA = { 6d79e6f2 1e787e95 - c04acc80 0d51c9c7}, nego = -1 [Oct 14 10:44:23][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { 6d79e6f2 1e787e95 - c04acc80 0d51c9c7 [-1] / unknown } IP; Removing negotiation [Oct 14 10:44:23][LOCAL_IP <-> REMOTE_IP] ike_delete_negotiation: Start, SA = { 6d79e6f2 1e787e95 - c04acc80 0d51c9c7}, nego = -1 [Oct 14 10:44:23][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { 6d79e6f2 1e787e95 - c04acc80 0d51c9c7 [-1] / unknown } IP; Deleting negotiation [Oct 14 10:44:23][LOCAL_IP <-> REMOTE_IP] ssh_ike_tunnel_table_entry_delete: Deleting tunnel_id: 0 from IKE tunnel table [Oct 14 10:44:23][LOCAL_IP <-> REMOTE_IP] ssh_ike_tunnel_table_entry_delete: The tunnel id: 0 doesn't exist in IKE tunnel table [Oct 14 10:44:23][LOCAL_IP <-> REMOTE_IP] ike_sa_delete: Start, SA = { 6d79e6f2 1e787e95 - c04acc80 0d51c9c7 } [Oct 14 10:44:23][LOCAL_IP <-> REMOTE_IP] ike_free_negotiation_cfg: Start, nego = 0 [Oct 14 10:44:23][LOCAL_IP <-> REMOTE_IP] ike_free_negotiation: Start, nego = 0 [Oct 14 10:44:23][LOCAL_IP <-> REMOTE_IP] ike_free_negotiation_isakmp: Start, nego = -1 [Oct 14 10:44:23][LOCAL_IP <-> REMOTE_IP] ike_free_negotiation: Start, nego = -1 [Oct 14 10:44:23][LOCAL_IP <-> REMOTE_IP] ikev2_fb_isakmp_sa_freed: Received notification from the ISAKMP library that the IKE SA df6400 is freed [Oct 14 10:44:23][LOCAL_IP <-> REMOTE_IP] IKE SA delete called for p1 sa 2593420 (ref cnt 1) local:LOCAL_IP, remote:REMOTE_IP, IKEv1 [Oct 14 10:44:23][LOCAL_IP <-> REMOTE_IP] P1 SA 2593420 stop timer. timer duration 30, reason 0. [Oct 14 10:44:23][LOCAL_IP <-> REMOTE_IP] iked_pm_p1_sa_destroy: p1 sa 2593420 (ref cnt 0), waiting_for_del 0x0 [Oct 14 10:44:23][LOCAL_IP <-> REMOTE_IP] iked_peer_remove_p1sa_entry: Remove p1 sa 2593420 from peer entry 0x9cc400 [Oct 14 10:44:23][LOCAL_IP <-> REMOTE_IP] ike_free_id_payload: Start, id type = 1 [Oct 14 10:44:23][LOCAL_IP <-> REMOTE_IP] ike_free_id_payload: Start, id type = 1 [Oct 14 10:44:23][LOCAL_IP <-> REMOTE_IP] ike_free_sa: Start [Oct 14 10:44:27][LOCAL_IP <-> REMOTE_IP] ike_sa_find: Not found SA = { 6d79e6f2 1e787e95 - c04acc80 0d51c9c7 } [Oct 14 10:44:27][LOCAL_IP <-> REMOTE_IP] ikev2_packet_v1_start: Passing IKE v1.0 packet to IKEv1 library [Oct 14 10:44:27][LOCAL_IP <-> REMOTE_IP] ike_get_sa: Start, SA = { 6d79e6f2 1e787e95 - c04acc80 0d51c9c7 } / c6f7f580, remote = REMOTE_IP:500 [Oct 14 10:44:27][LOCAL_IP <-> REMOTE_IP] ike_sa_find: Not found SA = { 6d79e6f2 1e787e95 - c04acc80 0d51c9c7 } [Oct 14 10:44:27][LOCAL_IP <-> REMOTE_IP] ike_sa_find_half: Not found half SA = { 6d79e6f2 1e787e95 - 00000000 00000000 } [Oct 14 10:44:27][LOCAL_IP <-> REMOTE_IP] ike_get_sa: Invalid cookie, no sa found, SA = { 6d79e6f2 1e787e95 - c04acc80 0d51c9c7 } / c6f7f580, remote = REMOTE_IP:500 [Oct 14 10:44:27][LOCAL_IP <-> REMOTE_IP] iked_pv_audit_callback: Empty SSH audit event [Oct 14 10:44:27][LOCAL_IP <-> REMOTE_IP] unknown (unknown) <-> unknown { unknown [unknown] / unknown } unknown; Packet to unknown Isakmp SA, ip = REMOTE_IP:500 [Oct 14 10:44:33][LOCAL_IP <-> REMOTE_IP] Received DPD Trigger message with local_gw_addr = LOCAL_IP remote_gw_addr = REMOTE_IP [Oct 14 10:44:33][LOCAL_IP <-> REMOTE_IP] DPD -> TTL decrement 4 (no-response) for remote peer REMOTE_IP [Oct 14 10:44:33][LOCAL_IP <-> REMOTE_IP] P1 SA 2593421 start timer. timer duration 30, reason 1. [Oct 14 10:44:33][LOCAL_IP <-> REMOTE_IP] iked_peer_insert_p1sa_entry: Insert p1 sa 2593421 in peer entry 0x9cc400 [Oct 14 10:44:33][LOCAL_IP <-> REMOTE_IP] ikev2_fallback_negotiation_alloc: Allocated fallback negotiation dfc800 [Oct 14 10:44:33][LOCAL_IP <-> REMOTE_IP] Parsing notification payload for local:LOCAL_IP, remote:REMOTE_IP IKEv1 [Oct 14 10:44:33][LOCAL_IP <-> REMOTE_IP] IKE SA fill called for negotiation of local:LOCAL_IP, remote:REMOTE_IP IKEv1 [Oct 14 10:44:33][LOCAL_IP <-> REMOTE_IP] ikev2_fallback_negotiation_free: Fallback negotiation dfc800 has still 1 references [Oct 14 10:44:33][LOCAL_IP <-> REMOTE_IP] ssh_ike_connect: Start, remote_name = REMOTE_IP:500, xchg = 2, flags = 00080000 [Oct 14 10:44:33][LOCAL_IP <-> REMOTE_IP] ike_sa_allocate: Start, SA = { 2e38b05d 3755b76e - 00000000 00000000 } [Oct 14 10:44:33][LOCAL_IP <-> REMOTE_IP] ike_init_isakmp_sa: Start, remote = REMOTE_IP:500, initiator = 1 [Oct 14 10:44:33][LOCAL_IP <-> REMOTE_IP] ssh_ike_connect: SA = { 2e38b05d 3755b76e - 00000000 00000000}, nego = -1 [Oct 14 10:44:33][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { 2e38b05d 3755b76e - 00000000 00000000 [-1] / 0x00000000 } IP; Start isakmp sa negotiation [Oct 14 10:44:33][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { 2e38b05d 3755b76e - 00000000 00000000 [-1] / 0x00000000 } IP; Version = 1.0, Input packet fields = 0000 [Oct 14 10:44:33][LOCAL_IP <-> REMOTE_IP] ike_state_step: Current state = Start sa negotiation I (1)/-1, exchange = 2, auth_method = pre shared key, Initiator [Oct 14 10:44:33][LOCAL_IP <-> REMOTE_IP] ike_st_o_sa_proposal: Start [Oct 14 10:44:33][LOCAL_IP <-> REMOTE_IP] ike_policy_reply_isakmp_vendor_ids: Start [Oct 14 10:44:33][LOCAL_IP <-> REMOTE_IP] ike_st_o_private: Start [Oct 14 10:44:33][LOCAL_IP <-> REMOTE_IP] ike_policy_reply_private_payload_out: Start [Oct 14 10:44:33][LOCAL_IP <-> REMOTE_IP] ike_state_step: All done, new state = MM SA I (3) [Oct 14 10:44:33][LOCAL_IP <-> REMOTE_IP] ike_encode_packet: Start, SA = { 0x2e38b05d 3755b76e - 00000000 00000000 } / 00000000, nego = -1 [Oct 14 10:44:33][LOCAL_IP <-> REMOTE_IP] ike_encode_packet: Final length = 288 [Oct 14 10:44:33][LOCAL_IP <-> REMOTE_IP] ike_send_packet: Start, send SA = { 2e38b05d 3755b76e - 00000000 00000000}, nego = -1, dst = REMOTE_IP:500, routing table id = 0 [Oct 14 10:44:33][LOCAL_IP <-> REMOTE_IP] ike_sa_find: Not found SA = { 2e38b05d 3755b76e - 0d7f03d0 ac1af841 } [Oct 14 10:44:33][LOCAL_IP <-> REMOTE_IP] ikev2_packet_v1_start: Passing IKE v1.0 packet to IKEv1 library [Oct 14 10:44:33][LOCAL_IP <-> REMOTE_IP] ike_get_sa: Start, SA = { 2e38b05d 3755b76e - 0d7f03d0 ac1af841 } / 00000000, remote = REMOTE_IP:500 [Oct 14 10:44:33][LOCAL_IP <-> REMOTE_IP] ike_sa_find: Not found SA = { 2e38b05d 3755b76e - 0d7f03d0 ac1af841 } [Oct 14 10:44:33][LOCAL_IP <-> REMOTE_IP] ike_sa_find_half: Found half SA = { 2e38b05d 3755b76e - 00000000 00000000 } [Oct 14 10:44:33][LOCAL_IP <-> REMOTE_IP] ike_get_sa: We are intiator, first response packet [Oct 14 10:44:33][LOCAL_IP <-> REMOTE_IP] ike_sa_upgrade: Start, SA = { 2e38b05d 3755b76e - 00000000 00000000 } -> { ... - 0d7f03d0 ac1af841 } [Oct 14 10:44:33][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { 2e38b05d 3755b76e - 0d7f03d0 ac1af841 [-1] / 0x00000000 } IP; Packet to old negotiation [Oct 14 10:44:33][LOCAL_IP <-> REMOTE_IP] ike_decode_packet: Start [Oct 14 10:44:33][LOCAL_IP <-> REMOTE_IP] ike_decode_packet: Start, SA = { 2e38b05d 3755b76e - 0d7f03d0 ac1af841} / 00000000, nego = -1 [Oct 14 10:44:33][LOCAL_IP <-> REMOTE_IP] ike_decode_payload_sa: Start [Oct 14 10:44:33][LOCAL_IP <-> REMOTE_IP] ike_decode_payload_sa: Found 1 proposals [Oct 14 10:44:33][LOCAL_IP <-> REMOTE_IP] ike_decode_payload_t: Start, # trans = 1 [Oct 14 10:44:33][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { 2e38b05d 3755b76e - 0d7f03d0 ac1af841 [-1] / 0x00000000 } IP; Version = 1.0, Input packet fields = 0401 SA VID [Oct 14 10:44:33][LOCAL_IP <-> REMOTE_IP] ike_state_step: Current state = MM SA I (3)/-1, exchange = 2, auth_method = pre shared key, Initiator [Oct 14 10:44:33][LOCAL_IP <-> REMOTE_IP] ike_st_i_sa_value: Start [Oct 14 10:44:33][LOCAL_IP <-> REMOTE_IP] ike_st_i_cr: Start [Oct 14 10:44:33][LOCAL_IP <-> REMOTE_IP] ike_st_i_cert: Start [Oct 14 10:44:33][LOCAL_IP <-> REMOTE_IP] ike_st_i_vid: VID[0..8] = 09002689 dfd6b712 ... [Oct 14 10:44:33][LOCAL_IP <-> REMOTE_IP] ike_st_i_vid: VID[0..16] = afcad713 68a1f1c9 ... [Oct 14 10:44:33][LOCAL_IP <-> REMOTE_IP] ike_st_i_vid: VID[0..16] = 12f5f28c 457168a9 ... [Oct 14 10:44:33][LOCAL_IP <-> REMOTE_IP] ike_st_i_vid: VID[0..16] = 4a131c81 07035845 ... [Oct 14 10:44:33][LOCAL_IP <-> REMOTE_IP] ike_st_i_private: Start [Oct 14 10:44:33][LOCAL_IP <-> REMOTE_IP] ike_st_o_ke: Start [Oct 14 10:44:33][LOCAL_IP <-> REMOTE_IP] iked_dh_get_group: DH Group 2 [Oct 14 10:44:33][LOCAL_IP <-> REMOTE_IP] iked_dh_generate_sync: Requested DH group 2 [Oct 14 10:44:33][LOCAL_IP <-> REMOTE_IP] iked_dh_generate_sync: Generated DH keys using hardware for DH group 2 [Oct 14 10:44:33][LOCAL_IP <-> REMOTE_IP] juniper_dlp_diffie_hellman_generate_async: DH Generate Secs [0] USecs [6151] [Oct 14 10:44:33][LOCAL_IP <-> REMOTE_IP] juniper_dlp_diffie_hellman_generate_async: Generated DH using hardware [Oct 14 10:44:33][LOCAL_IP <-> REMOTE_IP] ike_st_o_nonce: Start [Oct 14 10:44:33][LOCAL_IP <-> REMOTE_IP] ike_policy_reply_isakmp_nonce_data_len: Start [Oct 14 10:44:33][LOCAL_IP <-> REMOTE_IP] ike_st_o_private: Start [Oct 14 10:44:33][LOCAL_IP <-> REMOTE_IP] ike_policy_reply_private_payload_out: Start [Oct 14 10:44:33][LOCAL_IP <-> REMOTE_IP] ike_policy_reply_private_payload_out: Start [Oct 14 10:44:33][LOCAL_IP <-> REMOTE_IP] ike_policy_reply_private_payload_out: Start [Oct 14 10:44:33][LOCAL_IP <-> REMOTE_IP] ike_state_step: All done, new state = MM KE I (5) [Oct 14 10:44:33][LOCAL_IP <-> REMOTE_IP] ike_encode_packet: Start, SA = { 0x2e38b05d 3755b76e - 0d7f03d0 ac1af841 } / 00000000, nego = -1 [Oct 14 10:44:33][LOCAL_IP <-> REMOTE_IP] ike_encode_packet: Final length = 228 [Oct 14 10:44:33][LOCAL_IP <-> REMOTE_IP] ike_send_packet: Start, send SA = { 2e38b05d 3755b76e - 0d7f03d0 ac1af841}, nego = -1, dst = REMOTE_IP:500, routing table id = 0 [Oct 14 10:44:33][LOCAL_IP <-> REMOTE_IP] ike_sa_find: Found SA = { 2e38b05d 3755b76e - 0d7f03d0 ac1af841 } [Oct 14 10:44:33][LOCAL_IP <-> REMOTE_IP] ikev2_packet_v1_start: Passing IKE v1.0 packet to IKEv1 library [Oct 14 10:44:33][LOCAL_IP <-> REMOTE_IP] ike_get_sa: Start, SA = { 2e38b05d 3755b76e - 0d7f03d0 ac1af841 } / 00000000, remote = REMOTE_IP:500 [Oct 14 10:44:33][LOCAL_IP <-> REMOTE_IP] ike_sa_find: Found SA = { 2e38b05d 3755b76e - 0d7f03d0 ac1af841 } [Oct 14 10:44:33][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { 2e38b05d 3755b76e - 0d7f03d0 ac1af841 [-1] / 0x00000000 } IP; Packet to old negotiation [Oct 14 10:44:33][LOCAL_IP <-> REMOTE_IP] ike_decode_packet: Start [Oct 14 10:44:33][LOCAL_IP <-> REMOTE_IP] ike_decode_packet: Start, SA = { 2e38b05d 3755b76e - 0d7f03d0 ac1af841} / 00000000, nego = -1 [Oct 14 10:44:33][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { 2e38b05d 3755b76e - 0d7f03d0 ac1af841 [-1] / 0x00000000 } IP; Version = 1.0, Input packet fields = 0012 KE NONCE [Oct 14 10:44:33][LOCAL_IP <-> REMOTE_IP] ike_state_step: Current state = MM KE I (5)/-1, exchange = 2, auth_method = pre shared key, Initiator [Oct 14 10:44:33][LOCAL_IP <-> REMOTE_IP] ike_st_i_nonce: Start, nonce[0..32] = b9f15912 5a207769 ... [Oct 14 10:44:33][LOCAL_IP <-> REMOTE_IP] ike_st_i_ke: Ke[0..128] = 7b202167 4480e97e ... [Oct 14 10:44:33][LOCAL_IP <-> REMOTE_IP] ike_st_i_cr: Start [Oct 14 10:44:33][LOCAL_IP <-> REMOTE_IP] ike_st_i_cert: Start [Oct 14 10:44:33][LOCAL_IP <-> REMOTE_IP] ike_st_i_private: Start [Oct 14 10:44:33][LOCAL_IP <-> REMOTE_IP] ike_st_o_id: Start [Oct 14 10:44:33][LOCAL_IP <-> REMOTE_IP] ike_st_o_hash: Start [Oct 14 10:44:33][LOCAL_IP <-> REMOTE_IP] iked_dh_get_group: DH Group 2 [Oct 14 10:44:33][LOCAL_IP <-> REMOTE_IP] iked_dh_compute_synch: Requested DH group 2 [Oct 14 10:44:33][LOCAL_IP <-> REMOTE_IP] juniper_dlp_diffie_hellman_final_async: DH Compute Secs [0] USecs [5458] [Oct 14 10:44:33][LOCAL_IP <-> REMOTE_IP] juniper_dlp_diffie_hellman_final_async: Computed DH using hardware [Oct 14 10:44:33][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { 2e38b05d 3755b76e - 0d7f03d0 ac1af841 [-1] / 0x00000000 } IP; Diffie-hellman secret g^xy[128] = 0x5e11add0 bc8dac29 ea4c5030 15205551 37 [Oct 14 10:44:33][LOCAL_IP <-> REMOTE_IP] ike_find_pre_shared_key: Find pre shared key key for LOCAL_IP:500, id = ipv4(any:0,[0..3]=LOCAL_IP) -> REMOTE_IP:500, id = No Id [Oct 14 10:44:33][LOCAL_IP <-> REMOTE_IP] ike_policy_reply_find_pre_shared_key: Start [Oct 14 10:44:33][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { 2e38b05d 3755b76e - 0d7f03d0 ac1af841 [-1] / 0x00000000 } IP; Hash algorithm = hmac-sha1 [Oct 14 10:44:33][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { 2e38b05d 3755b76e - 0d7f03d0 ac1af841 [-1] / 0x00000000 } IP; Prf key[11] = 0x32303135 4d696172 657465 [Oct 14 10:44:33][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { 2e38b05d 3755b76e - 0d7f03d0 ac1af841 [-1] / 0x00000000 } IP; Calculating SKEYID [Oct 14 10:44:33][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { 2e38b05d 3755b76e - 0d7f03d0 ac1af841 [-1] / 0x00000000 } IP; Output of SKEYID hash[20] = 0x38ca1a26 086cd0dc 096799d8 b3a58757 ecf923a9 [Oct 14 10:44:33][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { 2e38b05d 3755b76e - 0d7f03d0 ac1af841 [-1] / 0x00000000 } IP; Output of SKEYID_d hash[20] = 0x38634f79 04b203d7 4a690e60 1f7970ca 026e59 [Oct 14 10:44:33][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { 2e38b05d 3755b76e - 0d7f03d0 ac1af841 [-1] / 0x00000000 } IP; Output of SKEYID_a hash[20] = 0x70d69be3 89844556 8b9f1165 688d1f82 7f4545 [Oct 14 10:44:33][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { 2e38b05d 3755b76e - 0d7f03d0 ac1af841 [-1] / 0x00000000 } IP; Output SKEYID_e hash[20] = 0x5ee09399 7b4959cb 1ec2fa4d 15db5578 a8e21f92 [Oct 14 10:44:33][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { 2e38b05d 3755b76e - 0d7f03d0 ac1af841 [-1] / 0x00000000 } IP; Final encryption key[16] = 0x5ee09399 7b4959cb 1ec2fa4d 15db5578 [Oct 14 10:44:33][LOCAL_IP <-> REMOTE_IP] ike_calc_mac: Start, initiator = true, local = true [Oct 14 10:44:33][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { 2e38b05d 3755b76e - 0d7f03d0 ac1af841 [-1] / 0x00000000 } IP; Output of HASH_I hash[20] = 0xd197be95 824c2d4f 79f3c020 bb33a4c5 ab4faf6f [Oct 14 10:44:33][LOCAL_IP <-> REMOTE_IP] ike_st_o_status_n: Start [Oct 14 10:44:33][LOCAL_IP <-> REMOTE_IP] ike_st_o_private: Start [Oct 14 10:44:33][LOCAL_IP <-> REMOTE_IP] ike_policy_reply_private_payload_out: Start [Oct 14 10:44:33][LOCAL_IP <-> REMOTE_IP] ike_st_o_encrypt: Marking encryption for packet [Oct 14 10:44:33][LOCAL_IP <-> REMOTE_IP] ike_state_step: All done, new state = MM final I (7) [Oct 14 10:44:33][LOCAL_IP <-> REMOTE_IP] ike_encode_packet: Start, SA = { 0x2e38b05d 3755b76e - 0d7f03d0 ac1af841 } / 00000000, nego = -1 [Oct 14 10:44:33][LOCAL_IP <-> REMOTE_IP] ike_encode_packet: Encrypting packet [Oct 14 10:44:33][LOCAL_IP <-> REMOTE_IP] ike_encode_packet: Final length = 76 [Oct 14 10:44:33][LOCAL_IP <-> REMOTE_IP] ike_send_packet: Start, send SA = { 2e38b05d 3755b76e - 0d7f03d0 ac1af841}, nego = -1, dst = REMOTE_IP:500, routing table id = 0 [Oct 14 10:44:33][LOCAL_IP <-> REMOTE_IP] ike_sa_find: Found SA = { 2e38b05d 3755b76e - 0d7f03d0 ac1af841 } [Oct 14 10:44:33][LOCAL_IP <-> REMOTE_IP] ikev2_packet_v1_start: Passing IKE v1.0 packet to IKEv1 library [Oct 14 10:44:33][LOCAL_IP <-> REMOTE_IP] ike_get_sa: Start, SA = { 2e38b05d 3755b76e - 0d7f03d0 ac1af841 } / 00000000, remote = REMOTE_IP:500 [Oct 14 10:44:33][LOCAL_IP <-> REMOTE_IP] ike_sa_find: Found SA = { 2e38b05d 3755b76e - 0d7f03d0 ac1af841 } [Oct 14 10:44:33][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { 2e38b05d 3755b76e - 0d7f03d0 ac1af841 [-1] / 0x00000000 } IP; Packet to old negotiation [Oct 14 10:44:33][LOCAL_IP <-> REMOTE_IP] ike_decode_packet: Start [Oct 14 10:44:33][LOCAL_IP <-> REMOTE_IP] ike_decode_packet: Start, SA = { 2e38b05d 3755b76e - 0d7f03d0 ac1af841} / 00000000, nego = -1 [Oct 14 10:44:33][LOCAL_IP <-> REMOTE_IP] ike_decode_packet: Decrypting packet [Oct 14 10:44:33][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { 2e38b05d 3755b76e - 0d7f03d0 ac1af841 [-1] / 0x00000000 } IP; Version = 1.0, Input packet fields = 0024 ID HASH [Oct 14 10:44:33][LOCAL_IP <-> REMOTE_IP] ike_state_step: Current state = MM final I (7)/-1, exchange = 2, auth_method = pre shared key, Initiator [Oct 14 10:44:33][LOCAL_IP <-> REMOTE_IP] ike_st_i_encrypt: Check that packet was encrypted succeeded [Oct 14 10:44:33][LOCAL_IP <-> REMOTE_IP] ike_st_i_id: Start [Oct 14 10:44:33][LOCAL_IP <-> REMOTE_IP] ike_st_i_hash: Start, hash[0..20] = a318904d 121d93f3 ... [Oct 14 10:44:33][LOCAL_IP <-> REMOTE_IP] ike_calc_mac: Start, initiator = true, local = false [Oct 14 10:44:33][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { 2e38b05d 3755b76e - 0d7f03d0 ac1af841 [-1] / 0x00000000 } IP; Output of HASH_R hash[20] = 0xa318904d 121d93f3 35d56bd9 dc738a80 550feaa3 [Oct 14 10:44:33][LOCAL_IP <-> REMOTE_IP] ike_st_i_cert: Start [Oct 14 10:44:33][LOCAL_IP <-> REMOTE_IP] ike_st_i_private: Start [Oct 14 10:44:33][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { 2e38b05d 3755b76e - 0d7f03d0 ac1af841 [-1] / 0x00000000 } IP; dec->enc iv[16] = 0xaca8385c 129d46e4 c5acd753 b01963cf [Oct 14 10:44:33][LOCAL_IP <-> REMOTE_IP] ike_st_o_wait_done: Marking for waiting for done [Oct 14 10:44:33][LOCAL_IP <-> REMOTE_IP] ike_st_o_all_done: MESSAGE: Phase 1 { 0x2e38b05d 3755b76e - 0x0d7f03d0 ac1af841 } / 00000000, version = 1.0, xchg = Identity protect, auth_method = Pre shared keys, Initiator, cipher = aes- [Oct 14 10:44:33][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { 2e38b05d 3755b76e - 0d7f03d0 ac1af841 [-1] / 0x00000000 } IP; MESSAGE: Phase 1 version = 1.0, auth_method = Pre shared keys, cipher = ae [Oct 14 10:44:33][LOCAL_IP <-> REMOTE_IP] ike_state_step: All done, new state = MM done I (9) [Oct 14 10:44:33][LOCAL_IP <-> REMOTE_IP] ikev2_fallback_negotiation_free: Fallback negotiation dfc800 has still 1 references [Oct 14 10:44:33][LOCAL_IP <-> REMOTE_IP] ike_send_notify: Connected, SA = { 2e38b05d 3755b76e - 0d7f03d0 ac1af841}, nego = -1 [Oct 14 10:44:33][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { 2e38b05d 3755b76e - 0d7f03d0 ac1af841 [-1] / 0x00000000 } IP; Connected [Oct 14 10:44:33][LOCAL_IP <-> REMOTE_IP] ike_process_packet: No output packet, returning [Oct 14 10:44:33][LOCAL_IP <-> REMOTE_IP] iked_pm_ike_sa_done: local:LOCAL_IP, remote:REMOTE_IP IKEv1 [Oct 14 10:44:33][LOCAL_IP <-> REMOTE_IP] IKE negotiation done for local:LOCAL_IP, remote:REMOTE_IP IKEv1 with status: Error ok [Oct 14 10:44:33][LOCAL_IP <-> REMOTE_IP] Parsing notification payload for local:LOCAL_IP, remote:REMOTE_IP IKEv1 [Oct 14 10:44:33][LOCAL_IP <-> REMOTE_IP] P1 SA 2593421 stop timer. timer duration 30, reason 1. [Oct 14 10:44:33][LOCAL_IP <-> REMOTE_IP] ssh_ike_connect_notify: Start, remote_name = :500, flags = 00010000 [Oct 14 10:44:33][LOCAL_IP <-> REMOTE_IP] ike_sa_find_ip_port: Remote = all:500, Found SA = { 2e38b05d 3755b76e - 0d7f03d0 ac1af841} [Oct 14 10:44:33][LOCAL_IP <-> REMOTE_IP] ike_alloc_negotiation: Start, SA = { 2e38b05d 3755b76e - 0d7f03d0 ac1af841} [Oct 14 10:44:33][LOCAL_IP <-> REMOTE_IP] ike_alloc_negotiation: Found slot 0, max 1 [Oct 14 10:44:33][LOCAL_IP <-> REMOTE_IP] :500 (Initiator) <-> REMOTE_IP:500 { 2e38b05d 3755b76e - 0d7f03d0 ac1af841 [0] / 0xd14886be } Info; Output of phase 2 IV hash[16] = 0x92708839 d3cd25e7 d227b157 27e91c1c [Oct 14 10:44:33][LOCAL_IP <-> REMOTE_IP] ike_init_info_exchange: Created random message id = d14886be [Oct 14 10:44:33][LOCAL_IP <-> REMOTE_IP] ike_init_info_exchange: Phase 1 done, use HASH and N or D payload [Oct 14 10:44:33][LOCAL_IP <-> REMOTE_IP] ssh_ike_connect_notify: SA = { 2e38b05d 3755b76e - 0d7f03d0 ac1af841}, nego = 0 [Oct 14 10:44:33][LOCAL_IP <-> REMOTE_IP] :500 (Initiator) <-> REMOTE_IP:500 { 2e38b05d 3755b76e - 0d7f03d0 ac1af841 [0] / 0xd14886be } Info; Start notify negotiation [Oct 14 10:44:33][LOCAL_IP <-> REMOTE_IP] ike_encode_packet: Start, SA = { 0x2e38b05d 3755b76e - 0d7f03d0 ac1af841 } / d14886be, nego = 0 [Oct 14 10:44:33][LOCAL_IP <-> REMOTE_IP] ike_encode_packet: Encrypting packet [Oct 14 10:44:33][LOCAL_IP <-> REMOTE_IP] ike_encode_packet: Final length = 92 [Oct 14 10:44:33][LOCAL_IP <-> REMOTE_IP] ssh_ike_connect_notify: Sending notification to (null):500 [Oct 14 10:44:33][LOCAL_IP <-> REMOTE_IP] ike_send_packet: Start, send SA = { 2e38b05d 3755b76e - 0d7f03d0 ac1af841}, nego = 0, dst = REMOTE_IP:500, routing table id = 0 [Oct 14 10:44:33][LOCAL_IP <-> REMOTE_IP] ike_delete_negotiation: Start, SA = { 2e38b05d 3755b76e - 0d7f03d0 ac1af841}, nego = 0 [Oct 14 10:44:33][LOCAL_IP <-> REMOTE_IP] :500 (Initiator) <-> REMOTE_IP:500 { 2e38b05d 3755b76e - 0d7f03d0 ac1af841 [0] / 0xd14886be } Info; Deleting negotiation [Oct 14 10:44:33][LOCAL_IP <-> REMOTE_IP] ike_free_negotiation_info: Start, nego = 0 [Oct 14 10:44:33][LOCAL_IP <-> REMOTE_IP] ike_free_negotiation: Start, nego = 0 [Oct 14 10:44:33][LOCAL_IP <-> REMOTE_IP] iked_pm_ike_info_done_callback: P1 SA 2593421 (ref 2). pending req? 0, status: Error ok [Oct 14 10:44:33][LOCAL_IP <-> REMOTE_IP] ikev2_fallback_negotiation_free: Freeing fallback negotiation dfc800 [Oct 14 10:44:33][LOCAL_IP <-> REMOTE_IP] ike_sa_find: Found SA = { 2e38b05d 3755b76e - 0d7f03d0 ac1af841 } [Oct 14 10:44:33][LOCAL_IP <-> REMOTE_IP] ikev2_packet_v1_start: Passing IKE v1.0 packet to IKEv1 library [Oct 14 10:44:33][LOCAL_IP <-> REMOTE_IP] ike_get_sa: Start, SA = { 2e38b05d 3755b76e - 0d7f03d0 ac1af841 } / 24a49ad4, remote = REMOTE_IP:500 [Oct 14 10:44:33][LOCAL_IP <-> REMOTE_IP] ike_sa_find: Found SA = { 2e38b05d 3755b76e - 0d7f03d0 ac1af841 } [Oct 14 10:44:33][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { 2e38b05d 3755b76e - 0d7f03d0 ac1af841 [-1] / 0x00000000 } IP; Version = 1.0, Input packet fields = 0024 ID HASH [Oct 14 10:44:33][LOCAL_IP <-> REMOTE_IP] ike_state_step: Current state = MM done I (9)/-1, exchange = 2, auth_method = pre shared key, Initiator [Oct 14 10:44:33][LOCAL_IP <-> REMOTE_IP] ike_st_o_done: ISAKMP SA negotiation done [Oct 14 10:44:33][LOCAL_IP <-> REMOTE_IP] ike_state_step: All done, new state = Done (30) [Oct 14 10:44:33][LOCAL_IP <-> REMOTE_IP] ike_udp_callback_common: Connected, sending notify [Oct 14 10:44:33][LOCAL_IP <-> REMOTE_IP] ike_send_notify: Connected, SA = { 2e38b05d 3755b76e - 0d7f03d0 ac1af841}, nego = -1 [Oct 14 10:44:33][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { 2e38b05d 3755b76e - 0d7f03d0 ac1af841 [-1] / 0x00000000 } IP; Connected [Oct 14 10:44:33][LOCAL_IP <-> REMOTE_IP] ike_free_negotiation_isakmp: Start, nego = -1 [Oct 14 10:44:33][LOCAL_IP <-> REMOTE_IP] ike_free_negotiation: Start, nego = -1 [Oct 14 10:44:33][LOCAL_IP <-> REMOTE_IP] ike_alloc_negotiation: Start, SA = { 2e38b05d 3755b76e - 0d7f03d0 ac1af841} [Oct 14 10:44:33][LOCAL_IP <-> REMOTE_IP] ike_alloc_negotiation: Found slot 0, max 1 [Oct 14 10:44:33][LOCAL_IP <-> REMOTE_IP] ike_init_cfg_negotiation: Start, initiator = 0, message_id = 24a49ad4 [Oct 14 10:44:33][LOCAL_IP <-> REMOTE_IP] :500 (Responder) <-> REMOTE_IP:500 { 2e38b05d 3755b76e - 0d7f03d0 ac1af841 [0] / 0x24a49ad4 } CFG; New negotiation [Oct 14 10:44:33][LOCAL_IP <-> REMOTE_IP] ikev2_fallback_negotiation_alloc: Allocated fallback negotiation dfc800 [Oct 14 10:44:33][LOCAL_IP <-> REMOTE_IP] ikev2_fb_alloc_cfgmode_negotiation: Accepting new Cfg/XAuth negotiation: local=:500, remote=REMOTE_IP:500 [Oct 14 10:44:33][LOCAL_IP <-> REMOTE_IP] :500 (Responder) <-> REMOTE_IP:500 { 2e38b05d 3755b76e - 0d7f03d0 ac1af841 [0] / 0x24a49ad4 } CFG; Output of phase 2 IV hash[16] = 0x158f9e9e 71b444da 132a7cac ce8b903c [Oct 14 10:44:33][LOCAL_IP <-> REMOTE_IP] ike_decode_packet: Start [Oct 14 10:44:33][LOCAL_IP <-> REMOTE_IP] ike_decode_packet: Start, SA = { 2e38b05d 3755b76e - 0d7f03d0 ac1af841} / 24a49ad4, nego = 0 [Oct 14 10:44:33][LOCAL_IP <-> REMOTE_IP] ike_decode_packet: Decrypting packet [Oct 14 10:44:33][LOCAL_IP <-> REMOTE_IP] ike_decode_payload_attr: Start [Oct 14 10:44:33][LOCAL_IP <-> REMOTE_IP] :500 (Responder) <-> REMOTE_IP:500 { 2e38b05d 3755b76e - 0d7f03d0 ac1af841 [0] / 0x24a49ad4 } CFG; Version = 1.0, Input packet fields = 0820 HASH ATTR [Oct 14 10:44:33][LOCAL_IP <-> REMOTE_IP] ike_state_step: Current state = Start CFG R (26)/-1, exchange = 6, auth_method = any, Responder [Oct 14 10:44:33][LOCAL_IP <-> REMOTE_IP] ike_st_i_encrypt: Check that packet was encrypted succeeded [Oct 14 10:44:33][LOCAL_IP <-> REMOTE_IP] ike_st_i_gen_hash: Start, hash[0..20] = 024b3a30 c2beca21 ... [Oct 14 10:44:33][LOCAL_IP <-> REMOTE_IP] ike_st_i_cfg_attr: Start [Oct 14 10:44:33][LOCAL_IP <-> REMOTE_IP] ike_process_packet: No output packet, returning [Oct 14 10:44:33][LOCAL_IP <-> REMOTE_IP] ike_cfg_attrs_reply: Start [Oct 14 10:44:33][LOCAL_IP <-> REMOTE_IP] ikev2_fallback_negotiation_free: Fallback negotiation dfc800 has still 2 references [Oct 14 10:44:33][LOCAL_IP <-> REMOTE_IP] ikev2_fallback_negotiation_free: Fallback negotiation dfc800 has still 1 references [Oct 14 10:44:33][LOCAL_IP <-> REMOTE_IP] ikev2_fallback_negotiation_free: Freeing fallback negotiation dfc800 [Oct 14 10:44:33][LOCAL_IP <-> REMOTE_IP] ike_sa_find: Found SA = { 2e38b05d 3755b76e - 0d7f03d0 ac1af841 } [Oct 14 10:44:33][LOCAL_IP <-> REMOTE_IP] ikev2_packet_v1_start: Passing IKE v1.0 packet to IKEv1 library [Oct 14 10:44:33][LOCAL_IP <-> REMOTE_IP] ike_get_sa: Start, SA = { 2e38b05d 3755b76e - 0d7f03d0 ac1af841 } / e6477bff, remote = REMOTE_IP:500 [Oct 14 10:44:33][LOCAL_IP <-> REMOTE_IP] ike_sa_find: Found SA = { 2e38b05d 3755b76e - 0d7f03d0 ac1af841 } [Oct 14 10:44:33][LOCAL_IP <-> REMOTE_IP] ike_alloc_negotiation: Start, SA = { 2e38b05d 3755b76e - 0d7f03d0 ac1af841} [Oct 14 10:44:33][LOCAL_IP <-> REMOTE_IP] ike_alloc_negotiation: Found slot 1, max 2 [Oct 14 10:44:33][LOCAL_IP <-> REMOTE_IP] :500 (Responder) <-> REMOTE_IP:500 { 2e38b05d 3755b76e - 0d7f03d0 ac1af841 [1] / 0xe6477bff } Info; New informational negotiation [Oct 14 10:44:33][LOCAL_IP <-> REMOTE_IP] :500 (Responder) <-> REMOTE_IP:500 { 2e38b05d 3755b76e - 0d7f03d0 ac1af841 [1] / 0xe6477bff } Info; Packet to old negotiation [Oct 14 10:44:33][LOCAL_IP <-> REMOTE_IP] :500 (Responder) <-> REMOTE_IP:500 { 2e38b05d 3755b76e - 0d7f03d0 ac1af841 [1] / 0xe6477bff } Info; Output of phase 2 IV hash[16] = 0x28f65cea e21e92c0 3bba87fc 499de065 [Oct 14 10:44:33][LOCAL_IP <-> REMOTE_IP] ike_decode_packet: Start [Oct 14 10:44:33][LOCAL_IP <-> REMOTE_IP] ike_decode_packet: Start, SA = { 2e38b05d 3755b76e - 0d7f03d0 ac1af841} / e6477bff, nego = 1 [Oct 14 10:44:33][LOCAL_IP <-> REMOTE_IP] ike_decode_packet: Decrypting packet [Oct 14 10:44:33][LOCAL_IP <-> REMOTE_IP] :500 (Responder) <-> REMOTE_IP:500 { 2e38b05d 3755b76e - 0d7f03d0 ac1af841 [1] / 0xe6477bff } Info; Version = 1.0, Input packet fields = 0220 HASH N [Oct 14 10:44:33][LOCAL_IP <-> REMOTE_IP] ike_state_step: Current state = Done (30)/-1, exchange = 5, auth_method = any, Responder [Oct 14 10:44:33][LOCAL_IP <-> REMOTE_IP] ike_st_i_encrypt: Check that packet was encrypted succeeded [Oct 14 10:44:33][LOCAL_IP <-> REMOTE_IP] ike_st_i_gen_hash: Start, hash[0..20] = 9ddec226 64b1d514 ... [Oct 14 10:44:33][LOCAL_IP <-> REMOTE_IP] ike_st_i_n: Start, doi = 1, protocol = 1, code = Payload malformed (16), spi[0..0] = 00000000 00000000 ..., data[0..0] = 00000000 00000000 ... [Oct 14 10:44:33][LOCAL_IP <-> REMOTE_IP] :500 (Responder) <-> REMOTE_IP:500 { 2e38b05d 3755b76e - 0d7f03d0 ac1af841 [1] / 0xe6477bff } Info; Received notify err = Payload malformed (16) to isakmp sa, delete it [Oct 14 10:44:33][LOCAL_IP <-> REMOTE_IP] ike_st_i_private: Start [Oct 14 10:44:33][LOCAL_IP <-> REMOTE_IP] ike_state_step: All done, new state = Done (30) [Oct 14 10:44:33][LOCAL_IP <-> REMOTE_IP] ike_process_packet: Connected, sending notify [Oct 14 10:44:33][LOCAL_IP <-> REMOTE_IP] ike_send_notify: Connected, SA = { 2e38b05d 3755b76e - 0d7f03d0 ac1af841}, nego = 1 [Oct 14 10:44:33][LOCAL_IP <-> REMOTE_IP] :500 (Responder) <-> REMOTE_IP:500 { 2e38b05d 3755b76e - 0d7f03d0 ac1af841 [1] / 0xe6477bff } Info; Connected [Oct 14 10:44:33][LOCAL_IP <-> REMOTE_IP] ike_delete_negotiation: Start, SA = { 2e38b05d 3755b76e - 0d7f03d0 ac1af841}, nego = 1 [Oct 14 10:44:33][LOCAL_IP <-> REMOTE_IP] :500 (Responder) <-> REMOTE_IP:500 { 2e38b05d 3755b76e - 0d7f03d0 ac1af841 [1] / 0xe6477bff } Info; Deleting negotiation [Oct 14 10:44:33][LOCAL_IP <-> REMOTE_IP] ike_free_negotiation_info: Start, nego = 1 [Oct 14 10:44:33][LOCAL_IP <-> REMOTE_IP] ike_free_negotiation: Start, nego = 1 [Oct 14 10:44:33][LOCAL_IP <-> REMOTE_IP] ike_remove_callback: Start, delete SA = { 2e38b05d 3755b76e - 0d7f03d0 ac1af841}, nego = -1 [Oct 14 10:44:33][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { 2e38b05d 3755b76e - 0d7f03d0 ac1af841 [-1] / unknown } IP; Removing negotiation [Oct 14 10:44:33][LOCAL_IP <-> REMOTE_IP] ike_delete_negotiation: Start, SA = { 2e38b05d 3755b76e - 0d7f03d0 ac1af841}, nego = -1 [Oct 14 10:44:33][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { 2e38b05d 3755b76e - 0d7f03d0 ac1af841 [-1] / unknown } IP; Deleting negotiation [Oct 14 10:44:33][LOCAL_IP <-> REMOTE_IP] ssh_ike_tunnel_table_entry_delete: Deleting tunnel_id: 0 from IKE tunnel table [Oct 14 10:44:33][LOCAL_IP <-> REMOTE_IP] ssh_ike_tunnel_table_entry_delete: The tunnel id: 0 doesn't exist in IKE tunnel table [Oct 14 10:44:33][LOCAL_IP <-> REMOTE_IP] ike_sa_delete: Start, SA = { 2e38b05d 3755b76e - 0d7f03d0 ac1af841 } [Oct 14 10:44:33][LOCAL_IP <-> REMOTE_IP] ike_free_negotiation_cfg: Start, nego = 0 [Oct 14 10:44:33][LOCAL_IP <-> REMOTE_IP] ike_free_negotiation: Start, nego = 0 [Oct 14 10:44:33][LOCAL_IP <-> REMOTE_IP] ike_free_negotiation_isakmp: Start, nego = -1 [Oct 14 10:44:33][LOCAL_IP <-> REMOTE_IP] ike_free_negotiation: Start, nego = -1 [Oct 14 10:44:33][LOCAL_IP <-> REMOTE_IP] ikev2_fb_isakmp_sa_freed: Received notification from the ISAKMP library that the IKE SA df6400 is freed [Oct 14 10:44:33][LOCAL_IP <-> REMOTE_IP] IKE SA delete called for p1 sa 2593421 (ref cnt 1) local:LOCAL_IP, remote:REMOTE_IP, IKEv1 [Oct 14 10:44:33][LOCAL_IP <-> REMOTE_IP] P1 SA 2593421 stop timer. timer duration 30, reason 0. [Oct 14 10:44:33][LOCAL_IP <-> REMOTE_IP] iked_pm_p1_sa_destroy: p1 sa 2593421 (ref cnt 0), waiting_for_del 0x0 [Oct 14 10:44:33][LOCAL_IP <-> REMOTE_IP] iked_peer_remove_p1sa_entry: Remove p1 sa 2593421 from peer entry 0x9cc400 [Oct 14 10:44:33][LOCAL_IP <-> REMOTE_IP] ike_free_id_payload: Start, id type = 1 [Oct 14 10:44:33][LOCAL_IP <-> REMOTE_IP] ike_free_id_payload: Start, id type = 1 [Oct 14 10:44:33][LOCAL_IP <-> REMOTE_IP] ike_free_sa: Start [Oct 14 10:44:37][LOCAL_IP <-> REMOTE_IP] ike_sa_find: Not found SA = { 2e38b05d 3755b76e - 0d7f03d0 ac1af841 } [Oct 14 10:44:37][LOCAL_IP <-> REMOTE_IP] ikev2_packet_v1_start: Passing IKE v1.0 packet to IKEv1 library [Oct 14 10:44:37][LOCAL_IP <-> REMOTE_IP] ike_get_sa: Start, SA = { 2e38b05d 3755b76e - 0d7f03d0 ac1af841 } / 24a49ad4, remote = REMOTE_IP:500 [Oct 14 10:44:37][LOCAL_IP <-> REMOTE_IP] ike_sa_find: Not found SA = { 2e38b05d 3755b76e - 0d7f03d0 ac1af841 } [Oct 14 10:44:37][LOCAL_IP <-> REMOTE_IP] ike_sa_find_half: Not found half SA = { 2e38b05d 3755b76e - 00000000 00000000 } [Oct 14 10:44:37][LOCAL_IP <-> REMOTE_IP] ike_get_sa: Invalid cookie, no sa found, SA = { 2e38b05d 3755b76e - 0d7f03d0 ac1af841 } / 24a49ad4, remote = REMOTE_IP:500 [Oct 14 10:44:37][LOCAL_IP <-> REMOTE_IP] iked_pv_audit_callback: Empty SSH audit event [Oct 14 10:44:37][LOCAL_IP <-> REMOTE_IP] unknown (unknown) <-> unknown { unknown [unknown] / unknown } unknown; Packet to unknown Isakmp SA, ip = REMOTE_IP:500 [Oct 14 10:44:43][LOCAL_IP <-> REMOTE_IP] Received DPD Trigger message with local_gw_addr = LOCAL_IP remote_gw_addr = REMOTE_IP [Oct 14 10:44:43][LOCAL_IP <-> REMOTE_IP] DPD -> TTL decrement 4 (no-response) for remote peer REMOTE_IP [Oct 14 10:44:43][LOCAL_IP <-> REMOTE_IP] P1 SA 2593422 start timer. timer duration 30, reason 1. [Oct 14 10:44:43][LOCAL_IP <-> REMOTE_IP] iked_peer_insert_p1sa_entry: Insert p1 sa 2593422 in peer entry 0x9cc400 [Oct 14 10:44:43][LOCAL_IP <-> REMOTE_IP] ikev2_fallback_negotiation_alloc: Allocated fallback negotiation dfc800 [Oct 14 10:44:43][LOCAL_IP <-> REMOTE_IP] Parsing notification payload for local:LOCAL_IP, remote:REMOTE_IP IKEv1 [Oct 14 10:44:43][LOCAL_IP <-> REMOTE_IP] IKE SA fill called for negotiation of local:LOCAL_IP, remote:REMOTE_IP IKEv1 [Oct 14 10:44:43][LOCAL_IP <-> REMOTE_IP] ikev2_fallback_negotiation_free: Fallback negotiation dfc800 has still 1 references [Oct 14 10:44:43][LOCAL_IP <-> REMOTE_IP] ssh_ike_connect: Start, remote_name = REMOTE_IP:500, xchg = 2, flags = 00080000 [Oct 14 10:44:43][LOCAL_IP <-> REMOTE_IP] ike_sa_allocate: Start, SA = { 7fc8b19c bb618768 - 00000000 00000000 } [Oct 14 10:44:43][LOCAL_IP <-> REMOTE_IP] ike_init_isakmp_sa: Start, remote = REMOTE_IP:500, initiator = 1 [Oct 14 10:44:43][LOCAL_IP <-> REMOTE_IP] ssh_ike_connect: SA = { 7fc8b19c bb618768 - 00000000 00000000}, nego = -1 [Oct 14 10:44:43][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { 7fc8b19c bb618768 - 00000000 00000000 [-1] / 0x00000000 } IP; Start isakmp sa negotiation [Oct 14 10:44:43][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { 7fc8b19c bb618768 - 00000000 00000000 [-1] / 0x00000000 } IP; Version = 1.0, Input packet fields = 0000 [Oct 14 10:44:43][LOCAL_IP <-> REMOTE_IP] ike_state_step: Current state = Start sa negotiation I (1)/-1, exchange = 2, auth_method = pre shared key, Initiator [Oct 14 10:44:43][LOCAL_IP <-> REMOTE_IP] ike_st_o_sa_proposal: Start [Oct 14 10:44:43][LOCAL_IP <-> REMOTE_IP] ike_policy_reply_isakmp_vendor_ids: Start [Oct 14 10:44:43][LOCAL_IP <-> REMOTE_IP] ike_st_o_private: Start [Oct 14 10:44:43][LOCAL_IP <-> REMOTE_IP] ike_policy_reply_private_payload_out: Start [Oct 14 10:44:43][LOCAL_IP <-> REMOTE_IP] ike_state_step: All done, new state = MM SA I (3) [Oct 14 10:44:43][LOCAL_IP <-> REMOTE_IP] ike_encode_packet: Start, SA = { 0x7fc8b19c bb618768 - 00000000 00000000 } / 00000000, nego = -1 [Oct 14 10:44:43][LOCAL_IP <-> REMOTE_IP] ike_encode_packet: Final length = 288 [Oct 14 10:44:43][LOCAL_IP <-> REMOTE_IP] ike_send_packet: Start, send SA = { 7fc8b19c bb618768 - 00000000 00000000}, nego = -1, dst = REMOTE_IP:500, routing table id = 0 [Oct 14 10:44:43][LOCAL_IP <-> REMOTE_IP] ike_sa_find: Not found SA = { 7fc8b19c bb618768 - 170c2c08 c9417f59 } [Oct 14 10:44:43][LOCAL_IP <-> REMOTE_IP] ikev2_packet_v1_start: Passing IKE v1.0 packet to IKEv1 library [Oct 14 10:44:43][LOCAL_IP <-> REMOTE_IP] ike_get_sa: Start, SA = { 7fc8b19c bb618768 - 170c2c08 c9417f59 } / 00000000, remote = REMOTE_IP:500 [Oct 14 10:44:43][LOCAL_IP <-> REMOTE_IP] ike_sa_find: Not found SA = { 7fc8b19c bb618768 - 170c2c08 c9417f59 } [Oct 14 10:44:43][LOCAL_IP <-> REMOTE_IP] ike_sa_find_half: Found half SA = { 7fc8b19c bb618768 - 00000000 00000000 } [Oct 14 10:44:43][LOCAL_IP <-> REMOTE_IP] ike_get_sa: We are intiator, first response packet [Oct 14 10:44:43][LOCAL_IP <-> REMOTE_IP] ike_sa_upgrade: Start, SA = { 7fc8b19c bb618768 - 00000000 00000000 } -> { ... - 170c2c08 c9417f59 } [Oct 14 10:44:43][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { 7fc8b19c bb618768 - 170c2c08 c9417f59 [-1] / 0x00000000 } IP; Packet to old negotiation [Oct 14 10:44:43][LOCAL_IP <-> REMOTE_IP] ike_decode_packet: Start [Oct 14 10:44:43][LOCAL_IP <-> REMOTE_IP] ike_decode_packet: Start, SA = { 7fc8b19c bb618768 - 170c2c08 c9417f59} / 00000000, nego = -1 [Oct 14 10:44:43][LOCAL_IP <-> REMOTE_IP] ike_decode_payload_sa: Start [Oct 14 10:44:43][LOCAL_IP <-> REMOTE_IP] ike_decode_payload_sa: Found 1 proposals [Oct 14 10:44:43][LOCAL_IP <-> REMOTE_IP] ike_decode_payload_t: Start, # trans = 1 [Oct 14 10:44:43][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { 7fc8b19c bb618768 - 170c2c08 c9417f59 [-1] / 0x00000000 } IP; Version = 1.0, Input packet fields = 0401 SA VID [Oct 14 10:44:43][LOCAL_IP <-> REMOTE_IP] ike_state_step: Current state = MM SA I (3)/-1, exchange = 2, auth_method = pre shared key, Initiator [Oct 14 10:44:43][LOCAL_IP <-> REMOTE_IP] ike_st_i_sa_value: Start [Oct 14 10:44:43][LOCAL_IP <-> REMOTE_IP] ike_st_i_cr: Start [Oct 14 10:44:43][LOCAL_IP <-> REMOTE_IP] ike_st_i_cert: Start [Oct 14 10:44:43][LOCAL_IP <-> REMOTE_IP] ike_st_i_vid: VID[0..8] = 09002689 dfd6b712 ... [Oct 14 10:44:43][LOCAL_IP <-> REMOTE_IP] ike_st_i_vid: VID[0..16] = afcad713 68a1f1c9 ... [Oct 14 10:44:43][LOCAL_IP <-> REMOTE_IP] ike_st_i_vid: VID[0..16] = 12f5f28c 457168a9 ... [Oct 14 10:44:43][LOCAL_IP <-> REMOTE_IP] ike_st_i_vid: VID[0..16] = 4a131c81 07035845 ... [Oct 14 10:44:43][LOCAL_IP <-> REMOTE_IP] ike_st_i_private: Start [Oct 14 10:44:43][LOCAL_IP <-> REMOTE_IP] ike_st_o_ke: Start [Oct 14 10:44:43][LOCAL_IP <-> REMOTE_IP] iked_dh_get_group: DH Group 2 [Oct 14 10:44:43][LOCAL_IP <-> REMOTE_IP] iked_dh_generate_sync: Requested DH group 2 [Oct 14 10:44:43][LOCAL_IP <-> REMOTE_IP] iked_dh_generate_sync: Generated DH keys using hardware for DH group 2 [Oct 14 10:44:43][LOCAL_IP <-> REMOTE_IP] juniper_dlp_diffie_hellman_generate_async: DH Generate Secs [0] USecs [5667] [Oct 14 10:44:43][LOCAL_IP <-> REMOTE_IP] juniper_dlp_diffie_hellman_generate_async: Generated DH using hardware [Oct 14 10:44:43][LOCAL_IP <-> REMOTE_IP] ike_st_o_nonce: Start [Oct 14 10:44:43][LOCAL_IP <-> REMOTE_IP] ike_policy_reply_isakmp_nonce_data_len: Start [Oct 14 10:44:43][LOCAL_IP <-> REMOTE_IP] ike_st_o_private: Start [Oct 14 10:44:43][LOCAL_IP <-> REMOTE_IP] ike_policy_reply_private_payload_out: Start [Oct 14 10:44:43][LOCAL_IP <-> REMOTE_IP] ike_policy_reply_private_payload_out: Start [Oct 14 10:44:43][LOCAL_IP <-> REMOTE_IP] ike_policy_reply_private_payload_out: Start [Oct 14 10:44:43][LOCAL_IP <-> REMOTE_IP] ike_state_step: All done, new state = MM KE I (5) [Oct 14 10:44:43][LOCAL_IP <-> REMOTE_IP] ike_encode_packet: Start, SA = { 0x7fc8b19c bb618768 - 170c2c08 c9417f59 } / 00000000, nego = -1 [Oct 14 10:44:43][LOCAL_IP <-> REMOTE_IP] ike_encode_packet: Final length = 228 [Oct 14 10:44:43][LOCAL_IP <-> REMOTE_IP] ike_send_packet: Start, send SA = { 7fc8b19c bb618768 - 170c2c08 c9417f59}, nego = -1, dst = REMOTE_IP:500, routing table id = 0 [Oct 14 10:44:43][LOCAL_IP <-> REMOTE_IP] ike_sa_find: Found SA = { 7fc8b19c bb618768 - 170c2c08 c9417f59 } [Oct 14 10:44:43][LOCAL_IP <-> REMOTE_IP] ikev2_packet_v1_start: Passing IKE v1.0 packet to IKEv1 library [Oct 14 10:44:43][LOCAL_IP <-> REMOTE_IP] ike_get_sa: Start, SA = { 7fc8b19c bb618768 - 170c2c08 c9417f59 } / 00000000, remote = REMOTE_IP:500 [Oct 14 10:44:43][LOCAL_IP <-> REMOTE_IP] ike_sa_find: Found SA = { 7fc8b19c bb618768 - 170c2c08 c9417f59 } [Oct 14 10:44:43][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { 7fc8b19c bb618768 - 170c2c08 c9417f59 [-1] / 0x00000000 } IP; Packet to old negotiation [Oct 14 10:44:43][LOCAL_IP <-> REMOTE_IP] ike_decode_packet: Start [Oct 14 10:44:43][LOCAL_IP <-> REMOTE_IP] ike_decode_packet: Start, SA = { 7fc8b19c bb618768 - 170c2c08 c9417f59} / 00000000, nego = -1 [Oct 14 10:44:43][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { 7fc8b19c bb618768 - 170c2c08 c9417f59 [-1] / 0x00000000 } IP; Version = 1.0, Input packet fields = 0012 KE NONCE [Oct 14 10:44:43][LOCAL_IP <-> REMOTE_IP] ike_state_step: Current state = MM KE I (5)/-1, exchange = 2, auth_method = pre shared key, Initiator [Oct 14 10:44:43][LOCAL_IP <-> REMOTE_IP] ike_st_i_nonce: Start, nonce[0..32] = 685d7c50 c65ce02a ... [Oct 14 10:44:43][LOCAL_IP <-> REMOTE_IP] ike_st_i_ke: Ke[0..128] = c1a6635d 56ad3e07 ... [Oct 14 10:44:43][LOCAL_IP <-> REMOTE_IP] ike_st_i_cr: Start [Oct 14 10:44:43][LOCAL_IP <-> REMOTE_IP] ike_st_i_cert: Start [Oct 14 10:44:43][LOCAL_IP <-> REMOTE_IP] ike_st_i_private: Start [Oct 14 10:44:43][LOCAL_IP <-> REMOTE_IP] ike_st_o_id: Start [Oct 14 10:44:43][LOCAL_IP <-> REMOTE_IP] ike_st_o_hash: Start [Oct 14 10:44:43][LOCAL_IP <-> REMOTE_IP] iked_dh_get_group: DH Group 2 [Oct 14 10:44:43][LOCAL_IP <-> REMOTE_IP] iked_dh_compute_synch: Requested DH group 2 [Oct 14 10:44:43][LOCAL_IP <-> REMOTE_IP] juniper_dlp_diffie_hellman_final_async: DH Compute Secs [0] USecs [5362] [Oct 14 10:44:43][LOCAL_IP <-> REMOTE_IP] juniper_dlp_diffie_hellman_final_async: Computed DH using hardware [Oct 14 10:44:43][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { 7fc8b19c bb618768 - 170c2c08 c9417f59 [-1] / 0x00000000 } IP; Diffie-hellman secret g^xy[128] = 0x95a0cb29 a4b76a80 06f2daa7 e0b99d59 88 [Oct 14 10:44:43][LOCAL_IP <-> REMOTE_IP] ike_find_pre_shared_key: Find pre shared key key for LOCAL_IP:500, id = ipv4(any:0,[0..3]=LOCAL_IP) -> REMOTE_IP:500, id = No Id [Oct 14 10:44:43][LOCAL_IP <-> REMOTE_IP] ike_policy_reply_find_pre_shared_key: Start [Oct 14 10:44:43][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { 7fc8b19c bb618768 - 170c2c08 c9417f59 [-1] / 0x00000000 } IP; Hash algorithm = hmac-sha1 [Oct 14 10:44:43][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { 7fc8b19c bb618768 - 170c2c08 c9417f59 [-1] / 0x00000000 } IP; Prf key[11] = 0x32303135 4d696172 657465 [Oct 14 10:44:43][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { 7fc8b19c bb618768 - 170c2c08 c9417f59 [-1] / 0x00000000 } IP; Calculating SKEYID [Oct 14 10:44:43][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { 7fc8b19c bb618768 - 170c2c08 c9417f59 [-1] / 0x00000000 } IP; Output of SKEYID hash[20] = 0x6c7bcd91 ade93dbd e819776e b720fca5 0aa916a8 [Oct 14 10:44:43][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { 7fc8b19c bb618768 - 170c2c08 c9417f59 [-1] / 0x00000000 } IP; Output of SKEYID_d hash[20] = 0x67efdebd ce2fd714 195159d9 893c6719 6f6bf1 [Oct 14 10:44:43][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { 7fc8b19c bb618768 - 170c2c08 c9417f59 [-1] / 0x00000000 } IP; Output of SKEYID_a hash[20] = 0x5c6c9da7 bc8322f2 459b56d7 c08b5674 8e07f0 [Oct 14 10:44:43][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { 7fc8b19c bb618768 - 170c2c08 c9417f59 [-1] / 0x00000000 } IP; Output SKEYID_e hash[20] = 0x4e858bf3 07ddbe27 bd0382b8 3b27e7f6 e1e8c4eb [Oct 14 10:44:43][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { 7fc8b19c bb618768 - 170c2c08 c9417f59 [-1] / 0x00000000 } IP; Final encryption key[16] = 0x4e858bf3 07ddbe27 bd0382b8 3b27e7f6 [Oct 14 10:44:43][LOCAL_IP <-> REMOTE_IP] ike_calc_mac: Start, initiator = true, local = true [Oct 14 10:44:43][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { 7fc8b19c bb618768 - 170c2c08 c9417f59 [-1] / 0x00000000 } IP; Output of HASH_I hash[20] = 0x6a7503cd 5a82bb92 3c6debc1 b8dc6b2b 2f2d359e [Oct 14 10:44:43][LOCAL_IP <-> REMOTE_IP] ike_st_o_status_n: Start [Oct 14 10:44:43][LOCAL_IP <-> REMOTE_IP] ike_st_o_private: Start [Oct 14 10:44:43][LOCAL_IP <-> REMOTE_IP] ike_policy_reply_private_payload_out: Start [Oct 14 10:44:43][LOCAL_IP <-> REMOTE_IP] ike_st_o_encrypt: Marking encryption for packet [Oct 14 10:44:43][LOCAL_IP <-> REMOTE_IP] ike_state_step: All done, new state = MM final I (7) [Oct 14 10:44:43][LOCAL_IP <-> REMOTE_IP] ike_encode_packet: Start, SA = { 0x7fc8b19c bb618768 - 170c2c08 c9417f59 } / 00000000, nego = -1 [Oct 14 10:44:43][LOCAL_IP <-> REMOTE_IP] ike_encode_packet: Encrypting packet [Oct 14 10:44:43][LOCAL_IP <-> REMOTE_IP] ike_encode_packet: Final length = 76 [Oct 14 10:44:43][LOCAL_IP <-> REMOTE_IP] ike_send_packet: Start, send SA = { 7fc8b19c bb618768 - 170c2c08 c9417f59}, nego = -1, dst = REMOTE_IP:500, routing table id = 0 [Oct 14 10:44:43][LOCAL_IP <-> REMOTE_IP] ike_sa_find: Found SA = { 7fc8b19c bb618768 - 170c2c08 c9417f59 } [Oct 14 10:44:43][LOCAL_IP <-> REMOTE_IP] ikev2_packet_v1_start: Passing IKE v1.0 packet to IKEv1 library [Oct 14 10:44:43][LOCAL_IP <-> REMOTE_IP] ike_get_sa: Start, SA = { 7fc8b19c bb618768 - 170c2c08 c9417f59 } / 00000000, remote = REMOTE_IP:500 [Oct 14 10:44:43][LOCAL_IP <-> REMOTE_IP] ike_sa_find: Found SA = { 7fc8b19c bb618768 - 170c2c08 c9417f59 } [Oct 14 10:44:43][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { 7fc8b19c bb618768 - 170c2c08 c9417f59 [-1] / 0x00000000 } IP; Packet to old negotiation [Oct 14 10:44:43][LOCAL_IP <-> REMOTE_IP] ike_decode_packet: Start [Oct 14 10:44:43][LOCAL_IP <-> REMOTE_IP] ike_decode_packet: Start, SA = { 7fc8b19c bb618768 - 170c2c08 c9417f59} / 00000000, nego = -1 [Oct 14 10:44:43][LOCAL_IP <-> REMOTE_IP] ike_decode_packet: Decrypting packet [Oct 14 10:44:43][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { 7fc8b19c bb618768 - 170c2c08 c9417f59 [-1] / 0x00000000 } IP; Version = 1.0, Input packet fields = 0024 ID HASH [Oct 14 10:44:43][LOCAL_IP <-> REMOTE_IP] ike_state_step: Current state = MM final I (7)/-1, exchange = 2, auth_method = pre shared key, Initiator [Oct 14 10:44:43][LOCAL_IP <-> REMOTE_IP] ike_st_i_encrypt: Check that packet was encrypted succeeded [Oct 14 10:44:43][LOCAL_IP <-> REMOTE_IP] ike_st_i_id: Start [Oct 14 10:44:43][LOCAL_IP <-> REMOTE_IP] ike_st_i_hash: Start, hash[0..20] = d15b12c7 c78a501d ... [Oct 14 10:44:43][LOCAL_IP <-> REMOTE_IP] ike_calc_mac: Start, initiator = true, local = false [Oct 14 10:44:43][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { 7fc8b19c bb618768 - 170c2c08 c9417f59 [-1] / 0x00000000 } IP; Output of HASH_R hash[20] = 0xd15b12c7 c78a501d 4a116616 fd3962ed 7d15d8da [Oct 14 10:44:43][LOCAL_IP <-> REMOTE_IP] ike_st_i_cert: Start [Oct 14 10:44:43][LOCAL_IP <-> REMOTE_IP] ike_st_i_private: Start [Oct 14 10:44:43][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { 7fc8b19c bb618768 - 170c2c08 c9417f59 [-1] / 0x00000000 } IP; dec->enc iv[16] = 0x2c123f96 9e6ee4b1 953cd769 7836b87d [Oct 14 10:44:43][LOCAL_IP <-> REMOTE_IP] ike_st_o_wait_done: Marking for waiting for done [Oct 14 10:44:43][LOCAL_IP <-> REMOTE_IP] ike_st_o_all_done: MESSAGE: Phase 1 { 0x7fc8b19c bb618768 - 0x170c2c08 c9417f59 } / 00000000, version = 1.0, xchg = Identity protect, auth_method = Pre shared keys, Initiator, cipher = aes- [Oct 14 10:44:43][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { 7fc8b19c bb618768 - 170c2c08 c9417f59 [-1] / 0x00000000 } IP; MESSAGE: Phase 1 version = 1.0, auth_method = Pre shared keys, cipher = ae [Oct 14 10:44:43][LOCAL_IP <-> REMOTE_IP] ike_state_step: All done, new state = MM done I (9) [Oct 14 10:44:43][LOCAL_IP <-> REMOTE_IP] ikev2_fallback_negotiation_free: Fallback negotiation dfc800 has still 1 references [Oct 14 10:44:43][LOCAL_IP <-> REMOTE_IP] ike_send_notify: Connected, SA = { 7fc8b19c bb618768 - 170c2c08 c9417f59}, nego = -1 [Oct 14 10:44:43][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { 7fc8b19c bb618768 - 170c2c08 c9417f59 [-1] / 0x00000000 } IP; Connected [Oct 14 10:44:43][LOCAL_IP <-> REMOTE_IP] ike_process_packet: No output packet, returning [Oct 14 10:44:43][LOCAL_IP <-> REMOTE_IP] iked_pm_ike_sa_done: local:LOCAL_IP, remote:REMOTE_IP IKEv1 [Oct 14 10:44:43][LOCAL_IP <-> REMOTE_IP] IKE negotiation done for local:LOCAL_IP, remote:REMOTE_IP IKEv1 with status: Error ok [Oct 14 10:44:43][LOCAL_IP <-> REMOTE_IP] Parsing notification payload for local:LOCAL_IP, remote:REMOTE_IP IKEv1 [Oct 14 10:44:43][LOCAL_IP <-> REMOTE_IP] P1 SA 2593422 stop timer. timer duration 30, reason 1. [Oct 14 10:44:43][LOCAL_IP <-> REMOTE_IP] ssh_ike_connect_notify: Start, remote_name = :500, flags = 00010000 [Oct 14 10:44:43][LOCAL_IP <-> REMOTE_IP] ike_sa_find_ip_port: Remote = all:500, Found SA = { 7fc8b19c bb618768 - 170c2c08 c9417f59} [Oct 14 10:44:43][LOCAL_IP <-> REMOTE_IP] ike_alloc_negotiation: Start, SA = { 7fc8b19c bb618768 - 170c2c08 c9417f59} [Oct 14 10:44:43][LOCAL_IP <-> REMOTE_IP] ike_alloc_negotiation: Found slot 0, max 1 [Oct 14 10:44:43][LOCAL_IP <-> REMOTE_IP] :500 (Initiator) <-> REMOTE_IP:500 { 7fc8b19c bb618768 - 170c2c08 c9417f59 [0] / 0x285fc841 } Info; Output of phase 2 IV hash[16] = 0xc544df35 b8fc7f23 43a721db 672c395a [Oct 14 10:44:43][LOCAL_IP <-> REMOTE_IP] ike_init_info_exchange: Created random message id = 285fc841 [Oct 14 10:44:43][LOCAL_IP <-> REMOTE_IP] ike_init_info_exchange: Phase 1 done, use HASH and N or D payload [Oct 14 10:44:43][LOCAL_IP <-> REMOTE_IP] ssh_ike_connect_notify: SA = { 7fc8b19c bb618768 - 170c2c08 c9417f59}, nego = 0 [Oct 14 10:44:43][LOCAL_IP <-> REMOTE_IP] :500 (Initiator) <-> REMOTE_IP:500 { 7fc8b19c bb618768 - 170c2c08 c9417f59 [0] / 0x285fc841 } Info; Start notify negotiation [Oct 14 10:44:43][LOCAL_IP <-> REMOTE_IP] ike_encode_packet: Start, SA = { 0x7fc8b19c bb618768 - 170c2c08 c9417f59 } / 285fc841, nego = 0 [Oct 14 10:44:43][LOCAL_IP <-> REMOTE_IP] ike_encode_packet: Encrypting packet [Oct 14 10:44:43][LOCAL_IP <-> REMOTE_IP] ike_encode_packet: Final length = 92 [Oct 14 10:44:43][LOCAL_IP <-> REMOTE_IP] ssh_ike_connect_notify: Sending notification to (null):500 [Oct 14 10:44:43][LOCAL_IP <-> REMOTE_IP] ike_send_packet: Start, send SA = { 7fc8b19c bb618768 - 170c2c08 c9417f59}, nego = 0, dst = REMOTE_IP:500, routing table id = 0 [Oct 14 10:44:43][LOCAL_IP <-> REMOTE_IP] ike_delete_negotiation: Start, SA = { 7fc8b19c bb618768 - 170c2c08 c9417f59}, nego = 0 [Oct 14 10:44:43][LOCAL_IP <-> REMOTE_IP] :500 (Initiator) <-> REMOTE_IP:500 { 7fc8b19c bb618768 - 170c2c08 c9417f59 [0] / 0x285fc841 } Info; Deleting negotiation [Oct 14 10:44:43][LOCAL_IP <-> REMOTE_IP] ike_free_negotiation_info: Start, nego = 0 [Oct 14 10:44:43][LOCAL_IP <-> REMOTE_IP] ike_free_negotiation: Start, nego = 0 [Oct 14 10:44:43][LOCAL_IP <-> REMOTE_IP] iked_pm_ike_info_done_callback: P1 SA 2593422 (ref 2). pending req? 0, status: Error ok [Oct 14 10:44:43][LOCAL_IP <-> REMOTE_IP] ikev2_fallback_negotiation_free: Freeing fallback negotiation dfc800 [Oct 14 10:44:43][LOCAL_IP <-> REMOTE_IP] ike_sa_find: Found SA = { 7fc8b19c bb618768 - 170c2c08 c9417f59 } [Oct 14 10:44:43][LOCAL_IP <-> REMOTE_IP] ikev2_packet_v1_start: Passing IKE v1.0 packet to IKEv1 library [Oct 14 10:44:43][LOCAL_IP <-> REMOTE_IP] ike_get_sa: Start, SA = { 7fc8b19c bb618768 - 170c2c08 c9417f59 } / a4aa8cb5, remote = REMOTE_IP:500 [Oct 14 10:44:43][LOCAL_IP <-> REMOTE_IP] ike_sa_find: Found SA = { 7fc8b19c bb618768 - 170c2c08 c9417f59 } [Oct 14 10:44:43][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { 7fc8b19c bb618768 - 170c2c08 c9417f59 [-1] / 0x00000000 } IP; Version = 1.0, Input packet fields = 0024 ID HASH [Oct 14 10:44:43][LOCAL_IP <-> REMOTE_IP] ike_state_step: Current state = MM done I (9)/-1, exchange = 2, auth_method = pre shared key, Initiator [Oct 14 10:44:43][LOCAL_IP <-> REMOTE_IP] ike_st_o_done: ISAKMP SA negotiation done [Oct 14 10:44:43][LOCAL_IP <-> REMOTE_IP] ike_state_step: All done, new state = Done (30) [Oct 14 10:44:43][LOCAL_IP <-> REMOTE_IP] ike_udp_callback_common: Connected, sending notify [Oct 14 10:44:43][LOCAL_IP <-> REMOTE_IP] ike_send_notify: Connected, SA = { 7fc8b19c bb618768 - 170c2c08 c9417f59}, nego = -1 [Oct 14 10:44:43][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { 7fc8b19c bb618768 - 170c2c08 c9417f59 [-1] / 0x00000000 } IP; Connected [Oct 14 10:44:43][LOCAL_IP <-> REMOTE_IP] ike_free_negotiation_isakmp: Start, nego = -1 [Oct 14 10:44:43][LOCAL_IP <-> REMOTE_IP] ike_free_negotiation: Start, nego = -1 [Oct 14 10:44:43][LOCAL_IP <-> REMOTE_IP] ike_alloc_negotiation: Start, SA = { 7fc8b19c bb618768 - 170c2c08 c9417f59} [Oct 14 10:44:43][LOCAL_IP <-> REMOTE_IP] ike_alloc_negotiation: Found slot 0, max 1 [Oct 14 10:44:43][LOCAL_IP <-> REMOTE_IP] ike_init_cfg_negotiation: Start, initiator = 0, message_id = a4aa8cb5 [Oct 14 10:44:43][LOCAL_IP <-> REMOTE_IP] :500 (Responder) <-> REMOTE_IP:500 { 7fc8b19c bb618768 - 170c2c08 c9417f59 [0] / 0xa4aa8cb5 } CFG; New negotiation [Oct 14 10:44:43][LOCAL_IP <-> REMOTE_IP] ikev2_fallback_negotiation_alloc: Allocated fallback negotiation dfc800 [Oct 14 10:44:43][LOCAL_IP <-> REMOTE_IP] ikev2_fb_alloc_cfgmode_negotiation: Accepting new Cfg/XAuth negotiation: local=:500, remote=REMOTE_IP:500 [Oct 14 10:44:43][LOCAL_IP <-> REMOTE_IP] :500 (Responder) <-> REMOTE_IP:500 { 7fc8b19c bb618768 - 170c2c08 c9417f59 [0] / 0xa4aa8cb5 } CFG; Output of phase 2 IV hash[16] = 0xbffae3a0 58d09fe4 d8adcb63 aa113c17 [Oct 14 10:44:43][LOCAL_IP <-> REMOTE_IP] ike_decode_packet: Start [Oct 14 10:44:43][LOCAL_IP <-> REMOTE_IP] ike_decode_packet: Start, SA = { 7fc8b19c bb618768 - 170c2c08 c9417f59} / a4aa8cb5, nego = 0 [Oct 14 10:44:43][LOCAL_IP <-> REMOTE_IP] ike_decode_packet: Decrypting packet [Oct 14 10:44:43][LOCAL_IP <-> REMOTE_IP] ike_decode_payload_attr: Start [Oct 14 10:44:43][LOCAL_IP <-> REMOTE_IP] :500 (Responder) <-> REMOTE_IP:500 { 7fc8b19c bb618768 - 170c2c08 c9417f59 [0] / 0xa4aa8cb5 } CFG; Version = 1.0, Input packet fields = 0820 HASH ATTR [Oct 14 10:44:43][LOCAL_IP <-> REMOTE_IP] ike_state_step: Current state = Start CFG R (26)/-1, exchange = 6, auth_method = any, Responder [Oct 14 10:44:43][LOCAL_IP <-> REMOTE_IP] ike_st_i_encrypt: Check that packet was encrypted succeeded [Oct 14 10:44:43][LOCAL_IP <-> REMOTE_IP] ike_st_i_gen_hash: Start, hash[0..20] = e1f4ca70 6c43c232 ... [Oct 14 10:44:43][LOCAL_IP <-> REMOTE_IP] ike_st_i_cfg_attr: Start [Oct 14 10:44:43][LOCAL_IP <-> REMOTE_IP] ike_process_packet: No output packet, returning [Oct 14 10:44:43][LOCAL_IP <-> REMOTE_IP] ike_cfg_attrs_reply: Start [Oct 14 10:44:43][LOCAL_IP <-> REMOTE_IP] ikev2_fallback_negotiation_free: Fallback negotiation dfc800 has still 2 references [Oct 14 10:44:43][LOCAL_IP <-> REMOTE_IP] ikev2_fallback_negotiation_free: Fallback negotiation dfc800 has still 1 references [Oct 14 10:44:43][LOCAL_IP <-> REMOTE_IP] ikev2_fallback_negotiation_free: Freeing fallback negotiation dfc800 [Oct 14 10:44:43][LOCAL_IP <-> REMOTE_IP] ike_sa_find: Found SA = { 7fc8b19c bb618768 - 170c2c08 c9417f59 } [Oct 14 10:44:43][LOCAL_IP <-> REMOTE_IP] ikev2_packet_v1_start: Passing IKE v1.0 packet to IKEv1 library [Oct 14 10:44:43][LOCAL_IP <-> REMOTE_IP] ike_get_sa: Start, SA = { 7fc8b19c bb618768 - 170c2c08 c9417f59 } / bd5979b6, remote = REMOTE_IP:500 [Oct 14 10:44:43][LOCAL_IP <-> REMOTE_IP] ike_sa_find: Found SA = { 7fc8b19c bb618768 - 170c2c08 c9417f59 } [Oct 14 10:44:43][LOCAL_IP <-> REMOTE_IP] ike_alloc_negotiation: Start, SA = { 7fc8b19c bb618768 - 170c2c08 c9417f59} [Oct 14 10:44:43][LOCAL_IP <-> REMOTE_IP] ike_alloc_negotiation: Found slot 1, max 2 [Oct 14 10:44:43][LOCAL_IP <-> REMOTE_IP] :500 (Responder) <-> REMOTE_IP:500 { 7fc8b19c bb618768 - 170c2c08 c9417f59 [1] / 0xbd5979b6 } Info; New informational negotiation [Oct 14 10:44:43][LOCAL_IP <-> REMOTE_IP] :500 (Responder) <-> REMOTE_IP:500 { 7fc8b19c bb618768 - 170c2c08 c9417f59 [1] / 0xbd5979b6 } Info; Packet to old negotiation [Oct 14 10:44:43][LOCAL_IP <-> REMOTE_IP] :500 (Responder) <-> REMOTE_IP:500 { 7fc8b19c bb618768 - 170c2c08 c9417f59 [1] / 0xbd5979b6 } Info; Output of phase 2 IV hash[16] = 0x23491c6d 175e4073 dcf86fd8 e8d50363 [Oct 14 10:44:43][LOCAL_IP <-> REMOTE_IP] ike_decode_packet: Start [Oct 14 10:44:43][LOCAL_IP <-> REMOTE_IP] ike_decode_packet: Start, SA = { 7fc8b19c bb618768 - 170c2c08 c9417f59} / bd5979b6, nego = 1 [Oct 14 10:44:43][LOCAL_IP <-> REMOTE_IP] ike_decode_packet: Decrypting packet [Oct 14 10:44:43][LOCAL_IP <-> REMOTE_IP] :500 (Responder) <-> REMOTE_IP:500 { 7fc8b19c bb618768 - 170c2c08 c9417f59 [1] / 0xbd5979b6 } Info; Version = 1.0, Input packet fields = 0220 HASH N [Oct 14 10:44:43][LOCAL_IP <-> REMOTE_IP] ike_state_step: Current state = Done (30)/-1, exchange = 5, auth_method = any, Responder [Oct 14 10:44:43][LOCAL_IP <-> REMOTE_IP] ike_st_i_encrypt: Check that packet was encrypted succeeded [Oct 14 10:44:43][LOCAL_IP <-> REMOTE_IP] ike_st_i_gen_hash: Start, hash[0..20] = d5d09f21 abf2b1b6 ... [Oct 14 10:44:43][LOCAL_IP <-> REMOTE_IP] ike_st_i_n: Start, doi = 1, protocol = 1, code = Payload malformed (16), spi[0..0] = 00000000 00000000 ..., data[0..0] = 00000000 00000000 ... [Oct 14 10:44:43][LOCAL_IP <-> REMOTE_IP] :500 (Responder) <-> REMOTE_IP:500 { 7fc8b19c bb618768 - 170c2c08 c9417f59 [1] / 0xbd5979b6 } Info; Received notify err = Payload malformed (16) to isakmp sa, delete it [Oct 14 10:44:43][LOCAL_IP <-> REMOTE_IP] ike_st_i_private: Start [Oct 14 10:44:43][LOCAL_IP <-> REMOTE_IP] ike_state_step: All done, new state = Done (30) [Oct 14 10:44:43][LOCAL_IP <-> REMOTE_IP] ike_process_packet: Connected, sending notify [Oct 14 10:44:43][LOCAL_IP <-> REMOTE_IP] ike_send_notify: Connected, SA = { 7fc8b19c bb618768 - 170c2c08 c9417f59}, nego = 1 [Oct 14 10:44:43][LOCAL_IP <-> REMOTE_IP] :500 (Responder) <-> REMOTE_IP:500 { 7fc8b19c bb618768 - 170c2c08 c9417f59 [1] / 0xbd5979b6 } Info; Connected [Oct 14 10:44:43][LOCAL_IP <-> REMOTE_IP] ike_delete_negotiation: Start, SA = { 7fc8b19c bb618768 - 170c2c08 c9417f59}, nego = 1 [Oct 14 10:44:43][LOCAL_IP <-> REMOTE_IP] :500 (Responder) <-> REMOTE_IP:500 { 7fc8b19c bb618768 - 170c2c08 c9417f59 [1] / 0xbd5979b6 } Info; Deleting negotiation [Oct 14 10:44:43][LOCAL_IP <-> REMOTE_IP] ike_free_negotiation_info: Start, nego = 1 [Oct 14 10:44:43][LOCAL_IP <-> REMOTE_IP] ike_free_negotiation: Start, nego = 1 [Oct 14 10:44:43][LOCAL_IP <-> REMOTE_IP] ike_remove_callback: Start, delete SA = { 7fc8b19c bb618768 - 170c2c08 c9417f59}, nego = -1 [Oct 14 10:44:43][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { 7fc8b19c bb618768 - 170c2c08 c9417f59 [-1] / unknown } IP; Removing negotiation [Oct 14 10:44:43][LOCAL_IP <-> REMOTE_IP] ike_delete_negotiation: Start, SA = { 7fc8b19c bb618768 - 170c2c08 c9417f59}, nego = -1 [Oct 14 10:44:43][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { 7fc8b19c bb618768 - 170c2c08 c9417f59 [-1] / unknown } IP; Deleting negotiation [Oct 14 10:44:43][LOCAL_IP <-> REMOTE_IP] ssh_ike_tunnel_table_entry_delete: Deleting tunnel_id: 0 from IKE tunnel table [Oct 14 10:44:43][LOCAL_IP <-> REMOTE_IP] ssh_ike_tunnel_table_entry_delete: The tunnel id: 0 doesn't exist in IKE tunnel table [Oct 14 10:44:43][LOCAL_IP <-> REMOTE_IP] ike_sa_delete: Start, SA = { 7fc8b19c bb618768 - 170c2c08 c9417f59 } [Oct 14 10:44:43][LOCAL_IP <-> REMOTE_IP] ike_free_negotiation_cfg: Start, nego = 0 [Oct 14 10:44:43][LOCAL_IP <-> REMOTE_IP] ike_free_negotiation: Start, nego = 0 [Oct 14 10:44:43][LOCAL_IP <-> REMOTE_IP] ike_free_negotiation_isakmp: Start, nego = -1 [Oct 14 10:44:43][LOCAL_IP <-> REMOTE_IP] ike_free_negotiation: Start, nego = -1 [Oct 14 10:44:43][LOCAL_IP <-> REMOTE_IP] ikev2_fb_isakmp_sa_freed: Received notification from the ISAKMP library that the IKE SA df6400 is freed [Oct 14 10:44:43][LOCAL_IP <-> REMOTE_IP] IKE SA delete called for p1 sa 2593422 (ref cnt 1) local:LOCAL_IP, remote:REMOTE_IP, IKEv1 [Oct 14 10:44:43][LOCAL_IP <-> REMOTE_IP] P1 SA 2593422 stop timer. timer duration 30, reason 0. [Oct 14 10:44:43][LOCAL_IP <-> REMOTE_IP] iked_pm_p1_sa_destroy: p1 sa 2593422 (ref cnt 0), waiting_for_del 0x0 [Oct 14 10:44:43][LOCAL_IP <-> REMOTE_IP] iked_peer_remove_p1sa_entry: Remove p1 sa 2593422 from peer entry 0x9cc400 [Oct 14 10:44:43][LOCAL_IP <-> REMOTE_IP] ike_free_id_payload: Start, id type = 1 [Oct 14 10:44:43][LOCAL_IP <-> REMOTE_IP] ike_free_id_payload: Start, id type = 1 [Oct 14 10:44:43][LOCAL_IP <-> REMOTE_IP] ike_free_sa: Start [Oct 14 10:44:47][LOCAL_IP <-> REMOTE_IP] ike_sa_find: Not found SA = { 7fc8b19c bb618768 - 170c2c08 c9417f59 } [Oct 14 10:44:47][LOCAL_IP <-> REMOTE_IP] ikev2_packet_v1_start: Passing IKE v1.0 packet to IKEv1 library [Oct 14 10:44:47][LOCAL_IP <-> REMOTE_IP] ike_get_sa: Start, SA = { 7fc8b19c bb618768 - 170c2c08 c9417f59 } / a4aa8cb5, remote = REMOTE_IP:500 [Oct 14 10:44:47][LOCAL_IP <-> REMOTE_IP] ike_sa_find: Not found SA = { 7fc8b19c bb618768 - 170c2c08 c9417f59 } [Oct 14 10:44:47][LOCAL_IP <-> REMOTE_IP] ike_sa_find_half: Not found half SA = { 7fc8b19c bb618768 - 00000000 00000000 } [Oct 14 10:44:47][LOCAL_IP <-> REMOTE_IP] ike_get_sa: Invalid cookie, no sa found, SA = { 7fc8b19c bb618768 - 170c2c08 c9417f59 } / a4aa8cb5, remote = REMOTE_IP:500 [Oct 14 10:44:47][LOCAL_IP <-> REMOTE_IP] iked_pv_audit_callback: Empty SSH audit event [Oct 14 10:44:47][LOCAL_IP <-> REMOTE_IP] unknown (unknown) <-> unknown { unknown [unknown] / unknown } unknown; Packet to unknown Isakmp SA, ip = REMOTE_IP:500 [Oct 14 10:44:53][LOCAL_IP <-> REMOTE_IP] Received DPD Trigger message with local_gw_addr = LOCAL_IP remote_gw_addr = REMOTE_IP [Oct 14 10:44:53][LOCAL_IP <-> REMOTE_IP] DPD -> TTL decrement 4 (no-response) for remote peer REMOTE_IP [Oct 14 10:44:53][LOCAL_IP <-> REMOTE_IP] P1 SA 2593423 start timer. timer duration 30, reason 1. [Oct 14 10:44:53][LOCAL_IP <-> REMOTE_IP] iked_peer_insert_p1sa_entry: Insert p1 sa 2593423 in peer entry 0x9cc400 [Oct 14 10:44:53][LOCAL_IP <-> REMOTE_IP] ikev2_fallback_negotiation_alloc: Allocated fallback negotiation dfc800 [Oct 14 10:44:53][LOCAL_IP <-> REMOTE_IP] Parsing notification payload for local:LOCAL_IP, remote:REMOTE_IP IKEv1 [Oct 14 10:44:53][LOCAL_IP <-> REMOTE_IP] IKE SA fill called for negotiation of local:LOCAL_IP, remote:REMOTE_IP IKEv1 [Oct 14 10:44:53][LOCAL_IP <-> REMOTE_IP] ikev2_fallback_negotiation_free: Fallback negotiation dfc800 has still 1 references [Oct 14 10:44:53][LOCAL_IP <-> REMOTE_IP] ssh_ike_connect: Start, remote_name = REMOTE_IP:500, xchg = 2, flags = 00080000 [Oct 14 10:44:53][LOCAL_IP <-> REMOTE_IP] ike_sa_allocate: Start, SA = { f9cfce40 8d2ed2d0 - 00000000 00000000 } [Oct 14 10:44:53][LOCAL_IP <-> REMOTE_IP] ike_init_isakmp_sa: Start, remote = REMOTE_IP:500, initiator = 1 [Oct 14 10:44:53][LOCAL_IP <-> REMOTE_IP] ssh_ike_connect: SA = { f9cfce40 8d2ed2d0 - 00000000 00000000}, nego = -1 [Oct 14 10:44:53][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { f9cfce40 8d2ed2d0 - 00000000 00000000 [-1] / 0x00000000 } IP; Start isakmp sa negotiation [Oct 14 10:44:53][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { f9cfce40 8d2ed2d0 - 00000000 00000000 [-1] / 0x00000000 } IP; Version = 1.0, Input packet fields = 0000 [Oct 14 10:44:53][LOCAL_IP <-> REMOTE_IP] ike_state_step: Current state = Start sa negotiation I (1)/-1, exchange = 2, auth_method = pre shared key, Initiator [Oct 14 10:44:53][LOCAL_IP <-> REMOTE_IP] ike_st_o_sa_proposal: Start [Oct 14 10:44:53][LOCAL_IP <-> REMOTE_IP] ike_policy_reply_isakmp_vendor_ids: Start [Oct 14 10:44:53][LOCAL_IP <-> REMOTE_IP] ike_st_o_private: Start [Oct 14 10:44:53][LOCAL_IP <-> REMOTE_IP] ike_policy_reply_private_payload_out: Start [Oct 14 10:44:53][LOCAL_IP <-> REMOTE_IP] ike_state_step: All done, new state = MM SA I (3) [Oct 14 10:44:53][LOCAL_IP <-> REMOTE_IP] ike_encode_packet: Start, SA = { 0xf9cfce40 8d2ed2d0 - 00000000 00000000 } / 00000000, nego = -1 [Oct 14 10:44:53][LOCAL_IP <-> REMOTE_IP] ike_encode_packet: Final length = 288 [Oct 14 10:44:53][LOCAL_IP <-> REMOTE_IP] ike_send_packet: Start, send SA = { f9cfce40 8d2ed2d0 - 00000000 00000000}, nego = -1, dst = REMOTE_IP:500, routing table id = 0 [Oct 14 10:44:53][LOCAL_IP <-> REMOTE_IP] ike_sa_find: Not found SA = { f9cfce40 8d2ed2d0 - d685accf 49237d78 } [Oct 14 10:44:53][LOCAL_IP <-> REMOTE_IP] ikev2_packet_v1_start: Passing IKE v1.0 packet to IKEv1 library [Oct 14 10:44:53][LOCAL_IP <-> REMOTE_IP] ike_get_sa: Start, SA = { f9cfce40 8d2ed2d0 - d685accf 49237d78 } / 00000000, remote = REMOTE_IP:500 [Oct 14 10:44:53][LOCAL_IP <-> REMOTE_IP] ike_sa_find: Not found SA = { f9cfce40 8d2ed2d0 - d685accf 49237d78 } [Oct 14 10:44:53][LOCAL_IP <-> REMOTE_IP] ike_sa_find_half: Found half SA = { f9cfce40 8d2ed2d0 - 00000000 00000000 } [Oct 14 10:44:53][LOCAL_IP <-> REMOTE_IP] ike_get_sa: We are intiator, first response packet [Oct 14 10:44:53][LOCAL_IP <-> REMOTE_IP] ike_sa_upgrade: Start, SA = { f9cfce40 8d2ed2d0 - 00000000 00000000 } -> { ... - d685accf 49237d78 } [Oct 14 10:44:53][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { f9cfce40 8d2ed2d0 - d685accf 49237d78 [-1] / 0x00000000 } IP; Packet to old negotiation [Oct 14 10:44:53][LOCAL_IP <-> REMOTE_IP] ike_decode_packet: Start [Oct 14 10:44:53][LOCAL_IP <-> REMOTE_IP] ike_decode_packet: Start, SA = { f9cfce40 8d2ed2d0 - d685accf 49237d78} / 00000000, nego = -1 [Oct 14 10:44:53][LOCAL_IP <-> REMOTE_IP] ike_decode_payload_sa: Start [Oct 14 10:44:53][LOCAL_IP <-> REMOTE_IP] ike_decode_payload_sa: Found 1 proposals [Oct 14 10:44:53][LOCAL_IP <-> REMOTE_IP] ike_decode_payload_t: Start, # trans = 1 [Oct 14 10:44:53][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { f9cfce40 8d2ed2d0 - d685accf 49237d78 [-1] / 0x00000000 } IP; Version = 1.0, Input packet fields = 0401 SA VID [Oct 14 10:44:53][LOCAL_IP <-> REMOTE_IP] ike_state_step: Current state = MM SA I (3)/-1, exchange = 2, auth_method = pre shared key, Initiator [Oct 14 10:44:53][LOCAL_IP <-> REMOTE_IP] ike_st_i_sa_value: Start [Oct 14 10:44:53][LOCAL_IP <-> REMOTE_IP] ike_st_i_cr: Start [Oct 14 10:44:53][LOCAL_IP <-> REMOTE_IP] ike_st_i_cert: Start [Oct 14 10:44:53][LOCAL_IP <-> REMOTE_IP] ike_st_i_vid: VID[0..8] = 09002689 dfd6b712 ... [Oct 14 10:44:53][LOCAL_IP <-> REMOTE_IP] ike_st_i_vid: VID[0..16] = afcad713 68a1f1c9 ... [Oct 14 10:44:53][LOCAL_IP <-> REMOTE_IP] ike_st_i_vid: VID[0..16] = 12f5f28c 457168a9 ... [Oct 14 10:44:53][LOCAL_IP <-> REMOTE_IP] ike_st_i_vid: VID[0..16] = 4a131c81 07035845 ... [Oct 14 10:44:53][LOCAL_IP <-> REMOTE_IP] ike_st_i_private: Start [Oct 14 10:44:53][LOCAL_IP <-> REMOTE_IP] ike_st_o_ke: Start [Oct 14 10:44:53][LOCAL_IP <-> REMOTE_IP] iked_dh_get_group: DH Group 2 [Oct 14 10:44:53][LOCAL_IP <-> REMOTE_IP] iked_dh_generate_sync: Requested DH group 2 [Oct 14 10:44:53][LOCAL_IP <-> REMOTE_IP] iked_dh_generate_sync: Generated DH keys using hardware for DH group 2 [Oct 14 10:44:53][LOCAL_IP <-> REMOTE_IP] juniper_dlp_diffie_hellman_generate_async: DH Generate Secs [0] USecs [5968] [Oct 14 10:44:53][LOCAL_IP <-> REMOTE_IP] juniper_dlp_diffie_hellman_generate_async: Generated DH using hardware [Oct 14 10:44:53][LOCAL_IP <-> REMOTE_IP] ike_st_o_nonce: Start [Oct 14 10:44:53][LOCAL_IP <-> REMOTE_IP] ike_policy_reply_isakmp_nonce_data_len: Start [Oct 14 10:44:53][LOCAL_IP <-> REMOTE_IP] ike_st_o_private: Start [Oct 14 10:44:53][LOCAL_IP <-> REMOTE_IP] ike_policy_reply_private_payload_out: Start [Oct 14 10:44:53][LOCAL_IP <-> REMOTE_IP] ike_policy_reply_private_payload_out: Start [Oct 14 10:44:53][LOCAL_IP <-> REMOTE_IP] ike_policy_reply_private_payload_out: Start [Oct 14 10:44:53][LOCAL_IP <-> REMOTE_IP] ike_state_step: All done, new state = MM KE I (5) [Oct 14 10:44:53][LOCAL_IP <-> REMOTE_IP] ike_encode_packet: Start, SA = { 0xf9cfce40 8d2ed2d0 - d685accf 49237d78 } / 00000000, nego = -1 [Oct 14 10:44:53][LOCAL_IP <-> REMOTE_IP] ike_encode_packet: Final length = 228 [Oct 14 10:44:53][LOCAL_IP <-> REMOTE_IP] ike_send_packet: Start, send SA = { f9cfce40 8d2ed2d0 - d685accf 49237d78}, nego = -1, dst = REMOTE_IP:500, routing table id = 0 [Oct 14 10:44:53][LOCAL_IP <-> REMOTE_IP] ike_sa_find: Found SA = { f9cfce40 8d2ed2d0 - d685accf 49237d78 } [Oct 14 10:44:53][LOCAL_IP <-> REMOTE_IP] ikev2_packet_v1_start: Passing IKE v1.0 packet to IKEv1 library [Oct 14 10:44:53][LOCAL_IP <-> REMOTE_IP] ike_get_sa: Start, SA = { f9cfce40 8d2ed2d0 - d685accf 49237d78 } / 00000000, remote = REMOTE_IP:500 [Oct 14 10:44:53][LOCAL_IP <-> REMOTE_IP] ike_sa_find: Found SA = { f9cfce40 8d2ed2d0 - d685accf 49237d78 } [Oct 14 10:44:53][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { f9cfce40 8d2ed2d0 - d685accf 49237d78 [-1] / 0x00000000 } IP; Packet to old negotiation [Oct 14 10:44:53][LOCAL_IP <-> REMOTE_IP] ike_decode_packet: Start [Oct 14 10:44:53][LOCAL_IP <-> REMOTE_IP] ike_decode_packet: Start, SA = { f9cfce40 8d2ed2d0 - d685accf 49237d78} / 00000000, nego = -1 [Oct 14 10:44:53][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { f9cfce40 8d2ed2d0 - d685accf 49237d78 [-1] / 0x00000000 } IP; Version = 1.0, Input packet fields = 0012 KE NONCE [Oct 14 10:44:53][LOCAL_IP <-> REMOTE_IP] ike_state_step: Current state = MM KE I (5)/-1, exchange = 2, auth_method = pre shared key, Initiator [Oct 14 10:44:53][LOCAL_IP <-> REMOTE_IP] ike_st_i_nonce: Start, nonce[0..32] = 3971bd76 04f446cb ... [Oct 14 10:44:53][LOCAL_IP <-> REMOTE_IP] ike_st_i_ke: Ke[0..128] = 0748bbd9 7a8e8295 ... [Oct 14 10:44:53][LOCAL_IP <-> REMOTE_IP] ike_st_i_cr: Start [Oct 14 10:44:53][LOCAL_IP <-> REMOTE_IP] ike_st_i_cert: Start [Oct 14 10:44:53][LOCAL_IP <-> REMOTE_IP] ike_st_i_private: Start [Oct 14 10:44:53][LOCAL_IP <-> REMOTE_IP] ike_st_o_id: Start [Oct 14 10:44:53][LOCAL_IP <-> REMOTE_IP] ike_st_o_hash: Start [Oct 14 10:44:53][LOCAL_IP <-> REMOTE_IP] iked_dh_get_group: DH Group 2 [Oct 14 10:44:53][LOCAL_IP <-> REMOTE_IP] iked_dh_compute_synch: Requested DH group 2 [Oct 14 10:44:53][LOCAL_IP <-> REMOTE_IP] juniper_dlp_diffie_hellman_final_async: DH Compute Secs [0] USecs [5152] [Oct 14 10:44:53][LOCAL_IP <-> REMOTE_IP] juniper_dlp_diffie_hellman_final_async: Computed DH using hardware [Oct 14 10:44:53][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { f9cfce40 8d2ed2d0 - d685accf 49237d78 [-1] / 0x00000000 } IP; Diffie-hellman secret g^xy[128] = 0x99667e0f f966c537 a7a381a3 b082ab1e d7 [Oct 14 10:44:53][LOCAL_IP <-> REMOTE_IP] ike_find_pre_shared_key: Find pre shared key key for LOCAL_IP:500, id = ipv4(any:0,[0..3]=LOCAL_IP) -> REMOTE_IP:500, id = No Id [Oct 14 10:44:53][LOCAL_IP <-> REMOTE_IP] ike_policy_reply_find_pre_shared_key: Start [Oct 14 10:44:53][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { f9cfce40 8d2ed2d0 - d685accf 49237d78 [-1] / 0x00000000 } IP; Hash algorithm = hmac-sha1 [Oct 14 10:44:53][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { f9cfce40 8d2ed2d0 - d685accf 49237d78 [-1] / 0x00000000 } IP; Prf key[11] = 0x32303135 4d696172 657465 [Oct 14 10:44:53][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { f9cfce40 8d2ed2d0 - d685accf 49237d78 [-1] / 0x00000000 } IP; Calculating SKEYID [Oct 14 10:44:53][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { f9cfce40 8d2ed2d0 - d685accf 49237d78 [-1] / 0x00000000 } IP; Output of SKEYID hash[20] = 0xad09a6d2 c889805a 4fafab35 80593a1d 996f71f9 [Oct 14 10:44:53][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { f9cfce40 8d2ed2d0 - d685accf 49237d78 [-1] / 0x00000000 } IP; Output of SKEYID_d hash[20] = 0xb51e12c0 f738918e 2640a67f 528fbd10 a65ba8 [Oct 14 10:44:53][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { f9cfce40 8d2ed2d0 - d685accf 49237d78 [-1] / 0x00000000 } IP; Output of SKEYID_a hash[20] = 0x3d4e1159 c85d1ab3 47531676 b8c4a956 21c3ae [Oct 14 10:44:53][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { f9cfce40 8d2ed2d0 - d685accf 49237d78 [-1] / 0x00000000 } IP; Output SKEYID_e hash[20] = 0xcb3c8b50 fc783fc2 4326013d 3686e7b7 962b83e3 [Oct 14 10:44:53][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { f9cfce40 8d2ed2d0 - d685accf 49237d78 [-1] / 0x00000000 } IP; Final encryption key[16] = 0xcb3c8b50 fc783fc2 4326013d 3686e7b7 [Oct 14 10:44:53][LOCAL_IP <-> REMOTE_IP] ike_calc_mac: Start, initiator = true, local = true [Oct 14 10:44:53][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { f9cfce40 8d2ed2d0 - d685accf 49237d78 [-1] / 0x00000000 } IP; Output of HASH_I hash[20] = 0xa59ca63a 1b5dce3f 9e7826b5 7f3e6f18 de0a0ff2 [Oct 14 10:44:53][LOCAL_IP <-> REMOTE_IP] ike_st_o_status_n: Start [Oct 14 10:44:53][LOCAL_IP <-> REMOTE_IP] ike_st_o_private: Start [Oct 14 10:44:53][LOCAL_IP <-> REMOTE_IP] ike_policy_reply_private_payload_out: Start [Oct 14 10:44:53][LOCAL_IP <-> REMOTE_IP] ike_st_o_encrypt: Marking encryption for packet [Oct 14 10:44:53][LOCAL_IP <-> REMOTE_IP] ike_state_step: All done, new state = MM final I (7) [Oct 14 10:44:53][LOCAL_IP <-> REMOTE_IP] ike_encode_packet: Start, SA = { 0xf9cfce40 8d2ed2d0 - d685accf 49237d78 } / 00000000, nego = -1 [Oct 14 10:44:53][LOCAL_IP <-> REMOTE_IP] ike_encode_packet: Encrypting packet [Oct 14 10:44:53][LOCAL_IP <-> REMOTE_IP] ike_encode_packet: Final length = 76 [Oct 14 10:44:53][LOCAL_IP <-> REMOTE_IP] ike_send_packet: Start, send SA = { f9cfce40 8d2ed2d0 - d685accf 49237d78}, nego = -1, dst = REMOTE_IP:500, routing table id = 0 [Oct 14 10:44:53][LOCAL_IP <-> REMOTE_IP] ike_sa_find: Found SA = { f9cfce40 8d2ed2d0 - d685accf 49237d78 } [Oct 14 10:44:53][LOCAL_IP <-> REMOTE_IP] ikev2_packet_v1_start: Passing IKE v1.0 packet to IKEv1 library [Oct 14 10:44:53][LOCAL_IP <-> REMOTE_IP] ike_get_sa: Start, SA = { f9cfce40 8d2ed2d0 - d685accf 49237d78 } / 00000000, remote = REMOTE_IP:500 [Oct 14 10:44:53][LOCAL_IP <-> REMOTE_IP] ike_sa_find: Found SA = { f9cfce40 8d2ed2d0 - d685accf 49237d78 } [Oct 14 10:44:53][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { f9cfce40 8d2ed2d0 - d685accf 49237d78 [-1] / 0x00000000 } IP; Packet to old negotiation [Oct 14 10:44:53][LOCAL_IP <-> REMOTE_IP] ike_decode_packet: Start [Oct 14 10:44:53][LOCAL_IP <-> REMOTE_IP] ike_decode_packet: Start, SA = { f9cfce40 8d2ed2d0 - d685accf 49237d78} / 00000000, nego = -1 [Oct 14 10:44:53][LOCAL_IP <-> REMOTE_IP] ike_decode_packet: Decrypting packet [Oct 14 10:44:53][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { f9cfce40 8d2ed2d0 - d685accf 49237d78 [-1] / 0x00000000 } IP; Version = 1.0, Input packet fields = 0024 ID HASH [Oct 14 10:44:53][LOCAL_IP <-> REMOTE_IP] ike_state_step: Current state = MM final I (7)/-1, exchange = 2, auth_method = pre shared key, Initiator [Oct 14 10:44:53][LOCAL_IP <-> REMOTE_IP] ike_st_i_encrypt: Check that packet was encrypted succeeded [Oct 14 10:44:53][LOCAL_IP <-> REMOTE_IP] ike_st_i_id: Start [Oct 14 10:44:53][LOCAL_IP <-> REMOTE_IP] ike_st_i_hash: Start, hash[0..20] = 117712ea 1c3f57fa ... [Oct 14 10:44:53][LOCAL_IP <-> REMOTE_IP] ike_calc_mac: Start, initiator = true, local = false [Oct 14 10:44:53][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { f9cfce40 8d2ed2d0 - d685accf 49237d78 [-1] / 0x00000000 } IP; Output of HASH_R hash[20] = 0x117712ea 1c3f57fa 1841eafa 79561aa0 b6a189ec [Oct 14 10:44:53][LOCAL_IP <-> REMOTE_IP] ike_st_i_cert: Start [Oct 14 10:44:53][LOCAL_IP <-> REMOTE_IP] ike_st_i_private: Start [Oct 14 10:44:53][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { f9cfce40 8d2ed2d0 - d685accf 49237d78 [-1] / 0x00000000 } IP; dec->enc iv[16] = 0x7064958e 9e9f958d 49a2e89f 3c1fe353 [Oct 14 10:44:53][LOCAL_IP <-> REMOTE_IP] ike_st_o_wait_done: Marking for waiting for done [Oct 14 10:44:53][LOCAL_IP <-> REMOTE_IP] ike_st_o_all_done: MESSAGE: Phase 1 { 0xf9cfce40 8d2ed2d0 - 0xd685accf 49237d78 } / 00000000, version = 1.0, xchg = Identity protect, auth_method = Pre shared keys, Initiator, cipher = aes- [Oct 14 10:44:53][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { f9cfce40 8d2ed2d0 - d685accf 49237d78 [-1] / 0x00000000 } IP; MESSAGE: Phase 1 version = 1.0, auth_method = Pre shared keys, cipher = ae [Oct 14 10:44:53][LOCAL_IP <-> REMOTE_IP] ike_state_step: All done, new state = MM done I (9) [Oct 14 10:44:53][LOCAL_IP <-> REMOTE_IP] ikev2_fallback_negotiation_free: Fallback negotiation dfc800 has still 1 references [Oct 14 10:44:53][LOCAL_IP <-> REMOTE_IP] ike_send_notify: Connected, SA = { f9cfce40 8d2ed2d0 - d685accf 49237d78}, nego = -1 [Oct 14 10:44:53][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { f9cfce40 8d2ed2d0 - d685accf 49237d78 [-1] / 0x00000000 } IP; Connected [Oct 14 10:44:53][LOCAL_IP <-> REMOTE_IP] ike_process_packet: No output packet, returning [Oct 14 10:44:53][LOCAL_IP <-> REMOTE_IP] iked_pm_ike_sa_done: local:LOCAL_IP, remote:REMOTE_IP IKEv1 [Oct 14 10:44:53][LOCAL_IP <-> REMOTE_IP] IKE negotiation done for local:LOCAL_IP, remote:REMOTE_IP IKEv1 with status: Error ok [Oct 14 10:44:53][LOCAL_IP <-> REMOTE_IP] Parsing notification payload for local:LOCAL_IP, remote:REMOTE_IP IKEv1 [Oct 14 10:44:53][LOCAL_IP <-> REMOTE_IP] P1 SA 2593423 stop timer. timer duration 30, reason 1. [Oct 14 10:44:53][LOCAL_IP <-> REMOTE_IP] ssh_ike_connect_notify: Start, remote_name = :500, flags = 00010000 [Oct 14 10:44:53][LOCAL_IP <-> REMOTE_IP] ike_sa_find_ip_port: Remote = all:500, Found SA = { f9cfce40 8d2ed2d0 - d685accf 49237d78} [Oct 14 10:44:53][LOCAL_IP <-> REMOTE_IP] ike_alloc_negotiation: Start, SA = { f9cfce40 8d2ed2d0 - d685accf 49237d78} [Oct 14 10:44:53][LOCAL_IP <-> REMOTE_IP] ike_alloc_negotiation: Found slot 0, max 1 [Oct 14 10:44:53][LOCAL_IP <-> REMOTE_IP] :500 (Initiator) <-> REMOTE_IP:500 { f9cfce40 8d2ed2d0 - d685accf 49237d78 [0] / 0x45508821 } Info; Output of phase 2 IV hash[16] = 0x4d5d4d24 57bf258e 8e0cd731 5d6a4444 [Oct 14 10:44:53][LOCAL_IP <-> REMOTE_IP] ike_init_info_exchange: Created random message id = 45508821 [Oct 14 10:44:53][LOCAL_IP <-> REMOTE_IP] ike_init_info_exchange: Phase 1 done, use HASH and N or D payload [Oct 14 10:44:53][LOCAL_IP <-> REMOTE_IP] ssh_ike_connect_notify: SA = { f9cfce40 8d2ed2d0 - d685accf 49237d78}, nego = 0 [Oct 14 10:44:53][LOCAL_IP <-> REMOTE_IP] :500 (Initiator) <-> REMOTE_IP:500 { f9cfce40 8d2ed2d0 - d685accf 49237d78 [0] / 0x45508821 } Info; Start notify negotiation [Oct 14 10:44:53][LOCAL_IP <-> REMOTE_IP] ike_encode_packet: Start, SA = { 0xf9cfce40 8d2ed2d0 - d685accf 49237d78 } / 45508821, nego = 0 [Oct 14 10:44:53][LOCAL_IP <-> REMOTE_IP] ike_encode_packet: Encrypting packet [Oct 14 10:44:53][LOCAL_IP <-> REMOTE_IP] ike_encode_packet: Final length = 92 [Oct 14 10:44:53][LOCAL_IP <-> REMOTE_IP] ssh_ike_connect_notify: Sending notification to (null):500 [Oct 14 10:44:53][LOCAL_IP <-> REMOTE_IP] ike_send_packet: Start, send SA = { f9cfce40 8d2ed2d0 - d685accf 49237d78}, nego = 0, dst = REMOTE_IP:500, routing table id = 0 [Oct 14 10:44:53][LOCAL_IP <-> REMOTE_IP] ike_delete_negotiation: Start, SA = { f9cfce40 8d2ed2d0 - d685accf 49237d78}, nego = 0 [Oct 14 10:44:53][LOCAL_IP <-> REMOTE_IP] :500 (Initiator) <-> REMOTE_IP:500 { f9cfce40 8d2ed2d0 - d685accf 49237d78 [0] / 0x45508821 } Info; Deleting negotiation [Oct 14 10:44:53][LOCAL_IP <-> REMOTE_IP] ike_free_negotiation_info: Start, nego = 0 [Oct 14 10:44:53][LOCAL_IP <-> REMOTE_IP] ike_free_negotiation: Start, nego = 0 [Oct 14 10:44:53][LOCAL_IP <-> REMOTE_IP] iked_pm_ike_info_done_callback: P1 SA 2593423 (ref 2). pending req? 0, status: Error ok [Oct 14 10:44:53][LOCAL_IP <-> REMOTE_IP] ikev2_fallback_negotiation_free: Freeing fallback negotiation dfc800 [Oct 14 10:44:53][LOCAL_IP <-> REMOTE_IP] ike_sa_find: Found SA = { f9cfce40 8d2ed2d0 - d685accf 49237d78 } [Oct 14 10:44:53][LOCAL_IP <-> REMOTE_IP] ikev2_packet_v1_start: Passing IKE v1.0 packet to IKEv1 library [Oct 14 10:44:53][LOCAL_IP <-> REMOTE_IP] ike_get_sa: Start, SA = { f9cfce40 8d2ed2d0 - d685accf 49237d78 } / 55fe2696, remote = REMOTE_IP:500 [Oct 14 10:44:53][LOCAL_IP <-> REMOTE_IP] ike_sa_find: Found SA = { f9cfce40 8d2ed2d0 - d685accf 49237d78 } [Oct 14 10:44:53][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { f9cfce40 8d2ed2d0 - d685accf 49237d78 [-1] / 0x00000000 } IP; Version = 1.0, Input packet fields = 0024 ID HASH [Oct 14 10:44:53][LOCAL_IP <-> REMOTE_IP] ike_state_step: Current state = MM done I (9)/-1, exchange = 2, auth_method = pre shared key, Initiator [Oct 14 10:44:53][LOCAL_IP <-> REMOTE_IP] ike_st_o_done: ISAKMP SA negotiation done [Oct 14 10:44:53][LOCAL_IP <-> REMOTE_IP] ike_state_step: All done, new state = Done (30) [Oct 14 10:44:53][LOCAL_IP <-> REMOTE_IP] ike_udp_callback_common: Connected, sending notify [Oct 14 10:44:53][LOCAL_IP <-> REMOTE_IP] ike_send_notify: Connected, SA = { f9cfce40 8d2ed2d0 - d685accf 49237d78}, nego = -1 [Oct 14 10:44:53][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { f9cfce40 8d2ed2d0 - d685accf 49237d78 [-1] / 0x00000000 } IP; Connected [Oct 14 10:44:53][LOCAL_IP <-> REMOTE_IP] ike_free_negotiation_isakmp: Start, nego = -1 [Oct 14 10:44:53][LOCAL_IP <-> REMOTE_IP] ike_free_negotiation: Start, nego = -1 [Oct 14 10:44:53][LOCAL_IP <-> REMOTE_IP] ike_alloc_negotiation: Start, SA = { f9cfce40 8d2ed2d0 - d685accf 49237d78} [Oct 14 10:44:53][LOCAL_IP <-> REMOTE_IP] ike_alloc_negotiation: Found slot 0, max 1 [Oct 14 10:44:53][LOCAL_IP <-> REMOTE_IP] ike_init_cfg_negotiation: Start, initiator = 0, message_id = 55fe2696 [Oct 14 10:44:53][LOCAL_IP <-> REMOTE_IP] :500 (Responder) <-> REMOTE_IP:500 { f9cfce40 8d2ed2d0 - d685accf 49237d78 [0] / 0x55fe2696 } CFG; New negotiation [Oct 14 10:44:53][LOCAL_IP <-> REMOTE_IP] ikev2_fallback_negotiation_alloc: Allocated fallback negotiation dfc800 [Oct 14 10:44:53][LOCAL_IP <-> REMOTE_IP] ikev2_fb_alloc_cfgmode_negotiation: Accepting new Cfg/XAuth negotiation: local=:500, remote=REMOTE_IP:500 [Oct 14 10:44:53][LOCAL_IP <-> REMOTE_IP] :500 (Responder) <-> REMOTE_IP:500 { f9cfce40 8d2ed2d0 - d685accf 49237d78 [0] / 0x55fe2696 } CFG; Output of phase 2 IV hash[16] = 0x243997b4 ac96cc13 c8a52ec1 8b3c473b [Oct 14 10:44:53][LOCAL_IP <-> REMOTE_IP] ike_decode_packet: Start [Oct 14 10:44:53][LOCAL_IP <-> REMOTE_IP] ike_decode_packet: Start, SA = { f9cfce40 8d2ed2d0 - d685accf 49237d78} / 55fe2696, nego = 0 [Oct 14 10:44:53][LOCAL_IP <-> REMOTE_IP] ike_decode_packet: Decrypting packet [Oct 14 10:44:53][LOCAL_IP <-> REMOTE_IP] ike_decode_payload_attr: Start [Oct 14 10:44:53][LOCAL_IP <-> REMOTE_IP] :500 (Responder) <-> REMOTE_IP:500 { f9cfce40 8d2ed2d0 - d685accf 49237d78 [0] / 0x55fe2696 } CFG; Version = 1.0, Input packet fields = 0820 HASH ATTR [Oct 14 10:44:53][LOCAL_IP <-> REMOTE_IP] ike_state_step: Current state = Start CFG R (26)/-1, exchange = 6, auth_method = any, Responder [Oct 14 10:44:53][LOCAL_IP <-> REMOTE_IP] ike_st_i_encrypt: Check that packet was encrypted succeeded [Oct 14 10:44:53][LOCAL_IP <-> REMOTE_IP] ike_st_i_gen_hash: Start, hash[0..20] = 59dfddde 53cd5f41 ... [Oct 14 10:44:53][LOCAL_IP <-> REMOTE_IP] ike_st_i_cfg_attr: Start [Oct 14 10:44:53][LOCAL_IP <-> REMOTE_IP] ike_process_packet: No output packet, returning [Oct 14 10:44:53][LOCAL_IP <-> REMOTE_IP] ike_cfg_attrs_reply: Start [Oct 14 10:44:53][LOCAL_IP <-> REMOTE_IP] ikev2_fallback_negotiation_free: Fallback negotiation dfc800 has still 2 references [Oct 14 10:44:53][LOCAL_IP <-> REMOTE_IP] ikev2_fallback_negotiation_free: Fallback negotiation dfc800 has still 1 references [Oct 14 10:44:53][LOCAL_IP <-> REMOTE_IP] ikev2_fallback_negotiation_free: Freeing fallback negotiation dfc800 [Oct 14 10:44:54][LOCAL_IP <-> REMOTE_IP] ike_sa_find: Found SA = { f9cfce40 8d2ed2d0 - d685accf 49237d78 } [Oct 14 10:44:54][LOCAL_IP <-> REMOTE_IP] ikev2_packet_v1_start: Passing IKE v1.0 packet to IKEv1 library [Oct 14 10:44:54][LOCAL_IP <-> REMOTE_IP] ike_get_sa: Start, SA = { f9cfce40 8d2ed2d0 - d685accf 49237d78 } / e57e4a13, remote = REMOTE_IP:500 [Oct 14 10:44:54][LOCAL_IP <-> REMOTE_IP] ike_sa_find: Found SA = { f9cfce40 8d2ed2d0 - d685accf 49237d78 } [Oct 14 10:44:54][LOCAL_IP <-> REMOTE_IP] ike_alloc_negotiation: Start, SA = { f9cfce40 8d2ed2d0 - d685accf 49237d78} [Oct 14 10:44:54][LOCAL_IP <-> REMOTE_IP] ike_alloc_negotiation: Found slot 1, max 2 [Oct 14 10:44:54][LOCAL_IP <-> REMOTE_IP] :500 (Responder) <-> REMOTE_IP:500 { f9cfce40 8d2ed2d0 - d685accf 49237d78 [1] / 0xe57e4a13 } Info; New informational negotiation [Oct 14 10:44:54][LOCAL_IP <-> REMOTE_IP] :500 (Responder) <-> REMOTE_IP:500 { f9cfce40 8d2ed2d0 - d685accf 49237d78 [1] / 0xe57e4a13 } Info; Packet to old negotiation [Oct 14 10:44:54][LOCAL_IP <-> REMOTE_IP] :500 (Responder) <-> REMOTE_IP:500 { f9cfce40 8d2ed2d0 - d685accf 49237d78 [1] / 0xe57e4a13 } Info; Output of phase 2 IV hash[16] = 0x27e2328c 002fc610 4f80c88c 78e26339 [Oct 14 10:44:54][LOCAL_IP <-> REMOTE_IP] ike_decode_packet: Start [Oct 14 10:44:54][LOCAL_IP <-> REMOTE_IP] ike_decode_packet: Start, SA = { f9cfce40 8d2ed2d0 - d685accf 49237d78} / e57e4a13, nego = 1 [Oct 14 10:44:54][LOCAL_IP <-> REMOTE_IP] ike_decode_packet: Decrypting packet [Oct 14 10:44:54][LOCAL_IP <-> REMOTE_IP] :500 (Responder) <-> REMOTE_IP:500 { f9cfce40 8d2ed2d0 - d685accf 49237d78 [1] / 0xe57e4a13 } Info; Version = 1.0, Input packet fields = 0220 HASH N [Oct 14 10:44:54][LOCAL_IP <-> REMOTE_IP] ike_state_step: Current state = Done (30)/-1, exchange = 5, auth_method = any, Responder [Oct 14 10:44:54][LOCAL_IP <-> REMOTE_IP] ike_st_i_encrypt: Check that packet was encrypted succeeded [Oct 14 10:44:54][LOCAL_IP <-> REMOTE_IP] ike_st_i_gen_hash: Start, hash[0..20] = 1567d938 ca5d944b ... [Oct 14 10:44:54][LOCAL_IP <-> REMOTE_IP] ike_st_i_n: Start, doi = 1, protocol = 1, code = Payload malformed (16), spi[0..0] = 00000000 00000000 ..., data[0..0] = 00000000 00000000 ... [Oct 14 10:44:54][LOCAL_IP <-> REMOTE_IP] :500 (Responder) <-> REMOTE_IP:500 { f9cfce40 8d2ed2d0 - d685accf 49237d78 [1] / 0xe57e4a13 } Info; Received notify err = Payload malformed (16) to isakmp sa, delete it [Oct 14 10:44:54][LOCAL_IP <-> REMOTE_IP] ike_st_i_private: Start [Oct 14 10:44:54][LOCAL_IP <-> REMOTE_IP] ike_state_step: All done, new state = Done (30) [Oct 14 10:44:54][LOCAL_IP <-> REMOTE_IP] ike_process_packet: Connected, sending notify [Oct 14 10:44:54][LOCAL_IP <-> REMOTE_IP] ike_send_notify: Connected, SA = { f9cfce40 8d2ed2d0 - d685accf 49237d78}, nego = 1 [Oct 14 10:44:54][LOCAL_IP <-> REMOTE_IP] :500 (Responder) <-> REMOTE_IP:500 { f9cfce40 8d2ed2d0 - d685accf 49237d78 [1] / 0xe57e4a13 } Info; Connected [Oct 14 10:44:54][LOCAL_IP <-> REMOTE_IP] ike_delete_negotiation: Start, SA = { f9cfce40 8d2ed2d0 - d685accf 49237d78}, nego = 1 [Oct 14 10:44:54][LOCAL_IP <-> REMOTE_IP] :500 (Responder) <-> REMOTE_IP:500 { f9cfce40 8d2ed2d0 - d685accf 49237d78 [1] / 0xe57e4a13 } Info; Deleting negotiation [Oct 14 10:44:54][LOCAL_IP <-> REMOTE_IP] ike_free_negotiation_info: Start, nego = 1 [Oct 14 10:44:54][LOCAL_IP <-> REMOTE_IP] ike_free_negotiation: Start, nego = 1 [Oct 14 10:44:54][LOCAL_IP <-> REMOTE_IP] ike_remove_callback: Start, delete SA = { f9cfce40 8d2ed2d0 - d685accf 49237d78}, nego = -1 [Oct 14 10:44:54][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { f9cfce40 8d2ed2d0 - d685accf 49237d78 [-1] / unknown } IP; Removing negotiation [Oct 14 10:44:54][LOCAL_IP <-> REMOTE_IP] ike_delete_negotiation: Start, SA = { f9cfce40 8d2ed2d0 - d685accf 49237d78}, nego = -1 [Oct 14 10:44:54][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { f9cfce40 8d2ed2d0 - d685accf 49237d78 [-1] / unknown } IP; Deleting negotiation [Oct 14 10:44:54][LOCAL_IP <-> REMOTE_IP] ssh_ike_tunnel_table_entry_delete: Deleting tunnel_id: 0 from IKE tunnel table [Oct 14 10:44:54][LOCAL_IP <-> REMOTE_IP] ssh_ike_tunnel_table_entry_delete: The tunnel id: 0 doesn't exist in IKE tunnel table [Oct 14 10:44:54][LOCAL_IP <-> REMOTE_IP] ike_sa_delete: Start, SA = { f9cfce40 8d2ed2d0 - d685accf 49237d78 } [Oct 14 10:44:54][LOCAL_IP <-> REMOTE_IP] ike_free_negotiation_cfg: Start, nego = 0 [Oct 14 10:44:54][LOCAL_IP <-> REMOTE_IP] ike_free_negotiation: Start, nego = 0 [Oct 14 10:44:54][LOCAL_IP <-> REMOTE_IP] ike_free_negotiation_isakmp: Start, nego = -1 [Oct 14 10:44:54][LOCAL_IP <-> REMOTE_IP] ike_free_negotiation: Start, nego = -1 [Oct 14 10:44:54][LOCAL_IP <-> REMOTE_IP] ikev2_fb_isakmp_sa_freed: Received notification from the ISAKMP library that the IKE SA df6400 is freed [Oct 14 10:44:54][LOCAL_IP <-> REMOTE_IP] IKE SA delete called for p1 sa 2593423 (ref cnt 1) local:LOCAL_IP, remote:REMOTE_IP, IKEv1 [Oct 14 10:44:54][LOCAL_IP <-> REMOTE_IP] P1 SA 2593423 stop timer. timer duration 30, reason 0. [Oct 14 10:44:54][LOCAL_IP <-> REMOTE_IP] iked_pm_p1_sa_destroy: p1 sa 2593423 (ref cnt 0), waiting_for_del 0x0 [Oct 14 10:44:54][LOCAL_IP <-> REMOTE_IP] iked_peer_remove_p1sa_entry: Remove p1 sa 2593423 from peer entry 0x9cc400 [Oct 14 10:44:54][LOCAL_IP <-> REMOTE_IP] ike_free_id_payload: Start, id type = 1 [Oct 14 10:44:54][LOCAL_IP <-> REMOTE_IP] ike_free_id_payload: Start, id type = 1 [Oct 14 10:44:54][LOCAL_IP <-> REMOTE_IP] ike_free_sa: Start [Oct 14 10:44:57][LOCAL_IP <-> REMOTE_IP] ike_sa_find: Not found SA = { f9cfce40 8d2ed2d0 - d685accf 49237d78 } [Oct 14 10:44:57][LOCAL_IP <-> REMOTE_IP] ikev2_packet_v1_start: Passing IKE v1.0 packet to IKEv1 library [Oct 14 10:44:57][LOCAL_IP <-> REMOTE_IP] ike_get_sa: Start, SA = { f9cfce40 8d2ed2d0 - d685accf 49237d78 } / 55fe2696, remote = REMOTE_IP:500 [Oct 14 10:44:57][LOCAL_IP <-> REMOTE_IP] ike_sa_find: Not found SA = { f9cfce40 8d2ed2d0 - d685accf 49237d78 } [Oct 14 10:44:57][LOCAL_IP <-> REMOTE_IP] ike_sa_find_half: Not found half SA = { f9cfce40 8d2ed2d0 - 00000000 00000000 } [Oct 14 10:44:57][LOCAL_IP <-> REMOTE_IP] ike_get_sa: Invalid cookie, no sa found, SA = { f9cfce40 8d2ed2d0 - d685accf 49237d78 } / 55fe2696, remote = REMOTE_IP:500 [Oct 14 10:44:57][LOCAL_IP <-> REMOTE_IP] iked_pv_audit_callback: Empty SSH audit event [Oct 14 10:44:57][LOCAL_IP <-> REMOTE_IP] unknown (unknown) <-> unknown { unknown [unknown] / unknown } unknown; Packet to unknown Isakmp SA, ip = REMOTE_IP:500 [Oct 14 10:45:03][LOCAL_IP <-> REMOTE_IP] Received DPD Trigger message with local_gw_addr = LOCAL_IP remote_gw_addr = REMOTE_IP [Oct 14 10:45:03][LOCAL_IP <-> REMOTE_IP] DPD -> TTL decrement 4 (no-response) for remote peer REMOTE_IP [Oct 14 10:45:03][LOCAL_IP <-> REMOTE_IP] P1 SA 2593424 start timer. timer duration 30, reason 1. [Oct 14 10:45:03][LOCAL_IP <-> REMOTE_IP] iked_peer_insert_p1sa_entry: Insert p1 sa 2593424 in peer entry 0x9cc400 [Oct 14 10:45:03][LOCAL_IP <-> REMOTE_IP] ikev2_fallback_negotiation_alloc: Allocated fallback negotiation dfc800 [Oct 14 10:45:03][LOCAL_IP <-> REMOTE_IP] Parsing notification payload for local:LOCAL_IP, remote:REMOTE_IP IKEv1 [Oct 14 10:45:03][LOCAL_IP <-> REMOTE_IP] IKE SA fill called for negotiation of local:LOCAL_IP, remote:REMOTE_IP IKEv1 [Oct 14 10:45:03][LOCAL_IP <-> REMOTE_IP] ikev2_fallback_negotiation_free: Fallback negotiation dfc800 has still 1 references [Oct 14 10:45:03][LOCAL_IP <-> REMOTE_IP] ssh_ike_connect: Start, remote_name = REMOTE_IP:500, xchg = 2, flags = 00080000 [Oct 14 10:45:03][LOCAL_IP <-> REMOTE_IP] ike_sa_allocate: Start, SA = { f2621e6a 8cc04926 - 00000000 00000000 } [Oct 14 10:45:03][LOCAL_IP <-> REMOTE_IP] ike_init_isakmp_sa: Start, remote = REMOTE_IP:500, initiator = 1 [Oct 14 10:45:03][LOCAL_IP <-> REMOTE_IP] ssh_ike_connect: SA = { f2621e6a 8cc04926 - 00000000 00000000}, nego = -1 [Oct 14 10:45:03][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { f2621e6a 8cc04926 - 00000000 00000000 [-1] / 0x00000000 } IP; Start isakmp sa negotiation [Oct 14 10:45:03][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { f2621e6a 8cc04926 - 00000000 00000000 [-1] / 0x00000000 } IP; Version = 1.0, Input packet fields = 0000 [Oct 14 10:45:03][LOCAL_IP <-> REMOTE_IP] ike_state_step: Current state = Start sa negotiation I (1)/-1, exchange = 2, auth_method = pre shared key, Initiator [Oct 14 10:45:03][LOCAL_IP <-> REMOTE_IP] ike_st_o_sa_proposal: Start [Oct 14 10:45:03][LOCAL_IP <-> REMOTE_IP] ike_policy_reply_isakmp_vendor_ids: Start [Oct 14 10:45:03][LOCAL_IP <-> REMOTE_IP] ike_st_o_private: Start [Oct 14 10:45:03][LOCAL_IP <-> REMOTE_IP] ike_policy_reply_private_payload_out: Start [Oct 14 10:45:03][LOCAL_IP <-> REMOTE_IP] ike_state_step: All done, new state = MM SA I (3) [Oct 14 10:45:03][LOCAL_IP <-> REMOTE_IP] ike_encode_packet: Start, SA = { 0xf2621e6a 8cc04926 - 00000000 00000000 } / 00000000, nego = -1 [Oct 14 10:45:03][LOCAL_IP <-> REMOTE_IP] ike_encode_packet: Final length = 288 [Oct 14 10:45:03][LOCAL_IP <-> REMOTE_IP] ike_send_packet: Start, send SA = { f2621e6a 8cc04926 - 00000000 00000000}, nego = -1, dst = REMOTE_IP:500, routing table id = 0 [Oct 14 10:45:03][LOCAL_IP <-> REMOTE_IP] ike_sa_find: Not found SA = { f2621e6a 8cc04926 - 0bebf9a4 240606c0 } [Oct 14 10:45:03][LOCAL_IP <-> REMOTE_IP] ikev2_packet_v1_start: Passing IKE v1.0 packet to IKEv1 library [Oct 14 10:45:03][LOCAL_IP <-> REMOTE_IP] ike_get_sa: Start, SA = { f2621e6a 8cc04926 - 0bebf9a4 240606c0 } / 00000000, remote = REMOTE_IP:500 [Oct 14 10:45:03][LOCAL_IP <-> REMOTE_IP] ike_sa_find: Not found SA = { f2621e6a 8cc04926 - 0bebf9a4 240606c0 } [Oct 14 10:45:03][LOCAL_IP <-> REMOTE_IP] ike_sa_find_half: Found half SA = { f2621e6a 8cc04926 - 00000000 00000000 } [Oct 14 10:45:03][LOCAL_IP <-> REMOTE_IP] ike_get_sa: We are intiator, first response packet [Oct 14 10:45:03][LOCAL_IP <-> REMOTE_IP] ike_sa_upgrade: Start, SA = { f2621e6a 8cc04926 - 00000000 00000000 } -> { ... - 0bebf9a4 240606c0 } [Oct 14 10:45:03][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { f2621e6a 8cc04926 - 0bebf9a4 240606c0 [-1] / 0x00000000 } IP; Packet to old negotiation [Oct 14 10:45:03][LOCAL_IP <-> REMOTE_IP] ike_decode_packet: Start [Oct 14 10:45:03][LOCAL_IP <-> REMOTE_IP] ike_decode_packet: Start, SA = { f2621e6a 8cc04926 - 0bebf9a4 240606c0} / 00000000, nego = -1 [Oct 14 10:45:03][LOCAL_IP <-> REMOTE_IP] ike_decode_payload_sa: Start [Oct 14 10:45:03][LOCAL_IP <-> REMOTE_IP] ike_decode_payload_sa: Found 1 proposals [Oct 14 10:45:03][LOCAL_IP <-> REMOTE_IP] ike_decode_payload_t: Start, # trans = 1 [Oct 14 10:45:03][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { f2621e6a 8cc04926 - 0bebf9a4 240606c0 [-1] / 0x00000000 } IP; Version = 1.0, Input packet fields = 0401 SA VID [Oct 14 10:45:03][LOCAL_IP <-> REMOTE_IP] ike_state_step: Current state = MM SA I (3)/-1, exchange = 2, auth_method = pre shared key, Initiator [Oct 14 10:45:03][LOCAL_IP <-> REMOTE_IP] ike_st_i_sa_value: Start [Oct 14 10:45:03][LOCAL_IP <-> REMOTE_IP] ike_st_i_cr: Start [Oct 14 10:45:03][LOCAL_IP <-> REMOTE_IP] ike_st_i_cert: Start [Oct 14 10:45:03][LOCAL_IP <-> REMOTE_IP] ike_st_i_vid: VID[0..8] = 09002689 dfd6b712 ... [Oct 14 10:45:03][LOCAL_IP <-> REMOTE_IP] ike_st_i_vid: VID[0..16] = afcad713 68a1f1c9 ... [Oct 14 10:45:03][LOCAL_IP <-> REMOTE_IP] ike_st_i_vid: VID[0..16] = 12f5f28c 457168a9 ... [Oct 14 10:45:03][LOCAL_IP <-> REMOTE_IP] ike_st_i_vid: VID[0..16] = 4a131c81 07035845 ... [Oct 14 10:45:03][LOCAL_IP <-> REMOTE_IP] ike_st_i_private: Start [Oct 14 10:45:03][LOCAL_IP <-> REMOTE_IP] ike_st_o_ke: Start [Oct 14 10:45:03][LOCAL_IP <-> REMOTE_IP] iked_dh_get_group: DH Group 2 [Oct 14 10:45:03][LOCAL_IP <-> REMOTE_IP] iked_dh_generate_sync: Requested DH group 2 [Oct 14 10:45:03][LOCAL_IP <-> REMOTE_IP] iked_dh_generate_sync: Generated DH keys using hardware for DH group 2 [Oct 14 10:45:03][LOCAL_IP <-> REMOTE_IP] juniper_dlp_diffie_hellman_generate_async: DH Generate Secs [0] USecs [5993] [Oct 14 10:45:03][LOCAL_IP <-> REMOTE_IP] juniper_dlp_diffie_hellman_generate_async: Generated DH using hardware [Oct 14 10:45:03][LOCAL_IP <-> REMOTE_IP] ike_st_o_nonce: Start [Oct 14 10:45:03][LOCAL_IP <-> REMOTE_IP] ike_policy_reply_isakmp_nonce_data_len: Start [Oct 14 10:45:03][LOCAL_IP <-> REMOTE_IP] ike_st_o_private: Start [Oct 14 10:45:03][LOCAL_IP <-> REMOTE_IP] ike_policy_reply_private_payload_out: Start [Oct 14 10:45:03][LOCAL_IP <-> REMOTE_IP] ike_policy_reply_private_payload_out: Start [Oct 14 10:45:03][LOCAL_IP <-> REMOTE_IP] ike_policy_reply_private_payload_out: Start [Oct 14 10:45:03][LOCAL_IP <-> REMOTE_IP] ike_state_step: All done, new state = MM KE I (5) [Oct 14 10:45:03][LOCAL_IP <-> REMOTE_IP] ike_encode_packet: Start, SA = { 0xf2621e6a 8cc04926 - 0bebf9a4 240606c0 } / 00000000, nego = -1 [Oct 14 10:45:03][LOCAL_IP <-> REMOTE_IP] ike_encode_packet: Final length = 228 [Oct 14 10:45:03][LOCAL_IP <-> REMOTE_IP] ike_send_packet: Start, send SA = { f2621e6a 8cc04926 - 0bebf9a4 240606c0}, nego = -1, dst = REMOTE_IP:500, routing table id = 0 [Oct 14 10:45:03][LOCAL_IP <-> REMOTE_IP] ike_sa_find: Found SA = { f2621e6a 8cc04926 - 0bebf9a4 240606c0 } [Oct 14 10:45:03][LOCAL_IP <-> REMOTE_IP] ikev2_packet_v1_start: Passing IKE v1.0 packet to IKEv1 library [Oct 14 10:45:03][LOCAL_IP <-> REMOTE_IP] ike_get_sa: Start, SA = { f2621e6a 8cc04926 - 0bebf9a4 240606c0 } / 00000000, remote = REMOTE_IP:500 [Oct 14 10:45:03][LOCAL_IP <-> REMOTE_IP] ike_sa_find: Found SA = { f2621e6a 8cc04926 - 0bebf9a4 240606c0 } [Oct 14 10:45:03][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { f2621e6a 8cc04926 - 0bebf9a4 240606c0 [-1] / 0x00000000 } IP; Packet to old negotiation [Oct 14 10:45:03][LOCAL_IP <-> REMOTE_IP] ike_decode_packet: Start [Oct 14 10:45:03][LOCAL_IP <-> REMOTE_IP] ike_decode_packet: Start, SA = { f2621e6a 8cc04926 - 0bebf9a4 240606c0} / 00000000, nego = -1 [Oct 14 10:45:03][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { f2621e6a 8cc04926 - 0bebf9a4 240606c0 [-1] / 0x00000000 } IP; Version = 1.0, Input packet fields = 0012 KE NONCE [Oct 14 10:45:03][LOCAL_IP <-> REMOTE_IP] ike_state_step: Current state = MM KE I (5)/-1, exchange = 2, auth_method = pre shared key, Initiator [Oct 14 10:45:03][LOCAL_IP <-> REMOTE_IP] ike_st_i_nonce: Start, nonce[0..32] = 9c592289 ebe59897 ... [Oct 14 10:45:03][LOCAL_IP <-> REMOTE_IP] ike_st_i_ke: Ke[0..128] = 144a1c36 77a0e349 ... [Oct 14 10:45:03][LOCAL_IP <-> REMOTE_IP] ike_st_i_cr: Start [Oct 14 10:45:03][LOCAL_IP <-> REMOTE_IP] ike_st_i_cert: Start [Oct 14 10:45:03][LOCAL_IP <-> REMOTE_IP] ike_st_i_private: Start [Oct 14 10:45:03][LOCAL_IP <-> REMOTE_IP] ike_st_o_id: Start [Oct 14 10:45:03][LOCAL_IP <-> REMOTE_IP] ike_st_o_hash: Start [Oct 14 10:45:03][LOCAL_IP <-> REMOTE_IP] iked_dh_get_group: DH Group 2 [Oct 14 10:45:03][LOCAL_IP <-> REMOTE_IP] iked_dh_compute_synch: Requested DH group 2 [Oct 14 10:45:03][LOCAL_IP <-> REMOTE_IP] juniper_dlp_diffie_hellman_final_async: DH Compute Secs [0] USecs [5491] [Oct 14 10:45:03][LOCAL_IP <-> REMOTE_IP] juniper_dlp_diffie_hellman_final_async: Computed DH using hardware [Oct 14 10:45:03][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { f2621e6a 8cc04926 - 0bebf9a4 240606c0 [-1] / 0x00000000 } IP; Diffie-hellman secret g^xy[128] = 0x88b7ca04 a759afbf 3d16e854 a44b232e cf [Oct 14 10:45:03][LOCAL_IP <-> REMOTE_IP] ike_find_pre_shared_key: Find pre shared key key for LOCAL_IP:500, id = ipv4(any:0,[0..3]=LOCAL_IP) -> REMOTE_IP:500, id = No Id [Oct 14 10:45:03][LOCAL_IP <-> REMOTE_IP] ike_policy_reply_find_pre_shared_key: Start [Oct 14 10:45:03][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { f2621e6a 8cc04926 - 0bebf9a4 240606c0 [-1] / 0x00000000 } IP; Hash algorithm = hmac-sha1 [Oct 14 10:45:03][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { f2621e6a 8cc04926 - 0bebf9a4 240606c0 [-1] / 0x00000000 } IP; Prf key[11] = 0x32303135 4d696172 657465 [Oct 14 10:45:03][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { f2621e6a 8cc04926 - 0bebf9a4 240606c0 [-1] / 0x00000000 } IP; Calculating SKEYID [Oct 14 10:45:03][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { f2621e6a 8cc04926 - 0bebf9a4 240606c0 [-1] / 0x00000000 } IP; Output of SKEYID hash[20] = 0xab094580 d79ea1b3 99b8d16a f3361b99 e5e8affe [Oct 14 10:45:03][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { f2621e6a 8cc04926 - 0bebf9a4 240606c0 [-1] / 0x00000000 } IP; Output of SKEYID_d hash[20] = 0x7233600f 613751d1 bd68c033 e78aa014 3400f2 [Oct 14 10:45:03][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { f2621e6a 8cc04926 - 0bebf9a4 240606c0 [-1] / 0x00000000 } IP; Output of SKEYID_a hash[20] = 0x45a91832 298f6a83 46d9114e fcdc5287 02e448 [Oct 14 10:45:03][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { f2621e6a 8cc04926 - 0bebf9a4 240606c0 [-1] / 0x00000000 } IP; Output SKEYID_e hash[20] = 0x3cd13488 beed38fd 1bc4e5af 74cd7598 83872236 [Oct 14 10:45:03][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { f2621e6a 8cc04926 - 0bebf9a4 240606c0 [-1] / 0x00000000 } IP; Final encryption key[16] = 0x3cd13488 beed38fd 1bc4e5af 74cd7598 [Oct 14 10:45:03][LOCAL_IP <-> REMOTE_IP] ike_calc_mac: Start, initiator = true, local = true [Oct 14 10:45:03][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { f2621e6a 8cc04926 - 0bebf9a4 240606c0 [-1] / 0x00000000 } IP; Output of HASH_I hash[20] = 0x220086c4 ac469b61 2e13bdab 67d1f110 577f5ea1 [Oct 14 10:45:03][LOCAL_IP <-> REMOTE_IP] ike_st_o_status_n: Start [Oct 14 10:45:03][LOCAL_IP <-> REMOTE_IP] ike_st_o_private: Start [Oct 14 10:45:03][LOCAL_IP <-> REMOTE_IP] ike_policy_reply_private_payload_out: Start [Oct 14 10:45:03][LOCAL_IP <-> REMOTE_IP] ike_st_o_encrypt: Marking encryption for packet [Oct 14 10:45:03][LOCAL_IP <-> REMOTE_IP] ike_state_step: All done, new state = MM final I (7) [Oct 14 10:45:03][LOCAL_IP <-> REMOTE_IP] ike_encode_packet: Start, SA = { 0xf2621e6a 8cc04926 - 0bebf9a4 240606c0 } / 00000000, nego = -1 [Oct 14 10:45:03][LOCAL_IP <-> REMOTE_IP] ike_encode_packet: Encrypting packet [Oct 14 10:45:03][LOCAL_IP <-> REMOTE_IP] ike_encode_packet: Final length = 76 [Oct 14 10:45:03][LOCAL_IP <-> REMOTE_IP] ike_send_packet: Start, send SA = { f2621e6a 8cc04926 - 0bebf9a4 240606c0}, nego = -1, dst = REMOTE_IP:500, routing table id = 0 [Oct 14 10:45:04][LOCAL_IP <-> REMOTE_IP] ike_sa_find: Found SA = { f2621e6a 8cc04926 - 0bebf9a4 240606c0 } [Oct 14 10:45:04][LOCAL_IP <-> REMOTE_IP] ikev2_packet_v1_start: Passing IKE v1.0 packet to IKEv1 library [Oct 14 10:45:04][LOCAL_IP <-> REMOTE_IP] ike_get_sa: Start, SA = { f2621e6a 8cc04926 - 0bebf9a4 240606c0 } / 00000000, remote = REMOTE_IP:500 [Oct 14 10:45:04][LOCAL_IP <-> REMOTE_IP] ike_sa_find: Found SA = { f2621e6a 8cc04926 - 0bebf9a4 240606c0 } [Oct 14 10:45:04][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { f2621e6a 8cc04926 - 0bebf9a4 240606c0 [-1] / 0x00000000 } IP; Packet to old negotiation [Oct 14 10:45:04][LOCAL_IP <-> REMOTE_IP] ike_decode_packet: Start [Oct 14 10:45:04][LOCAL_IP <-> REMOTE_IP] ike_decode_packet: Start, SA = { f2621e6a 8cc04926 - 0bebf9a4 240606c0} / 00000000, nego = -1 [Oct 14 10:45:04][LOCAL_IP <-> REMOTE_IP] ike_decode_packet: Decrypting packet [Oct 14 10:45:04][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { f2621e6a 8cc04926 - 0bebf9a4 240606c0 [-1] / 0x00000000 } IP; Version = 1.0, Input packet fields = 0024 ID HASH [Oct 14 10:45:04][LOCAL_IP <-> REMOTE_IP] ike_state_step: Current state = MM final I (7)/-1, exchange = 2, auth_method = pre shared key, Initiator [Oct 14 10:45:04][LOCAL_IP <-> REMOTE_IP] ike_st_i_encrypt: Check that packet was encrypted succeeded [Oct 14 10:45:04][LOCAL_IP <-> REMOTE_IP] ike_st_i_id: Start [Oct 14 10:45:04][LOCAL_IP <-> REMOTE_IP] ike_st_i_hash: Start, hash[0..20] = 32505efc e3e5cb3f ... [Oct 14 10:45:04][LOCAL_IP <-> REMOTE_IP] ike_calc_mac: Start, initiator = true, local = false [Oct 14 10:45:04][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { f2621e6a 8cc04926 - 0bebf9a4 240606c0 [-1] / 0x00000000 } IP; Output of HASH_R hash[20] = 0x32505efc e3e5cb3f 095a512b b9bf6088 a794b68e [Oct 14 10:45:04][LOCAL_IP <-> REMOTE_IP] ike_st_i_cert: Start [Oct 14 10:45:04][LOCAL_IP <-> REMOTE_IP] ike_st_i_private: Start [Oct 14 10:45:04][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { f2621e6a 8cc04926 - 0bebf9a4 240606c0 [-1] / 0x00000000 } IP; dec->enc iv[16] = 0x225ac24c 2466bb6d f382a1f2 786e853f [Oct 14 10:45:04][LOCAL_IP <-> REMOTE_IP] ike_st_o_wait_done: Marking for waiting for done [Oct 14 10:45:04][LOCAL_IP <-> REMOTE_IP] ike_st_o_all_done: MESSAGE: Phase 1 { 0xf2621e6a 8cc04926 - 0x0bebf9a4 240606c0 } / 00000000, version = 1.0, xchg = Identity protect, auth_method = Pre shared keys, Initiator, cipher = aes- [Oct 14 10:45:04][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { f2621e6a 8cc04926 - 0bebf9a4 240606c0 [-1] / 0x00000000 } IP; MESSAGE: Phase 1 version = 1.0, auth_method = Pre shared keys, cipher = ae [Oct 14 10:45:04][LOCAL_IP <-> REMOTE_IP] ike_state_step: All done, new state = MM done I (9) [Oct 14 10:45:04][LOCAL_IP <-> REMOTE_IP] ikev2_fallback_negotiation_free: Fallback negotiation dfc800 has still 1 references [Oct 14 10:45:04][LOCAL_IP <-> REMOTE_IP] ike_send_notify: Connected, SA = { f2621e6a 8cc04926 - 0bebf9a4 240606c0}, nego = -1 [Oct 14 10:45:04][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { f2621e6a 8cc04926 - 0bebf9a4 240606c0 [-1] / 0x00000000 } IP; Connected [Oct 14 10:45:04][LOCAL_IP <-> REMOTE_IP] ike_process_packet: No output packet, returning [Oct 14 10:45:04][LOCAL_IP <-> REMOTE_IP] iked_pm_ike_sa_done: local:LOCAL_IP, remote:REMOTE_IP IKEv1 [Oct 14 10:45:04][LOCAL_IP <-> REMOTE_IP] IKE negotiation done for local:LOCAL_IP, remote:REMOTE_IP IKEv1 with status: Error ok [Oct 14 10:45:04][LOCAL_IP <-> REMOTE_IP] Parsing notification payload for local:LOCAL_IP, remote:REMOTE_IP IKEv1 [Oct 14 10:45:04][LOCAL_IP <-> REMOTE_IP] P1 SA 2593424 stop timer. timer duration 30, reason 1. [Oct 14 10:45:04][LOCAL_IP <-> REMOTE_IP] ssh_ike_connect_notify: Start, remote_name = :500, flags = 00010000 [Oct 14 10:45:04][LOCAL_IP <-> REMOTE_IP] ike_sa_find_ip_port: Remote = all:500, Found SA = { f2621e6a 8cc04926 - 0bebf9a4 240606c0} [Oct 14 10:45:04][LOCAL_IP <-> REMOTE_IP] ike_alloc_negotiation: Start, SA = { f2621e6a 8cc04926 - 0bebf9a4 240606c0} [Oct 14 10:45:04][LOCAL_IP <-> REMOTE_IP] ike_alloc_negotiation: Found slot 0, max 1 [Oct 14 10:45:04][LOCAL_IP <-> REMOTE_IP] :500 (Initiator) <-> REMOTE_IP:500 { f2621e6a 8cc04926 - 0bebf9a4 240606c0 [0] / 0xc3ef29a9 } Info; Output of phase 2 IV hash[16] = 0x358e003f 0f7d7888 581436e6 6ef0dce5 [Oct 14 10:45:04][LOCAL_IP <-> REMOTE_IP] ike_init_info_exchange: Created random message id = c3ef29a9 [Oct 14 10:45:04][LOCAL_IP <-> REMOTE_IP] ike_init_info_exchange: Phase 1 done, use HASH and N or D payload [Oct 14 10:45:04][LOCAL_IP <-> REMOTE_IP] ssh_ike_connect_notify: SA = { f2621e6a 8cc04926 - 0bebf9a4 240606c0}, nego = 0 [Oct 14 10:45:04][LOCAL_IP <-> REMOTE_IP] :500 (Initiator) <-> REMOTE_IP:500 { f2621e6a 8cc04926 - 0bebf9a4 240606c0 [0] / 0xc3ef29a9 } Info; Start notify negotiation [Oct 14 10:45:04][LOCAL_IP <-> REMOTE_IP] ike_encode_packet: Start, SA = { 0xf2621e6a 8cc04926 - 0bebf9a4 240606c0 } / c3ef29a9, nego = 0 [Oct 14 10:45:04][LOCAL_IP <-> REMOTE_IP] ike_encode_packet: Encrypting packet [Oct 14 10:45:04][LOCAL_IP <-> REMOTE_IP] ike_encode_packet: Final length = 92 [Oct 14 10:45:04][LOCAL_IP <-> REMOTE_IP] ssh_ike_connect_notify: Sending notification to (null):500 [Oct 14 10:45:04][LOCAL_IP <-> REMOTE_IP] ike_send_packet: Start, send SA = { f2621e6a 8cc04926 - 0bebf9a4 240606c0}, nego = 0, dst = REMOTE_IP:500, routing table id = 0 [Oct 14 10:45:04][LOCAL_IP <-> REMOTE_IP] ike_delete_negotiation: Start, SA = { f2621e6a 8cc04926 - 0bebf9a4 240606c0}, nego = 0 [Oct 14 10:45:04][LOCAL_IP <-> REMOTE_IP] :500 (Initiator) <-> REMOTE_IP:500 { f2621e6a 8cc04926 - 0bebf9a4 240606c0 [0] / 0xc3ef29a9 } Info; Deleting negotiation [Oct 14 10:45:04][LOCAL_IP <-> REMOTE_IP] ike_free_negotiation_info: Start, nego = 0 [Oct 14 10:45:04][LOCAL_IP <-> REMOTE_IP] ike_free_negotiation: Start, nego = 0 [Oct 14 10:45:04][LOCAL_IP <-> REMOTE_IP] iked_pm_ike_info_done_callback: P1 SA 2593424 (ref 2). pending req? 0, status: Error ok [Oct 14 10:45:04][LOCAL_IP <-> REMOTE_IP] ikev2_fallback_negotiation_free: Freeing fallback negotiation dfc800 [Oct 14 10:45:04][LOCAL_IP <-> REMOTE_IP] ike_sa_find: Found SA = { f2621e6a 8cc04926 - 0bebf9a4 240606c0 } [Oct 14 10:45:04][LOCAL_IP <-> REMOTE_IP] ikev2_packet_v1_start: Passing IKE v1.0 packet to IKEv1 library [Oct 14 10:45:04][LOCAL_IP <-> REMOTE_IP] ike_get_sa: Start, SA = { f2621e6a 8cc04926 - 0bebf9a4 240606c0 } / e3a9ccee, remote = REMOTE_IP:500 [Oct 14 10:45:04][LOCAL_IP <-> REMOTE_IP] ike_sa_find: Found SA = { f2621e6a 8cc04926 - 0bebf9a4 240606c0 } [Oct 14 10:45:04][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { f2621e6a 8cc04926 - 0bebf9a4 240606c0 [-1] / 0x00000000 } IP; Version = 1.0, Input packet fields = 0024 ID HASH [Oct 14 10:45:04][LOCAL_IP <-> REMOTE_IP] ike_state_step: Current state = MM done I (9)/-1, exchange = 2, auth_method = pre shared key, Initiator [Oct 14 10:45:04][LOCAL_IP <-> REMOTE_IP] ike_st_o_done: ISAKMP SA negotiation done [Oct 14 10:45:04][LOCAL_IP <-> REMOTE_IP] ike_state_step: All done, new state = Done (30) [Oct 14 10:45:04][LOCAL_IP <-> REMOTE_IP] ike_udp_callback_common: Connected, sending notify [Oct 14 10:45:04][LOCAL_IP <-> REMOTE_IP] ike_send_notify: Connected, SA = { f2621e6a 8cc04926 - 0bebf9a4 240606c0}, nego = -1 [Oct 14 10:45:04][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { f2621e6a 8cc04926 - 0bebf9a4 240606c0 [-1] / 0x00000000 } IP; Connected [Oct 14 10:45:04][LOCAL_IP <-> REMOTE_IP] ike_free_negotiation_isakmp: Start, nego = -1 [Oct 14 10:45:04][LOCAL_IP <-> REMOTE_IP] ike_free_negotiation: Start, nego = -1 [Oct 14 10:45:04][LOCAL_IP <-> REMOTE_IP] ike_alloc_negotiation: Start, SA = { f2621e6a 8cc04926 - 0bebf9a4 240606c0} [Oct 14 10:45:04][LOCAL_IP <-> REMOTE_IP] ike_alloc_negotiation: Found slot 0, max 1 [Oct 14 10:45:04][LOCAL_IP <-> REMOTE_IP] ike_init_cfg_negotiation: Start, initiator = 0, message_id = e3a9ccee [Oct 14 10:45:04][LOCAL_IP <-> REMOTE_IP] :500 (Responder) <-> REMOTE_IP:500 { f2621e6a 8cc04926 - 0bebf9a4 240606c0 [0] / 0xe3a9ccee } CFG; New negotiation [Oct 14 10:45:04][LOCAL_IP <-> REMOTE_IP] ikev2_fallback_negotiation_alloc: Allocated fallback negotiation dfc800 [Oct 14 10:45:04][LOCAL_IP <-> REMOTE_IP] ikev2_fb_alloc_cfgmode_negotiation: Accepting new Cfg/XAuth negotiation: local=:500, remote=REMOTE_IP:500 [Oct 14 10:45:04][LOCAL_IP <-> REMOTE_IP] :500 (Responder) <-> REMOTE_IP:500 { f2621e6a 8cc04926 - 0bebf9a4 240606c0 [0] / 0xe3a9ccee } CFG; Output of phase 2 IV hash[16] = 0x1e22abc2 bab5ad9a 89d88449 44123b00 [Oct 14 10:45:04][LOCAL_IP <-> REMOTE_IP] ike_decode_packet: Start [Oct 14 10:45:04][LOCAL_IP <-> REMOTE_IP] ike_decode_packet: Start, SA = { f2621e6a 8cc04926 - 0bebf9a4 240606c0} / e3a9ccee, nego = 0 [Oct 14 10:45:04][LOCAL_IP <-> REMOTE_IP] ike_decode_packet: Decrypting packet [Oct 14 10:45:04][LOCAL_IP <-> REMOTE_IP] ike_decode_payload_attr: Start [Oct 14 10:45:04][LOCAL_IP <-> REMOTE_IP] :500 (Responder) <-> REMOTE_IP:500 { f2621e6a 8cc04926 - 0bebf9a4 240606c0 [0] / 0xe3a9ccee } CFG; Version = 1.0, Input packet fields = 0820 HASH ATTR [Oct 14 10:45:04][LOCAL_IP <-> REMOTE_IP] ike_state_step: Current state = Start CFG R (26)/-1, exchange = 6, auth_method = any, Responder [Oct 14 10:45:04][LOCAL_IP <-> REMOTE_IP] ike_st_i_encrypt: Check that packet was encrypted succeeded [Oct 14 10:45:04][LOCAL_IP <-> REMOTE_IP] ike_st_i_gen_hash: Start, hash[0..20] = 2367fa0a e373be65 ... [Oct 14 10:45:04][LOCAL_IP <-> REMOTE_IP] ike_st_i_cfg_attr: Start [Oct 14 10:45:04][LOCAL_IP <-> REMOTE_IP] ike_process_packet: No output packet, returning [Oct 14 10:45:04][LOCAL_IP <-> REMOTE_IP] ike_cfg_attrs_reply: Start [Oct 14 10:45:04][LOCAL_IP <-> REMOTE_IP] ikev2_fallback_negotiation_free: Fallback negotiation dfc800 has still 2 references [Oct 14 10:45:04][LOCAL_IP <-> REMOTE_IP] ikev2_fallback_negotiation_free: Fallback negotiation dfc800 has still 1 references [Oct 14 10:45:04][LOCAL_IP <-> REMOTE_IP] ikev2_fallback_negotiation_free: Freeing fallback negotiation dfc800 [Oct 14 10:45:04][LOCAL_IP <-> REMOTE_IP] ike_sa_find: Found SA = { f2621e6a 8cc04926 - 0bebf9a4 240606c0 } [Oct 14 10:45:04][LOCAL_IP <-> REMOTE_IP] ikev2_packet_v1_start: Passing IKE v1.0 packet to IKEv1 library [Oct 14 10:45:04][LOCAL_IP <-> REMOTE_IP] ike_get_sa: Start, SA = { f2621e6a 8cc04926 - 0bebf9a4 240606c0 } / d79f8c4c, remote = REMOTE_IP:500 [Oct 14 10:45:04][LOCAL_IP <-> REMOTE_IP] ike_sa_find: Found SA = { f2621e6a 8cc04926 - 0bebf9a4 240606c0 } [Oct 14 10:45:04][LOCAL_IP <-> REMOTE_IP] ike_alloc_negotiation: Start, SA = { f2621e6a 8cc04926 - 0bebf9a4 240606c0} [Oct 14 10:45:04][LOCAL_IP <-> REMOTE_IP] ike_alloc_negotiation: Found slot 1, max 2 [Oct 14 10:45:04][LOCAL_IP <-> REMOTE_IP] :500 (Responder) <-> REMOTE_IP:500 { f2621e6a 8cc04926 - 0bebf9a4 240606c0 [1] / 0xd79f8c4c } Info; New informational negotiation [Oct 14 10:45:04][LOCAL_IP <-> REMOTE_IP] :500 (Responder) <-> REMOTE_IP:500 { f2621e6a 8cc04926 - 0bebf9a4 240606c0 [1] / 0xd79f8c4c } Info; Packet to old negotiation [Oct 14 10:45:04][LOCAL_IP <-> REMOTE_IP] :500 (Responder) <-> REMOTE_IP:500 { f2621e6a 8cc04926 - 0bebf9a4 240606c0 [1] / 0xd79f8c4c } Info; Output of phase 2 IV hash[16] = 0xef68f2f3 6c0826aa deaab1ab 29e47434 [Oct 14 10:45:04][LOCAL_IP <-> REMOTE_IP] ike_decode_packet: Start [Oct 14 10:45:04][LOCAL_IP <-> REMOTE_IP] ike_decode_packet: Start, SA = { f2621e6a 8cc04926 - 0bebf9a4 240606c0} / d79f8c4c, nego = 1 [Oct 14 10:45:04][LOCAL_IP <-> REMOTE_IP] ike_decode_packet: Decrypting packet [Oct 14 10:45:04][LOCAL_IP <-> REMOTE_IP] :500 (Responder) <-> REMOTE_IP:500 { f2621e6a 8cc04926 - 0bebf9a4 240606c0 [1] / 0xd79f8c4c } Info; Version = 1.0, Input packet fields = 0220 HASH N [Oct 14 10:45:04][LOCAL_IP <-> REMOTE_IP] ike_state_step: Current state = Done (30)/-1, exchange = 5, auth_method = any, Responder [Oct 14 10:45:04][LOCAL_IP <-> REMOTE_IP] ike_st_i_encrypt: Check that packet was encrypted succeeded [Oct 14 10:45:04][LOCAL_IP <-> REMOTE_IP] ike_st_i_gen_hash: Start, hash[0..20] = 4e33d0ed 288799b5 ... [Oct 14 10:45:04][LOCAL_IP <-> REMOTE_IP] ike_st_i_n: Start, doi = 1, protocol = 1, code = Payload malformed (16), spi[0..0] = 00000000 00000000 ..., data[0..0] = 00000000 00000000 ... [Oct 14 10:45:04][LOCAL_IP <-> REMOTE_IP] :500 (Responder) <-> REMOTE_IP:500 { f2621e6a 8cc04926 - 0bebf9a4 240606c0 [1] / 0xd79f8c4c } Info; Received notify err = Payload malformed (16) to isakmp sa, delete it [Oct 14 10:45:04][LOCAL_IP <-> REMOTE_IP] ike_st_i_private: Start [Oct 14 10:45:04][LOCAL_IP <-> REMOTE_IP] ike_state_step: All done, new state = Done (30) [Oct 14 10:45:04][LOCAL_IP <-> REMOTE_IP] ike_process_packet: Connected, sending notify [Oct 14 10:45:04][LOCAL_IP <-> REMOTE_IP] ike_send_notify: Connected, SA = { f2621e6a 8cc04926 - 0bebf9a4 240606c0}, nego = 1 [Oct 14 10:45:04][LOCAL_IP <-> REMOTE_IP] :500 (Responder) <-> REMOTE_IP:500 { f2621e6a 8cc04926 - 0bebf9a4 240606c0 [1] / 0xd79f8c4c } Info; Connected [Oct 14 10:45:04][LOCAL_IP <-> REMOTE_IP] ike_delete_negotiation: Start, SA = { f2621e6a 8cc04926 - 0bebf9a4 240606c0}, nego = 1 [Oct 14 10:45:04][LOCAL_IP <-> REMOTE_IP] :500 (Responder) <-> REMOTE_IP:500 { f2621e6a 8cc04926 - 0bebf9a4 240606c0 [1] / 0xd79f8c4c } Info; Deleting negotiation [Oct 14 10:45:04][LOCAL_IP <-> REMOTE_IP] ike_free_negotiation_info: Start, nego = 1 [Oct 14 10:45:04][LOCAL_IP <-> REMOTE_IP] ike_free_negotiation: Start, nego = 1 [Oct 14 10:45:04][LOCAL_IP <-> REMOTE_IP] ike_remove_callback: Start, delete SA = { f2621e6a 8cc04926 - 0bebf9a4 240606c0}, nego = -1 [Oct 14 10:45:04][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { f2621e6a 8cc04926 - 0bebf9a4 240606c0 [-1] / unknown } IP; Removing negotiation [Oct 14 10:45:04][LOCAL_IP <-> REMOTE_IP] ike_delete_negotiation: Start, SA = { f2621e6a 8cc04926 - 0bebf9a4 240606c0}, nego = -1 [Oct 14 10:45:04][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { f2621e6a 8cc04926 - 0bebf9a4 240606c0 [-1] / unknown } IP; Deleting negotiation [Oct 14 10:45:04][LOCAL_IP <-> REMOTE_IP] ssh_ike_tunnel_table_entry_delete: Deleting tunnel_id: 0 from IKE tunnel table [Oct 14 10:45:04][LOCAL_IP <-> REMOTE_IP] ssh_ike_tunnel_table_entry_delete: The tunnel id: 0 doesn't exist in IKE tunnel table [Oct 14 10:45:04][LOCAL_IP <-> REMOTE_IP] ike_sa_delete: Start, SA = { f2621e6a 8cc04926 - 0bebf9a4 240606c0 } [Oct 14 10:45:04][LOCAL_IP <-> REMOTE_IP] ike_free_negotiation_cfg: Start, nego = 0 [Oct 14 10:45:04][LOCAL_IP <-> REMOTE_IP] ike_free_negotiation: Start, nego = 0 [Oct 14 10:45:04][LOCAL_IP <-> REMOTE_IP] ike_free_negotiation_isakmp: Start, nego = -1 [Oct 14 10:45:04][LOCAL_IP <-> REMOTE_IP] ike_free_negotiation: Start, nego = -1 [Oct 14 10:45:04][LOCAL_IP <-> REMOTE_IP] ikev2_fb_isakmp_sa_freed: Received notification from the ISAKMP library that the IKE SA df6400 is freed [Oct 14 10:45:04][LOCAL_IP <-> REMOTE_IP] IKE SA delete called for p1 sa 2593424 (ref cnt 1) local:LOCAL_IP, remote:REMOTE_IP, IKEv1 [Oct 14 10:45:04][LOCAL_IP <-> REMOTE_IP] P1 SA 2593424 stop timer. timer duration 30, reason 0. [Oct 14 10:45:04][LOCAL_IP <-> REMOTE_IP] iked_pm_p1_sa_destroy: p1 sa 2593424 (ref cnt 0), waiting_for_del 0x0 [Oct 14 10:45:04][LOCAL_IP <-> REMOTE_IP] iked_peer_remove_p1sa_entry: Remove p1 sa 2593424 from peer entry 0x9cc400 [Oct 14 10:45:04][LOCAL_IP <-> REMOTE_IP] ike_free_id_payload: Start, id type = 1 [Oct 14 10:45:04][LOCAL_IP <-> REMOTE_IP] ike_free_id_payload: Start, id type = 1 [Oct 14 10:45:04][LOCAL_IP <-> REMOTE_IP] ike_free_sa: Start [Oct 14 10:45:08][LOCAL_IP <-> REMOTE_IP] ike_sa_find: Not found SA = { f2621e6a 8cc04926 - 0bebf9a4 240606c0 } [Oct 14 10:45:08][LOCAL_IP <-> REMOTE_IP] ikev2_packet_v1_start: Passing IKE v1.0 packet to IKEv1 library [Oct 14 10:45:08][LOCAL_IP <-> REMOTE_IP] ike_get_sa: Start, SA = { f2621e6a 8cc04926 - 0bebf9a4 240606c0 } / e3a9ccee, remote = REMOTE_IP:500 [Oct 14 10:45:08][LOCAL_IP <-> REMOTE_IP] ike_sa_find: Not found SA = { f2621e6a 8cc04926 - 0bebf9a4 240606c0 } [Oct 14 10:45:08][LOCAL_IP <-> REMOTE_IP] ike_sa_find_half: Not found half SA = { f2621e6a 8cc04926 - 00000000 00000000 } [Oct 14 10:45:08][LOCAL_IP <-> REMOTE_IP] ike_get_sa: Invalid cookie, no sa found, SA = { f2621e6a 8cc04926 - 0bebf9a4 240606c0 } / e3a9ccee, remote = REMOTE_IP:500 [Oct 14 10:45:08][LOCAL_IP <-> REMOTE_IP] iked_pv_audit_callback: Empty SSH audit event [Oct 14 10:45:08][LOCAL_IP <-> REMOTE_IP] unknown (unknown) <-> unknown { unknown [unknown] / unknown } unknown; Packet to unknown Isakmp SA, ip = REMOTE_IP:500 [Oct 14 10:45:13][LOCAL_IP <-> REMOTE_IP] Received DPD Trigger message with local_gw_addr = LOCAL_IP remote_gw_addr = REMOTE_IP [Oct 14 10:45:13][LOCAL_IP <-> REMOTE_IP] DPD -> TTL decrement 4 (no-response) for remote peer REMOTE_IP [Oct 14 10:45:13][LOCAL_IP <-> REMOTE_IP] P1 SA 2593425 start timer. timer duration 30, reason 1. [Oct 14 10:45:13][LOCAL_IP <-> REMOTE_IP] iked_peer_insert_p1sa_entry: Insert p1 sa 2593425 in peer entry 0x9cc400 [Oct 14 10:45:13][LOCAL_IP <-> REMOTE_IP] ikev2_fallback_negotiation_alloc: Allocated fallback negotiation dfc800 [Oct 14 10:45:13][LOCAL_IP <-> REMOTE_IP] Parsing notification payload for local:LOCAL_IP, remote:REMOTE_IP IKEv1 [Oct 14 10:45:13][LOCAL_IP <-> REMOTE_IP] IKE SA fill called for negotiation of local:LOCAL_IP, remote:REMOTE_IP IKEv1 [Oct 14 10:45:13][LOCAL_IP <-> REMOTE_IP] ikev2_fallback_negotiation_free: Fallback negotiation dfc800 has still 1 references [Oct 14 10:45:13][LOCAL_IP <-> REMOTE_IP] ssh_ike_connect: Start, remote_name = REMOTE_IP:500, xchg = 2, flags = 00080000 [Oct 14 10:45:13][LOCAL_IP <-> REMOTE_IP] ike_sa_allocate: Start, SA = { 4d35f814 cace301c - 00000000 00000000 } [Oct 14 10:45:13][LOCAL_IP <-> REMOTE_IP] ike_init_isakmp_sa: Start, remote = REMOTE_IP:500, initiator = 1 [Oct 14 10:45:13][LOCAL_IP <-> REMOTE_IP] ssh_ike_connect: SA = { 4d35f814 cace301c - 00000000 00000000}, nego = -1 [Oct 14 10:45:13][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { 4d35f814 cace301c - 00000000 00000000 [-1] / 0x00000000 } IP; Start isakmp sa negotiation [Oct 14 10:45:13][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { 4d35f814 cace301c - 00000000 00000000 [-1] / 0x00000000 } IP; Version = 1.0, Input packet fields = 0000 [Oct 14 10:45:13][LOCAL_IP <-> REMOTE_IP] ike_state_step: Current state = Start sa negotiation I (1)/-1, exchange = 2, auth_method = pre shared key, Initiator [Oct 14 10:45:13][LOCAL_IP <-> REMOTE_IP] ike_st_o_sa_proposal: Start [Oct 14 10:45:13][LOCAL_IP <-> REMOTE_IP] ike_policy_reply_isakmp_vendor_ids: Start [Oct 14 10:45:13][LOCAL_IP <-> REMOTE_IP] ike_st_o_private: Start [Oct 14 10:45:13][LOCAL_IP <-> REMOTE_IP] ike_policy_reply_private_payload_out: Start [Oct 14 10:45:13][LOCAL_IP <-> REMOTE_IP] ike_state_step: All done, new state = MM SA I (3) [Oct 14 10:45:13][LOCAL_IP <-> REMOTE_IP] ike_encode_packet: Start, SA = { 0x4d35f814 cace301c - 00000000 00000000 } / 00000000, nego = -1 [Oct 14 10:45:13][LOCAL_IP <-> REMOTE_IP] ike_encode_packet: Final length = 288 [Oct 14 10:45:13][LOCAL_IP <-> REMOTE_IP] ike_send_packet: Start, send SA = { 4d35f814 cace301c - 00000000 00000000}, nego = -1, dst = REMOTE_IP:500, routing table id = 0 [Oct 14 10:45:13][LOCAL_IP <-> REMOTE_IP] ike_sa_find: Not found SA = { 4d35f814 cace301c - 5d427042 c5095851 } [Oct 14 10:45:13][LOCAL_IP <-> REMOTE_IP] ikev2_packet_v1_start: Passing IKE v1.0 packet to IKEv1 library [Oct 14 10:45:13][LOCAL_IP <-> REMOTE_IP] ike_get_sa: Start, SA = { 4d35f814 cace301c - 5d427042 c5095851 } / 00000000, remote = REMOTE_IP:500 [Oct 14 10:45:13][LOCAL_IP <-> REMOTE_IP] ike_sa_find: Not found SA = { 4d35f814 cace301c - 5d427042 c5095851 } [Oct 14 10:45:13][LOCAL_IP <-> REMOTE_IP] ike_sa_find_half: Found half SA = { 4d35f814 cace301c - 00000000 00000000 } [Oct 14 10:45:13][LOCAL_IP <-> REMOTE_IP] ike_get_sa: We are intiator, first response packet [Oct 14 10:45:13][LOCAL_IP <-> REMOTE_IP] ike_sa_upgrade: Start, SA = { 4d35f814 cace301c - 00000000 00000000 } -> { ... - 5d427042 c5095851 } [Oct 14 10:45:13][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { 4d35f814 cace301c - 5d427042 c5095851 [-1] / 0x00000000 } IP; Packet to old negotiation [Oct 14 10:45:13][LOCAL_IP <-> REMOTE_IP] ike_decode_packet: Start [Oct 14 10:45:13][LOCAL_IP <-> REMOTE_IP] ike_decode_packet: Start, SA = { 4d35f814 cace301c - 5d427042 c5095851} / 00000000, nego = -1 [Oct 14 10:45:13][LOCAL_IP <-> REMOTE_IP] ike_decode_payload_sa: Start [Oct 14 10:45:13][LOCAL_IP <-> REMOTE_IP] ike_decode_payload_sa: Found 1 proposals [Oct 14 10:45:13][LOCAL_IP <-> REMOTE_IP] ike_decode_payload_t: Start, # trans = 1 [Oct 14 10:45:13][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { 4d35f814 cace301c - 5d427042 c5095851 [-1] / 0x00000000 } IP; Version = 1.0, Input packet fields = 0401 SA VID [Oct 14 10:45:13][LOCAL_IP <-> REMOTE_IP] ike_state_step: Current state = MM SA I (3)/-1, exchange = 2, auth_method = pre shared key, Initiator [Oct 14 10:45:13][LOCAL_IP <-> REMOTE_IP] ike_st_i_sa_value: Start [Oct 14 10:45:13][LOCAL_IP <-> REMOTE_IP] ike_st_i_cr: Start [Oct 14 10:45:13][LOCAL_IP <-> REMOTE_IP] ike_st_i_cert: Start [Oct 14 10:45:13][LOCAL_IP <-> REMOTE_IP] ike_st_i_vid: VID[0..8] = 09002689 dfd6b712 ... [Oct 14 10:45:13][LOCAL_IP <-> REMOTE_IP] ike_st_i_vid: VID[0..16] = afcad713 68a1f1c9 ... [Oct 14 10:45:13][LOCAL_IP <-> REMOTE_IP] ike_st_i_vid: VID[0..16] = 12f5f28c 457168a9 ... [Oct 14 10:45:13][LOCAL_IP <-> REMOTE_IP] ike_st_i_vid: VID[0..16] = 4a131c81 07035845 ... [Oct 14 10:45:13][LOCAL_IP <-> REMOTE_IP] ike_st_i_private: Start [Oct 14 10:45:13][LOCAL_IP <-> REMOTE_IP] ike_st_o_ke: Start [Oct 14 10:45:13][LOCAL_IP <-> REMOTE_IP] iked_dh_get_group: DH Group 2 [Oct 14 10:45:13][LOCAL_IP <-> REMOTE_IP] iked_dh_generate_sync: Requested DH group 2 [Oct 14 10:45:13][LOCAL_IP <-> REMOTE_IP] iked_dh_generate_sync: Generated DH keys using hardware for DH group 2 [Oct 14 10:45:13][LOCAL_IP <-> REMOTE_IP] juniper_dlp_diffie_hellman_generate_async: DH Generate Secs [0] USecs [6043] [Oct 14 10:45:13][LOCAL_IP <-> REMOTE_IP] juniper_dlp_diffie_hellman_generate_async: Generated DH using hardware [Oct 14 10:45:13][LOCAL_IP <-> REMOTE_IP] ike_st_o_nonce: Start [Oct 14 10:45:13][LOCAL_IP <-> REMOTE_IP] ike_policy_reply_isakmp_nonce_data_len: Start [Oct 14 10:45:13][LOCAL_IP <-> REMOTE_IP] ike_st_o_private: Start [Oct 14 10:45:13][LOCAL_IP <-> REMOTE_IP] ike_policy_reply_private_payload_out: Start [Oct 14 10:45:13][LOCAL_IP <-> REMOTE_IP] ike_policy_reply_private_payload_out: Start [Oct 14 10:45:13][LOCAL_IP <-> REMOTE_IP] ike_policy_reply_private_payload_out: Start [Oct 14 10:45:13][LOCAL_IP <-> REMOTE_IP] ike_state_step: All done, new state = MM KE I (5) [Oct 14 10:45:13][LOCAL_IP <-> REMOTE_IP] ike_encode_packet: Start, SA = { 0x4d35f814 cace301c - 5d427042 c5095851 } / 00000000, nego = -1 [Oct 14 10:45:13][LOCAL_IP <-> REMOTE_IP] ike_encode_packet: Final length = 228 [Oct 14 10:45:13][LOCAL_IP <-> REMOTE_IP] ike_send_packet: Start, send SA = { 4d35f814 cace301c - 5d427042 c5095851}, nego = -1, dst = REMOTE_IP:500, routing table id = 0 [Oct 14 10:45:14][LOCAL_IP <-> REMOTE_IP] ike_sa_find: Found SA = { 4d35f814 cace301c - 5d427042 c5095851 } [Oct 14 10:45:14][LOCAL_IP <-> REMOTE_IP] ikev2_packet_v1_start: Passing IKE v1.0 packet to IKEv1 library [Oct 14 10:45:14][LOCAL_IP <-> REMOTE_IP] ike_get_sa: Start, SA = { 4d35f814 cace301c - 5d427042 c5095851 } / 00000000, remote = REMOTE_IP:500 [Oct 14 10:45:14][LOCAL_IP <-> REMOTE_IP] ike_sa_find: Found SA = { 4d35f814 cace301c - 5d427042 c5095851 } [Oct 14 10:45:14][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { 4d35f814 cace301c - 5d427042 c5095851 [-1] / 0x00000000 } IP; Packet to old negotiation [Oct 14 10:45:14][LOCAL_IP <-> REMOTE_IP] ike_decode_packet: Start [Oct 14 10:45:14][LOCAL_IP <-> REMOTE_IP] ike_decode_packet: Start, SA = { 4d35f814 cace301c - 5d427042 c5095851} / 00000000, nego = -1 [Oct 14 10:45:14][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { 4d35f814 cace301c - 5d427042 c5095851 [-1] / 0x00000000 } IP; Version = 1.0, Input packet fields = 0012 KE NONCE [Oct 14 10:45:14][LOCAL_IP <-> REMOTE_IP] ike_state_step: Current state = MM KE I (5)/-1, exchange = 2, auth_method = pre shared key, Initiator [Oct 14 10:45:14][LOCAL_IP <-> REMOTE_IP] ike_st_i_nonce: Start, nonce[0..32] = 24ae4497 07d2c087 ... [Oct 14 10:45:14][LOCAL_IP <-> REMOTE_IP] ike_st_i_ke: Ke[0..128] = 2078139a 3076e7f6 ... [Oct 14 10:45:14][LOCAL_IP <-> REMOTE_IP] ike_st_i_cr: Start [Oct 14 10:45:14][LOCAL_IP <-> REMOTE_IP] ike_st_i_cert: Start [Oct 14 10:45:14][LOCAL_IP <-> REMOTE_IP] ike_st_i_private: Start [Oct 14 10:45:14][LOCAL_IP <-> REMOTE_IP] ike_st_o_id: Start [Oct 14 10:45:14][LOCAL_IP <-> REMOTE_IP] ike_st_o_hash: Start [Oct 14 10:45:14][LOCAL_IP <-> REMOTE_IP] iked_dh_get_group: DH Group 2 [Oct 14 10:45:14][LOCAL_IP <-> REMOTE_IP] iked_dh_compute_synch: Requested DH group 2 [Oct 14 10:45:14][LOCAL_IP <-> REMOTE_IP] juniper_dlp_diffie_hellman_final_async: DH Compute Secs [0] USecs [5736] [Oct 14 10:45:14][LOCAL_IP <-> REMOTE_IP] juniper_dlp_diffie_hellman_final_async: Computed DH using hardware [Oct 14 10:45:14][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { 4d35f814 cace301c - 5d427042 c5095851 [-1] / 0x00000000 } IP; Diffie-hellman secret g^xy[128] = 0xe8433d4a 27881cf8 4737ae68 a61ac0aa 56 [Oct 14 10:45:14][LOCAL_IP <-> REMOTE_IP] ike_find_pre_shared_key: Find pre shared key key for LOCAL_IP:500, id = ipv4(any:0,[0..3]=LOCAL_IP) -> REMOTE_IP:500, id = No Id [Oct 14 10:45:14][LOCAL_IP <-> REMOTE_IP] ike_policy_reply_find_pre_shared_key: Start [Oct 14 10:45:14][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { 4d35f814 cace301c - 5d427042 c5095851 [-1] / 0x00000000 } IP; Hash algorithm = hmac-sha1 [Oct 14 10:45:14][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { 4d35f814 cace301c - 5d427042 c5095851 [-1] / 0x00000000 } IP; Prf key[11] = 0x32303135 4d696172 657465 [Oct 14 10:45:14][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { 4d35f814 cace301c - 5d427042 c5095851 [-1] / 0x00000000 } IP; Calculating SKEYID [Oct 14 10:45:14][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { 4d35f814 cace301c - 5d427042 c5095851 [-1] / 0x00000000 } IP; Output of SKEYID hash[20] = 0xa81df8c7 14566973 2afd9034 19459c67 ded4f906 [Oct 14 10:45:14][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { 4d35f814 cace301c - 5d427042 c5095851 [-1] / 0x00000000 } IP; Output of SKEYID_d hash[20] = 0xea541752 7311a212 dc5192de b404b1a4 3d56cf [Oct 14 10:45:14][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { 4d35f814 cace301c - 5d427042 c5095851 [-1] / 0x00000000 } IP; Output of SKEYID_a hash[20] = 0xa8d25d47 0edc98f9 6314b6d8 49c42734 f55235 [Oct 14 10:45:14][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { 4d35f814 cace301c - 5d427042 c5095851 [-1] / 0x00000000 } IP; Output SKEYID_e hash[20] = 0x8e0d43e7 6285cea2 f1e0956b 4bed9eef 6d7ad4db [Oct 14 10:45:14][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { 4d35f814 cace301c - 5d427042 c5095851 [-1] / 0x00000000 } IP; Final encryption key[16] = 0x8e0d43e7 6285cea2 f1e0956b 4bed9eef [Oct 14 10:45:14][LOCAL_IP <-> REMOTE_IP] ike_calc_mac: Start, initiator = true, local = true [Oct 14 10:45:14][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { 4d35f814 cace301c - 5d427042 c5095851 [-1] / 0x00000000 } IP; Output of HASH_I hash[20] = 0x5e06bee0 d8de86cc f7ffc623 4d7eb4b3 e978a5e5 [Oct 14 10:45:14][LOCAL_IP <-> REMOTE_IP] ike_st_o_status_n: Start [Oct 14 10:45:14][LOCAL_IP <-> REMOTE_IP] ike_st_o_private: Start [Oct 14 10:45:14][LOCAL_IP <-> REMOTE_IP] ike_policy_reply_private_payload_out: Start [Oct 14 10:45:14][LOCAL_IP <-> REMOTE_IP] ike_st_o_encrypt: Marking encryption for packet [Oct 14 10:45:14][LOCAL_IP <-> REMOTE_IP] ike_state_step: All done, new state = MM final I (7) [Oct 14 10:45:14][LOCAL_IP <-> REMOTE_IP] ike_encode_packet: Start, SA = { 0x4d35f814 cace301c - 5d427042 c5095851 } / 00000000, nego = -1 [Oct 14 10:45:14][LOCAL_IP <-> REMOTE_IP] ike_encode_packet: Encrypting packet [Oct 14 10:45:14][LOCAL_IP <-> REMOTE_IP] ike_encode_packet: Final length = 76 [Oct 14 10:45:14][LOCAL_IP <-> REMOTE_IP] ike_send_packet: Start, send SA = { 4d35f814 cace301c - 5d427042 c5095851}, nego = -1, dst = REMOTE_IP:500, routing table id = 0 [Oct 14 10:45:14][LOCAL_IP <-> REMOTE_IP] ike_sa_find: Found SA = { 4d35f814 cace301c - 5d427042 c5095851 } [Oct 14 10:45:14][LOCAL_IP <-> REMOTE_IP] ikev2_packet_v1_start: Passing IKE v1.0 packet to IKEv1 library [Oct 14 10:45:14][LOCAL_IP <-> REMOTE_IP] ike_get_sa: Start, SA = { 4d35f814 cace301c - 5d427042 c5095851 } / 00000000, remote = REMOTE_IP:500 [Oct 14 10:45:14][LOCAL_IP <-> REMOTE_IP] ike_sa_find: Found SA = { 4d35f814 cace301c - 5d427042 c5095851 } [Oct 14 10:45:14][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { 4d35f814 cace301c - 5d427042 c5095851 [-1] / 0x00000000 } IP; Packet to old negotiation [Oct 14 10:45:14][LOCAL_IP <-> REMOTE_IP] ike_decode_packet: Start [Oct 14 10:45:14][LOCAL_IP <-> REMOTE_IP] ike_decode_packet: Start, SA = { 4d35f814 cace301c - 5d427042 c5095851} / 00000000, nego = -1 [Oct 14 10:45:14][LOCAL_IP <-> REMOTE_IP] ike_decode_packet: Decrypting packet [Oct 14 10:45:14][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { 4d35f814 cace301c - 5d427042 c5095851 [-1] / 0x00000000 } IP; Version = 1.0, Input packet fields = 0024 ID HASH [Oct 14 10:45:14][LOCAL_IP <-> REMOTE_IP] ike_state_step: Current state = MM final I (7)/-1, exchange = 2, auth_method = pre shared key, Initiator [Oct 14 10:45:14][LOCAL_IP <-> REMOTE_IP] ike_st_i_encrypt: Check that packet was encrypted succeeded [Oct 14 10:45:14][LOCAL_IP <-> REMOTE_IP] ike_st_i_id: Start [Oct 14 10:45:14][LOCAL_IP <-> REMOTE_IP] ike_st_i_hash: Start, hash[0..20] = 22e3874e 0889fc77 ... [Oct 14 10:45:14][LOCAL_IP <-> REMOTE_IP] ike_calc_mac: Start, initiator = true, local = false [Oct 14 10:45:14][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { 4d35f814 cace301c - 5d427042 c5095851 [-1] / 0x00000000 } IP; Output of HASH_R hash[20] = 0x22e3874e 0889fc77 08667a6b e2476d84 a8cbef65 [Oct 14 10:45:14][LOCAL_IP <-> REMOTE_IP] ike_st_i_cert: Start [Oct 14 10:45:14][LOCAL_IP <-> REMOTE_IP] ike_st_i_private: Start [Oct 14 10:45:14][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { 4d35f814 cace301c - 5d427042 c5095851 [-1] / 0x00000000 } IP; dec->enc iv[16] = 0xd8db329d 717ab04b 76c5411d 8cd053da [Oct 14 10:45:14][LOCAL_IP <-> REMOTE_IP] ike_st_o_wait_done: Marking for waiting for done [Oct 14 10:45:14][LOCAL_IP <-> REMOTE_IP] ike_st_o_all_done: MESSAGE: Phase 1 { 0x4d35f814 cace301c - 0x5d427042 c5095851 } / 00000000, version = 1.0, xchg = Identity protect, auth_method = Pre shared keys, Initiator, cipher = aes- [Oct 14 10:45:14][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { 4d35f814 cace301c - 5d427042 c5095851 [-1] / 0x00000000 } IP; MESSAGE: Phase 1 version = 1.0, auth_method = Pre shared keys, cipher = ae [Oct 14 10:45:14][LOCAL_IP <-> REMOTE_IP] ike_state_step: All done, new state = MM done I (9) [Oct 14 10:45:14][LOCAL_IP <-> REMOTE_IP] ikev2_fallback_negotiation_free: Fallback negotiation dfc800 has still 1 references [Oct 14 10:45:14][LOCAL_IP <-> REMOTE_IP] ike_send_notify: Connected, SA = { 4d35f814 cace301c - 5d427042 c5095851}, nego = -1 [Oct 14 10:45:14][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { 4d35f814 cace301c - 5d427042 c5095851 [-1] / 0x00000000 } IP; Connected [Oct 14 10:45:14][LOCAL_IP <-> REMOTE_IP] ike_process_packet: No output packet, returning [Oct 14 10:45:14][LOCAL_IP <-> REMOTE_IP] iked_pm_ike_sa_done: local:LOCAL_IP, remote:REMOTE_IP IKEv1 [Oct 14 10:45:14][LOCAL_IP <-> REMOTE_IP] IKE negotiation done for local:LOCAL_IP, remote:REMOTE_IP IKEv1 with status: Error ok [Oct 14 10:45:14][LOCAL_IP <-> REMOTE_IP] Parsing notification payload for local:LOCAL_IP, remote:REMOTE_IP IKEv1 [Oct 14 10:45:14][LOCAL_IP <-> REMOTE_IP] P1 SA 2593425 stop timer. timer duration 30, reason 1. [Oct 14 10:45:14][LOCAL_IP <-> REMOTE_IP] ssh_ike_connect_notify: Start, remote_name = :500, flags = 00010000 [Oct 14 10:45:14][LOCAL_IP <-> REMOTE_IP] ike_sa_find_ip_port: Remote = all:500, Found SA = { 4d35f814 cace301c - 5d427042 c5095851} [Oct 14 10:45:14][LOCAL_IP <-> REMOTE_IP] ike_alloc_negotiation: Start, SA = { 4d35f814 cace301c - 5d427042 c5095851} [Oct 14 10:45:14][LOCAL_IP <-> REMOTE_IP] ike_alloc_negotiation: Found slot 0, max 1 [Oct 14 10:45:14][LOCAL_IP <-> REMOTE_IP] :500 (Initiator) <-> REMOTE_IP:500 { 4d35f814 cace301c - 5d427042 c5095851 [0] / 0x1ab55878 } Info; Output of phase 2 IV hash[16] = 0xeb474821 4199babe e19a7392 682541ec [Oct 14 10:45:14][LOCAL_IP <-> REMOTE_IP] ike_init_info_exchange: Created random message id = 1ab55878 [Oct 14 10:45:14][LOCAL_IP <-> REMOTE_IP] ike_init_info_exchange: Phase 1 done, use HASH and N or D payload [Oct 14 10:45:14][LOCAL_IP <-> REMOTE_IP] ssh_ike_connect_notify: SA = { 4d35f814 cace301c - 5d427042 c5095851}, nego = 0 [Oct 14 10:45:14][LOCAL_IP <-> REMOTE_IP] :500 (Initiator) <-> REMOTE_IP:500 { 4d35f814 cace301c - 5d427042 c5095851 [0] / 0x1ab55878 } Info; Start notify negotiation [Oct 14 10:45:14][LOCAL_IP <-> REMOTE_IP] ike_encode_packet: Start, SA = { 0x4d35f814 cace301c - 5d427042 c5095851 } / 1ab55878, nego = 0 [Oct 14 10:45:14][LOCAL_IP <-> REMOTE_IP] ike_encode_packet: Encrypting packet [Oct 14 10:45:14][LOCAL_IP <-> REMOTE_IP] ike_encode_packet: Final length = 92 [Oct 14 10:45:14][LOCAL_IP <-> REMOTE_IP] ssh_ike_connect_notify: Sending notification to (null):500 [Oct 14 10:45:14][LOCAL_IP <-> REMOTE_IP] ike_send_packet: Start, send SA = { 4d35f814 cace301c - 5d427042 c5095851}, nego = 0, dst = REMOTE_IP:500, routing table id = 0 [Oct 14 10:45:14][LOCAL_IP <-> REMOTE_IP] ike_delete_negotiation: Start, SA = { 4d35f814 cace301c - 5d427042 c5095851}, nego = 0 [Oct 14 10:45:14][LOCAL_IP <-> REMOTE_IP] :500 (Initiator) <-> REMOTE_IP:500 { 4d35f814 cace301c - 5d427042 c5095851 [0] / 0x1ab55878 } Info; Deleting negotiation [Oct 14 10:45:14][LOCAL_IP <-> REMOTE_IP] ike_free_negotiation_info: Start, nego = 0 [Oct 14 10:45:14][LOCAL_IP <-> REMOTE_IP] ike_free_negotiation: Start, nego = 0 [Oct 14 10:45:14][LOCAL_IP <-> REMOTE_IP] iked_pm_ike_info_done_callback: P1 SA 2593425 (ref 2). pending req? 0, status: Error ok [Oct 14 10:45:14][LOCAL_IP <-> REMOTE_IP] ikev2_fallback_negotiation_free: Freeing fallback negotiation dfc800 [Oct 14 10:45:14][LOCAL_IP <-> REMOTE_IP] ike_sa_find: Found SA = { 4d35f814 cace301c - 5d427042 c5095851 } [Oct 14 10:45:14][LOCAL_IP <-> REMOTE_IP] ikev2_packet_v1_start: Passing IKE v1.0 packet to IKEv1 library [Oct 14 10:45:14][LOCAL_IP <-> REMOTE_IP] ike_get_sa: Start, SA = { 4d35f814 cace301c - 5d427042 c5095851 } / 43df8b99, remote = REMOTE_IP:500 [Oct 14 10:45:14][LOCAL_IP <-> REMOTE_IP] ike_sa_find: Found SA = { 4d35f814 cace301c - 5d427042 c5095851 } [Oct 14 10:45:14][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { 4d35f814 cace301c - 5d427042 c5095851 [-1] / 0x00000000 } IP; Version = 1.0, Input packet fields = 0024 ID HASH [Oct 14 10:45:14][LOCAL_IP <-> REMOTE_IP] ike_state_step: Current state = MM done I (9)/-1, exchange = 2, auth_method = pre shared key, Initiator [Oct 14 10:45:14][LOCAL_IP <-> REMOTE_IP] ike_st_o_done: ISAKMP SA negotiation done [Oct 14 10:45:14][LOCAL_IP <-> REMOTE_IP] ike_state_step: All done, new state = Done (30) [Oct 14 10:45:14][LOCAL_IP <-> REMOTE_IP] ike_udp_callback_common: Connected, sending notify [Oct 14 10:45:14][LOCAL_IP <-> REMOTE_IP] ike_send_notify: Connected, SA = { 4d35f814 cace301c - 5d427042 c5095851}, nego = -1 [Oct 14 10:45:14][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { 4d35f814 cace301c - 5d427042 c5095851 [-1] / 0x00000000 } IP; Connected [Oct 14 10:45:14][LOCAL_IP <-> REMOTE_IP] ike_free_negotiation_isakmp: Start, nego = -1 [Oct 14 10:45:14][LOCAL_IP <-> REMOTE_IP] ike_free_negotiation: Start, nego = -1 [Oct 14 10:45:14][LOCAL_IP <-> REMOTE_IP] ike_alloc_negotiation: Start, SA = { 4d35f814 cace301c - 5d427042 c5095851} [Oct 14 10:45:14][LOCAL_IP <-> REMOTE_IP] ike_alloc_negotiation: Found slot 0, max 1 [Oct 14 10:45:14][LOCAL_IP <-> REMOTE_IP] ike_init_cfg_negotiation: Start, initiator = 0, message_id = 43df8b99 [Oct 14 10:45:14][LOCAL_IP <-> REMOTE_IP] :500 (Responder) <-> REMOTE_IP:500 { 4d35f814 cace301c - 5d427042 c5095851 [0] / 0x43df8b99 } CFG; New negotiation [Oct 14 10:45:14][LOCAL_IP <-> REMOTE_IP] ikev2_fallback_negotiation_alloc: Allocated fallback negotiation dfc800 [Oct 14 10:45:14][LOCAL_IP <-> REMOTE_IP] ikev2_fb_alloc_cfgmode_negotiation: Accepting new Cfg/XAuth negotiation: local=:500, remote=REMOTE_IP:500 [Oct 14 10:45:14][LOCAL_IP <-> REMOTE_IP] :500 (Responder) <-> REMOTE_IP:500 { 4d35f814 cace301c - 5d427042 c5095851 [0] / 0x43df8b99 } CFG; Output of phase 2 IV hash[16] = 0x11328c79 f4429be2 747881d4 3a2e45a6 [Oct 14 10:45:14][LOCAL_IP <-> REMOTE_IP] ike_decode_packet: Start [Oct 14 10:45:14][LOCAL_IP <-> REMOTE_IP] ike_decode_packet: Start, SA = { 4d35f814 cace301c - 5d427042 c5095851} / 43df8b99, nego = 0 [Oct 14 10:45:14][LOCAL_IP <-> REMOTE_IP] ike_decode_packet: Decrypting packet [Oct 14 10:45:14][LOCAL_IP <-> REMOTE_IP] ike_decode_payload_attr: Start [Oct 14 10:45:14][LOCAL_IP <-> REMOTE_IP] :500 (Responder) <-> REMOTE_IP:500 { 4d35f814 cace301c - 5d427042 c5095851 [0] / 0x43df8b99 } CFG; Version = 1.0, Input packet fields = 0820 HASH ATTR [Oct 14 10:45:14][LOCAL_IP <-> REMOTE_IP] ike_state_step: Current state = Start CFG R (26)/-1, exchange = 6, auth_method = any, Responder [Oct 14 10:45:14][LOCAL_IP <-> REMOTE_IP] ike_st_i_encrypt: Check that packet was encrypted succeeded [Oct 14 10:45:14][LOCAL_IP <-> REMOTE_IP] ike_st_i_gen_hash: Start, hash[0..20] = c5e0537d 964b5f98 ... [Oct 14 10:45:14][LOCAL_IP <-> REMOTE_IP] ike_st_i_cfg_attr: Start [Oct 14 10:45:14][LOCAL_IP <-> REMOTE_IP] ike_process_packet: No output packet, returning [Oct 14 10:45:14][LOCAL_IP <-> REMOTE_IP] ike_cfg_attrs_reply: Start [Oct 14 10:45:14][LOCAL_IP <-> REMOTE_IP] ikev2_fallback_negotiation_free: Fallback negotiation dfc800 has still 2 references [Oct 14 10:45:14][LOCAL_IP <-> REMOTE_IP] ikev2_fallback_negotiation_free: Fallback negotiation dfc800 has still 1 references [Oct 14 10:45:14][LOCAL_IP <-> REMOTE_IP] ikev2_fallback_negotiation_free: Freeing fallback negotiation dfc800 [Oct 14 10:45:14][LOCAL_IP <-> REMOTE_IP] ike_sa_find: Found SA = { 4d35f814 cace301c - 5d427042 c5095851 } [Oct 14 10:45:14][LOCAL_IP <-> REMOTE_IP] ikev2_packet_v1_start: Passing IKE v1.0 packet to IKEv1 library [Oct 14 10:45:14][LOCAL_IP <-> REMOTE_IP] ike_get_sa: Start, SA = { 4d35f814 cace301c - 5d427042 c5095851 } / bacc0e3e, remote = REMOTE_IP:500 [Oct 14 10:45:14][LOCAL_IP <-> REMOTE_IP] ike_sa_find: Found SA = { 4d35f814 cace301c - 5d427042 c5095851 } [Oct 14 10:45:14][LOCAL_IP <-> REMOTE_IP] ike_alloc_negotiation: Start, SA = { 4d35f814 cace301c - 5d427042 c5095851} [Oct 14 10:45:14][LOCAL_IP <-> REMOTE_IP] ike_alloc_negotiation: Found slot 1, max 2 [Oct 14 10:45:14][LOCAL_IP <-> REMOTE_IP] :500 (Responder) <-> REMOTE_IP:500 { 4d35f814 cace301c - 5d427042 c5095851 [1] / 0xbacc0e3e } Info; New informational negotiation [Oct 14 10:45:14][LOCAL_IP <-> REMOTE_IP] :500 (Responder) <-> REMOTE_IP:500 { 4d35f814 cace301c - 5d427042 c5095851 [1] / 0xbacc0e3e } Info; Packet to old negotiation [Oct 14 10:45:14][LOCAL_IP <-> REMOTE_IP] :500 (Responder) <-> REMOTE_IP:500 { 4d35f814 cace301c - 5d427042 c5095851 [1] / 0xbacc0e3e } Info; Output of phase 2 IV hash[16] = 0x345ac009 39884d72 94d0fcdd 50ab1775 [Oct 14 10:45:14][LOCAL_IP <-> REMOTE_IP] ike_decode_packet: Start [Oct 14 10:45:14][LOCAL_IP <-> REMOTE_IP] ike_decode_packet: Start, SA = { 4d35f814 cace301c - 5d427042 c5095851} / bacc0e3e, nego = 1 [Oct 14 10:45:14][LOCAL_IP <-> REMOTE_IP] ike_decode_packet: Decrypting packet [Oct 14 10:45:14][LOCAL_IP <-> REMOTE_IP] :500 (Responder) <-> REMOTE_IP:500 { 4d35f814 cace301c - 5d427042 c5095851 [1] / 0xbacc0e3e } Info; Version = 1.0, Input packet fields = 0220 HASH N [Oct 14 10:45:14][LOCAL_IP <-> REMOTE_IP] ike_state_step: Current state = Done (30)/-1, exchange = 5, auth_method = any, Responder [Oct 14 10:45:14][LOCAL_IP <-> REMOTE_IP] ike_st_i_encrypt: Check that packet was encrypted succeeded [Oct 14 10:45:14][LOCAL_IP <-> REMOTE_IP] ike_st_i_gen_hash: Start, hash[0..20] = 0b35b83b d3ae477a ... [Oct 14 10:45:14][LOCAL_IP <-> REMOTE_IP] ike_st_i_n: Start, doi = 1, protocol = 1, code = Payload malformed (16), spi[0..0] = 00000000 00000000 ..., data[0..0] = 00000000 00000000 ... [Oct 14 10:45:14][LOCAL_IP <-> REMOTE_IP] :500 (Responder) <-> REMOTE_IP:500 { 4d35f814 cace301c - 5d427042 c5095851 [1] / 0xbacc0e3e } Info; Received notify err = Payload malformed (16) to isakmp sa, delete it [Oct 14 10:45:14][LOCAL_IP <-> REMOTE_IP] ike_st_i_private: Start [Oct 14 10:45:14][LOCAL_IP <-> REMOTE_IP] ike_state_step: All done, new state = Done (30) [Oct 14 10:45:14][LOCAL_IP <-> REMOTE_IP] ike_process_packet: Connected, sending notify [Oct 14 10:45:14][LOCAL_IP <-> REMOTE_IP] ike_send_notify: Connected, SA = { 4d35f814 cace301c - 5d427042 c5095851}, nego = 1 [Oct 14 10:45:14][LOCAL_IP <-> REMOTE_IP] :500 (Responder) <-> REMOTE_IP:500 { 4d35f814 cace301c - 5d427042 c5095851 [1] / 0xbacc0e3e } Info; Connected [Oct 14 10:45:14][LOCAL_IP <-> REMOTE_IP] ike_delete_negotiation: Start, SA = { 4d35f814 cace301c - 5d427042 c5095851}, nego = 1 [Oct 14 10:45:14][LOCAL_IP <-> REMOTE_IP] :500 (Responder) <-> REMOTE_IP:500 { 4d35f814 cace301c - 5d427042 c5095851 [1] / 0xbacc0e3e } Info; Deleting negotiation [Oct 14 10:45:14][LOCAL_IP <-> REMOTE_IP] ike_free_negotiation_info: Start, nego = 1 [Oct 14 10:45:14][LOCAL_IP <-> REMOTE_IP] ike_free_negotiation: Start, nego = 1 [Oct 14 10:45:14][LOCAL_IP <-> REMOTE_IP] ike_remove_callback: Start, delete SA = { 4d35f814 cace301c - 5d427042 c5095851}, nego = -1 [Oct 14 10:45:14][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { 4d35f814 cace301c - 5d427042 c5095851 [-1] / unknown } IP; Removing negotiation [Oct 14 10:45:14][LOCAL_IP <-> REMOTE_IP] ike_delete_negotiation: Start, SA = { 4d35f814 cace301c - 5d427042 c5095851}, nego = -1 [Oct 14 10:45:14][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { 4d35f814 cace301c - 5d427042 c5095851 [-1] / unknown } IP; Deleting negotiation [Oct 14 10:45:14][LOCAL_IP <-> REMOTE_IP] ssh_ike_tunnel_table_entry_delete: Deleting tunnel_id: 0 from IKE tunnel table [Oct 14 10:45:14][LOCAL_IP <-> REMOTE_IP] ssh_ike_tunnel_table_entry_delete: The tunnel id: 0 doesn't exist in IKE tunnel table [Oct 14 10:45:14][LOCAL_IP <-> REMOTE_IP] ike_sa_delete: Start, SA = { 4d35f814 cace301c - 5d427042 c5095851 } [Oct 14 10:45:14][LOCAL_IP <-> REMOTE_IP] ike_free_negotiation_cfg: Start, nego = 0 [Oct 14 10:45:14][LOCAL_IP <-> REMOTE_IP] ike_free_negotiation: Start, nego = 0 [Oct 14 10:45:14][LOCAL_IP <-> REMOTE_IP] ike_free_negotiation_isakmp: Start, nego = -1 [Oct 14 10:45:14][LOCAL_IP <-> REMOTE_IP] ike_free_negotiation: Start, nego = -1 [Oct 14 10:45:14][LOCAL_IP <-> REMOTE_IP] ikev2_fb_isakmp_sa_freed: Received notification from the ISAKMP library that the IKE SA df6400 is freed [Oct 14 10:45:14][LOCAL_IP <-> REMOTE_IP] IKE SA delete called for p1 sa 2593425 (ref cnt 1) local:LOCAL_IP, remote:REMOTE_IP, IKEv1 [Oct 14 10:45:14][LOCAL_IP <-> REMOTE_IP] P1 SA 2593425 stop timer. timer duration 30, reason 0. [Oct 14 10:45:14][LOCAL_IP <-> REMOTE_IP] iked_pm_p1_sa_destroy: p1 sa 2593425 (ref cnt 0), waiting_for_del 0x0 [Oct 14 10:45:14][LOCAL_IP <-> REMOTE_IP] iked_peer_remove_p1sa_entry: Remove p1 sa 2593425 from peer entry 0x9cc400 [Oct 14 10:45:14][LOCAL_IP <-> REMOTE_IP] ike_free_id_payload: Start, id type = 1 [Oct 14 10:45:14][LOCAL_IP <-> REMOTE_IP] ike_free_id_payload: Start, id type = 1 [Oct 14 10:45:14][LOCAL_IP <-> REMOTE_IP] ike_free_sa: Start [Oct 14 10:45:18][LOCAL_IP <-> REMOTE_IP] ike_sa_find: Not found SA = { 4d35f814 cace301c - 5d427042 c5095851 } [Oct 14 10:45:18][LOCAL_IP <-> REMOTE_IP] ikev2_packet_v1_start: Passing IKE v1.0 packet to IKEv1 library [Oct 14 10:45:18][LOCAL_IP <-> REMOTE_IP] ike_get_sa: Start, SA = { 4d35f814 cace301c - 5d427042 c5095851 } / 43df8b99, remote = REMOTE_IP:500 [Oct 14 10:45:18][LOCAL_IP <-> REMOTE_IP] ike_sa_find: Not found SA = { 4d35f814 cace301c - 5d427042 c5095851 } [Oct 14 10:45:18][LOCAL_IP <-> REMOTE_IP] ike_sa_find_half: Not found half SA = { 4d35f814 cace301c - 00000000 00000000 } [Oct 14 10:45:18][LOCAL_IP <-> REMOTE_IP] ike_get_sa: Invalid cookie, no sa found, SA = { 4d35f814 cace301c - 5d427042 c5095851 } / 43df8b99, remote = REMOTE_IP:500 [Oct 14 10:45:18][LOCAL_IP <-> REMOTE_IP] iked_pv_audit_callback: Empty SSH audit event [Oct 14 10:45:18][LOCAL_IP <-> REMOTE_IP] unknown (unknown) <-> unknown { unknown [unknown] / unknown } unknown; Packet to unknown Isakmp SA, ip = REMOTE_IP:500 [Oct 14 10:45:23][LOCAL_IP <-> REMOTE_IP] Received DPD Trigger message with local_gw_addr = LOCAL_IP remote_gw_addr = REMOTE_IP [Oct 14 10:45:23][LOCAL_IP <-> REMOTE_IP] DPD -> TTL decrement 4 (no-response) for remote peer REMOTE_IP [Oct 14 10:45:23][LOCAL_IP <-> REMOTE_IP] P1 SA 2593426 start timer. timer duration 30, reason 1. [Oct 14 10:45:23][LOCAL_IP <-> REMOTE_IP] iked_peer_insert_p1sa_entry: Insert p1 sa 2593426 in peer entry 0x9cc400 [Oct 14 10:45:23][LOCAL_IP <-> REMOTE_IP] ikev2_fallback_negotiation_alloc: Allocated fallback negotiation dfc800 [Oct 14 10:45:23][LOCAL_IP <-> REMOTE_IP] Parsing notification payload for local:LOCAL_IP, remote:REMOTE_IP IKEv1 [Oct 14 10:45:23][LOCAL_IP <-> REMOTE_IP] IKE SA fill called for negotiation of local:LOCAL_IP, remote:REMOTE_IP IKEv1 [Oct 14 10:45:23][LOCAL_IP <-> REMOTE_IP] ikev2_fallback_negotiation_free: Fallback negotiation dfc800 has still 1 references [Oct 14 10:45:23][LOCAL_IP <-> REMOTE_IP] ssh_ike_connect: Start, remote_name = REMOTE_IP:500, xchg = 2, flags = 00080000 [Oct 14 10:45:23][LOCAL_IP <-> REMOTE_IP] ike_sa_allocate: Start, SA = { 5419db45 2cf43b00 - 00000000 00000000 } [Oct 14 10:45:23][LOCAL_IP <-> REMOTE_IP] ike_init_isakmp_sa: Start, remote = REMOTE_IP:500, initiator = 1 [Oct 14 10:45:23][LOCAL_IP <-> REMOTE_IP] ssh_ike_connect: SA = { 5419db45 2cf43b00 - 00000000 00000000}, nego = -1 [Oct 14 10:45:23][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { 5419db45 2cf43b00 - 00000000 00000000 [-1] / 0x00000000 } IP; Start isakmp sa negotiation [Oct 14 10:45:23][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { 5419db45 2cf43b00 - 00000000 00000000 [-1] / 0x00000000 } IP; Version = 1.0, Input packet fields = 0000 [Oct 14 10:45:23][LOCAL_IP <-> REMOTE_IP] ike_state_step: Current state = Start sa negotiation I (1)/-1, exchange = 2, auth_method = pre shared key, Initiator [Oct 14 10:45:23][LOCAL_IP <-> REMOTE_IP] ike_st_o_sa_proposal: Start [Oct 14 10:45:23][LOCAL_IP <-> REMOTE_IP] ike_policy_reply_isakmp_vendor_ids: Start [Oct 14 10:45:23][LOCAL_IP <-> REMOTE_IP] ike_st_o_private: Start [Oct 14 10:45:23][LOCAL_IP <-> REMOTE_IP] ike_policy_reply_private_payload_out: Start [Oct 14 10:45:23][LOCAL_IP <-> REMOTE_IP] ike_state_step: All done, new state = MM SA I (3) [Oct 14 10:45:23][LOCAL_IP <-> REMOTE_IP] ike_encode_packet: Start, SA = { 0x5419db45 2cf43b00 - 00000000 00000000 } / 00000000, nego = -1 [Oct 14 10:45:23][LOCAL_IP <-> REMOTE_IP] ike_encode_packet: Final length = 288 [Oct 14 10:45:23][LOCAL_IP <-> REMOTE_IP] ike_send_packet: Start, send SA = { 5419db45 2cf43b00 - 00000000 00000000}, nego = -1, dst = REMOTE_IP:500, routing table id = 0 [Oct 14 10:45:24][LOCAL_IP <-> REMOTE_IP] ike_sa_find: Not found SA = { 5419db45 2cf43b00 - fc7eee5b 1f9e2e7f } [Oct 14 10:45:24][LOCAL_IP <-> REMOTE_IP] ikev2_packet_v1_start: Passing IKE v1.0 packet to IKEv1 library [Oct 14 10:45:24][LOCAL_IP <-> REMOTE_IP] ike_get_sa: Start, SA = { 5419db45 2cf43b00 - fc7eee5b 1f9e2e7f } / 00000000, remote = REMOTE_IP:500 [Oct 14 10:45:24][LOCAL_IP <-> REMOTE_IP] ike_sa_find: Not found SA = { 5419db45 2cf43b00 - fc7eee5b 1f9e2e7f } [Oct 14 10:45:24][LOCAL_IP <-> REMOTE_IP] ike_sa_find_half: Found half SA = { 5419db45 2cf43b00 - 00000000 00000000 } [Oct 14 10:45:24][LOCAL_IP <-> REMOTE_IP] ike_get_sa: We are intiator, first response packet [Oct 14 10:45:24][LOCAL_IP <-> REMOTE_IP] ike_sa_upgrade: Start, SA = { 5419db45 2cf43b00 - 00000000 00000000 } -> { ... - fc7eee5b 1f9e2e7f } [Oct 14 10:45:24][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { 5419db45 2cf43b00 - fc7eee5b 1f9e2e7f [-1] / 0x00000000 } IP; Packet to old negotiation [Oct 14 10:45:24][LOCAL_IP <-> REMOTE_IP] ike_decode_packet: Start [Oct 14 10:45:24][LOCAL_IP <-> REMOTE_IP] ike_decode_packet: Start, SA = { 5419db45 2cf43b00 - fc7eee5b 1f9e2e7f} / 00000000, nego = -1 [Oct 14 10:45:24][LOCAL_IP <-> REMOTE_IP] ike_decode_payload_sa: Start [Oct 14 10:45:24][LOCAL_IP <-> REMOTE_IP] ike_decode_payload_sa: Found 1 proposals [Oct 14 10:45:24][LOCAL_IP <-> REMOTE_IP] ike_decode_payload_t: Start, # trans = 1 [Oct 14 10:45:24][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { 5419db45 2cf43b00 - fc7eee5b 1f9e2e7f [-1] / 0x00000000 } IP; Version = 1.0, Input packet fields = 0401 SA VID [Oct 14 10:45:24][LOCAL_IP <-> REMOTE_IP] ike_state_step: Current state = MM SA I (3)/-1, exchange = 2, auth_method = pre shared key, Initiator [Oct 14 10:45:24][LOCAL_IP <-> REMOTE_IP] ike_st_i_sa_value: Start [Oct 14 10:45:24][LOCAL_IP <-> REMOTE_IP] ike_st_i_cr: Start [Oct 14 10:45:24][LOCAL_IP <-> REMOTE_IP] ike_st_i_cert: Start [Oct 14 10:45:24][LOCAL_IP <-> REMOTE_IP] ike_st_i_vid: VID[0..8] = 09002689 dfd6b712 ... [Oct 14 10:45:24][LOCAL_IP <-> REMOTE_IP] ike_st_i_vid: VID[0..16] = afcad713 68a1f1c9 ... [Oct 14 10:45:24][LOCAL_IP <-> REMOTE_IP] ike_st_i_vid: VID[0..16] = 12f5f28c 457168a9 ... [Oct 14 10:45:24][LOCAL_IP <-> REMOTE_IP] ike_st_i_vid: VID[0..16] = 4a131c81 07035845 ... [Oct 14 10:45:24][LOCAL_IP <-> REMOTE_IP] ike_st_i_private: Start [Oct 14 10:45:24][LOCAL_IP <-> REMOTE_IP] ike_st_o_ke: Start [Oct 14 10:45:24][LOCAL_IP <-> REMOTE_IP] iked_dh_get_group: DH Group 2 [Oct 14 10:45:24][LOCAL_IP <-> REMOTE_IP] iked_dh_generate_sync: Requested DH group 2 [Oct 14 10:45:24][LOCAL_IP <-> REMOTE_IP] iked_dh_generate_sync: Generated DH keys using hardware for DH group 2 [Oct 14 10:45:24][LOCAL_IP <-> REMOTE_IP] juniper_dlp_diffie_hellman_generate_async: DH Generate Secs [0] USecs [5942] [Oct 14 10:45:24][LOCAL_IP <-> REMOTE_IP] juniper_dlp_diffie_hellman_generate_async: Generated DH using hardware [Oct 14 10:45:24][LOCAL_IP <-> REMOTE_IP] ike_st_o_nonce: Start [Oct 14 10:45:24][LOCAL_IP <-> REMOTE_IP] ike_policy_reply_isakmp_nonce_data_len: Start [Oct 14 10:45:24][LOCAL_IP <-> REMOTE_IP] ike_st_o_private: Start [Oct 14 10:45:24][LOCAL_IP <-> REMOTE_IP] ike_policy_reply_private_payload_out: Start [Oct 14 10:45:24][LOCAL_IP <-> REMOTE_IP] ike_policy_reply_private_payload_out: Start [Oct 14 10:45:24][LOCAL_IP <-> REMOTE_IP] ike_policy_reply_private_payload_out: Start [Oct 14 10:45:24][LOCAL_IP <-> REMOTE_IP] ike_state_step: All done, new state = MM KE I (5) [Oct 14 10:45:24][LOCAL_IP <-> REMOTE_IP] ike_encode_packet: Start, SA = { 0x5419db45 2cf43b00 - fc7eee5b 1f9e2e7f } / 00000000, nego = -1 [Oct 14 10:45:24][LOCAL_IP <-> REMOTE_IP] ike_encode_packet: Final length = 228 [Oct 14 10:45:24][LOCAL_IP <-> REMOTE_IP] ike_send_packet: Start, send SA = { 5419db45 2cf43b00 - fc7eee5b 1f9e2e7f}, nego = -1, dst = REMOTE_IP:500, routing table id = 0 [Oct 14 10:45:24][LOCAL_IP <-> REMOTE_IP] ike_sa_find: Found SA = { 5419db45 2cf43b00 - fc7eee5b 1f9e2e7f } [Oct 14 10:45:24][LOCAL_IP <-> REMOTE_IP] ikev2_packet_v1_start: Passing IKE v1.0 packet to IKEv1 library [Oct 14 10:45:24][LOCAL_IP <-> REMOTE_IP] ike_get_sa: Start, SA = { 5419db45 2cf43b00 - fc7eee5b 1f9e2e7f } / 00000000, remote = REMOTE_IP:500 [Oct 14 10:45:24][LOCAL_IP <-> REMOTE_IP] ike_sa_find: Found SA = { 5419db45 2cf43b00 - fc7eee5b 1f9e2e7f } [Oct 14 10:45:24][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { 5419db45 2cf43b00 - fc7eee5b 1f9e2e7f [-1] / 0x00000000 } IP; Packet to old negotiation [Oct 14 10:45:24][LOCAL_IP <-> REMOTE_IP] ike_decode_packet: Start [Oct 14 10:45:24][LOCAL_IP <-> REMOTE_IP] ike_decode_packet: Start, SA = { 5419db45 2cf43b00 - fc7eee5b 1f9e2e7f} / 00000000, nego = -1 [Oct 14 10:45:24][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { 5419db45 2cf43b00 - fc7eee5b 1f9e2e7f [-1] / 0x00000000 } IP; Version = 1.0, Input packet fields = 0012 KE NONCE [Oct 14 10:45:24][LOCAL_IP <-> REMOTE_IP] ike_state_step: Current state = MM KE I (5)/-1, exchange = 2, auth_method = pre shared key, Initiator [Oct 14 10:45:24][LOCAL_IP <-> REMOTE_IP] ike_st_i_nonce: Start, nonce[0..32] = f9c5e1a8 0db9aa21 ... [Oct 14 10:45:24][LOCAL_IP <-> REMOTE_IP] ike_st_i_ke: Ke[0..128] = df4c006a 1a2d3ede ... [Oct 14 10:45:24][LOCAL_IP <-> REMOTE_IP] ike_st_i_cr: Start [Oct 14 10:45:24][LOCAL_IP <-> REMOTE_IP] ike_st_i_cert: Start [Oct 14 10:45:24][LOCAL_IP <-> REMOTE_IP] ike_st_i_private: Start [Oct 14 10:45:24][LOCAL_IP <-> REMOTE_IP] ike_st_o_id: Start [Oct 14 10:45:24][LOCAL_IP <-> REMOTE_IP] ike_st_o_hash: Start [Oct 14 10:45:24][LOCAL_IP <-> REMOTE_IP] iked_dh_get_group: DH Group 2 [Oct 14 10:45:24][LOCAL_IP <-> REMOTE_IP] iked_dh_compute_synch: Requested DH group 2 [Oct 14 10:45:24][LOCAL_IP <-> REMOTE_IP] juniper_dlp_diffie_hellman_final_async: DH Compute Secs [0] USecs [5051] [Oct 14 10:45:24][LOCAL_IP <-> REMOTE_IP] juniper_dlp_diffie_hellman_final_async: Computed DH using hardware [Oct 14 10:45:24][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { 5419db45 2cf43b00 - fc7eee5b 1f9e2e7f [-1] / 0x00000000 } IP; Diffie-hellman secret g^xy[128] = 0xf34da7d3 e5ea5e34 87ee0322 6709b799 f3 [Oct 14 10:45:24][LOCAL_IP <-> REMOTE_IP] ike_find_pre_shared_key: Find pre shared key key for LOCAL_IP:500, id = ipv4(any:0,[0..3]=LOCAL_IP) -> REMOTE_IP:500, id = No Id [Oct 14 10:45:24][LOCAL_IP <-> REMOTE_IP] ike_policy_reply_find_pre_shared_key: Start [Oct 14 10:45:24][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { 5419db45 2cf43b00 - fc7eee5b 1f9e2e7f [-1] / 0x00000000 } IP; Hash algorithm = hmac-sha1 [Oct 14 10:45:24][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { 5419db45 2cf43b00 - fc7eee5b 1f9e2e7f [-1] / 0x00000000 } IP; Prf key[11] = 0x32303135 4d696172 657465 [Oct 14 10:45:24][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { 5419db45 2cf43b00 - fc7eee5b 1f9e2e7f [-1] / 0x00000000 } IP; Calculating SKEYID [Oct 14 10:45:24][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { 5419db45 2cf43b00 - fc7eee5b 1f9e2e7f [-1] / 0x00000000 } IP; Output of SKEYID hash[20] = 0xb0630f13 1a711c81 738c2986 25496752 669f8a57 [Oct 14 10:45:24][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { 5419db45 2cf43b00 - fc7eee5b 1f9e2e7f [-1] / 0x00000000 } IP; Output of SKEYID_d hash[20] = 0x1f6a8503 3ebb2e91 1a6e0e4f b1557815 8a4334 [Oct 14 10:45:24][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { 5419db45 2cf43b00 - fc7eee5b 1f9e2e7f [-1] / 0x00000000 } IP; Output of SKEYID_a hash[20] = 0x931a1aca 913bac86 fa3b0cd6 09d5b4d9 c1a0c2 [Oct 14 10:45:24][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { 5419db45 2cf43b00 - fc7eee5b 1f9e2e7f [-1] / 0x00000000 } IP; Output SKEYID_e hash[20] = 0xcb751078 cc4fa487 0cb9cb04 2031208f 327febbc [Oct 14 10:45:24][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { 5419db45 2cf43b00 - fc7eee5b 1f9e2e7f [-1] / 0x00000000 } IP; Final encryption key[16] = 0xcb751078 cc4fa487 0cb9cb04 2031208f [Oct 14 10:45:24][LOCAL_IP <-> REMOTE_IP] ike_calc_mac: Start, initiator = true, local = true [Oct 14 10:45:24][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { 5419db45 2cf43b00 - fc7eee5b 1f9e2e7f [-1] / 0x00000000 } IP; Output of HASH_I hash[20] = 0xf2e27137 86943ff2 7f7f547d a4016420 6cfa777e [Oct 14 10:45:24][LOCAL_IP <-> REMOTE_IP] ike_st_o_status_n: Start [Oct 14 10:45:24][LOCAL_IP <-> REMOTE_IP] ike_st_o_private: Start [Oct 14 10:45:24][LOCAL_IP <-> REMOTE_IP] ike_policy_reply_private_payload_out: Start [Oct 14 10:45:24][LOCAL_IP <-> REMOTE_IP] ike_st_o_encrypt: Marking encryption for packet [Oct 14 10:45:24][LOCAL_IP <-> REMOTE_IP] ike_state_step: All done, new state = MM final I (7) [Oct 14 10:45:24][LOCAL_IP <-> REMOTE_IP] ike_encode_packet: Start, SA = { 0x5419db45 2cf43b00 - fc7eee5b 1f9e2e7f } / 00000000, nego = -1 [Oct 14 10:45:24][LOCAL_IP <-> REMOTE_IP] ike_encode_packet: Encrypting packet [Oct 14 10:45:24][LOCAL_IP <-> REMOTE_IP] ike_encode_packet: Final length = 76 [Oct 14 10:45:24][LOCAL_IP <-> REMOTE_IP] ike_send_packet: Start, send SA = { 5419db45 2cf43b00 - fc7eee5b 1f9e2e7f}, nego = -1, dst = REMOTE_IP:500, routing table id = 0 [Oct 14 10:45:24][LOCAL_IP <-> REMOTE_IP] ike_sa_find: Found SA = { 5419db45 2cf43b00 - fc7eee5b 1f9e2e7f } [Oct 14 10:45:24][LOCAL_IP <-> REMOTE_IP] ikev2_packet_v1_start: Passing IKE v1.0 packet to IKEv1 library [Oct 14 10:45:24][LOCAL_IP <-> REMOTE_IP] ike_get_sa: Start, SA = { 5419db45 2cf43b00 - fc7eee5b 1f9e2e7f } / 00000000, remote = REMOTE_IP:500 [Oct 14 10:45:24][LOCAL_IP <-> REMOTE_IP] ike_sa_find: Found SA = { 5419db45 2cf43b00 - fc7eee5b 1f9e2e7f } [Oct 14 10:45:24][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { 5419db45 2cf43b00 - fc7eee5b 1f9e2e7f [-1] / 0x00000000 } IP; Packet to old negotiation [Oct 14 10:45:24][LOCAL_IP <-> REMOTE_IP] ike_decode_packet: Start [Oct 14 10:45:24][LOCAL_IP <-> REMOTE_IP] ike_decode_packet: Start, SA = { 5419db45 2cf43b00 - fc7eee5b 1f9e2e7f} / 00000000, nego = -1 [Oct 14 10:45:24][LOCAL_IP <-> REMOTE_IP] ike_decode_packet: Decrypting packet [Oct 14 10:45:24][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { 5419db45 2cf43b00 - fc7eee5b 1f9e2e7f [-1] / 0x00000000 } IP; Version = 1.0, Input packet fields = 0024 ID HASH [Oct 14 10:45:24][LOCAL_IP <-> REMOTE_IP] ike_state_step: Current state = MM final I (7)/-1, exchange = 2, auth_method = pre shared key, Initiator [Oct 14 10:45:24][LOCAL_IP <-> REMOTE_IP] ike_st_i_encrypt: Check that packet was encrypted succeeded [Oct 14 10:45:24][LOCAL_IP <-> REMOTE_IP] ike_st_i_id: Start [Oct 14 10:45:24][LOCAL_IP <-> REMOTE_IP] ike_st_i_hash: Start, hash[0..20] = 474c85cd 4626451b ... [Oct 14 10:45:24][LOCAL_IP <-> REMOTE_IP] ike_calc_mac: Start, initiator = true, local = false [Oct 14 10:45:24][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { 5419db45 2cf43b00 - fc7eee5b 1f9e2e7f [-1] / 0x00000000 } IP; Output of HASH_R hash[20] = 0x474c85cd 4626451b b486e86a 14595b1c ed70a767 [Oct 14 10:45:24][LOCAL_IP <-> REMOTE_IP] ike_st_i_cert: Start [Oct 14 10:45:24][LOCAL_IP <-> REMOTE_IP] ike_st_i_private: Start [Oct 14 10:45:24][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { 5419db45 2cf43b00 - fc7eee5b 1f9e2e7f [-1] / 0x00000000 } IP; dec->enc iv[16] = 0xb5ffd4f0 5cbd3863 decc8c7d f9abbd0a [Oct 14 10:45:24][LOCAL_IP <-> REMOTE_IP] ike_st_o_wait_done: Marking for waiting for done [Oct 14 10:45:24][LOCAL_IP <-> REMOTE_IP] ike_st_o_all_done: MESSAGE: Phase 1 { 0x5419db45 2cf43b00 - 0xfc7eee5b 1f9e2e7f } / 00000000, version = 1.0, xchg = Identity protect, auth_method = Pre shared keys, Initiator, cipher = aes- [Oct 14 10:45:24][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { 5419db45 2cf43b00 - fc7eee5b 1f9e2e7f [-1] / 0x00000000 } IP; MESSAGE: Phase 1 version = 1.0, auth_method = Pre shared keys, cipher = ae [Oct 14 10:45:24][LOCAL_IP <-> REMOTE_IP] ike_state_step: All done, new state = MM done I (9) [Oct 14 10:45:24][LOCAL_IP <-> REMOTE_IP] ikev2_fallback_negotiation_free: Fallback negotiation dfc800 has still 1 references [Oct 14 10:45:24][LOCAL_IP <-> REMOTE_IP] ike_send_notify: Connected, SA = { 5419db45 2cf43b00 - fc7eee5b 1f9e2e7f}, nego = -1 [Oct 14 10:45:24][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { 5419db45 2cf43b00 - fc7eee5b 1f9e2e7f [-1] / 0x00000000 } IP; Connected [Oct 14 10:45:24][LOCAL_IP <-> REMOTE_IP] ike_process_packet: No output packet, returning [Oct 14 10:45:24][LOCAL_IP <-> REMOTE_IP] iked_pm_ike_sa_done: local:LOCAL_IP, remote:REMOTE_IP IKEv1 [Oct 14 10:45:24][LOCAL_IP <-> REMOTE_IP] IKE negotiation done for local:LOCAL_IP, remote:REMOTE_IP IKEv1 with status: Error ok [Oct 14 10:45:24][LOCAL_IP <-> REMOTE_IP] Parsing notification payload for local:LOCAL_IP, remote:REMOTE_IP IKEv1 [Oct 14 10:45:24][LOCAL_IP <-> REMOTE_IP] P1 SA 2593426 stop timer. timer duration 30, reason 1. [Oct 14 10:45:24][LOCAL_IP <-> REMOTE_IP] ssh_ike_connect_notify: Start, remote_name = :500, flags = 00010000 [Oct 14 10:45:24][LOCAL_IP <-> REMOTE_IP] ike_sa_find_ip_port: Remote = all:500, Found SA = { 5419db45 2cf43b00 - fc7eee5b 1f9e2e7f} [Oct 14 10:45:24][LOCAL_IP <-> REMOTE_IP] ike_alloc_negotiation: Start, SA = { 5419db45 2cf43b00 - fc7eee5b 1f9e2e7f} [Oct 14 10:45:24][LOCAL_IP <-> REMOTE_IP] ike_alloc_negotiation: Found slot 0, max 1 [Oct 14 10:45:24][LOCAL_IP <-> REMOTE_IP] :500 (Initiator) <-> REMOTE_IP:500 { 5419db45 2cf43b00 - fc7eee5b 1f9e2e7f [0] / 0x35a8d966 } Info; Output of phase 2 IV hash[16] = 0xd8172a71 f1edae42 82d8093b 233dda17 [Oct 14 10:45:24][LOCAL_IP <-> REMOTE_IP] ike_init_info_exchange: Created random message id = 35a8d966 [Oct 14 10:45:24][LOCAL_IP <-> REMOTE_IP] ike_init_info_exchange: Phase 1 done, use HASH and N or D payload [Oct 14 10:45:24][LOCAL_IP <-> REMOTE_IP] ssh_ike_connect_notify: SA = { 5419db45 2cf43b00 - fc7eee5b 1f9e2e7f}, nego = 0 [Oct 14 10:45:24][LOCAL_IP <-> REMOTE_IP] :500 (Initiator) <-> REMOTE_IP:500 { 5419db45 2cf43b00 - fc7eee5b 1f9e2e7f [0] / 0x35a8d966 } Info; Start notify negotiation [Oct 14 10:45:24][LOCAL_IP <-> REMOTE_IP] ike_encode_packet: Start, SA = { 0x5419db45 2cf43b00 - fc7eee5b 1f9e2e7f } / 35a8d966, nego = 0 [Oct 14 10:45:24][LOCAL_IP <-> REMOTE_IP] ike_encode_packet: Encrypting packet [Oct 14 10:45:24][LOCAL_IP <-> REMOTE_IP] ike_encode_packet: Final length = 92 [Oct 14 10:45:24][LOCAL_IP <-> REMOTE_IP] ssh_ike_connect_notify: Sending notification to (null):500 [Oct 14 10:45:24][LOCAL_IP <-> REMOTE_IP] ike_send_packet: Start, send SA = { 5419db45 2cf43b00 - fc7eee5b 1f9e2e7f}, nego = 0, dst = REMOTE_IP:500, routing table id = 0 [Oct 14 10:45:24][LOCAL_IP <-> REMOTE_IP] ike_delete_negotiation: Start, SA = { 5419db45 2cf43b00 - fc7eee5b 1f9e2e7f}, nego = 0 [Oct 14 10:45:24][LOCAL_IP <-> REMOTE_IP] :500 (Initiator) <-> REMOTE_IP:500 { 5419db45 2cf43b00 - fc7eee5b 1f9e2e7f [0] / 0x35a8d966 } Info; Deleting negotiation [Oct 14 10:45:24][LOCAL_IP <-> REMOTE_IP] ike_free_negotiation_info: Start, nego = 0 [Oct 14 10:45:24][LOCAL_IP <-> REMOTE_IP] ike_free_negotiation: Start, nego = 0 [Oct 14 10:45:24][LOCAL_IP <-> REMOTE_IP] iked_pm_ike_info_done_callback: P1 SA 2593426 (ref 2). pending req? 0, status: Error ok [Oct 14 10:45:24][LOCAL_IP <-> REMOTE_IP] ikev2_fallback_negotiation_free: Freeing fallback negotiation dfc800 [Oct 14 10:45:24][LOCAL_IP <-> REMOTE_IP] ike_sa_find: Found SA = { 5419db45 2cf43b00 - fc7eee5b 1f9e2e7f } [Oct 14 10:45:24][LOCAL_IP <-> REMOTE_IP] ikev2_packet_v1_start: Passing IKE v1.0 packet to IKEv1 library [Oct 14 10:45:24][LOCAL_IP <-> REMOTE_IP] ike_get_sa: Start, SA = { 5419db45 2cf43b00 - fc7eee5b 1f9e2e7f } / a43ceb7a, remote = REMOTE_IP:500 [Oct 14 10:45:24][LOCAL_IP <-> REMOTE_IP] ike_sa_find: Found SA = { 5419db45 2cf43b00 - fc7eee5b 1f9e2e7f } [Oct 14 10:45:24][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { 5419db45 2cf43b00 - fc7eee5b 1f9e2e7f [-1] / 0x00000000 } IP; Version = 1.0, Input packet fields = 0024 ID HASH [Oct 14 10:45:24][LOCAL_IP <-> REMOTE_IP] ike_state_step: Current state = MM done I (9)/-1, exchange = 2, auth_method = pre shared key, Initiator [Oct 14 10:45:24][LOCAL_IP <-> REMOTE_IP] ike_st_o_done: ISAKMP SA negotiation done [Oct 14 10:45:24][LOCAL_IP <-> REMOTE_IP] ike_state_step: All done, new state = Done (30) [Oct 14 10:45:24][LOCAL_IP <-> REMOTE_IP] ike_udp_callback_common: Connected, sending notify [Oct 14 10:45:24][LOCAL_IP <-> REMOTE_IP] ike_send_notify: Connected, SA = { 5419db45 2cf43b00 - fc7eee5b 1f9e2e7f}, nego = -1 [Oct 14 10:45:24][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { 5419db45 2cf43b00 - fc7eee5b 1f9e2e7f [-1] / 0x00000000 } IP; Connected [Oct 14 10:45:24][LOCAL_IP <-> REMOTE_IP] ike_free_negotiation_isakmp: Start, nego = -1 [Oct 14 10:45:24][LOCAL_IP <-> REMOTE_IP] ike_free_negotiation: Start, nego = -1 [Oct 14 10:45:24][LOCAL_IP <-> REMOTE_IP] ike_alloc_negotiation: Start, SA = { 5419db45 2cf43b00 - fc7eee5b 1f9e2e7f} [Oct 14 10:45:24][LOCAL_IP <-> REMOTE_IP] ike_alloc_negotiation: Found slot 0, max 1 [Oct 14 10:45:24][LOCAL_IP <-> REMOTE_IP] ike_init_cfg_negotiation: Start, initiator = 0, message_id = a43ceb7a [Oct 14 10:45:24][LOCAL_IP <-> REMOTE_IP] :500 (Responder) <-> REMOTE_IP:500 { 5419db45 2cf43b00 - fc7eee5b 1f9e2e7f [0] / 0xa43ceb7a } CFG; New negotiation [Oct 14 10:45:24][LOCAL_IP <-> REMOTE_IP] ikev2_fallback_negotiation_alloc: Allocated fallback negotiation dfc800 [Oct 14 10:45:24][LOCAL_IP <-> REMOTE_IP] ikev2_fb_alloc_cfgmode_negotiation: Accepting new Cfg/XAuth negotiation: local=:500, remote=REMOTE_IP:500 [Oct 14 10:45:24][LOCAL_IP <-> REMOTE_IP] :500 (Responder) <-> REMOTE_IP:500 { 5419db45 2cf43b00 - fc7eee5b 1f9e2e7f [0] / 0xa43ceb7a } CFG; Output of phase 2 IV hash[16] = 0xb64b95eb e0a20e4e efc4c780 cb68b815 [Oct 14 10:45:24][LOCAL_IP <-> REMOTE_IP] ike_decode_packet: Start [Oct 14 10:45:24][LOCAL_IP <-> REMOTE_IP] ike_decode_packet: Start, SA = { 5419db45 2cf43b00 - fc7eee5b 1f9e2e7f} / a43ceb7a, nego = 0 [Oct 14 10:45:24][LOCAL_IP <-> REMOTE_IP] ike_decode_packet: Decrypting packet [Oct 14 10:45:24][LOCAL_IP <-> REMOTE_IP] ike_decode_payload_attr: Start [Oct 14 10:45:24][LOCAL_IP <-> REMOTE_IP] :500 (Responder) <-> REMOTE_IP:500 { 5419db45 2cf43b00 - fc7eee5b 1f9e2e7f [0] / 0xa43ceb7a } CFG; Version = 1.0, Input packet fields = 0820 HASH ATTR [Oct 14 10:45:24][LOCAL_IP <-> REMOTE_IP] ike_state_step: Current state = Start CFG R (26)/-1, exchange = 6, auth_method = any, Responder [Oct 14 10:45:24][LOCAL_IP <-> REMOTE_IP] ike_st_i_encrypt: Check that packet was encrypted succeeded [Oct 14 10:45:24][LOCAL_IP <-> REMOTE_IP] ike_st_i_gen_hash: Start, hash[0..20] = f746218b 719899f8 ... [Oct 14 10:45:24][LOCAL_IP <-> REMOTE_IP] ike_st_i_cfg_attr: Start [Oct 14 10:45:24][LOCAL_IP <-> REMOTE_IP] ike_process_packet: No output packet, returning [Oct 14 10:45:24][LOCAL_IP <-> REMOTE_IP] ike_cfg_attrs_reply: Start [Oct 14 10:45:24][LOCAL_IP <-> REMOTE_IP] ikev2_fallback_negotiation_free: Fallback negotiation dfc800 has still 2 references [Oct 14 10:45:24][LOCAL_IP <-> REMOTE_IP] ikev2_fallback_negotiation_free: Fallback negotiation dfc800 has still 1 references [Oct 14 10:45:24][LOCAL_IP <-> REMOTE_IP] ikev2_fallback_negotiation_free: Freeing fallback negotiation dfc800 [Oct 14 10:45:24][LOCAL_IP <-> REMOTE_IP] ike_sa_find: Found SA = { 5419db45 2cf43b00 - fc7eee5b 1f9e2e7f } [Oct 14 10:45:24][LOCAL_IP <-> REMOTE_IP] ikev2_packet_v1_start: Passing IKE v1.0 packet to IKEv1 library [Oct 14 10:45:24][LOCAL_IP <-> REMOTE_IP] ike_get_sa: Start, SA = { 5419db45 2cf43b00 - fc7eee5b 1f9e2e7f } / 20c783af, remote = REMOTE_IP:500 [Oct 14 10:45:24][LOCAL_IP <-> REMOTE_IP] ike_sa_find: Found SA = { 5419db45 2cf43b00 - fc7eee5b 1f9e2e7f } [Oct 14 10:45:24][LOCAL_IP <-> REMOTE_IP] ike_alloc_negotiation: Start, SA = { 5419db45 2cf43b00 - fc7eee5b 1f9e2e7f} [Oct 14 10:45:24][LOCAL_IP <-> REMOTE_IP] ike_alloc_negotiation: Found slot 1, max 2 [Oct 14 10:45:24][LOCAL_IP <-> REMOTE_IP] :500 (Responder) <-> REMOTE_IP:500 { 5419db45 2cf43b00 - fc7eee5b 1f9e2e7f [1] / 0x20c783af } Info; New informational negotiation [Oct 14 10:45:24][LOCAL_IP <-> REMOTE_IP] :500 (Responder) <-> REMOTE_IP:500 { 5419db45 2cf43b00 - fc7eee5b 1f9e2e7f [1] / 0x20c783af } Info; Packet to old negotiation [Oct 14 10:45:24][LOCAL_IP <-> REMOTE_IP] :500 (Responder) <-> REMOTE_IP:500 { 5419db45 2cf43b00 - fc7eee5b 1f9e2e7f [1] / 0x20c783af } Info; Output of phase 2 IV hash[16] = 0xb0f92525 6aac161a a08e01f1 9ea7db69 [Oct 14 10:45:24][LOCAL_IP <-> REMOTE_IP] ike_decode_packet: Start [Oct 14 10:45:24][LOCAL_IP <-> REMOTE_IP] ike_decode_packet: Start, SA = { 5419db45 2cf43b00 - fc7eee5b 1f9e2e7f} / 20c783af, nego = 1 [Oct 14 10:45:24][LOCAL_IP <-> REMOTE_IP] ike_decode_packet: Decrypting packet [Oct 14 10:45:24][LOCAL_IP <-> REMOTE_IP] :500 (Responder) <-> REMOTE_IP:500 { 5419db45 2cf43b00 - fc7eee5b 1f9e2e7f [1] / 0x20c783af } Info; Version = 1.0, Input packet fields = 0220 HASH N [Oct 14 10:45:24][LOCAL_IP <-> REMOTE_IP] ike_state_step: Current state = Done (30)/-1, exchange = 5, auth_method = any, Responder [Oct 14 10:45:24][LOCAL_IP <-> REMOTE_IP] ike_st_i_encrypt: Check that packet was encrypted succeeded [Oct 14 10:45:24][LOCAL_IP <-> REMOTE_IP] ike_st_i_gen_hash: Start, hash[0..20] = 303d07ca 17016be7 ... [Oct 14 10:45:24][LOCAL_IP <-> REMOTE_IP] ike_st_i_n: Start, doi = 1, protocol = 1, code = Payload malformed (16), spi[0..0] = 00000000 00000000 ..., data[0..0] = 00000000 00000000 ... [Oct 14 10:45:24][LOCAL_IP <-> REMOTE_IP] :500 (Responder) <-> REMOTE_IP:500 { 5419db45 2cf43b00 - fc7eee5b 1f9e2e7f [1] / 0x20c783af } Info; Received notify err = Payload malformed (16) to isakmp sa, delete it [Oct 14 10:45:24][LOCAL_IP <-> REMOTE_IP] ike_st_i_private: Start [Oct 14 10:45:24][LOCAL_IP <-> REMOTE_IP] ike_state_step: All done, new state = Done (30) [Oct 14 10:45:24][LOCAL_IP <-> REMOTE_IP] ike_process_packet: Connected, sending notify [Oct 14 10:45:24][LOCAL_IP <-> REMOTE_IP] ike_send_notify: Connected, SA = { 5419db45 2cf43b00 - fc7eee5b 1f9e2e7f}, nego = 1 [Oct 14 10:45:24][LOCAL_IP <-> REMOTE_IP] :500 (Responder) <-> REMOTE_IP:500 { 5419db45 2cf43b00 - fc7eee5b 1f9e2e7f [1] / 0x20c783af } Info; Connected [Oct 14 10:45:24][LOCAL_IP <-> REMOTE_IP] ike_delete_negotiation: Start, SA = { 5419db45 2cf43b00 - fc7eee5b 1f9e2e7f}, nego = 1 [Oct 14 10:45:24][LOCAL_IP <-> REMOTE_IP] :500 (Responder) <-> REMOTE_IP:500 { 5419db45 2cf43b00 - fc7eee5b 1f9e2e7f [1] / 0x20c783af } Info; Deleting negotiation [Oct 14 10:45:24][LOCAL_IP <-> REMOTE_IP] ike_free_negotiation_info: Start, nego = 1 [Oct 14 10:45:24][LOCAL_IP <-> REMOTE_IP] ike_free_negotiation: Start, nego = 1 [Oct 14 10:45:24][LOCAL_IP <-> REMOTE_IP] ike_remove_callback: Start, delete SA = { 5419db45 2cf43b00 - fc7eee5b 1f9e2e7f}, nego = -1 [Oct 14 10:45:24][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { 5419db45 2cf43b00 - fc7eee5b 1f9e2e7f [-1] / unknown } IP; Removing negotiation [Oct 14 10:45:24][LOCAL_IP <-> REMOTE_IP] ike_delete_negotiation: Start, SA = { 5419db45 2cf43b00 - fc7eee5b 1f9e2e7f}, nego = -1 [Oct 14 10:45:24][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { 5419db45 2cf43b00 - fc7eee5b 1f9e2e7f [-1] / unknown } IP; Deleting negotiation [Oct 14 10:45:24][LOCAL_IP <-> REMOTE_IP] ssh_ike_tunnel_table_entry_delete: Deleting tunnel_id: 0 from IKE tunnel table [Oct 14 10:45:24][LOCAL_IP <-> REMOTE_IP] ssh_ike_tunnel_table_entry_delete: The tunnel id: 0 doesn't exist in IKE tunnel table [Oct 14 10:45:24][LOCAL_IP <-> REMOTE_IP] ike_sa_delete: Start, SA = { 5419db45 2cf43b00 - fc7eee5b 1f9e2e7f } [Oct 14 10:45:24][LOCAL_IP <-> REMOTE_IP] ike_free_negotiation_cfg: Start, nego = 0 [Oct 14 10:45:24][LOCAL_IP <-> REMOTE_IP] ike_free_negotiation: Start, nego = 0 [Oct 14 10:45:24][LOCAL_IP <-> REMOTE_IP] ike_free_negotiation_isakmp: Start, nego = -1 [Oct 14 10:45:24][LOCAL_IP <-> REMOTE_IP] ike_free_negotiation: Start, nego = -1 [Oct 14 10:45:24][LOCAL_IP <-> REMOTE_IP] ikev2_fb_isakmp_sa_freed: Received notification from the ISAKMP library that the IKE SA df6400 is freed [Oct 14 10:45:24][LOCAL_IP <-> REMOTE_IP] IKE SA delete called for p1 sa 2593426 (ref cnt 1) local:LOCAL_IP, remote:REMOTE_IP, IKEv1 [Oct 14 10:45:24][LOCAL_IP <-> REMOTE_IP] P1 SA 2593426 stop timer. timer duration 30, reason 0. [Oct 14 10:45:24][LOCAL_IP <-> REMOTE_IP] iked_pm_p1_sa_destroy: p1 sa 2593426 (ref cnt 0), waiting_for_del 0x0 [Oct 14 10:45:24][LOCAL_IP <-> REMOTE_IP] iked_peer_remove_p1sa_entry: Remove p1 sa 2593426 from peer entry 0x9cc400 [Oct 14 10:45:24][LOCAL_IP <-> REMOTE_IP] ike_free_id_payload: Start, id type = 1 [Oct 14 10:45:24][LOCAL_IP <-> REMOTE_IP] ike_free_id_payload: Start, id type = 1 [Oct 14 10:45:24][LOCAL_IP <-> REMOTE_IP] ike_free_sa: Start [Oct 14 10:45:28][LOCAL_IP <-> REMOTE_IP] ike_sa_find: Not found SA = { 5419db45 2cf43b00 - fc7eee5b 1f9e2e7f } [Oct 14 10:45:28][LOCAL_IP <-> REMOTE_IP] ikev2_packet_v1_start: Passing IKE v1.0 packet to IKEv1 library [Oct 14 10:45:28][LOCAL_IP <-> REMOTE_IP] ike_get_sa: Start, SA = { 5419db45 2cf43b00 - fc7eee5b 1f9e2e7f } / a43ceb7a, remote = REMOTE_IP:500 [Oct 14 10:45:28][LOCAL_IP <-> REMOTE_IP] ike_sa_find: Not found SA = { 5419db45 2cf43b00 - fc7eee5b 1f9e2e7f } [Oct 14 10:45:28][LOCAL_IP <-> REMOTE_IP] ike_sa_find_half: Not found half SA = { 5419db45 2cf43b00 - 00000000 00000000 } [Oct 14 10:45:28][LOCAL_IP <-> REMOTE_IP] ike_get_sa: Invalid cookie, no sa found, SA = { 5419db45 2cf43b00 - fc7eee5b 1f9e2e7f } / a43ceb7a, remote = REMOTE_IP:500 [Oct 14 10:45:28][LOCAL_IP <-> REMOTE_IP] iked_pv_audit_callback: Empty SSH audit event [Oct 14 10:45:28][LOCAL_IP <-> REMOTE_IP] unknown (unknown) <-> unknown { unknown [unknown] / unknown } unknown; Packet to unknown Isakmp SA, ip = REMOTE_IP:500 [Oct 14 10:45:34][LOCAL_IP <-> REMOTE_IP] Received DPD Trigger message with local_gw_addr = LOCAL_IP remote_gw_addr = REMOTE_IP [Oct 14 10:45:34][LOCAL_IP <-> REMOTE_IP] DPD -> TTL decrement 4 (no-response) for remote peer REMOTE_IP [Oct 14 10:45:34][LOCAL_IP <-> REMOTE_IP] P1 SA 2593427 start timer. timer duration 30, reason 1. [Oct 14 10:45:34][LOCAL_IP <-> REMOTE_IP] iked_peer_insert_p1sa_entry: Insert p1 sa 2593427 in peer entry 0x9cc400 [Oct 14 10:45:34][LOCAL_IP <-> REMOTE_IP] ikev2_fallback_negotiation_alloc: Allocated fallback negotiation dfc800 [Oct 14 10:45:34][LOCAL_IP <-> REMOTE_IP] Parsing notification payload for local:LOCAL_IP, remote:REMOTE_IP IKEv1 [Oct 14 10:45:34][LOCAL_IP <-> REMOTE_IP] IKE SA fill called for negotiation of local:LOCAL_IP, remote:REMOTE_IP IKEv1 [Oct 14 10:45:34][LOCAL_IP <-> REMOTE_IP] ikev2_fallback_negotiation_free: Fallback negotiation dfc800 has still 1 references [Oct 14 10:45:34][LOCAL_IP <-> REMOTE_IP] ssh_ike_connect: Start, remote_name = REMOTE_IP:500, xchg = 2, flags = 00080000 [Oct 14 10:45:34][LOCAL_IP <-> REMOTE_IP] ike_sa_allocate: Start, SA = { da25989d ca1322af - 00000000 00000000 } [Oct 14 10:45:34][LOCAL_IP <-> REMOTE_IP] ike_init_isakmp_sa: Start, remote = REMOTE_IP:500, initiator = 1 [Oct 14 10:45:34][LOCAL_IP <-> REMOTE_IP] ssh_ike_connect: SA = { da25989d ca1322af - 00000000 00000000}, nego = -1 [Oct 14 10:45:34][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { da25989d ca1322af - 00000000 00000000 [-1] / 0x00000000 } IP; Start isakmp sa negotiation [Oct 14 10:45:34][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { da25989d ca1322af - 00000000 00000000 [-1] / 0x00000000 } IP; Version = 1.0, Input packet fields = 0000 [Oct 14 10:45:34][LOCAL_IP <-> REMOTE_IP] ike_state_step: Current state = Start sa negotiation I (1)/-1, exchange = 2, auth_method = pre shared key, Initiator [Oct 14 10:45:34][LOCAL_IP <-> REMOTE_IP] ike_st_o_sa_proposal: Start [Oct 14 10:45:34][LOCAL_IP <-> REMOTE_IP] ike_policy_reply_isakmp_vendor_ids: Start [Oct 14 10:45:34][LOCAL_IP <-> REMOTE_IP] ike_st_o_private: Start [Oct 14 10:45:34][LOCAL_IP <-> REMOTE_IP] ike_policy_reply_private_payload_out: Start [Oct 14 10:45:34][LOCAL_IP <-> REMOTE_IP] ike_state_step: All done, new state = MM SA I (3) [Oct 14 10:45:34][LOCAL_IP <-> REMOTE_IP] ike_encode_packet: Start, SA = { 0xda25989d ca1322af - 00000000 00000000 } / 00000000, nego = -1 [Oct 14 10:45:34][LOCAL_IP <-> REMOTE_IP] ike_encode_packet: Final length = 288 [Oct 14 10:45:34][LOCAL_IP <-> REMOTE_IP] ike_send_packet: Start, send SA = { da25989d ca1322af - 00000000 00000000}, nego = -1, dst = REMOTE_IP:500, routing table id = 0 [Oct 14 10:45:34][LOCAL_IP <-> REMOTE_IP] ike_sa_find: Not found SA = { da25989d ca1322af - 3599569c 795ce5e0 } [Oct 14 10:45:34][LOCAL_IP <-> REMOTE_IP] ikev2_packet_v1_start: Passing IKE v1.0 packet to IKEv1 library [Oct 14 10:45:34][LOCAL_IP <-> REMOTE_IP] ike_get_sa: Start, SA = { da25989d ca1322af - 3599569c 795ce5e0 } / 00000000, remote = REMOTE_IP:500 [Oct 14 10:45:34][LOCAL_IP <-> REMOTE_IP] ike_sa_find: Not found SA = { da25989d ca1322af - 3599569c 795ce5e0 } [Oct 14 10:45:34][LOCAL_IP <-> REMOTE_IP] ike_sa_find_half: Found half SA = { da25989d ca1322af - 00000000 00000000 } [Oct 14 10:45:34][LOCAL_IP <-> REMOTE_IP] ike_get_sa: We are intiator, first response packet [Oct 14 10:45:34][LOCAL_IP <-> REMOTE_IP] ike_sa_upgrade: Start, SA = { da25989d ca1322af - 00000000 00000000 } -> { ... - 3599569c 795ce5e0 } [Oct 14 10:45:34][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { da25989d ca1322af - 3599569c 795ce5e0 [-1] / 0x00000000 } IP; Packet to old negotiation [Oct 14 10:45:34][LOCAL_IP <-> REMOTE_IP] ike_decode_packet: Start [Oct 14 10:45:34][LOCAL_IP <-> REMOTE_IP] ike_decode_packet: Start, SA = { da25989d ca1322af - 3599569c 795ce5e0} / 00000000, nego = -1 [Oct 14 10:45:34][LOCAL_IP <-> REMOTE_IP] ike_decode_payload_sa: Start [Oct 14 10:45:34][LOCAL_IP <-> REMOTE_IP] ike_decode_payload_sa: Found 1 proposals [Oct 14 10:45:34][LOCAL_IP <-> REMOTE_IP] ike_decode_payload_t: Start, # trans = 1 [Oct 14 10:45:34][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { da25989d ca1322af - 3599569c 795ce5e0 [-1] / 0x00000000 } IP; Version = 1.0, Input packet fields = 0401 SA VID [Oct 14 10:45:34][LOCAL_IP <-> REMOTE_IP] ike_state_step: Current state = MM SA I (3)/-1, exchange = 2, auth_method = pre shared key, Initiator [Oct 14 10:45:34][LOCAL_IP <-> REMOTE_IP] ike_st_i_sa_value: Start [Oct 14 10:45:34][LOCAL_IP <-> REMOTE_IP] ike_st_i_cr: Start [Oct 14 10:45:34][LOCAL_IP <-> REMOTE_IP] ike_st_i_cert: Start [Oct 14 10:45:34][LOCAL_IP <-> REMOTE_IP] ike_st_i_vid: VID[0..8] = 09002689 dfd6b712 ... [Oct 14 10:45:34][LOCAL_IP <-> REMOTE_IP] ike_st_i_vid: VID[0..16] = afcad713 68a1f1c9 ... [Oct 14 10:45:34][LOCAL_IP <-> REMOTE_IP] ike_st_i_vid: VID[0..16] = 12f5f28c 457168a9 ... [Oct 14 10:45:34][LOCAL_IP <-> REMOTE_IP] ike_st_i_vid: VID[0..16] = 4a131c81 07035845 ... [Oct 14 10:45:34][LOCAL_IP <-> REMOTE_IP] ike_st_i_private: Start [Oct 14 10:45:34][LOCAL_IP <-> REMOTE_IP] ike_st_o_ke: Start [Oct 14 10:45:34][LOCAL_IP <-> REMOTE_IP] iked_dh_get_group: DH Group 2 [Oct 14 10:45:34][LOCAL_IP <-> REMOTE_IP] iked_dh_generate_sync: Requested DH group 2 [Oct 14 10:45:34][LOCAL_IP <-> REMOTE_IP] iked_dh_generate_sync: Generated DH keys using hardware for DH group 2 [Oct 14 10:45:34][LOCAL_IP <-> REMOTE_IP] juniper_dlp_diffie_hellman_generate_async: DH Generate Secs [0] USecs [6188] [Oct 14 10:45:34][LOCAL_IP <-> REMOTE_IP] juniper_dlp_diffie_hellman_generate_async: Generated DH using hardware [Oct 14 10:45:34][LOCAL_IP <-> REMOTE_IP] ike_st_o_nonce: Start [Oct 14 10:45:34][LOCAL_IP <-> REMOTE_IP] ike_policy_reply_isakmp_nonce_data_len: Start [Oct 14 10:45:34][LOCAL_IP <-> REMOTE_IP] ike_st_o_private: Start [Oct 14 10:45:34][LOCAL_IP <-> REMOTE_IP] ike_policy_reply_private_payload_out: Start [Oct 14 10:45:34][LOCAL_IP <-> REMOTE_IP] ike_policy_reply_private_payload_out: Start [Oct 14 10:45:34][LOCAL_IP <-> REMOTE_IP] ike_policy_reply_private_payload_out: Start [Oct 14 10:45:34][LOCAL_IP <-> REMOTE_IP] ike_state_step: All done, new state = MM KE I (5) [Oct 14 10:45:34][LOCAL_IP <-> REMOTE_IP] ike_encode_packet: Start, SA = { 0xda25989d ca1322af - 3599569c 795ce5e0 } / 00000000, nego = -1 [Oct 14 10:45:34][LOCAL_IP <-> REMOTE_IP] ike_encode_packet: Final length = 228 [Oct 14 10:45:34][LOCAL_IP <-> REMOTE_IP] ike_send_packet: Start, send SA = { da25989d ca1322af - 3599569c 795ce5e0}, nego = -1, dst = REMOTE_IP:500, routing table id = 0 [Oct 14 10:45:34][LOCAL_IP <-> REMOTE_IP] ike_sa_find: Found SA = { da25989d ca1322af - 3599569c 795ce5e0 } [Oct 14 10:45:34][LOCAL_IP <-> REMOTE_IP] ikev2_packet_v1_start: Passing IKE v1.0 packet to IKEv1 library [Oct 14 10:45:34][LOCAL_IP <-> REMOTE_IP] ike_get_sa: Start, SA = { da25989d ca1322af - 3599569c 795ce5e0 } / 00000000, remote = REMOTE_IP:500 [Oct 14 10:45:34][LOCAL_IP <-> REMOTE_IP] ike_sa_find: Found SA = { da25989d ca1322af - 3599569c 795ce5e0 } [Oct 14 10:45:34][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { da25989d ca1322af - 3599569c 795ce5e0 [-1] / 0x00000000 } IP; Packet to old negotiation [Oct 14 10:45:34][LOCAL_IP <-> REMOTE_IP] ike_decode_packet: Start [Oct 14 10:45:34][LOCAL_IP <-> REMOTE_IP] ike_decode_packet: Start, SA = { da25989d ca1322af - 3599569c 795ce5e0} / 00000000, nego = -1 [Oct 14 10:45:34][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { da25989d ca1322af - 3599569c 795ce5e0 [-1] / 0x00000000 } IP; Version = 1.0, Input packet fields = 0012 KE NONCE [Oct 14 10:45:34][LOCAL_IP <-> REMOTE_IP] ike_state_step: Current state = MM KE I (5)/-1, exchange = 2, auth_method = pre shared key, Initiator [Oct 14 10:45:34][LOCAL_IP <-> REMOTE_IP] ike_st_i_nonce: Start, nonce[0..32] = b42dc281 da58d026 ... [Oct 14 10:45:34][LOCAL_IP <-> REMOTE_IP] ike_st_i_ke: Ke[0..128] = 7170625c 6c259b06 ... [Oct 14 10:45:34][LOCAL_IP <-> REMOTE_IP] ike_st_i_cr: Start [Oct 14 10:45:34][LOCAL_IP <-> REMOTE_IP] ike_st_i_cert: Start [Oct 14 10:45:34][LOCAL_IP <-> REMOTE_IP] ike_st_i_private: Start [Oct 14 10:45:34][LOCAL_IP <-> REMOTE_IP] ike_st_o_id: Start [Oct 14 10:45:34][LOCAL_IP <-> REMOTE_IP] ike_st_o_hash: Start [Oct 14 10:45:34][LOCAL_IP <-> REMOTE_IP] iked_dh_get_group: DH Group 2 [Oct 14 10:45:34][LOCAL_IP <-> REMOTE_IP] iked_dh_compute_synch: Requested DH group 2 [Oct 14 10:45:34][LOCAL_IP <-> REMOTE_IP] juniper_dlp_diffie_hellman_final_async: DH Compute Secs [0] USecs [6552] [Oct 14 10:45:34][LOCAL_IP <-> REMOTE_IP] juniper_dlp_diffie_hellman_final_async: Computed DH using hardware [Oct 14 10:45:34][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { da25989d ca1322af - 3599569c 795ce5e0 [-1] / 0x00000000 } IP; Diffie-hellman secret g^xy[128] = 0x9f42da8d ca26fb4f 032085fc 71a2019a 92 [Oct 14 10:45:34][LOCAL_IP <-> REMOTE_IP] ike_find_pre_shared_key: Find pre shared key key for LOCAL_IP:500, id = ipv4(any:0,[0..3]=LOCAL_IP) -> REMOTE_IP:500, id = No Id [Oct 14 10:45:34][LOCAL_IP <-> REMOTE_IP] ike_policy_reply_find_pre_shared_key: Start [Oct 14 10:45:34][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { da25989d ca1322af - 3599569c 795ce5e0 [-1] / 0x00000000 } IP; Hash algorithm = hmac-sha1 [Oct 14 10:45:34][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { da25989d ca1322af - 3599569c 795ce5e0 [-1] / 0x00000000 } IP; Prf key[11] = 0x32303135 4d696172 657465 [Oct 14 10:45:34][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { da25989d ca1322af - 3599569c 795ce5e0 [-1] / 0x00000000 } IP; Calculating SKEYID [Oct 14 10:45:34][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { da25989d ca1322af - 3599569c 795ce5e0 [-1] / 0x00000000 } IP; Output of SKEYID hash[20] = 0x8610fc2c daf2ea4c c12881cf aaf3ff96 3f1534b3 [Oct 14 10:45:34][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { da25989d ca1322af - 3599569c 795ce5e0 [-1] / 0x00000000 } IP; Output of SKEYID_d hash[20] = 0xc7f9feb3 ebda3e4e 0414cd44 10381da3 935a2a [Oct 14 10:45:34][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { da25989d ca1322af - 3599569c 795ce5e0 [-1] / 0x00000000 } IP; Output of SKEYID_a hash[20] = 0xbc289c31 8f6c8fd0 4c38566f 61c225dd 0f5d81 [Oct 14 10:45:34][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { da25989d ca1322af - 3599569c 795ce5e0 [-1] / 0x00000000 } IP; Output SKEYID_e hash[20] = 0x01b20855 44380cff febb6f11 85cc8df2 eba489fe [Oct 14 10:45:34][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { da25989d ca1322af - 3599569c 795ce5e0 [-1] / 0x00000000 } IP; Final encryption key[16] = 0x01b20855 44380cff febb6f11 85cc8df2 [Oct 14 10:45:34][LOCAL_IP <-> REMOTE_IP] ike_calc_mac: Start, initiator = true, local = true [Oct 14 10:45:34][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { da25989d ca1322af - 3599569c 795ce5e0 [-1] / 0x00000000 } IP; Output of HASH_I hash[20] = 0x25894e49 0d0506f2 6ac19156 dd70d1ed a701fbd1 [Oct 14 10:45:34][LOCAL_IP <-> REMOTE_IP] ike_st_o_status_n: Start [Oct 14 10:45:34][LOCAL_IP <-> REMOTE_IP] ike_st_o_private: Start [Oct 14 10:45:34][LOCAL_IP <-> REMOTE_IP] ike_policy_reply_private_payload_out: Start [Oct 14 10:45:34][LOCAL_IP <-> REMOTE_IP] ike_st_o_encrypt: Marking encryption for packet [Oct 14 10:45:34][LOCAL_IP <-> REMOTE_IP] ike_state_step: All done, new state = MM final I (7) [Oct 14 10:45:34][LOCAL_IP <-> REMOTE_IP] ike_encode_packet: Start, SA = { 0xda25989d ca1322af - 3599569c 795ce5e0 } / 00000000, nego = -1 [Oct 14 10:45:34][LOCAL_IP <-> REMOTE_IP] ike_encode_packet: Encrypting packet [Oct 14 10:45:34][LOCAL_IP <-> REMOTE_IP] ike_encode_packet: Final length = 76 [Oct 14 10:45:34][LOCAL_IP <-> REMOTE_IP] ike_send_packet: Start, send SA = { da25989d ca1322af - 3599569c 795ce5e0}, nego = -1, dst = REMOTE_IP:500, routing table id = 0 [Oct 14 10:45:34][LOCAL_IP <-> REMOTE_IP] ike_sa_find: Found SA = { da25989d ca1322af - 3599569c 795ce5e0 } [Oct 14 10:45:34][LOCAL_IP <-> REMOTE_IP] ikev2_packet_v1_start: Passing IKE v1.0 packet to IKEv1 library [Oct 14 10:45:34][LOCAL_IP <-> REMOTE_IP] ike_get_sa: Start, SA = { da25989d ca1322af - 3599569c 795ce5e0 } / 00000000, remote = REMOTE_IP:500 [Oct 14 10:45:34][LOCAL_IP <-> REMOTE_IP] ike_sa_find: Found SA = { da25989d ca1322af - 3599569c 795ce5e0 } [Oct 14 10:45:34][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { da25989d ca1322af - 3599569c 795ce5e0 [-1] / 0x00000000 } IP; Packet to old negotiation [Oct 14 10:45:34][LOCAL_IP <-> REMOTE_IP] ike_decode_packet: Start [Oct 14 10:45:34][LOCAL_IP <-> REMOTE_IP] ike_decode_packet: Start, SA = { da25989d ca1322af - 3599569c 795ce5e0} / 00000000, nego = -1 [Oct 14 10:45:34][LOCAL_IP <-> REMOTE_IP] ike_decode_packet: Decrypting packet [Oct 14 10:45:34][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { da25989d ca1322af - 3599569c 795ce5e0 [-1] / 0x00000000 } IP; Version = 1.0, Input packet fields = 0024 ID HASH [Oct 14 10:45:34][LOCAL_IP <-> REMOTE_IP] ike_state_step: Current state = MM final I (7)/-1, exchange = 2, auth_method = pre shared key, Initiator [Oct 14 10:45:34][LOCAL_IP <-> REMOTE_IP] ike_st_i_encrypt: Check that packet was encrypted succeeded [Oct 14 10:45:34][LOCAL_IP <-> REMOTE_IP] ike_st_i_id: Start [Oct 14 10:45:34][LOCAL_IP <-> REMOTE_IP] ike_st_i_hash: Start, hash[0..20] = 6518e576 f8a9f92c ... [Oct 14 10:45:34][LOCAL_IP <-> REMOTE_IP] ike_calc_mac: Start, initiator = true, local = false [Oct 14 10:45:34][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { da25989d ca1322af - 3599569c 795ce5e0 [-1] / 0x00000000 } IP; Output of HASH_R hash[20] = 0x6518e576 f8a9f92c 84a0eb22 4a574548 a3804afb [Oct 14 10:45:34][LOCAL_IP <-> REMOTE_IP] ike_st_i_cert: Start [Oct 14 10:45:34][LOCAL_IP <-> REMOTE_IP] ike_st_i_private: Start [Oct 14 10:45:34][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { da25989d ca1322af - 3599569c 795ce5e0 [-1] / 0x00000000 } IP; dec->enc iv[16] = 0x9c95deae 5608a705 ed5f9460 9ed46c63 [Oct 14 10:45:34][LOCAL_IP <-> REMOTE_IP] ike_st_o_wait_done: Marking for waiting for done [Oct 14 10:45:34][LOCAL_IP <-> REMOTE_IP] ike_st_o_all_done: MESSAGE: Phase 1 { 0xda25989d ca1322af - 0x3599569c 795ce5e0 } / 00000000, version = 1.0, xchg = Identity protect, auth_method = Pre shared keys, Initiator, cipher = aes- [Oct 14 10:45:34][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { da25989d ca1322af - 3599569c 795ce5e0 [-1] / 0x00000000 } IP; MESSAGE: Phase 1 version = 1.0, auth_method = Pre shared keys, cipher = ae [Oct 14 10:45:34][LOCAL_IP <-> REMOTE_IP] ike_state_step: All done, new state = MM done I (9) [Oct 14 10:45:34][LOCAL_IP <-> REMOTE_IP] ikev2_fallback_negotiation_free: Fallback negotiation dfc800 has still 1 references [Oct 14 10:45:34][LOCAL_IP <-> REMOTE_IP] ike_send_notify: Connected, SA = { da25989d ca1322af - 3599569c 795ce5e0}, nego = -1 [Oct 14 10:45:34][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { da25989d ca1322af - 3599569c 795ce5e0 [-1] / 0x00000000 } IP; Connected [Oct 14 10:45:34][LOCAL_IP <-> REMOTE_IP] ike_process_packet: No output packet, returning [Oct 14 10:45:34][LOCAL_IP <-> REMOTE_IP] iked_pm_ike_sa_done: local:LOCAL_IP, remote:REMOTE_IP IKEv1 [Oct 14 10:45:34][LOCAL_IP <-> REMOTE_IP] IKE negotiation done for local:LOCAL_IP, remote:REMOTE_IP IKEv1 with status: Error ok [Oct 14 10:45:34][LOCAL_IP <-> REMOTE_IP] Parsing notification payload for local:LOCAL_IP, remote:REMOTE_IP IKEv1 [Oct 14 10:45:34][LOCAL_IP <-> REMOTE_IP] P1 SA 2593427 stop timer. timer duration 30, reason 1. [Oct 14 10:45:34][LOCAL_IP <-> REMOTE_IP] ssh_ike_connect_notify: Start, remote_name = :500, flags = 00010000 [Oct 14 10:45:34][LOCAL_IP <-> REMOTE_IP] ike_sa_find_ip_port: Remote = all:500, Found SA = { da25989d ca1322af - 3599569c 795ce5e0} [Oct 14 10:45:34][LOCAL_IP <-> REMOTE_IP] ike_alloc_negotiation: Start, SA = { da25989d ca1322af - 3599569c 795ce5e0} [Oct 14 10:45:34][LOCAL_IP <-> REMOTE_IP] ike_alloc_negotiation: Found slot 0, max 1 [Oct 14 10:45:34][LOCAL_IP <-> REMOTE_IP] :500 (Initiator) <-> REMOTE_IP:500 { da25989d ca1322af - 3599569c 795ce5e0 [0] / 0x93aeb572 } Info; Output of phase 2 IV hash[16] = 0xc4795de2 8b3a2d5e 8288518a cb854c63 [Oct 14 10:45:34][LOCAL_IP <-> REMOTE_IP] ike_init_info_exchange: Created random message id = 93aeb572 [Oct 14 10:45:34][LOCAL_IP <-> REMOTE_IP] ike_init_info_exchange: Phase 1 done, use HASH and N or D payload [Oct 14 10:45:34][LOCAL_IP <-> REMOTE_IP] ssh_ike_connect_notify: SA = { da25989d ca1322af - 3599569c 795ce5e0}, nego = 0 [Oct 14 10:45:34][LOCAL_IP <-> REMOTE_IP] :500 (Initiator) <-> REMOTE_IP:500 { da25989d ca1322af - 3599569c 795ce5e0 [0] / 0x93aeb572 } Info; Start notify negotiation [Oct 14 10:45:34][LOCAL_IP <-> REMOTE_IP] ike_encode_packet: Start, SA = { 0xda25989d ca1322af - 3599569c 795ce5e0 } / 93aeb572, nego = 0 [Oct 14 10:45:34][LOCAL_IP <-> REMOTE_IP] ike_encode_packet: Encrypting packet [Oct 14 10:45:34][LOCAL_IP <-> REMOTE_IP] ike_encode_packet: Final length = 92 [Oct 14 10:45:34][LOCAL_IP <-> REMOTE_IP] ssh_ike_connect_notify: Sending notification to (null):500 [Oct 14 10:45:34][LOCAL_IP <-> REMOTE_IP] ike_send_packet: Start, send SA = { da25989d ca1322af - 3599569c 795ce5e0}, nego = 0, dst = REMOTE_IP:500, routing table id = 0 [Oct 14 10:45:34][LOCAL_IP <-> REMOTE_IP] ike_delete_negotiation: Start, SA = { da25989d ca1322af - 3599569c 795ce5e0}, nego = 0 [Oct 14 10:45:34][LOCAL_IP <-> REMOTE_IP] :500 (Initiator) <-> REMOTE_IP:500 { da25989d ca1322af - 3599569c 795ce5e0 [0] / 0x93aeb572 } Info; Deleting negotiation [Oct 14 10:45:34][LOCAL_IP <-> REMOTE_IP] ike_free_negotiation_info: Start, nego = 0 [Oct 14 10:45:34][LOCAL_IP <-> REMOTE_IP] ike_free_negotiation: Start, nego = 0 [Oct 14 10:45:34][LOCAL_IP <-> REMOTE_IP] iked_pm_ike_info_done_callback: P1 SA 2593427 (ref 2). pending req? 0, status: Error ok [Oct 14 10:45:34][LOCAL_IP <-> REMOTE_IP] ikev2_fallback_negotiation_free: Freeing fallback negotiation dfc800 [Oct 14 10:45:34][LOCAL_IP <-> REMOTE_IP] ike_sa_find: Found SA = { da25989d ca1322af - 3599569c 795ce5e0 } [Oct 14 10:45:34][LOCAL_IP <-> REMOTE_IP] ikev2_packet_v1_start: Passing IKE v1.0 packet to IKEv1 library [Oct 14 10:45:34][LOCAL_IP <-> REMOTE_IP] ike_get_sa: Start, SA = { da25989d ca1322af - 3599569c 795ce5e0 } / 64085101, remote = REMOTE_IP:500 [Oct 14 10:45:34][LOCAL_IP <-> REMOTE_IP] ike_sa_find: Found SA = { da25989d ca1322af - 3599569c 795ce5e0 } [Oct 14 10:45:34][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { da25989d ca1322af - 3599569c 795ce5e0 [-1] / 0x00000000 } IP; Version = 1.0, Input packet fields = 0024 ID HASH [Oct 14 10:45:34][LOCAL_IP <-> REMOTE_IP] ike_state_step: Current state = MM done I (9)/-1, exchange = 2, auth_method = pre shared key, Initiator [Oct 14 10:45:34][LOCAL_IP <-> REMOTE_IP] ike_st_o_done: ISAKMP SA negotiation done [Oct 14 10:45:34][LOCAL_IP <-> REMOTE_IP] ike_state_step: All done, new state = Done (30) [Oct 14 10:45:34][LOCAL_IP <-> REMOTE_IP] ike_udp_callback_common: Connected, sending notify [Oct 14 10:45:34][LOCAL_IP <-> REMOTE_IP] ike_send_notify: Connected, SA = { da25989d ca1322af - 3599569c 795ce5e0}, nego = -1 [Oct 14 10:45:34][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { da25989d ca1322af - 3599569c 795ce5e0 [-1] / 0x00000000 } IP; Connected [Oct 14 10:45:34][LOCAL_IP <-> REMOTE_IP] ike_free_negotiation_isakmp: Start, nego = -1 [Oct 14 10:45:34][LOCAL_IP <-> REMOTE_IP] ike_free_negotiation: Start, nego = -1 [Oct 14 10:45:34][LOCAL_IP <-> REMOTE_IP] ike_alloc_negotiation: Start, SA = { da25989d ca1322af - 3599569c 795ce5e0} [Oct 14 10:45:34][LOCAL_IP <-> REMOTE_IP] ike_alloc_negotiation: Found slot 0, max 1 [Oct 14 10:45:34][LOCAL_IP <-> REMOTE_IP] ike_init_cfg_negotiation: Start, initiator = 0, message_id = 64085101 [Oct 14 10:45:34][LOCAL_IP <-> REMOTE_IP] :500 (Responder) <-> REMOTE_IP:500 { da25989d ca1322af - 3599569c 795ce5e0 [0] / 0x64085101 } CFG; New negotiation [Oct 14 10:45:34][LOCAL_IP <-> REMOTE_IP] ikev2_fallback_negotiation_alloc: Allocated fallback negotiation dfc800 [Oct 14 10:45:34][LOCAL_IP <-> REMOTE_IP] ikev2_fb_alloc_cfgmode_negotiation: Accepting new Cfg/XAuth negotiation: local=:500, remote=REMOTE_IP:500 [Oct 14 10:45:34][LOCAL_IP <-> REMOTE_IP] :500 (Responder) <-> REMOTE_IP:500 { da25989d ca1322af - 3599569c 795ce5e0 [0] / 0x64085101 } CFG; Output of phase 2 IV hash[16] = 0x75ca7d32 3ffddbf7 539b202d dc7c30bd [Oct 14 10:45:34][LOCAL_IP <-> REMOTE_IP] ike_decode_packet: Start [Oct 14 10:45:34][LOCAL_IP <-> REMOTE_IP] ike_decode_packet: Start, SA = { da25989d ca1322af - 3599569c 795ce5e0} / 64085101, nego = 0 [Oct 14 10:45:34][LOCAL_IP <-> REMOTE_IP] ike_decode_packet: Decrypting packet [Oct 14 10:45:34][LOCAL_IP <-> REMOTE_IP] ike_decode_payload_attr: Start [Oct 14 10:45:34][LOCAL_IP <-> REMOTE_IP] :500 (Responder) <-> REMOTE_IP:500 { da25989d ca1322af - 3599569c 795ce5e0 [0] / 0x64085101 } CFG; Version = 1.0, Input packet fields = 0820 HASH ATTR [Oct 14 10:45:34][LOCAL_IP <-> REMOTE_IP] ike_state_step: Current state = Start CFG R (26)/-1, exchange = 6, auth_method = any, Responder [Oct 14 10:45:34][LOCAL_IP <-> REMOTE_IP] ike_st_i_encrypt: Check that packet was encrypted succeeded [Oct 14 10:45:34][LOCAL_IP <-> REMOTE_IP] ike_st_i_gen_hash: Start, hash[0..20] = f6fefc16 c9f87c8d ... [Oct 14 10:45:34][LOCAL_IP <-> REMOTE_IP] ike_st_i_cfg_attr: Start [Oct 14 10:45:34][LOCAL_IP <-> REMOTE_IP] ike_process_packet: No output packet, returning [Oct 14 10:45:34][LOCAL_IP <-> REMOTE_IP] ike_cfg_attrs_reply: Start [Oct 14 10:45:34][LOCAL_IP <-> REMOTE_IP] ikev2_fallback_negotiation_free: Fallback negotiation dfc800 has still 2 references [Oct 14 10:45:34][LOCAL_IP <-> REMOTE_IP] ikev2_fallback_negotiation_free: Fallback negotiation dfc800 has still 1 references [Oct 14 10:45:34][LOCAL_IP <-> REMOTE_IP] ikev2_fallback_negotiation_free: Freeing fallback negotiation dfc800 [Oct 14 10:45:34][LOCAL_IP <-> REMOTE_IP] ike_sa_find: Found SA = { da25989d ca1322af - 3599569c 795ce5e0 } [Oct 14 10:45:34][LOCAL_IP <-> REMOTE_IP] ikev2_packet_v1_start: Passing IKE v1.0 packet to IKEv1 library [Oct 14 10:45:34][LOCAL_IP <-> REMOTE_IP] ike_get_sa: Start, SA = { da25989d ca1322af - 3599569c 795ce5e0 } / c16cd634, remote = REMOTE_IP:500 [Oct 14 10:45:34][LOCAL_IP <-> REMOTE_IP] ike_sa_find: Found SA = { da25989d ca1322af - 3599569c 795ce5e0 } [Oct 14 10:45:34][LOCAL_IP <-> REMOTE_IP] ike_alloc_negotiation: Start, SA = { da25989d ca1322af - 3599569c 795ce5e0} [Oct 14 10:45:34][LOCAL_IP <-> REMOTE_IP] ike_alloc_negotiation: Found slot 1, max 2 [Oct 14 10:45:34][LOCAL_IP <-> REMOTE_IP] :500 (Responder) <-> REMOTE_IP:500 { da25989d ca1322af - 3599569c 795ce5e0 [1] / 0xc16cd634 } Info; New informational negotiation [Oct 14 10:45:34][LOCAL_IP <-> REMOTE_IP] :500 (Responder) <-> REMOTE_IP:500 { da25989d ca1322af - 3599569c 795ce5e0 [1] / 0xc16cd634 } Info; Packet to old negotiation [Oct 14 10:45:34][LOCAL_IP <-> REMOTE_IP] :500 (Responder) <-> REMOTE_IP:500 { da25989d ca1322af - 3599569c 795ce5e0 [1] / 0xc16cd634 } Info; Output of phase 2 IV hash[16] = 0x95266141 6867dbce 8b109641 073c3894 [Oct 14 10:45:34][LOCAL_IP <-> REMOTE_IP] ike_decode_packet: Start [Oct 14 10:45:34][LOCAL_IP <-> REMOTE_IP] ike_decode_packet: Start, SA = { da25989d ca1322af - 3599569c 795ce5e0} / c16cd634, nego = 1 [Oct 14 10:45:34][LOCAL_IP <-> REMOTE_IP] ike_decode_packet: Decrypting packet [Oct 14 10:45:34][LOCAL_IP <-> REMOTE_IP] :500 (Responder) <-> REMOTE_IP:500 { da25989d ca1322af - 3599569c 795ce5e0 [1] / 0xc16cd634 } Info; Version = 1.0, Input packet fields = 0220 HASH N [Oct 14 10:45:34][LOCAL_IP <-> REMOTE_IP] ike_state_step: Current state = Done (30)/-1, exchange = 5, auth_method = any, Responder [Oct 14 10:45:34][LOCAL_IP <-> REMOTE_IP] ike_st_i_encrypt: Check that packet was encrypted succeeded [Oct 14 10:45:34][LOCAL_IP <-> REMOTE_IP] ike_st_i_gen_hash: Start, hash[0..20] = 038da22d 7a5c1f3d ... [Oct 14 10:45:34][LOCAL_IP <-> REMOTE_IP] ike_st_i_n: Start, doi = 1, protocol = 1, code = Payload malformed (16), spi[0..0] = 00000000 00000000 ..., data[0..0] = 00000000 00000000 ... [Oct 14 10:45:34][LOCAL_IP <-> REMOTE_IP] :500 (Responder) <-> REMOTE_IP:500 { da25989d ca1322af - 3599569c 795ce5e0 [1] / 0xc16cd634 } Info; Received notify err = Payload malformed (16) to isakmp sa, delete it [Oct 14 10:45:34][LOCAL_IP <-> REMOTE_IP] ike_st_i_private: Start [Oct 14 10:45:34][LOCAL_IP <-> REMOTE_IP] ike_state_step: All done, new state = Done (30) [Oct 14 10:45:34][LOCAL_IP <-> REMOTE_IP] ike_process_packet: Connected, sending notify [Oct 14 10:45:34][LOCAL_IP <-> REMOTE_IP] ike_send_notify: Connected, SA = { da25989d ca1322af - 3599569c 795ce5e0}, nego = 1 [Oct 14 10:45:34][LOCAL_IP <-> REMOTE_IP] :500 (Responder) <-> REMOTE_IP:500 { da25989d ca1322af - 3599569c 795ce5e0 [1] / 0xc16cd634 } Info; Connected [Oct 14 10:45:34][LOCAL_IP <-> REMOTE_IP] ike_delete_negotiation: Start, SA = { da25989d ca1322af - 3599569c 795ce5e0}, nego = 1 [Oct 14 10:45:34][LOCAL_IP <-> REMOTE_IP] :500 (Responder) <-> REMOTE_IP:500 { da25989d ca1322af - 3599569c 795ce5e0 [1] / 0xc16cd634 } Info; Deleting negotiation [Oct 14 10:45:34][LOCAL_IP <-> REMOTE_IP] ike_free_negotiation_info: Start, nego = 1 [Oct 14 10:45:34][LOCAL_IP <-> REMOTE_IP] ike_free_negotiation: Start, nego = 1 [Oct 14 10:45:34][LOCAL_IP <-> REMOTE_IP] ike_remove_callback: Start, delete SA = { da25989d ca1322af - 3599569c 795ce5e0}, nego = -1 [Oct 14 10:45:34][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { da25989d ca1322af - 3599569c 795ce5e0 [-1] / unknown } IP; Removing negotiation [Oct 14 10:45:34][LOCAL_IP <-> REMOTE_IP] ike_delete_negotiation: Start, SA = { da25989d ca1322af - 3599569c 795ce5e0}, nego = -1 [Oct 14 10:45:34][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { da25989d ca1322af - 3599569c 795ce5e0 [-1] / unknown } IP; Deleting negotiation [Oct 14 10:45:34][LOCAL_IP <-> REMOTE_IP] ssh_ike_tunnel_table_entry_delete: Deleting tunnel_id: 0 from IKE tunnel table [Oct 14 10:45:34][LOCAL_IP <-> REMOTE_IP] ssh_ike_tunnel_table_entry_delete: The tunnel id: 0 doesn't exist in IKE tunnel table [Oct 14 10:45:34][LOCAL_IP <-> REMOTE_IP] ike_sa_delete: Start, SA = { da25989d ca1322af - 3599569c 795ce5e0 } [Oct 14 10:45:34][LOCAL_IP <-> REMOTE_IP] ike_free_negotiation_cfg: Start, nego = 0 [Oct 14 10:45:34][LOCAL_IP <-> REMOTE_IP] ike_free_negotiation: Start, nego = 0 [Oct 14 10:45:34][LOCAL_IP <-> REMOTE_IP] ike_free_negotiation_isakmp: Start, nego = -1 [Oct 14 10:45:34][LOCAL_IP <-> REMOTE_IP] ike_free_negotiation: Start, nego = -1 [Oct 14 10:45:34][LOCAL_IP <-> REMOTE_IP] ikev2_fb_isakmp_sa_freed: Received notification from the ISAKMP library that the IKE SA df6400 is freed [Oct 14 10:45:34][LOCAL_IP <-> REMOTE_IP] IKE SA delete called for p1 sa 2593427 (ref cnt 1) local:LOCAL_IP, remote:REMOTE_IP, IKEv1 [Oct 14 10:45:34][LOCAL_IP <-> REMOTE_IP] P1 SA 2593427 stop timer. timer duration 30, reason 0. [Oct 14 10:45:34][LOCAL_IP <-> REMOTE_IP] iked_pm_p1_sa_destroy: p1 sa 2593427 (ref cnt 0), waiting_for_del 0x0 [Oct 14 10:45:34][LOCAL_IP <-> REMOTE_IP] iked_peer_remove_p1sa_entry: Remove p1 sa 2593427 from peer entry 0x9cc400 [Oct 14 10:45:34][LOCAL_IP <-> REMOTE_IP] ike_free_id_payload: Start, id type = 1 [Oct 14 10:45:34][LOCAL_IP <-> REMOTE_IP] ike_free_id_payload: Start, id type = 1 [Oct 14 10:45:34][LOCAL_IP <-> REMOTE_IP] ike_free_sa: Start [Oct 14 10:45:38][LOCAL_IP <-> REMOTE_IP] ike_sa_find: Not found SA = { da25989d ca1322af - 3599569c 795ce5e0 } [Oct 14 10:45:38][LOCAL_IP <-> REMOTE_IP] ikev2_packet_v1_start: Passing IKE v1.0 packet to IKEv1 library [Oct 14 10:45:38][LOCAL_IP <-> REMOTE_IP] ike_get_sa: Start, SA = { da25989d ca1322af - 3599569c 795ce5e0 } / 64085101, remote = REMOTE_IP:500 [Oct 14 10:45:38][LOCAL_IP <-> REMOTE_IP] ike_sa_find: Not found SA = { da25989d ca1322af - 3599569c 795ce5e0 } [Oct 14 10:45:38][LOCAL_IP <-> REMOTE_IP] ike_sa_find_half: Not found half SA = { da25989d ca1322af - 00000000 00000000 } [Oct 14 10:45:38][LOCAL_IP <-> REMOTE_IP] ike_get_sa: Invalid cookie, no sa found, SA = { da25989d ca1322af - 3599569c 795ce5e0 } / 64085101, remote = REMOTE_IP:500 [Oct 14 10:45:38][LOCAL_IP <-> REMOTE_IP] iked_pv_audit_callback: Empty SSH audit event [Oct 14 10:45:38][LOCAL_IP <-> REMOTE_IP] unknown (unknown) <-> unknown { unknown [unknown] / unknown } unknown; Packet to unknown Isakmp SA, ip = REMOTE_IP:500 [Oct 14 10:45:44][LOCAL_IP <-> REMOTE_IP] Received DPD Trigger message with local_gw_addr = LOCAL_IP remote_gw_addr = REMOTE_IP [Oct 14 10:45:44][LOCAL_IP <-> REMOTE_IP] DPD -> TTL decrement 4 (no-response) for remote peer REMOTE_IP [Oct 14 10:45:44][LOCAL_IP <-> REMOTE_IP] P1 SA 2593428 start timer. timer duration 30, reason 1. [Oct 14 10:45:44][LOCAL_IP <-> REMOTE_IP] iked_peer_insert_p1sa_entry: Insert p1 sa 2593428 in peer entry 0x9cc400 [Oct 14 10:45:44][LOCAL_IP <-> REMOTE_IP] ikev2_fallback_negotiation_alloc: Allocated fallback negotiation dfc800 [Oct 14 10:45:44][LOCAL_IP <-> REMOTE_IP] Parsing notification payload for local:LOCAL_IP, remote:REMOTE_IP IKEv1 [Oct 14 10:45:44][LOCAL_IP <-> REMOTE_IP] IKE SA fill called for negotiation of local:LOCAL_IP, remote:REMOTE_IP IKEv1 [Oct 14 10:45:44][LOCAL_IP <-> REMOTE_IP] ikev2_fallback_negotiation_free: Fallback negotiation dfc800 has still 1 references [Oct 14 10:45:44][LOCAL_IP <-> REMOTE_IP] ssh_ike_connect: Start, remote_name = REMOTE_IP:500, xchg = 2, flags = 00080000 [Oct 14 10:45:44][LOCAL_IP <-> REMOTE_IP] ike_sa_allocate: Start, SA = { a5e6a291 75e47c68 - 00000000 00000000 } [Oct 14 10:45:44][LOCAL_IP <-> REMOTE_IP] ike_init_isakmp_sa: Start, remote = REMOTE_IP:500, initiator = 1 [Oct 14 10:45:44][LOCAL_IP <-> REMOTE_IP] ssh_ike_connect: SA = { a5e6a291 75e47c68 - 00000000 00000000}, nego = -1 [Oct 14 10:45:44][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { a5e6a291 75e47c68 - 00000000 00000000 [-1] / 0x00000000 } IP; Start isakmp sa negotiation [Oct 14 10:45:44][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { a5e6a291 75e47c68 - 00000000 00000000 [-1] / 0x00000000 } IP; Version = 1.0, Input packet fields = 0000 [Oct 14 10:45:44][LOCAL_IP <-> REMOTE_IP] ike_state_step: Current state = Start sa negotiation I (1)/-1, exchange = 2, auth_method = pre shared key, Initiator [Oct 14 10:45:44][LOCAL_IP <-> REMOTE_IP] ike_st_o_sa_proposal: Start [Oct 14 10:45:44][LOCAL_IP <-> REMOTE_IP] ike_policy_reply_isakmp_vendor_ids: Start [Oct 14 10:45:44][LOCAL_IP <-> REMOTE_IP] ike_st_o_private: Start [Oct 14 10:45:44][LOCAL_IP <-> REMOTE_IP] ike_policy_reply_private_payload_out: Start [Oct 14 10:45:44][LOCAL_IP <-> REMOTE_IP] ike_state_step: All done, new state = MM SA I (3) [Oct 14 10:45:44][LOCAL_IP <-> REMOTE_IP] ike_encode_packet: Start, SA = { 0xa5e6a291 75e47c68 - 00000000 00000000 } / 00000000, nego = -1 [Oct 14 10:45:44][LOCAL_IP <-> REMOTE_IP] ike_encode_packet: Final length = 288 [Oct 14 10:45:44][LOCAL_IP <-> REMOTE_IP] ike_send_packet: Start, send SA = { a5e6a291 75e47c68 - 00000000 00000000}, nego = -1, dst = REMOTE_IP:500, routing table id = 0 [Oct 14 10:45:44][LOCAL_IP <-> REMOTE_IP] ike_sa_find: Not found SA = { a5e6a291 75e47c68 - 0eb5e9f8 8ec57a31 } [Oct 14 10:45:44][LOCAL_IP <-> REMOTE_IP] ikev2_packet_v1_start: Passing IKE v1.0 packet to IKEv1 library [Oct 14 10:45:44][LOCAL_IP <-> REMOTE_IP] ike_get_sa: Start, SA = { a5e6a291 75e47c68 - 0eb5e9f8 8ec57a31 } / 00000000, remote = REMOTE_IP:500 [Oct 14 10:45:44][LOCAL_IP <-> REMOTE_IP] ike_sa_find: Not found SA = { a5e6a291 75e47c68 - 0eb5e9f8 8ec57a31 } [Oct 14 10:45:44][LOCAL_IP <-> REMOTE_IP] ike_sa_find_half: Found half SA = { a5e6a291 75e47c68 - 00000000 00000000 } [Oct 14 10:45:44][LOCAL_IP <-> REMOTE_IP] ike_get_sa: We are intiator, first response packet [Oct 14 10:45:44][LOCAL_IP <-> REMOTE_IP] ike_sa_upgrade: Start, SA = { a5e6a291 75e47c68 - 00000000 00000000 } -> { ... - 0eb5e9f8 8ec57a31 } [Oct 14 10:45:44][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { a5e6a291 75e47c68 - 0eb5e9f8 8ec57a31 [-1] / 0x00000000 } IP; Packet to old negotiation [Oct 14 10:45:44][LOCAL_IP <-> REMOTE_IP] ike_decode_packet: Start [Oct 14 10:45:44][LOCAL_IP <-> REMOTE_IP] ike_decode_packet: Start, SA = { a5e6a291 75e47c68 - 0eb5e9f8 8ec57a31} / 00000000, nego = -1 [Oct 14 10:45:44][LOCAL_IP <-> REMOTE_IP] ike_decode_payload_sa: Start [Oct 14 10:45:44][LOCAL_IP <-> REMOTE_IP] ike_decode_payload_sa: Found 1 proposals [Oct 14 10:45:44][LOCAL_IP <-> REMOTE_IP] ike_decode_payload_t: Start, # trans = 1 [Oct 14 10:45:44][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { a5e6a291 75e47c68 - 0eb5e9f8 8ec57a31 [-1] / 0x00000000 } IP; Version = 1.0, Input packet fields = 0401 SA VID [Oct 14 10:45:44][LOCAL_IP <-> REMOTE_IP] ike_state_step: Current state = MM SA I (3)/-1, exchange = 2, auth_method = pre shared key, Initiator [Oct 14 10:45:44][LOCAL_IP <-> REMOTE_IP] ike_st_i_sa_value: Start [Oct 14 10:45:44][LOCAL_IP <-> REMOTE_IP] ike_st_i_cr: Start [Oct 14 10:45:44][LOCAL_IP <-> REMOTE_IP] ike_st_i_cert: Start [Oct 14 10:45:44][LOCAL_IP <-> REMOTE_IP] ike_st_i_vid: VID[0..8] = 09002689 dfd6b712 ... [Oct 14 10:45:44][LOCAL_IP <-> REMOTE_IP] ike_st_i_vid: VID[0..16] = afcad713 68a1f1c9 ... [Oct 14 10:45:44][LOCAL_IP <-> REMOTE_IP] ike_st_i_vid: VID[0..16] = 12f5f28c 457168a9 ... [Oct 14 10:45:44][LOCAL_IP <-> REMOTE_IP] ike_st_i_vid: VID[0..16] = 4a131c81 07035845 ... [Oct 14 10:45:44][LOCAL_IP <-> REMOTE_IP] ike_st_i_private: Start [Oct 14 10:45:44][LOCAL_IP <-> REMOTE_IP] ike_st_o_ke: Start [Oct 14 10:45:44][LOCAL_IP <-> REMOTE_IP] iked_dh_get_group: DH Group 2 [Oct 14 10:45:44][LOCAL_IP <-> REMOTE_IP] iked_dh_generate_sync: Requested DH group 2 [Oct 14 10:45:44][LOCAL_IP <-> REMOTE_IP] iked_dh_generate_sync: Generated DH keys using hardware for DH group 2 [Oct 14 10:45:44][LOCAL_IP <-> REMOTE_IP] juniper_dlp_diffie_hellman_generate_async: DH Generate Secs [0] USecs [6380] [Oct 14 10:45:44][LOCAL_IP <-> REMOTE_IP] juniper_dlp_diffie_hellman_generate_async: Generated DH using hardware [Oct 14 10:45:44][LOCAL_IP <-> REMOTE_IP] ike_st_o_nonce: Start [Oct 14 10:45:44][LOCAL_IP <-> REMOTE_IP] ike_policy_reply_isakmp_nonce_data_len: Start [Oct 14 10:45:44][LOCAL_IP <-> REMOTE_IP] ike_st_o_private: Start [Oct 14 10:45:44][LOCAL_IP <-> REMOTE_IP] ike_policy_reply_private_payload_out: Start [Oct 14 10:45:44][LOCAL_IP <-> REMOTE_IP] ike_policy_reply_private_payload_out: Start [Oct 14 10:45:44][LOCAL_IP <-> REMOTE_IP] ike_policy_reply_private_payload_out: Start [Oct 14 10:45:44][LOCAL_IP <-> REMOTE_IP] ike_state_step: All done, new state = MM KE I (5) [Oct 14 10:45:44][LOCAL_IP <-> REMOTE_IP] ike_encode_packet: Start, SA = { 0xa5e6a291 75e47c68 - 0eb5e9f8 8ec57a31 } / 00000000, nego = -1 [Oct 14 10:45:44][LOCAL_IP <-> REMOTE_IP] ike_encode_packet: Final length = 228 [Oct 14 10:45:44][LOCAL_IP <-> REMOTE_IP] ike_send_packet: Start, send SA = { a5e6a291 75e47c68 - 0eb5e9f8 8ec57a31}, nego = -1, dst = REMOTE_IP:500, routing table id = 0 [Oct 14 10:45:44][LOCAL_IP <-> REMOTE_IP] ike_sa_find: Found SA = { a5e6a291 75e47c68 - 0eb5e9f8 8ec57a31 } [Oct 14 10:45:44][LOCAL_IP <-> REMOTE_IP] ikev2_packet_v1_start: Passing IKE v1.0 packet to IKEv1 library [Oct 14 10:45:44][LOCAL_IP <-> REMOTE_IP] ike_get_sa: Start, SA = { a5e6a291 75e47c68 - 0eb5e9f8 8ec57a31 } / 00000000, remote = REMOTE_IP:500 [Oct 14 10:45:44][LOCAL_IP <-> REMOTE_IP] ike_sa_find: Found SA = { a5e6a291 75e47c68 - 0eb5e9f8 8ec57a31 } [Oct 14 10:45:44][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { a5e6a291 75e47c68 - 0eb5e9f8 8ec57a31 [-1] / 0x00000000 } IP; Packet to old negotiation [Oct 14 10:45:44][LOCAL_IP <-> REMOTE_IP] ike_decode_packet: Start [Oct 14 10:45:44][LOCAL_IP <-> REMOTE_IP] ike_decode_packet: Start, SA = { a5e6a291 75e47c68 - 0eb5e9f8 8ec57a31} / 00000000, nego = -1 [Oct 14 10:45:44][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { a5e6a291 75e47c68 - 0eb5e9f8 8ec57a31 [-1] / 0x00000000 } IP; Version = 1.0, Input packet fields = 0012 KE NONCE [Oct 14 10:45:44][LOCAL_IP <-> REMOTE_IP] ike_state_step: Current state = MM KE I (5)/-1, exchange = 2, auth_method = pre shared key, Initiator [Oct 14 10:45:44][LOCAL_IP <-> REMOTE_IP] ike_st_i_nonce: Start, nonce[0..32] = 71ce5a8b d875b45b ... [Oct 14 10:45:44][LOCAL_IP <-> REMOTE_IP] ike_st_i_ke: Ke[0..128] = 0b8b1f42 0d099766 ... [Oct 14 10:45:44][LOCAL_IP <-> REMOTE_IP] ike_st_i_cr: Start [Oct 14 10:45:44][LOCAL_IP <-> REMOTE_IP] ike_st_i_cert: Start [Oct 14 10:45:44][LOCAL_IP <-> REMOTE_IP] ike_st_i_private: Start [Oct 14 10:45:44][LOCAL_IP <-> REMOTE_IP] ike_st_o_id: Start [Oct 14 10:45:44][LOCAL_IP <-> REMOTE_IP] ike_st_o_hash: Start [Oct 14 10:45:44][LOCAL_IP <-> REMOTE_IP] iked_dh_get_group: DH Group 2 [Oct 14 10:45:44][LOCAL_IP <-> REMOTE_IP] iked_dh_compute_synch: Requested DH group 2 [Oct 14 10:45:44][LOCAL_IP <-> REMOTE_IP] juniper_dlp_diffie_hellman_final_async: DH Compute Secs [0] USecs [5222] [Oct 14 10:45:44][LOCAL_IP <-> REMOTE_IP] juniper_dlp_diffie_hellman_final_async: Computed DH using hardware [Oct 14 10:45:44][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { a5e6a291 75e47c68 - 0eb5e9f8 8ec57a31 [-1] / 0x00000000 } IP; Diffie-hellman secret g^xy[128] = 0x7cccffa0 829bb938 38d611e8 7372b485 5a [Oct 14 10:45:44][LOCAL_IP <-> REMOTE_IP] ike_find_pre_shared_key: Find pre shared key key for LOCAL_IP:500, id = ipv4(any:0,[0..3]=LOCAL_IP) -> REMOTE_IP:500, id = No Id [Oct 14 10:45:44][LOCAL_IP <-> REMOTE_IP] ike_policy_reply_find_pre_shared_key: Start [Oct 14 10:45:44][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { a5e6a291 75e47c68 - 0eb5e9f8 8ec57a31 [-1] / 0x00000000 } IP; Hash algorithm = hmac-sha1 [Oct 14 10:45:44][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { a5e6a291 75e47c68 - 0eb5e9f8 8ec57a31 [-1] / 0x00000000 } IP; Prf key[11] = 0x32303135 4d696172 657465 [Oct 14 10:45:44][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { a5e6a291 75e47c68 - 0eb5e9f8 8ec57a31 [-1] / 0x00000000 } IP; Calculating SKEYID [Oct 14 10:45:44][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { a5e6a291 75e47c68 - 0eb5e9f8 8ec57a31 [-1] / 0x00000000 } IP; Output of SKEYID hash[20] = 0x0f08fb62 fd75e8f5 6a4841da d049b888 1f8815e0 [Oct 14 10:45:44][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { a5e6a291 75e47c68 - 0eb5e9f8 8ec57a31 [-1] / 0x00000000 } IP; Output of SKEYID_d hash[20] = 0x80269485 cc4dacc1 c1e2719d 91c2c680 90dcc5 [Oct 14 10:45:44][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { a5e6a291 75e47c68 - 0eb5e9f8 8ec57a31 [-1] / 0x00000000 } IP; Output of SKEYID_a hash[20] = 0x8030cf5d 9b79a5a7 4d15196a 0e0456ea d06c27 [Oct 14 10:45:44][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { a5e6a291 75e47c68 - 0eb5e9f8 8ec57a31 [-1] / 0x00000000 } IP; Output SKEYID_e hash[20] = 0x2d26fa75 c13e9bc4 11bc12cf 22d8b4aa 883c093c [Oct 14 10:45:44][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { a5e6a291 75e47c68 - 0eb5e9f8 8ec57a31 [-1] / 0x00000000 } IP; Final encryption key[16] = 0x2d26fa75 c13e9bc4 11bc12cf 22d8b4aa [Oct 14 10:45:44][LOCAL_IP <-> REMOTE_IP] ike_calc_mac: Start, initiator = true, local = true [Oct 14 10:45:44][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { a5e6a291 75e47c68 - 0eb5e9f8 8ec57a31 [-1] / 0x00000000 } IP; Output of HASH_I hash[20] = 0x2753ecc9 601246f2 cba434ca dc0caa0b ae1e83cd [Oct 14 10:45:44][LOCAL_IP <-> REMOTE_IP] ike_st_o_status_n: Start [Oct 14 10:45:44][LOCAL_IP <-> REMOTE_IP] ike_st_o_private: Start [Oct 14 10:45:44][LOCAL_IP <-> REMOTE_IP] ike_policy_reply_private_payload_out: Start [Oct 14 10:45:44][LOCAL_IP <-> REMOTE_IP] ike_st_o_encrypt: Marking encryption for packet [Oct 14 10:45:44][LOCAL_IP <-> REMOTE_IP] ike_state_step: All done, new state = MM final I (7) [Oct 14 10:45:44][LOCAL_IP <-> REMOTE_IP] ike_encode_packet: Start, SA = { 0xa5e6a291 75e47c68 - 0eb5e9f8 8ec57a31 } / 00000000, nego = -1 [Oct 14 10:45:44][LOCAL_IP <-> REMOTE_IP] ike_encode_packet: Encrypting packet [Oct 14 10:45:44][LOCAL_IP <-> REMOTE_IP] ike_encode_packet: Final length = 76 [Oct 14 10:45:44][LOCAL_IP <-> REMOTE_IP] ike_send_packet: Start, send SA = { a5e6a291 75e47c68 - 0eb5e9f8 8ec57a31}, nego = -1, dst = REMOTE_IP:500, routing table id = 0 [Oct 14 10:45:44][LOCAL_IP <-> REMOTE_IP] ike_sa_find: Found SA = { a5e6a291 75e47c68 - 0eb5e9f8 8ec57a31 } [Oct 14 10:45:44][LOCAL_IP <-> REMOTE_IP] ikev2_packet_v1_start: Passing IKE v1.0 packet to IKEv1 library [Oct 14 10:45:44][LOCAL_IP <-> REMOTE_IP] ike_get_sa: Start, SA = { a5e6a291 75e47c68 - 0eb5e9f8 8ec57a31 } / 00000000, remote = REMOTE_IP:500 [Oct 14 10:45:44][LOCAL_IP <-> REMOTE_IP] ike_sa_find: Found SA = { a5e6a291 75e47c68 - 0eb5e9f8 8ec57a31 } [Oct 14 10:45:44][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { a5e6a291 75e47c68 - 0eb5e9f8 8ec57a31 [-1] / 0x00000000 } IP; Packet to old negotiation [Oct 14 10:45:44][LOCAL_IP <-> REMOTE_IP] ike_decode_packet: Start [Oct 14 10:45:44][LOCAL_IP <-> REMOTE_IP] ike_decode_packet: Start, SA = { a5e6a291 75e47c68 - 0eb5e9f8 8ec57a31} / 00000000, nego = -1 [Oct 14 10:45:44][LOCAL_IP <-> REMOTE_IP] ike_decode_packet: Decrypting packet [Oct 14 10:45:44][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { a5e6a291 75e47c68 - 0eb5e9f8 8ec57a31 [-1] / 0x00000000 } IP; Version = 1.0, Input packet fields = 0024 ID HASH [Oct 14 10:45:44][LOCAL_IP <-> REMOTE_IP] ike_state_step: Current state = MM final I (7)/-1, exchange = 2, auth_method = pre shared key, Initiator [Oct 14 10:45:44][LOCAL_IP <-> REMOTE_IP] ike_st_i_encrypt: Check that packet was encrypted succeeded [Oct 14 10:45:44][LOCAL_IP <-> REMOTE_IP] ike_st_i_id: Start [Oct 14 10:45:44][LOCAL_IP <-> REMOTE_IP] ike_st_i_hash: Start, hash[0..20] = 634f5a17 8ea1516d ... [Oct 14 10:45:44][LOCAL_IP <-> REMOTE_IP] ike_calc_mac: Start, initiator = true, local = false [Oct 14 10:45:44][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { a5e6a291 75e47c68 - 0eb5e9f8 8ec57a31 [-1] / 0x00000000 } IP; Output of HASH_R hash[20] = 0x634f5a17 8ea1516d 71b4fe92 13c98857 1af698bd [Oct 14 10:45:44][LOCAL_IP <-> REMOTE_IP] ike_st_i_cert: Start [Oct 14 10:45:44][LOCAL_IP <-> REMOTE_IP] ike_st_i_private: Start [Oct 14 10:45:44][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { a5e6a291 75e47c68 - 0eb5e9f8 8ec57a31 [-1] / 0x00000000 } IP; dec->enc iv[16] = 0xa2bb3081 d495118c 07e77e8c 2c8325b4 [Oct 14 10:45:44][LOCAL_IP <-> REMOTE_IP] ike_st_o_wait_done: Marking for waiting for done [Oct 14 10:45:44][LOCAL_IP <-> REMOTE_IP] ike_st_o_all_done: MESSAGE: Phase 1 { 0xa5e6a291 75e47c68 - 0x0eb5e9f8 8ec57a31 } / 00000000, version = 1.0, xchg = Identity protect, auth_method = Pre shared keys, Initiator, cipher = aes- [Oct 14 10:45:44][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { a5e6a291 75e47c68 - 0eb5e9f8 8ec57a31 [-1] / 0x00000000 } IP; MESSAGE: Phase 1 version = 1.0, auth_method = Pre shared keys, cipher = ae [Oct 14 10:45:44][LOCAL_IP <-> REMOTE_IP] ike_state_step: All done, new state = MM done I (9) [Oct 14 10:45:44][LOCAL_IP <-> REMOTE_IP] ikev2_fallback_negotiation_free: Fallback negotiation dfc800 has still 1 references [Oct 14 10:45:44][LOCAL_IP <-> REMOTE_IP] ike_send_notify: Connected, SA = { a5e6a291 75e47c68 - 0eb5e9f8 8ec57a31}, nego = -1 [Oct 14 10:45:44][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { a5e6a291 75e47c68 - 0eb5e9f8 8ec57a31 [-1] / 0x00000000 } IP; Connected [Oct 14 10:45:44][LOCAL_IP <-> REMOTE_IP] ike_process_packet: No output packet, returning [Oct 14 10:45:44][LOCAL_IP <-> REMOTE_IP] iked_pm_ike_sa_done: local:LOCAL_IP, remote:REMOTE_IP IKEv1 [Oct 14 10:45:44][LOCAL_IP <-> REMOTE_IP] IKE negotiation done for local:LOCAL_IP, remote:REMOTE_IP IKEv1 with status: Error ok [Oct 14 10:45:44][LOCAL_IP <-> REMOTE_IP] Parsing notification payload for local:LOCAL_IP, remote:REMOTE_IP IKEv1 [Oct 14 10:45:44][LOCAL_IP <-> REMOTE_IP] P1 SA 2593428 stop timer. timer duration 30, reason 1. [Oct 14 10:45:44][LOCAL_IP <-> REMOTE_IP] ssh_ike_connect_notify: Start, remote_name = :500, flags = 00010000 [Oct 14 10:45:44][LOCAL_IP <-> REMOTE_IP] ike_sa_find_ip_port: Remote = all:500, Found SA = { a5e6a291 75e47c68 - 0eb5e9f8 8ec57a31} [Oct 14 10:45:44][LOCAL_IP <-> REMOTE_IP] ike_alloc_negotiation: Start, SA = { a5e6a291 75e47c68 - 0eb5e9f8 8ec57a31} [Oct 14 10:45:44][LOCAL_IP <-> REMOTE_IP] ike_alloc_negotiation: Found slot 0, max 1 [Oct 14 10:45:44][LOCAL_IP <-> REMOTE_IP] :500 (Initiator) <-> REMOTE_IP:500 { a5e6a291 75e47c68 - 0eb5e9f8 8ec57a31 [0] / 0xf846980d } Info; Output of phase 2 IV hash[16] = 0x05f52136 52277b4b 88199229 ef9ca6db [Oct 14 10:45:44][LOCAL_IP <-> REMOTE_IP] ike_init_info_exchange: Created random message id = f846980d [Oct 14 10:45:44][LOCAL_IP <-> REMOTE_IP] ike_init_info_exchange: Phase 1 done, use HASH and N or D payload [Oct 14 10:45:44][LOCAL_IP <-> REMOTE_IP] ssh_ike_connect_notify: SA = { a5e6a291 75e47c68 - 0eb5e9f8 8ec57a31}, nego = 0 [Oct 14 10:45:44][LOCAL_IP <-> REMOTE_IP] :500 (Initiator) <-> REMOTE_IP:500 { a5e6a291 75e47c68 - 0eb5e9f8 8ec57a31 [0] / 0xf846980d } Info; Start notify negotiation [Oct 14 10:45:44][LOCAL_IP <-> REMOTE_IP] ike_encode_packet: Start, SA = { 0xa5e6a291 75e47c68 - 0eb5e9f8 8ec57a31 } / f846980d, nego = 0 [Oct 14 10:45:44][LOCAL_IP <-> REMOTE_IP] ike_encode_packet: Encrypting packet [Oct 14 10:45:44][LOCAL_IP <-> REMOTE_IP] ike_encode_packet: Final length = 92 [Oct 14 10:45:44][LOCAL_IP <-> REMOTE_IP] ssh_ike_connect_notify: Sending notification to (null):500 [Oct 14 10:45:44][LOCAL_IP <-> REMOTE_IP] ike_send_packet: Start, send SA = { a5e6a291 75e47c68 - 0eb5e9f8 8ec57a31}, nego = 0, dst = REMOTE_IP:500, routing table id = 0 [Oct 14 10:45:44][LOCAL_IP <-> REMOTE_IP] ike_delete_negotiation: Start, SA = { a5e6a291 75e47c68 - 0eb5e9f8 8ec57a31}, nego = 0 [Oct 14 10:45:44][LOCAL_IP <-> REMOTE_IP] :500 (Initiator) <-> REMOTE_IP:500 { a5e6a291 75e47c68 - 0eb5e9f8 8ec57a31 [0] / 0xf846980d } Info; Deleting negotiation [Oct 14 10:45:44][LOCAL_IP <-> REMOTE_IP] ike_free_negotiation_info: Start, nego = 0 [Oct 14 10:45:44][LOCAL_IP <-> REMOTE_IP] ike_free_negotiation: Start, nego = 0 [Oct 14 10:45:44][LOCAL_IP <-> REMOTE_IP] iked_pm_ike_info_done_callback: P1 SA 2593428 (ref 2). pending req? 0, status: Error ok [Oct 14 10:45:44][LOCAL_IP <-> REMOTE_IP] ikev2_fallback_negotiation_free: Freeing fallback negotiation dfc800 [Oct 14 10:45:44][LOCAL_IP <-> REMOTE_IP] ike_sa_find: Found SA = { a5e6a291 75e47c68 - 0eb5e9f8 8ec57a31 } [Oct 14 10:45:44][LOCAL_IP <-> REMOTE_IP] ikev2_packet_v1_start: Passing IKE v1.0 packet to IKEv1 library [Oct 14 10:45:44][LOCAL_IP <-> REMOTE_IP] ike_get_sa: Start, SA = { a5e6a291 75e47c68 - 0eb5e9f8 8ec57a31 } / 8f2c1beb, remote = REMOTE_IP:500 [Oct 14 10:45:44][LOCAL_IP <-> REMOTE_IP] ike_sa_find: Found SA = { a5e6a291 75e47c68 - 0eb5e9f8 8ec57a31 } [Oct 14 10:45:44][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { a5e6a291 75e47c68 - 0eb5e9f8 8ec57a31 [-1] / 0x00000000 } IP; Version = 1.0, Input packet fields = 0024 ID HASH [Oct 14 10:45:44][LOCAL_IP <-> REMOTE_IP] ike_state_step: Current state = MM done I (9)/-1, exchange = 2, auth_method = pre shared key, Initiator [Oct 14 10:45:44][LOCAL_IP <-> REMOTE_IP] ike_st_o_done: ISAKMP SA negotiation done [Oct 14 10:45:44][LOCAL_IP <-> REMOTE_IP] ike_state_step: All done, new state = Done (30) [Oct 14 10:45:44][LOCAL_IP <-> REMOTE_IP] ike_udp_callback_common: Connected, sending notify [Oct 14 10:45:44][LOCAL_IP <-> REMOTE_IP] ike_send_notify: Connected, SA = { a5e6a291 75e47c68 - 0eb5e9f8 8ec57a31}, nego = -1 [Oct 14 10:45:44][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { a5e6a291 75e47c68 - 0eb5e9f8 8ec57a31 [-1] / 0x00000000 } IP; Connected [Oct 14 10:45:44][LOCAL_IP <-> REMOTE_IP] ike_free_negotiation_isakmp: Start, nego = -1 [Oct 14 10:45:44][LOCAL_IP <-> REMOTE_IP] ike_free_negotiation: Start, nego = -1 [Oct 14 10:45:44][LOCAL_IP <-> REMOTE_IP] ike_alloc_negotiation: Start, SA = { a5e6a291 75e47c68 - 0eb5e9f8 8ec57a31} [Oct 14 10:45:44][LOCAL_IP <-> REMOTE_IP] ike_alloc_negotiation: Found slot 0, max 1 [Oct 14 10:45:44][LOCAL_IP <-> REMOTE_IP] ike_init_cfg_negotiation: Start, initiator = 0, message_id = 8f2c1beb [Oct 14 10:45:44][LOCAL_IP <-> REMOTE_IP] :500 (Responder) <-> REMOTE_IP:500 { a5e6a291 75e47c68 - 0eb5e9f8 8ec57a31 [0] / 0x8f2c1beb } CFG; New negotiation [Oct 14 10:45:44][LOCAL_IP <-> REMOTE_IP] ikev2_fallback_negotiation_alloc: Allocated fallback negotiation dfc800 [Oct 14 10:45:44][LOCAL_IP <-> REMOTE_IP] ikev2_fb_alloc_cfgmode_negotiation: Accepting new Cfg/XAuth negotiation: local=:500, remote=REMOTE_IP:500 [Oct 14 10:45:44][LOCAL_IP <-> REMOTE_IP] :500 (Responder) <-> REMOTE_IP:500 { a5e6a291 75e47c68 - 0eb5e9f8 8ec57a31 [0] / 0x8f2c1beb } CFG; Output of phase 2 IV hash[16] = 0xafb473d9 18699286 2c0b60fd c4171443 [Oct 14 10:45:44][LOCAL_IP <-> REMOTE_IP] ike_decode_packet: Start [Oct 14 10:45:44][LOCAL_IP <-> REMOTE_IP] ike_decode_packet: Start, SA = { a5e6a291 75e47c68 - 0eb5e9f8 8ec57a31} / 8f2c1beb, nego = 0 [Oct 14 10:45:44][LOCAL_IP <-> REMOTE_IP] ike_decode_packet: Decrypting packet [Oct 14 10:45:44][LOCAL_IP <-> REMOTE_IP] ike_decode_payload_attr: Start [Oct 14 10:45:44][LOCAL_IP <-> REMOTE_IP] :500 (Responder) <-> REMOTE_IP:500 { a5e6a291 75e47c68 - 0eb5e9f8 8ec57a31 [0] / 0x8f2c1beb } CFG; Version = 1.0, Input packet fields = 0820 HASH ATTR [Oct 14 10:45:44][LOCAL_IP <-> REMOTE_IP] ike_state_step: Current state = Start CFG R (26)/-1, exchange = 6, auth_method = any, Responder [Oct 14 10:45:44][LOCAL_IP <-> REMOTE_IP] ike_st_i_encrypt: Check that packet was encrypted succeeded [Oct 14 10:45:44][LOCAL_IP <-> REMOTE_IP] ike_st_i_gen_hash: Start, hash[0..20] = 724ce60d 8f719832 ... [Oct 14 10:45:44][LOCAL_IP <-> REMOTE_IP] ike_st_i_cfg_attr: Start [Oct 14 10:45:44][LOCAL_IP <-> REMOTE_IP] ike_process_packet: No output packet, returning [Oct 14 10:45:44][LOCAL_IP <-> REMOTE_IP] ike_cfg_attrs_reply: Start [Oct 14 10:45:44][LOCAL_IP <-> REMOTE_IP] ikev2_fallback_negotiation_free: Fallback negotiation dfc800 has still 2 references [Oct 14 10:45:44][LOCAL_IP <-> REMOTE_IP] ikev2_fallback_negotiation_free: Fallback negotiation dfc800 has still 1 references [Oct 14 10:45:44][LOCAL_IP <-> REMOTE_IP] ikev2_fallback_negotiation_free: Freeing fallback negotiation dfc800 [Oct 14 10:45:44][LOCAL_IP <-> REMOTE_IP] ike_sa_find: Found SA = { a5e6a291 75e47c68 - 0eb5e9f8 8ec57a31 } [Oct 14 10:45:44][LOCAL_IP <-> REMOTE_IP] ikev2_packet_v1_start: Passing IKE v1.0 packet to IKEv1 library [Oct 14 10:45:44][LOCAL_IP <-> REMOTE_IP] ike_get_sa: Start, SA = { a5e6a291 75e47c68 - 0eb5e9f8 8ec57a31 } / 6e57d429, remote = REMOTE_IP:500 [Oct 14 10:45:44][LOCAL_IP <-> REMOTE_IP] ike_sa_find: Found SA = { a5e6a291 75e47c68 - 0eb5e9f8 8ec57a31 } [Oct 14 10:45:44][LOCAL_IP <-> REMOTE_IP] ike_alloc_negotiation: Start, SA = { a5e6a291 75e47c68 - 0eb5e9f8 8ec57a31} [Oct 14 10:45:44][LOCAL_IP <-> REMOTE_IP] ike_alloc_negotiation: Found slot 1, max 2 [Oct 14 10:45:44][LOCAL_IP <-> REMOTE_IP] :500 (Responder) <-> REMOTE_IP:500 { a5e6a291 75e47c68 - 0eb5e9f8 8ec57a31 [1] / 0x6e57d429 } Info; New informational negotiation [Oct 14 10:45:44][LOCAL_IP <-> REMOTE_IP] :500 (Responder) <-> REMOTE_IP:500 { a5e6a291 75e47c68 - 0eb5e9f8 8ec57a31 [1] / 0x6e57d429 } Info; Packet to old negotiation [Oct 14 10:45:44][LOCAL_IP <-> REMOTE_IP] :500 (Responder) <-> REMOTE_IP:500 { a5e6a291 75e47c68 - 0eb5e9f8 8ec57a31 [1] / 0x6e57d429 } Info; Output of phase 2 IV hash[16] = 0x50e6576e 9b40c43c fe243fac 2f9ed9f5 [Oct 14 10:45:44][LOCAL_IP <-> REMOTE_IP] ike_decode_packet: Start [Oct 14 10:45:44][LOCAL_IP <-> REMOTE_IP] ike_decode_packet: Start, SA = { a5e6a291 75e47c68 - 0eb5e9f8 8ec57a31} / 6e57d429, nego = 1 [Oct 14 10:45:44][LOCAL_IP <-> REMOTE_IP] ike_decode_packet: Decrypting packet [Oct 14 10:45:44][LOCAL_IP <-> REMOTE_IP] :500 (Responder) <-> REMOTE_IP:500 { a5e6a291 75e47c68 - 0eb5e9f8 8ec57a31 [1] / 0x6e57d429 } Info; Version = 1.0, Input packet fields = 0220 HASH N [Oct 14 10:45:44][LOCAL_IP <-> REMOTE_IP] ike_state_step: Current state = Done (30)/-1, exchange = 5, auth_method = any, Responder [Oct 14 10:45:44][LOCAL_IP <-> REMOTE_IP] ike_st_i_encrypt: Check that packet was encrypted succeeded [Oct 14 10:45:44][LOCAL_IP <-> REMOTE_IP] ike_st_i_gen_hash: Start, hash[0..20] = 67a2fd91 51791fdf ... [Oct 14 10:45:44][LOCAL_IP <-> REMOTE_IP] ike_st_i_n: Start, doi = 1, protocol = 1, code = Payload malformed (16), spi[0..0] = 00000000 00000000 ..., data[0..0] = 00000000 00000000 ... [Oct 14 10:45:44][LOCAL_IP <-> REMOTE_IP] :500 (Responder) <-> REMOTE_IP:500 { a5e6a291 75e47c68 - 0eb5e9f8 8ec57a31 [1] / 0x6e57d429 } Info; Received notify err = Payload malformed (16) to isakmp sa, delete it [Oct 14 10:45:44][LOCAL_IP <-> REMOTE_IP] ike_st_i_private: Start [Oct 14 10:45:44][LOCAL_IP <-> REMOTE_IP] ike_state_step: All done, new state = Done (30) [Oct 14 10:45:44][LOCAL_IP <-> REMOTE_IP] ike_process_packet: Connected, sending notify [Oct 14 10:45:44][LOCAL_IP <-> REMOTE_IP] ike_send_notify: Connected, SA = { a5e6a291 75e47c68 - 0eb5e9f8 8ec57a31}, nego = 1 [Oct 14 10:45:44][LOCAL_IP <-> REMOTE_IP] :500 (Responder) <-> REMOTE_IP:500 { a5e6a291 75e47c68 - 0eb5e9f8 8ec57a31 [1] / 0x6e57d429 } Info; Connected [Oct 14 10:45:44][LOCAL_IP <-> REMOTE_IP] ike_delete_negotiation: Start, SA = { a5e6a291 75e47c68 - 0eb5e9f8 8ec57a31}, nego = 1 [Oct 14 10:45:44][LOCAL_IP <-> REMOTE_IP] :500 (Responder) <-> REMOTE_IP:500 { a5e6a291 75e47c68 - 0eb5e9f8 8ec57a31 [1] / 0x6e57d429 } Info; Deleting negotiation [Oct 14 10:45:44][LOCAL_IP <-> REMOTE_IP] ike_free_negotiation_info: Start, nego = 1 [Oct 14 10:45:44][LOCAL_IP <-> REMOTE_IP] ike_free_negotiation: Start, nego = 1 [Oct 14 10:45:44][LOCAL_IP <-> REMOTE_IP] ike_remove_callback: Start, delete SA = { a5e6a291 75e47c68 - 0eb5e9f8 8ec57a31}, nego = -1 [Oct 14 10:45:44][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { a5e6a291 75e47c68 - 0eb5e9f8 8ec57a31 [-1] / unknown } IP; Removing negotiation [Oct 14 10:45:44][LOCAL_IP <-> REMOTE_IP] ike_delete_negotiation: Start, SA = { a5e6a291 75e47c68 - 0eb5e9f8 8ec57a31}, nego = -1 [Oct 14 10:45:44][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { a5e6a291 75e47c68 - 0eb5e9f8 8ec57a31 [-1] / unknown } IP; Deleting negotiation [Oct 14 10:45:44][LOCAL_IP <-> REMOTE_IP] ssh_ike_tunnel_table_entry_delete: Deleting tunnel_id: 0 from IKE tunnel table [Oct 14 10:45:44][LOCAL_IP <-> REMOTE_IP] ssh_ike_tunnel_table_entry_delete: The tunnel id: 0 doesn't exist in IKE tunnel table [Oct 14 10:45:44][LOCAL_IP <-> REMOTE_IP] ike_sa_delete: Start, SA = { a5e6a291 75e47c68 - 0eb5e9f8 8ec57a31 } [Oct 14 10:45:44][LOCAL_IP <-> REMOTE_IP] ike_free_negotiation_cfg: Start, nego = 0 [Oct 14 10:45:44][LOCAL_IP <-> REMOTE_IP] ike_free_negotiation: Start, nego = 0 [Oct 14 10:45:44][LOCAL_IP <-> REMOTE_IP] ike_free_negotiation_isakmp: Start, nego = -1 [Oct 14 10:45:44][LOCAL_IP <-> REMOTE_IP] ike_free_negotiation: Start, nego = -1 [Oct 14 10:45:44][LOCAL_IP <-> REMOTE_IP] ikev2_fb_isakmp_sa_freed: Received notification from the ISAKMP library that the IKE SA df6400 is freed [Oct 14 10:45:44][LOCAL_IP <-> REMOTE_IP] IKE SA delete called for p1 sa 2593428 (ref cnt 1) local:LOCAL_IP, remote:REMOTE_IP, IKEv1 [Oct 14 10:45:44][LOCAL_IP <-> REMOTE_IP] P1 SA 2593428 stop timer. timer duration 30, reason 0. [Oct 14 10:45:44][LOCAL_IP <-> REMOTE_IP] iked_pm_p1_sa_destroy: p1 sa 2593428 (ref cnt 0), waiting_for_del 0x0 [Oct 14 10:45:44][LOCAL_IP <-> REMOTE_IP] iked_peer_remove_p1sa_entry: Remove p1 sa 2593428 from peer entry 0x9cc400 [Oct 14 10:45:44][LOCAL_IP <-> REMOTE_IP] ike_free_id_payload: Start, id type = 1 [Oct 14 10:45:44][LOCAL_IP <-> REMOTE_IP] ike_free_id_payload: Start, id type = 1 [Oct 14 10:45:44][LOCAL_IP <-> REMOTE_IP] ike_free_sa: Start [Oct 14 10:45:48][LOCAL_IP <-> REMOTE_IP] ike_sa_find: Not found SA = { a5e6a291 75e47c68 - 0eb5e9f8 8ec57a31 } [Oct 14 10:45:48][LOCAL_IP <-> REMOTE_IP] ikev2_packet_v1_start: Passing IKE v1.0 packet to IKEv1 library [Oct 14 10:45:48][LOCAL_IP <-> REMOTE_IP] ike_get_sa: Start, SA = { a5e6a291 75e47c68 - 0eb5e9f8 8ec57a31 } / 8f2c1beb, remote = REMOTE_IP:500 [Oct 14 10:45:48][LOCAL_IP <-> REMOTE_IP] ike_sa_find: Not found SA = { a5e6a291 75e47c68 - 0eb5e9f8 8ec57a31 } [Oct 14 10:45:48][LOCAL_IP <-> REMOTE_IP] ike_sa_find_half: Not found half SA = { a5e6a291 75e47c68 - 00000000 00000000 } [Oct 14 10:45:48][LOCAL_IP <-> REMOTE_IP] ike_get_sa: Invalid cookie, no sa found, SA = { a5e6a291 75e47c68 - 0eb5e9f8 8ec57a31 } / 8f2c1beb, remote = REMOTE_IP:500 [Oct 14 10:45:48][LOCAL_IP <-> REMOTE_IP] iked_pv_audit_callback: Empty SSH audit event [Oct 14 10:45:48][LOCAL_IP <-> REMOTE_IP] unknown (unknown) <-> unknown { unknown [unknown] / unknown } unknown; Packet to unknown Isakmp SA, ip = REMOTE_IP:500 [Oct 14 10:45:55][LOCAL_IP <-> REMOTE_IP] ike_sa_find: Not found SA = { a5e6a291 75e47c68 - 0eb5e9f8 8ec57a31 } [Oct 14 10:45:55][LOCAL_IP <-> REMOTE_IP] ikev2_packet_v1_start: Passing IKE v1.0 packet to IKEv1 library [Oct 14 10:45:55][LOCAL_IP <-> REMOTE_IP] ike_get_sa: Start, SA = { a5e6a291 75e47c68 - 0eb5e9f8 8ec57a31 } / 8f2c1beb, remote = REMOTE_IP:500 [Oct 14 10:45:55][LOCAL_IP <-> REMOTE_IP] ike_sa_find: Not found SA = { a5e6a291 75e47c68 - 0eb5e9f8 8ec57a31 } [Oct 14 10:45:55][LOCAL_IP <-> REMOTE_IP] ike_sa_find_half: Not found half SA = { a5e6a291 75e47c68 - 00000000 00000000 } [Oct 14 10:45:55][LOCAL_IP <-> REMOTE_IP] ike_get_sa: Invalid cookie, no sa found, SA = { a5e6a291 75e47c68 - 0eb5e9f8 8ec57a31 } / 8f2c1beb, remote = REMOTE_IP:500 [Oct 14 10:45:55][LOCAL_IP <-> REMOTE_IP] iked_pv_audit_callback: Empty SSH audit event [Oct 14 10:45:55][LOCAL_IP <-> REMOTE_IP] unknown (unknown) <-> unknown { unknown [unknown] / unknown } unknown; Packet to unknown Isakmp SA, ip = REMOTE_IP:500 [Oct 14 10:45:58][LOCAL_IP <-> REMOTE_IP] Received DPD Trigger message with local_gw_addr = LOCAL_IP remote_gw_addr = REMOTE_IP [Oct 14 10:45:58][LOCAL_IP <-> REMOTE_IP] DPD -> TTL decrement 4 (no-response) for remote peer REMOTE_IP [Oct 14 10:45:58][LOCAL_IP <-> REMOTE_IP] P1 SA 2593429 start timer. timer duration 30, reason 1. [Oct 14 10:45:58][LOCAL_IP <-> REMOTE_IP] iked_peer_insert_p1sa_entry: Insert p1 sa 2593429 in peer entry 0x9cc400 [Oct 14 10:45:58][LOCAL_IP <-> REMOTE_IP] ikev2_fallback_negotiation_alloc: Allocated fallback negotiation dfc800 [Oct 14 10:45:58][LOCAL_IP <-> REMOTE_IP] Parsing notification payload for local:LOCAL_IP, remote:REMOTE_IP IKEv1 [Oct 14 10:45:58][LOCAL_IP <-> REMOTE_IP] IKE SA fill called for negotiation of local:LOCAL_IP, remote:REMOTE_IP IKEv1 [Oct 14 10:45:58][LOCAL_IP <-> REMOTE_IP] ikev2_fallback_negotiation_free: Fallback negotiation dfc800 has still 1 references [Oct 14 10:45:58][LOCAL_IP <-> REMOTE_IP] ssh_ike_connect: Start, remote_name = REMOTE_IP:500, xchg = 2, flags = 00080000 [Oct 14 10:45:58][LOCAL_IP <-> REMOTE_IP] ike_sa_allocate: Start, SA = { d5e8cb1e 6c43a0be - 00000000 00000000 } [Oct 14 10:45:58][LOCAL_IP <-> REMOTE_IP] ike_init_isakmp_sa: Start, remote = REMOTE_IP:500, initiator = 1 [Oct 14 10:45:58][LOCAL_IP <-> REMOTE_IP] ssh_ike_connect: SA = { d5e8cb1e 6c43a0be - 00000000 00000000}, nego = -1 [Oct 14 10:45:58][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { d5e8cb1e 6c43a0be - 00000000 00000000 [-1] / 0x00000000 } IP; Start isakmp sa negotiation [Oct 14 10:45:58][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { d5e8cb1e 6c43a0be - 00000000 00000000 [-1] / 0x00000000 } IP; Version = 1.0, Input packet fields = 0000 [Oct 14 10:45:58][LOCAL_IP <-> REMOTE_IP] ike_state_step: Current state = Start sa negotiation I (1)/-1, exchange = 2, auth_method = pre shared key, Initiator [Oct 14 10:45:58][LOCAL_IP <-> REMOTE_IP] ike_st_o_sa_proposal: Start [Oct 14 10:45:58][LOCAL_IP <-> REMOTE_IP] ike_policy_reply_isakmp_vendor_ids: Start [Oct 14 10:45:58][LOCAL_IP <-> REMOTE_IP] ike_st_o_private: Start [Oct 14 10:45:58][LOCAL_IP <-> REMOTE_IP] ike_policy_reply_private_payload_out: Start [Oct 14 10:45:58][LOCAL_IP <-> REMOTE_IP] ike_state_step: All done, new state = MM SA I (3) [Oct 14 10:45:58][LOCAL_IP <-> REMOTE_IP] ike_encode_packet: Start, SA = { 0xd5e8cb1e 6c43a0be - 00000000 00000000 } / 00000000, nego = -1 [Oct 14 10:45:58][LOCAL_IP <-> REMOTE_IP] ike_encode_packet: Final length = 288 [Oct 14 10:45:58][LOCAL_IP <-> REMOTE_IP] ike_send_packet: Start, send SA = { d5e8cb1e 6c43a0be - 00000000 00000000}, nego = -1, dst = REMOTE_IP:500, routing table id = 0 [Oct 14 10:45:58][LOCAL_IP <-> REMOTE_IP] ike_sa_find: Not found SA = { d5e8cb1e 6c43a0be - 6f661e00 596dd935 } [Oct 14 10:45:58][LOCAL_IP <-> REMOTE_IP] ikev2_packet_v1_start: Passing IKE v1.0 packet to IKEv1 library [Oct 14 10:45:58][LOCAL_IP <-> REMOTE_IP] ike_get_sa: Start, SA = { d5e8cb1e 6c43a0be - 6f661e00 596dd935 } / 00000000, remote = REMOTE_IP:500 [Oct 14 10:45:58][LOCAL_IP <-> REMOTE_IP] ike_sa_find: Not found SA = { d5e8cb1e 6c43a0be - 6f661e00 596dd935 } [Oct 14 10:45:58][LOCAL_IP <-> REMOTE_IP] ike_sa_find_half: Found half SA = { d5e8cb1e 6c43a0be - 00000000 00000000 } [Oct 14 10:45:58][LOCAL_IP <-> REMOTE_IP] ike_get_sa: We are intiator, first response packet [Oct 14 10:45:58][LOCAL_IP <-> REMOTE_IP] ike_sa_upgrade: Start, SA = { d5e8cb1e 6c43a0be - 00000000 00000000 } -> { ... - 6f661e00 596dd935 } [Oct 14 10:45:58][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { d5e8cb1e 6c43a0be - 6f661e00 596dd935 [-1] / 0x00000000 } IP; Packet to old negotiation [Oct 14 10:45:58][LOCAL_IP <-> REMOTE_IP] ike_decode_packet: Start [Oct 14 10:45:58][LOCAL_IP <-> REMOTE_IP] ike_decode_packet: Start, SA = { d5e8cb1e 6c43a0be - 6f661e00 596dd935} / 00000000, nego = -1 [Oct 14 10:45:58][LOCAL_IP <-> REMOTE_IP] ike_decode_payload_sa: Start [Oct 14 10:45:58][LOCAL_IP <-> REMOTE_IP] ike_decode_payload_sa: Found 1 proposals [Oct 14 10:45:58][LOCAL_IP <-> REMOTE_IP] ike_decode_payload_t: Start, # trans = 1 [Oct 14 10:45:58][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { d5e8cb1e 6c43a0be - 6f661e00 596dd935 [-1] / 0x00000000 } IP; Version = 1.0, Input packet fields = 0401 SA VID [Oct 14 10:45:58][LOCAL_IP <-> REMOTE_IP] ike_state_step: Current state = MM SA I (3)/-1, exchange = 2, auth_method = pre shared key, Initiator [Oct 14 10:45:58][LOCAL_IP <-> REMOTE_IP] ike_st_i_sa_value: Start [Oct 14 10:45:58][LOCAL_IP <-> REMOTE_IP] ike_st_i_cr: Start [Oct 14 10:45:58][LOCAL_IP <-> REMOTE_IP] ike_st_i_cert: Start [Oct 14 10:45:58][LOCAL_IP <-> REMOTE_IP] ike_st_i_vid: VID[0..8] = 09002689 dfd6b712 ... [Oct 14 10:45:58][LOCAL_IP <-> REMOTE_IP] ike_st_i_vid: VID[0..16] = afcad713 68a1f1c9 ... [Oct 14 10:45:58][LOCAL_IP <-> REMOTE_IP] ike_st_i_vid: VID[0..16] = 12f5f28c 457168a9 ... [Oct 14 10:45:58][LOCAL_IP <-> REMOTE_IP] ike_st_i_vid: VID[0..16] = 4a131c81 07035845 ... [Oct 14 10:45:58][LOCAL_IP <-> REMOTE_IP] ike_st_i_private: Start [Oct 14 10:45:58][LOCAL_IP <-> REMOTE_IP] ike_st_o_ke: Start [Oct 14 10:45:58][LOCAL_IP <-> REMOTE_IP] iked_dh_get_group: DH Group 2 [Oct 14 10:45:58][LOCAL_IP <-> REMOTE_IP] iked_dh_generate_sync: Requested DH group 2 [Oct 14 10:45:58][LOCAL_IP <-> REMOTE_IP] iked_dh_generate_sync: Generated DH keys using hardware for DH group 2 [Oct 14 10:45:58][LOCAL_IP <-> REMOTE_IP] juniper_dlp_diffie_hellman_generate_async: DH Generate Secs [0] USecs [5974] [Oct 14 10:45:58][LOCAL_IP <-> REMOTE_IP] juniper_dlp_diffie_hellman_generate_async: Generated DH using hardware [Oct 14 10:45:58][LOCAL_IP <-> REMOTE_IP] ike_st_o_nonce: Start [Oct 14 10:45:58][LOCAL_IP <-> REMOTE_IP] ike_policy_reply_isakmp_nonce_data_len: Start [Oct 14 10:45:58][LOCAL_IP <-> REMOTE_IP] ike_st_o_private: Start [Oct 14 10:45:58][LOCAL_IP <-> REMOTE_IP] ike_policy_reply_private_payload_out: Start [Oct 14 10:45:58][LOCAL_IP <-> REMOTE_IP] ike_policy_reply_private_payload_out: Start [Oct 14 10:45:58][LOCAL_IP <-> REMOTE_IP] ike_policy_reply_private_payload_out: Start [Oct 14 10:45:58][LOCAL_IP <-> REMOTE_IP] ike_state_step: All done, new state = MM KE I (5) [Oct 14 10:45:58][LOCAL_IP <-> REMOTE_IP] ike_encode_packet: Start, SA = { 0xd5e8cb1e 6c43a0be - 6f661e00 596dd935 } / 00000000, nego = -1 [Oct 14 10:45:58][LOCAL_IP <-> REMOTE_IP] ike_encode_packet: Final length = 228 [Oct 14 10:45:58][LOCAL_IP <-> REMOTE_IP] ike_send_packet: Start, send SA = { d5e8cb1e 6c43a0be - 6f661e00 596dd935}, nego = -1, dst = REMOTE_IP:500, routing table id = 0 [Oct 14 10:45:58][LOCAL_IP <-> REMOTE_IP] ike_sa_find: Found SA = { d5e8cb1e 6c43a0be - 6f661e00 596dd935 } [Oct 14 10:45:58][LOCAL_IP <-> REMOTE_IP] ikev2_packet_v1_start: Passing IKE v1.0 packet to IKEv1 library [Oct 14 10:45:58][LOCAL_IP <-> REMOTE_IP] ike_get_sa: Start, SA = { d5e8cb1e 6c43a0be - 6f661e00 596dd935 } / 00000000, remote = REMOTE_IP:500 [Oct 14 10:45:58][LOCAL_IP <-> REMOTE_IP] ike_sa_find: Found SA = { d5e8cb1e 6c43a0be - 6f661e00 596dd935 } [Oct 14 10:45:58][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { d5e8cb1e 6c43a0be - 6f661e00 596dd935 [-1] / 0x00000000 } IP; Packet to old negotiation [Oct 14 10:45:58][LOCAL_IP <-> REMOTE_IP] ike_decode_packet: Start [Oct 14 10:45:58][LOCAL_IP <-> REMOTE_IP] ike_decode_packet: Start, SA = { d5e8cb1e 6c43a0be - 6f661e00 596dd935} / 00000000, nego = -1 [Oct 14 10:45:58][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { d5e8cb1e 6c43a0be - 6f661e00 596dd935 [-1] / 0x00000000 } IP; Version = 1.0, Input packet fields = 0012 KE NONCE [Oct 14 10:45:58][LOCAL_IP <-> REMOTE_IP] ike_state_step: Current state = MM KE I (5)/-1, exchange = 2, auth_method = pre shared key, Initiator [Oct 14 10:45:58][LOCAL_IP <-> REMOTE_IP] ike_st_i_nonce: Start, nonce[0..32] = ca3d3681 f6a7f265 ... [Oct 14 10:45:58][LOCAL_IP <-> REMOTE_IP] ike_st_i_ke: Ke[0..128] = 5b449baf ac5841ec ... [Oct 14 10:45:58][LOCAL_IP <-> REMOTE_IP] ike_st_i_cr: Start [Oct 14 10:45:58][LOCAL_IP <-> REMOTE_IP] ike_st_i_cert: Start [Oct 14 10:45:58][LOCAL_IP <-> REMOTE_IP] ike_st_i_private: Start [Oct 14 10:45:58][LOCAL_IP <-> REMOTE_IP] ike_st_o_id: Start [Oct 14 10:45:58][LOCAL_IP <-> REMOTE_IP] ike_st_o_hash: Start [Oct 14 10:45:58][LOCAL_IP <-> REMOTE_IP] iked_dh_get_group: DH Group 2 [Oct 14 10:45:58][LOCAL_IP <-> REMOTE_IP] iked_dh_compute_synch: Requested DH group 2 [Oct 14 10:45:58][LOCAL_IP <-> REMOTE_IP] juniper_dlp_diffie_hellman_final_async: DH Compute Secs [0] USecs [5065] [Oct 14 10:45:58][LOCAL_IP <-> REMOTE_IP] juniper_dlp_diffie_hellman_final_async: Computed DH using hardware [Oct 14 10:45:58][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { d5e8cb1e 6c43a0be - 6f661e00 596dd935 [-1] / 0x00000000 } IP; Diffie-hellman secret g^xy[128] = 0x56b85633 96c889c6 b8d2f6ca 24a30c26 9c [Oct 14 10:45:58][LOCAL_IP <-> REMOTE_IP] ike_find_pre_shared_key: Find pre shared key key for LOCAL_IP:500, id = ipv4(any:0,[0..3]=LOCAL_IP) -> REMOTE_IP:500, id = No Id [Oct 14 10:45:58][LOCAL_IP <-> REMOTE_IP] ike_policy_reply_find_pre_shared_key: Start [Oct 14 10:45:58][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { d5e8cb1e 6c43a0be - 6f661e00 596dd935 [-1] / 0x00000000 } IP; Hash algorithm = hmac-sha1 [Oct 14 10:45:58][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { d5e8cb1e 6c43a0be - 6f661e00 596dd935 [-1] / 0x00000000 } IP; Prf key[11] = 0x32303135 4d696172 657465 [Oct 14 10:45:58][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { d5e8cb1e 6c43a0be - 6f661e00 596dd935 [-1] / 0x00000000 } IP; Calculating SKEYID [Oct 14 10:45:58][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { d5e8cb1e 6c43a0be - 6f661e00 596dd935 [-1] / 0x00000000 } IP; Output of SKEYID hash[20] = 0xbc24b731 cad5756e 08162853 1d4d2f27 a1cad875 [Oct 14 10:45:58][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { d5e8cb1e 6c43a0be - 6f661e00 596dd935 [-1] / 0x00000000 } IP; Output of SKEYID_d hash[20] = 0x96f19fe7 be0405e9 4e924835 9a98d2f2 d754e4 [Oct 14 10:45:58][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { d5e8cb1e 6c43a0be - 6f661e00 596dd935 [-1] / 0x00000000 } IP; Output of SKEYID_a hash[20] = 0x3ee8c224 badcd515 a6c7c51f 0ab3730d 165d94 [Oct 14 10:45:58][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { d5e8cb1e 6c43a0be - 6f661e00 596dd935 [-1] / 0x00000000 } IP; Output SKEYID_e hash[20] = 0x20daf13e 64e2b567 0faffd02 cc08917f de6bdf45 [Oct 14 10:45:58][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { d5e8cb1e 6c43a0be - 6f661e00 596dd935 [-1] / 0x00000000 } IP; Final encryption key[16] = 0x20daf13e 64e2b567 0faffd02 cc08917f [Oct 14 10:45:58][LOCAL_IP <-> REMOTE_IP] ike_calc_mac: Start, initiator = true, local = true [Oct 14 10:45:58][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { d5e8cb1e 6c43a0be - 6f661e00 596dd935 [-1] / 0x00000000 } IP; Output of HASH_I hash[20] = 0x083270b7 0f0dc3dc 9978b43a d58a1d4c f246600d [Oct 14 10:45:58][LOCAL_IP <-> REMOTE_IP] ike_st_o_status_n: Start [Oct 14 10:45:58][LOCAL_IP <-> REMOTE_IP] ike_st_o_private: Start [Oct 14 10:45:58][LOCAL_IP <-> REMOTE_IP] ike_policy_reply_private_payload_out: Start [Oct 14 10:45:58][LOCAL_IP <-> REMOTE_IP] ike_st_o_encrypt: Marking encryption for packet [Oct 14 10:45:58][LOCAL_IP <-> REMOTE_IP] ike_state_step: All done, new state = MM final I (7) [Oct 14 10:45:58][LOCAL_IP <-> REMOTE_IP] ike_encode_packet: Start, SA = { 0xd5e8cb1e 6c43a0be - 6f661e00 596dd935 } / 00000000, nego = -1 [Oct 14 10:45:58][LOCAL_IP <-> REMOTE_IP] ike_encode_packet: Encrypting packet [Oct 14 10:45:58][LOCAL_IP <-> REMOTE_IP] ike_encode_packet: Final length = 76 [Oct 14 10:45:58][LOCAL_IP <-> REMOTE_IP] ike_send_packet: Start, send SA = { d5e8cb1e 6c43a0be - 6f661e00 596dd935}, nego = -1, dst = REMOTE_IP:500, routing table id = 0 [Oct 14 10:45:58][LOCAL_IP <-> REMOTE_IP] ike_sa_find: Found SA = { d5e8cb1e 6c43a0be - 6f661e00 596dd935 } [Oct 14 10:45:58][LOCAL_IP <-> REMOTE_IP] ikev2_packet_v1_start: Passing IKE v1.0 packet to IKEv1 library [Oct 14 10:45:58][LOCAL_IP <-> REMOTE_IP] ike_get_sa: Start, SA = { d5e8cb1e 6c43a0be - 6f661e00 596dd935 } / 00000000, remote = REMOTE_IP:500 [Oct 14 10:45:58][LOCAL_IP <-> REMOTE_IP] ike_sa_find: Found SA = { d5e8cb1e 6c43a0be - 6f661e00 596dd935 } [Oct 14 10:45:58][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { d5e8cb1e 6c43a0be - 6f661e00 596dd935 [-1] / 0x00000000 } IP; Packet to old negotiation [Oct 14 10:45:58][LOCAL_IP <-> REMOTE_IP] ike_decode_packet: Start [Oct 14 10:45:58][LOCAL_IP <-> REMOTE_IP] ike_decode_packet: Start, SA = { d5e8cb1e 6c43a0be - 6f661e00 596dd935} / 00000000, nego = -1 [Oct 14 10:45:58][LOCAL_IP <-> REMOTE_IP] ike_decode_packet: Decrypting packet [Oct 14 10:45:58][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { d5e8cb1e 6c43a0be - 6f661e00 596dd935 [-1] / 0x00000000 } IP; Version = 1.0, Input packet fields = 0024 ID HASH [Oct 14 10:45:58][LOCAL_IP <-> REMOTE_IP] ike_state_step: Current state = MM final I (7)/-1, exchange = 2, auth_method = pre shared key, Initiator [Oct 14 10:45:58][LOCAL_IP <-> REMOTE_IP] ike_st_i_encrypt: Check that packet was encrypted succeeded [Oct 14 10:45:58][LOCAL_IP <-> REMOTE_IP] ike_st_i_id: Start [Oct 14 10:45:58][LOCAL_IP <-> REMOTE_IP] ike_st_i_hash: Start, hash[0..20] = 38e025c8 378a8e49 ... [Oct 14 10:45:58][LOCAL_IP <-> REMOTE_IP] ike_calc_mac: Start, initiator = true, local = false [Oct 14 10:45:58][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { d5e8cb1e 6c43a0be - 6f661e00 596dd935 [-1] / 0x00000000 } IP; Output of HASH_R hash[20] = 0x38e025c8 378a8e49 6a54a7fa 1792ce0f 006ec9f4 [Oct 14 10:45:58][LOCAL_IP <-> REMOTE_IP] ike_st_i_cert: Start [Oct 14 10:45:58][LOCAL_IP <-> REMOTE_IP] ike_st_i_private: Start [Oct 14 10:45:58][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { d5e8cb1e 6c43a0be - 6f661e00 596dd935 [-1] / 0x00000000 } IP; dec->enc iv[16] = 0xd19618d4 1ca549ff f7a0799e bf6ce768 [Oct 14 10:45:58][LOCAL_IP <-> REMOTE_IP] ike_st_o_wait_done: Marking for waiting for done [Oct 14 10:45:58][LOCAL_IP <-> REMOTE_IP] ike_st_o_all_done: MESSAGE: Phase 1 { 0xd5e8cb1e 6c43a0be - 0x6f661e00 596dd935 } / 00000000, version = 1.0, xchg = Identity protect, auth_method = Pre shared keys, Initiator, cipher = aes- [Oct 14 10:45:58][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { d5e8cb1e 6c43a0be - 6f661e00 596dd935 [-1] / 0x00000000 } IP; MESSAGE: Phase 1 version = 1.0, auth_method = Pre shared keys, cipher = ae [Oct 14 10:45:58][LOCAL_IP <-> REMOTE_IP] ike_state_step: All done, new state = MM done I (9) [Oct 14 10:45:58][LOCAL_IP <-> REMOTE_IP] ikev2_fallback_negotiation_free: Fallback negotiation dfc800 has still 1 references [Oct 14 10:45:58][LOCAL_IP <-> REMOTE_IP] ike_send_notify: Connected, SA = { d5e8cb1e 6c43a0be - 6f661e00 596dd935}, nego = -1 [Oct 14 10:45:58][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { d5e8cb1e 6c43a0be - 6f661e00 596dd935 [-1] / 0x00000000 } IP; Connected [Oct 14 10:45:58][LOCAL_IP <-> REMOTE_IP] ike_process_packet: No output packet, returning [Oct 14 10:45:58][LOCAL_IP <-> REMOTE_IP] iked_pm_ike_sa_done: local:LOCAL_IP, remote:REMOTE_IP IKEv1 [Oct 14 10:45:58][LOCAL_IP <-> REMOTE_IP] IKE negotiation done for local:LOCAL_IP, remote:REMOTE_IP IKEv1 with status: Error ok [Oct 14 10:45:58][LOCAL_IP <-> REMOTE_IP] Parsing notification payload for local:LOCAL_IP, remote:REMOTE_IP IKEv1 [Oct 14 10:45:58][LOCAL_IP <-> REMOTE_IP] P1 SA 2593429 stop timer. timer duration 30, reason 1. [Oct 14 10:45:58][LOCAL_IP <-> REMOTE_IP] ssh_ike_connect_notify: Start, remote_name = :500, flags = 00010000 [Oct 14 10:45:58][LOCAL_IP <-> REMOTE_IP] ike_sa_find_ip_port: Remote = all:500, Found SA = { d5e8cb1e 6c43a0be - 6f661e00 596dd935} [Oct 14 10:45:58][LOCAL_IP <-> REMOTE_IP] ike_alloc_negotiation: Start, SA = { d5e8cb1e 6c43a0be - 6f661e00 596dd935} [Oct 14 10:45:58][LOCAL_IP <-> REMOTE_IP] ike_alloc_negotiation: Found slot 0, max 1 [Oct 14 10:45:58][LOCAL_IP <-> REMOTE_IP] :500 (Initiator) <-> REMOTE_IP:500 { d5e8cb1e 6c43a0be - 6f661e00 596dd935 [0] / 0x99572bea } Info; Output of phase 2 IV hash[16] = 0x767f84d1 30833223 4f571418 75b571ac [Oct 14 10:45:58][LOCAL_IP <-> REMOTE_IP] ike_init_info_exchange: Created random message id = 99572bea [Oct 14 10:45:58][LOCAL_IP <-> REMOTE_IP] ike_init_info_exchange: Phase 1 done, use HASH and N or D payload [Oct 14 10:45:58][LOCAL_IP <-> REMOTE_IP] ssh_ike_connect_notify: SA = { d5e8cb1e 6c43a0be - 6f661e00 596dd935}, nego = 0 [Oct 14 10:45:58][LOCAL_IP <-> REMOTE_IP] :500 (Initiator) <-> REMOTE_IP:500 { d5e8cb1e 6c43a0be - 6f661e00 596dd935 [0] / 0x99572bea } Info; Start notify negotiation [Oct 14 10:45:58][LOCAL_IP <-> REMOTE_IP] ike_encode_packet: Start, SA = { 0xd5e8cb1e 6c43a0be - 6f661e00 596dd935 } / 99572bea, nego = 0 [Oct 14 10:45:58][LOCAL_IP <-> REMOTE_IP] ike_encode_packet: Encrypting packet [Oct 14 10:45:58][LOCAL_IP <-> REMOTE_IP] ike_encode_packet: Final length = 92 [Oct 14 10:45:58][LOCAL_IP <-> REMOTE_IP] ssh_ike_connect_notify: Sending notification to (null):500 [Oct 14 10:45:58][LOCAL_IP <-> REMOTE_IP] ike_send_packet: Start, send SA = { d5e8cb1e 6c43a0be - 6f661e00 596dd935}, nego = 0, dst = REMOTE_IP:500, routing table id = 0 [Oct 14 10:45:58][LOCAL_IP <-> REMOTE_IP] ike_delete_negotiation: Start, SA = { d5e8cb1e 6c43a0be - 6f661e00 596dd935}, nego = 0 [Oct 14 10:45:58][LOCAL_IP <-> REMOTE_IP] :500 (Initiator) <-> REMOTE_IP:500 { d5e8cb1e 6c43a0be - 6f661e00 596dd935 [0] / 0x99572bea } Info; Deleting negotiation [Oct 14 10:45:58][LOCAL_IP <-> REMOTE_IP] ike_free_negotiation_info: Start, nego = 0 [Oct 14 10:45:58][LOCAL_IP <-> REMOTE_IP] ike_free_negotiation: Start, nego = 0 [Oct 14 10:45:58][LOCAL_IP <-> REMOTE_IP] iked_pm_ike_info_done_callback: P1 SA 2593429 (ref 2). pending req? 0, status: Error ok [Oct 14 10:45:58][LOCAL_IP <-> REMOTE_IP] ikev2_fallback_negotiation_free: Freeing fallback negotiation dfc800 [Oct 14 10:45:58][LOCAL_IP <-> REMOTE_IP] ike_sa_find: Found SA = { d5e8cb1e 6c43a0be - 6f661e00 596dd935 } [Oct 14 10:45:58][LOCAL_IP <-> REMOTE_IP] ikev2_packet_v1_start: Passing IKE v1.0 packet to IKEv1 library [Oct 14 10:45:58][LOCAL_IP <-> REMOTE_IP] ike_get_sa: Start, SA = { d5e8cb1e 6c43a0be - 6f661e00 596dd935 } / 91202082, remote = REMOTE_IP:500 [Oct 14 10:45:58][LOCAL_IP <-> REMOTE_IP] ike_sa_find: Found SA = { d5e8cb1e 6c43a0be - 6f661e00 596dd935 } [Oct 14 10:45:58][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { d5e8cb1e 6c43a0be - 6f661e00 596dd935 [-1] / 0x00000000 } IP; Version = 1.0, Input packet fields = 0024 ID HASH [Oct 14 10:45:58][LOCAL_IP <-> REMOTE_IP] ike_state_step: Current state = MM done I (9)/-1, exchange = 2, auth_method = pre shared key, Initiator [Oct 14 10:45:58][LOCAL_IP <-> REMOTE_IP] ike_st_o_done: ISAKMP SA negotiation done [Oct 14 10:45:58][LOCAL_IP <-> REMOTE_IP] ike_state_step: All done, new state = Done (30) [Oct 14 10:45:58][LOCAL_IP <-> REMOTE_IP] ike_udp_callback_common: Connected, sending notify [Oct 14 10:45:58][LOCAL_IP <-> REMOTE_IP] ike_send_notify: Connected, SA = { d5e8cb1e 6c43a0be - 6f661e00 596dd935}, nego = -1 [Oct 14 10:45:58][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { d5e8cb1e 6c43a0be - 6f661e00 596dd935 [-1] / 0x00000000 } IP; Connected [Oct 14 10:45:58][LOCAL_IP <-> REMOTE_IP] ike_free_negotiation_isakmp: Start, nego = -1 [Oct 14 10:45:58][LOCAL_IP <-> REMOTE_IP] ike_free_negotiation: Start, nego = -1 [Oct 14 10:45:58][LOCAL_IP <-> REMOTE_IP] ike_alloc_negotiation: Start, SA = { d5e8cb1e 6c43a0be - 6f661e00 596dd935} [Oct 14 10:45:58][LOCAL_IP <-> REMOTE_IP] ike_alloc_negotiation: Found slot 0, max 1 [Oct 14 10:45:58][LOCAL_IP <-> REMOTE_IP] ike_init_cfg_negotiation: Start, initiator = 0, message_id = 91202082 [Oct 14 10:45:58][LOCAL_IP <-> REMOTE_IP] :500 (Responder) <-> REMOTE_IP:500 { d5e8cb1e 6c43a0be - 6f661e00 596dd935 [0] / 0x91202082 } CFG; New negotiation [Oct 14 10:45:58][LOCAL_IP <-> REMOTE_IP] ikev2_fallback_negotiation_alloc: Allocated fallback negotiation dfc800 [Oct 14 10:45:58][LOCAL_IP <-> REMOTE_IP] ikev2_fb_alloc_cfgmode_negotiation: Accepting new Cfg/XAuth negotiation: local=:500, remote=REMOTE_IP:500 [Oct 14 10:45:58][LOCAL_IP <-> REMOTE_IP] :500 (Responder) <-> REMOTE_IP:500 { d5e8cb1e 6c43a0be - 6f661e00 596dd935 [0] / 0x91202082 } CFG; Output of phase 2 IV hash[16] = 0xb15f477e 8110b0af 5c08d909 edeb20b3 [Oct 14 10:45:58][LOCAL_IP <-> REMOTE_IP] ike_decode_packet: Start [Oct 14 10:45:58][LOCAL_IP <-> REMOTE_IP] ike_decode_packet: Start, SA = { d5e8cb1e 6c43a0be - 6f661e00 596dd935} / 91202082, nego = 0 [Oct 14 10:45:58][LOCAL_IP <-> REMOTE_IP] ike_decode_packet: Decrypting packet [Oct 14 10:45:58][LOCAL_IP <-> REMOTE_IP] ike_decode_payload_attr: Start [Oct 14 10:45:58][LOCAL_IP <-> REMOTE_IP] :500 (Responder) <-> REMOTE_IP:500 { d5e8cb1e 6c43a0be - 6f661e00 596dd935 [0] / 0x91202082 } CFG; Version = 1.0, Input packet fields = 0820 HASH ATTR [Oct 14 10:45:58][LOCAL_IP <-> REMOTE_IP] ike_state_step: Current state = Start CFG R (26)/-1, exchange = 6, auth_method = any, Responder [Oct 14 10:45:58][LOCAL_IP <-> REMOTE_IP] ike_st_i_encrypt: Check that packet was encrypted succeeded [Oct 14 10:45:58][LOCAL_IP <-> REMOTE_IP] ike_st_i_gen_hash: Start, hash[0..20] = 031ee5c7 cdc93f03 ... [Oct 14 10:45:58][LOCAL_IP <-> REMOTE_IP] ike_st_i_cfg_attr: Start [Oct 14 10:45:58][LOCAL_IP <-> REMOTE_IP] ike_process_packet: No output packet, returning [Oct 14 10:45:58][LOCAL_IP <-> REMOTE_IP] ike_cfg_attrs_reply: Start [Oct 14 10:45:58][LOCAL_IP <-> REMOTE_IP] ikev2_fallback_negotiation_free: Fallback negotiation dfc800 has still 2 references [Oct 14 10:45:58][LOCAL_IP <-> REMOTE_IP] ikev2_fallback_negotiation_free: Fallback negotiation dfc800 has still 1 references [Oct 14 10:45:58][LOCAL_IP <-> REMOTE_IP] ikev2_fallback_negotiation_free: Freeing fallback negotiation dfc800 [Oct 14 10:45:58][LOCAL_IP <-> REMOTE_IP] ike_sa_find: Found SA = { d5e8cb1e 6c43a0be - 6f661e00 596dd935 } [Oct 14 10:45:58][LOCAL_IP <-> REMOTE_IP] ikev2_packet_v1_start: Passing IKE v1.0 packet to IKEv1 library [Oct 14 10:45:58][LOCAL_IP <-> REMOTE_IP] ike_get_sa: Start, SA = { d5e8cb1e 6c43a0be - 6f661e00 596dd935 } / d9d40605, remote = REMOTE_IP:500 [Oct 14 10:45:58][LOCAL_IP <-> REMOTE_IP] ike_sa_find: Found SA = { d5e8cb1e 6c43a0be - 6f661e00 596dd935 } [Oct 14 10:45:58][LOCAL_IP <-> REMOTE_IP] ike_alloc_negotiation: Start, SA = { d5e8cb1e 6c43a0be - 6f661e00 596dd935} [Oct 14 10:45:58][LOCAL_IP <-> REMOTE_IP] ike_alloc_negotiation: Found slot 1, max 2 [Oct 14 10:45:58][LOCAL_IP <-> REMOTE_IP] :500 (Responder) <-> REMOTE_IP:500 { d5e8cb1e 6c43a0be - 6f661e00 596dd935 [1] / 0xd9d40605 } Info; New informational negotiation [Oct 14 10:45:58][LOCAL_IP <-> REMOTE_IP] :500 (Responder) <-> REMOTE_IP:500 { d5e8cb1e 6c43a0be - 6f661e00 596dd935 [1] / 0xd9d40605 } Info; Packet to old negotiation [Oct 14 10:45:58][LOCAL_IP <-> REMOTE_IP] :500 (Responder) <-> REMOTE_IP:500 { d5e8cb1e 6c43a0be - 6f661e00 596dd935 [1] / 0xd9d40605 } Info; Output of phase 2 IV hash[16] = 0xa0dd5fda 626ab76f 5f9acb4a 7032e894 [Oct 14 10:45:58][LOCAL_IP <-> REMOTE_IP] ike_decode_packet: Start [Oct 14 10:45:58][LOCAL_IP <-> REMOTE_IP] ike_decode_packet: Start, SA = { d5e8cb1e 6c43a0be - 6f661e00 596dd935} / d9d40605, nego = 1 [Oct 14 10:45:58][LOCAL_IP <-> REMOTE_IP] ike_decode_packet: Decrypting packet [Oct 14 10:45:58][LOCAL_IP <-> REMOTE_IP] :500 (Responder) <-> REMOTE_IP:500 { d5e8cb1e 6c43a0be - 6f661e00 596dd935 [1] / 0xd9d40605 } Info; Version = 1.0, Input packet fields = 0220 HASH N [Oct 14 10:45:58][LOCAL_IP <-> REMOTE_IP] ike_state_step: Current state = Done (30)/-1, exchange = 5, auth_method = any, Responder [Oct 14 10:45:58][LOCAL_IP <-> REMOTE_IP] ike_st_i_encrypt: Check that packet was encrypted succeeded [Oct 14 10:45:58][LOCAL_IP <-> REMOTE_IP] ike_st_i_gen_hash: Start, hash[0..20] = 453184dd ec53ccf8 ... [Oct 14 10:45:58][LOCAL_IP <-> REMOTE_IP] ike_st_i_n: Start, doi = 1, protocol = 1, code = Payload malformed (16), spi[0..0] = 00000000 00000000 ..., data[0..0] = 00000000 00000000 ... [Oct 14 10:45:58][LOCAL_IP <-> REMOTE_IP] :500 (Responder) <-> REMOTE_IP:500 { d5e8cb1e 6c43a0be - 6f661e00 596dd935 [1] / 0xd9d40605 } Info; Received notify err = Payload malformed (16) to isakmp sa, delete it [Oct 14 10:45:58][LOCAL_IP <-> REMOTE_IP] ike_st_i_private: Start [Oct 14 10:45:58][LOCAL_IP <-> REMOTE_IP] ike_state_step: All done, new state = Done (30) [Oct 14 10:45:58][LOCAL_IP <-> REMOTE_IP] ike_process_packet: Connected, sending notify [Oct 14 10:45:58][LOCAL_IP <-> REMOTE_IP] ike_send_notify: Connected, SA = { d5e8cb1e 6c43a0be - 6f661e00 596dd935}, nego = 1 [Oct 14 10:45:58][LOCAL_IP <-> REMOTE_IP] :500 (Responder) <-> REMOTE_IP:500 { d5e8cb1e 6c43a0be - 6f661e00 596dd935 [1] / 0xd9d40605 } Info; Connected [Oct 14 10:45:58][LOCAL_IP <-> REMOTE_IP] ike_delete_negotiation: Start, SA = { d5e8cb1e 6c43a0be - 6f661e00 596dd935}, nego = 1 [Oct 14 10:45:58][LOCAL_IP <-> REMOTE_IP] :500 (Responder) <-> REMOTE_IP:500 { d5e8cb1e 6c43a0be - 6f661e00 596dd935 [1] / 0xd9d40605 } Info; Deleting negotiation [Oct 14 10:45:58][LOCAL_IP <-> REMOTE_IP] ike_free_negotiation_info: Start, nego = 1 [Oct 14 10:45:58][LOCAL_IP <-> REMOTE_IP] ike_free_negotiation: Start, nego = 1 [Oct 14 10:45:58][LOCAL_IP <-> REMOTE_IP] ike_remove_callback: Start, delete SA = { d5e8cb1e 6c43a0be - 6f661e00 596dd935}, nego = -1 [Oct 14 10:45:58][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { d5e8cb1e 6c43a0be - 6f661e00 596dd935 [-1] / unknown } IP; Removing negotiation [Oct 14 10:45:58][LOCAL_IP <-> REMOTE_IP] ike_delete_negotiation: Start, SA = { d5e8cb1e 6c43a0be - 6f661e00 596dd935}, nego = -1 [Oct 14 10:45:58][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { d5e8cb1e 6c43a0be - 6f661e00 596dd935 [-1] / unknown } IP; Deleting negotiation [Oct 14 10:45:58][LOCAL_IP <-> REMOTE_IP] ssh_ike_tunnel_table_entry_delete: Deleting tunnel_id: 0 from IKE tunnel table [Oct 14 10:45:58][LOCAL_IP <-> REMOTE_IP] ssh_ike_tunnel_table_entry_delete: The tunnel id: 0 doesn't exist in IKE tunnel table [Oct 14 10:45:58][LOCAL_IP <-> REMOTE_IP] ike_sa_delete: Start, SA = { d5e8cb1e 6c43a0be - 6f661e00 596dd935 } [Oct 14 10:45:58][LOCAL_IP <-> REMOTE_IP] ike_free_negotiation_cfg: Start, nego = 0 [Oct 14 10:45:58][LOCAL_IP <-> REMOTE_IP] ike_free_negotiation: Start, nego = 0 [Oct 14 10:45:58][LOCAL_IP <-> REMOTE_IP] ike_free_negotiation_isakmp: Start, nego = -1 [Oct 14 10:45:58][LOCAL_IP <-> REMOTE_IP] ike_free_negotiation: Start, nego = -1 [Oct 14 10:45:58][LOCAL_IP <-> REMOTE_IP] ikev2_fb_isakmp_sa_freed: Received notification from the ISAKMP library that the IKE SA df6400 is freed [Oct 14 10:45:58][LOCAL_IP <-> REMOTE_IP] IKE SA delete called for p1 sa 2593429 (ref cnt 1) local:LOCAL_IP, remote:REMOTE_IP, IKEv1 [Oct 14 10:45:58][LOCAL_IP <-> REMOTE_IP] P1 SA 2593429 stop timer. timer duration 30, reason 0. [Oct 14 10:45:58][LOCAL_IP <-> REMOTE_IP] iked_pm_p1_sa_destroy: p1 sa 2593429 (ref cnt 0), waiting_for_del 0x0 [Oct 14 10:45:58][LOCAL_IP <-> REMOTE_IP] iked_peer_remove_p1sa_entry: Remove p1 sa 2593429 from peer entry 0x9cc400 [Oct 14 10:45:58][LOCAL_IP <-> REMOTE_IP] ike_free_id_payload: Start, id type = 1 [Oct 14 10:45:58][LOCAL_IP <-> REMOTE_IP] ike_free_id_payload: Start, id type = 1 [Oct 14 10:45:58][LOCAL_IP <-> REMOTE_IP] ike_free_sa: Start [Oct 14 10:46:02][LOCAL_IP <-> REMOTE_IP] ike_sa_find: Not found SA = { d5e8cb1e 6c43a0be - 6f661e00 596dd935 } [Oct 14 10:46:02][LOCAL_IP <-> REMOTE_IP] ikev2_packet_v1_start: Passing IKE v1.0 packet to IKEv1 library [Oct 14 10:46:02][LOCAL_IP <-> REMOTE_IP] ike_get_sa: Start, SA = { d5e8cb1e 6c43a0be - 6f661e00 596dd935 } / 91202082, remote = REMOTE_IP:500 [Oct 14 10:46:02][LOCAL_IP <-> REMOTE_IP] ike_sa_find: Not found SA = { d5e8cb1e 6c43a0be - 6f661e00 596dd935 } [Oct 14 10:46:02][LOCAL_IP <-> REMOTE_IP] ike_sa_find_half: Not found half SA = { d5e8cb1e 6c43a0be - 00000000 00000000 } [Oct 14 10:46:02][LOCAL_IP <-> REMOTE_IP] ike_get_sa: Invalid cookie, no sa found, SA = { d5e8cb1e 6c43a0be - 6f661e00 596dd935 } / 91202082, remote = REMOTE_IP:500 [Oct 14 10:46:02][LOCAL_IP <-> REMOTE_IP] iked_pv_audit_callback: Empty SSH audit event [Oct 14 10:46:02][LOCAL_IP <-> REMOTE_IP] unknown (unknown) <-> unknown { unknown [unknown] / unknown } unknown; Packet to unknown Isakmp SA, ip = REMOTE_IP:500 [Oct 14 10:46:08][LOCAL_IP <-> REMOTE_IP] Received DPD Trigger message with local_gw_addr = LOCAL_IP remote_gw_addr = REMOTE_IP [Oct 14 10:46:08][LOCAL_IP <-> REMOTE_IP] DPD -> TTL decrement 4 (no-response) for remote peer REMOTE_IP [Oct 14 10:46:08][LOCAL_IP <-> REMOTE_IP] P1 SA 2593430 start timer. timer duration 30, reason 1. [Oct 14 10:46:08][LOCAL_IP <-> REMOTE_IP] iked_peer_insert_p1sa_entry: Insert p1 sa 2593430 in peer entry 0x9cc400 [Oct 14 10:46:08][LOCAL_IP <-> REMOTE_IP] ikev2_fallback_negotiation_alloc: Allocated fallback negotiation dfc800 [Oct 14 10:46:08][LOCAL_IP <-> REMOTE_IP] Parsing notification payload for local:LOCAL_IP, remote:REMOTE_IP IKEv1 [Oct 14 10:46:08][LOCAL_IP <-> REMOTE_IP] IKE SA fill called for negotiation of local:LOCAL_IP, remote:REMOTE_IP IKEv1 [Oct 14 10:46:08][LOCAL_IP <-> REMOTE_IP] ikev2_fallback_negotiation_free: Fallback negotiation dfc800 has still 1 references [Oct 14 10:46:08][LOCAL_IP <-> REMOTE_IP] ssh_ike_connect: Start, remote_name = REMOTE_IP:500, xchg = 2, flags = 00080000 [Oct 14 10:46:08][LOCAL_IP <-> REMOTE_IP] ike_sa_allocate: Start, SA = { 5c645c17 bc2660e1 - 00000000 00000000 } [Oct 14 10:46:08][LOCAL_IP <-> REMOTE_IP] ike_init_isakmp_sa: Start, remote = REMOTE_IP:500, initiator = 1 [Oct 14 10:46:08][LOCAL_IP <-> REMOTE_IP] ssh_ike_connect: SA = { 5c645c17 bc2660e1 - 00000000 00000000}, nego = -1 [Oct 14 10:46:08][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { 5c645c17 bc2660e1 - 00000000 00000000 [-1] / 0x00000000 } IP; Start isakmp sa negotiation [Oct 14 10:46:08][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { 5c645c17 bc2660e1 - 00000000 00000000 [-1] / 0x00000000 } IP; Version = 1.0, Input packet fields = 0000 [Oct 14 10:46:08][LOCAL_IP <-> REMOTE_IP] ike_state_step: Current state = Start sa negotiation I (1)/-1, exchange = 2, auth_method = pre shared key, Initiator [Oct 14 10:46:08][LOCAL_IP <-> REMOTE_IP] ike_st_o_sa_proposal: Start [Oct 14 10:46:08][LOCAL_IP <-> REMOTE_IP] ike_policy_reply_isakmp_vendor_ids: Start [Oct 14 10:46:08][LOCAL_IP <-> REMOTE_IP] ike_st_o_private: Start [Oct 14 10:46:08][LOCAL_IP <-> REMOTE_IP] ike_policy_reply_private_payload_out: Start [Oct 14 10:46:08][LOCAL_IP <-> REMOTE_IP] ike_state_step: All done, new state = MM SA I (3) [Oct 14 10:46:08][LOCAL_IP <-> REMOTE_IP] ike_encode_packet: Start, SA = { 0x5c645c17 bc2660e1 - 00000000 00000000 } / 00000000, nego = -1 [Oct 14 10:46:08][LOCAL_IP <-> REMOTE_IP] ike_encode_packet: Final length = 288 [Oct 14 10:46:08][LOCAL_IP <-> REMOTE_IP] ike_send_packet: Start, send SA = { 5c645c17 bc2660e1 - 00000000 00000000}, nego = -1, dst = REMOTE_IP:500, routing table id = 0 [Oct 14 10:46:08][LOCAL_IP <-> REMOTE_IP] ike_sa_find: Not found SA = { 5c645c17 bc2660e1 - 805983f6 5ee2bfc0 } [Oct 14 10:46:08][LOCAL_IP <-> REMOTE_IP] ikev2_packet_v1_start: Passing IKE v1.0 packet to IKEv1 library [Oct 14 10:46:08][LOCAL_IP <-> REMOTE_IP] ike_get_sa: Start, SA = { 5c645c17 bc2660e1 - 805983f6 5ee2bfc0 } / 00000000, remote = REMOTE_IP:500 [Oct 14 10:46:08][LOCAL_IP <-> REMOTE_IP] ike_sa_find: Not found SA = { 5c645c17 bc2660e1 - 805983f6 5ee2bfc0 } [Oct 14 10:46:08][LOCAL_IP <-> REMOTE_IP] ike_sa_find_half: Found half SA = { 5c645c17 bc2660e1 - 00000000 00000000 } [Oct 14 10:46:08][LOCAL_IP <-> REMOTE_IP] ike_get_sa: We are intiator, first response packet [Oct 14 10:46:08][LOCAL_IP <-> REMOTE_IP] ike_sa_upgrade: Start, SA = { 5c645c17 bc2660e1 - 00000000 00000000 } -> { ... - 805983f6 5ee2bfc0 } [Oct 14 10:46:08][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { 5c645c17 bc2660e1 - 805983f6 5ee2bfc0 [-1] / 0x00000000 } IP; Packet to old negotiation [Oct 14 10:46:08][LOCAL_IP <-> REMOTE_IP] ike_decode_packet: Start [Oct 14 10:46:08][LOCAL_IP <-> REMOTE_IP] ike_decode_packet: Start, SA = { 5c645c17 bc2660e1 - 805983f6 5ee2bfc0} / 00000000, nego = -1 [Oct 14 10:46:08][LOCAL_IP <-> REMOTE_IP] ike_decode_payload_sa: Start [Oct 14 10:46:08][LOCAL_IP <-> REMOTE_IP] ike_decode_payload_sa: Found 1 proposals [Oct 14 10:46:08][LOCAL_IP <-> REMOTE_IP] ike_decode_payload_t: Start, # trans = 1 [Oct 14 10:46:08][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { 5c645c17 bc2660e1 - 805983f6 5ee2bfc0 [-1] / 0x00000000 } IP; Version = 1.0, Input packet fields = 0401 SA VID [Oct 14 10:46:08][LOCAL_IP <-> REMOTE_IP] ike_state_step: Current state = MM SA I (3)/-1, exchange = 2, auth_method = pre shared key, Initiator [Oct 14 10:46:08][LOCAL_IP <-> REMOTE_IP] ike_st_i_sa_value: Start [Oct 14 10:46:08][LOCAL_IP <-> REMOTE_IP] ike_st_i_cr: Start [Oct 14 10:46:08][LOCAL_IP <-> REMOTE_IP] ike_st_i_cert: Start [Oct 14 10:46:08][LOCAL_IP <-> REMOTE_IP] ike_st_i_vid: VID[0..8] = 09002689 dfd6b712 ... [Oct 14 10:46:08][LOCAL_IP <-> REMOTE_IP] ike_st_i_vid: VID[0..16] = afcad713 68a1f1c9 ... [Oct 14 10:46:08][LOCAL_IP <-> REMOTE_IP] ike_st_i_vid: VID[0..16] = 12f5f28c 457168a9 ... [Oct 14 10:46:08][LOCAL_IP <-> REMOTE_IP] ike_st_i_vid: VID[0..16] = 4a131c81 07035845 ... [Oct 14 10:46:08][LOCAL_IP <-> REMOTE_IP] ike_st_i_private: Start [Oct 14 10:46:08][LOCAL_IP <-> REMOTE_IP] ike_st_o_ke: Start [Oct 14 10:46:08][LOCAL_IP <-> REMOTE_IP] iked_dh_get_group: DH Group 2 [Oct 14 10:46:08][LOCAL_IP <-> REMOTE_IP] iked_dh_generate_sync: Requested DH group 2 [Oct 14 10:46:08][LOCAL_IP <-> REMOTE_IP] iked_dh_generate_sync: Generated DH keys using hardware for DH group 2 [Oct 14 10:46:08][LOCAL_IP <-> REMOTE_IP] juniper_dlp_diffie_hellman_generate_async: DH Generate Secs [0] USecs [6455] [Oct 14 10:46:08][LOCAL_IP <-> REMOTE_IP] juniper_dlp_diffie_hellman_generate_async: Generated DH using hardware [Oct 14 10:46:08][LOCAL_IP <-> REMOTE_IP] ike_st_o_nonce: Start [Oct 14 10:46:08][LOCAL_IP <-> REMOTE_IP] ike_policy_reply_isakmp_nonce_data_len: Start [Oct 14 10:46:08][LOCAL_IP <-> REMOTE_IP] ike_st_o_private: Start [Oct 14 10:46:08][LOCAL_IP <-> REMOTE_IP] ike_policy_reply_private_payload_out: Start [Oct 14 10:46:08][LOCAL_IP <-> REMOTE_IP] ike_policy_reply_private_payload_out: Start [Oct 14 10:46:08][LOCAL_IP <-> REMOTE_IP] ike_policy_reply_private_payload_out: Start [Oct 14 10:46:08][LOCAL_IP <-> REMOTE_IP] ike_state_step: All done, new state = MM KE I (5) [Oct 14 10:46:08][LOCAL_IP <-> REMOTE_IP] ike_encode_packet: Start, SA = { 0x5c645c17 bc2660e1 - 805983f6 5ee2bfc0 } / 00000000, nego = -1 [Oct 14 10:46:08][LOCAL_IP <-> REMOTE_IP] ike_encode_packet: Final length = 228 [Oct 14 10:46:08][LOCAL_IP <-> REMOTE_IP] ike_send_packet: Start, send SA = { 5c645c17 bc2660e1 - 805983f6 5ee2bfc0}, nego = -1, dst = REMOTE_IP:500, routing table id = 0 [Oct 14 10:46:08][LOCAL_IP <-> REMOTE_IP] ike_sa_find: Found SA = { 5c645c17 bc2660e1 - 805983f6 5ee2bfc0 } [Oct 14 10:46:08][LOCAL_IP <-> REMOTE_IP] ikev2_packet_v1_start: Passing IKE v1.0 packet to IKEv1 library [Oct 14 10:46:08][LOCAL_IP <-> REMOTE_IP] ike_get_sa: Start, SA = { 5c645c17 bc2660e1 - 805983f6 5ee2bfc0 } / 00000000, remote = REMOTE_IP:500 [Oct 14 10:46:08][LOCAL_IP <-> REMOTE_IP] ike_sa_find: Found SA = { 5c645c17 bc2660e1 - 805983f6 5ee2bfc0 } [Oct 14 10:46:08][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { 5c645c17 bc2660e1 - 805983f6 5ee2bfc0 [-1] / 0x00000000 } IP; Packet to old negotiation [Oct 14 10:46:08][LOCAL_IP <-> REMOTE_IP] ike_decode_packet: Start [Oct 14 10:46:08][LOCAL_IP <-> REMOTE_IP] ike_decode_packet: Start, SA = { 5c645c17 bc2660e1 - 805983f6 5ee2bfc0} / 00000000, nego = -1 [Oct 14 10:46:08][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { 5c645c17 bc2660e1 - 805983f6 5ee2bfc0 [-1] / 0x00000000 } IP; Version = 1.0, Input packet fields = 0012 KE NONCE [Oct 14 10:46:08][LOCAL_IP <-> REMOTE_IP] ike_state_step: Current state = MM KE I (5)/-1, exchange = 2, auth_method = pre shared key, Initiator [Oct 14 10:46:08][LOCAL_IP <-> REMOTE_IP] ike_st_i_nonce: Start, nonce[0..32] = 037847ff f8b7ea9f ... [Oct 14 10:46:08][LOCAL_IP <-> REMOTE_IP] ike_st_i_ke: Ke[0..128] = f2a21a6c 487f075c ... [Oct 14 10:46:08][LOCAL_IP <-> REMOTE_IP] ike_st_i_cr: Start [Oct 14 10:46:08][LOCAL_IP <-> REMOTE_IP] ike_st_i_cert: Start [Oct 14 10:46:08][LOCAL_IP <-> REMOTE_IP] ike_st_i_private: Start [Oct 14 10:46:08][LOCAL_IP <-> REMOTE_IP] ike_st_o_id: Start [Oct 14 10:46:08][LOCAL_IP <-> REMOTE_IP] ike_st_o_hash: Start [Oct 14 10:46:08][LOCAL_IP <-> REMOTE_IP] iked_dh_get_group: DH Group 2 [Oct 14 10:46:08][LOCAL_IP <-> REMOTE_IP] iked_dh_compute_synch: Requested DH group 2 [Oct 14 10:46:08][LOCAL_IP <-> REMOTE_IP] juniper_dlp_diffie_hellman_final_async: DH Compute Secs [0] USecs [5826] [Oct 14 10:46:08][LOCAL_IP <-> REMOTE_IP] juniper_dlp_diffie_hellman_final_async: Computed DH using hardware [Oct 14 10:46:08][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { 5c645c17 bc2660e1 - 805983f6 5ee2bfc0 [-1] / 0x00000000 } IP; Diffie-hellman secret g^xy[128] = 0x1308f6b2 6e42590c 67b9c543 cd9fdd70 c6 [Oct 14 10:46:08][LOCAL_IP <-> REMOTE_IP] ike_find_pre_shared_key: Find pre shared key key for LOCAL_IP:500, id = ipv4(any:0,[0..3]=LOCAL_IP) -> REMOTE_IP:500, id = No Id [Oct 14 10:46:08][LOCAL_IP <-> REMOTE_IP] ike_policy_reply_find_pre_shared_key: Start [Oct 14 10:46:08][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { 5c645c17 bc2660e1 - 805983f6 5ee2bfc0 [-1] / 0x00000000 } IP; Hash algorithm = hmac-sha1 [Oct 14 10:46:08][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { 5c645c17 bc2660e1 - 805983f6 5ee2bfc0 [-1] / 0x00000000 } IP; Prf key[11] = 0x32303135 4d696172 657465 [Oct 14 10:46:08][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { 5c645c17 bc2660e1 - 805983f6 5ee2bfc0 [-1] / 0x00000000 } IP; Calculating SKEYID [Oct 14 10:46:08][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { 5c645c17 bc2660e1 - 805983f6 5ee2bfc0 [-1] / 0x00000000 } IP; Output of SKEYID hash[20] = 0x649763f3 4cb3b782 437d00d7 cd35c886 14312113 [Oct 14 10:46:08][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { 5c645c17 bc2660e1 - 805983f6 5ee2bfc0 [-1] / 0x00000000 } IP; Output of SKEYID_d hash[20] = 0x7a7bcc6e 24a36caf c25745f0 1d7b2d5e bdab43 [Oct 14 10:46:08][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { 5c645c17 bc2660e1 - 805983f6 5ee2bfc0 [-1] / 0x00000000 } IP; Output of SKEYID_a hash[20] = 0x295f1784 1a093b6c 014e1c44 c1bc536b 35ff35 [Oct 14 10:46:08][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { 5c645c17 bc2660e1 - 805983f6 5ee2bfc0 [-1] / 0x00000000 } IP; Output SKEYID_e hash[20] = 0x02763a92 1f827233 3bf966fb 4cbde98e f27e3237 [Oct 14 10:46:08][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { 5c645c17 bc2660e1 - 805983f6 5ee2bfc0 [-1] / 0x00000000 } IP; Final encryption key[16] = 0x02763a92 1f827233 3bf966fb 4cbde98e [Oct 14 10:46:08][LOCAL_IP <-> REMOTE_IP] ike_calc_mac: Start, initiator = true, local = true [Oct 14 10:46:08][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { 5c645c17 bc2660e1 - 805983f6 5ee2bfc0 [-1] / 0x00000000 } IP; Output of HASH_I hash[20] = 0xafd5b42f 0686d60c 90f5284d 8c836974 565f5a57 [Oct 14 10:46:08][LOCAL_IP <-> REMOTE_IP] ike_st_o_status_n: Start [Oct 14 10:46:08][LOCAL_IP <-> REMOTE_IP] ike_st_o_private: Start [Oct 14 10:46:08][LOCAL_IP <-> REMOTE_IP] ike_policy_reply_private_payload_out: Start [Oct 14 10:46:08][LOCAL_IP <-> REMOTE_IP] ike_st_o_encrypt: Marking encryption for packet [Oct 14 10:46:08][LOCAL_IP <-> REMOTE_IP] ike_state_step: All done, new state = MM final I (7) [Oct 14 10:46:08][LOCAL_IP <-> REMOTE_IP] ike_encode_packet: Start, SA = { 0x5c645c17 bc2660e1 - 805983f6 5ee2bfc0 } / 00000000, nego = -1 [Oct 14 10:46:08][LOCAL_IP <-> REMOTE_IP] ike_encode_packet: Encrypting packet [Oct 14 10:46:08][LOCAL_IP <-> REMOTE_IP] ike_encode_packet: Final length = 76 [Oct 14 10:46:08][LOCAL_IP <-> REMOTE_IP] ike_send_packet: Start, send SA = { 5c645c17 bc2660e1 - 805983f6 5ee2bfc0}, nego = -1, dst = REMOTE_IP:500, routing table id = 0 [Oct 14 10:46:08][LOCAL_IP <-> REMOTE_IP] ike_sa_find: Found SA = { 5c645c17 bc2660e1 - 805983f6 5ee2bfc0 } [Oct 14 10:46:08][LOCAL_IP <-> REMOTE_IP] ikev2_packet_v1_start: Passing IKE v1.0 packet to IKEv1 library [Oct 14 10:46:08][LOCAL_IP <-> REMOTE_IP] ike_get_sa: Start, SA = { 5c645c17 bc2660e1 - 805983f6 5ee2bfc0 } / 00000000, remote = REMOTE_IP:500 [Oct 14 10:46:08][LOCAL_IP <-> REMOTE_IP] ike_sa_find: Found SA = { 5c645c17 bc2660e1 - 805983f6 5ee2bfc0 } [Oct 14 10:46:08][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { 5c645c17 bc2660e1 - 805983f6 5ee2bfc0 [-1] / 0x00000000 } IP; Packet to old negotiation [Oct 14 10:46:08][LOCAL_IP <-> REMOTE_IP] ike_decode_packet: Start [Oct 14 10:46:08][LOCAL_IP <-> REMOTE_IP] ike_decode_packet: Start, SA = { 5c645c17 bc2660e1 - 805983f6 5ee2bfc0} / 00000000, nego = -1 [Oct 14 10:46:08][LOCAL_IP <-> REMOTE_IP] ike_decode_packet: Decrypting packet [Oct 14 10:46:08][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { 5c645c17 bc2660e1 - 805983f6 5ee2bfc0 [-1] / 0x00000000 } IP; Version = 1.0, Input packet fields = 0024 ID HASH [Oct 14 10:46:08][LOCAL_IP <-> REMOTE_IP] ike_state_step: Current state = MM final I (7)/-1, exchange = 2, auth_method = pre shared key, Initiator [Oct 14 10:46:08][LOCAL_IP <-> REMOTE_IP] ike_st_i_encrypt: Check that packet was encrypted succeeded [Oct 14 10:46:08][LOCAL_IP <-> REMOTE_IP] ike_st_i_id: Start [Oct 14 10:46:08][LOCAL_IP <-> REMOTE_IP] ike_st_i_hash: Start, hash[0..20] = dc948881 db470842 ... [Oct 14 10:46:08][LOCAL_IP <-> REMOTE_IP] ike_calc_mac: Start, initiator = true, local = false [Oct 14 10:46:08][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { 5c645c17 bc2660e1 - 805983f6 5ee2bfc0 [-1] / 0x00000000 } IP; Output of HASH_R hash[20] = 0xdc948881 db470842 947ea016 8e0d86b1 f0a8eb54 [Oct 14 10:46:08][LOCAL_IP <-> REMOTE_IP] ike_st_i_cert: Start [Oct 14 10:46:08][LOCAL_IP <-> REMOTE_IP] ike_st_i_private: Start [Oct 14 10:46:08][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { 5c645c17 bc2660e1 - 805983f6 5ee2bfc0 [-1] / 0x00000000 } IP; dec->enc iv[16] = 0x3fe4df8a e9e198e3 77ab376a b487aad4 [Oct 14 10:46:08][LOCAL_IP <-> REMOTE_IP] ike_st_o_wait_done: Marking for waiting for done [Oct 14 10:46:08][LOCAL_IP <-> REMOTE_IP] ike_st_o_all_done: MESSAGE: Phase 1 { 0x5c645c17 bc2660e1 - 0x805983f6 5ee2bfc0 } / 00000000, version = 1.0, xchg = Identity protect, auth_method = Pre shared keys, Initiator, cipher = aes- [Oct 14 10:46:08][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { 5c645c17 bc2660e1 - 805983f6 5ee2bfc0 [-1] / 0x00000000 } IP; MESSAGE: Phase 1 version = 1.0, auth_method = Pre shared keys, cipher = ae [Oct 14 10:46:08][LOCAL_IP <-> REMOTE_IP] ike_state_step: All done, new state = MM done I (9) [Oct 14 10:46:08][LOCAL_IP <-> REMOTE_IP] ikev2_fallback_negotiation_free: Fallback negotiation dfc800 has still 1 references [Oct 14 10:46:08][LOCAL_IP <-> REMOTE_IP] ike_send_notify: Connected, SA = { 5c645c17 bc2660e1 - 805983f6 5ee2bfc0}, nego = -1 [Oct 14 10:46:08][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { 5c645c17 bc2660e1 - 805983f6 5ee2bfc0 [-1] / 0x00000000 } IP; Connected [Oct 14 10:46:08][LOCAL_IP <-> REMOTE_IP] ike_process_packet: No output packet, returning [Oct 14 10:46:08][LOCAL_IP <-> REMOTE_IP] iked_pm_ike_sa_done: local:LOCAL_IP, remote:REMOTE_IP IKEv1 [Oct 14 10:46:08][LOCAL_IP <-> REMOTE_IP] IKE negotiation done for local:LOCAL_IP, remote:REMOTE_IP IKEv1 with status: Error ok [Oct 14 10:46:08][LOCAL_IP <-> REMOTE_IP] Parsing notification payload for local:LOCAL_IP, remote:REMOTE_IP IKEv1 [Oct 14 10:46:08][LOCAL_IP <-> REMOTE_IP] P1 SA 2593430 stop timer. timer duration 30, reason 1. [Oct 14 10:46:08][LOCAL_IP <-> REMOTE_IP] ssh_ike_connect_notify: Start, remote_name = :500, flags = 00010000 [Oct 14 10:46:08][LOCAL_IP <-> REMOTE_IP] ike_sa_find_ip_port: Remote = all:500, Found SA = { 5c645c17 bc2660e1 - 805983f6 5ee2bfc0} [Oct 14 10:46:08][LOCAL_IP <-> REMOTE_IP] ike_alloc_negotiation: Start, SA = { 5c645c17 bc2660e1 - 805983f6 5ee2bfc0} [Oct 14 10:46:08][LOCAL_IP <-> REMOTE_IP] ike_alloc_negotiation: Found slot 0, max 1 [Oct 14 10:46:08][LOCAL_IP <-> REMOTE_IP] :500 (Initiator) <-> REMOTE_IP:500 { 5c645c17 bc2660e1 - 805983f6 5ee2bfc0 [0] / 0x1dea7366 } Info; Output of phase 2 IV hash[16] = 0x9ffc50dc 368167e0 34050763 6444c333 [Oct 14 10:46:08][LOCAL_IP <-> REMOTE_IP] ike_init_info_exchange: Created random message id = 1dea7366 [Oct 14 10:46:08][LOCAL_IP <-> REMOTE_IP] ike_init_info_exchange: Phase 1 done, use HASH and N or D payload [Oct 14 10:46:08][LOCAL_IP <-> REMOTE_IP] ssh_ike_connect_notify: SA = { 5c645c17 bc2660e1 - 805983f6 5ee2bfc0}, nego = 0 [Oct 14 10:46:08][LOCAL_IP <-> REMOTE_IP] :500 (Initiator) <-> REMOTE_IP:500 { 5c645c17 bc2660e1 - 805983f6 5ee2bfc0 [0] / 0x1dea7366 } Info; Start notify negotiation [Oct 14 10:46:08][LOCAL_IP <-> REMOTE_IP] ike_encode_packet: Start, SA = { 0x5c645c17 bc2660e1 - 805983f6 5ee2bfc0 } / 1dea7366, nego = 0 [Oct 14 10:46:08][LOCAL_IP <-> REMOTE_IP] ike_encode_packet: Encrypting packet [Oct 14 10:46:08][LOCAL_IP <-> REMOTE_IP] ike_encode_packet: Final length = 92 [Oct 14 10:46:08][LOCAL_IP <-> REMOTE_IP] ssh_ike_connect_notify: Sending notification to (null):500 [Oct 14 10:46:08][LOCAL_IP <-> REMOTE_IP] ike_send_packet: Start, send SA = { 5c645c17 bc2660e1 - 805983f6 5ee2bfc0}, nego = 0, dst = REMOTE_IP:500, routing table id = 0 [Oct 14 10:46:08][LOCAL_IP <-> REMOTE_IP] ike_delete_negotiation: Start, SA = { 5c645c17 bc2660e1 - 805983f6 5ee2bfc0}, nego = 0 [Oct 14 10:46:08][LOCAL_IP <-> REMOTE_IP] :500 (Initiator) <-> REMOTE_IP:500 { 5c645c17 bc2660e1 - 805983f6 5ee2bfc0 [0] / 0x1dea7366 } Info; Deleting negotiation [Oct 14 10:46:08][LOCAL_IP <-> REMOTE_IP] ike_free_negotiation_info: Start, nego = 0 [Oct 14 10:46:08][LOCAL_IP <-> REMOTE_IP] ike_free_negotiation: Start, nego = 0 [Oct 14 10:46:08][LOCAL_IP <-> REMOTE_IP] iked_pm_ike_info_done_callback: P1 SA 2593430 (ref 2). pending req? 0, status: Error ok [Oct 14 10:46:08][LOCAL_IP <-> REMOTE_IP] ikev2_fallback_negotiation_free: Freeing fallback negotiation dfc800 [Oct 14 10:46:08][LOCAL_IP <-> REMOTE_IP] ike_sa_find: Found SA = { 5c645c17 bc2660e1 - 805983f6 5ee2bfc0 } [Oct 14 10:46:08][LOCAL_IP <-> REMOTE_IP] ikev2_packet_v1_start: Passing IKE v1.0 packet to IKEv1 library [Oct 14 10:46:08][LOCAL_IP <-> REMOTE_IP] ike_get_sa: Start, SA = { 5c645c17 bc2660e1 - 805983f6 5ee2bfc0 } / 896c7d2b, remote = REMOTE_IP:500 [Oct 14 10:46:08][LOCAL_IP <-> REMOTE_IP] ike_sa_find: Found SA = { 5c645c17 bc2660e1 - 805983f6 5ee2bfc0 } [Oct 14 10:46:08][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { 5c645c17 bc2660e1 - 805983f6 5ee2bfc0 [-1] / 0x00000000 } IP; Version = 1.0, Input packet fields = 0024 ID HASH [Oct 14 10:46:08][LOCAL_IP <-> REMOTE_IP] ike_state_step: Current state = MM done I (9)/-1, exchange = 2, auth_method = pre shared key, Initiator [Oct 14 10:46:08][LOCAL_IP <-> REMOTE_IP] ike_st_o_done: ISAKMP SA negotiation done [Oct 14 10:46:08][LOCAL_IP <-> REMOTE_IP] ike_state_step: All done, new state = Done (30) [Oct 14 10:46:08][LOCAL_IP <-> REMOTE_IP] ike_udp_callback_common: Connected, sending notify [Oct 14 10:46:08][LOCAL_IP <-> REMOTE_IP] ike_send_notify: Connected, SA = { 5c645c17 bc2660e1 - 805983f6 5ee2bfc0}, nego = -1 [Oct 14 10:46:08][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { 5c645c17 bc2660e1 - 805983f6 5ee2bfc0 [-1] / 0x00000000 } IP; Connected [Oct 14 10:46:08][LOCAL_IP <-> REMOTE_IP] ike_free_negotiation_isakmp: Start, nego = -1 [Oct 14 10:46:08][LOCAL_IP <-> REMOTE_IP] ike_free_negotiation: Start, nego = -1 [Oct 14 10:46:08][LOCAL_IP <-> REMOTE_IP] ike_alloc_negotiation: Start, SA = { 5c645c17 bc2660e1 - 805983f6 5ee2bfc0} [Oct 14 10:46:08][LOCAL_IP <-> REMOTE_IP] ike_alloc_negotiation: Found slot 0, max 1 [Oct 14 10:46:08][LOCAL_IP <-> REMOTE_IP] ike_init_cfg_negotiation: Start, initiator = 0, message_id = 896c7d2b [Oct 14 10:46:08][LOCAL_IP <-> REMOTE_IP] :500 (Responder) <-> REMOTE_IP:500 { 5c645c17 bc2660e1 - 805983f6 5ee2bfc0 [0] / 0x896c7d2b } CFG; New negotiation [Oct 14 10:46:08][LOCAL_IP <-> REMOTE_IP] ikev2_fallback_negotiation_alloc: Allocated fallback negotiation dfc800 [Oct 14 10:46:08][LOCAL_IP <-> REMOTE_IP] ikev2_fb_alloc_cfgmode_negotiation: Accepting new Cfg/XAuth negotiation: local=:500, remote=REMOTE_IP:500 [Oct 14 10:46:08][LOCAL_IP <-> REMOTE_IP] :500 (Responder) <-> REMOTE_IP:500 { 5c645c17 bc2660e1 - 805983f6 5ee2bfc0 [0] / 0x896c7d2b } CFG; Output of phase 2 IV hash[16] = 0x8c2be89c beeb4e70 3f305ad3 4d25a030 [Oct 14 10:46:08][LOCAL_IP <-> REMOTE_IP] ike_decode_packet: Start [Oct 14 10:46:08][LOCAL_IP <-> REMOTE_IP] ike_decode_packet: Start, SA = { 5c645c17 bc2660e1 - 805983f6 5ee2bfc0} / 896c7d2b, nego = 0 [Oct 14 10:46:08][LOCAL_IP <-> REMOTE_IP] ike_decode_packet: Decrypting packet [Oct 14 10:46:08][LOCAL_IP <-> REMOTE_IP] ike_decode_payload_attr: Start [Oct 14 10:46:08][LOCAL_IP <-> REMOTE_IP] :500 (Responder) <-> REMOTE_IP:500 { 5c645c17 bc2660e1 - 805983f6 5ee2bfc0 [0] / 0x896c7d2b } CFG; Version = 1.0, Input packet fields = 0820 HASH ATTR [Oct 14 10:46:08][LOCAL_IP <-> REMOTE_IP] ike_state_step: Current state = Start CFG R (26)/-1, exchange = 6, auth_method = any, Responder [Oct 14 10:46:08][LOCAL_IP <-> REMOTE_IP] ike_st_i_encrypt: Check that packet was encrypted succeeded [Oct 14 10:46:08][LOCAL_IP <-> REMOTE_IP] ike_st_i_gen_hash: Start, hash[0..20] = e04e3dca f04d3f2a ... [Oct 14 10:46:08][LOCAL_IP <-> REMOTE_IP] ike_st_i_cfg_attr: Start [Oct 14 10:46:08][LOCAL_IP <-> REMOTE_IP] ike_process_packet: No output packet, returning [Oct 14 10:46:08][LOCAL_IP <-> REMOTE_IP] ike_cfg_attrs_reply: Start [Oct 14 10:46:08][LOCAL_IP <-> REMOTE_IP] ikev2_fallback_negotiation_free: Fallback negotiation dfc800 has still 2 references [Oct 14 10:46:08][LOCAL_IP <-> REMOTE_IP] ikev2_fallback_negotiation_free: Fallback negotiation dfc800 has still 1 references [Oct 14 10:46:08][LOCAL_IP <-> REMOTE_IP] ikev2_fallback_negotiation_free: Freeing fallback negotiation dfc800 [Oct 14 10:46:08][LOCAL_IP <-> REMOTE_IP] ike_sa_find: Found SA = { 5c645c17 bc2660e1 - 805983f6 5ee2bfc0 } [Oct 14 10:46:08][LOCAL_IP <-> REMOTE_IP] ikev2_packet_v1_start: Passing IKE v1.0 packet to IKEv1 library [Oct 14 10:46:08][LOCAL_IP <-> REMOTE_IP] ike_get_sa: Start, SA = { 5c645c17 bc2660e1 - 805983f6 5ee2bfc0 } / 0b56de9b, remote = REMOTE_IP:500 [Oct 14 10:46:08][LOCAL_IP <-> REMOTE_IP] ike_sa_find: Found SA = { 5c645c17 bc2660e1 - 805983f6 5ee2bfc0 } [Oct 14 10:46:08][LOCAL_IP <-> REMOTE_IP] ike_alloc_negotiation: Start, SA = { 5c645c17 bc2660e1 - 805983f6 5ee2bfc0} [Oct 14 10:46:08][LOCAL_IP <-> REMOTE_IP] ike_alloc_negotiation: Found slot 1, max 2 [Oct 14 10:46:08][LOCAL_IP <-> REMOTE_IP] :500 (Responder) <-> REMOTE_IP:500 { 5c645c17 bc2660e1 - 805983f6 5ee2bfc0 [1] / 0x0b56de9b } Info; New informational negotiation [Oct 14 10:46:08][LOCAL_IP <-> REMOTE_IP] :500 (Responder) <-> REMOTE_IP:500 { 5c645c17 bc2660e1 - 805983f6 5ee2bfc0 [1] / 0x0b56de9b } Info; Packet to old negotiation [Oct 14 10:46:08][LOCAL_IP <-> REMOTE_IP] :500 (Responder) <-> REMOTE_IP:500 { 5c645c17 bc2660e1 - 805983f6 5ee2bfc0 [1] / 0x0b56de9b } Info; Output of phase 2 IV hash[16] = 0x67e479cf e9619e60 8ff16158 d93ca67d [Oct 14 10:46:08][LOCAL_IP <-> REMOTE_IP] ike_decode_packet: Start [Oct 14 10:46:08][LOCAL_IP <-> REMOTE_IP] ike_decode_packet: Start, SA = { 5c645c17 bc2660e1 - 805983f6 5ee2bfc0} / 0b56de9b, nego = 1 [Oct 14 10:46:08][LOCAL_IP <-> REMOTE_IP] ike_decode_packet: Decrypting packet [Oct 14 10:46:08][LOCAL_IP <-> REMOTE_IP] :500 (Responder) <-> REMOTE_IP:500 { 5c645c17 bc2660e1 - 805983f6 5ee2bfc0 [1] / 0x0b56de9b } Info; Version = 1.0, Input packet fields = 0220 HASH N [Oct 14 10:46:08][LOCAL_IP <-> REMOTE_IP] ike_state_step: Current state = Done (30)/-1, exchange = 5, auth_method = any, Responder [Oct 14 10:46:08][LOCAL_IP <-> REMOTE_IP] ike_st_i_encrypt: Check that packet was encrypted succeeded [Oct 14 10:46:08][LOCAL_IP <-> REMOTE_IP] ike_st_i_gen_hash: Start, hash[0..20] = 4198646b 24e54ad9 ... [Oct 14 10:46:08][LOCAL_IP <-> REMOTE_IP] ike_st_i_n: Start, doi = 1, protocol = 1, code = Payload malformed (16), spi[0..0] = 00000000 00000000 ..., data[0..0] = 00000000 00000000 ... [Oct 14 10:46:08][LOCAL_IP <-> REMOTE_IP] :500 (Responder) <-> REMOTE_IP:500 { 5c645c17 bc2660e1 - 805983f6 5ee2bfc0 [1] / 0x0b56de9b } Info; Received notify err = Payload malformed (16) to isakmp sa, delete it [Oct 14 10:46:08][LOCAL_IP <-> REMOTE_IP] ike_st_i_private: Start [Oct 14 10:46:08][LOCAL_IP <-> REMOTE_IP] ike_state_step: All done, new state = Done (30) [Oct 14 10:46:08][LOCAL_IP <-> REMOTE_IP] ike_process_packet: Connected, sending notify [Oct 14 10:46:08][LOCAL_IP <-> REMOTE_IP] ike_send_notify: Connected, SA = { 5c645c17 bc2660e1 - 805983f6 5ee2bfc0}, nego = 1 [Oct 14 10:46:08][LOCAL_IP <-> REMOTE_IP] :500 (Responder) <-> REMOTE_IP:500 { 5c645c17 bc2660e1 - 805983f6 5ee2bfc0 [1] / 0x0b56de9b } Info; Connected [Oct 14 10:46:08][LOCAL_IP <-> REMOTE_IP] ike_delete_negotiation: Start, SA = { 5c645c17 bc2660e1 - 805983f6 5ee2bfc0}, nego = 1 [Oct 14 10:46:08][LOCAL_IP <-> REMOTE_IP] :500 (Responder) <-> REMOTE_IP:500 { 5c645c17 bc2660e1 - 805983f6 5ee2bfc0 [1] / 0x0b56de9b } Info; Deleting negotiation [Oct 14 10:46:08][LOCAL_IP <-> REMOTE_IP] ike_free_negotiation_info: Start, nego = 1 [Oct 14 10:46:08][LOCAL_IP <-> REMOTE_IP] ike_free_negotiation: Start, nego = 1 [Oct 14 10:46:08][LOCAL_IP <-> REMOTE_IP] ike_remove_callback: Start, delete SA = { 5c645c17 bc2660e1 - 805983f6 5ee2bfc0}, nego = -1 [Oct 14 10:46:08][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { 5c645c17 bc2660e1 - 805983f6 5ee2bfc0 [-1] / unknown } IP; Removing negotiation [Oct 14 10:46:08][LOCAL_IP <-> REMOTE_IP] ike_delete_negotiation: Start, SA = { 5c645c17 bc2660e1 - 805983f6 5ee2bfc0}, nego = -1 [Oct 14 10:46:08][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { 5c645c17 bc2660e1 - 805983f6 5ee2bfc0 [-1] / unknown } IP; Deleting negotiation [Oct 14 10:46:08][LOCAL_IP <-> REMOTE_IP] ssh_ike_tunnel_table_entry_delete: Deleting tunnel_id: 0 from IKE tunnel table [Oct 14 10:46:08][LOCAL_IP <-> REMOTE_IP] ssh_ike_tunnel_table_entry_delete: The tunnel id: 0 doesn't exist in IKE tunnel table [Oct 14 10:46:08][LOCAL_IP <-> REMOTE_IP] ike_sa_delete: Start, SA = { 5c645c17 bc2660e1 - 805983f6 5ee2bfc0 } [Oct 14 10:46:08][LOCAL_IP <-> REMOTE_IP] ike_free_negotiation_cfg: Start, nego = 0 [Oct 14 10:46:08][LOCAL_IP <-> REMOTE_IP] ike_free_negotiation: Start, nego = 0 [Oct 14 10:46:08][LOCAL_IP <-> REMOTE_IP] ike_free_negotiation_isakmp: Start, nego = -1 [Oct 14 10:46:08][LOCAL_IP <-> REMOTE_IP] ike_free_negotiation: Start, nego = -1 [Oct 14 10:46:08][LOCAL_IP <-> REMOTE_IP] ikev2_fb_isakmp_sa_freed: Received notification from the ISAKMP library that the IKE SA df6400 is freed [Oct 14 10:46:08][LOCAL_IP <-> REMOTE_IP] IKE SA delete called for p1 sa 2593430 (ref cnt 1) local:LOCAL_IP, remote:REMOTE_IP, IKEv1 [Oct 14 10:46:08][LOCAL_IP <-> REMOTE_IP] P1 SA 2593430 stop timer. timer duration 30, reason 0. [Oct 14 10:46:08][LOCAL_IP <-> REMOTE_IP] iked_pm_p1_sa_destroy: p1 sa 2593430 (ref cnt 0), waiting_for_del 0x0 [Oct 14 10:46:08][LOCAL_IP <-> REMOTE_IP] iked_peer_remove_p1sa_entry: Remove p1 sa 2593430 from peer entry 0x9cc400 [Oct 14 10:46:08][LOCAL_IP <-> REMOTE_IP] ike_free_id_payload: Start, id type = 1 [Oct 14 10:46:08][LOCAL_IP <-> REMOTE_IP] ike_free_id_payload: Start, id type = 1 [Oct 14 10:46:08][LOCAL_IP <-> REMOTE_IP] ike_free_sa: Start [Oct 14 10:46:12][LOCAL_IP <-> REMOTE_IP] ike_sa_find: Not found SA = { 5c645c17 bc2660e1 - 805983f6 5ee2bfc0 } [Oct 14 10:46:12][LOCAL_IP <-> REMOTE_IP] ikev2_packet_v1_start: Passing IKE v1.0 packet to IKEv1 library [Oct 14 10:46:12][LOCAL_IP <-> REMOTE_IP] ike_get_sa: Start, SA = { 5c645c17 bc2660e1 - 805983f6 5ee2bfc0 } / 896c7d2b, remote = REMOTE_IP:500 [Oct 14 10:46:12][LOCAL_IP <-> REMOTE_IP] ike_sa_find: Not found SA = { 5c645c17 bc2660e1 - 805983f6 5ee2bfc0 } [Oct 14 10:46:12][LOCAL_IP <-> REMOTE_IP] ike_sa_find_half: Not found half SA = { 5c645c17 bc2660e1 - 00000000 00000000 } [Oct 14 10:46:12][LOCAL_IP <-> REMOTE_IP] ike_get_sa: Invalid cookie, no sa found, SA = { 5c645c17 bc2660e1 - 805983f6 5ee2bfc0 } / 896c7d2b, remote = REMOTE_IP:500 [Oct 14 10:46:12][LOCAL_IP <-> REMOTE_IP] iked_pv_audit_callback: Empty SSH audit event [Oct 14 10:46:12][LOCAL_IP <-> REMOTE_IP] unknown (unknown) <-> unknown { unknown [unknown] / unknown } unknown; Packet to unknown Isakmp SA, ip = REMOTE_IP:500 [Oct 14 10:46:18][LOCAL_IP <-> REMOTE_IP] Received DPD Trigger message with local_gw_addr = LOCAL_IP remote_gw_addr = REMOTE_IP [Oct 14 10:46:18][LOCAL_IP <-> REMOTE_IP] DPD -> TTL decrement 4 (no-response) for remote peer REMOTE_IP [Oct 14 10:46:18][LOCAL_IP <-> REMOTE_IP] P1 SA 2593431 start timer. timer duration 30, reason 1. [Oct 14 10:46:18][LOCAL_IP <-> REMOTE_IP] iked_peer_insert_p1sa_entry: Insert p1 sa 2593431 in peer entry 0x9cc400 [Oct 14 10:46:18][LOCAL_IP <-> REMOTE_IP] ikev2_fallback_negotiation_alloc: Allocated fallback negotiation dfc800 [Oct 14 10:46:18][LOCAL_IP <-> REMOTE_IP] Parsing notification payload for local:LOCAL_IP, remote:REMOTE_IP IKEv1 [Oct 14 10:46:18][LOCAL_IP <-> REMOTE_IP] IKE SA fill called for negotiation of local:LOCAL_IP, remote:REMOTE_IP IKEv1 [Oct 14 10:46:18][LOCAL_IP <-> REMOTE_IP] ikev2_fallback_negotiation_free: Fallback negotiation dfc800 has still 1 references [Oct 14 10:46:18][LOCAL_IP <-> REMOTE_IP] ssh_ike_connect: Start, remote_name = REMOTE_IP:500, xchg = 2, flags = 00080000 [Oct 14 10:46:18][LOCAL_IP <-> REMOTE_IP] ike_sa_allocate: Start, SA = { 4d43ab5e 5fcb7677 - 00000000 00000000 } [Oct 14 10:46:18][LOCAL_IP <-> REMOTE_IP] ike_init_isakmp_sa: Start, remote = REMOTE_IP:500, initiator = 1 [Oct 14 10:46:18][LOCAL_IP <-> REMOTE_IP] ssh_ike_connect: SA = { 4d43ab5e 5fcb7677 - 00000000 00000000}, nego = -1 [Oct 14 10:46:18][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { 4d43ab5e 5fcb7677 - 00000000 00000000 [-1] / 0x00000000 } IP; Start isakmp sa negotiation [Oct 14 10:46:18][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { 4d43ab5e 5fcb7677 - 00000000 00000000 [-1] / 0x00000000 } IP; Version = 1.0, Input packet fields = 0000 [Oct 14 10:46:18][LOCAL_IP <-> REMOTE_IP] ike_state_step: Current state = Start sa negotiation I (1)/-1, exchange = 2, auth_method = pre shared key, Initiator [Oct 14 10:46:18][LOCAL_IP <-> REMOTE_IP] ike_st_o_sa_proposal: Start [Oct 14 10:46:18][LOCAL_IP <-> REMOTE_IP] ike_policy_reply_isakmp_vendor_ids: Start [Oct 14 10:46:18][LOCAL_IP <-> REMOTE_IP] ike_st_o_private: Start [Oct 14 10:46:18][LOCAL_IP <-> REMOTE_IP] ike_policy_reply_private_payload_out: Start [Oct 14 10:46:18][LOCAL_IP <-> REMOTE_IP] ike_state_step: All done, new state = MM SA I (3) [Oct 14 10:46:18][LOCAL_IP <-> REMOTE_IP] ike_encode_packet: Start, SA = { 0x4d43ab5e 5fcb7677 - 00000000 00000000 } / 00000000, nego = -1 [Oct 14 10:46:18][LOCAL_IP <-> REMOTE_IP] ike_encode_packet: Final length = 288 [Oct 14 10:46:18][LOCAL_IP <-> REMOTE_IP] ike_send_packet: Start, send SA = { 4d43ab5e 5fcb7677 - 00000000 00000000}, nego = -1, dst = REMOTE_IP:500, routing table id = 0 [Oct 14 10:46:18][LOCAL_IP <-> REMOTE_IP] ike_sa_find: Not found SA = { 4d43ab5e 5fcb7677 - 4067c2c1 8291aca2 } [Oct 14 10:46:18][LOCAL_IP <-> REMOTE_IP] ikev2_packet_v1_start: Passing IKE v1.0 packet to IKEv1 library [Oct 14 10:46:18][LOCAL_IP <-> REMOTE_IP] ike_get_sa: Start, SA = { 4d43ab5e 5fcb7677 - 4067c2c1 8291aca2 } / 00000000, remote = REMOTE_IP:500 [Oct 14 10:46:18][LOCAL_IP <-> REMOTE_IP] ike_sa_find: Not found SA = { 4d43ab5e 5fcb7677 - 4067c2c1 8291aca2 } [Oct 14 10:46:18][LOCAL_IP <-> REMOTE_IP] ike_sa_find_half: Found half SA = { 4d43ab5e 5fcb7677 - 00000000 00000000 } [Oct 14 10:46:18][LOCAL_IP <-> REMOTE_IP] ike_get_sa: We are intiator, first response packet [Oct 14 10:46:18][LOCAL_IP <-> REMOTE_IP] ike_sa_upgrade: Start, SA = { 4d43ab5e 5fcb7677 - 00000000 00000000 } -> { ... - 4067c2c1 8291aca2 } [Oct 14 10:46:18][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { 4d43ab5e 5fcb7677 - 4067c2c1 8291aca2 [-1] / 0x00000000 } IP; Packet to old negotiation [Oct 14 10:46:18][LOCAL_IP <-> REMOTE_IP] ike_decode_packet: Start [Oct 14 10:46:18][LOCAL_IP <-> REMOTE_IP] ike_decode_packet: Start, SA = { 4d43ab5e 5fcb7677 - 4067c2c1 8291aca2} / 00000000, nego = -1 [Oct 14 10:46:18][LOCAL_IP <-> REMOTE_IP] ike_decode_payload_sa: Start [Oct 14 10:46:18][LOCAL_IP <-> REMOTE_IP] ike_decode_payload_sa: Found 1 proposals [Oct 14 10:46:18][LOCAL_IP <-> REMOTE_IP] ike_decode_payload_t: Start, # trans = 1 [Oct 14 10:46:18][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { 4d43ab5e 5fcb7677 - 4067c2c1 8291aca2 [-1] / 0x00000000 } IP; Version = 1.0, Input packet fields = 0401 SA VID [Oct 14 10:46:18][LOCAL_IP <-> REMOTE_IP] ike_state_step: Current state = MM SA I (3)/-1, exchange = 2, auth_method = pre shared key, Initiator [Oct 14 10:46:18][LOCAL_IP <-> REMOTE_IP] ike_st_i_sa_value: Start [Oct 14 10:46:18][LOCAL_IP <-> REMOTE_IP] ike_st_i_cr: Start [Oct 14 10:46:18][LOCAL_IP <-> REMOTE_IP] ike_st_i_cert: Start [Oct 14 10:46:18][LOCAL_IP <-> REMOTE_IP] ike_st_i_vid: VID[0..8] = 09002689 dfd6b712 ... [Oct 14 10:46:18][LOCAL_IP <-> REMOTE_IP] ike_st_i_vid: VID[0..16] = afcad713 68a1f1c9 ... [Oct 14 10:46:18][LOCAL_IP <-> REMOTE_IP] ike_st_i_vid: VID[0..16] = 12f5f28c 457168a9 ... [Oct 14 10:46:18][LOCAL_IP <-> REMOTE_IP] ike_st_i_vid: VID[0..16] = 4a131c81 07035845 ... [Oct 14 10:46:18][LOCAL_IP <-> REMOTE_IP] ike_st_i_private: Start [Oct 14 10:46:18][LOCAL_IP <-> REMOTE_IP] ike_st_o_ke: Start [Oct 14 10:46:18][LOCAL_IP <-> REMOTE_IP] iked_dh_get_group: DH Group 2 [Oct 14 10:46:18][LOCAL_IP <-> REMOTE_IP] iked_dh_generate_sync: Requested DH group 2 [Oct 14 10:46:18][LOCAL_IP <-> REMOTE_IP] iked_dh_generate_sync: Generated DH keys using hardware for DH group 2 [Oct 14 10:46:18][LOCAL_IP <-> REMOTE_IP] juniper_dlp_diffie_hellman_generate_async: DH Generate Secs [0] USecs [6098] [Oct 14 10:46:18][LOCAL_IP <-> REMOTE_IP] juniper_dlp_diffie_hellman_generate_async: Generated DH using hardware [Oct 14 10:46:18][LOCAL_IP <-> REMOTE_IP] ike_st_o_nonce: Start [Oct 14 10:46:18][LOCAL_IP <-> REMOTE_IP] ike_policy_reply_isakmp_nonce_data_len: Start [Oct 14 10:46:18][LOCAL_IP <-> REMOTE_IP] ike_st_o_private: Start [Oct 14 10:46:18][LOCAL_IP <-> REMOTE_IP] ike_policy_reply_private_payload_out: Start [Oct 14 10:46:18][LOCAL_IP <-> REMOTE_IP] ike_policy_reply_private_payload_out: Start [Oct 14 10:46:18][LOCAL_IP <-> REMOTE_IP] ike_policy_reply_private_payload_out: Start [Oct 14 10:46:18][LOCAL_IP <-> REMOTE_IP] ike_state_step: All done, new state = MM KE I (5) [Oct 14 10:46:18][LOCAL_IP <-> REMOTE_IP] ike_encode_packet: Start, SA = { 0x4d43ab5e 5fcb7677 - 4067c2c1 8291aca2 } / 00000000, nego = -1 [Oct 14 10:46:18][LOCAL_IP <-> REMOTE_IP] ike_encode_packet: Final length = 228 [Oct 14 10:46:18][LOCAL_IP <-> REMOTE_IP] ike_send_packet: Start, send SA = { 4d43ab5e 5fcb7677 - 4067c2c1 8291aca2}, nego = -1, dst = REMOTE_IP:500, routing table id = 0 [Oct 14 10:46:18][LOCAL_IP <-> REMOTE_IP] ike_sa_find: Found SA = { 4d43ab5e 5fcb7677 - 4067c2c1 8291aca2 } [Oct 14 10:46:18][LOCAL_IP <-> REMOTE_IP] ikev2_packet_v1_start: Passing IKE v1.0 packet to IKEv1 library [Oct 14 10:46:18][LOCAL_IP <-> REMOTE_IP] ike_get_sa: Start, SA = { 4d43ab5e 5fcb7677 - 4067c2c1 8291aca2 } / 00000000, remote = REMOTE_IP:500 [Oct 14 10:46:18][LOCAL_IP <-> REMOTE_IP] ike_sa_find: Found SA = { 4d43ab5e 5fcb7677 - 4067c2c1 8291aca2 } [Oct 14 10:46:18][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { 4d43ab5e 5fcb7677 - 4067c2c1 8291aca2 [-1] / 0x00000000 } IP; Packet to old negotiation [Oct 14 10:46:18][LOCAL_IP <-> REMOTE_IP] ike_decode_packet: Start [Oct 14 10:46:18][LOCAL_IP <-> REMOTE_IP] ike_decode_packet: Start, SA = { 4d43ab5e 5fcb7677 - 4067c2c1 8291aca2} / 00000000, nego = -1 [Oct 14 10:46:18][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { 4d43ab5e 5fcb7677 - 4067c2c1 8291aca2 [-1] / 0x00000000 } IP; Version = 1.0, Input packet fields = 0012 KE NONCE [Oct 14 10:46:18][LOCAL_IP <-> REMOTE_IP] ike_state_step: Current state = MM KE I (5)/-1, exchange = 2, auth_method = pre shared key, Initiator [Oct 14 10:46:18][LOCAL_IP <-> REMOTE_IP] ike_st_i_nonce: Start, nonce[0..32] = 79236ff4 e5ac4f5b ... [Oct 14 10:46:18][LOCAL_IP <-> REMOTE_IP] ike_st_i_ke: Ke[0..128] = fa4d99d9 02fd2b1a ... [Oct 14 10:46:18][LOCAL_IP <-> REMOTE_IP] ike_st_i_cr: Start [Oct 14 10:46:18][LOCAL_IP <-> REMOTE_IP] ike_st_i_cert: Start [Oct 14 10:46:18][LOCAL_IP <-> REMOTE_IP] ike_st_i_private: Start [Oct 14 10:46:18][LOCAL_IP <-> REMOTE_IP] ike_st_o_id: Start [Oct 14 10:46:18][LOCAL_IP <-> REMOTE_IP] ike_st_o_hash: Start [Oct 14 10:46:18][LOCAL_IP <-> REMOTE_IP] iked_dh_get_group: DH Group 2 [Oct 14 10:46:18][LOCAL_IP <-> REMOTE_IP] iked_dh_compute_synch: Requested DH group 2 [Oct 14 10:46:18][LOCAL_IP <-> REMOTE_IP] juniper_dlp_diffie_hellman_final_async: DH Compute Secs [0] USecs [5254] [Oct 14 10:46:18][LOCAL_IP <-> REMOTE_IP] juniper_dlp_diffie_hellman_final_async: Computed DH using hardware [Oct 14 10:46:18][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { 4d43ab5e 5fcb7677 - 4067c2c1 8291aca2 [-1] / 0x00000000 } IP; Diffie-hellman secret g^xy[128] = 0xa1b1fbb1 d6c37c41 4d6fa1fe 3e8dd6cb 66 [Oct 14 10:46:18][LOCAL_IP <-> REMOTE_IP] ike_find_pre_shared_key: Find pre shared key key for LOCAL_IP:500, id = ipv4(any:0,[0..3]=LOCAL_IP) -> REMOTE_IP:500, id = No Id [Oct 14 10:46:18][LOCAL_IP <-> REMOTE_IP] ike_policy_reply_find_pre_shared_key: Start [Oct 14 10:46:18][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { 4d43ab5e 5fcb7677 - 4067c2c1 8291aca2 [-1] / 0x00000000 } IP; Hash algorithm = hmac-sha1 [Oct 14 10:46:18][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { 4d43ab5e 5fcb7677 - 4067c2c1 8291aca2 [-1] / 0x00000000 } IP; Prf key[11] = 0x32303135 4d696172 657465 [Oct 14 10:46:18][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { 4d43ab5e 5fcb7677 - 4067c2c1 8291aca2 [-1] / 0x00000000 } IP; Calculating SKEYID [Oct 14 10:46:18][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { 4d43ab5e 5fcb7677 - 4067c2c1 8291aca2 [-1] / 0x00000000 } IP; Output of SKEYID hash[20] = 0x2eaa75db 5f686777 ed1e867a 432d0eee 299c7f81 [Oct 14 10:46:18][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { 4d43ab5e 5fcb7677 - 4067c2c1 8291aca2 [-1] / 0x00000000 } IP; Output of SKEYID_d hash[20] = 0x638561e6 e0328a78 f549c834 a99bedb0 1e93fb [Oct 14 10:46:18][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { 4d43ab5e 5fcb7677 - 4067c2c1 8291aca2 [-1] / 0x00000000 } IP; Output of SKEYID_a hash[20] = 0x378b463f 4c591da4 39a1a8ea 63247fb9 e25581 [Oct 14 10:46:18][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { 4d43ab5e 5fcb7677 - 4067c2c1 8291aca2 [-1] / 0x00000000 } IP; Output SKEYID_e hash[20] = 0x38a4792b 59673596 b4465326 45b3bbe1 a89405af [Oct 14 10:46:18][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { 4d43ab5e 5fcb7677 - 4067c2c1 8291aca2 [-1] / 0x00000000 } IP; Final encryption key[16] = 0x38a4792b 59673596 b4465326 45b3bbe1 [Oct 14 10:46:18][LOCAL_IP <-> REMOTE_IP] ike_calc_mac: Start, initiator = true, local = true [Oct 14 10:46:18][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { 4d43ab5e 5fcb7677 - 4067c2c1 8291aca2 [-1] / 0x00000000 } IP; Output of HASH_I hash[20] = 0x893dd0f9 00ca98f6 d14a65f9 a4a90b6b e2e0fd6c [Oct 14 10:46:18][LOCAL_IP <-> REMOTE_IP] ike_st_o_status_n: Start [Oct 14 10:46:18][LOCAL_IP <-> REMOTE_IP] ike_st_o_private: Start [Oct 14 10:46:18][LOCAL_IP <-> REMOTE_IP] ike_policy_reply_private_payload_out: Start [Oct 14 10:46:18][LOCAL_IP <-> REMOTE_IP] ike_st_o_encrypt: Marking encryption for packet [Oct 14 10:46:18][LOCAL_IP <-> REMOTE_IP] ike_state_step: All done, new state = MM final I (7) [Oct 14 10:46:18][LOCAL_IP <-> REMOTE_IP] ike_encode_packet: Start, SA = { 0x4d43ab5e 5fcb7677 - 4067c2c1 8291aca2 } / 00000000, nego = -1 [Oct 14 10:46:18][LOCAL_IP <-> REMOTE_IP] ike_encode_packet: Encrypting packet [Oct 14 10:46:18][LOCAL_IP <-> REMOTE_IP] ike_encode_packet: Final length = 76 [Oct 14 10:46:18][LOCAL_IP <-> REMOTE_IP] ike_send_packet: Start, send SA = { 4d43ab5e 5fcb7677 - 4067c2c1 8291aca2}, nego = -1, dst = REMOTE_IP:500, routing table id = 0 [Oct 14 10:46:18][LOCAL_IP <-> REMOTE_IP] ike_sa_find: Found SA = { 4d43ab5e 5fcb7677 - 4067c2c1 8291aca2 } [Oct 14 10:46:18][LOCAL_IP <-> REMOTE_IP] ikev2_packet_v1_start: Passing IKE v1.0 packet to IKEv1 library [Oct 14 10:46:18][LOCAL_IP <-> REMOTE_IP] ike_get_sa: Start, SA = { 4d43ab5e 5fcb7677 - 4067c2c1 8291aca2 } / 00000000, remote = REMOTE_IP:500 [Oct 14 10:46:18][LOCAL_IP <-> REMOTE_IP] ike_sa_find: Found SA = { 4d43ab5e 5fcb7677 - 4067c2c1 8291aca2 } [Oct 14 10:46:18][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { 4d43ab5e 5fcb7677 - 4067c2c1 8291aca2 [-1] / 0x00000000 } IP; Packet to old negotiation [Oct 14 10:46:18][LOCAL_IP <-> REMOTE_IP] ike_decode_packet: Start [Oct 14 10:46:18][LOCAL_IP <-> REMOTE_IP] ike_decode_packet: Start, SA = { 4d43ab5e 5fcb7677 - 4067c2c1 8291aca2} / 00000000, nego = -1 [Oct 14 10:46:18][LOCAL_IP <-> REMOTE_IP] ike_decode_packet: Decrypting packet [Oct 14 10:46:18][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { 4d43ab5e 5fcb7677 - 4067c2c1 8291aca2 [-1] / 0x00000000 } IP; Version = 1.0, Input packet fields = 0024 ID HASH [Oct 14 10:46:18][LOCAL_IP <-> REMOTE_IP] ike_state_step: Current state = MM final I (7)/-1, exchange = 2, auth_method = pre shared key, Initiator [Oct 14 10:46:18][LOCAL_IP <-> REMOTE_IP] ike_st_i_encrypt: Check that packet was encrypted succeeded [Oct 14 10:46:18][LOCAL_IP <-> REMOTE_IP] ike_st_i_id: Start [Oct 14 10:46:18][LOCAL_IP <-> REMOTE_IP] ike_st_i_hash: Start, hash[0..20] = cb3f72b4 4bc8c0d5 ... [Oct 14 10:46:18][LOCAL_IP <-> REMOTE_IP] ike_calc_mac: Start, initiator = true, local = false [Oct 14 10:46:18][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { 4d43ab5e 5fcb7677 - 4067c2c1 8291aca2 [-1] / 0x00000000 } IP; Output of HASH_R hash[20] = 0xcb3f72b4 4bc8c0d5 d3455e8a bb349f9c 5ea407da [Oct 14 10:46:18][LOCAL_IP <-> REMOTE_IP] ike_st_i_cert: Start [Oct 14 10:46:18][LOCAL_IP <-> REMOTE_IP] ike_st_i_private: Start [Oct 14 10:46:18][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { 4d43ab5e 5fcb7677 - 4067c2c1 8291aca2 [-1] / 0x00000000 } IP; dec->enc iv[16] = 0xb9044a8d 5d0cf4b7 fd23006b ff70dfd3 [Oct 14 10:46:18][LOCAL_IP <-> REMOTE_IP] ike_st_o_wait_done: Marking for waiting for done [Oct 14 10:46:18][LOCAL_IP <-> REMOTE_IP] ike_st_o_all_done: MESSAGE: Phase 1 { 0x4d43ab5e 5fcb7677 - 0x4067c2c1 8291aca2 } / 00000000, version = 1.0, xchg = Identity protect, auth_method = Pre shared keys, Initiator, cipher = aes- [Oct 14 10:46:18][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { 4d43ab5e 5fcb7677 - 4067c2c1 8291aca2 [-1] / 0x00000000 } IP; MESSAGE: Phase 1 version = 1.0, auth_method = Pre shared keys, cipher = ae [Oct 14 10:46:18][LOCAL_IP <-> REMOTE_IP] ike_state_step: All done, new state = MM done I (9) [Oct 14 10:46:18][LOCAL_IP <-> REMOTE_IP] ikev2_fallback_negotiation_free: Fallback negotiation dfc800 has still 1 references [Oct 14 10:46:18][LOCAL_IP <-> REMOTE_IP] ike_send_notify: Connected, SA = { 4d43ab5e 5fcb7677 - 4067c2c1 8291aca2}, nego = -1 [Oct 14 10:46:18][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { 4d43ab5e 5fcb7677 - 4067c2c1 8291aca2 [-1] / 0x00000000 } IP; Connected [Oct 14 10:46:18][LOCAL_IP <-> REMOTE_IP] ike_process_packet: No output packet, returning [Oct 14 10:46:18][LOCAL_IP <-> REMOTE_IP] iked_pm_ike_sa_done: local:LOCAL_IP, remote:REMOTE_IP IKEv1 [Oct 14 10:46:18][LOCAL_IP <-> REMOTE_IP] IKE negotiation done for local:LOCAL_IP, remote:REMOTE_IP IKEv1 with status: Error ok [Oct 14 10:46:18][LOCAL_IP <-> REMOTE_IP] Parsing notification payload for local:LOCAL_IP, remote:REMOTE_IP IKEv1 [Oct 14 10:46:18][LOCAL_IP <-> REMOTE_IP] P1 SA 2593431 stop timer. timer duration 30, reason 1. [Oct 14 10:46:18][LOCAL_IP <-> REMOTE_IP] ssh_ike_connect_notify: Start, remote_name = :500, flags = 00010000 [Oct 14 10:46:18][LOCAL_IP <-> REMOTE_IP] ike_sa_find_ip_port: Remote = all:500, Found SA = { 4d43ab5e 5fcb7677 - 4067c2c1 8291aca2} [Oct 14 10:46:18][LOCAL_IP <-> REMOTE_IP] ike_alloc_negotiation: Start, SA = { 4d43ab5e 5fcb7677 - 4067c2c1 8291aca2} [Oct 14 10:46:18][LOCAL_IP <-> REMOTE_IP] ike_alloc_negotiation: Found slot 0, max 1 [Oct 14 10:46:18][LOCAL_IP <-> REMOTE_IP] :500 (Initiator) <-> REMOTE_IP:500 { 4d43ab5e 5fcb7677 - 4067c2c1 8291aca2 [0] / 0xeff0a6c8 } Info; Output of phase 2 IV hash[16] = 0xe1620a0a f68e94d2 8ae2a458 10e54ebd [Oct 14 10:46:18][LOCAL_IP <-> REMOTE_IP] ike_init_info_exchange: Created random message id = eff0a6c8 [Oct 14 10:46:18][LOCAL_IP <-> REMOTE_IP] ike_init_info_exchange: Phase 1 done, use HASH and N or D payload [Oct 14 10:46:18][LOCAL_IP <-> REMOTE_IP] ssh_ike_connect_notify: SA = { 4d43ab5e 5fcb7677 - 4067c2c1 8291aca2}, nego = 0 [Oct 14 10:46:18][LOCAL_IP <-> REMOTE_IP] :500 (Initiator) <-> REMOTE_IP:500 { 4d43ab5e 5fcb7677 - 4067c2c1 8291aca2 [0] / 0xeff0a6c8 } Info; Start notify negotiation [Oct 14 10:46:18][LOCAL_IP <-> REMOTE_IP] ike_encode_packet: Start, SA = { 0x4d43ab5e 5fcb7677 - 4067c2c1 8291aca2 } / eff0a6c8, nego = 0 [Oct 14 10:46:18][LOCAL_IP <-> REMOTE_IP] ike_encode_packet: Encrypting packet [Oct 14 10:46:18][LOCAL_IP <-> REMOTE_IP] ike_encode_packet: Final length = 92 [Oct 14 10:46:18][LOCAL_IP <-> REMOTE_IP] ssh_ike_connect_notify: Sending notification to (null):500 [Oct 14 10:46:18][LOCAL_IP <-> REMOTE_IP] ike_send_packet: Start, send SA = { 4d43ab5e 5fcb7677 - 4067c2c1 8291aca2}, nego = 0, dst = REMOTE_IP:500, routing table id = 0 [Oct 14 10:46:18][LOCAL_IP <-> REMOTE_IP] ike_delete_negotiation: Start, SA = { 4d43ab5e 5fcb7677 - 4067c2c1 8291aca2}, nego = 0 [Oct 14 10:46:18][LOCAL_IP <-> REMOTE_IP] :500 (Initiator) <-> REMOTE_IP:500 { 4d43ab5e 5fcb7677 - 4067c2c1 8291aca2 [0] / 0xeff0a6c8 } Info; Deleting negotiation [Oct 14 10:46:18][LOCAL_IP <-> REMOTE_IP] ike_free_negotiation_info: Start, nego = 0 [Oct 14 10:46:18][LOCAL_IP <-> REMOTE_IP] ike_free_negotiation: Start, nego = 0 [Oct 14 10:46:18][LOCAL_IP <-> REMOTE_IP] iked_pm_ike_info_done_callback: P1 SA 2593431 (ref 2). pending req? 0, status: Error ok [Oct 14 10:46:18][LOCAL_IP <-> REMOTE_IP] ikev2_fallback_negotiation_free: Freeing fallback negotiation dfc800 [Oct 14 10:46:18][LOCAL_IP <-> REMOTE_IP] ike_sa_find: Found SA = { 4d43ab5e 5fcb7677 - 4067c2c1 8291aca2 } [Oct 14 10:46:18][LOCAL_IP <-> REMOTE_IP] ikev2_packet_v1_start: Passing IKE v1.0 packet to IKEv1 library [Oct 14 10:46:18][LOCAL_IP <-> REMOTE_IP] ike_get_sa: Start, SA = { 4d43ab5e 5fcb7677 - 4067c2c1 8291aca2 } / 41a542a6, remote = REMOTE_IP:500 [Oct 14 10:46:18][LOCAL_IP <-> REMOTE_IP] ike_sa_find: Found SA = { 4d43ab5e 5fcb7677 - 4067c2c1 8291aca2 } [Oct 14 10:46:18][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { 4d43ab5e 5fcb7677 - 4067c2c1 8291aca2 [-1] / 0x00000000 } IP; Version = 1.0, Input packet fields = 0024 ID HASH [Oct 14 10:46:18][LOCAL_IP <-> REMOTE_IP] ike_state_step: Current state = MM done I (9)/-1, exchange = 2, auth_method = pre shared key, Initiator [Oct 14 10:46:18][LOCAL_IP <-> REMOTE_IP] ike_st_o_done: ISAKMP SA negotiation done [Oct 14 10:46:18][LOCAL_IP <-> REMOTE_IP] ike_state_step: All done, new state = Done (30) [Oct 14 10:46:18][LOCAL_IP <-> REMOTE_IP] ike_udp_callback_common: Connected, sending notify [Oct 14 10:46:18][LOCAL_IP <-> REMOTE_IP] ike_send_notify: Connected, SA = { 4d43ab5e 5fcb7677 - 4067c2c1 8291aca2}, nego = -1 [Oct 14 10:46:18][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { 4d43ab5e 5fcb7677 - 4067c2c1 8291aca2 [-1] / 0x00000000 } IP; Connected [Oct 14 10:46:18][LOCAL_IP <-> REMOTE_IP] ike_free_negotiation_isakmp: Start, nego = -1 [Oct 14 10:46:18][LOCAL_IP <-> REMOTE_IP] ike_free_negotiation: Start, nego = -1 [Oct 14 10:46:18][LOCAL_IP <-> REMOTE_IP] ike_alloc_negotiation: Start, SA = { 4d43ab5e 5fcb7677 - 4067c2c1 8291aca2} [Oct 14 10:46:18][LOCAL_IP <-> REMOTE_IP] ike_alloc_negotiation: Found slot 0, max 1 [Oct 14 10:46:18][LOCAL_IP <-> REMOTE_IP] ike_init_cfg_negotiation: Start, initiator = 0, message_id = 41a542a6 [Oct 14 10:46:18][LOCAL_IP <-> REMOTE_IP] :500 (Responder) <-> REMOTE_IP:500 { 4d43ab5e 5fcb7677 - 4067c2c1 8291aca2 [0] / 0x41a542a6 } CFG; New negotiation [Oct 14 10:46:18][LOCAL_IP <-> REMOTE_IP] ikev2_fallback_negotiation_alloc: Allocated fallback negotiation dfc800 [Oct 14 10:46:18][LOCAL_IP <-> REMOTE_IP] ikev2_fb_alloc_cfgmode_negotiation: Accepting new Cfg/XAuth negotiation: local=:500, remote=REMOTE_IP:500 [Oct 14 10:46:18][LOCAL_IP <-> REMOTE_IP] :500 (Responder) <-> REMOTE_IP:500 { 4d43ab5e 5fcb7677 - 4067c2c1 8291aca2 [0] / 0x41a542a6 } CFG; Output of phase 2 IV hash[16] = 0xcf49e89f 5e6bac47 b03c0821 5b0fa969 [Oct 14 10:46:18][LOCAL_IP <-> REMOTE_IP] ike_decode_packet: Start [Oct 14 10:46:18][LOCAL_IP <-> REMOTE_IP] ike_decode_packet: Start, SA = { 4d43ab5e 5fcb7677 - 4067c2c1 8291aca2} / 41a542a6, nego = 0 [Oct 14 10:46:18][LOCAL_IP <-> REMOTE_IP] ike_decode_packet: Decrypting packet [Oct 14 10:46:18][LOCAL_IP <-> REMOTE_IP] ike_decode_payload_attr: Start [Oct 14 10:46:18][LOCAL_IP <-> REMOTE_IP] :500 (Responder) <-> REMOTE_IP:500 { 4d43ab5e 5fcb7677 - 4067c2c1 8291aca2 [0] / 0x41a542a6 } CFG; Version = 1.0, Input packet fields = 0820 HASH ATTR [Oct 14 10:46:18][LOCAL_IP <-> REMOTE_IP] ike_state_step: Current state = Start CFG R (26)/-1, exchange = 6, auth_method = any, Responder [Oct 14 10:46:18][LOCAL_IP <-> REMOTE_IP] ike_st_i_encrypt: Check that packet was encrypted succeeded [Oct 14 10:46:18][LOCAL_IP <-> REMOTE_IP] ike_st_i_gen_hash: Start, hash[0..20] = e166b1d3 3ea4486a ... [Oct 14 10:46:18][LOCAL_IP <-> REMOTE_IP] ike_st_i_cfg_attr: Start [Oct 14 10:46:18][LOCAL_IP <-> REMOTE_IP] ike_process_packet: No output packet, returning [Oct 14 10:46:18][LOCAL_IP <-> REMOTE_IP] ike_cfg_attrs_reply: Start [Oct 14 10:46:18][LOCAL_IP <-> REMOTE_IP] ikev2_fallback_negotiation_free: Fallback negotiation dfc800 has still 2 references [Oct 14 10:46:18][LOCAL_IP <-> REMOTE_IP] ikev2_fallback_negotiation_free: Fallback negotiation dfc800 has still 1 references [Oct 14 10:46:18][LOCAL_IP <-> REMOTE_IP] ikev2_fallback_negotiation_free: Freeing fallback negotiation dfc800 [Oct 14 10:46:18][LOCAL_IP <-> REMOTE_IP] ike_sa_find: Found SA = { 4d43ab5e 5fcb7677 - 4067c2c1 8291aca2 } [Oct 14 10:46:18][LOCAL_IP <-> REMOTE_IP] ikev2_packet_v1_start: Passing IKE v1.0 packet to IKEv1 library [Oct 14 10:46:18][LOCAL_IP <-> REMOTE_IP] ike_get_sa: Start, SA = { 4d43ab5e 5fcb7677 - 4067c2c1 8291aca2 } / 17c66ede, remote = REMOTE_IP:500 [Oct 14 10:46:18][LOCAL_IP <-> REMOTE_IP] ike_sa_find: Found SA = { 4d43ab5e 5fcb7677 - 4067c2c1 8291aca2 } [Oct 14 10:46:18][LOCAL_IP <-> REMOTE_IP] ike_alloc_negotiation: Start, SA = { 4d43ab5e 5fcb7677 - 4067c2c1 8291aca2} [Oct 14 10:46:18][LOCAL_IP <-> REMOTE_IP] ike_alloc_negotiation: Found slot 1, max 2 [Oct 14 10:46:18][LOCAL_IP <-> REMOTE_IP] :500 (Responder) <-> REMOTE_IP:500 { 4d43ab5e 5fcb7677 - 4067c2c1 8291aca2 [1] / 0x17c66ede } Info; New informational negotiation [Oct 14 10:46:18][LOCAL_IP <-> REMOTE_IP] :500 (Responder) <-> REMOTE_IP:500 { 4d43ab5e 5fcb7677 - 4067c2c1 8291aca2 [1] / 0x17c66ede } Info; Packet to old negotiation [Oct 14 10:46:18][LOCAL_IP <-> REMOTE_IP] :500 (Responder) <-> REMOTE_IP:500 { 4d43ab5e 5fcb7677 - 4067c2c1 8291aca2 [1] / 0x17c66ede } Info; Output of phase 2 IV hash[16] = 0x2e6d6cfa 6b935482 d088a5af f88ffa15 [Oct 14 10:46:18][LOCAL_IP <-> REMOTE_IP] ike_decode_packet: Start [Oct 14 10:46:18][LOCAL_IP <-> REMOTE_IP] ike_decode_packet: Start, SA = { 4d43ab5e 5fcb7677 - 4067c2c1 8291aca2} / 17c66ede, nego = 1 [Oct 14 10:46:18][LOCAL_IP <-> REMOTE_IP] ike_decode_packet: Decrypting packet [Oct 14 10:46:18][LOCAL_IP <-> REMOTE_IP] :500 (Responder) <-> REMOTE_IP:500 { 4d43ab5e 5fcb7677 - 4067c2c1 8291aca2 [1] / 0x17c66ede } Info; Version = 1.0, Input packet fields = 0220 HASH N [Oct 14 10:46:18][LOCAL_IP <-> REMOTE_IP] ike_state_step: Current state = Done (30)/-1, exchange = 5, auth_method = any, Responder [Oct 14 10:46:18][LOCAL_IP <-> REMOTE_IP] ike_st_i_encrypt: Check that packet was encrypted succeeded [Oct 14 10:46:18][LOCAL_IP <-> REMOTE_IP] ike_st_i_gen_hash: Start, hash[0..20] = d438a5bb d1ac1769 ... [Oct 14 10:46:18][LOCAL_IP <-> REMOTE_IP] ike_st_i_n: Start, doi = 1, protocol = 1, code = Payload malformed (16), spi[0..0] = 00000000 00000000 ..., data[0..0] = 00000000 00000000 ... [Oct 14 10:46:18][LOCAL_IP <-> REMOTE_IP] :500 (Responder) <-> REMOTE_IP:500 { 4d43ab5e 5fcb7677 - 4067c2c1 8291aca2 [1] / 0x17c66ede } Info; Received notify err = Payload malformed (16) to isakmp sa, delete it [Oct 14 10:46:18][LOCAL_IP <-> REMOTE_IP] ike_st_i_private: Start [Oct 14 10:46:18][LOCAL_IP <-> REMOTE_IP] ike_state_step: All done, new state = Done (30) [Oct 14 10:46:18][LOCAL_IP <-> REMOTE_IP] ike_process_packet: Connected, sending notify [Oct 14 10:46:18][LOCAL_IP <-> REMOTE_IP] ike_send_notify: Connected, SA = { 4d43ab5e 5fcb7677 - 4067c2c1 8291aca2}, nego = 1 [Oct 14 10:46:18][LOCAL_IP <-> REMOTE_IP] :500 (Responder) <-> REMOTE_IP:500 { 4d43ab5e 5fcb7677 - 4067c2c1 8291aca2 [1] / 0x17c66ede } Info; Connected [Oct 14 10:46:18][LOCAL_IP <-> REMOTE_IP] ike_delete_negotiation: Start, SA = { 4d43ab5e 5fcb7677 - 4067c2c1 8291aca2}, nego = 1 [Oct 14 10:46:18][LOCAL_IP <-> REMOTE_IP] :500 (Responder) <-> REMOTE_IP:500 { 4d43ab5e 5fcb7677 - 4067c2c1 8291aca2 [1] / 0x17c66ede } Info; Deleting negotiation [Oct 14 10:46:18][LOCAL_IP <-> REMOTE_IP] ike_free_negotiation_info: Start, nego = 1 [Oct 14 10:46:18][LOCAL_IP <-> REMOTE_IP] ike_free_negotiation: Start, nego = 1 [Oct 14 10:46:18][LOCAL_IP <-> REMOTE_IP] ike_remove_callback: Start, delete SA = { 4d43ab5e 5fcb7677 - 4067c2c1 8291aca2}, nego = -1 [Oct 14 10:46:18][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { 4d43ab5e 5fcb7677 - 4067c2c1 8291aca2 [-1] / unknown } IP; Removing negotiation [Oct 14 10:46:18][LOCAL_IP <-> REMOTE_IP] ike_delete_negotiation: Start, SA = { 4d43ab5e 5fcb7677 - 4067c2c1 8291aca2}, nego = -1 [Oct 14 10:46:18][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { 4d43ab5e 5fcb7677 - 4067c2c1 8291aca2 [-1] / unknown } IP; Deleting negotiation [Oct 14 10:46:18][LOCAL_IP <-> REMOTE_IP] ssh_ike_tunnel_table_entry_delete: Deleting tunnel_id: 0 from IKE tunnel table [Oct 14 10:46:18][LOCAL_IP <-> REMOTE_IP] ssh_ike_tunnel_table_entry_delete: The tunnel id: 0 doesn't exist in IKE tunnel table [Oct 14 10:46:18][LOCAL_IP <-> REMOTE_IP] ike_sa_delete: Start, SA = { 4d43ab5e 5fcb7677 - 4067c2c1 8291aca2 } [Oct 14 10:46:18][LOCAL_IP <-> REMOTE_IP] ike_free_negotiation_cfg: Start, nego = 0 [Oct 14 10:46:18][LOCAL_IP <-> REMOTE_IP] ike_free_negotiation: Start, nego = 0 [Oct 14 10:46:18][LOCAL_IP <-> REMOTE_IP] ike_free_negotiation_isakmp: Start, nego = -1 [Oct 14 10:46:18][LOCAL_IP <-> REMOTE_IP] ike_free_negotiation: Start, nego = -1 [Oct 14 10:46:18][LOCAL_IP <-> REMOTE_IP] ikev2_fb_isakmp_sa_freed: Received notification from the ISAKMP library that the IKE SA df6400 is freed [Oct 14 10:46:18][LOCAL_IP <-> REMOTE_IP] IKE SA delete called for p1 sa 2593431 (ref cnt 1) local:LOCAL_IP, remote:REMOTE_IP, IKEv1 [Oct 14 10:46:18][LOCAL_IP <-> REMOTE_IP] P1 SA 2593431 stop timer. timer duration 30, reason 0. [Oct 14 10:46:18][LOCAL_IP <-> REMOTE_IP] iked_pm_p1_sa_destroy: p1 sa 2593431 (ref cnt 0), waiting_for_del 0x0 [Oct 14 10:46:18][LOCAL_IP <-> REMOTE_IP] iked_peer_remove_p1sa_entry: Remove p1 sa 2593431 from peer entry 0x9cc400 [Oct 14 10:46:18][LOCAL_IP <-> REMOTE_IP] ike_free_id_payload: Start, id type = 1 [Oct 14 10:46:18][LOCAL_IP <-> REMOTE_IP] ike_free_id_payload: Start, id type = 1 [Oct 14 10:46:18][LOCAL_IP <-> REMOTE_IP] ike_free_sa: Start [Oct 14 10:46:22][LOCAL_IP <-> REMOTE_IP] ike_sa_find: Not found SA = { 4d43ab5e 5fcb7677 - 4067c2c1 8291aca2 } [Oct 14 10:46:22][LOCAL_IP <-> REMOTE_IP] ikev2_packet_v1_start: Passing IKE v1.0 packet to IKEv1 library [Oct 14 10:46:22][LOCAL_IP <-> REMOTE_IP] ike_get_sa: Start, SA = { 4d43ab5e 5fcb7677 - 4067c2c1 8291aca2 } / 41a542a6, remote = REMOTE_IP:500 [Oct 14 10:46:22][LOCAL_IP <-> REMOTE_IP] ike_sa_find: Not found SA = { 4d43ab5e 5fcb7677 - 4067c2c1 8291aca2 } [Oct 14 10:46:22][LOCAL_IP <-> REMOTE_IP] ike_sa_find_half: Not found half SA = { 4d43ab5e 5fcb7677 - 00000000 00000000 } [Oct 14 10:46:22][LOCAL_IP <-> REMOTE_IP] ike_get_sa: Invalid cookie, no sa found, SA = { 4d43ab5e 5fcb7677 - 4067c2c1 8291aca2 } / 41a542a6, remote = REMOTE_IP:500 [Oct 14 10:46:22][LOCAL_IP <-> REMOTE_IP] iked_pv_audit_callback: Empty SSH audit event [Oct 14 10:46:22][LOCAL_IP <-> REMOTE_IP] unknown (unknown) <-> unknown { unknown [unknown] / unknown } unknown; Packet to unknown Isakmp SA, ip = REMOTE_IP:500 [Oct 14 10:46:28][LOCAL_IP <-> REMOTE_IP] Received DPD Trigger message with local_gw_addr = LOCAL_IP remote_gw_addr = REMOTE_IP [Oct 14 10:46:28][LOCAL_IP <-> REMOTE_IP] DPD -> TTL decrement 4 (no-response) for remote peer REMOTE_IP [Oct 14 10:46:28][LOCAL_IP <-> REMOTE_IP] P1 SA 2593432 start timer. timer duration 30, reason 1. [Oct 14 10:46:28][LOCAL_IP <-> REMOTE_IP] iked_peer_insert_p1sa_entry: Insert p1 sa 2593432 in peer entry 0x9cc400 [Oct 14 10:46:28][LOCAL_IP <-> REMOTE_IP] ikev2_fallback_negotiation_alloc: Allocated fallback negotiation dfc800 [Oct 14 10:46:28][LOCAL_IP <-> REMOTE_IP] Parsing notification payload for local:LOCAL_IP, remote:REMOTE_IP IKEv1 [Oct 14 10:46:28][LOCAL_IP <-> REMOTE_IP] IKE SA fill called for negotiation of local:LOCAL_IP, remote:REMOTE_IP IKEv1 [Oct 14 10:46:28][LOCAL_IP <-> REMOTE_IP] ikev2_fallback_negotiation_free: Fallback negotiation dfc800 has still 1 references [Oct 14 10:46:28][LOCAL_IP <-> REMOTE_IP] ssh_ike_connect: Start, remote_name = REMOTE_IP:500, xchg = 2, flags = 00080000 [Oct 14 10:46:28][LOCAL_IP <-> REMOTE_IP] ike_sa_allocate: Start, SA = { 466d144a de3597e6 - 00000000 00000000 } [Oct 14 10:46:28][LOCAL_IP <-> REMOTE_IP] ike_init_isakmp_sa: Start, remote = REMOTE_IP:500, initiator = 1 [Oct 14 10:46:28][LOCAL_IP <-> REMOTE_IP] ssh_ike_connect: SA = { 466d144a de3597e6 - 00000000 00000000}, nego = -1 [Oct 14 10:46:28][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { 466d144a de3597e6 - 00000000 00000000 [-1] / 0x00000000 } IP; Start isakmp sa negotiation [Oct 14 10:46:28][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { 466d144a de3597e6 - 00000000 00000000 [-1] / 0x00000000 } IP; Version = 1.0, Input packet fields = 0000 [Oct 14 10:46:28][LOCAL_IP <-> REMOTE_IP] ike_state_step: Current state = Start sa negotiation I (1)/-1, exchange = 2, auth_method = pre shared key, Initiator [Oct 14 10:46:28][LOCAL_IP <-> REMOTE_IP] ike_st_o_sa_proposal: Start [Oct 14 10:46:28][LOCAL_IP <-> REMOTE_IP] ike_policy_reply_isakmp_vendor_ids: Start [Oct 14 10:46:28][LOCAL_IP <-> REMOTE_IP] ike_st_o_private: Start [Oct 14 10:46:28][LOCAL_IP <-> REMOTE_IP] ike_policy_reply_private_payload_out: Start [Oct 14 10:46:28][LOCAL_IP <-> REMOTE_IP] ike_state_step: All done, new state = MM SA I (3) [Oct 14 10:46:28][LOCAL_IP <-> REMOTE_IP] ike_encode_packet: Start, SA = { 0x466d144a de3597e6 - 00000000 00000000 } / 00000000, nego = -1 [Oct 14 10:46:28][LOCAL_IP <-> REMOTE_IP] ike_encode_packet: Final length = 288 [Oct 14 10:46:28][LOCAL_IP <-> REMOTE_IP] ike_send_packet: Start, send SA = { 466d144a de3597e6 - 00000000 00000000}, nego = -1, dst = REMOTE_IP:500, routing table id = 0 [Oct 14 10:46:28][LOCAL_IP <-> REMOTE_IP] ike_sa_find: Not found SA = { 466d144a de3597e6 - 7678da08 41db7ffe } [Oct 14 10:46:28][LOCAL_IP <-> REMOTE_IP] ikev2_packet_v1_start: Passing IKE v1.0 packet to IKEv1 library [Oct 14 10:46:28][LOCAL_IP <-> REMOTE_IP] ike_get_sa: Start, SA = { 466d144a de3597e6 - 7678da08 41db7ffe } / 00000000, remote = REMOTE_IP:500 [Oct 14 10:46:28][LOCAL_IP <-> REMOTE_IP] ike_sa_find: Not found SA = { 466d144a de3597e6 - 7678da08 41db7ffe } [Oct 14 10:46:28][LOCAL_IP <-> REMOTE_IP] ike_sa_find_half: Found half SA = { 466d144a de3597e6 - 00000000 00000000 } [Oct 14 10:46:28][LOCAL_IP <-> REMOTE_IP] ike_get_sa: We are intiator, first response packet [Oct 14 10:46:28][LOCAL_IP <-> REMOTE_IP] ike_sa_upgrade: Start, SA = { 466d144a de3597e6 - 00000000 00000000 } -> { ... - 7678da08 41db7ffe } [Oct 14 10:46:28][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { 466d144a de3597e6 - 7678da08 41db7ffe [-1] / 0x00000000 } IP; Packet to old negotiation [Oct 14 10:46:28][LOCAL_IP <-> REMOTE_IP] ike_decode_packet: Start [Oct 14 10:46:28][LOCAL_IP <-> REMOTE_IP] ike_decode_packet: Start, SA = { 466d144a de3597e6 - 7678da08 41db7ffe} / 00000000, nego = -1 [Oct 14 10:46:28][LOCAL_IP <-> REMOTE_IP] ike_decode_payload_sa: Start [Oct 14 10:46:28][LOCAL_IP <-> REMOTE_IP] ike_decode_payload_sa: Found 1 proposals [Oct 14 10:46:28][LOCAL_IP <-> REMOTE_IP] ike_decode_payload_t: Start, # trans = 1 [Oct 14 10:46:28][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { 466d144a de3597e6 - 7678da08 41db7ffe [-1] / 0x00000000 } IP; Version = 1.0, Input packet fields = 0401 SA VID [Oct 14 10:46:28][LOCAL_IP <-> REMOTE_IP] ike_state_step: Current state = MM SA I (3)/-1, exchange = 2, auth_method = pre shared key, Initiator [Oct 14 10:46:28][LOCAL_IP <-> REMOTE_IP] ike_st_i_sa_value: Start [Oct 14 10:46:28][LOCAL_IP <-> REMOTE_IP] ike_st_i_cr: Start [Oct 14 10:46:28][LOCAL_IP <-> REMOTE_IP] ike_st_i_cert: Start [Oct 14 10:46:28][LOCAL_IP <-> REMOTE_IP] ike_st_i_vid: VID[0..8] = 09002689 dfd6b712 ... [Oct 14 10:46:28][LOCAL_IP <-> REMOTE_IP] ike_st_i_vid: VID[0..16] = afcad713 68a1f1c9 ... [Oct 14 10:46:28][LOCAL_IP <-> REMOTE_IP] ike_st_i_vid: VID[0..16] = 12f5f28c 457168a9 ... [Oct 14 10:46:28][LOCAL_IP <-> REMOTE_IP] ike_st_i_vid: VID[0..16] = 4a131c81 07035845 ... [Oct 14 10:46:28][LOCAL_IP <-> REMOTE_IP] ike_st_i_private: Start [Oct 14 10:46:28][LOCAL_IP <-> REMOTE_IP] ike_st_o_ke: Start [Oct 14 10:46:28][LOCAL_IP <-> REMOTE_IP] iked_dh_get_group: DH Group 2 [Oct 14 10:46:28][LOCAL_IP <-> REMOTE_IP] iked_dh_generate_sync: Requested DH group 2 [Oct 14 10:46:28][LOCAL_IP <-> REMOTE_IP] iked_dh_generate_sync: Generated DH keys using hardware for DH group 2 [Oct 14 10:46:28][LOCAL_IP <-> REMOTE_IP] juniper_dlp_diffie_hellman_generate_async: DH Generate Secs [0] USecs [6016] [Oct 14 10:46:28][LOCAL_IP <-> REMOTE_IP] juniper_dlp_diffie_hellman_generate_async: Generated DH using hardware [Oct 14 10:46:28][LOCAL_IP <-> REMOTE_IP] ike_st_o_nonce: Start [Oct 14 10:46:28][LOCAL_IP <-> REMOTE_IP] ike_policy_reply_isakmp_nonce_data_len: Start [Oct 14 10:46:28][LOCAL_IP <-> REMOTE_IP] ike_st_o_private: Start [Oct 14 10:46:28][LOCAL_IP <-> REMOTE_IP] ike_policy_reply_private_payload_out: Start [Oct 14 10:46:28][LOCAL_IP <-> REMOTE_IP] ike_policy_reply_private_payload_out: Start [Oct 14 10:46:28][LOCAL_IP <-> REMOTE_IP] ike_policy_reply_private_payload_out: Start [Oct 14 10:46:28][LOCAL_IP <-> REMOTE_IP] ike_state_step: All done, new state = MM KE I (5) [Oct 14 10:46:28][LOCAL_IP <-> REMOTE_IP] ike_encode_packet: Start, SA = { 0x466d144a de3597e6 - 7678da08 41db7ffe } / 00000000, nego = -1 [Oct 14 10:46:28][LOCAL_IP <-> REMOTE_IP] ike_encode_packet: Final length = 228 [Oct 14 10:46:28][LOCAL_IP <-> REMOTE_IP] ike_send_packet: Start, send SA = { 466d144a de3597e6 - 7678da08 41db7ffe}, nego = -1, dst = REMOTE_IP:500, routing table id = 0 [Oct 14 10:46:28][LOCAL_IP <-> REMOTE_IP] ike_sa_find: Found SA = { 466d144a de3597e6 - 7678da08 41db7ffe } [Oct 14 10:46:28][LOCAL_IP <-> REMOTE_IP] ikev2_packet_v1_start: Passing IKE v1.0 packet to IKEv1 library [Oct 14 10:46:28][LOCAL_IP <-> REMOTE_IP] ike_get_sa: Start, SA = { 466d144a de3597e6 - 7678da08 41db7ffe } / 00000000, remote = REMOTE_IP:500 [Oct 14 10:46:28][LOCAL_IP <-> REMOTE_IP] ike_sa_find: Found SA = { 466d144a de3597e6 - 7678da08 41db7ffe } [Oct 14 10:46:28][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { 466d144a de3597e6 - 7678da08 41db7ffe [-1] / 0x00000000 } IP; Packet to old negotiation [Oct 14 10:46:28][LOCAL_IP <-> REMOTE_IP] ike_decode_packet: Start [Oct 14 10:46:28][LOCAL_IP <-> REMOTE_IP] ike_decode_packet: Start, SA = { 466d144a de3597e6 - 7678da08 41db7ffe} / 00000000, nego = -1 [Oct 14 10:46:28][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { 466d144a de3597e6 - 7678da08 41db7ffe [-1] / 0x00000000 } IP; Version = 1.0, Input packet fields = 0012 KE NONCE [Oct 14 10:46:28][LOCAL_IP <-> REMOTE_IP] ike_state_step: Current state = MM KE I (5)/-1, exchange = 2, auth_method = pre shared key, Initiator [Oct 14 10:46:28][LOCAL_IP <-> REMOTE_IP] ike_st_i_nonce: Start, nonce[0..32] = 2d8d957c a2ed4f52 ... [Oct 14 10:46:28][LOCAL_IP <-> REMOTE_IP] ike_st_i_ke: Ke[0..128] = 97e95d59 94cb3671 ... [Oct 14 10:46:28][LOCAL_IP <-> REMOTE_IP] ike_st_i_cr: Start [Oct 14 10:46:28][LOCAL_IP <-> REMOTE_IP] ike_st_i_cert: Start [Oct 14 10:46:28][LOCAL_IP <-> REMOTE_IP] ike_st_i_private: Start [Oct 14 10:46:28][LOCAL_IP <-> REMOTE_IP] ike_st_o_id: Start [Oct 14 10:46:28][LOCAL_IP <-> REMOTE_IP] ike_st_o_hash: Start [Oct 14 10:46:28][LOCAL_IP <-> REMOTE_IP] iked_dh_get_group: DH Group 2 [Oct 14 10:46:28][LOCAL_IP <-> REMOTE_IP] iked_dh_compute_synch: Requested DH group 2 [Oct 14 10:46:28][LOCAL_IP <-> REMOTE_IP] juniper_dlp_diffie_hellman_final_async: DH Compute Secs [0] USecs [5495] [Oct 14 10:46:28][LOCAL_IP <-> REMOTE_IP] juniper_dlp_diffie_hellman_final_async: Computed DH using hardware [Oct 14 10:46:28][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { 466d144a de3597e6 - 7678da08 41db7ffe [-1] / 0x00000000 } IP; Diffie-hellman secret g^xy[128] = 0x8aac0313 7405a4b4 cf928c2f 98a5ce81 5b [Oct 14 10:46:28][LOCAL_IP <-> REMOTE_IP] ike_find_pre_shared_key: Find pre shared key key for LOCAL_IP:500, id = ipv4(any:0,[0..3]=LOCAL_IP) -> REMOTE_IP:500, id = No Id [Oct 14 10:46:28][LOCAL_IP <-> REMOTE_IP] ike_policy_reply_find_pre_shared_key: Start [Oct 14 10:46:28][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { 466d144a de3597e6 - 7678da08 41db7ffe [-1] / 0x00000000 } IP; Hash algorithm = hmac-sha1 [Oct 14 10:46:28][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { 466d144a de3597e6 - 7678da08 41db7ffe [-1] / 0x00000000 } IP; Prf key[11] = 0x32303135 4d696172 657465 [Oct 14 10:46:28][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { 466d144a de3597e6 - 7678da08 41db7ffe [-1] / 0x00000000 } IP; Calculating SKEYID [Oct 14 10:46:28][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { 466d144a de3597e6 - 7678da08 41db7ffe [-1] / 0x00000000 } IP; Output of SKEYID hash[20] = 0xeb89707b 032b636b cc075f92 96a4c277 d7b2335b [Oct 14 10:46:28][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { 466d144a de3597e6 - 7678da08 41db7ffe [-1] / 0x00000000 } IP; Output of SKEYID_d hash[20] = 0xfc407929 bf00253e 463f7ff0 bd429a44 5f1eaa [Oct 14 10:46:28][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { 466d144a de3597e6 - 7678da08 41db7ffe [-1] / 0x00000000 } IP; Output of SKEYID_a hash[20] = 0xf9ba72cf cd7b4f21 770116c4 b48326c7 c8e6fe [Oct 14 10:46:28][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { 466d144a de3597e6 - 7678da08 41db7ffe [-1] / 0x00000000 } IP; Output SKEYID_e hash[20] = 0xd1c850e3 aa6b77f2 f32af7b3 2c12b8f1 bbe0ba62 [Oct 14 10:46:28][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { 466d144a de3597e6 - 7678da08 41db7ffe [-1] / 0x00000000 } IP; Final encryption key[16] = 0xd1c850e3 aa6b77f2 f32af7b3 2c12b8f1 [Oct 14 10:46:28][LOCAL_IP <-> REMOTE_IP] ike_calc_mac: Start, initiator = true, local = true [Oct 14 10:46:28][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { 466d144a de3597e6 - 7678da08 41db7ffe [-1] / 0x00000000 } IP; Output of HASH_I hash[20] = 0x139624a0 ae3d6b7a cbd01970 cc769954 d2581246 [Oct 14 10:46:28][LOCAL_IP <-> REMOTE_IP] ike_st_o_status_n: Start [Oct 14 10:46:28][LOCAL_IP <-> REMOTE_IP] ike_st_o_private: Start [Oct 14 10:46:28][LOCAL_IP <-> REMOTE_IP] ike_policy_reply_private_payload_out: Start [Oct 14 10:46:28][LOCAL_IP <-> REMOTE_IP] ike_st_o_encrypt: Marking encryption for packet [Oct 14 10:46:28][LOCAL_IP <-> REMOTE_IP] ike_state_step: All done, new state = MM final I (7) [Oct 14 10:46:28][LOCAL_IP <-> REMOTE_IP] ike_encode_packet: Start, SA = { 0x466d144a de3597e6 - 7678da08 41db7ffe } / 00000000, nego = -1 [Oct 14 10:46:28][LOCAL_IP <-> REMOTE_IP] ike_encode_packet: Encrypting packet [Oct 14 10:46:28][LOCAL_IP <-> REMOTE_IP] ike_encode_packet: Final length = 76 [Oct 14 10:46:28][LOCAL_IP <-> REMOTE_IP] ike_send_packet: Start, send SA = { 466d144a de3597e6 - 7678da08 41db7ffe}, nego = -1, dst = REMOTE_IP:500, routing table id = 0 [Oct 14 10:46:28][LOCAL_IP <-> REMOTE_IP] ike_sa_find: Found SA = { 466d144a de3597e6 - 7678da08 41db7ffe } [Oct 14 10:46:28][LOCAL_IP <-> REMOTE_IP] ikev2_packet_v1_start: Passing IKE v1.0 packet to IKEv1 library [Oct 14 10:46:28][LOCAL_IP <-> REMOTE_IP] ike_get_sa: Start, SA = { 466d144a de3597e6 - 7678da08 41db7ffe } / 00000000, remote = REMOTE_IP:500 [Oct 14 10:46:28][LOCAL_IP <-> REMOTE_IP] ike_sa_find: Found SA = { 466d144a de3597e6 - 7678da08 41db7ffe } [Oct 14 10:46:28][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { 466d144a de3597e6 - 7678da08 41db7ffe [-1] / 0x00000000 } IP; Packet to old negotiation [Oct 14 10:46:28][LOCAL_IP <-> REMOTE_IP] ike_decode_packet: Start [Oct 14 10:46:28][LOCAL_IP <-> REMOTE_IP] ike_decode_packet: Start, SA = { 466d144a de3597e6 - 7678da08 41db7ffe} / 00000000, nego = -1 [Oct 14 10:46:28][LOCAL_IP <-> REMOTE_IP] ike_decode_packet: Decrypting packet [Oct 14 10:46:28][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { 466d144a de3597e6 - 7678da08 41db7ffe [-1] / 0x00000000 } IP; Version = 1.0, Input packet fields = 0024 ID HASH [Oct 14 10:46:28][LOCAL_IP <-> REMOTE_IP] ike_state_step: Current state = MM final I (7)/-1, exchange = 2, auth_method = pre shared key, Initiator [Oct 14 10:46:28][LOCAL_IP <-> REMOTE_IP] ike_st_i_encrypt: Check that packet was encrypted succeeded [Oct 14 10:46:28][LOCAL_IP <-> REMOTE_IP] ike_st_i_id: Start [Oct 14 10:46:28][LOCAL_IP <-> REMOTE_IP] ike_st_i_hash: Start, hash[0..20] = bbc09cb8 3b576435 ... [Oct 14 10:46:28][LOCAL_IP <-> REMOTE_IP] ike_calc_mac: Start, initiator = true, local = false [Oct 14 10:46:28][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { 466d144a de3597e6 - 7678da08 41db7ffe [-1] / 0x00000000 } IP; Output of HASH_R hash[20] = 0xbbc09cb8 3b576435 8faad0ac eb0cab4c da647435 [Oct 14 10:46:28][LOCAL_IP <-> REMOTE_IP] ike_st_i_cert: Start [Oct 14 10:46:28][LOCAL_IP <-> REMOTE_IP] ike_st_i_private: Start [Oct 14 10:46:28][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { 466d144a de3597e6 - 7678da08 41db7ffe [-1] / 0x00000000 } IP; dec->enc iv[16] = 0xef9bd8f7 06dc4b15 4ba42411 ef3e6cce [Oct 14 10:46:28][LOCAL_IP <-> REMOTE_IP] ike_st_o_wait_done: Marking for waiting for done [Oct 14 10:46:28][LOCAL_IP <-> REMOTE_IP] ike_st_o_all_done: MESSAGE: Phase 1 { 0x466d144a de3597e6 - 0x7678da08 41db7ffe } / 00000000, version = 1.0, xchg = Identity protect, auth_method = Pre shared keys, Initiator, cipher = aes- [Oct 14 10:46:28][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { 466d144a de3597e6 - 7678da08 41db7ffe [-1] / 0x00000000 } IP; MESSAGE: Phase 1 version = 1.0, auth_method = Pre shared keys, cipher = ae [Oct 14 10:46:28][LOCAL_IP <-> REMOTE_IP] ike_state_step: All done, new state = MM done I (9) [Oct 14 10:46:28][LOCAL_IP <-> REMOTE_IP] ikev2_fallback_negotiation_free: Fallback negotiation dfc800 has still 1 references [Oct 14 10:46:28][LOCAL_IP <-> REMOTE_IP] ike_send_notify: Connected, SA = { 466d144a de3597e6 - 7678da08 41db7ffe}, nego = -1 [Oct 14 10:46:28][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { 466d144a de3597e6 - 7678da08 41db7ffe [-1] / 0x00000000 } IP; Connected [Oct 14 10:46:28][LOCAL_IP <-> REMOTE_IP] ike_process_packet: No output packet, returning [Oct 14 10:46:28][LOCAL_IP <-> REMOTE_IP] iked_pm_ike_sa_done: local:LOCAL_IP, remote:REMOTE_IP IKEv1 [Oct 14 10:46:28][LOCAL_IP <-> REMOTE_IP] IKE negotiation done for local:LOCAL_IP, remote:REMOTE_IP IKEv1 with status: Error ok [Oct 14 10:46:28][LOCAL_IP <-> REMOTE_IP] Parsing notification payload for local:LOCAL_IP, remote:REMOTE_IP IKEv1 [Oct 14 10:46:28][LOCAL_IP <-> REMOTE_IP] P1 SA 2593432 stop timer. timer duration 30, reason 1. [Oct 14 10:46:28][LOCAL_IP <-> REMOTE_IP] ssh_ike_connect_notify: Start, remote_name = :500, flags = 00010000 [Oct 14 10:46:28][LOCAL_IP <-> REMOTE_IP] ike_sa_find_ip_port: Remote = all:500, Found SA = { 466d144a de3597e6 - 7678da08 41db7ffe} [Oct 14 10:46:28][LOCAL_IP <-> REMOTE_IP] ike_alloc_negotiation: Start, SA = { 466d144a de3597e6 - 7678da08 41db7ffe} [Oct 14 10:46:28][LOCAL_IP <-> REMOTE_IP] ike_alloc_negotiation: Found slot 0, max 1 [Oct 14 10:46:28][LOCAL_IP <-> REMOTE_IP] :500 (Initiator) <-> REMOTE_IP:500 { 466d144a de3597e6 - 7678da08 41db7ffe [0] / 0x02735835 } Info; Output of phase 2 IV hash[16] = 0xa66cb108 2ce0e71b f76bf74c 217fa2da [Oct 14 10:46:28][LOCAL_IP <-> REMOTE_IP] ike_init_info_exchange: Created random message id = 02735835 [Oct 14 10:46:28][LOCAL_IP <-> REMOTE_IP] ike_init_info_exchange: Phase 1 done, use HASH and N or D payload [Oct 14 10:46:28][LOCAL_IP <-> REMOTE_IP] ssh_ike_connect_notify: SA = { 466d144a de3597e6 - 7678da08 41db7ffe}, nego = 0 [Oct 14 10:46:28][LOCAL_IP <-> REMOTE_IP] :500 (Initiator) <-> REMOTE_IP:500 { 466d144a de3597e6 - 7678da08 41db7ffe [0] / 0x02735835 } Info; Start notify negotiation [Oct 14 10:46:28][LOCAL_IP <-> REMOTE_IP] ike_encode_packet: Start, SA = { 0x466d144a de3597e6 - 7678da08 41db7ffe } / 02735835, nego = 0 [Oct 14 10:46:28][LOCAL_IP <-> REMOTE_IP] ike_encode_packet: Encrypting packet [Oct 14 10:46:28][LOCAL_IP <-> REMOTE_IP] ike_encode_packet: Final length = 92 [Oct 14 10:46:28][LOCAL_IP <-> REMOTE_IP] ssh_ike_connect_notify: Sending notification to (null):500 [Oct 14 10:46:28][LOCAL_IP <-> REMOTE_IP] ike_send_packet: Start, send SA = { 466d144a de3597e6 - 7678da08 41db7ffe}, nego = 0, dst = REMOTE_IP:500, routing table id = 0 [Oct 14 10:46:28][LOCAL_IP <-> REMOTE_IP] ike_delete_negotiation: Start, SA = { 466d144a de3597e6 - 7678da08 41db7ffe}, nego = 0 [Oct 14 10:46:28][LOCAL_IP <-> REMOTE_IP] :500 (Initiator) <-> REMOTE_IP:500 { 466d144a de3597e6 - 7678da08 41db7ffe [0] / 0x02735835 } Info; Deleting negotiation [Oct 14 10:46:28][LOCAL_IP <-> REMOTE_IP] ike_free_negotiation_info: Start, nego = 0 [Oct 14 10:46:28][LOCAL_IP <-> REMOTE_IP] ike_free_negotiation: Start, nego = 0 [Oct 14 10:46:28][LOCAL_IP <-> REMOTE_IP] iked_pm_ike_info_done_callback: P1 SA 2593432 (ref 2). pending req? 0, status: Error ok [Oct 14 10:46:28][LOCAL_IP <-> REMOTE_IP] ikev2_fallback_negotiation_free: Freeing fallback negotiation dfc800 [Oct 14 10:46:28][LOCAL_IP <-> REMOTE_IP] ike_sa_find: Found SA = { 466d144a de3597e6 - 7678da08 41db7ffe } [Oct 14 10:46:28][LOCAL_IP <-> REMOTE_IP] ikev2_packet_v1_start: Passing IKE v1.0 packet to IKEv1 library [Oct 14 10:46:28][LOCAL_IP <-> REMOTE_IP] ike_get_sa: Start, SA = { 466d144a de3597e6 - 7678da08 41db7ffe } / 90ef0766, remote = REMOTE_IP:500 [Oct 14 10:46:28][LOCAL_IP <-> REMOTE_IP] ike_sa_find: Found SA = { 466d144a de3597e6 - 7678da08 41db7ffe } [Oct 14 10:46:28][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { 466d144a de3597e6 - 7678da08 41db7ffe [-1] / 0x00000000 } IP; Version = 1.0, Input packet fields = 0024 ID HASH [Oct 14 10:46:28][LOCAL_IP <-> REMOTE_IP] ike_state_step: Current state = MM done I (9)/-1, exchange = 2, auth_method = pre shared key, Initiator [Oct 14 10:46:28][LOCAL_IP <-> REMOTE_IP] ike_st_o_done: ISAKMP SA negotiation done [Oct 14 10:46:28][LOCAL_IP <-> REMOTE_IP] ike_state_step: All done, new state = Done (30) [Oct 14 10:46:28][LOCAL_IP <-> REMOTE_IP] ike_udp_callback_common: Connected, sending notify [Oct 14 10:46:28][LOCAL_IP <-> REMOTE_IP] ike_send_notify: Connected, SA = { 466d144a de3597e6 - 7678da08 41db7ffe}, nego = -1 [Oct 14 10:46:28][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { 466d144a de3597e6 - 7678da08 41db7ffe [-1] / 0x00000000 } IP; Connected [Oct 14 10:46:28][LOCAL_IP <-> REMOTE_IP] ike_free_negotiation_isakmp: Start, nego = -1 [Oct 14 10:46:28][LOCAL_IP <-> REMOTE_IP] ike_free_negotiation: Start, nego = -1 [Oct 14 10:46:28][LOCAL_IP <-> REMOTE_IP] ike_alloc_negotiation: Start, SA = { 466d144a de3597e6 - 7678da08 41db7ffe} [Oct 14 10:46:28][LOCAL_IP <-> REMOTE_IP] ike_alloc_negotiation: Found slot 0, max 1 [Oct 14 10:46:28][LOCAL_IP <-> REMOTE_IP] ike_init_cfg_negotiation: Start, initiator = 0, message_id = 90ef0766 [Oct 14 10:46:28][LOCAL_IP <-> REMOTE_IP] :500 (Responder) <-> REMOTE_IP:500 { 466d144a de3597e6 - 7678da08 41db7ffe [0] / 0x90ef0766 } CFG; New negotiation [Oct 14 10:46:28][LOCAL_IP <-> REMOTE_IP] ikev2_fallback_negotiation_alloc: Allocated fallback negotiation dfc800 [Oct 14 10:46:28][LOCAL_IP <-> REMOTE_IP] ikev2_fb_alloc_cfgmode_negotiation: Accepting new Cfg/XAuth negotiation: local=:500, remote=REMOTE_IP:500 [Oct 14 10:46:28][LOCAL_IP <-> REMOTE_IP] :500 (Responder) <-> REMOTE_IP:500 { 466d144a de3597e6 - 7678da08 41db7ffe [0] / 0x90ef0766 } CFG; Output of phase 2 IV hash[16] = 0x018a9b37 ea68ad65 cc773a57 9babea88 [Oct 14 10:46:28][LOCAL_IP <-> REMOTE_IP] ike_decode_packet: Start [Oct 14 10:46:28][LOCAL_IP <-> REMOTE_IP] ike_decode_packet: Start, SA = { 466d144a de3597e6 - 7678da08 41db7ffe} / 90ef0766, nego = 0 [Oct 14 10:46:28][LOCAL_IP <-> REMOTE_IP] ike_decode_packet: Decrypting packet [Oct 14 10:46:28][LOCAL_IP <-> REMOTE_IP] ike_decode_payload_attr: Start [Oct 14 10:46:28][LOCAL_IP <-> REMOTE_IP] :500 (Responder) <-> REMOTE_IP:500 { 466d144a de3597e6 - 7678da08 41db7ffe [0] / 0x90ef0766 } CFG; Version = 1.0, Input packet fields = 0820 HASH ATTR [Oct 14 10:46:28][LOCAL_IP <-> REMOTE_IP] ike_state_step: Current state = Start CFG R (26)/-1, exchange = 6, auth_method = any, Responder [Oct 14 10:46:28][LOCAL_IP <-> REMOTE_IP] ike_st_i_encrypt: Check that packet was encrypted succeeded [Oct 14 10:46:28][LOCAL_IP <-> REMOTE_IP] ike_st_i_gen_hash: Start, hash[0..20] = d8dad97c e0158747 ... [Oct 14 10:46:28][LOCAL_IP <-> REMOTE_IP] ike_st_i_cfg_attr: Start [Oct 14 10:46:28][LOCAL_IP <-> REMOTE_IP] ike_process_packet: No output packet, returning [Oct 14 10:46:28][LOCAL_IP <-> REMOTE_IP] ike_cfg_attrs_reply: Start [Oct 14 10:46:28][LOCAL_IP <-> REMOTE_IP] ikev2_fallback_negotiation_free: Fallback negotiation dfc800 has still 2 references [Oct 14 10:46:28][LOCAL_IP <-> REMOTE_IP] ikev2_fallback_negotiation_free: Fallback negotiation dfc800 has still 1 references [Oct 14 10:46:28][LOCAL_IP <-> REMOTE_IP] ikev2_fallback_negotiation_free: Freeing fallback negotiation dfc800 [Oct 14 10:46:28][LOCAL_IP <-> REMOTE_IP] ike_sa_find: Found SA = { 466d144a de3597e6 - 7678da08 41db7ffe } [Oct 14 10:46:28][LOCAL_IP <-> REMOTE_IP] ikev2_packet_v1_start: Passing IKE v1.0 packet to IKEv1 library [Oct 14 10:46:28][LOCAL_IP <-> REMOTE_IP] ike_get_sa: Start, SA = { 466d144a de3597e6 - 7678da08 41db7ffe } / 886c6b16, remote = REMOTE_IP:500 [Oct 14 10:46:28][LOCAL_IP <-> REMOTE_IP] ike_sa_find: Found SA = { 466d144a de3597e6 - 7678da08 41db7ffe } [Oct 14 10:46:28][LOCAL_IP <-> REMOTE_IP] ike_alloc_negotiation: Start, SA = { 466d144a de3597e6 - 7678da08 41db7ffe} [Oct 14 10:46:28][LOCAL_IP <-> REMOTE_IP] ike_alloc_negotiation: Found slot 1, max 2 [Oct 14 10:46:28][LOCAL_IP <-> REMOTE_IP] :500 (Responder) <-> REMOTE_IP:500 { 466d144a de3597e6 - 7678da08 41db7ffe [1] / 0x886c6b16 } Info; New informational negotiation [Oct 14 10:46:28][LOCAL_IP <-> REMOTE_IP] :500 (Responder) <-> REMOTE_IP:500 { 466d144a de3597e6 - 7678da08 41db7ffe [1] / 0x886c6b16 } Info; Packet to old negotiation [Oct 14 10:46:28][LOCAL_IP <-> REMOTE_IP] :500 (Responder) <-> REMOTE_IP:500 { 466d144a de3597e6 - 7678da08 41db7ffe [1] / 0x886c6b16 } Info; Output of phase 2 IV hash[16] = 0x1032b89d ef2f0e6b c32e54e4 35fd7f32 [Oct 14 10:46:28][LOCAL_IP <-> REMOTE_IP] ike_decode_packet: Start [Oct 14 10:46:28][LOCAL_IP <-> REMOTE_IP] ike_decode_packet: Start, SA = { 466d144a de3597e6 - 7678da08 41db7ffe} / 886c6b16, nego = 1 [Oct 14 10:46:28][LOCAL_IP <-> REMOTE_IP] ike_decode_packet: Decrypting packet [Oct 14 10:46:28][LOCAL_IP <-> REMOTE_IP] :500 (Responder) <-> REMOTE_IP:500 { 466d144a de3597e6 - 7678da08 41db7ffe [1] / 0x886c6b16 } Info; Version = 1.0, Input packet fields = 0220 HASH N [Oct 14 10:46:28][LOCAL_IP <-> REMOTE_IP] ike_state_step: Current state = Done (30)/-1, exchange = 5, auth_method = any, Responder [Oct 14 10:46:28][LOCAL_IP <-> REMOTE_IP] ike_st_i_encrypt: Check that packet was encrypted succeeded [Oct 14 10:46:28][LOCAL_IP <-> REMOTE_IP] ike_st_i_gen_hash: Start, hash[0..20] = 72877103 f53aa02e ... [Oct 14 10:46:28][LOCAL_IP <-> REMOTE_IP] ike_st_i_n: Start, doi = 1, protocol = 1, code = Payload malformed (16), spi[0..0] = 00000000 00000000 ..., data[0..0] = 00000000 00000000 ... [Oct 14 10:46:28][LOCAL_IP <-> REMOTE_IP] :500 (Responder) <-> REMOTE_IP:500 { 466d144a de3597e6 - 7678da08 41db7ffe [1] / 0x886c6b16 } Info; Received notify err = Payload malformed (16) to isakmp sa, delete it [Oct 14 10:46:28][LOCAL_IP <-> REMOTE_IP] ike_st_i_private: Start [Oct 14 10:46:28][LOCAL_IP <-> REMOTE_IP] ike_state_step: All done, new state = Done (30) [Oct 14 10:46:28][LOCAL_IP <-> REMOTE_IP] ike_process_packet: Connected, sending notify [Oct 14 10:46:28][LOCAL_IP <-> REMOTE_IP] ike_send_notify: Connected, SA = { 466d144a de3597e6 - 7678da08 41db7ffe}, nego = 1 [Oct 14 10:46:28][LOCAL_IP <-> REMOTE_IP] :500 (Responder) <-> REMOTE_IP:500 { 466d144a de3597e6 - 7678da08 41db7ffe [1] / 0x886c6b16 } Info; Connected [Oct 14 10:46:28][LOCAL_IP <-> REMOTE_IP] ike_delete_negotiation: Start, SA = { 466d144a de3597e6 - 7678da08 41db7ffe}, nego = 1 [Oct 14 10:46:28][LOCAL_IP <-> REMOTE_IP] :500 (Responder) <-> REMOTE_IP:500 { 466d144a de3597e6 - 7678da08 41db7ffe [1] / 0x886c6b16 } Info; Deleting negotiation [Oct 14 10:46:28][LOCAL_IP <-> REMOTE_IP] ike_free_negotiation_info: Start, nego = 1 [Oct 14 10:46:28][LOCAL_IP <-> REMOTE_IP] ike_free_negotiation: Start, nego = 1 [Oct 14 10:46:28][LOCAL_IP <-> REMOTE_IP] ike_remove_callback: Start, delete SA = { 466d144a de3597e6 - 7678da08 41db7ffe}, nego = -1 [Oct 14 10:46:28][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { 466d144a de3597e6 - 7678da08 41db7ffe [-1] / unknown } IP; Removing negotiation [Oct 14 10:46:28][LOCAL_IP <-> REMOTE_IP] ike_delete_negotiation: Start, SA = { 466d144a de3597e6 - 7678da08 41db7ffe}, nego = -1 [Oct 14 10:46:28][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { 466d144a de3597e6 - 7678da08 41db7ffe [-1] / unknown } IP; Deleting negotiation [Oct 14 10:46:28][LOCAL_IP <-> REMOTE_IP] ssh_ike_tunnel_table_entry_delete: Deleting tunnel_id: 0 from IKE tunnel table [Oct 14 10:46:28][LOCAL_IP <-> REMOTE_IP] ssh_ike_tunnel_table_entry_delete: The tunnel id: 0 doesn't exist in IKE tunnel table [Oct 14 10:46:28][LOCAL_IP <-> REMOTE_IP] ike_sa_delete: Start, SA = { 466d144a de3597e6 - 7678da08 41db7ffe } [Oct 14 10:46:28][LOCAL_IP <-> REMOTE_IP] ike_free_negotiation_cfg: Start, nego = 0 [Oct 14 10:46:28][LOCAL_IP <-> REMOTE_IP] ike_free_negotiation: Start, nego = 0 [Oct 14 10:46:28][LOCAL_IP <-> REMOTE_IP] ike_free_negotiation_isakmp: Start, nego = -1 [Oct 14 10:46:28][LOCAL_IP <-> REMOTE_IP] ike_free_negotiation: Start, nego = -1 [Oct 14 10:46:28][LOCAL_IP <-> REMOTE_IP] ikev2_fb_isakmp_sa_freed: Received notification from the ISAKMP library that the IKE SA df6400 is freed [Oct 14 10:46:28][LOCAL_IP <-> REMOTE_IP] IKE SA delete called for p1 sa 2593432 (ref cnt 1) local:LOCAL_IP, remote:REMOTE_IP, IKEv1 [Oct 14 10:46:28][LOCAL_IP <-> REMOTE_IP] P1 SA 2593432 stop timer. timer duration 30, reason 0. [Oct 14 10:46:28][LOCAL_IP <-> REMOTE_IP] iked_pm_p1_sa_destroy: p1 sa 2593432 (ref cnt 0), waiting_for_del 0x0 [Oct 14 10:46:28][LOCAL_IP <-> REMOTE_IP] iked_peer_remove_p1sa_entry: Remove p1 sa 2593432 from peer entry 0x9cc400 [Oct 14 10:46:28][LOCAL_IP <-> REMOTE_IP] ike_free_id_payload: Start, id type = 1 [Oct 14 10:46:28][LOCAL_IP <-> REMOTE_IP] ike_free_id_payload: Start, id type = 1 [Oct 14 10:46:28][LOCAL_IP <-> REMOTE_IP] ike_free_sa: Start [Oct 14 10:46:32][LOCAL_IP <-> REMOTE_IP] ike_sa_find: Not found SA = { 466d144a de3597e6 - 7678da08 41db7ffe } [Oct 14 10:46:32][LOCAL_IP <-> REMOTE_IP] ikev2_packet_v1_start: Passing IKE v1.0 packet to IKEv1 library [Oct 14 10:46:32][LOCAL_IP <-> REMOTE_IP] ike_get_sa: Start, SA = { 466d144a de3597e6 - 7678da08 41db7ffe } / 90ef0766, remote = REMOTE_IP:500 [Oct 14 10:46:32][LOCAL_IP <-> REMOTE_IP] ike_sa_find: Not found SA = { 466d144a de3597e6 - 7678da08 41db7ffe } [Oct 14 10:46:32][LOCAL_IP <-> REMOTE_IP] ike_sa_find_half: Not found half SA = { 466d144a de3597e6 - 00000000 00000000 } [Oct 14 10:46:32][LOCAL_IP <-> REMOTE_IP] ike_get_sa: Invalid cookie, no sa found, SA = { 466d144a de3597e6 - 7678da08 41db7ffe } / 90ef0766, remote = REMOTE_IP:500 [Oct 14 10:46:32][LOCAL_IP <-> REMOTE_IP] iked_pv_audit_callback: Empty SSH audit event [Oct 14 10:46:32][LOCAL_IP <-> REMOTE_IP] unknown (unknown) <-> unknown { unknown [unknown] / unknown } unknown; Packet to unknown Isakmp SA, ip = REMOTE_IP:500 [Oct 14 10:46:38][LOCAL_IP <-> REMOTE_IP] Received DPD Trigger message with local_gw_addr = LOCAL_IP remote_gw_addr = REMOTE_IP [Oct 14 10:46:38][LOCAL_IP <-> REMOTE_IP] DPD -> TTL decrement 4 (no-response) for remote peer REMOTE_IP [Oct 14 10:46:38][LOCAL_IP <-> REMOTE_IP] P1 SA 2593433 start timer. timer duration 30, reason 1. [Oct 14 10:46:38][LOCAL_IP <-> REMOTE_IP] iked_peer_insert_p1sa_entry: Insert p1 sa 2593433 in peer entry 0x9cc400 [Oct 14 10:46:38][LOCAL_IP <-> REMOTE_IP] ikev2_fallback_negotiation_alloc: Allocated fallback negotiation dfc800 [Oct 14 10:46:38][LOCAL_IP <-> REMOTE_IP] Parsing notification payload for local:LOCAL_IP, remote:REMOTE_IP IKEv1 [Oct 14 10:46:38][LOCAL_IP <-> REMOTE_IP] IKE SA fill called for negotiation of local:LOCAL_IP, remote:REMOTE_IP IKEv1 [Oct 14 10:46:38][LOCAL_IP <-> REMOTE_IP] ikev2_fallback_negotiation_free: Fallback negotiation dfc800 has still 1 references [Oct 14 10:46:38][LOCAL_IP <-> REMOTE_IP] ssh_ike_connect: Start, remote_name = REMOTE_IP:500, xchg = 2, flags = 00080000 [Oct 14 10:46:38][LOCAL_IP <-> REMOTE_IP] ike_sa_allocate: Start, SA = { 53f57667 4a55baf4 - 00000000 00000000 } [Oct 14 10:46:38][LOCAL_IP <-> REMOTE_IP] ike_init_isakmp_sa: Start, remote = REMOTE_IP:500, initiator = 1 [Oct 14 10:46:38][LOCAL_IP <-> REMOTE_IP] ssh_ike_connect: SA = { 53f57667 4a55baf4 - 00000000 00000000}, nego = -1 [Oct 14 10:46:38][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { 53f57667 4a55baf4 - 00000000 00000000 [-1] / 0x00000000 } IP; Start isakmp sa negotiation [Oct 14 10:46:38][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { 53f57667 4a55baf4 - 00000000 00000000 [-1] / 0x00000000 } IP; Version = 1.0, Input packet fields = 0000 [Oct 14 10:46:38][LOCAL_IP <-> REMOTE_IP] ike_state_step: Current state = Start sa negotiation I (1)/-1, exchange = 2, auth_method = pre shared key, Initiator [Oct 14 10:46:38][LOCAL_IP <-> REMOTE_IP] ike_st_o_sa_proposal: Start [Oct 14 10:46:38][LOCAL_IP <-> REMOTE_IP] ike_policy_reply_isakmp_vendor_ids: Start [Oct 14 10:46:38][LOCAL_IP <-> REMOTE_IP] ike_st_o_private: Start [Oct 14 10:46:38][LOCAL_IP <-> REMOTE_IP] ike_policy_reply_private_payload_out: Start [Oct 14 10:46:38][LOCAL_IP <-> REMOTE_IP] ike_state_step: All done, new state = MM SA I (3) [Oct 14 10:46:38][LOCAL_IP <-> REMOTE_IP] ike_encode_packet: Start, SA = { 0x53f57667 4a55baf4 - 00000000 00000000 } / 00000000, nego = -1 [Oct 14 10:46:38][LOCAL_IP <-> REMOTE_IP] ike_encode_packet: Final length = 288 [Oct 14 10:46:38][LOCAL_IP <-> REMOTE_IP] ike_send_packet: Start, send SA = { 53f57667 4a55baf4 - 00000000 00000000}, nego = -1, dst = REMOTE_IP:500, routing table id = 0 [Oct 14 10:46:38][LOCAL_IP <-> REMOTE_IP] ike_sa_find: Not found SA = { 53f57667 4a55baf4 - 529f7aeb 43f4e64d } [Oct 14 10:46:38][LOCAL_IP <-> REMOTE_IP] ikev2_packet_v1_start: Passing IKE v1.0 packet to IKEv1 library [Oct 14 10:46:38][LOCAL_IP <-> REMOTE_IP] ike_get_sa: Start, SA = { 53f57667 4a55baf4 - 529f7aeb 43f4e64d } / 00000000, remote = REMOTE_IP:500 [Oct 14 10:46:38][LOCAL_IP <-> REMOTE_IP] ike_sa_find: Not found SA = { 53f57667 4a55baf4 - 529f7aeb 43f4e64d } [Oct 14 10:46:38][LOCAL_IP <-> REMOTE_IP] ike_sa_find_half: Found half SA = { 53f57667 4a55baf4 - 00000000 00000000 } [Oct 14 10:46:38][LOCAL_IP <-> REMOTE_IP] ike_get_sa: We are intiator, first response packet [Oct 14 10:46:38][LOCAL_IP <-> REMOTE_IP] ike_sa_upgrade: Start, SA = { 53f57667 4a55baf4 - 00000000 00000000 } -> { ... - 529f7aeb 43f4e64d } [Oct 14 10:46:38][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { 53f57667 4a55baf4 - 529f7aeb 43f4e64d [-1] / 0x00000000 } IP; Packet to old negotiation [Oct 14 10:46:38][LOCAL_IP <-> REMOTE_IP] ike_decode_packet: Start [Oct 14 10:46:38][LOCAL_IP <-> REMOTE_IP] ike_decode_packet: Start, SA = { 53f57667 4a55baf4 - 529f7aeb 43f4e64d} / 00000000, nego = -1 [Oct 14 10:46:38][LOCAL_IP <-> REMOTE_IP] ike_decode_payload_sa: Start [Oct 14 10:46:38][LOCAL_IP <-> REMOTE_IP] ike_decode_payload_sa: Found 1 proposals [Oct 14 10:46:38][LOCAL_IP <-> REMOTE_IP] ike_decode_payload_t: Start, # trans = 1 [Oct 14 10:46:38][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { 53f57667 4a55baf4 - 529f7aeb 43f4e64d [-1] / 0x00000000 } IP; Version = 1.0, Input packet fields = 0401 SA VID [Oct 14 10:46:38][LOCAL_IP <-> REMOTE_IP] ike_state_step: Current state = MM SA I (3)/-1, exchange = 2, auth_method = pre shared key, Initiator [Oct 14 10:46:38][LOCAL_IP <-> REMOTE_IP] ike_st_i_sa_value: Start [Oct 14 10:46:38][LOCAL_IP <-> REMOTE_IP] ike_st_i_cr: Start [Oct 14 10:46:38][LOCAL_IP <-> REMOTE_IP] ike_st_i_cert: Start [Oct 14 10:46:38][LOCAL_IP <-> REMOTE_IP] ike_st_i_vid: VID[0..8] = 09002689 dfd6b712 ... [Oct 14 10:46:38][LOCAL_IP <-> REMOTE_IP] ike_st_i_vid: VID[0..16] = afcad713 68a1f1c9 ... [Oct 14 10:46:38][LOCAL_IP <-> REMOTE_IP] ike_st_i_vid: VID[0..16] = 12f5f28c 457168a9 ... [Oct 14 10:46:38][LOCAL_IP <-> REMOTE_IP] ike_st_i_vid: VID[0..16] = 4a131c81 07035845 ... [Oct 14 10:46:38][LOCAL_IP <-> REMOTE_IP] ike_st_i_private: Start [Oct 14 10:46:38][LOCAL_IP <-> REMOTE_IP] ike_st_o_ke: Start [Oct 14 10:46:38][LOCAL_IP <-> REMOTE_IP] iked_dh_get_group: DH Group 2 [Oct 14 10:46:38][LOCAL_IP <-> REMOTE_IP] iked_dh_generate_sync: Requested DH group 2 [Oct 14 10:46:38][LOCAL_IP <-> REMOTE_IP] iked_dh_generate_sync: Generated DH keys using hardware for DH group 2 [Oct 14 10:46:38][LOCAL_IP <-> REMOTE_IP] juniper_dlp_diffie_hellman_generate_async: DH Generate Secs [0] USecs [5818] [Oct 14 10:46:38][LOCAL_IP <-> REMOTE_IP] juniper_dlp_diffie_hellman_generate_async: Generated DH using hardware [Oct 14 10:46:38][LOCAL_IP <-> REMOTE_IP] ike_st_o_nonce: Start [Oct 14 10:46:38][LOCAL_IP <-> REMOTE_IP] ike_policy_reply_isakmp_nonce_data_len: Start [Oct 14 10:46:38][LOCAL_IP <-> REMOTE_IP] ike_st_o_private: Start [Oct 14 10:46:38][LOCAL_IP <-> REMOTE_IP] ike_policy_reply_private_payload_out: Start [Oct 14 10:46:38][LOCAL_IP <-> REMOTE_IP] ike_policy_reply_private_payload_out: Start [Oct 14 10:46:38][LOCAL_IP <-> REMOTE_IP] ike_policy_reply_private_payload_out: Start [Oct 14 10:46:38][LOCAL_IP <-> REMOTE_IP] ike_state_step: All done, new state = MM KE I (5) [Oct 14 10:46:38][LOCAL_IP <-> REMOTE_IP] ike_encode_packet: Start, SA = { 0x53f57667 4a55baf4 - 529f7aeb 43f4e64d } / 00000000, nego = -1 [Oct 14 10:46:38][LOCAL_IP <-> REMOTE_IP] ike_encode_packet: Final length = 228 [Oct 14 10:46:38][LOCAL_IP <-> REMOTE_IP] ike_send_packet: Start, send SA = { 53f57667 4a55baf4 - 529f7aeb 43f4e64d}, nego = -1, dst = REMOTE_IP:500, routing table id = 0 [Oct 14 10:46:38][LOCAL_IP <-> REMOTE_IP] ike_sa_find: Found SA = { 53f57667 4a55baf4 - 529f7aeb 43f4e64d } [Oct 14 10:46:38][LOCAL_IP <-> REMOTE_IP] ikev2_packet_v1_start: Passing IKE v1.0 packet to IKEv1 library [Oct 14 10:46:38][LOCAL_IP <-> REMOTE_IP] ike_get_sa: Start, SA = { 53f57667 4a55baf4 - 529f7aeb 43f4e64d } / 00000000, remote = REMOTE_IP:500 [Oct 14 10:46:38][LOCAL_IP <-> REMOTE_IP] ike_sa_find: Found SA = { 53f57667 4a55baf4 - 529f7aeb 43f4e64d } [Oct 14 10:46:38][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { 53f57667 4a55baf4 - 529f7aeb 43f4e64d [-1] / 0x00000000 } IP; Packet to old negotiation [Oct 14 10:46:38][LOCAL_IP <-> REMOTE_IP] ike_decode_packet: Start [Oct 14 10:46:38][LOCAL_IP <-> REMOTE_IP] ike_decode_packet: Start, SA = { 53f57667 4a55baf4 - 529f7aeb 43f4e64d} / 00000000, nego = -1 [Oct 14 10:46:38][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { 53f57667 4a55baf4 - 529f7aeb 43f4e64d [-1] / 0x00000000 } IP; Version = 1.0, Input packet fields = 0012 KE NONCE [Oct 14 10:46:38][LOCAL_IP <-> REMOTE_IP] ike_state_step: Current state = MM KE I (5)/-1, exchange = 2, auth_method = pre shared key, Initiator [Oct 14 10:46:38][LOCAL_IP <-> REMOTE_IP] ike_st_i_nonce: Start, nonce[0..32] = 99e168b0 f225d81a ... [Oct 14 10:46:38][LOCAL_IP <-> REMOTE_IP] ike_st_i_ke: Ke[0..128] = 0324d749 519dacb4 ... [Oct 14 10:46:38][LOCAL_IP <-> REMOTE_IP] ike_st_i_cr: Start [Oct 14 10:46:38][LOCAL_IP <-> REMOTE_IP] ike_st_i_cert: Start [Oct 14 10:46:38][LOCAL_IP <-> REMOTE_IP] ike_st_i_private: Start [Oct 14 10:46:38][LOCAL_IP <-> REMOTE_IP] ike_st_o_id: Start [Oct 14 10:46:38][LOCAL_IP <-> REMOTE_IP] ike_st_o_hash: Start [Oct 14 10:46:38][LOCAL_IP <-> REMOTE_IP] iked_dh_get_group: DH Group 2 [Oct 14 10:46:38][LOCAL_IP <-> REMOTE_IP] iked_dh_compute_synch: Requested DH group 2 [Oct 14 10:46:38][LOCAL_IP <-> REMOTE_IP] juniper_dlp_diffie_hellman_final_async: DH Compute Secs [0] USecs [5181] [Oct 14 10:46:38][LOCAL_IP <-> REMOTE_IP] juniper_dlp_diffie_hellman_final_async: Computed DH using hardware [Oct 14 10:46:38][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { 53f57667 4a55baf4 - 529f7aeb 43f4e64d [-1] / 0x00000000 } IP; Diffie-hellman secret g^xy[128] = 0x8e91310a f4a5b180 7ed5fb21 42c898a7 f8 [Oct 14 10:46:38][LOCAL_IP <-> REMOTE_IP] ike_find_pre_shared_key: Find pre shared key key for LOCAL_IP:500, id = ipv4(any:0,[0..3]=LOCAL_IP) -> REMOTE_IP:500, id = No Id [Oct 14 10:46:38][LOCAL_IP <-> REMOTE_IP] ike_policy_reply_find_pre_shared_key: Start [Oct 14 10:46:38][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { 53f57667 4a55baf4 - 529f7aeb 43f4e64d [-1] / 0x00000000 } IP; Hash algorithm = hmac-sha1 [Oct 14 10:46:38][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { 53f57667 4a55baf4 - 529f7aeb 43f4e64d [-1] / 0x00000000 } IP; Prf key[11] = 0x32303135 4d696172 657465 [Oct 14 10:46:38][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { 53f57667 4a55baf4 - 529f7aeb 43f4e64d [-1] / 0x00000000 } IP; Calculating SKEYID [Oct 14 10:46:38][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { 53f57667 4a55baf4 - 529f7aeb 43f4e64d [-1] / 0x00000000 } IP; Output of SKEYID hash[20] = 0x3b100c0c 2890212f b406db6b 7798c27e dfe8ab93 [Oct 14 10:46:38][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { 53f57667 4a55baf4 - 529f7aeb 43f4e64d [-1] / 0x00000000 } IP; Output of SKEYID_d hash[20] = 0x66196d0a d97e794b 781a44f9 d0f4f5f8 77b3d9 [Oct 14 10:46:38][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { 53f57667 4a55baf4 - 529f7aeb 43f4e64d [-1] / 0x00000000 } IP; Output of SKEYID_a hash[20] = 0xb415a770 c226ab79 d76c894e f6275311 8e0d05 [Oct 14 10:46:38][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { 53f57667 4a55baf4 - 529f7aeb 43f4e64d [-1] / 0x00000000 } IP; Output SKEYID_e hash[20] = 0x9a3dc1fe f1bce370 f25218be 1689eb33 0a7fdec9 [Oct 14 10:46:38][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { 53f57667 4a55baf4 - 529f7aeb 43f4e64d [-1] / 0x00000000 } IP; Final encryption key[16] = 0x9a3dc1fe f1bce370 f25218be 1689eb33 [Oct 14 10:46:38][LOCAL_IP <-> REMOTE_IP] ike_calc_mac: Start, initiator = true, local = true [Oct 14 10:46:38][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { 53f57667 4a55baf4 - 529f7aeb 43f4e64d [-1] / 0x00000000 } IP; Output of HASH_I hash[20] = 0x0f3db6e4 ec22b9fd bd014763 6537439e 98435c20 [Oct 14 10:46:38][LOCAL_IP <-> REMOTE_IP] ike_st_o_status_n: Start [Oct 14 10:46:38][LOCAL_IP <-> REMOTE_IP] ike_st_o_private: Start [Oct 14 10:46:38][LOCAL_IP <-> REMOTE_IP] ike_policy_reply_private_payload_out: Start [Oct 14 10:46:38][LOCAL_IP <-> REMOTE_IP] ike_st_o_encrypt: Marking encryption for packet [Oct 14 10:46:38][LOCAL_IP <-> REMOTE_IP] ike_state_step: All done, new state = MM final I (7) [Oct 14 10:46:38][LOCAL_IP <-> REMOTE_IP] ike_encode_packet: Start, SA = { 0x53f57667 4a55baf4 - 529f7aeb 43f4e64d } / 00000000, nego = -1 [Oct 14 10:46:38][LOCAL_IP <-> REMOTE_IP] ike_encode_packet: Encrypting packet [Oct 14 10:46:38][LOCAL_IP <-> REMOTE_IP] ike_encode_packet: Final length = 76 [Oct 14 10:46:38][LOCAL_IP <-> REMOTE_IP] ike_send_packet: Start, send SA = { 53f57667 4a55baf4 - 529f7aeb 43f4e64d}, nego = -1, dst = REMOTE_IP:500, routing table id = 0 [Oct 14 10:46:38][LOCAL_IP <-> REMOTE_IP] ike_sa_find: Found SA = { 53f57667 4a55baf4 - 529f7aeb 43f4e64d } [Oct 14 10:46:38][LOCAL_IP <-> REMOTE_IP] ikev2_packet_v1_start: Passing IKE v1.0 packet to IKEv1 library [Oct 14 10:46:38][LOCAL_IP <-> REMOTE_IP] ike_get_sa: Start, SA = { 53f57667 4a55baf4 - 529f7aeb 43f4e64d } / 00000000, remote = REMOTE_IP:500 [Oct 14 10:46:38][LOCAL_IP <-> REMOTE_IP] ike_sa_find: Found SA = { 53f57667 4a55baf4 - 529f7aeb 43f4e64d } [Oct 14 10:46:38][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { 53f57667 4a55baf4 - 529f7aeb 43f4e64d [-1] / 0x00000000 } IP; Packet to old negotiation [Oct 14 10:46:38][LOCAL_IP <-> REMOTE_IP] ike_decode_packet: Start [Oct 14 10:46:38][LOCAL_IP <-> REMOTE_IP] ike_decode_packet: Start, SA = { 53f57667 4a55baf4 - 529f7aeb 43f4e64d} / 00000000, nego = -1 [Oct 14 10:46:38][LOCAL_IP <-> REMOTE_IP] ike_decode_packet: Decrypting packet [Oct 14 10:46:38][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { 53f57667 4a55baf4 - 529f7aeb 43f4e64d [-1] / 0x00000000 } IP; Version = 1.0, Input packet fields = 0024 ID HASH [Oct 14 10:46:38][LOCAL_IP <-> REMOTE_IP] ike_state_step: Current state = MM final I (7)/-1, exchange = 2, auth_method = pre shared key, Initiator [Oct 14 10:46:38][LOCAL_IP <-> REMOTE_IP] ike_st_i_encrypt: Check that packet was encrypted succeeded [Oct 14 10:46:38][LOCAL_IP <-> REMOTE_IP] ike_st_i_id: Start [Oct 14 10:46:38][LOCAL_IP <-> REMOTE_IP] ike_st_i_hash: Start, hash[0..20] = 17e15cef 7cb01184 ... [Oct 14 10:46:38][LOCAL_IP <-> REMOTE_IP] ike_calc_mac: Start, initiator = true, local = false [Oct 14 10:46:38][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { 53f57667 4a55baf4 - 529f7aeb 43f4e64d [-1] / 0x00000000 } IP; Output of HASH_R hash[20] = 0x17e15cef 7cb01184 ef88ee07 2f512e8b e35596df [Oct 14 10:46:38][LOCAL_IP <-> REMOTE_IP] ike_st_i_cert: Start [Oct 14 10:46:38][LOCAL_IP <-> REMOTE_IP] ike_st_i_private: Start [Oct 14 10:46:38][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { 53f57667 4a55baf4 - 529f7aeb 43f4e64d [-1] / 0x00000000 } IP; dec->enc iv[16] = 0xe41ea4b4 b961855b 9a1c982f 7e462db5 [Oct 14 10:46:38][LOCAL_IP <-> REMOTE_IP] ike_st_o_wait_done: Marking for waiting for done [Oct 14 10:46:38][LOCAL_IP <-> REMOTE_IP] ike_st_o_all_done: MESSAGE: Phase 1 { 0x53f57667 4a55baf4 - 0x529f7aeb 43f4e64d } / 00000000, version = 1.0, xchg = Identity protect, auth_method = Pre shared keys, Initiator, cipher = aes- [Oct 14 10:46:38][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { 53f57667 4a55baf4 - 529f7aeb 43f4e64d [-1] / 0x00000000 } IP; MESSAGE: Phase 1 version = 1.0, auth_method = Pre shared keys, cipher = ae [Oct 14 10:46:38][LOCAL_IP <-> REMOTE_IP] ike_state_step: All done, new state = MM done I (9) [Oct 14 10:46:38][LOCAL_IP <-> REMOTE_IP] ikev2_fallback_negotiation_free: Fallback negotiation dfc800 has still 1 references [Oct 14 10:46:38][LOCAL_IP <-> REMOTE_IP] ike_send_notify: Connected, SA = { 53f57667 4a55baf4 - 529f7aeb 43f4e64d}, nego = -1 [Oct 14 10:46:38][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { 53f57667 4a55baf4 - 529f7aeb 43f4e64d [-1] / 0x00000000 } IP; Connected [Oct 14 10:46:38][LOCAL_IP <-> REMOTE_IP] ike_process_packet: No output packet, returning [Oct 14 10:46:38][LOCAL_IP <-> REMOTE_IP] iked_pm_ike_sa_done: local:LOCAL_IP, remote:REMOTE_IP IKEv1 [Oct 14 10:46:38][LOCAL_IP <-> REMOTE_IP] IKE negotiation done for local:LOCAL_IP, remote:REMOTE_IP IKEv1 with status: Error ok [Oct 14 10:46:38][LOCAL_IP <-> REMOTE_IP] Parsing notification payload for local:LOCAL_IP, remote:REMOTE_IP IKEv1 [Oct 14 10:46:38][LOCAL_IP <-> REMOTE_IP] P1 SA 2593433 stop timer. timer duration 30, reason 1. [Oct 14 10:46:38][LOCAL_IP <-> REMOTE_IP] ssh_ike_connect_notify: Start, remote_name = :500, flags = 00010000 [Oct 14 10:46:38][LOCAL_IP <-> REMOTE_IP] ike_sa_find_ip_port: Remote = all:500, Found SA = { 53f57667 4a55baf4 - 529f7aeb 43f4e64d} [Oct 14 10:46:38][LOCAL_IP <-> REMOTE_IP] ike_alloc_negotiation: Start, SA = { 53f57667 4a55baf4 - 529f7aeb 43f4e64d} [Oct 14 10:46:38][LOCAL_IP <-> REMOTE_IP] ike_alloc_negotiation: Found slot 0, max 1 [Oct 14 10:46:38][LOCAL_IP <-> REMOTE_IP] :500 (Initiator) <-> REMOTE_IP:500 { 53f57667 4a55baf4 - 529f7aeb 43f4e64d [0] / 0x41f2d297 } Info; Output of phase 2 IV hash[16] = 0x0ca1562a 8adb9c34 6fdfbb40 07925b67 [Oct 14 10:46:38][LOCAL_IP <-> REMOTE_IP] ike_init_info_exchange: Created random message id = 41f2d297 [Oct 14 10:46:38][LOCAL_IP <-> REMOTE_IP] ike_init_info_exchange: Phase 1 done, use HASH and N or D payload [Oct 14 10:46:38][LOCAL_IP <-> REMOTE_IP] ssh_ike_connect_notify: SA = { 53f57667 4a55baf4 - 529f7aeb 43f4e64d}, nego = 0 [Oct 14 10:46:38][LOCAL_IP <-> REMOTE_IP] :500 (Initiator) <-> REMOTE_IP:500 { 53f57667 4a55baf4 - 529f7aeb 43f4e64d [0] / 0x41f2d297 } Info; Start notify negotiation [Oct 14 10:46:38][LOCAL_IP <-> REMOTE_IP] ike_encode_packet: Start, SA = { 0x53f57667 4a55baf4 - 529f7aeb 43f4e64d } / 41f2d297, nego = 0 [Oct 14 10:46:38][LOCAL_IP <-> REMOTE_IP] ike_encode_packet: Encrypting packet [Oct 14 10:46:38][LOCAL_IP <-> REMOTE_IP] ike_encode_packet: Final length = 92 [Oct 14 10:46:38][LOCAL_IP <-> REMOTE_IP] ssh_ike_connect_notify: Sending notification to (null):500 [Oct 14 10:46:38][LOCAL_IP <-> REMOTE_IP] ike_send_packet: Start, send SA = { 53f57667 4a55baf4 - 529f7aeb 43f4e64d}, nego = 0, dst = REMOTE_IP:500, routing table id = 0 [Oct 14 10:46:38][LOCAL_IP <-> REMOTE_IP] ike_delete_negotiation: Start, SA = { 53f57667 4a55baf4 - 529f7aeb 43f4e64d}, nego = 0 [Oct 14 10:46:38][LOCAL_IP <-> REMOTE_IP] :500 (Initiator) <-> REMOTE_IP:500 { 53f57667 4a55baf4 - 529f7aeb 43f4e64d [0] / 0x41f2d297 } Info; Deleting negotiation [Oct 14 10:46:38][LOCAL_IP <-> REMOTE_IP] ike_free_negotiation_info: Start, nego = 0 [Oct 14 10:46:38][LOCAL_IP <-> REMOTE_IP] ike_free_negotiation: Start, nego = 0 [Oct 14 10:46:38][LOCAL_IP <-> REMOTE_IP] iked_pm_ike_info_done_callback: P1 SA 2593433 (ref 2). pending req? 0, status: Error ok [Oct 14 10:46:38][LOCAL_IP <-> REMOTE_IP] ikev2_fallback_negotiation_free: Freeing fallback negotiation dfc800 [Oct 14 10:46:38][LOCAL_IP <-> REMOTE_IP] ike_sa_find: Found SA = { 53f57667 4a55baf4 - 529f7aeb 43f4e64d } [Oct 14 10:46:38][LOCAL_IP <-> REMOTE_IP] ikev2_packet_v1_start: Passing IKE v1.0 packet to IKEv1 library [Oct 14 10:46:38][LOCAL_IP <-> REMOTE_IP] ike_get_sa: Start, SA = { 53f57667 4a55baf4 - 529f7aeb 43f4e64d } / c7a891ef, remote = REMOTE_IP:500 [Oct 14 10:46:38][LOCAL_IP <-> REMOTE_IP] ike_sa_find: Found SA = { 53f57667 4a55baf4 - 529f7aeb 43f4e64d } [Oct 14 10:46:38][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { 53f57667 4a55baf4 - 529f7aeb 43f4e64d [-1] / 0x00000000 } IP; Version = 1.0, Input packet fields = 0024 ID HASH [Oct 14 10:46:38][LOCAL_IP <-> REMOTE_IP] ike_state_step: Current state = MM done I (9)/-1, exchange = 2, auth_method = pre shared key, Initiator [Oct 14 10:46:38][LOCAL_IP <-> REMOTE_IP] ike_st_o_done: ISAKMP SA negotiation done [Oct 14 10:46:38][LOCAL_IP <-> REMOTE_IP] ike_state_step: All done, new state = Done (30) [Oct 14 10:46:38][LOCAL_IP <-> REMOTE_IP] ike_udp_callback_common: Connected, sending notify [Oct 14 10:46:38][LOCAL_IP <-> REMOTE_IP] ike_send_notify: Connected, SA = { 53f57667 4a55baf4 - 529f7aeb 43f4e64d}, nego = -1 [Oct 14 10:46:38][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { 53f57667 4a55baf4 - 529f7aeb 43f4e64d [-1] / 0x00000000 } IP; Connected [Oct 14 10:46:38][LOCAL_IP <-> REMOTE_IP] ike_free_negotiation_isakmp: Start, nego = -1 [Oct 14 10:46:38][LOCAL_IP <-> REMOTE_IP] ike_free_negotiation: Start, nego = -1 [Oct 14 10:46:38][LOCAL_IP <-> REMOTE_IP] ike_alloc_negotiation: Start, SA = { 53f57667 4a55baf4 - 529f7aeb 43f4e64d} [Oct 14 10:46:38][LOCAL_IP <-> REMOTE_IP] ike_alloc_negotiation: Found slot 0, max 1 [Oct 14 10:46:38][LOCAL_IP <-> REMOTE_IP] ike_init_cfg_negotiation: Start, initiator = 0, message_id = c7a891ef [Oct 14 10:46:38][LOCAL_IP <-> REMOTE_IP] :500 (Responder) <-> REMOTE_IP:500 { 53f57667 4a55baf4 - 529f7aeb 43f4e64d [0] / 0xc7a891ef } CFG; New negotiation [Oct 14 10:46:38][LOCAL_IP <-> REMOTE_IP] ikev2_fallback_negotiation_alloc: Allocated fallback negotiation dfc800 [Oct 14 10:46:38][LOCAL_IP <-> REMOTE_IP] ikev2_fb_alloc_cfgmode_negotiation: Accepting new Cfg/XAuth negotiation: local=:500, remote=REMOTE_IP:500 [Oct 14 10:46:38][LOCAL_IP <-> REMOTE_IP] :500 (Responder) <-> REMOTE_IP:500 { 53f57667 4a55baf4 - 529f7aeb 43f4e64d [0] / 0xc7a891ef } CFG; Output of phase 2 IV hash[16] = 0xb471d322 1d8014a9 b144b165 8c28ea90 [Oct 14 10:46:38][LOCAL_IP <-> REMOTE_IP] ike_decode_packet: Start [Oct 14 10:46:38][LOCAL_IP <-> REMOTE_IP] ike_decode_packet: Start, SA = { 53f57667 4a55baf4 - 529f7aeb 43f4e64d} / c7a891ef, nego = 0 [Oct 14 10:46:38][LOCAL_IP <-> REMOTE_IP] ike_decode_packet: Decrypting packet [Oct 14 10:46:38][LOCAL_IP <-> REMOTE_IP] ike_decode_payload_attr: Start [Oct 14 10:46:38][LOCAL_IP <-> REMOTE_IP] :500 (Responder) <-> REMOTE_IP:500 { 53f57667 4a55baf4 - 529f7aeb 43f4e64d [0] / 0xc7a891ef } CFG; Version = 1.0, Input packet fields = 0820 HASH ATTR [Oct 14 10:46:38][LOCAL_IP <-> REMOTE_IP] ike_state_step: Current state = Start CFG R (26)/-1, exchange = 6, auth_method = any, Responder [Oct 14 10:46:38][LOCAL_IP <-> REMOTE_IP] ike_st_i_encrypt: Check that packet was encrypted succeeded [Oct 14 10:46:38][LOCAL_IP <-> REMOTE_IP] ike_st_i_gen_hash: Start, hash[0..20] = 7062179c 019fec3b ... [Oct 14 10:46:38][LOCAL_IP <-> REMOTE_IP] ike_st_i_cfg_attr: Start [Oct 14 10:46:38][LOCAL_IP <-> REMOTE_IP] ike_process_packet: No output packet, returning [Oct 14 10:46:38][LOCAL_IP <-> REMOTE_IP] ike_cfg_attrs_reply: Start [Oct 14 10:46:38][LOCAL_IP <-> REMOTE_IP] ikev2_fallback_negotiation_free: Fallback negotiation dfc800 has still 2 references [Oct 14 10:46:38][LOCAL_IP <-> REMOTE_IP] ikev2_fallback_negotiation_free: Fallback negotiation dfc800 has still 1 references [Oct 14 10:46:38][LOCAL_IP <-> REMOTE_IP] ikev2_fallback_negotiation_free: Freeing fallback negotiation dfc800 [Oct 14 10:46:38][LOCAL_IP <-> REMOTE_IP] ike_sa_find: Found SA = { 53f57667 4a55baf4 - 529f7aeb 43f4e64d } [Oct 14 10:46:38][LOCAL_IP <-> REMOTE_IP] ikev2_packet_v1_start: Passing IKE v1.0 packet to IKEv1 library [Oct 14 10:46:38][LOCAL_IP <-> REMOTE_IP] ike_get_sa: Start, SA = { 53f57667 4a55baf4 - 529f7aeb 43f4e64d } / 11e963ae, remote = REMOTE_IP:500 [Oct 14 10:46:38][LOCAL_IP <-> REMOTE_IP] ike_sa_find: Found SA = { 53f57667 4a55baf4 - 529f7aeb 43f4e64d } [Oct 14 10:46:38][LOCAL_IP <-> REMOTE_IP] ike_alloc_negotiation: Start, SA = { 53f57667 4a55baf4 - 529f7aeb 43f4e64d} [Oct 14 10:46:38][LOCAL_IP <-> REMOTE_IP] ike_alloc_negotiation: Found slot 1, max 2 [Oct 14 10:46:38][LOCAL_IP <-> REMOTE_IP] :500 (Responder) <-> REMOTE_IP:500 { 53f57667 4a55baf4 - 529f7aeb 43f4e64d [1] / 0x11e963ae } Info; New informational negotiation [Oct 14 10:46:38][LOCAL_IP <-> REMOTE_IP] :500 (Responder) <-> REMOTE_IP:500 { 53f57667 4a55baf4 - 529f7aeb 43f4e64d [1] / 0x11e963ae } Info; Packet to old negotiation [Oct 14 10:46:38][LOCAL_IP <-> REMOTE_IP] :500 (Responder) <-> REMOTE_IP:500 { 53f57667 4a55baf4 - 529f7aeb 43f4e64d [1] / 0x11e963ae } Info; Output of phase 2 IV hash[16] = 0x4ba29f83 f2add017 9ce02db5 cf6de6a9 [Oct 14 10:46:38][LOCAL_IP <-> REMOTE_IP] ike_decode_packet: Start [Oct 14 10:46:38][LOCAL_IP <-> REMOTE_IP] ike_decode_packet: Start, SA = { 53f57667 4a55baf4 - 529f7aeb 43f4e64d} / 11e963ae, nego = 1 [Oct 14 10:46:38][LOCAL_IP <-> REMOTE_IP] ike_decode_packet: Decrypting packet [Oct 14 10:46:38][LOCAL_IP <-> REMOTE_IP] :500 (Responder) <-> REMOTE_IP:500 { 53f57667 4a55baf4 - 529f7aeb 43f4e64d [1] / 0x11e963ae } Info; Version = 1.0, Input packet fields = 0220 HASH N [Oct 14 10:46:38][LOCAL_IP <-> REMOTE_IP] ike_state_step: Current state = Done (30)/-1, exchange = 5, auth_method = any, Responder [Oct 14 10:46:38][LOCAL_IP <-> REMOTE_IP] ike_st_i_encrypt: Check that packet was encrypted succeeded [Oct 14 10:46:38][LOCAL_IP <-> REMOTE_IP] ike_st_i_gen_hash: Start, hash[0..20] = 958f76cc 761d984f ... [Oct 14 10:46:38][LOCAL_IP <-> REMOTE_IP] ike_st_i_n: Start, doi = 1, protocol = 1, code = Payload malformed (16), spi[0..0] = 00000000 00000000 ..., data[0..0] = 00000000 00000000 ... [Oct 14 10:46:38][LOCAL_IP <-> REMOTE_IP] :500 (Responder) <-> REMOTE_IP:500 { 53f57667 4a55baf4 - 529f7aeb 43f4e64d [1] / 0x11e963ae } Info; Received notify err = Payload malformed (16) to isakmp sa, delete it [Oct 14 10:46:38][LOCAL_IP <-> REMOTE_IP] ike_st_i_private: Start [Oct 14 10:46:38][LOCAL_IP <-> REMOTE_IP] ike_state_step: All done, new state = Done (30) [Oct 14 10:46:38][LOCAL_IP <-> REMOTE_IP] ike_process_packet: Connected, sending notify [Oct 14 10:46:38][LOCAL_IP <-> REMOTE_IP] ike_send_notify: Connected, SA = { 53f57667 4a55baf4 - 529f7aeb 43f4e64d}, nego = 1 [Oct 14 10:46:38][LOCAL_IP <-> REMOTE_IP] :500 (Responder) <-> REMOTE_IP:500 { 53f57667 4a55baf4 - 529f7aeb 43f4e64d [1] / 0x11e963ae } Info; Connected [Oct 14 10:46:38][LOCAL_IP <-> REMOTE_IP] ike_delete_negotiation: Start, SA = { 53f57667 4a55baf4 - 529f7aeb 43f4e64d}, nego = 1 [Oct 14 10:46:38][LOCAL_IP <-> REMOTE_IP] :500 (Responder) <-> REMOTE_IP:500 { 53f57667 4a55baf4 - 529f7aeb 43f4e64d [1] / 0x11e963ae } Info; Deleting negotiation [Oct 14 10:46:38][LOCAL_IP <-> REMOTE_IP] ike_free_negotiation_info: Start, nego = 1 [Oct 14 10:46:38][LOCAL_IP <-> REMOTE_IP] ike_free_negotiation: Start, nego = 1 [Oct 14 10:46:38][LOCAL_IP <-> REMOTE_IP] ike_remove_callback: Start, delete SA = { 53f57667 4a55baf4 - 529f7aeb 43f4e64d}, nego = -1 [Oct 14 10:46:38][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { 53f57667 4a55baf4 - 529f7aeb 43f4e64d [-1] / unknown } IP; Removing negotiation [Oct 14 10:46:38][LOCAL_IP <-> REMOTE_IP] ike_delete_negotiation: Start, SA = { 53f57667 4a55baf4 - 529f7aeb 43f4e64d}, nego = -1 [Oct 14 10:46:38][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { 53f57667 4a55baf4 - 529f7aeb 43f4e64d [-1] / unknown } IP; Deleting negotiation [Oct 14 10:46:38][LOCAL_IP <-> REMOTE_IP] ssh_ike_tunnel_table_entry_delete: Deleting tunnel_id: 0 from IKE tunnel table [Oct 14 10:46:38][LOCAL_IP <-> REMOTE_IP] ssh_ike_tunnel_table_entry_delete: The tunnel id: 0 doesn't exist in IKE tunnel table [Oct 14 10:46:38][LOCAL_IP <-> REMOTE_IP] ike_sa_delete: Start, SA = { 53f57667 4a55baf4 - 529f7aeb 43f4e64d } [Oct 14 10:46:38][LOCAL_IP <-> REMOTE_IP] ike_free_negotiation_cfg: Start, nego = 0 [Oct 14 10:46:38][LOCAL_IP <-> REMOTE_IP] ike_free_negotiation: Start, nego = 0 [Oct 14 10:46:38][LOCAL_IP <-> REMOTE_IP] ike_free_negotiation_isakmp: Start, nego = -1 [Oct 14 10:46:38][LOCAL_IP <-> REMOTE_IP] ike_free_negotiation: Start, nego = -1 [Oct 14 10:46:38][LOCAL_IP <-> REMOTE_IP] ikev2_fb_isakmp_sa_freed: Received notification from the ISAKMP library that the IKE SA df6400 is freed [Oct 14 10:46:38][LOCAL_IP <-> REMOTE_IP] IKE SA delete called for p1 sa 2593433 (ref cnt 1) local:LOCAL_IP, remote:REMOTE_IP, IKEv1 [Oct 14 10:46:38][LOCAL_IP <-> REMOTE_IP] P1 SA 2593433 stop timer. timer duration 30, reason 0. [Oct 14 10:46:38][LOCAL_IP <-> REMOTE_IP] iked_pm_p1_sa_destroy: p1 sa 2593433 (ref cnt 0), waiting_for_del 0x0 [Oct 14 10:46:38][LOCAL_IP <-> REMOTE_IP] iked_peer_remove_p1sa_entry: Remove p1 sa 2593433 from peer entry 0x9cc400 [Oct 14 10:46:38][LOCAL_IP <-> REMOTE_IP] ike_free_id_payload: Start, id type = 1 [Oct 14 10:46:38][LOCAL_IP <-> REMOTE_IP] ike_free_id_payload: Start, id type = 1 [Oct 14 10:46:38][LOCAL_IP <-> REMOTE_IP] ike_free_sa: Start [Oct 14 10:46:42][LOCAL_IP <-> REMOTE_IP] ike_sa_find: Not found SA = { 53f57667 4a55baf4 - 529f7aeb 43f4e64d } [Oct 14 10:46:42][LOCAL_IP <-> REMOTE_IP] ikev2_packet_v1_start: Passing IKE v1.0 packet to IKEv1 library [Oct 14 10:46:42][LOCAL_IP <-> REMOTE_IP] ike_get_sa: Start, SA = { 53f57667 4a55baf4 - 529f7aeb 43f4e64d } / c7a891ef, remote = REMOTE_IP:500 [Oct 14 10:46:42][LOCAL_IP <-> REMOTE_IP] ike_sa_find: Not found SA = { 53f57667 4a55baf4 - 529f7aeb 43f4e64d } [Oct 14 10:46:42][LOCAL_IP <-> REMOTE_IP] ike_sa_find_half: Not found half SA = { 53f57667 4a55baf4 - 00000000 00000000 } [Oct 14 10:46:42][LOCAL_IP <-> REMOTE_IP] ike_get_sa: Invalid cookie, no sa found, SA = { 53f57667 4a55baf4 - 529f7aeb 43f4e64d } / c7a891ef, remote = REMOTE_IP:500 [Oct 14 10:46:42][LOCAL_IP <-> REMOTE_IP] iked_pv_audit_callback: Empty SSH audit event [Oct 14 10:46:42][LOCAL_IP <-> REMOTE_IP] unknown (unknown) <-> unknown { unknown [unknown] / unknown } unknown; Packet to unknown Isakmp SA, ip = REMOTE_IP:500 [Oct 14 10:46:48][LOCAL_IP <-> REMOTE_IP] Received DPD Trigger message with local_gw_addr = LOCAL_IP remote_gw_addr = REMOTE_IP [Oct 14 10:46:48][LOCAL_IP <-> REMOTE_IP] DPD -> TTL decrement 4 (no-response) for remote peer REMOTE_IP [Oct 14 10:46:48][LOCAL_IP <-> REMOTE_IP] P1 SA 2593434 start timer. timer duration 30, reason 1. [Oct 14 10:46:48][LOCAL_IP <-> REMOTE_IP] iked_peer_insert_p1sa_entry: Insert p1 sa 2593434 in peer entry 0x9cc400 [Oct 14 10:46:48][LOCAL_IP <-> REMOTE_IP] ikev2_fallback_negotiation_alloc: Allocated fallback negotiation dfc800 [Oct 14 10:46:48][LOCAL_IP <-> REMOTE_IP] Parsing notification payload for local:LOCAL_IP, remote:REMOTE_IP IKEv1 [Oct 14 10:46:48][LOCAL_IP <-> REMOTE_IP] IKE SA fill called for negotiation of local:LOCAL_IP, remote:REMOTE_IP IKEv1 [Oct 14 10:46:48][LOCAL_IP <-> REMOTE_IP] ikev2_fallback_negotiation_free: Fallback negotiation dfc800 has still 1 references [Oct 14 10:46:48][LOCAL_IP <-> REMOTE_IP] ssh_ike_connect: Start, remote_name = REMOTE_IP:500, xchg = 2, flags = 00080000 [Oct 14 10:46:48][LOCAL_IP <-> REMOTE_IP] ike_sa_allocate: Start, SA = { 5e0ea230 7e54692b - 00000000 00000000 } [Oct 14 10:46:48][LOCAL_IP <-> REMOTE_IP] ike_init_isakmp_sa: Start, remote = REMOTE_IP:500, initiator = 1 [Oct 14 10:46:48][LOCAL_IP <-> REMOTE_IP] ssh_ike_connect: SA = { 5e0ea230 7e54692b - 00000000 00000000}, nego = -1 [Oct 14 10:46:48][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { 5e0ea230 7e54692b - 00000000 00000000 [-1] / 0x00000000 } IP; Start isakmp sa negotiation [Oct 14 10:46:48][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { 5e0ea230 7e54692b - 00000000 00000000 [-1] / 0x00000000 } IP; Version = 1.0, Input packet fields = 0000 [Oct 14 10:46:48][LOCAL_IP <-> REMOTE_IP] ike_state_step: Current state = Start sa negotiation I (1)/-1, exchange = 2, auth_method = pre shared key, Initiator [Oct 14 10:46:48][LOCAL_IP <-> REMOTE_IP] ike_st_o_sa_proposal: Start [Oct 14 10:46:48][LOCAL_IP <-> REMOTE_IP] ike_policy_reply_isakmp_vendor_ids: Start [Oct 14 10:46:48][LOCAL_IP <-> REMOTE_IP] ike_st_o_private: Start [Oct 14 10:46:48][LOCAL_IP <-> REMOTE_IP] ike_policy_reply_private_payload_out: Start [Oct 14 10:46:48][LOCAL_IP <-> REMOTE_IP] ike_state_step: All done, new state = MM SA I (3) [Oct 14 10:46:48][LOCAL_IP <-> REMOTE_IP] ike_encode_packet: Start, SA = { 0x5e0ea230 7e54692b - 00000000 00000000 } / 00000000, nego = -1 [Oct 14 10:46:48][LOCAL_IP <-> REMOTE_IP] ike_encode_packet: Final length = 288 [Oct 14 10:46:48][LOCAL_IP <-> REMOTE_IP] ike_send_packet: Start, send SA = { 5e0ea230 7e54692b - 00000000 00000000}, nego = -1, dst = REMOTE_IP:500, routing table id = 0 [Oct 14 10:46:48][LOCAL_IP <-> REMOTE_IP] ike_sa_find: Not found SA = { 5e0ea230 7e54692b - e017a7ab 56a0eaea } [Oct 14 10:46:48][LOCAL_IP <-> REMOTE_IP] ikev2_packet_v1_start: Passing IKE v1.0 packet to IKEv1 library [Oct 14 10:46:48][LOCAL_IP <-> REMOTE_IP] ike_get_sa: Start, SA = { 5e0ea230 7e54692b - e017a7ab 56a0eaea } / 00000000, remote = REMOTE_IP:500 [Oct 14 10:46:48][LOCAL_IP <-> REMOTE_IP] ike_sa_find: Not found SA = { 5e0ea230 7e54692b - e017a7ab 56a0eaea } [Oct 14 10:46:48][LOCAL_IP <-> REMOTE_IP] ike_sa_find_half: Found half SA = { 5e0ea230 7e54692b - 00000000 00000000 } [Oct 14 10:46:48][LOCAL_IP <-> REMOTE_IP] ike_get_sa: We are intiator, first response packet [Oct 14 10:46:48][LOCAL_IP <-> REMOTE_IP] ike_sa_upgrade: Start, SA = { 5e0ea230 7e54692b - 00000000 00000000 } -> { ... - e017a7ab 56a0eaea } [Oct 14 10:46:48][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { 5e0ea230 7e54692b - e017a7ab 56a0eaea [-1] / 0x00000000 } IP; Packet to old negotiation [Oct 14 10:46:48][LOCAL_IP <-> REMOTE_IP] ike_decode_packet: Start [Oct 14 10:46:48][LOCAL_IP <-> REMOTE_IP] ike_decode_packet: Start, SA = { 5e0ea230 7e54692b - e017a7ab 56a0eaea} / 00000000, nego = -1 [Oct 14 10:46:48][LOCAL_IP <-> REMOTE_IP] ike_decode_payload_sa: Start [Oct 14 10:46:48][LOCAL_IP <-> REMOTE_IP] ike_decode_payload_sa: Found 1 proposals [Oct 14 10:46:48][LOCAL_IP <-> REMOTE_IP] ike_decode_payload_t: Start, # trans = 1 [Oct 14 10:46:48][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { 5e0ea230 7e54692b - e017a7ab 56a0eaea [-1] / 0x00000000 } IP; Version = 1.0, Input packet fields = 0401 SA VID [Oct 14 10:46:48][LOCAL_IP <-> REMOTE_IP] ike_state_step: Current state = MM SA I (3)/-1, exchange = 2, auth_method = pre shared key, Initiator [Oct 14 10:46:48][LOCAL_IP <-> REMOTE_IP] ike_st_i_sa_value: Start [Oct 14 10:46:48][LOCAL_IP <-> REMOTE_IP] ike_st_i_cr: Start [Oct 14 10:46:48][LOCAL_IP <-> REMOTE_IP] ike_st_i_cert: Start [Oct 14 10:46:48][LOCAL_IP <-> REMOTE_IP] ike_st_i_vid: VID[0..8] = 09002689 dfd6b712 ... [Oct 14 10:46:48][LOCAL_IP <-> REMOTE_IP] ike_st_i_vid: VID[0..16] = afcad713 68a1f1c9 ... [Oct 14 10:46:48][LOCAL_IP <-> REMOTE_IP] ike_st_i_vid: VID[0..16] = 12f5f28c 457168a9 ... [Oct 14 10:46:48][LOCAL_IP <-> REMOTE_IP] ike_st_i_vid: VID[0..16] = 4a131c81 07035845 ... [Oct 14 10:46:48][LOCAL_IP <-> REMOTE_IP] ike_st_i_private: Start [Oct 14 10:46:48][LOCAL_IP <-> REMOTE_IP] ike_st_o_ke: Start [Oct 14 10:46:48][LOCAL_IP <-> REMOTE_IP] iked_dh_get_group: DH Group 2 [Oct 14 10:46:48][LOCAL_IP <-> REMOTE_IP] iked_dh_generate_sync: Requested DH group 2 [Oct 14 10:46:48][LOCAL_IP <-> REMOTE_IP] iked_dh_generate_sync: Generated DH keys using hardware for DH group 2 [Oct 14 10:46:48][LOCAL_IP <-> REMOTE_IP] juniper_dlp_diffie_hellman_generate_async: DH Generate Secs [0] USecs [5835] [Oct 14 10:46:48][LOCAL_IP <-> REMOTE_IP] juniper_dlp_diffie_hellman_generate_async: Generated DH using hardware [Oct 14 10:46:48][LOCAL_IP <-> REMOTE_IP] ike_st_o_nonce: Start [Oct 14 10:46:48][LOCAL_IP <-> REMOTE_IP] ike_policy_reply_isakmp_nonce_data_len: Start [Oct 14 10:46:48][LOCAL_IP <-> REMOTE_IP] ike_st_o_private: Start [Oct 14 10:46:48][LOCAL_IP <-> REMOTE_IP] ike_policy_reply_private_payload_out: Start [Oct 14 10:46:48][LOCAL_IP <-> REMOTE_IP] ike_policy_reply_private_payload_out: Start [Oct 14 10:46:48][LOCAL_IP <-> REMOTE_IP] ike_policy_reply_private_payload_out: Start [Oct 14 10:46:48][LOCAL_IP <-> REMOTE_IP] ike_state_step: All done, new state = MM KE I (5) [Oct 14 10:46:48][LOCAL_IP <-> REMOTE_IP] ike_encode_packet: Start, SA = { 0x5e0ea230 7e54692b - e017a7ab 56a0eaea } / 00000000, nego = -1 [Oct 14 10:46:48][LOCAL_IP <-> REMOTE_IP] ike_encode_packet: Final length = 228 [Oct 14 10:46:48][LOCAL_IP <-> REMOTE_IP] ike_send_packet: Start, send SA = { 5e0ea230 7e54692b - e017a7ab 56a0eaea}, nego = -1, dst = REMOTE_IP:500, routing table id = 0 [Oct 14 10:46:48][LOCAL_IP <-> REMOTE_IP] ike_sa_find: Found SA = { 5e0ea230 7e54692b - e017a7ab 56a0eaea } [Oct 14 10:46:48][LOCAL_IP <-> REMOTE_IP] ikev2_packet_v1_start: Passing IKE v1.0 packet to IKEv1 library [Oct 14 10:46:48][LOCAL_IP <-> REMOTE_IP] ike_get_sa: Start, SA = { 5e0ea230 7e54692b - e017a7ab 56a0eaea } / 00000000, remote = REMOTE_IP:500 [Oct 14 10:46:48][LOCAL_IP <-> REMOTE_IP] ike_sa_find: Found SA = { 5e0ea230 7e54692b - e017a7ab 56a0eaea } [Oct 14 10:46:48][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { 5e0ea230 7e54692b - e017a7ab 56a0eaea [-1] / 0x00000000 } IP; Packet to old negotiation [Oct 14 10:46:48][LOCAL_IP <-> REMOTE_IP] ike_decode_packet: Start [Oct 14 10:46:48][LOCAL_IP <-> REMOTE_IP] ike_decode_packet: Start, SA = { 5e0ea230 7e54692b - e017a7ab 56a0eaea} / 00000000, nego = -1 [Oct 14 10:46:48][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { 5e0ea230 7e54692b - e017a7ab 56a0eaea [-1] / 0x00000000 } IP; Version = 1.0, Input packet fields = 0012 KE NONCE [Oct 14 10:46:48][LOCAL_IP <-> REMOTE_IP] ike_state_step: Current state = MM KE I (5)/-1, exchange = 2, auth_method = pre shared key, Initiator [Oct 14 10:46:48][LOCAL_IP <-> REMOTE_IP] ike_st_i_nonce: Start, nonce[0..32] = 4420d5a0 d63a2cd9 ... [Oct 14 10:46:48][LOCAL_IP <-> REMOTE_IP] ike_st_i_ke: Ke[0..128] = 722c7a15 287ba80a ... [Oct 14 10:46:48][LOCAL_IP <-> REMOTE_IP] ike_st_i_cr: Start [Oct 14 10:46:48][LOCAL_IP <-> REMOTE_IP] ike_st_i_cert: Start [Oct 14 10:46:48][LOCAL_IP <-> REMOTE_IP] ike_st_i_private: Start [Oct 14 10:46:48][LOCAL_IP <-> REMOTE_IP] ike_st_o_id: Start [Oct 14 10:46:48][LOCAL_IP <-> REMOTE_IP] ike_st_o_hash: Start [Oct 14 10:46:48][LOCAL_IP <-> REMOTE_IP] iked_dh_get_group: DH Group 2 [Oct 14 10:46:48][LOCAL_IP <-> REMOTE_IP] iked_dh_compute_synch: Requested DH group 2 [Oct 14 10:46:48][LOCAL_IP <-> REMOTE_IP] juniper_dlp_diffie_hellman_final_async: DH Compute Secs [0] USecs [5217] [Oct 14 10:46:48][LOCAL_IP <-> REMOTE_IP] juniper_dlp_diffie_hellman_final_async: Computed DH using hardware [Oct 14 10:46:48][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { 5e0ea230 7e54692b - e017a7ab 56a0eaea [-1] / 0x00000000 } IP; Diffie-hellman secret g^xy[128] = 0xdab35d86 2b77acc6 d3a85e9e cafd2bd0 da [Oct 14 10:46:48][LOCAL_IP <-> REMOTE_IP] ike_find_pre_shared_key: Find pre shared key key for LOCAL_IP:500, id = ipv4(any:0,[0..3]=LOCAL_IP) -> REMOTE_IP:500, id = No Id [Oct 14 10:46:48][LOCAL_IP <-> REMOTE_IP] ike_policy_reply_find_pre_shared_key: Start [Oct 14 10:46:48][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { 5e0ea230 7e54692b - e017a7ab 56a0eaea [-1] / 0x00000000 } IP; Hash algorithm = hmac-sha1 [Oct 14 10:46:48][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { 5e0ea230 7e54692b - e017a7ab 56a0eaea [-1] / 0x00000000 } IP; Prf key[11] = 0x32303135 4d696172 657465 [Oct 14 10:46:48][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { 5e0ea230 7e54692b - e017a7ab 56a0eaea [-1] / 0x00000000 } IP; Calculating SKEYID [Oct 14 10:46:48][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { 5e0ea230 7e54692b - e017a7ab 56a0eaea [-1] / 0x00000000 } IP; Output of SKEYID hash[20] = 0xe8486ba2 14a9e9b0 22adc819 9962a410 71abe100 [Oct 14 10:46:48][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { 5e0ea230 7e54692b - e017a7ab 56a0eaea [-1] / 0x00000000 } IP; Output of SKEYID_d hash[20] = 0x1ecba272 484507c6 ff0527f0 459f289c 58f70c [Oct 14 10:46:48][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { 5e0ea230 7e54692b - e017a7ab 56a0eaea [-1] / 0x00000000 } IP; Output of SKEYID_a hash[20] = 0x7c832241 7dbceba5 16947f1b 1b874846 17a44b [Oct 14 10:46:48][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { 5e0ea230 7e54692b - e017a7ab 56a0eaea [-1] / 0x00000000 } IP; Output SKEYID_e hash[20] = 0x91468225 433f8b13 8af7e557 9d2a5af0 54ec406a [Oct 14 10:46:48][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { 5e0ea230 7e54692b - e017a7ab 56a0eaea [-1] / 0x00000000 } IP; Final encryption key[16] = 0x91468225 433f8b13 8af7e557 9d2a5af0 [Oct 14 10:46:48][LOCAL_IP <-> REMOTE_IP] ike_calc_mac: Start, initiator = true, local = true [Oct 14 10:46:48][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { 5e0ea230 7e54692b - e017a7ab 56a0eaea [-1] / 0x00000000 } IP; Output of HASH_I hash[20] = 0x0542a760 8dda1e1a f0a3e663 cfedeafd 47943d3b [Oct 14 10:46:48][LOCAL_IP <-> REMOTE_IP] ike_st_o_status_n: Start [Oct 14 10:46:48][LOCAL_IP <-> REMOTE_IP] ike_st_o_private: Start [Oct 14 10:46:48][LOCAL_IP <-> REMOTE_IP] ike_policy_reply_private_payload_out: Start [Oct 14 10:46:48][LOCAL_IP <-> REMOTE_IP] ike_st_o_encrypt: Marking encryption for packet [Oct 14 10:46:48][LOCAL_IP <-> REMOTE_IP] ike_state_step: All done, new state = MM final I (7) [Oct 14 10:46:48][LOCAL_IP <-> REMOTE_IP] ike_encode_packet: Start, SA = { 0x5e0ea230 7e54692b - e017a7ab 56a0eaea } / 00000000, nego = -1 [Oct 14 10:46:48][LOCAL_IP <-> REMOTE_IP] ike_encode_packet: Encrypting packet [Oct 14 10:46:48][LOCAL_IP <-> REMOTE_IP] ike_encode_packet: Final length = 76 [Oct 14 10:46:48][LOCAL_IP <-> REMOTE_IP] ike_send_packet: Start, send SA = { 5e0ea230 7e54692b - e017a7ab 56a0eaea}, nego = -1, dst = REMOTE_IP:500, routing table id = 0 [Oct 14 10:46:48][LOCAL_IP <-> REMOTE_IP] ike_sa_find: Found SA = { 5e0ea230 7e54692b - e017a7ab 56a0eaea } [Oct 14 10:46:48][LOCAL_IP <-> REMOTE_IP] ikev2_packet_v1_start: Passing IKE v1.0 packet to IKEv1 library [Oct 14 10:46:48][LOCAL_IP <-> REMOTE_IP] ike_get_sa: Start, SA = { 5e0ea230 7e54692b - e017a7ab 56a0eaea } / 00000000, remote = REMOTE_IP:500 [Oct 14 10:46:48][LOCAL_IP <-> REMOTE_IP] ike_sa_find: Found SA = { 5e0ea230 7e54692b - e017a7ab 56a0eaea } [Oct 14 10:46:48][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { 5e0ea230 7e54692b - e017a7ab 56a0eaea [-1] / 0x00000000 } IP; Packet to old negotiation [Oct 14 10:46:48][LOCAL_IP <-> REMOTE_IP] ike_decode_packet: Start [Oct 14 10:46:48][LOCAL_IP <-> REMOTE_IP] ike_decode_packet: Start, SA = { 5e0ea230 7e54692b - e017a7ab 56a0eaea} / 00000000, nego = -1 [Oct 14 10:46:48][LOCAL_IP <-> REMOTE_IP] ike_decode_packet: Decrypting packet [Oct 14 10:46:48][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { 5e0ea230 7e54692b - e017a7ab 56a0eaea [-1] / 0x00000000 } IP; Version = 1.0, Input packet fields = 0024 ID HASH [Oct 14 10:46:48][LOCAL_IP <-> REMOTE_IP] ike_state_step: Current state = MM final I (7)/-1, exchange = 2, auth_method = pre shared key, Initiator [Oct 14 10:46:48][LOCAL_IP <-> REMOTE_IP] ike_st_i_encrypt: Check that packet was encrypted succeeded [Oct 14 10:46:48][LOCAL_IP <-> REMOTE_IP] ike_st_i_id: Start [Oct 14 10:46:48][LOCAL_IP <-> REMOTE_IP] ike_st_i_hash: Start, hash[0..20] = 21fea023 264449e7 ... [Oct 14 10:46:48][LOCAL_IP <-> REMOTE_IP] ike_calc_mac: Start, initiator = true, local = false [Oct 14 10:46:48][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { 5e0ea230 7e54692b - e017a7ab 56a0eaea [-1] / 0x00000000 } IP; Output of HASH_R hash[20] = 0x21fea023 264449e7 3793995f f91bb83a 3d88b8c7 [Oct 14 10:46:48][LOCAL_IP <-> REMOTE_IP] ike_st_i_cert: Start [Oct 14 10:46:48][LOCAL_IP <-> REMOTE_IP] ike_st_i_private: Start [Oct 14 10:46:48][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { 5e0ea230 7e54692b - e017a7ab 56a0eaea [-1] / 0x00000000 } IP; dec->enc iv[16] = 0xa49f2892 a80c695e da7c3330 59482e88 [Oct 14 10:46:48][LOCAL_IP <-> REMOTE_IP] ike_st_o_wait_done: Marking for waiting for done [Oct 14 10:46:48][LOCAL_IP <-> REMOTE_IP] ike_st_o_all_done: MESSAGE: Phase 1 { 0x5e0ea230 7e54692b - 0xe017a7ab 56a0eaea } / 00000000, version = 1.0, xchg = Identity protect, auth_method = Pre shared keys, Initiator, cipher = aes- [Oct 14 10:46:48][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { 5e0ea230 7e54692b - e017a7ab 56a0eaea [-1] / 0x00000000 } IP; MESSAGE: Phase 1 version = 1.0, auth_method = Pre shared keys, cipher = ae [Oct 14 10:46:48][LOCAL_IP <-> REMOTE_IP] ike_state_step: All done, new state = MM done I (9) [Oct 14 10:46:48][LOCAL_IP <-> REMOTE_IP] ikev2_fallback_negotiation_free: Fallback negotiation dfc800 has still 1 references [Oct 14 10:46:48][LOCAL_IP <-> REMOTE_IP] ike_send_notify: Connected, SA = { 5e0ea230 7e54692b - e017a7ab 56a0eaea}, nego = -1 [Oct 14 10:46:48][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { 5e0ea230 7e54692b - e017a7ab 56a0eaea [-1] / 0x00000000 } IP; Connected [Oct 14 10:46:48][LOCAL_IP <-> REMOTE_IP] ike_process_packet: No output packet, returning [Oct 14 10:46:48][LOCAL_IP <-> REMOTE_IP] iked_pm_ike_sa_done: local:LOCAL_IP, remote:REMOTE_IP IKEv1 [Oct 14 10:46:48][LOCAL_IP <-> REMOTE_IP] IKE negotiation done for local:LOCAL_IP, remote:REMOTE_IP IKEv1 with status: Error ok [Oct 14 10:46:48][LOCAL_IP <-> REMOTE_IP] Parsing notification payload for local:LOCAL_IP, remote:REMOTE_IP IKEv1 [Oct 14 10:46:48][LOCAL_IP <-> REMOTE_IP] P1 SA 2593434 stop timer. timer duration 30, reason 1. [Oct 14 10:46:48][LOCAL_IP <-> REMOTE_IP] ssh_ike_connect_notify: Start, remote_name = :500, flags = 00010000 [Oct 14 10:46:48][LOCAL_IP <-> REMOTE_IP] ike_sa_find_ip_port: Remote = all:500, Found SA = { 5e0ea230 7e54692b - e017a7ab 56a0eaea} [Oct 14 10:46:48][LOCAL_IP <-> REMOTE_IP] ike_alloc_negotiation: Start, SA = { 5e0ea230 7e54692b - e017a7ab 56a0eaea} [Oct 14 10:46:48][LOCAL_IP <-> REMOTE_IP] ike_alloc_negotiation: Found slot 0, max 1 [Oct 14 10:46:48][LOCAL_IP <-> REMOTE_IP] :500 (Initiator) <-> REMOTE_IP:500 { 5e0ea230 7e54692b - e017a7ab 56a0eaea [0] / 0xbe9e1232 } Info; Output of phase 2 IV hash[16] = 0x77cd649e 1e4c1c92 3e3ca5a8 a11d04fe [Oct 14 10:46:48][LOCAL_IP <-> REMOTE_IP] ike_init_info_exchange: Created random message id = be9e1232 [Oct 14 10:46:48][LOCAL_IP <-> REMOTE_IP] ike_init_info_exchange: Phase 1 done, use HASH and N or D payload [Oct 14 10:46:48][LOCAL_IP <-> REMOTE_IP] ssh_ike_connect_notify: SA = { 5e0ea230 7e54692b - e017a7ab 56a0eaea}, nego = 0 [Oct 14 10:46:48][LOCAL_IP <-> REMOTE_IP] :500 (Initiator) <-> REMOTE_IP:500 { 5e0ea230 7e54692b - e017a7ab 56a0eaea [0] / 0xbe9e1232 } Info; Start notify negotiation [Oct 14 10:46:48][LOCAL_IP <-> REMOTE_IP] ike_encode_packet: Start, SA = { 0x5e0ea230 7e54692b - e017a7ab 56a0eaea } / be9e1232, nego = 0 [Oct 14 10:46:48][LOCAL_IP <-> REMOTE_IP] ike_encode_packet: Encrypting packet [Oct 14 10:46:48][LOCAL_IP <-> REMOTE_IP] ike_encode_packet: Final length = 92 [Oct 14 10:46:48][LOCAL_IP <-> REMOTE_IP] ssh_ike_connect_notify: Sending notification to (null):500 [Oct 14 10:46:48][LOCAL_IP <-> REMOTE_IP] ike_send_packet: Start, send SA = { 5e0ea230 7e54692b - e017a7ab 56a0eaea}, nego = 0, dst = REMOTE_IP:500, routing table id = 0 [Oct 14 10:46:48][LOCAL_IP <-> REMOTE_IP] ike_delete_negotiation: Start, SA = { 5e0ea230 7e54692b - e017a7ab 56a0eaea}, nego = 0 [Oct 14 10:46:48][LOCAL_IP <-> REMOTE_IP] :500 (Initiator) <-> REMOTE_IP:500 { 5e0ea230 7e54692b - e017a7ab 56a0eaea [0] / 0xbe9e1232 } Info; Deleting negotiation [Oct 14 10:46:48][LOCAL_IP <-> REMOTE_IP] ike_free_negotiation_info: Start, nego = 0 [Oct 14 10:46:48][LOCAL_IP <-> REMOTE_IP] ike_free_negotiation: Start, nego = 0 [Oct 14 10:46:48][LOCAL_IP <-> REMOTE_IP] iked_pm_ike_info_done_callback: P1 SA 2593434 (ref 2). pending req? 0, status: Error ok [Oct 14 10:46:48][LOCAL_IP <-> REMOTE_IP] ikev2_fallback_negotiation_free: Freeing fallback negotiation dfc800 [Oct 14 10:46:48][LOCAL_IP <-> REMOTE_IP] ike_sa_find: Found SA = { 5e0ea230 7e54692b - e017a7ab 56a0eaea } [Oct 14 10:46:48][LOCAL_IP <-> REMOTE_IP] ikev2_packet_v1_start: Passing IKE v1.0 packet to IKEv1 library [Oct 14 10:46:48][LOCAL_IP <-> REMOTE_IP] ike_get_sa: Start, SA = { 5e0ea230 7e54692b - e017a7ab 56a0eaea } / b72c9ed0, remote = REMOTE_IP:500 [Oct 14 10:46:48][LOCAL_IP <-> REMOTE_IP] ike_sa_find: Found SA = { 5e0ea230 7e54692b - e017a7ab 56a0eaea } [Oct 14 10:46:48][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { 5e0ea230 7e54692b - e017a7ab 56a0eaea [-1] / 0x00000000 } IP; Version = 1.0, Input packet fields = 0024 ID HASH [Oct 14 10:46:48][LOCAL_IP <-> REMOTE_IP] ike_state_step: Current state = MM done I (9)/-1, exchange = 2, auth_method = pre shared key, Initiator [Oct 14 10:46:48][LOCAL_IP <-> REMOTE_IP] ike_st_o_done: ISAKMP SA negotiation done [Oct 14 10:46:48][LOCAL_IP <-> REMOTE_IP] ike_state_step: All done, new state = Done (30) [Oct 14 10:46:48][LOCAL_IP <-> REMOTE_IP] ike_udp_callback_common: Connected, sending notify [Oct 14 10:46:48][LOCAL_IP <-> REMOTE_IP] ike_send_notify: Connected, SA = { 5e0ea230 7e54692b - e017a7ab 56a0eaea}, nego = -1 [Oct 14 10:46:48][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { 5e0ea230 7e54692b - e017a7ab 56a0eaea [-1] / 0x00000000 } IP; Connected [Oct 14 10:46:48][LOCAL_IP <-> REMOTE_IP] ike_free_negotiation_isakmp: Start, nego = -1 [Oct 14 10:46:48][LOCAL_IP <-> REMOTE_IP] ike_free_negotiation: Start, nego = -1 [Oct 14 10:46:48][LOCAL_IP <-> REMOTE_IP] ike_alloc_negotiation: Start, SA = { 5e0ea230 7e54692b - e017a7ab 56a0eaea} [Oct 14 10:46:48][LOCAL_IP <-> REMOTE_IP] ike_alloc_negotiation: Found slot 0, max 1 [Oct 14 10:46:48][LOCAL_IP <-> REMOTE_IP] ike_init_cfg_negotiation: Start, initiator = 0, message_id = b72c9ed0 [Oct 14 10:46:48][LOCAL_IP <-> REMOTE_IP] :500 (Responder) <-> REMOTE_IP:500 { 5e0ea230 7e54692b - e017a7ab 56a0eaea [0] / 0xb72c9ed0 } CFG; New negotiation [Oct 14 10:46:48][LOCAL_IP <-> REMOTE_IP] ikev2_fallback_negotiation_alloc: Allocated fallback negotiation dfc800 [Oct 14 10:46:48][LOCAL_IP <-> REMOTE_IP] ikev2_fb_alloc_cfgmode_negotiation: Accepting new Cfg/XAuth negotiation: local=:500, remote=REMOTE_IP:500 [Oct 14 10:46:48][LOCAL_IP <-> REMOTE_IP] :500 (Responder) <-> REMOTE_IP:500 { 5e0ea230 7e54692b - e017a7ab 56a0eaea [0] / 0xb72c9ed0 } CFG; Output of phase 2 IV hash[16] = 0x73f74f50 28ac5acc f2db0f93 3b6745f0 [Oct 14 10:46:48][LOCAL_IP <-> REMOTE_IP] ike_decode_packet: Start [Oct 14 10:46:48][LOCAL_IP <-> REMOTE_IP] ike_decode_packet: Start, SA = { 5e0ea230 7e54692b - e017a7ab 56a0eaea} / b72c9ed0, nego = 0 [Oct 14 10:46:48][LOCAL_IP <-> REMOTE_IP] ike_decode_packet: Decrypting packet [Oct 14 10:46:48][LOCAL_IP <-> REMOTE_IP] ike_decode_payload_attr: Start [Oct 14 10:46:48][LOCAL_IP <-> REMOTE_IP] :500 (Responder) <-> REMOTE_IP:500 { 5e0ea230 7e54692b - e017a7ab 56a0eaea [0] / 0xb72c9ed0 } CFG; Version = 1.0, Input packet fields = 0820 HASH ATTR [Oct 14 10:46:48][LOCAL_IP <-> REMOTE_IP] ike_state_step: Current state = Start CFG R (26)/-1, exchange = 6, auth_method = any, Responder [Oct 14 10:46:48][LOCAL_IP <-> REMOTE_IP] ike_st_i_encrypt: Check that packet was encrypted succeeded [Oct 14 10:46:48][LOCAL_IP <-> REMOTE_IP] ike_st_i_gen_hash: Start, hash[0..20] = b687d3f7 c3807e53 ... [Oct 14 10:46:48][LOCAL_IP <-> REMOTE_IP] ike_st_i_cfg_attr: Start [Oct 14 10:46:48][LOCAL_IP <-> REMOTE_IP] ike_process_packet: No output packet, returning [Oct 14 10:46:48][LOCAL_IP <-> REMOTE_IP] ike_cfg_attrs_reply: Start [Oct 14 10:46:48][LOCAL_IP <-> REMOTE_IP] ikev2_fallback_negotiation_free: Fallback negotiation dfc800 has still 2 references [Oct 14 10:46:48][LOCAL_IP <-> REMOTE_IP] ikev2_fallback_negotiation_free: Fallback negotiation dfc800 has still 1 references [Oct 14 10:46:48][LOCAL_IP <-> REMOTE_IP] ikev2_fallback_negotiation_free: Freeing fallback negotiation dfc800 [Oct 14 10:46:48][LOCAL_IP <-> REMOTE_IP] ike_sa_find: Found SA = { 5e0ea230 7e54692b - e017a7ab 56a0eaea } [Oct 14 10:46:48][LOCAL_IP <-> REMOTE_IP] ikev2_packet_v1_start: Passing IKE v1.0 packet to IKEv1 library [Oct 14 10:46:48][LOCAL_IP <-> REMOTE_IP] ike_get_sa: Start, SA = { 5e0ea230 7e54692b - e017a7ab 56a0eaea } / c1b1f7d1, remote = REMOTE_IP:500 [Oct 14 10:46:48][LOCAL_IP <-> REMOTE_IP] ike_sa_find: Found SA = { 5e0ea230 7e54692b - e017a7ab 56a0eaea } [Oct 14 10:46:48][LOCAL_IP <-> REMOTE_IP] ike_alloc_negotiation: Start, SA = { 5e0ea230 7e54692b - e017a7ab 56a0eaea} [Oct 14 10:46:48][LOCAL_IP <-> REMOTE_IP] ike_alloc_negotiation: Found slot 1, max 2 [Oct 14 10:46:48][LOCAL_IP <-> REMOTE_IP] :500 (Responder) <-> REMOTE_IP:500 { 5e0ea230 7e54692b - e017a7ab 56a0eaea [1] / 0xc1b1f7d1 } Info; New informational negotiation [Oct 14 10:46:48][LOCAL_IP <-> REMOTE_IP] :500 (Responder) <-> REMOTE_IP:500 { 5e0ea230 7e54692b - e017a7ab 56a0eaea [1] / 0xc1b1f7d1 } Info; Packet to old negotiation [Oct 14 10:46:48][LOCAL_IP <-> REMOTE_IP] :500 (Responder) <-> REMOTE_IP:500 { 5e0ea230 7e54692b - e017a7ab 56a0eaea [1] / 0xc1b1f7d1 } Info; Output of phase 2 IV hash[16] = 0xec04cb99 a40b48f9 cfb0899f 4ddc1aef [Oct 14 10:46:48][LOCAL_IP <-> REMOTE_IP] ike_decode_packet: Start [Oct 14 10:46:48][LOCAL_IP <-> REMOTE_IP] ike_decode_packet: Start, SA = { 5e0ea230 7e54692b - e017a7ab 56a0eaea} / c1b1f7d1, nego = 1 [Oct 14 10:46:48][LOCAL_IP <-> REMOTE_IP] ike_decode_packet: Decrypting packet [Oct 14 10:46:48][LOCAL_IP <-> REMOTE_IP] :500 (Responder) <-> REMOTE_IP:500 { 5e0ea230 7e54692b - e017a7ab 56a0eaea [1] / 0xc1b1f7d1 } Info; Version = 1.0, Input packet fields = 0220 HASH N [Oct 14 10:46:48][LOCAL_IP <-> REMOTE_IP] ike_state_step: Current state = Done (30)/-1, exchange = 5, auth_method = any, Responder [Oct 14 10:46:48][LOCAL_IP <-> REMOTE_IP] ike_st_i_encrypt: Check that packet was encrypted succeeded [Oct 14 10:46:48][LOCAL_IP <-> REMOTE_IP] ike_st_i_gen_hash: Start, hash[0..20] = dcff9b9f b7b7b0ea ... [Oct 14 10:46:48][LOCAL_IP <-> REMOTE_IP] ike_st_i_n: Start, doi = 1, protocol = 1, code = Payload malformed (16), spi[0..0] = 00000000 00000000 ..., data[0..0] = 00000000 00000000 ... [Oct 14 10:46:48][LOCAL_IP <-> REMOTE_IP] :500 (Responder) <-> REMOTE_IP:500 { 5e0ea230 7e54692b - e017a7ab 56a0eaea [1] / 0xc1b1f7d1 } Info; Received notify err = Payload malformed (16) to isakmp sa, delete it [Oct 14 10:46:48][LOCAL_IP <-> REMOTE_IP] ike_st_i_private: Start [Oct 14 10:46:48][LOCAL_IP <-> REMOTE_IP] ike_state_step: All done, new state = Done (30) [Oct 14 10:46:48][LOCAL_IP <-> REMOTE_IP] ike_process_packet: Connected, sending notify [Oct 14 10:46:48][LOCAL_IP <-> REMOTE_IP] ike_send_notify: Connected, SA = { 5e0ea230 7e54692b - e017a7ab 56a0eaea}, nego = 1 [Oct 14 10:46:48][LOCAL_IP <-> REMOTE_IP] :500 (Responder) <-> REMOTE_IP:500 { 5e0ea230 7e54692b - e017a7ab 56a0eaea [1] / 0xc1b1f7d1 } Info; Connected [Oct 14 10:46:48][LOCAL_IP <-> REMOTE_IP] ike_delete_negotiation: Start, SA = { 5e0ea230 7e54692b - e017a7ab 56a0eaea}, nego = 1 [Oct 14 10:46:48][LOCAL_IP <-> REMOTE_IP] :500 (Responder) <-> REMOTE_IP:500 { 5e0ea230 7e54692b - e017a7ab 56a0eaea [1] / 0xc1b1f7d1 } Info; Deleting negotiation [Oct 14 10:46:48][LOCAL_IP <-> REMOTE_IP] ike_free_negotiation_info: Start, nego = 1 [Oct 14 10:46:48][LOCAL_IP <-> REMOTE_IP] ike_free_negotiation: Start, nego = 1 [Oct 14 10:46:48][LOCAL_IP <-> REMOTE_IP] ike_remove_callback: Start, delete SA = { 5e0ea230 7e54692b - e017a7ab 56a0eaea}, nego = -1 [Oct 14 10:46:48][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { 5e0ea230 7e54692b - e017a7ab 56a0eaea [-1] / unknown } IP; Removing negotiation [Oct 14 10:46:48][LOCAL_IP <-> REMOTE_IP] ike_delete_negotiation: Start, SA = { 5e0ea230 7e54692b - e017a7ab 56a0eaea}, nego = -1 [Oct 14 10:46:48][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { 5e0ea230 7e54692b - e017a7ab 56a0eaea [-1] / unknown } IP; Deleting negotiation [Oct 14 10:46:48][LOCAL_IP <-> REMOTE_IP] ssh_ike_tunnel_table_entry_delete: Deleting tunnel_id: 0 from IKE tunnel table [Oct 14 10:46:48][LOCAL_IP <-> REMOTE_IP] ssh_ike_tunnel_table_entry_delete: The tunnel id: 0 doesn't exist in IKE tunnel table [Oct 14 10:46:48][LOCAL_IP <-> REMOTE_IP] ike_sa_delete: Start, SA = { 5e0ea230 7e54692b - e017a7ab 56a0eaea } [Oct 14 10:46:48][LOCAL_IP <-> REMOTE_IP] ike_free_negotiation_cfg: Start, nego = 0 [Oct 14 10:46:48][LOCAL_IP <-> REMOTE_IP] ike_free_negotiation: Start, nego = 0 [Oct 14 10:46:48][LOCAL_IP <-> REMOTE_IP] ike_free_negotiation_isakmp: Start, nego = -1 [Oct 14 10:46:48][LOCAL_IP <-> REMOTE_IP] ike_free_negotiation: Start, nego = -1 [Oct 14 10:46:48][LOCAL_IP <-> REMOTE_IP] ikev2_fb_isakmp_sa_freed: Received notification from the ISAKMP library that the IKE SA df6400 is freed [Oct 14 10:46:48][LOCAL_IP <-> REMOTE_IP] IKE SA delete called for p1 sa 2593434 (ref cnt 1) local:LOCAL_IP, remote:REMOTE_IP, IKEv1 [Oct 14 10:46:48][LOCAL_IP <-> REMOTE_IP] P1 SA 2593434 stop timer. timer duration 30, reason 0. [Oct 14 10:46:48][LOCAL_IP <-> REMOTE_IP] iked_pm_p1_sa_destroy: p1 sa 2593434 (ref cnt 0), waiting_for_del 0x0 [Oct 14 10:46:48][LOCAL_IP <-> REMOTE_IP] iked_peer_remove_p1sa_entry: Remove p1 sa 2593434 from peer entry 0x9cc400 [Oct 14 10:46:48][LOCAL_IP <-> REMOTE_IP] ike_free_id_payload: Start, id type = 1 [Oct 14 10:46:48][LOCAL_IP <-> REMOTE_IP] ike_free_id_payload: Start, id type = 1 [Oct 14 10:46:48][LOCAL_IP <-> REMOTE_IP] ike_free_sa: Start [Oct 14 10:46:52][LOCAL_IP <-> REMOTE_IP] ike_sa_find: Not found SA = { 5e0ea230 7e54692b - e017a7ab 56a0eaea } [Oct 14 10:46:52][LOCAL_IP <-> REMOTE_IP] ikev2_packet_v1_start: Passing IKE v1.0 packet to IKEv1 library [Oct 14 10:46:52][LOCAL_IP <-> REMOTE_IP] ike_get_sa: Start, SA = { 5e0ea230 7e54692b - e017a7ab 56a0eaea } / b72c9ed0, remote = REMOTE_IP:500 [Oct 14 10:46:52][LOCAL_IP <-> REMOTE_IP] ike_sa_find: Not found SA = { 5e0ea230 7e54692b - e017a7ab 56a0eaea } [Oct 14 10:46:52][LOCAL_IP <-> REMOTE_IP] ike_sa_find_half: Not found half SA = { 5e0ea230 7e54692b - 00000000 00000000 } [Oct 14 10:46:52][LOCAL_IP <-> REMOTE_IP] ike_get_sa: Invalid cookie, no sa found, SA = { 5e0ea230 7e54692b - e017a7ab 56a0eaea } / b72c9ed0, remote = REMOTE_IP:500 [Oct 14 10:46:52][LOCAL_IP <-> REMOTE_IP] iked_pv_audit_callback: Empty SSH audit event [Oct 14 10:46:52][LOCAL_IP <-> REMOTE_IP] unknown (unknown) <-> unknown { unknown [unknown] / unknown } unknown; Packet to unknown Isakmp SA, ip = REMOTE_IP:500 [Oct 14 10:46:58][LOCAL_IP <-> REMOTE_IP] Received DPD Trigger message with local_gw_addr = LOCAL_IP remote_gw_addr = REMOTE_IP [Oct 14 10:46:58][LOCAL_IP <-> REMOTE_IP] DPD -> TTL decrement 4 (no-response) for remote peer REMOTE_IP [Oct 14 10:46:58][LOCAL_IP <-> REMOTE_IP] P1 SA 2593435 start timer. timer duration 30, reason 1. [Oct 14 10:46:58][LOCAL_IP <-> REMOTE_IP] iked_peer_insert_p1sa_entry: Insert p1 sa 2593435 in peer entry 0x9cc400 [Oct 14 10:46:58][LOCAL_IP <-> REMOTE_IP] ikev2_fallback_negotiation_alloc: Allocated fallback negotiation dfc800 [Oct 14 10:46:58][LOCAL_IP <-> REMOTE_IP] Parsing notification payload for local:LOCAL_IP, remote:REMOTE_IP IKEv1 [Oct 14 10:46:58][LOCAL_IP <-> REMOTE_IP] IKE SA fill called for negotiation of local:LOCAL_IP, remote:REMOTE_IP IKEv1 [Oct 14 10:46:58][LOCAL_IP <-> REMOTE_IP] ikev2_fallback_negotiation_free: Fallback negotiation dfc800 has still 1 references [Oct 14 10:46:58][LOCAL_IP <-> REMOTE_IP] ssh_ike_connect: Start, remote_name = REMOTE_IP:500, xchg = 2, flags = 00080000 [Oct 14 10:46:58][LOCAL_IP <-> REMOTE_IP] ike_sa_allocate: Start, SA = { 01925c37 2be4134d - 00000000 00000000 } [Oct 14 10:46:58][LOCAL_IP <-> REMOTE_IP] ike_init_isakmp_sa: Start, remote = REMOTE_IP:500, initiator = 1 [Oct 14 10:46:58][LOCAL_IP <-> REMOTE_IP] ssh_ike_connect: SA = { 01925c37 2be4134d - 00000000 00000000}, nego = -1 [Oct 14 10:46:58][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { 01925c37 2be4134d - 00000000 00000000 [-1] / 0x00000000 } IP; Start isakmp sa negotiation [Oct 14 10:46:58][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { 01925c37 2be4134d - 00000000 00000000 [-1] / 0x00000000 } IP; Version = 1.0, Input packet fields = 0000 [Oct 14 10:46:58][LOCAL_IP <-> REMOTE_IP] ike_state_step: Current state = Start sa negotiation I (1)/-1, exchange = 2, auth_method = pre shared key, Initiator [Oct 14 10:46:58][LOCAL_IP <-> REMOTE_IP] ike_st_o_sa_proposal: Start [Oct 14 10:46:58][LOCAL_IP <-> REMOTE_IP] ike_policy_reply_isakmp_vendor_ids: Start [Oct 14 10:46:58][LOCAL_IP <-> REMOTE_IP] ike_st_o_private: Start [Oct 14 10:46:58][LOCAL_IP <-> REMOTE_IP] ike_policy_reply_private_payload_out: Start [Oct 14 10:46:58][LOCAL_IP <-> REMOTE_IP] ike_state_step: All done, new state = MM SA I (3) [Oct 14 10:46:58][LOCAL_IP <-> REMOTE_IP] ike_encode_packet: Start, SA = { 0x01925c37 2be4134d - 00000000 00000000 } / 00000000, nego = -1 [Oct 14 10:46:58][LOCAL_IP <-> REMOTE_IP] ike_encode_packet: Final length = 288 [Oct 14 10:46:58][LOCAL_IP <-> REMOTE_IP] ike_send_packet: Start, send SA = { 01925c37 2be4134d - 00000000 00000000}, nego = -1, dst = REMOTE_IP:500, routing table id = 0 [Oct 14 10:46:58][LOCAL_IP <-> REMOTE_IP] ike_sa_find: Not found SA = { 01925c37 2be4134d - bb92c79d 82bacb7e } [Oct 14 10:46:58][LOCAL_IP <-> REMOTE_IP] ikev2_packet_v1_start: Passing IKE v1.0 packet to IKEv1 library [Oct 14 10:46:58][LOCAL_IP <-> REMOTE_IP] ike_get_sa: Start, SA = { 01925c37 2be4134d - bb92c79d 82bacb7e } / 00000000, remote = REMOTE_IP:500 [Oct 14 10:46:58][LOCAL_IP <-> REMOTE_IP] ike_sa_find: Not found SA = { 01925c37 2be4134d - bb92c79d 82bacb7e } [Oct 14 10:46:58][LOCAL_IP <-> REMOTE_IP] ike_sa_find_half: Found half SA = { 01925c37 2be4134d - 00000000 00000000 } [Oct 14 10:46:58][LOCAL_IP <-> REMOTE_IP] ike_get_sa: We are intiator, first response packet [Oct 14 10:46:58][LOCAL_IP <-> REMOTE_IP] ike_sa_upgrade: Start, SA = { 01925c37 2be4134d - 00000000 00000000 } -> { ... - bb92c79d 82bacb7e } [Oct 14 10:46:58][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { 01925c37 2be4134d - bb92c79d 82bacb7e [-1] / 0x00000000 } IP; Packet to old negotiation [Oct 14 10:46:58][LOCAL_IP <-> REMOTE_IP] ike_decode_packet: Start [Oct 14 10:46:58][LOCAL_IP <-> REMOTE_IP] ike_decode_packet: Start, SA = { 01925c37 2be4134d - bb92c79d 82bacb7e} / 00000000, nego = -1 [Oct 14 10:46:58][LOCAL_IP <-> REMOTE_IP] ike_decode_payload_sa: Start [Oct 14 10:46:58][LOCAL_IP <-> REMOTE_IP] ike_decode_payload_sa: Found 1 proposals [Oct 14 10:46:58][LOCAL_IP <-> REMOTE_IP] ike_decode_payload_t: Start, # trans = 1 [Oct 14 10:46:58][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { 01925c37 2be4134d - bb92c79d 82bacb7e [-1] / 0x00000000 } IP; Version = 1.0, Input packet fields = 0401 SA VID [Oct 14 10:46:58][LOCAL_IP <-> REMOTE_IP] ike_state_step: Current state = MM SA I (3)/-1, exchange = 2, auth_method = pre shared key, Initiator [Oct 14 10:46:58][LOCAL_IP <-> REMOTE_IP] ike_st_i_sa_value: Start [Oct 14 10:46:58][LOCAL_IP <-> REMOTE_IP] ike_st_i_cr: Start [Oct 14 10:46:58][LOCAL_IP <-> REMOTE_IP] ike_st_i_cert: Start [Oct 14 10:46:58][LOCAL_IP <-> REMOTE_IP] ike_st_i_vid: VID[0..8] = 09002689 dfd6b712 ... [Oct 14 10:46:58][LOCAL_IP <-> REMOTE_IP] ike_st_i_vid: VID[0..16] = afcad713 68a1f1c9 ... [Oct 14 10:46:58][LOCAL_IP <-> REMOTE_IP] ike_st_i_vid: VID[0..16] = 12f5f28c 457168a9 ... [Oct 14 10:46:58][LOCAL_IP <-> REMOTE_IP] ike_st_i_vid: VID[0..16] = 4a131c81 07035845 ... [Oct 14 10:46:58][LOCAL_IP <-> REMOTE_IP] ike_st_i_private: Start [Oct 14 10:46:58][LOCAL_IP <-> REMOTE_IP] ike_st_o_ke: Start [Oct 14 10:46:58][LOCAL_IP <-> REMOTE_IP] iked_dh_get_group: DH Group 2 [Oct 14 10:46:58][LOCAL_IP <-> REMOTE_IP] iked_dh_generate_sync: Requested DH group 2 [Oct 14 10:46:58][LOCAL_IP <-> REMOTE_IP] iked_dh_generate_sync: Generated DH keys using hardware for DH group 2 [Oct 14 10:46:58][LOCAL_IP <-> REMOTE_IP] juniper_dlp_diffie_hellman_generate_async: DH Generate Secs [0] USecs [6016] [Oct 14 10:46:58][LOCAL_IP <-> REMOTE_IP] juniper_dlp_diffie_hellman_generate_async: Generated DH using hardware [Oct 14 10:46:58][LOCAL_IP <-> REMOTE_IP] ike_st_o_nonce: Start [Oct 14 10:46:58][LOCAL_IP <-> REMOTE_IP] ike_policy_reply_isakmp_nonce_data_len: Start [Oct 14 10:46:58][LOCAL_IP <-> REMOTE_IP] ike_st_o_private: Start [Oct 14 10:46:58][LOCAL_IP <-> REMOTE_IP] ike_policy_reply_private_payload_out: Start [Oct 14 10:46:58][LOCAL_IP <-> REMOTE_IP] ike_policy_reply_private_payload_out: Start [Oct 14 10:46:58][LOCAL_IP <-> REMOTE_IP] ike_policy_reply_private_payload_out: Start [Oct 14 10:46:58][LOCAL_IP <-> REMOTE_IP] ike_state_step: All done, new state = MM KE I (5) [Oct 14 10:46:58][LOCAL_IP <-> REMOTE_IP] ike_encode_packet: Start, SA = { 0x01925c37 2be4134d - bb92c79d 82bacb7e } / 00000000, nego = -1 [Oct 14 10:46:58][LOCAL_IP <-> REMOTE_IP] ike_encode_packet: Final length = 228 [Oct 14 10:46:58][LOCAL_IP <-> REMOTE_IP] ike_send_packet: Start, send SA = { 01925c37 2be4134d - bb92c79d 82bacb7e}, nego = -1, dst = REMOTE_IP:500, routing table id = 0 [Oct 14 10:46:58][LOCAL_IP <-> REMOTE_IP] ike_sa_find: Found SA = { 01925c37 2be4134d - bb92c79d 82bacb7e } [Oct 14 10:46:58][LOCAL_IP <-> REMOTE_IP] ikev2_packet_v1_start: Passing IKE v1.0 packet to IKEv1 library [Oct 14 10:46:58][LOCAL_IP <-> REMOTE_IP] ike_get_sa: Start, SA = { 01925c37 2be4134d - bb92c79d 82bacb7e } / 00000000, remote = REMOTE_IP:500 [Oct 14 10:46:58][LOCAL_IP <-> REMOTE_IP] ike_sa_find: Found SA = { 01925c37 2be4134d - bb92c79d 82bacb7e } [Oct 14 10:46:58][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { 01925c37 2be4134d - bb92c79d 82bacb7e [-1] / 0x00000000 } IP; Packet to old negotiation [Oct 14 10:46:58][LOCAL_IP <-> REMOTE_IP] ike_decode_packet: Start [Oct 14 10:46:58][LOCAL_IP <-> REMOTE_IP] ike_decode_packet: Start, SA = { 01925c37 2be4134d - bb92c79d 82bacb7e} / 00000000, nego = -1 [Oct 14 10:46:58][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { 01925c37 2be4134d - bb92c79d 82bacb7e [-1] / 0x00000000 } IP; Version = 1.0, Input packet fields = 0012 KE NONCE [Oct 14 10:46:58][LOCAL_IP <-> REMOTE_IP] ike_state_step: Current state = MM KE I (5)/-1, exchange = 2, auth_method = pre shared key, Initiator [Oct 14 10:46:58][LOCAL_IP <-> REMOTE_IP] ike_st_i_nonce: Start, nonce[0..32] = fab2225a 0216214a ... [Oct 14 10:46:58][LOCAL_IP <-> REMOTE_IP] ike_st_i_ke: Ke[0..128] = 2df05ff2 53683719 ... [Oct 14 10:46:58][LOCAL_IP <-> REMOTE_IP] ike_st_i_cr: Start [Oct 14 10:46:58][LOCAL_IP <-> REMOTE_IP] ike_st_i_cert: Start [Oct 14 10:46:58][LOCAL_IP <-> REMOTE_IP] ike_st_i_private: Start [Oct 14 10:46:58][LOCAL_IP <-> REMOTE_IP] ike_st_o_id: Start [Oct 14 10:46:58][LOCAL_IP <-> REMOTE_IP] ike_st_o_hash: Start [Oct 14 10:46:58][LOCAL_IP <-> REMOTE_IP] iked_dh_get_group: DH Group 2 [Oct 14 10:46:58][LOCAL_IP <-> REMOTE_IP] iked_dh_compute_synch: Requested DH group 2 [Oct 14 10:46:58][LOCAL_IP <-> REMOTE_IP] juniper_dlp_diffie_hellman_final_async: DH Compute Secs [0] USecs [5506] [Oct 14 10:46:58][LOCAL_IP <-> REMOTE_IP] juniper_dlp_diffie_hellman_final_async: Computed DH using hardware [Oct 14 10:46:58][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { 01925c37 2be4134d - bb92c79d 82bacb7e [-1] / 0x00000000 } IP; Diffie-hellman secret g^xy[128] = 0xae146a23 de725f39 933455be bd48fe6b b9 [Oct 14 10:46:58][LOCAL_IP <-> REMOTE_IP] ike_find_pre_shared_key: Find pre shared key key for LOCAL_IP:500, id = ipv4(any:0,[0..3]=LOCAL_IP) -> REMOTE_IP:500, id = No Id [Oct 14 10:46:58][LOCAL_IP <-> REMOTE_IP] ike_policy_reply_find_pre_shared_key: Start [Oct 14 10:46:58][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { 01925c37 2be4134d - bb92c79d 82bacb7e [-1] / 0x00000000 } IP; Hash algorithm = hmac-sha1 [Oct 14 10:46:58][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { 01925c37 2be4134d - bb92c79d 82bacb7e [-1] / 0x00000000 } IP; Prf key[11] = 0x32303135 4d696172 657465 [Oct 14 10:46:58][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { 01925c37 2be4134d - bb92c79d 82bacb7e [-1] / 0x00000000 } IP; Calculating SKEYID [Oct 14 10:46:58][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { 01925c37 2be4134d - bb92c79d 82bacb7e [-1] / 0x00000000 } IP; Output of SKEYID hash[20] = 0x612a0a84 b457e8ce e778a530 b5c2008d 3e5a66f2 [Oct 14 10:46:58][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { 01925c37 2be4134d - bb92c79d 82bacb7e [-1] / 0x00000000 } IP; Output of SKEYID_d hash[20] = 0x257f2a5f 02227733 781d8ef7 66d4fc08 d1311f [Oct 14 10:46:58][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { 01925c37 2be4134d - bb92c79d 82bacb7e [-1] / 0x00000000 } IP; Output of SKEYID_a hash[20] = 0x5aa82c07 1c125f37 02f63dd6 38db0072 ce247e [Oct 14 10:46:58][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { 01925c37 2be4134d - bb92c79d 82bacb7e [-1] / 0x00000000 } IP; Output SKEYID_e hash[20] = 0xe2dfd8af 0223086a c7604e60 16bca304 1000f3c9 [Oct 14 10:46:58][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { 01925c37 2be4134d - bb92c79d 82bacb7e [-1] / 0x00000000 } IP; Final encryption key[16] = 0xe2dfd8af 0223086a c7604e60 16bca304 [Oct 14 10:46:58][LOCAL_IP <-> REMOTE_IP] ike_calc_mac: Start, initiator = true, local = true [Oct 14 10:46:58][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { 01925c37 2be4134d - bb92c79d 82bacb7e [-1] / 0x00000000 } IP; Output of HASH_I hash[20] = 0x27cf7017 b2da3571 94a5aafc f00f3a08 efcb8502 [Oct 14 10:46:58][LOCAL_IP <-> REMOTE_IP] ike_st_o_status_n: Start [Oct 14 10:46:58][LOCAL_IP <-> REMOTE_IP] ike_st_o_private: Start [Oct 14 10:46:58][LOCAL_IP <-> REMOTE_IP] ike_policy_reply_private_payload_out: Start [Oct 14 10:46:58][LOCAL_IP <-> REMOTE_IP] ike_st_o_encrypt: Marking encryption for packet [Oct 14 10:46:58][LOCAL_IP <-> REMOTE_IP] ike_state_step: All done, new state = MM final I (7) [Oct 14 10:46:58][LOCAL_IP <-> REMOTE_IP] ike_encode_packet: Start, SA = { 0x01925c37 2be4134d - bb92c79d 82bacb7e } / 00000000, nego = -1 [Oct 14 10:46:58][LOCAL_IP <-> REMOTE_IP] ike_encode_packet: Encrypting packet [Oct 14 10:46:58][LOCAL_IP <-> REMOTE_IP] ike_encode_packet: Final length = 76 [Oct 14 10:46:58][LOCAL_IP <-> REMOTE_IP] ike_send_packet: Start, send SA = { 01925c37 2be4134d - bb92c79d 82bacb7e}, nego = -1, dst = REMOTE_IP:500, routing table id = 0 [Oct 14 10:46:58][LOCAL_IP <-> REMOTE_IP] ike_sa_find: Found SA = { 01925c37 2be4134d - bb92c79d 82bacb7e } [Oct 14 10:46:58][LOCAL_IP <-> REMOTE_IP] ikev2_packet_v1_start: Passing IKE v1.0 packet to IKEv1 library [Oct 14 10:46:58][LOCAL_IP <-> REMOTE_IP] ike_get_sa: Start, SA = { 01925c37 2be4134d - bb92c79d 82bacb7e } / 00000000, remote = REMOTE_IP:500 [Oct 14 10:46:58][LOCAL_IP <-> REMOTE_IP] ike_sa_find: Found SA = { 01925c37 2be4134d - bb92c79d 82bacb7e } [Oct 14 10:46:58][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { 01925c37 2be4134d - bb92c79d 82bacb7e [-1] / 0x00000000 } IP; Packet to old negotiation [Oct 14 10:46:58][LOCAL_IP <-> REMOTE_IP] ike_decode_packet: Start [Oct 14 10:46:58][LOCAL_IP <-> REMOTE_IP] ike_decode_packet: Start, SA = { 01925c37 2be4134d - bb92c79d 82bacb7e} / 00000000, nego = -1 [Oct 14 10:46:58][LOCAL_IP <-> REMOTE_IP] ike_decode_packet: Decrypting packet [Oct 14 10:46:58][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { 01925c37 2be4134d - bb92c79d 82bacb7e [-1] / 0x00000000 } IP; Version = 1.0, Input packet fields = 0024 ID HASH [Oct 14 10:46:58][LOCAL_IP <-> REMOTE_IP] ike_state_step: Current state = MM final I (7)/-1, exchange = 2, auth_method = pre shared key, Initiator [Oct 14 10:46:58][LOCAL_IP <-> REMOTE_IP] ike_st_i_encrypt: Check that packet was encrypted succeeded [Oct 14 10:46:58][LOCAL_IP <-> REMOTE_IP] ike_st_i_id: Start [Oct 14 10:46:58][LOCAL_IP <-> REMOTE_IP] ike_st_i_hash: Start, hash[0..20] = bd308541 149221ba ... [Oct 14 10:46:58][LOCAL_IP <-> REMOTE_IP] ike_calc_mac: Start, initiator = true, local = false [Oct 14 10:46:58][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { 01925c37 2be4134d - bb92c79d 82bacb7e [-1] / 0x00000000 } IP; Output of HASH_R hash[20] = 0xbd308541 149221ba 3fb5da0a c16fd902 d8bf7d93 [Oct 14 10:46:58][LOCAL_IP <-> REMOTE_IP] ike_st_i_cert: Start [Oct 14 10:46:58][LOCAL_IP <-> REMOTE_IP] ike_st_i_private: Start [Oct 14 10:46:58][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { 01925c37 2be4134d - bb92c79d 82bacb7e [-1] / 0x00000000 } IP; dec->enc iv[16] = 0xb87a2f5f 7d331ed2 d760caa6 0025731e [Oct 14 10:46:58][LOCAL_IP <-> REMOTE_IP] ike_st_o_wait_done: Marking for waiting for done [Oct 14 10:46:58][LOCAL_IP <-> REMOTE_IP] ike_st_o_all_done: MESSAGE: Phase 1 { 0x01925c37 2be4134d - 0xbb92c79d 82bacb7e } / 00000000, version = 1.0, xchg = Identity protect, auth_method = Pre shared keys, Initiator, cipher = aes- [Oct 14 10:46:58][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { 01925c37 2be4134d - bb92c79d 82bacb7e [-1] / 0x00000000 } IP; MESSAGE: Phase 1 version = 1.0, auth_method = Pre shared keys, cipher = ae [Oct 14 10:46:58][LOCAL_IP <-> REMOTE_IP] ike_state_step: All done, new state = MM done I (9) [Oct 14 10:46:58][LOCAL_IP <-> REMOTE_IP] ikev2_fallback_negotiation_free: Fallback negotiation dfc800 has still 1 references [Oct 14 10:46:58][LOCAL_IP <-> REMOTE_IP] ike_send_notify: Connected, SA = { 01925c37 2be4134d - bb92c79d 82bacb7e}, nego = -1 [Oct 14 10:46:58][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { 01925c37 2be4134d - bb92c79d 82bacb7e [-1] / 0x00000000 } IP; Connected [Oct 14 10:46:58][LOCAL_IP <-> REMOTE_IP] ike_process_packet: No output packet, returning [Oct 14 10:46:58][LOCAL_IP <-> REMOTE_IP] iked_pm_ike_sa_done: local:LOCAL_IP, remote:REMOTE_IP IKEv1 [Oct 14 10:46:58][LOCAL_IP <-> REMOTE_IP] IKE negotiation done for local:LOCAL_IP, remote:REMOTE_IP IKEv1 with status: Error ok [Oct 14 10:46:58][LOCAL_IP <-> REMOTE_IP] Parsing notification payload for local:LOCAL_IP, remote:REMOTE_IP IKEv1 [Oct 14 10:46:58][LOCAL_IP <-> REMOTE_IP] P1 SA 2593435 stop timer. timer duration 30, reason 1. [Oct 14 10:46:58][LOCAL_IP <-> REMOTE_IP] ssh_ike_connect_notify: Start, remote_name = :500, flags = 00010000 [Oct 14 10:46:58][LOCAL_IP <-> REMOTE_IP] ike_sa_find_ip_port: Remote = all:500, Found SA = { 01925c37 2be4134d - bb92c79d 82bacb7e} [Oct 14 10:46:58][LOCAL_IP <-> REMOTE_IP] ike_alloc_negotiation: Start, SA = { 01925c37 2be4134d - bb92c79d 82bacb7e} [Oct 14 10:46:58][LOCAL_IP <-> REMOTE_IP] ike_alloc_negotiation: Found slot 0, max 1 [Oct 14 10:46:58][LOCAL_IP <-> REMOTE_IP] :500 (Initiator) <-> REMOTE_IP:500 { 01925c37 2be4134d - bb92c79d 82bacb7e [0] / 0x5de0af74 } Info; Output of phase 2 IV hash[16] = 0xbe2d0f29 c6bb54e4 70b39eab 235f8913 [Oct 14 10:46:58][LOCAL_IP <-> REMOTE_IP] ike_init_info_exchange: Created random message id = 5de0af74 [Oct 14 10:46:58][LOCAL_IP <-> REMOTE_IP] ike_init_info_exchange: Phase 1 done, use HASH and N or D payload [Oct 14 10:46:58][LOCAL_IP <-> REMOTE_IP] ssh_ike_connect_notify: SA = { 01925c37 2be4134d - bb92c79d 82bacb7e}, nego = 0 [Oct 14 10:46:58][LOCAL_IP <-> REMOTE_IP] :500 (Initiator) <-> REMOTE_IP:500 { 01925c37 2be4134d - bb92c79d 82bacb7e [0] / 0x5de0af74 } Info; Start notify negotiation [Oct 14 10:46:58][LOCAL_IP <-> REMOTE_IP] ike_encode_packet: Start, SA = { 0x01925c37 2be4134d - bb92c79d 82bacb7e } / 5de0af74, nego = 0 [Oct 14 10:46:58][LOCAL_IP <-> REMOTE_IP] ike_encode_packet: Encrypting packet [Oct 14 10:46:58][LOCAL_IP <-> REMOTE_IP] ike_encode_packet: Final length = 92 [Oct 14 10:46:58][LOCAL_IP <-> REMOTE_IP] ssh_ike_connect_notify: Sending notification to (null):500 [Oct 14 10:46:58][LOCAL_IP <-> REMOTE_IP] ike_send_packet: Start, send SA = { 01925c37 2be4134d - bb92c79d 82bacb7e}, nego = 0, dst = REMOTE_IP:500, routing table id = 0 [Oct 14 10:46:58][LOCAL_IP <-> REMOTE_IP] ike_delete_negotiation: Start, SA = { 01925c37 2be4134d - bb92c79d 82bacb7e}, nego = 0 [Oct 14 10:46:58][LOCAL_IP <-> REMOTE_IP] :500 (Initiator) <-> REMOTE_IP:500 { 01925c37 2be4134d - bb92c79d 82bacb7e [0] / 0x5de0af74 } Info; Deleting negotiation [Oct 14 10:46:58][LOCAL_IP <-> REMOTE_IP] ike_free_negotiation_info: Start, nego = 0 [Oct 14 10:46:58][LOCAL_IP <-> REMOTE_IP] ike_free_negotiation: Start, nego = 0 [Oct 14 10:46:58][LOCAL_IP <-> REMOTE_IP] iked_pm_ike_info_done_callback: P1 SA 2593435 (ref 2). pending req? 0, status: Error ok [Oct 14 10:46:58][LOCAL_IP <-> REMOTE_IP] ikev2_fallback_negotiation_free: Freeing fallback negotiation dfc800 [Oct 14 10:46:58][LOCAL_IP <-> REMOTE_IP] ike_sa_find: Found SA = { 01925c37 2be4134d - bb92c79d 82bacb7e } [Oct 14 10:46:58][LOCAL_IP <-> REMOTE_IP] ikev2_packet_v1_start: Passing IKE v1.0 packet to IKEv1 library [Oct 14 10:46:58][LOCAL_IP <-> REMOTE_IP] ike_get_sa: Start, SA = { 01925c37 2be4134d - bb92c79d 82bacb7e } / c213e92b, remote = REMOTE_IP:500 [Oct 14 10:46:58][LOCAL_IP <-> REMOTE_IP] ike_sa_find: Found SA = { 01925c37 2be4134d - bb92c79d 82bacb7e } [Oct 14 10:46:58][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { 01925c37 2be4134d - bb92c79d 82bacb7e [-1] / 0x00000000 } IP; Version = 1.0, Input packet fields = 0024 ID HASH [Oct 14 10:46:58][LOCAL_IP <-> REMOTE_IP] ike_state_step: Current state = MM done I (9)/-1, exchange = 2, auth_method = pre shared key, Initiator [Oct 14 10:46:58][LOCAL_IP <-> REMOTE_IP] ike_st_o_done: ISAKMP SA negotiation done [Oct 14 10:46:58][LOCAL_IP <-> REMOTE_IP] ike_state_step: All done, new state = Done (30) [Oct 14 10:46:58][LOCAL_IP <-> REMOTE_IP] ike_udp_callback_common: Connected, sending notify [Oct 14 10:46:58][LOCAL_IP <-> REMOTE_IP] ike_send_notify: Connected, SA = { 01925c37 2be4134d - bb92c79d 82bacb7e}, nego = -1 [Oct 14 10:46:58][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { 01925c37 2be4134d - bb92c79d 82bacb7e [-1] / 0x00000000 } IP; Connected [Oct 14 10:46:58][LOCAL_IP <-> REMOTE_IP] ike_free_negotiation_isakmp: Start, nego = -1 [Oct 14 10:46:58][LOCAL_IP <-> REMOTE_IP] ike_free_negotiation: Start, nego = -1 [Oct 14 10:46:58][LOCAL_IP <-> REMOTE_IP] ike_alloc_negotiation: Start, SA = { 01925c37 2be4134d - bb92c79d 82bacb7e} [Oct 14 10:46:58][LOCAL_IP <-> REMOTE_IP] ike_alloc_negotiation: Found slot 0, max 1 [Oct 14 10:46:58][LOCAL_IP <-> REMOTE_IP] ike_init_cfg_negotiation: Start, initiator = 0, message_id = c213e92b [Oct 14 10:46:58][LOCAL_IP <-> REMOTE_IP] :500 (Responder) <-> REMOTE_IP:500 { 01925c37 2be4134d - bb92c79d 82bacb7e [0] / 0xc213e92b } CFG; New negotiation [Oct 14 10:46:58][LOCAL_IP <-> REMOTE_IP] ikev2_fallback_negotiation_alloc: Allocated fallback negotiation dfc800 [Oct 14 10:46:58][LOCAL_IP <-> REMOTE_IP] ikev2_fb_alloc_cfgmode_negotiation: Accepting new Cfg/XAuth negotiation: local=:500, remote=REMOTE_IP:500 [Oct 14 10:46:58][LOCAL_IP <-> REMOTE_IP] :500 (Responder) <-> REMOTE_IP:500 { 01925c37 2be4134d - bb92c79d 82bacb7e [0] / 0xc213e92b } CFG; Output of phase 2 IV hash[16] = 0x3e548393 977b6339 7fa00bd7 1999f534 [Oct 14 10:46:58][LOCAL_IP <-> REMOTE_IP] ike_decode_packet: Start [Oct 14 10:46:58][LOCAL_IP <-> REMOTE_IP] ike_decode_packet: Start, SA = { 01925c37 2be4134d - bb92c79d 82bacb7e} / c213e92b, nego = 0 [Oct 14 10:46:58][LOCAL_IP <-> REMOTE_IP] ike_decode_packet: Decrypting packet [Oct 14 10:46:58][LOCAL_IP <-> REMOTE_IP] ike_decode_payload_attr: Start [Oct 14 10:46:58][LOCAL_IP <-> REMOTE_IP] :500 (Responder) <-> REMOTE_IP:500 { 01925c37 2be4134d - bb92c79d 82bacb7e [0] / 0xc213e92b } CFG; Version = 1.0, Input packet fields = 0820 HASH ATTR [Oct 14 10:46:58][LOCAL_IP <-> REMOTE_IP] ike_state_step: Current state = Start CFG R (26)/-1, exchange = 6, auth_method = any, Responder [Oct 14 10:46:58][LOCAL_IP <-> REMOTE_IP] ike_st_i_encrypt: Check that packet was encrypted succeeded [Oct 14 10:46:58][LOCAL_IP <-> REMOTE_IP] ike_st_i_gen_hash: Start, hash[0..20] = 9229e4cc f130938b ... [Oct 14 10:46:58][LOCAL_IP <-> REMOTE_IP] ike_st_i_cfg_attr: Start [Oct 14 10:46:58][LOCAL_IP <-> REMOTE_IP] ike_process_packet: No output packet, returning [Oct 14 10:46:58][LOCAL_IP <-> REMOTE_IP] ike_cfg_attrs_reply: Start [Oct 14 10:46:58][LOCAL_IP <-> REMOTE_IP] ikev2_fallback_negotiation_free: Fallback negotiation dfc800 has still 2 references [Oct 14 10:46:58][LOCAL_IP <-> REMOTE_IP] ikev2_fallback_negotiation_free: Fallback negotiation dfc800 has still 1 references [Oct 14 10:46:58][LOCAL_IP <-> REMOTE_IP] ikev2_fallback_negotiation_free: Freeing fallback negotiation dfc800 [Oct 14 10:46:58][LOCAL_IP <-> REMOTE_IP] ike_sa_find: Found SA = { 01925c37 2be4134d - bb92c79d 82bacb7e } [Oct 14 10:46:58][LOCAL_IP <-> REMOTE_IP] ikev2_packet_v1_start: Passing IKE v1.0 packet to IKEv1 library [Oct 14 10:46:58][LOCAL_IP <-> REMOTE_IP] ike_get_sa: Start, SA = { 01925c37 2be4134d - bb92c79d 82bacb7e } / 02fab0f7, remote = REMOTE_IP:500 [Oct 14 10:46:58][LOCAL_IP <-> REMOTE_IP] ike_sa_find: Found SA = { 01925c37 2be4134d - bb92c79d 82bacb7e } [Oct 14 10:46:58][LOCAL_IP <-> REMOTE_IP] ike_alloc_negotiation: Start, SA = { 01925c37 2be4134d - bb92c79d 82bacb7e} [Oct 14 10:46:58][LOCAL_IP <-> REMOTE_IP] ike_alloc_negotiation: Found slot 1, max 2 [Oct 14 10:46:58][LOCAL_IP <-> REMOTE_IP] :500 (Responder) <-> REMOTE_IP:500 { 01925c37 2be4134d - bb92c79d 82bacb7e [1] / 0x02fab0f7 } Info; New informational negotiation [Oct 14 10:46:58][LOCAL_IP <-> REMOTE_IP] :500 (Responder) <-> REMOTE_IP:500 { 01925c37 2be4134d - bb92c79d 82bacb7e [1] / 0x02fab0f7 } Info; Packet to old negotiation [Oct 14 10:46:58][LOCAL_IP <-> REMOTE_IP] :500 (Responder) <-> REMOTE_IP:500 { 01925c37 2be4134d - bb92c79d 82bacb7e [1] / 0x02fab0f7 } Info; Output of phase 2 IV hash[16] = 0xa4d478e6 9781887d 5d575d25 c28953e0 [Oct 14 10:46:58][LOCAL_IP <-> REMOTE_IP] ike_decode_packet: Start [Oct 14 10:46:58][LOCAL_IP <-> REMOTE_IP] ike_decode_packet: Start, SA = { 01925c37 2be4134d - bb92c79d 82bacb7e} / 02fab0f7, nego = 1 [Oct 14 10:46:58][LOCAL_IP <-> REMOTE_IP] ike_decode_packet: Decrypting packet [Oct 14 10:46:58][LOCAL_IP <-> REMOTE_IP] :500 (Responder) <-> REMOTE_IP:500 { 01925c37 2be4134d - bb92c79d 82bacb7e [1] / 0x02fab0f7 } Info; Version = 1.0, Input packet fields = 0220 HASH N [Oct 14 10:46:58][LOCAL_IP <-> REMOTE_IP] ike_state_step: Current state = Done (30)/-1, exchange = 5, auth_method = any, Responder [Oct 14 10:46:58][LOCAL_IP <-> REMOTE_IP] ike_st_i_encrypt: Check that packet was encrypted succeeded [Oct 14 10:46:58][LOCAL_IP <-> REMOTE_IP] ike_st_i_gen_hash: Start, hash[0..20] = f7c7229a f93019bc ... [Oct 14 10:46:58][LOCAL_IP <-> REMOTE_IP] ike_st_i_n: Start, doi = 1, protocol = 1, code = Payload malformed (16), spi[0..0] = 00000000 00000000 ..., data[0..0] = 00000000 00000000 ... [Oct 14 10:46:58][LOCAL_IP <-> REMOTE_IP] :500 (Responder) <-> REMOTE_IP:500 { 01925c37 2be4134d - bb92c79d 82bacb7e [1] / 0x02fab0f7 } Info; Received notify err = Payload malformed (16) to isakmp sa, delete it [Oct 14 10:46:58][LOCAL_IP <-> REMOTE_IP] ike_st_i_private: Start [Oct 14 10:46:58][LOCAL_IP <-> REMOTE_IP] ike_state_step: All done, new state = Done (30) [Oct 14 10:46:58][LOCAL_IP <-> REMOTE_IP] ike_process_packet: Connected, sending notify [Oct 14 10:46:58][LOCAL_IP <-> REMOTE_IP] ike_send_notify: Connected, SA = { 01925c37 2be4134d - bb92c79d 82bacb7e}, nego = 1 [Oct 14 10:46:58][LOCAL_IP <-> REMOTE_IP] :500 (Responder) <-> REMOTE_IP:500 { 01925c37 2be4134d - bb92c79d 82bacb7e [1] / 0x02fab0f7 } Info; Connected [Oct 14 10:46:58][LOCAL_IP <-> REMOTE_IP] ike_delete_negotiation: Start, SA = { 01925c37 2be4134d - bb92c79d 82bacb7e}, nego = 1 [Oct 14 10:46:58][LOCAL_IP <-> REMOTE_IP] :500 (Responder) <-> REMOTE_IP:500 { 01925c37 2be4134d - bb92c79d 82bacb7e [1] / 0x02fab0f7 } Info; Deleting negotiation [Oct 14 10:46:58][LOCAL_IP <-> REMOTE_IP] ike_free_negotiation_info: Start, nego = 1 [Oct 14 10:46:58][LOCAL_IP <-> REMOTE_IP] ike_free_negotiation: Start, nego = 1 [Oct 14 10:46:58][LOCAL_IP <-> REMOTE_IP] ike_remove_callback: Start, delete SA = { 01925c37 2be4134d - bb92c79d 82bacb7e}, nego = -1 [Oct 14 10:46:58][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { 01925c37 2be4134d - bb92c79d 82bacb7e [-1] / unknown } IP; Removing negotiation [Oct 14 10:46:58][LOCAL_IP <-> REMOTE_IP] ike_delete_negotiation: Start, SA = { 01925c37 2be4134d - bb92c79d 82bacb7e}, nego = -1 [Oct 14 10:46:58][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { 01925c37 2be4134d - bb92c79d 82bacb7e [-1] / unknown } IP; Deleting negotiation [Oct 14 10:46:58][LOCAL_IP <-> REMOTE_IP] ssh_ike_tunnel_table_entry_delete: Deleting tunnel_id: 0 from IKE tunnel table [Oct 14 10:46:58][LOCAL_IP <-> REMOTE_IP] ssh_ike_tunnel_table_entry_delete: The tunnel id: 0 doesn't exist in IKE tunnel table [Oct 14 10:46:58][LOCAL_IP <-> REMOTE_IP] ike_sa_delete: Start, SA = { 01925c37 2be4134d - bb92c79d 82bacb7e } [Oct 14 10:46:58][LOCAL_IP <-> REMOTE_IP] ike_free_negotiation_cfg: Start, nego = 0 [Oct 14 10:46:58][LOCAL_IP <-> REMOTE_IP] ike_free_negotiation: Start, nego = 0 [Oct 14 10:46:58][LOCAL_IP <-> REMOTE_IP] ike_free_negotiation_isakmp: Start, nego = -1 [Oct 14 10:46:58][LOCAL_IP <-> REMOTE_IP] ike_free_negotiation: Start, nego = -1 [Oct 14 10:46:58][LOCAL_IP <-> REMOTE_IP] ikev2_fb_isakmp_sa_freed: Received notification from the ISAKMP library that the IKE SA df6400 is freed [Oct 14 10:46:58][LOCAL_IP <-> REMOTE_IP] IKE SA delete called for p1 sa 2593435 (ref cnt 1) local:LOCAL_IP, remote:REMOTE_IP, IKEv1 [Oct 14 10:46:58][LOCAL_IP <-> REMOTE_IP] P1 SA 2593435 stop timer. timer duration 30, reason 0. [Oct 14 10:46:58][LOCAL_IP <-> REMOTE_IP] iked_pm_p1_sa_destroy: p1 sa 2593435 (ref cnt 0), waiting_for_del 0x0 [Oct 14 10:46:58][LOCAL_IP <-> REMOTE_IP] iked_peer_remove_p1sa_entry: Remove p1 sa 2593435 from peer entry 0x9cc400 [Oct 14 10:46:58][LOCAL_IP <-> REMOTE_IP] ike_free_id_payload: Start, id type = 1 [Oct 14 10:46:58][LOCAL_IP <-> REMOTE_IP] ike_free_id_payload: Start, id type = 1 [Oct 14 10:46:58][LOCAL_IP <-> REMOTE_IP] ike_free_sa: Start [Oct 14 10:47:02][LOCAL_IP <-> REMOTE_IP] ike_sa_find: Not found SA = { 01925c37 2be4134d - bb92c79d 82bacb7e } [Oct 14 10:47:02][LOCAL_IP <-> REMOTE_IP] ikev2_packet_v1_start: Passing IKE v1.0 packet to IKEv1 library [Oct 14 10:47:02][LOCAL_IP <-> REMOTE_IP] ike_get_sa: Start, SA = { 01925c37 2be4134d - bb92c79d 82bacb7e } / c213e92b, remote = REMOTE_IP:500 [Oct 14 10:47:02][LOCAL_IP <-> REMOTE_IP] ike_sa_find: Not found SA = { 01925c37 2be4134d - bb92c79d 82bacb7e } [Oct 14 10:47:02][LOCAL_IP <-> REMOTE_IP] ike_sa_find_half: Not found half SA = { 01925c37 2be4134d - 00000000 00000000 } [Oct 14 10:47:02][LOCAL_IP <-> REMOTE_IP] ike_get_sa: Invalid cookie, no sa found, SA = { 01925c37 2be4134d - bb92c79d 82bacb7e } / c213e92b, remote = REMOTE_IP:500 [Oct 14 10:47:02][LOCAL_IP <-> REMOTE_IP] iked_pv_audit_callback: Empty SSH audit event [Oct 14 10:47:02][LOCAL_IP <-> REMOTE_IP] unknown (unknown) <-> unknown { unknown [unknown] / unknown } unknown; Packet to unknown Isakmp SA, ip = REMOTE_IP:500 [Oct 14 10:47:10][LOCAL_IP <-> REMOTE_IP] ike_sa_find: Not found SA = { 01925c37 2be4134d - bb92c79d 82bacb7e } [Oct 14 10:47:10][LOCAL_IP <-> REMOTE_IP] ikev2_packet_v1_start: Passing IKE v1.0 packet to IKEv1 library [Oct 14 10:47:10][LOCAL_IP <-> REMOTE_IP] ike_get_sa: Start, SA = { 01925c37 2be4134d - bb92c79d 82bacb7e } / c213e92b, remote = REMOTE_IP:500 [Oct 14 10:47:10][LOCAL_IP <-> REMOTE_IP] ike_sa_find: Not found SA = { 01925c37 2be4134d - bb92c79d 82bacb7e } [Oct 14 10:47:10][LOCAL_IP <-> REMOTE_IP] ike_sa_find_half: Not found half SA = { 01925c37 2be4134d - 00000000 00000000 } [Oct 14 10:47:10][LOCAL_IP <-> REMOTE_IP] ike_get_sa: Invalid cookie, no sa found, SA = { 01925c37 2be4134d - bb92c79d 82bacb7e } / c213e92b, remote = REMOTE_IP:500 [Oct 14 10:47:10][LOCAL_IP <-> REMOTE_IP] iked_pv_audit_callback: Empty SSH audit event [Oct 14 10:47:10][LOCAL_IP <-> REMOTE_IP] unknown (unknown) <-> unknown { unknown [unknown] / unknown } unknown; Packet to unknown Isakmp SA, ip = REMOTE_IP:500 [Oct 14 10:47:22][LOCAL_IP <-> REMOTE_IP] ike_sa_find: Not found SA = { 01925c37 2be4134d - bb92c79d 82bacb7e } [Oct 14 10:47:22][LOCAL_IP <-> REMOTE_IP] ikev2_packet_v1_start: Passing IKE v1.0 packet to IKEv1 library [Oct 14 10:47:22][LOCAL_IP <-> REMOTE_IP] ike_get_sa: Start, SA = { 01925c37 2be4134d - bb92c79d 82bacb7e } / c213e92b, remote = REMOTE_IP:500 [Oct 14 10:47:22][LOCAL_IP <-> REMOTE_IP] ike_sa_find: Not found SA = { 01925c37 2be4134d - bb92c79d 82bacb7e } [Oct 14 10:47:22][LOCAL_IP <-> REMOTE_IP] ike_sa_find_half: Not found half SA = { 01925c37 2be4134d - 00000000 00000000 } [Oct 14 10:47:22][LOCAL_IP <-> REMOTE_IP] ike_get_sa: Invalid cookie, no sa found, SA = { 01925c37 2be4134d - bb92c79d 82bacb7e } / c213e92b, remote = REMOTE_IP:500 [Oct 14 10:47:22][LOCAL_IP <-> REMOTE_IP] iked_pv_audit_callback: Empty SSH audit event [Oct 14 10:47:22][LOCAL_IP <-> REMOTE_IP] unknown (unknown) <-> unknown { unknown [unknown] / unknown } unknown; Packet to unknown Isakmp SA, ip = REMOTE_IP:500 [Oct 14 10:47:46][LOCAL_IP <-> REMOTE_IP] ike_sa_find: Not found SA = { 01925c37 2be4134d - bb92c79d 82bacb7e } [Oct 14 10:47:46][LOCAL_IP <-> REMOTE_IP] ikev2_packet_v1_start: Passing IKE v1.0 packet to IKEv1 library [Oct 14 10:47:46][LOCAL_IP <-> REMOTE_IP] ike_get_sa: Start, SA = { 01925c37 2be4134d - bb92c79d 82bacb7e } / c213e92b, remote = REMOTE_IP:500 [Oct 14 10:47:46][LOCAL_IP <-> REMOTE_IP] ike_sa_find: Not found SA = { 01925c37 2be4134d - bb92c79d 82bacb7e } [Oct 14 10:47:46][LOCAL_IP <-> REMOTE_IP] ike_sa_find_half: Not found half SA = { 01925c37 2be4134d - 00000000 00000000 } [Oct 14 10:47:46][LOCAL_IP <-> REMOTE_IP] ike_get_sa: Invalid cookie, no sa found, SA = { 01925c37 2be4134d - bb92c79d 82bacb7e } / c213e92b, remote = REMOTE_IP:500 [Oct 14 10:47:46][LOCAL_IP <-> REMOTE_IP] iked_pv_audit_callback: Empty SSH audit event [Oct 14 10:47:46][LOCAL_IP <-> REMOTE_IP] unknown (unknown) <-> unknown { unknown [unknown] / unknown } unknown; Packet to unknown Isakmp SA, ip = REMOTE_IP:500 [Oct 14 10:48:28][LOCAL_IP <-> REMOTE_IP] ike_sa_find: Not found SA = { 01925c37 2be4134d - bb92c79d 82bacb7e } [Oct 14 10:48:28][LOCAL_IP <-> REMOTE_IP] ikev2_packet_v1_start: Passing IKE v1.0 packet to IKEv1 library [Oct 14 10:48:28][LOCAL_IP <-> REMOTE_IP] ike_get_sa: Start, SA = { 01925c37 2be4134d - bb92c79d 82bacb7e } / c213e92b, remote = REMOTE_IP:500 [Oct 14 10:48:28][LOCAL_IP <-> REMOTE_IP] ike_sa_find: Not found SA = { 01925c37 2be4134d - bb92c79d 82bacb7e } [Oct 14 10:48:28][LOCAL_IP <-> REMOTE_IP] ike_sa_find_half: Not found half SA = { 01925c37 2be4134d - 00000000 00000000 } [Oct 14 10:48:28][LOCAL_IP <-> REMOTE_IP] ike_get_sa: Invalid cookie, no sa found, SA = { 01925c37 2be4134d - bb92c79d 82bacb7e } / c213e92b, remote = REMOTE_IP:500 [Oct 14 10:48:28][LOCAL_IP <-> REMOTE_IP] iked_pv_audit_callback: Empty SSH audit event [Oct 14 10:48:28][LOCAL_IP <-> REMOTE_IP] unknown (unknown) <-> unknown { unknown [unknown] / unknown } unknown; Packet to unknown Isakmp SA, ip = REMOTE_IP:500 [Oct 14 10:49:43][LOCAL_IP <-> REMOTE_IP] ikev2_packet_v1_start: Passing IKE v1.0 packet to IKEv1 library [Oct 14 10:49:43][LOCAL_IP <-> REMOTE_IP] ike_get_sa: Start, SA = { dc989a49 02b4b7f3 - 00000000 00000000 } / 00000000, remote = REMOTE_IP:500 [Oct 14 10:49:43][LOCAL_IP <-> REMOTE_IP] ike_get_sa: We are responder and this is initiators first packet [Oct 14 10:49:43][LOCAL_IP <-> REMOTE_IP] ike_sa_allocate: Start, SA = { dc989a49 02b4b7f3 - 0e4a71f3 efbe350d } [Oct 14 10:49:43][LOCAL_IP <-> REMOTE_IP] ike_udp_callback_common: New SA [Oct 14 10:49:43][LOCAL_IP <-> REMOTE_IP] ike_init_isakmp_sa: Start, remote = REMOTE_IP:500, initiator = 0 [Oct 14 10:49:43][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Responder) <-> REMOTE_IP:500 { dc989a49 02b4b7f3 - 0e4a71f3 efbe350d [-1] / 0x00000000 } IP; New SA [Oct 14 10:49:43][LOCAL_IP <-> REMOTE_IP] ikev2_fallback_negotiation_alloc: Allocated fallback negotiation dfc800 [Oct 14 10:49:43][LOCAL_IP <-> REMOTE_IP] P1 SA 2593436 start timer. timer duration 30, reason 1. [Oct 14 10:49:43][LOCAL_IP <-> REMOTE_IP] ssh_isakmp_update_responder_cookie: Updating responder IKE cookie [Oct 14 10:49:43][LOCAL_IP <-> REMOTE_IP] ssh_isakmp_update_responder_cookie: Original IKE cookie [Oct 14 10:49:43][LOCAL_IP <-> REMOTE_IP] 00000000: 0e4a 71f3 efbe 350d .Jq...5. [Oct 14 10:49:43][LOCAL_IP <-> REMOTE_IP] ssh_isakmp_update_responder_cookie: New IKE cookie [Oct 14 10:49:43][LOCAL_IP <-> REMOTE_IP] 00000000: 5613 d412 1a76 647a V....vdz [Oct 14 10:49:43][LOCAL_IP <-> REMOTE_IP] ikev2_fb_st_new_p1_connection_local_addresses: Accepting new Phase-1 negotiation: local=LOCAL_IP:500, remote=REMOTE_IP:500 (neg dfc800) [Oct 14 10:49:43][LOCAL_IP <-> REMOTE_IP] ikev2_fallback_negotiation_free: Fallback negotiation dfc800 has still 1 references [Oct 14 10:49:43][LOCAL_IP <-> REMOTE_IP] ike_decode_packet: Start [Oct 14 10:49:43][LOCAL_IP <-> REMOTE_IP] ike_decode_packet: Start, SA = { dc989a49 02b4b7f3 - 5613d412 1a76647a} / 00000000, nego = -1 [Oct 14 10:49:43][LOCAL_IP <-> REMOTE_IP] ike_decode_payload_sa: Start [Oct 14 10:49:43][LOCAL_IP <-> REMOTE_IP] ike_decode_payload_sa: Found 1 proposals [Oct 14 10:49:43][LOCAL_IP <-> REMOTE_IP] ike_decode_payload_t: Start, # trans = 3 [Oct 14 10:49:43][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Responder) <-> REMOTE_IP:500 { dc989a49 02b4b7f3 - 5613d412 1a76647a [-1] / 0x00000000 } IP; Version = 1.0, Input packet fields = 0401 SA VID [Oct 14 10:49:43][LOCAL_IP <-> REMOTE_IP] ike_state_step: Current state = Start sa negotiation R (2)/-1, exchange = 2, auth_method = any, Responder [Oct 14 10:49:43][LOCAL_IP <-> REMOTE_IP] ike_st_i_vid: VID[0..8] = 09002689 dfd6b712 ... [Oct 14 10:49:43][LOCAL_IP <-> REMOTE_IP] ike_st_i_vid: VID[0..16] = afcad713 68a1f1c9 ... [Oct 14 10:49:43][LOCAL_IP <-> REMOTE_IP] ike_st_i_vid: VID[0..16] = 12f5f28c 457168a9 ... [Oct 14 10:49:43][LOCAL_IP <-> REMOTE_IP] ike_st_i_vid: VID[0..16] = 4a131c81 07035845 ... [Oct 14 10:49:43][LOCAL_IP <-> REMOTE_IP] ike_st_i_vid: VID[0..16] = 90cb8091 3ebb696e ... [Oct 14 10:49:43][LOCAL_IP <-> REMOTE_IP] ike_st_i_sa_proposal: Start [Oct 14 10:49:43][LOCAL_IP <-> REMOTE_IP] ike_process_packet: No output packet, returning [Oct 14 10:49:43][LOCAL_IP <-> REMOTE_IP] Parsing notification payload for local:LOCAL_IP, remote:REMOTE_IP IKEv1 [Oct 14 10:49:43][LOCAL_IP <-> REMOTE_IP] iked_pm_phase1_sa_cfg_lookup_by_addr: Found SA-CFG ipsec-vpn-besFarm by ip address for local:LOCAL_IP, remote:REMOTE_IP IKEv1 remote_port:500 ksa_cfg_remote_port=500 [Oct 14 10:49:43][LOCAL_IP <-> REMOTE_IP] ssh_ikev2_sa_select: SA_SELECT: Selecting IKEv1 proposal. [Oct 14 10:49:43][LOCAL_IP <-> REMOTE_IP] ssh_ikev2_sav1_select: Comparing 1 input proposals against 1 policy proposals [Oct 14 10:49:43][LOCAL_IP <-> REMOTE_IP] ssh_ikev2_sav1_select: Comparing input proposal #0 against policy proposal #1 [Oct 14 10:49:43][LOCAL_IP <-> REMOTE_IP] ikev2_choose_v1_proposal: Comparing 1 protocol(s) [Oct 14 10:49:43][LOCAL_IP <-> REMOTE_IP] ikev2_choose_v1_proposal: Comparing transforms of protocol 1 [Oct 14 10:49:43][LOCAL_IP <-> REMOTE_IP] ikev2_choose_v1_transform: Comparing 3 input transforms against 1 policy transforms [Oct 14 10:49:43][LOCAL_IP <-> REMOTE_IP] ikev2_choose_v1_transform: Comparing input transform #1 against policy transform #0 [Oct 14 10:49:43][LOCAL_IP <-> REMOTE_IP] ikev2_choose_v1_transform: Transform id 1 matches, comparing attributes [Oct 14 10:49:43][LOCAL_IP <-> REMOTE_IP] ikev2_ikev1_attribute_check: Comparing 7 input attributes against 7 policy attributes [Oct 14 10:49:43][LOCAL_IP <-> REMOTE_IP] ikev2_ikev1_attribute_check: Comparing input attribute 0 against policy attribute 0 [Oct 14 10:49:43][LOCAL_IP <-> REMOTE_IP] ikev2_ikev1_attribute_check: Input and policy attributes of type 1 match [Oct 14 10:49:43][LOCAL_IP <-> REMOTE_IP] ikev2_ikev1_attribute_check: Comparing input attribute 1 against policy attribute 0 [Oct 14 10:49:43][LOCAL_IP <-> REMOTE_IP] ikev2_ikev1_attribute_check: Comparing input attribute 1 against policy attribute 1 [Oct 14 10:49:43][LOCAL_IP <-> REMOTE_IP] ikev2_ikev1_attribute_check: Input and policy attributes of type 14 match [Oct 14 10:49:43][LOCAL_IP <-> REMOTE_IP] ikev2_ikev1_attribute_check: Comparing input attribute 2 against policy attribute 0 [Oct 14 10:49:43][LOCAL_IP <-> REMOTE_IP] ikev2_ikev1_attribute_check: Comparing input attribute 2 against policy attribute 1 [Oct 14 10:49:43][LOCAL_IP <-> REMOTE_IP] ikev2_ikev1_attribute_check: Comparing input attribute 2 against policy attribute 2 [Oct 14 10:49:43][LOCAL_IP <-> REMOTE_IP] ikev2_ikev1_attribute_check: Comparing input attribute 2 against policy attribute 3 [Oct 14 10:49:43][LOCAL_IP <-> REMOTE_IP] ikev2_ikev1_attribute_check: Input and policy attributes of type 2 match [Oct 14 10:49:43][LOCAL_IP <-> REMOTE_IP] ikev2_ikev1_attribute_check: Comparing input attribute 3 against policy attribute 0 [Oct 14 10:49:43][LOCAL_IP <-> REMOTE_IP] ikev2_ikev1_attribute_check: Comparing input attribute 3 against policy attribute 1 [Oct 14 10:49:43][LOCAL_IP <-> REMOTE_IP] ikev2_ikev1_attribute_check: Comparing input attribute 3 against policy attribute 2 [Oct 14 10:49:43][LOCAL_IP <-> REMOTE_IP] ikev2_ikev1_attribute_check: Input and policy attributes of type 4 match [Oct 14 10:49:43][LOCAL_IP <-> REMOTE_IP] ikev2_ikev1_attribute_check: Comparing input attribute 4 against policy attribute 0 [Oct 14 10:49:43][LOCAL_IP <-> REMOTE_IP] ikev2_ikev1_attribute_check: Comparing input attribute 4 against policy attribute 1 [Oct 14 10:49:43][LOCAL_IP <-> REMOTE_IP] ikev2_ikev1_attribute_check: Comparing input attribute 4 against policy attribute 2 [Oct 14 10:49:43][LOCAL_IP <-> REMOTE_IP] ikev2_ikev1_attribute_check: Comparing input attribute 4 against policy attribute 3 [Oct 14 10:49:43][LOCAL_IP <-> REMOTE_IP] ikev2_ikev1_attribute_check: Comparing input attribute 4 against policy attribute 4 [Oct 14 10:49:43][LOCAL_IP <-> REMOTE_IP] ikev2_ikev1_attribute_check: Comparing input attribute 4 against policy attribute 5 [Oct 14 10:49:43][LOCAL_IP <-> REMOTE_IP] ikev2_ikev1_attribute_check: Comparing input attribute 4 against policy attribute 6 [Oct 14 10:49:43][LOCAL_IP <-> REMOTE_IP] ikev2_ikev1_attribute_check: Input and policy attributes of type 3 match [Oct 14 10:49:43][LOCAL_IP <-> REMOTE_IP] ikev2_ikev1_attribute_check: Input attribute 5 is life type/duration, ignoring [Oct 14 10:49:43][LOCAL_IP <-> REMOTE_IP] ikev2_ikev1_attribute_check: Input attribute 6 is life type/duration, ignoring [Oct 14 10:49:43][LOCAL_IP <-> REMOTE_IP] ikev2_ikev1_attribute_check: Attributes matched successfully [Oct 14 10:49:43][LOCAL_IP <-> REMOTE_IP] ikev2_ikev1_attribute_check: Setting life in seconds to 3600 from policy [Oct 14 10:49:43][LOCAL_IP <-> REMOTE_IP] ikev2_choose_v1_transform: Attributes match; selected input transform 0 [Oct 14 10:49:43][LOCAL_IP <-> REMOTE_IP] ikev2_choose_v1_proposal: Protocols match [Oct 14 10:49:43][LOCAL_IP <-> REMOTE_IP] ikev2_choose_v1_proposal: Selected proposal number 0 and transforms for 1 protocols [Oct 14 10:49:43][LOCAL_IP <-> REMOTE_IP] ikev2_choose_v1_proposal: Selected transform id 1 for protocol 1 [Oct 14 10:49:43][LOCAL_IP <-> REMOTE_IP] ssh_ikev2_sav1_select: Proposals match [Oct 14 10:49:43][LOCAL_IP <-> REMOTE_IP] ikev2_fb_spd_select_sa_cb: Diffie-Hellman group number 2 selected [Oct 14 10:49:43][LOCAL_IP <-> REMOTE_IP] ikev2_fb_spd_select_sa_cb: Authentication method number 1 selected [Oct 14 10:49:43][LOCAL_IP <-> REMOTE_IP] ike_isakmp_sa_reply: Start [Oct 14 10:49:43][LOCAL_IP <-> REMOTE_IP] ikev2_fallback_negotiation_free: Fallback negotiation dfc800 has still 1 references [Oct 14 10:49:43][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Responder) <-> REMOTE_IP:500 { dc989a49 02b4b7f3 - 5613d412 1a76647a [-1] / 0x00000000 } IP; Restart packet [Oct 14 10:49:43][LOCAL_IP <-> REMOTE_IP] ike_state_restart_packet: Start, restart packet SA = { dc989a49 02b4b7f3 - 5613d412 1a76647a}, nego = -1 [Oct 14 10:49:43][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Responder) <-> REMOTE_IP:500 { dc989a49 02b4b7f3 - 5613d412 1a76647a [-1] / 0x00000000 } IP; Version = 1.0, Input packet fields = 0401 SA VID [Oct 14 10:49:43][LOCAL_IP <-> REMOTE_IP] ike_state_step: Current state = Start sa negotiation R (2)/1, exchange = 2, auth_method = pre shared key, Responder [Oct 14 10:49:43][LOCAL_IP <-> REMOTE_IP] ike_st_i_sa_proposal: Start [Oct 14 10:49:43][LOCAL_IP <-> REMOTE_IP] ike_st_i_cr: Start [Oct 14 10:49:43][LOCAL_IP <-> REMOTE_IP] ike_st_i_cert: Start [Oct 14 10:49:43][LOCAL_IP <-> REMOTE_IP] ike_st_i_private: Start [Oct 14 10:49:43][LOCAL_IP <-> REMOTE_IP] ike_st_o_sa_values: Start [Oct 14 10:49:43][LOCAL_IP <-> REMOTE_IP] ike_policy_reply_isakmp_vendor_ids: Start [Oct 14 10:49:43][LOCAL_IP <-> REMOTE_IP] ike_st_o_private: Start [Oct 14 10:49:43][LOCAL_IP <-> REMOTE_IP] ike_policy_reply_private_payload_out: Start [Oct 14 10:49:43][LOCAL_IP <-> REMOTE_IP] ike_state_step: All done, new state = MM SA R (4) [Oct 14 10:49:43][LOCAL_IP <-> REMOTE_IP] ike_encode_packet: Start, SA = { 0xdc989a49 02b4b7f3 - 5613d412 1a76647a } / 00000000, nego = -1 [Oct 14 10:49:43][LOCAL_IP <-> REMOTE_IP] ike_encode_packet: Final length = 156 [Oct 14 10:49:43][LOCAL_IP <-> REMOTE_IP] ike_send_packet: Start, send SA = { dc989a49 02b4b7f3 - 5613d412 1a76647a}, nego = -1, dst = REMOTE_IP:500, routing table id = 0 [Oct 14 10:49:43][LOCAL_IP <-> REMOTE_IP] ikev2_packet_allocate: Allocated packet db0800 from freelist [Oct 14 10:49:43][LOCAL_IP <-> REMOTE_IP] ike_sa_find: Found SA = { dc989a49 02b4b7f3 - 5613d412 1a76647a } [Oct 14 10:49:43][LOCAL_IP <-> REMOTE_IP] ikev2_packet_v1_start: Passing IKE v1.0 packet to IKEv1 library [Oct 14 10:49:43][LOCAL_IP <-> REMOTE_IP] ike_get_sa: Start, SA = { dc989a49 02b4b7f3 - 5613d412 1a76647a } / 00000000, remote = REMOTE_IP:500 [Oct 14 10:49:43][LOCAL_IP <-> REMOTE_IP] ike_sa_find: Found SA = { dc989a49 02b4b7f3 - 5613d412 1a76647a } [Oct 14 10:49:43][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Responder) <-> REMOTE_IP:500 { dc989a49 02b4b7f3 - 5613d412 1a76647a [-1] / 0x00000000 } IP; Packet to old negotiation [Oct 14 10:49:43][LOCAL_IP <-> REMOTE_IP] ike_decode_packet: Start [Oct 14 10:49:43][LOCAL_IP <-> REMOTE_IP] ike_decode_packet: Start, SA = { dc989a49 02b4b7f3 - 5613d412 1a76647a} / 00000000, nego = -1 [Oct 14 10:49:43][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Responder) <-> REMOTE_IP:500 { dc989a49 02b4b7f3 - 5613d412 1a76647a [-1] / 0x00000000 } IP; Version = 1.0, Input packet fields = 0012 KE NONCE [Oct 14 10:49:43][LOCAL_IP <-> REMOTE_IP] ike_state_step: Current state = MM SA R (4)/-1, exchange = 2, auth_method = pre shared key, Responder [Oct 14 10:49:43][LOCAL_IP <-> REMOTE_IP] ike_st_i_nonce: Start, nonce[0..32] = 9e40d443 4b85dd10 ... [Oct 14 10:49:43][LOCAL_IP <-> REMOTE_IP] ike_st_i_ke: Ke[0..128] = 33603561 46785bee ... [Oct 14 10:49:43][LOCAL_IP <-> REMOTE_IP] ike_st_i_cr: Start [Oct 14 10:49:43][LOCAL_IP <-> REMOTE_IP] ike_st_i_cert: Start [Oct 14 10:49:43][LOCAL_IP <-> REMOTE_IP] ike_st_i_private: Start [Oct 14 10:49:43][LOCAL_IP <-> REMOTE_IP] ike_st_o_ke: Start [Oct 14 10:49:43][LOCAL_IP <-> REMOTE_IP] iked_dh_get_group: DH Group 2 [Oct 14 10:49:43][LOCAL_IP <-> REMOTE_IP] iked_dh_generate_sync: Requested DH group 2 [Oct 14 10:49:43][LOCAL_IP <-> REMOTE_IP] iked_dh_generate_sync: Generated DH keys using hardware for DH group 2 [Oct 14 10:49:43][LOCAL_IP <-> REMOTE_IP] juniper_dlp_diffie_hellman_generate_async: DH Generate Secs [0] USecs [5744] [Oct 14 10:49:43][LOCAL_IP <-> REMOTE_IP] juniper_dlp_diffie_hellman_generate_async: Generated DH using hardware [Oct 14 10:49:43][LOCAL_IP <-> REMOTE_IP] ike_st_o_nonce: Start [Oct 14 10:49:43][LOCAL_IP <-> REMOTE_IP] ike_policy_reply_isakmp_nonce_data_len: Start [Oct 14 10:49:43][LOCAL_IP <-> REMOTE_IP] ike_find_pre_shared_key: Find pre shared key key for LOCAL_IP:500, id = No Id -> REMOTE_IP:500, id = No Id [Oct 14 10:49:43][LOCAL_IP <-> REMOTE_IP] ike_process_packet: No output packet, returning [Oct 14 10:49:43][LOCAL_IP <-> REMOTE_IP] iked_pm_phase1_sa_cfg_lookup_by_addr: Found SA-CFG ipsec-vpn-besFarm by ip address for local:LOCAL_IP, remote:REMOTE_IP IKEv1 remote_port:500 ksa_cfg_remote_port=500 [Oct 14 10:49:43][LOCAL_IP <-> REMOTE_IP] ike_policy_reply_find_pre_shared_key: Start [Oct 14 10:49:43][LOCAL_IP <-> REMOTE_IP] ikev2_fallback_negotiation_free: Fallback negotiation dfc800 has still 1 references [Oct 14 10:49:43][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Responder) <-> REMOTE_IP:500 { dc989a49 02b4b7f3 - 5613d412 1a76647a [-1] / 0x00000000 } IP; Restart packet [Oct 14 10:49:43][LOCAL_IP <-> REMOTE_IP] ike_state_restart_packet: Start, restart packet SA = { dc989a49 02b4b7f3 - 5613d412 1a76647a}, nego = -1 [Oct 14 10:49:43][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Responder) <-> REMOTE_IP:500 { dc989a49 02b4b7f3 - 5613d412 1a76647a [-1] / 0x00000000 } IP; Version = 1.0, Input packet fields = 0012 KE NONCE [Oct 14 10:49:43][LOCAL_IP <-> REMOTE_IP] ike_state_step: Current state = MM SA R (4)/258, exchange = 2, auth_method = pre shared key, Responder [Oct 14 10:49:43][LOCAL_IP <-> REMOTE_IP] ike_find_pre_shared_key: Find pre shared key key for LOCAL_IP:500, id = No Id -> REMOTE_IP:500, id = No Id [Oct 14 10:49:43][LOCAL_IP <-> REMOTE_IP] ike_st_o_private: Start [Oct 14 10:49:43][LOCAL_IP <-> REMOTE_IP] ike_policy_reply_private_payload_out: Start [Oct 14 10:49:43][LOCAL_IP <-> REMOTE_IP] ike_policy_reply_private_payload_out: Start [Oct 14 10:49:43][LOCAL_IP <-> REMOTE_IP] ike_policy_reply_private_payload_out: Start [Oct 14 10:49:43][LOCAL_IP <-> REMOTE_IP] ike_st_o_calc_skeyid: Calculating skeyid [Oct 14 10:49:43][LOCAL_IP <-> REMOTE_IP] iked_dh_get_group: DH Group 2 [Oct 14 10:49:43][LOCAL_IP <-> REMOTE_IP] iked_dh_compute_synch: Requested DH group 2 [Oct 14 10:49:43][LOCAL_IP <-> REMOTE_IP] juniper_dlp_diffie_hellman_final_async: DH Compute Secs [0] USecs [5469] [Oct 14 10:49:43][LOCAL_IP <-> REMOTE_IP] juniper_dlp_diffie_hellman_final_async: Computed DH using hardware [Oct 14 10:49:43][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Responder) <-> REMOTE_IP:500 { dc989a49 02b4b7f3 - 5613d412 1a76647a [-1] / 0x00000000 } IP; Diffie-hellman secret g^xy[128] = 0xfc6511e0 b448134c 3b916e46 29c24aae 7f [Oct 14 10:49:43][LOCAL_IP <-> REMOTE_IP] ike_find_pre_shared_key: Find pre shared key key for LOCAL_IP:500, id = No Id -> REMOTE_IP:500, id = No Id [Oct 14 10:49:43][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Responder) <-> REMOTE_IP:500 { dc989a49 02b4b7f3 - 5613d412 1a76647a [-1] / 0x00000000 } IP; Hash algorithm = hmac-sha1 [Oct 14 10:49:43][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Responder) <-> REMOTE_IP:500 { dc989a49 02b4b7f3 - 5613d412 1a76647a [-1] / 0x00000000 } IP; Prf key[11] = 0x32303135 4d696172 657465 [Oct 14 10:49:43][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Responder) <-> REMOTE_IP:500 { dc989a49 02b4b7f3 - 5613d412 1a76647a [-1] / 0x00000000 } IP; Calculating SKEYID [Oct 14 10:49:43][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Responder) <-> REMOTE_IP:500 { dc989a49 02b4b7f3 - 5613d412 1a76647a [-1] / 0x00000000 } IP; Output of SKEYID hash[20] = 0xff69361b 922f9451 375270ed 680ab9c7 2eba63a5 [Oct 14 10:49:43][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Responder) <-> REMOTE_IP:500 { dc989a49 02b4b7f3 - 5613d412 1a76647a [-1] / 0x00000000 } IP; Output of SKEYID_d hash[20] = 0x561ad050 8df60386 aa41d6cf 7f91fb04 ea06e5 [Oct 14 10:49:43][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Responder) <-> REMOTE_IP:500 { dc989a49 02b4b7f3 - 5613d412 1a76647a [-1] / 0x00000000 } IP; Output of SKEYID_a hash[20] = 0xde1b81a8 b22caf23 c1d1f743 4f658fd2 d30240 [Oct 14 10:49:43][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Responder) <-> REMOTE_IP:500 { dc989a49 02b4b7f3 - 5613d412 1a76647a [-1] / 0x00000000 } IP; Output SKEYID_e hash[20] = 0xab54c4d8 74e2507f dea77659 249a2b87 ce3619dd [Oct 14 10:49:43][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Responder) <-> REMOTE_IP:500 { dc989a49 02b4b7f3 - 5613d412 1a76647a [-1] / 0x00000000 } IP; Final encryption key[16] = 0xab54c4d8 74e2507f dea77659 249a2b87 [Oct 14 10:49:43][LOCAL_IP <-> REMOTE_IP] ike_state_step: All done, new state = MM KE R (6) [Oct 14 10:49:43][LOCAL_IP <-> REMOTE_IP] ike_encode_packet: Start, SA = { 0xdc989a49 02b4b7f3 - 5613d412 1a76647a } / 00000000, nego = -1 [Oct 14 10:49:43][LOCAL_IP <-> REMOTE_IP] ike_encode_packet: Final length = 228 [Oct 14 10:49:43][LOCAL_IP <-> REMOTE_IP] ike_send_packet: Start, send SA = { dc989a49 02b4b7f3 - 5613d412 1a76647a}, nego = -1, dst = REMOTE_IP:500, routing table id = 0 [Oct 14 10:49:44][LOCAL_IP <-> REMOTE_IP] ikev2_packet_allocate: Allocated packet db0c00 from freelist [Oct 14 10:49:44][LOCAL_IP <-> REMOTE_IP] ike_sa_find: Found SA = { dc989a49 02b4b7f3 - 5613d412 1a76647a } [Oct 14 10:49:44][LOCAL_IP <-> REMOTE_IP] ikev2_packet_v1_start: Passing IKE v1.0 packet to IKEv1 library [Oct 14 10:49:44][LOCAL_IP <-> REMOTE_IP] ike_get_sa: Start, SA = { dc989a49 02b4b7f3 - 5613d412 1a76647a } / 00000000, remote = REMOTE_IP:500 [Oct 14 10:49:44][LOCAL_IP <-> REMOTE_IP] ike_sa_find: Found SA = { dc989a49 02b4b7f3 - 5613d412 1a76647a } [Oct 14 10:49:44][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Responder) <-> REMOTE_IP:500 { dc989a49 02b4b7f3 - 5613d412 1a76647a [-1] / 0x00000000 } IP; Packet to old negotiation [Oct 14 10:49:44][LOCAL_IP <-> REMOTE_IP] ike_decode_packet: Start [Oct 14 10:49:44][LOCAL_IP <-> REMOTE_IP] ike_decode_packet: Start, SA = { dc989a49 02b4b7f3 - 5613d412 1a76647a} / 00000000, nego = -1 [Oct 14 10:49:44][LOCAL_IP <-> REMOTE_IP] ike_decode_packet: Decrypting packet [Oct 14 10:49:44][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Responder) <-> REMOTE_IP:500 { dc989a49 02b4b7f3 - 5613d412 1a76647a [-1] / 0x00000000 } IP; Version = 1.0, Input packet fields = 0024 ID HASH [Oct 14 10:49:44][LOCAL_IP <-> REMOTE_IP] ike_state_step: Current state = MM KE R (6)/-1, exchange = 2, auth_method = pre shared key, Responder [Oct 14 10:49:44][LOCAL_IP <-> REMOTE_IP] ike_st_i_encrypt: Check that packet was encrypted succeeded [Oct 14 10:49:44][LOCAL_IP <-> REMOTE_IP] ike_st_i_id: Start [Oct 14 10:49:44][LOCAL_IP <-> REMOTE_IP] ike_st_i_hash: Start, hash[0..20] = 48bc4531 04d0e2a1 ... [Oct 14 10:49:44][LOCAL_IP <-> REMOTE_IP] ike_calc_mac: Start, initiator = false, local = false [Oct 14 10:49:44][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Responder) <-> REMOTE_IP:500 { dc989a49 02b4b7f3 - 5613d412 1a76647a [-1] / 0x00000000 } IP; Output of HASH_I hash[20] = 0x48bc4531 04d0e2a1 efaa4092 8c260bc7 2792d5c9 [Oct 14 10:49:44][LOCAL_IP <-> REMOTE_IP] ike_st_i_cert: Start [Oct 14 10:49:44][LOCAL_IP <-> REMOTE_IP] ike_st_i_private: Start [Oct 14 10:49:44][LOCAL_IP <-> REMOTE_IP] ike_st_o_id: Start [Oct 14 10:49:44][LOCAL_IP <-> REMOTE_IP] ike_process_packet: No output packet, returning [Oct 14 10:49:44][LOCAL_IP <-> REMOTE_IP] ike_policy_reply_isakmp_id: Start [Oct 14 10:49:44][LOCAL_IP <-> REMOTE_IP] ikev2_fallback_negotiation_free: Fallback negotiation dfc800 has still 1 references [Oct 14 10:49:44][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Responder) <-> REMOTE_IP:500 { dc989a49 02b4b7f3 - 5613d412 1a76647a [-1] / 0x00000000 } IP; Restart packet [Oct 14 10:49:44][LOCAL_IP <-> REMOTE_IP] ike_state_restart_packet: Start, restart packet SA = { dc989a49 02b4b7f3 - 5613d412 1a76647a}, nego = -1 [Oct 14 10:49:44][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Responder) <-> REMOTE_IP:500 { dc989a49 02b4b7f3 - 5613d412 1a76647a [-1] / 0x00000000 } IP; Version = 1.0, Input packet fields = 0024 ID HASH [Oct 14 10:49:44][LOCAL_IP <-> REMOTE_IP] ike_state_step: Current state = MM KE R (6)/256, exchange = 2, auth_method = pre shared key, Responder [Oct 14 10:49:44][LOCAL_IP <-> REMOTE_IP] ike_st_o_id: Start [Oct 14 10:49:44][LOCAL_IP <-> REMOTE_IP] ike_st_o_hash: Start [Oct 14 10:49:44][LOCAL_IP <-> REMOTE_IP] ike_calc_mac: Start, initiator = false, local = true [Oct 14 10:49:44][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Responder) <-> REMOTE_IP:500 { dc989a49 02b4b7f3 - 5613d412 1a76647a [-1] / 0x00000000 } IP; Output of HASH_R hash[20] = 0x668b796e d62b3ab1 34776bd7 c0c80756 8bd2eaca [Oct 14 10:49:44][LOCAL_IP <-> REMOTE_IP] ike_st_o_status_n: Start [Oct 14 10:49:44][LOCAL_IP <-> REMOTE_IP] ike_st_o_private: Start [Oct 14 10:49:44][LOCAL_IP <-> REMOTE_IP] ike_policy_reply_private_payload_out: Start [Oct 14 10:49:44][LOCAL_IP <-> REMOTE_IP] ike_st_o_encrypt: Marking encryption for packet [Oct 14 10:49:44][LOCAL_IP <-> REMOTE_IP] ike_st_o_wait_done: Marking for waiting for done [Oct 14 10:49:44][LOCAL_IP <-> REMOTE_IP] ike_st_o_all_done: MESSAGE: Phase 1 { 0xdc989a49 02b4b7f3 - 0x5613d412 1a76647a } / 00000000, version = 1.0, xchg = Identity protect, auth_method = Pre shared keys, Responder, cipher = aes- [Oct 14 10:49:44][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Responder) <-> REMOTE_IP:500 { dc989a49 02b4b7f3 - 5613d412 1a76647a [-1] / 0x00000000 } IP; MESSAGE: Phase 1 version = 1.0, auth_method = Pre shared keys, cipher = ae [Oct 14 10:49:44][LOCAL_IP <-> REMOTE_IP] ike_state_step: All done, new state = MM final R (8) [Oct 14 10:49:44][LOCAL_IP <-> REMOTE_IP] ike_encode_packet: Start, SA = { 0xdc989a49 02b4b7f3 - 5613d412 1a76647a } / 00000000, nego = -1 [Oct 14 10:49:44][LOCAL_IP <-> REMOTE_IP] ike_encode_packet: Encrypting packet [Oct 14 10:49:44][LOCAL_IP <-> REMOTE_IP] ike_encode_packet: Final length = 76 [Oct 14 10:49:44][LOCAL_IP <-> REMOTE_IP] ike_send_packet: Start, send SA = { dc989a49 02b4b7f3 - 5613d412 1a76647a}, nego = -1, dst = REMOTE_IP:500, routing table id = 0 [Oct 14 10:49:44][LOCAL_IP <-> REMOTE_IP] ike_send_notify: Connected, SA = { dc989a49 02b4b7f3 - 5613d412 1a76647a}, nego = -1 [Oct 14 10:49:44][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Responder) <-> REMOTE_IP:500 { dc989a49 02b4b7f3 - 5613d412 1a76647a [-1] / 0x00000000 } IP; Connected [Oct 14 10:49:44][LOCAL_IP <-> REMOTE_IP] iked_pm_ike_sa_done: local:LOCAL_IP, remote:REMOTE_IP IKEv1 [Oct 14 10:49:44][LOCAL_IP <-> REMOTE_IP] IKE negotiation done for local:LOCAL_IP, remote:REMOTE_IP IKEv1 with status: Error ok [Oct 14 10:49:44][LOCAL_IP <-> REMOTE_IP] Parsing notification payload for local:LOCAL_IP, remote:REMOTE_IP IKEv1 [Oct 14 10:49:44][LOCAL_IP <-> REMOTE_IP] P1 SA 2593436 stop timer. timer duration 30, reason 1. [Oct 14 10:49:44][LOCAL_IP <-> REMOTE_IP] iked_peer_insert_p1sa_entry: Insert p1 sa 2593436 in peer entry 0x9cc400 [Oct 14 10:49:44][LOCAL_IP <-> REMOTE_IP] ikev2_fallback_negotiation_free: Freeing fallback negotiation dfc800 [Oct 14 10:49:44][LOCAL_IP <-> REMOTE_IP] ike_sa_find: Found SA = { dc989a49 02b4b7f3 - 5613d412 1a76647a } [Oct 14 10:49:44][LOCAL_IP <-> REMOTE_IP] ikev2_packet_v1_start: Passing IKE v1.0 packet to IKEv1 library [Oct 14 10:49:44][LOCAL_IP <-> REMOTE_IP] ike_get_sa: Start, SA = { dc989a49 02b4b7f3 - 5613d412 1a76647a } / 61623c78, remote = REMOTE_IP:500 [Oct 14 10:49:44][LOCAL_IP <-> REMOTE_IP] ike_sa_find: Found SA = { dc989a49 02b4b7f3 - 5613d412 1a76647a } [Oct 14 10:49:44][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Responder) <-> REMOTE_IP:500 { dc989a49 02b4b7f3 - 5613d412 1a76647a [-1] / 0x00000000 } IP; Version = 1.0, Input packet fields = 0024 ID HASH [Oct 14 10:49:44][LOCAL_IP <-> REMOTE_IP] ike_state_step: Current state = MM final R (8)/-1, exchange = 2, auth_method = pre shared key, Responder [Oct 14 10:49:44][LOCAL_IP <-> REMOTE_IP] ike_st_o_done: ISAKMP SA negotiation done [Oct 14 10:49:44][LOCAL_IP <-> REMOTE_IP] ike_state_step: All done, new state = Done (30) [Oct 14 10:49:44][LOCAL_IP <-> REMOTE_IP] ike_udp_callback_common: Connected, sending notify [Oct 14 10:49:44][LOCAL_IP <-> REMOTE_IP] ike_send_notify: Connected, SA = { dc989a49 02b4b7f3 - 5613d412 1a76647a}, nego = -1 [Oct 14 10:49:44][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Responder) <-> REMOTE_IP:500 { dc989a49 02b4b7f3 - 5613d412 1a76647a [-1] / 0x00000000 } IP; Connected [Oct 14 10:49:44][LOCAL_IP <-> REMOTE_IP] ike_free_negotiation_isakmp: Start, nego = -1 [Oct 14 10:49:44][LOCAL_IP <-> REMOTE_IP] ike_free_negotiation: Start, nego = -1 [Oct 14 10:49:44][LOCAL_IP <-> REMOTE_IP] ike_alloc_negotiation: Start, SA = { dc989a49 02b4b7f3 - 5613d412 1a76647a} [Oct 14 10:49:44][LOCAL_IP <-> REMOTE_IP] ike_alloc_negotiation: Found slot 0, max 1 [Oct 14 10:49:44][LOCAL_IP <-> REMOTE_IP] ike_init_cfg_negotiation: Start, initiator = 0, message_id = 61623c78 [Oct 14 10:49:44][LOCAL_IP <-> REMOTE_IP] :500 (Responder) <-> REMOTE_IP:500 { dc989a49 02b4b7f3 - 5613d412 1a76647a [0] / 0x61623c78 } CFG; New negotiation [Oct 14 10:49:44][LOCAL_IP <-> REMOTE_IP] ikev2_fallback_negotiation_alloc: Allocated fallback negotiation dfc800 [Oct 14 10:49:44][LOCAL_IP <-> REMOTE_IP] ikev2_fb_alloc_cfgmode_negotiation: Accepting new Cfg/XAuth negotiation: local=:500, remote=REMOTE_IP:500 [Oct 14 10:49:44][LOCAL_IP <-> REMOTE_IP] :500 (Responder) <-> REMOTE_IP:500 { dc989a49 02b4b7f3 - 5613d412 1a76647a [0] / 0x61623c78 } CFG; Output of phase 2 IV hash[16] = 0xcdb30e68 95098a10 6c7c8cd3 ddf1d7e7 [Oct 14 10:49:44][LOCAL_IP <-> REMOTE_IP] ike_decode_packet: Start [Oct 14 10:49:44][LOCAL_IP <-> REMOTE_IP] ike_decode_packet: Start, SA = { dc989a49 02b4b7f3 - 5613d412 1a76647a} / 61623c78, nego = 0 [Oct 14 10:49:44][LOCAL_IP <-> REMOTE_IP] ike_decode_packet: Decrypting packet [Oct 14 10:49:44][LOCAL_IP <-> REMOTE_IP] ike_decode_payload_attr: Start [Oct 14 10:49:44][LOCAL_IP <-> REMOTE_IP] :500 (Responder) <-> REMOTE_IP:500 { dc989a49 02b4b7f3 - 5613d412 1a76647a [0] / 0x61623c78 } CFG; Version = 1.0, Input packet fields = 0820 HASH ATTR [Oct 14 10:49:44][LOCAL_IP <-> REMOTE_IP] ike_state_step: Current state = Start CFG R (26)/-1, exchange = 6, auth_method = any, Responder [Oct 14 10:49:44][LOCAL_IP <-> REMOTE_IP] ike_st_i_encrypt: Check that packet was encrypted succeeded [Oct 14 10:49:44][LOCAL_IP <-> REMOTE_IP] ike_st_i_gen_hash: Start, hash[0..20] = 134b5b3f ba350807 ... [Oct 14 10:49:44][LOCAL_IP <-> REMOTE_IP] ike_st_i_cfg_attr: Start [Oct 14 10:49:44][LOCAL_IP <-> REMOTE_IP] ike_process_packet: No output packet, returning [Oct 14 10:49:44][LOCAL_IP <-> REMOTE_IP] ike_cfg_attrs_reply: Start [Oct 14 10:49:44][LOCAL_IP <-> REMOTE_IP] ikev2_fallback_negotiation_free: Fallback negotiation dfc800 has still 2 references [Oct 14 10:49:44][LOCAL_IP <-> REMOTE_IP] ikev2_fallback_negotiation_free: Fallback negotiation dfc800 has still 1 references [Oct 14 10:49:44][LOCAL_IP <-> REMOTE_IP] ikev2_fallback_negotiation_free: Freeing fallback negotiation dfc800 [Oct 14 10:49:44][LOCAL_IP <-> REMOTE_IP] ike_sa_find: Found SA = { dc989a49 02b4b7f3 - 5613d412 1a76647a } [Oct 14 10:49:44][LOCAL_IP <-> REMOTE_IP] ikev2_packet_v1_start: Passing IKE v1.0 packet to IKEv1 library [Oct 14 10:49:44][LOCAL_IP <-> REMOTE_IP] ike_get_sa: Start, SA = { dc989a49 02b4b7f3 - 5613d412 1a76647a } / f7bd593e, remote = REMOTE_IP:500 [Oct 14 10:49:44][LOCAL_IP <-> REMOTE_IP] ike_sa_find: Found SA = { dc989a49 02b4b7f3 - 5613d412 1a76647a } [Oct 14 10:49:44][LOCAL_IP <-> REMOTE_IP] ike_alloc_negotiation: Start, SA = { dc989a49 02b4b7f3 - 5613d412 1a76647a} [Oct 14 10:49:44][LOCAL_IP <-> REMOTE_IP] ike_alloc_negotiation: Found slot 1, max 2 [Oct 14 10:49:44][LOCAL_IP <-> REMOTE_IP] :500 (Responder) <-> REMOTE_IP:500 { dc989a49 02b4b7f3 - 5613d412 1a76647a [1] / 0xf7bd593e } Info; New informational negotiation [Oct 14 10:49:44][LOCAL_IP <-> REMOTE_IP] :500 (Responder) <-> REMOTE_IP:500 { dc989a49 02b4b7f3 - 5613d412 1a76647a [1] / 0xf7bd593e } Info; Packet to old negotiation [Oct 14 10:49:44][LOCAL_IP <-> REMOTE_IP] :500 (Responder) <-> REMOTE_IP:500 { dc989a49 02b4b7f3 - 5613d412 1a76647a [1] / 0xf7bd593e } Info; Output of phase 2 IV hash[16] = 0xecfe22c9 dfce6576 788a1165 21488327 [Oct 14 10:49:44][LOCAL_IP <-> REMOTE_IP] ike_decode_packet: Start [Oct 14 10:49:44][LOCAL_IP <-> REMOTE_IP] ike_decode_packet: Start, SA = { dc989a49 02b4b7f3 - 5613d412 1a76647a} / f7bd593e, nego = 1 [Oct 14 10:49:44][LOCAL_IP <-> REMOTE_IP] ike_decode_packet: Decrypting packet [Oct 14 10:49:44][LOCAL_IP <-> REMOTE_IP] :500 (Responder) <-> REMOTE_IP:500 { dc989a49 02b4b7f3 - 5613d412 1a76647a [1] / 0xf7bd593e } Info; Version = 1.0, Input packet fields = 0220 HASH N [Oct 14 10:49:44][LOCAL_IP <-> REMOTE_IP] ike_state_step: Current state = Done (30)/-1, exchange = 5, auth_method = any, Responder [Oct 14 10:49:44][LOCAL_IP <-> REMOTE_IP] ike_st_i_encrypt: Check that packet was encrypted succeeded [Oct 14 10:49:44][LOCAL_IP <-> REMOTE_IP] ike_st_i_gen_hash: Start, hash[0..20] = c432c7e6 7b6bfaaa ... [Oct 14 10:49:44][LOCAL_IP <-> REMOTE_IP] ike_st_i_n: Start, doi = 1, protocol = 1, code = Payload malformed (16), spi[0..0] = 00000000 00000000 ..., data[0..0] = 00000000 00000000 ... [Oct 14 10:49:44][LOCAL_IP <-> REMOTE_IP] :500 (Responder) <-> REMOTE_IP:500 { dc989a49 02b4b7f3 - 5613d412 1a76647a [1] / 0xf7bd593e } Info; Received notify err = Payload malformed (16) to isakmp sa, delete it [Oct 14 10:49:44][LOCAL_IP <-> REMOTE_IP] ike_st_i_private: Start [Oct 14 10:49:44][LOCAL_IP <-> REMOTE_IP] ike_state_step: All done, new state = Done (30) [Oct 14 10:49:44][LOCAL_IP <-> REMOTE_IP] ike_process_packet: Connected, sending notify [Oct 14 10:49:44][LOCAL_IP <-> REMOTE_IP] ike_send_notify: Connected, SA = { dc989a49 02b4b7f3 - 5613d412 1a76647a}, nego = 1 [Oct 14 10:49:44][LOCAL_IP <-> REMOTE_IP] :500 (Responder) <-> REMOTE_IP:500 { dc989a49 02b4b7f3 - 5613d412 1a76647a [1] / 0xf7bd593e } Info; Connected [Oct 14 10:49:44][LOCAL_IP <-> REMOTE_IP] ike_delete_negotiation: Start, SA = { dc989a49 02b4b7f3 - 5613d412 1a76647a}, nego = 1 [Oct 14 10:49:44][LOCAL_IP <-> REMOTE_IP] :500 (Responder) <-> REMOTE_IP:500 { dc989a49 02b4b7f3 - 5613d412 1a76647a [1] / 0xf7bd593e } Info; Deleting negotiation [Oct 14 10:49:44][LOCAL_IP <-> REMOTE_IP] ike_free_negotiation_info: Start, nego = 1 [Oct 14 10:49:44][LOCAL_IP <-> REMOTE_IP] ike_free_negotiation: Start, nego = 1 [Oct 14 10:49:44][LOCAL_IP <-> REMOTE_IP] ike_remove_callback: Start, delete SA = { dc989a49 02b4b7f3 - 5613d412 1a76647a}, nego = -1 [Oct 14 10:49:44][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Responder) <-> REMOTE_IP:500 { dc989a49 02b4b7f3 - 5613d412 1a76647a [-1] / unknown } IP; Removing negotiation [Oct 14 10:49:44][LOCAL_IP <-> REMOTE_IP] ike_delete_negotiation: Start, SA = { dc989a49 02b4b7f3 - 5613d412 1a76647a}, nego = -1 [Oct 14 10:49:44][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Responder) <-> REMOTE_IP:500 { dc989a49 02b4b7f3 - 5613d412 1a76647a [-1] / unknown } IP; Deleting negotiation [Oct 14 10:49:44][LOCAL_IP <-> REMOTE_IP] ssh_ike_tunnel_table_entry_delete: Deleting tunnel_id: 0 from IKE tunnel table [Oct 14 10:49:44][LOCAL_IP <-> REMOTE_IP] ssh_ike_tunnel_table_entry_delete: The tunnel id: 0 doesn't exist in IKE tunnel table [Oct 14 10:49:44][LOCAL_IP <-> REMOTE_IP] ike_sa_delete: Start, SA = { dc989a49 02b4b7f3 - 5613d412 1a76647a } [Oct 14 10:49:44][LOCAL_IP <-> REMOTE_IP] ike_free_negotiation_cfg: Start, nego = 0 [Oct 14 10:49:44][LOCAL_IP <-> REMOTE_IP] ike_free_negotiation: Start, nego = 0 [Oct 14 10:49:44][LOCAL_IP <-> REMOTE_IP] ike_free_negotiation_isakmp: Start, nego = -1 [Oct 14 10:49:44][LOCAL_IP <-> REMOTE_IP] ike_free_negotiation: Start, nego = -1 [Oct 14 10:49:44][LOCAL_IP <-> REMOTE_IP] ikev2_fb_isakmp_sa_freed: Received notification from the ISAKMP library that the IKE SA df6400 is freed [Oct 14 10:49:44][LOCAL_IP <-> REMOTE_IP] IKE SA delete called for p1 sa 2593436 (ref cnt 1) local:LOCAL_IP, remote:REMOTE_IP, IKEv1 [Oct 14 10:49:44][LOCAL_IP <-> REMOTE_IP] P1 SA 2593436 stop timer. timer duration 30, reason 0. [Oct 14 10:49:44][LOCAL_IP <-> REMOTE_IP] iked_pm_p1_sa_destroy: p1 sa 2593436 (ref cnt 0), waiting_for_del 0x0 [Oct 14 10:49:44][LOCAL_IP <-> REMOTE_IP] iked_peer_remove_p1sa_entry: Remove p1 sa 2593436 from peer entry 0x9cc400 [Oct 14 10:49:44][LOCAL_IP <-> REMOTE_IP] ike_free_id_payload: Start, id type = 1 [Oct 14 10:49:44][LOCAL_IP <-> REMOTE_IP] ike_free_id_payload: Start, id type = 1 [Oct 14 10:49:44][LOCAL_IP <-> REMOTE_IP] ike_free_sa: Start [Oct 14 10:49:48][LOCAL_IP <-> REMOTE_IP] ike_sa_find: Not found SA = { dc989a49 02b4b7f3 - 5613d412 1a76647a } [Oct 14 10:49:48][LOCAL_IP <-> REMOTE_IP] ikev2_packet_v1_start: Passing IKE v1.0 packet to IKEv1 library [Oct 14 10:49:48][LOCAL_IP <-> REMOTE_IP] ike_get_sa: Start, SA = { dc989a49 02b4b7f3 - 5613d412 1a76647a } / 61623c78, remote = REMOTE_IP:500 [Oct 14 10:49:48][LOCAL_IP <-> REMOTE_IP] ike_sa_find: Not found SA = { dc989a49 02b4b7f3 - 5613d412 1a76647a } [Oct 14 10:49:48][LOCAL_IP <-> REMOTE_IP] ike_sa_find_half: Not found half SA = { dc989a49 02b4b7f3 - 00000000 00000000 } [Oct 14 10:49:48][LOCAL_IP <-> REMOTE_IP] ike_get_sa: Invalid cookie, no sa found, SA = { dc989a49 02b4b7f3 - 5613d412 1a76647a } / 61623c78, remote = REMOTE_IP:500 [Oct 14 10:49:48][LOCAL_IP <-> REMOTE_IP] iked_pv_audit_callback: Empty SSH audit event [Oct 14 10:49:48][LOCAL_IP <-> REMOTE_IP] unknown (unknown) <-> unknown { unknown [unknown] / unknown } unknown; Packet to unknown Isakmp SA, ip = REMOTE_IP:500 [Oct 14 10:49:54][LOCAL_IP <-> REMOTE_IP] Received DPD Trigger message with local_gw_addr = LOCAL_IP remote_gw_addr = REMOTE_IP [Oct 14 10:49:54][LOCAL_IP <-> REMOTE_IP] DPD -> TTL decrement 4 (no-response) for remote peer REMOTE_IP [Oct 14 10:49:54][LOCAL_IP <-> REMOTE_IP] P1 SA 2593437 start timer. timer duration 30, reason 1. [Oct 14 10:49:54][LOCAL_IP <-> REMOTE_IP] iked_peer_insert_p1sa_entry: Insert p1 sa 2593437 in peer entry 0x9cc400 [Oct 14 10:49:54][LOCAL_IP <-> REMOTE_IP] ikev2_fallback_negotiation_alloc: Allocated fallback negotiation dfc800 [Oct 14 10:49:54][LOCAL_IP <-> REMOTE_IP] Parsing notification payload for local:LOCAL_IP, remote:REMOTE_IP IKEv1 [Oct 14 10:49:54][LOCAL_IP <-> REMOTE_IP] IKE SA fill called for negotiation of local:LOCAL_IP, remote:REMOTE_IP IKEv1 [Oct 14 10:49:54][LOCAL_IP <-> REMOTE_IP] ikev2_fallback_negotiation_free: Fallback negotiation dfc800 has still 1 references [Oct 14 10:49:54][LOCAL_IP <-> REMOTE_IP] ssh_ike_connect: Start, remote_name = REMOTE_IP:500, xchg = 2, flags = 00080000 [Oct 14 10:49:54][LOCAL_IP <-> REMOTE_IP] ike_sa_allocate: Start, SA = { 45059d66 1ca03d78 - 00000000 00000000 } [Oct 14 10:49:54][LOCAL_IP <-> REMOTE_IP] ike_init_isakmp_sa: Start, remote = REMOTE_IP:500, initiator = 1 [Oct 14 10:49:54][LOCAL_IP <-> REMOTE_IP] ssh_ike_connect: SA = { 45059d66 1ca03d78 - 00000000 00000000}, nego = -1 [Oct 14 10:49:54][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { 45059d66 1ca03d78 - 00000000 00000000 [-1] / 0x00000000 } IP; Start isakmp sa negotiation [Oct 14 10:49:54][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { 45059d66 1ca03d78 - 00000000 00000000 [-1] / 0x00000000 } IP; Version = 1.0, Input packet fields = 0000 [Oct 14 10:49:54][LOCAL_IP <-> REMOTE_IP] ike_state_step: Current state = Start sa negotiation I (1)/-1, exchange = 2, auth_method = pre shared key, Initiator [Oct 14 10:49:54][LOCAL_IP <-> REMOTE_IP] ike_st_o_sa_proposal: Start [Oct 14 10:49:54][LOCAL_IP <-> REMOTE_IP] ike_policy_reply_isakmp_vendor_ids: Start [Oct 14 10:49:54][LOCAL_IP <-> REMOTE_IP] ike_st_o_private: Start [Oct 14 10:49:54][LOCAL_IP <-> REMOTE_IP] ike_policy_reply_private_payload_out: Start [Oct 14 10:49:54][LOCAL_IP <-> REMOTE_IP] ike_state_step: All done, new state = MM SA I (3) [Oct 14 10:49:54][LOCAL_IP <-> REMOTE_IP] ike_encode_packet: Start, SA = { 0x45059d66 1ca03d78 - 00000000 00000000 } / 00000000, nego = -1 [Oct 14 10:49:54][LOCAL_IP <-> REMOTE_IP] ike_encode_packet: Final length = 288 [Oct 14 10:49:54][LOCAL_IP <-> REMOTE_IP] ike_send_packet: Start, send SA = { 45059d66 1ca03d78 - 00000000 00000000}, nego = -1, dst = REMOTE_IP:500, routing table id = 0 [Oct 14 10:49:54][LOCAL_IP <-> REMOTE_IP] ike_sa_find: Not found SA = { 45059d66 1ca03d78 - c7c82530 6e2e2e78 } [Oct 14 10:49:54][LOCAL_IP <-> REMOTE_IP] ikev2_packet_v1_start: Passing IKE v1.0 packet to IKEv1 library [Oct 14 10:49:54][LOCAL_IP <-> REMOTE_IP] ike_get_sa: Start, SA = { 45059d66 1ca03d78 - c7c82530 6e2e2e78 } / 00000000, remote = REMOTE_IP:500 [Oct 14 10:49:54][LOCAL_IP <-> REMOTE_IP] ike_sa_find: Not found SA = { 45059d66 1ca03d78 - c7c82530 6e2e2e78 } [Oct 14 10:49:54][LOCAL_IP <-> REMOTE_IP] ike_sa_find_half: Found half SA = { 45059d66 1ca03d78 - 00000000 00000000 } [Oct 14 10:49:54][LOCAL_IP <-> REMOTE_IP] ike_get_sa: We are intiator, first response packet [Oct 14 10:49:54][LOCAL_IP <-> REMOTE_IP] ike_sa_upgrade: Start, SA = { 45059d66 1ca03d78 - 00000000 00000000 } -> { ... - c7c82530 6e2e2e78 } [Oct 14 10:49:54][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { 45059d66 1ca03d78 - c7c82530 6e2e2e78 [-1] / 0x00000000 } IP; Packet to old negotiation [Oct 14 10:49:54][LOCAL_IP <-> REMOTE_IP] ike_decode_packet: Start [Oct 14 10:49:54][LOCAL_IP <-> REMOTE_IP] ike_decode_packet: Start, SA = { 45059d66 1ca03d78 - c7c82530 6e2e2e78} / 00000000, nego = -1 [Oct 14 10:49:54][LOCAL_IP <-> REMOTE_IP] ike_decode_payload_sa: Start [Oct 14 10:49:54][LOCAL_IP <-> REMOTE_IP] ike_decode_payload_sa: Found 1 proposals [Oct 14 10:49:54][LOCAL_IP <-> REMOTE_IP] ike_decode_payload_t: Start, # trans = 1 [Oct 14 10:49:54][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { 45059d66 1ca03d78 - c7c82530 6e2e2e78 [-1] / 0x00000000 } IP; Version = 1.0, Input packet fields = 0401 SA VID [Oct 14 10:49:54][LOCAL_IP <-> REMOTE_IP] ike_state_step: Current state = MM SA I (3)/-1, exchange = 2, auth_method = pre shared key, Initiator [Oct 14 10:49:54][LOCAL_IP <-> REMOTE_IP] ike_st_i_sa_value: Start [Oct 14 10:49:54][LOCAL_IP <-> REMOTE_IP] ike_st_i_cr: Start [Oct 14 10:49:54][LOCAL_IP <-> REMOTE_IP] ike_st_i_cert: Start [Oct 14 10:49:54][LOCAL_IP <-> REMOTE_IP] ike_st_i_vid: VID[0..8] = 09002689 dfd6b712 ... [Oct 14 10:49:54][LOCAL_IP <-> REMOTE_IP] ike_st_i_vid: VID[0..16] = afcad713 68a1f1c9 ... [Oct 14 10:49:54][LOCAL_IP <-> REMOTE_IP] ike_st_i_vid: VID[0..16] = 12f5f28c 457168a9 ... [Oct 14 10:49:54][LOCAL_IP <-> REMOTE_IP] ike_st_i_vid: VID[0..16] = 4a131c81 07035845 ... [Oct 14 10:49:54][LOCAL_IP <-> REMOTE_IP] ike_st_i_private: Start [Oct 14 10:49:54][LOCAL_IP <-> REMOTE_IP] ike_st_o_ke: Start [Oct 14 10:49:54][LOCAL_IP <-> REMOTE_IP] iked_dh_get_group: DH Group 2 [Oct 14 10:49:54][LOCAL_IP <-> REMOTE_IP] iked_dh_generate_sync: Requested DH group 2 [Oct 14 10:49:54][LOCAL_IP <-> REMOTE_IP] iked_dh_generate_sync: Generated DH keys using hardware for DH group 2 [Oct 14 10:49:54][LOCAL_IP <-> REMOTE_IP] juniper_dlp_diffie_hellman_generate_async: DH Generate Secs [0] USecs [6357] [Oct 14 10:49:54][LOCAL_IP <-> REMOTE_IP] juniper_dlp_diffie_hellman_generate_async: Generated DH using hardware [Oct 14 10:49:54][LOCAL_IP <-> REMOTE_IP] ike_st_o_nonce: Start [Oct 14 10:49:54][LOCAL_IP <-> REMOTE_IP] ike_policy_reply_isakmp_nonce_data_len: Start [Oct 14 10:49:54][LOCAL_IP <-> REMOTE_IP] ike_st_o_private: Start [Oct 14 10:49:54][LOCAL_IP <-> REMOTE_IP] ike_policy_reply_private_payload_out: Start [Oct 14 10:49:54][LOCAL_IP <-> REMOTE_IP] ike_policy_reply_private_payload_out: Start [Oct 14 10:49:54][LOCAL_IP <-> REMOTE_IP] ike_policy_reply_private_payload_out: Start [Oct 14 10:49:54][LOCAL_IP <-> REMOTE_IP] ike_state_step: All done, new state = MM KE I (5) [Oct 14 10:49:54][LOCAL_IP <-> REMOTE_IP] ike_encode_packet: Start, SA = { 0x45059d66 1ca03d78 - c7c82530 6e2e2e78 } / 00000000, nego = -1 [Oct 14 10:49:54][LOCAL_IP <-> REMOTE_IP] ike_encode_packet: Final length = 228 [Oct 14 10:49:54][LOCAL_IP <-> REMOTE_IP] ike_send_packet: Start, send SA = { 45059d66 1ca03d78 - c7c82530 6e2e2e78}, nego = -1, dst = REMOTE_IP:500, routing table id = 0 [Oct 14 10:49:54][LOCAL_IP <-> REMOTE_IP] ike_sa_find: Found SA = { 45059d66 1ca03d78 - c7c82530 6e2e2e78 } [Oct 14 10:49:54][LOCAL_IP <-> REMOTE_IP] ikev2_packet_v1_start: Passing IKE v1.0 packet to IKEv1 library [Oct 14 10:49:54][LOCAL_IP <-> REMOTE_IP] ike_get_sa: Start, SA = { 45059d66 1ca03d78 - c7c82530 6e2e2e78 } / 00000000, remote = REMOTE_IP:500 [Oct 14 10:49:54][LOCAL_IP <-> REMOTE_IP] ike_sa_find: Found SA = { 45059d66 1ca03d78 - c7c82530 6e2e2e78 } [Oct 14 10:49:54][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { 45059d66 1ca03d78 - c7c82530 6e2e2e78 [-1] / 0x00000000 } IP; Packet to old negotiation [Oct 14 10:49:54][LOCAL_IP <-> REMOTE_IP] ike_decode_packet: Start [Oct 14 10:49:54][LOCAL_IP <-> REMOTE_IP] ike_decode_packet: Start, SA = { 45059d66 1ca03d78 - c7c82530 6e2e2e78} / 00000000, nego = -1 [Oct 14 10:49:54][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { 45059d66 1ca03d78 - c7c82530 6e2e2e78 [-1] / 0x00000000 } IP; Version = 1.0, Input packet fields = 0012 KE NONCE [Oct 14 10:49:54][LOCAL_IP <-> REMOTE_IP] ike_state_step: Current state = MM KE I (5)/-1, exchange = 2, auth_method = pre shared key, Initiator [Oct 14 10:49:54][LOCAL_IP <-> REMOTE_IP] ike_st_i_nonce: Start, nonce[0..32] = 68bdd78b 5bedd8b3 ... [Oct 14 10:49:54][LOCAL_IP <-> REMOTE_IP] ike_st_i_ke: Ke[0..128] = 6a07fc2e 5e71a640 ... [Oct 14 10:49:54][LOCAL_IP <-> REMOTE_IP] ike_st_i_cr: Start [Oct 14 10:49:54][LOCAL_IP <-> REMOTE_IP] ike_st_i_cert: Start [Oct 14 10:49:54][LOCAL_IP <-> REMOTE_IP] ike_st_i_private: Start [Oct 14 10:49:54][LOCAL_IP <-> REMOTE_IP] ike_st_o_id: Start [Oct 14 10:49:54][LOCAL_IP <-> REMOTE_IP] ike_st_o_hash: Start [Oct 14 10:49:54][LOCAL_IP <-> REMOTE_IP] iked_dh_get_group: DH Group 2 [Oct 14 10:49:54][LOCAL_IP <-> REMOTE_IP] iked_dh_compute_synch: Requested DH group 2 [Oct 14 10:49:54][LOCAL_IP <-> REMOTE_IP] juniper_dlp_diffie_hellman_final_async: DH Compute Secs [0] USecs [5152] [Oct 14 10:49:54][LOCAL_IP <-> REMOTE_IP] juniper_dlp_diffie_hellman_final_async: Computed DH using hardware [Oct 14 10:49:54][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { 45059d66 1ca03d78 - c7c82530 6e2e2e78 [-1] / 0x00000000 } IP; Diffie-hellman secret g^xy[128] = 0xc68310a5 4c69c4c0 3eaca4bf f75652ee c8 [Oct 14 10:49:54][LOCAL_IP <-> REMOTE_IP] ike_find_pre_shared_key: Find pre shared key key for LOCAL_IP:500, id = ipv4(any:0,[0..3]=LOCAL_IP) -> REMOTE_IP:500, id = No Id [Oct 14 10:49:54][LOCAL_IP <-> REMOTE_IP] ike_policy_reply_find_pre_shared_key: Start [Oct 14 10:49:54][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { 45059d66 1ca03d78 - c7c82530 6e2e2e78 [-1] / 0x00000000 } IP; Hash algorithm = hmac-sha1 [Oct 14 10:49:54][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { 45059d66 1ca03d78 - c7c82530 6e2e2e78 [-1] / 0x00000000 } IP; Prf key[11] = 0x32303135 4d696172 657465 [Oct 14 10:49:54][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { 45059d66 1ca03d78 - c7c82530 6e2e2e78 [-1] / 0x00000000 } IP; Calculating SKEYID [Oct 14 10:49:54][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { 45059d66 1ca03d78 - c7c82530 6e2e2e78 [-1] / 0x00000000 } IP; Output of SKEYID hash[20] = 0x7a8ffef0 fb7dd4a0 ed152c5d d7dad466 ed4949bb [Oct 14 10:49:54][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { 45059d66 1ca03d78 - c7c82530 6e2e2e78 [-1] / 0x00000000 } IP; Output of SKEYID_d hash[20] = 0x87820aca 097dd313 b2fcdbd0 b7de3162 92b79b [Oct 14 10:49:54][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { 45059d66 1ca03d78 - c7c82530 6e2e2e78 [-1] / 0x00000000 } IP; Output of SKEYID_a hash[20] = 0x602d7c9f 81e240cf 9d33cf03 10c1f695 c67429 [Oct 14 10:49:54][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { 45059d66 1ca03d78 - c7c82530 6e2e2e78 [-1] / 0x00000000 } IP; Output SKEYID_e hash[20] = 0x8c92203d d9b6cd2d d6c28ad9 b76b877e 7027b6ea [Oct 14 10:49:54][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { 45059d66 1ca03d78 - c7c82530 6e2e2e78 [-1] / 0x00000000 } IP; Final encryption key[16] = 0x8c92203d d9b6cd2d d6c28ad9 b76b877e [Oct 14 10:49:54][LOCAL_IP <-> REMOTE_IP] ike_calc_mac: Start, initiator = true, local = true [Oct 14 10:49:54][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { 45059d66 1ca03d78 - c7c82530 6e2e2e78 [-1] / 0x00000000 } IP; Output of HASH_I hash[20] = 0xe1ce7c13 cc3398b4 42d39463 5cc1f111 4d6b7205 [Oct 14 10:49:54][LOCAL_IP <-> REMOTE_IP] ike_st_o_status_n: Start [Oct 14 10:49:54][LOCAL_IP <-> REMOTE_IP] ike_st_o_private: Start [Oct 14 10:49:54][LOCAL_IP <-> REMOTE_IP] ike_policy_reply_private_payload_out: Start [Oct 14 10:49:54][LOCAL_IP <-> REMOTE_IP] ike_st_o_encrypt: Marking encryption for packet [Oct 14 10:49:54][LOCAL_IP <-> REMOTE_IP] ike_state_step: All done, new state = MM final I (7) [Oct 14 10:49:54][LOCAL_IP <-> REMOTE_IP] ike_encode_packet: Start, SA = { 0x45059d66 1ca03d78 - c7c82530 6e2e2e78 } / 00000000, nego = -1 [Oct 14 10:49:54][LOCAL_IP <-> REMOTE_IP] ike_encode_packet: Encrypting packet [Oct 14 10:49:54][LOCAL_IP <-> REMOTE_IP] ike_encode_packet: Final length = 76 [Oct 14 10:49:54][LOCAL_IP <-> REMOTE_IP] ike_send_packet: Start, send SA = { 45059d66 1ca03d78 - c7c82530 6e2e2e78}, nego = -1, dst = REMOTE_IP:500, routing table id = 0 [Oct 14 10:49:54][LOCAL_IP <-> REMOTE_IP] ike_sa_find: Found SA = { 45059d66 1ca03d78 - c7c82530 6e2e2e78 } [Oct 14 10:49:54][LOCAL_IP <-> REMOTE_IP] ikev2_packet_v1_start: Passing IKE v1.0 packet to IKEv1 library [Oct 14 10:49:54][LOCAL_IP <-> REMOTE_IP] ike_get_sa: Start, SA = { 45059d66 1ca03d78 - c7c82530 6e2e2e78 } / 00000000, remote = REMOTE_IP:500 [Oct 14 10:49:54][LOCAL_IP <-> REMOTE_IP] ike_sa_find: Found SA = { 45059d66 1ca03d78 - c7c82530 6e2e2e78 } [Oct 14 10:49:54][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { 45059d66 1ca03d78 - c7c82530 6e2e2e78 [-1] / 0x00000000 } IP; Packet to old negotiation [Oct 14 10:49:54][LOCAL_IP <-> REMOTE_IP] ike_decode_packet: Start [Oct 14 10:49:54][LOCAL_IP <-> REMOTE_IP] ike_decode_packet: Start, SA = { 45059d66 1ca03d78 - c7c82530 6e2e2e78} / 00000000, nego = -1 [Oct 14 10:49:54][LOCAL_IP <-> REMOTE_IP] ike_decode_packet: Decrypting packet [Oct 14 10:49:54][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { 45059d66 1ca03d78 - c7c82530 6e2e2e78 [-1] / 0x00000000 } IP; Version = 1.0, Input packet fields = 0024 ID HASH [Oct 14 10:49:54][LOCAL_IP <-> REMOTE_IP] ike_state_step: Current state = MM final I (7)/-1, exchange = 2, auth_method = pre shared key, Initiator [Oct 14 10:49:54][LOCAL_IP <-> REMOTE_IP] ike_st_i_encrypt: Check that packet was encrypted succeeded [Oct 14 10:49:54][LOCAL_IP <-> REMOTE_IP] ike_st_i_id: Start [Oct 14 10:49:54][LOCAL_IP <-> REMOTE_IP] ike_st_i_hash: Start, hash[0..20] = e26a1e25 1ec86ceb ... [Oct 14 10:49:54][LOCAL_IP <-> REMOTE_IP] ike_calc_mac: Start, initiator = true, local = false [Oct 14 10:49:54][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { 45059d66 1ca03d78 - c7c82530 6e2e2e78 [-1] / 0x00000000 } IP; Output of HASH_R hash[20] = 0xe26a1e25 1ec86ceb 03140626 30a414f4 82973163 [Oct 14 10:49:54][LOCAL_IP <-> REMOTE_IP] ike_st_i_cert: Start [Oct 14 10:49:54][LOCAL_IP <-> REMOTE_IP] ike_st_i_private: Start [Oct 14 10:49:54][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { 45059d66 1ca03d78 - c7c82530 6e2e2e78 [-1] / 0x00000000 } IP; dec->enc iv[16] = 0x247a8d04 15ccb23e 9a838d5f 05547d75 [Oct 14 10:49:54][LOCAL_IP <-> REMOTE_IP] ike_st_o_wait_done: Marking for waiting for done [Oct 14 10:49:54][LOCAL_IP <-> REMOTE_IP] ike_st_o_all_done: MESSAGE: Phase 1 { 0x45059d66 1ca03d78 - 0xc7c82530 6e2e2e78 } / 00000000, version = 1.0, xchg = Identity protect, auth_method = Pre shared keys, Initiator, cipher = aes- [Oct 14 10:49:54][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { 45059d66 1ca03d78 - c7c82530 6e2e2e78 [-1] / 0x00000000 } IP; MESSAGE: Phase 1 version = 1.0, auth_method = Pre shared keys, cipher = ae [Oct 14 10:49:54][LOCAL_IP <-> REMOTE_IP] ike_state_step: All done, new state = MM done I (9) [Oct 14 10:49:54][LOCAL_IP <-> REMOTE_IP] ikev2_fallback_negotiation_free: Fallback negotiation dfc800 has still 1 references [Oct 14 10:49:54][LOCAL_IP <-> REMOTE_IP] ike_send_notify: Connected, SA = { 45059d66 1ca03d78 - c7c82530 6e2e2e78}, nego = -1 [Oct 14 10:49:54][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { 45059d66 1ca03d78 - c7c82530 6e2e2e78 [-1] / 0x00000000 } IP; Connected [Oct 14 10:49:54][LOCAL_IP <-> REMOTE_IP] ike_process_packet: No output packet, returning [Oct 14 10:49:54][LOCAL_IP <-> REMOTE_IP] iked_pm_ike_sa_done: local:LOCAL_IP, remote:REMOTE_IP IKEv1 [Oct 14 10:49:54][LOCAL_IP <-> REMOTE_IP] IKE negotiation done for local:LOCAL_IP, remote:REMOTE_IP IKEv1 with status: Error ok [Oct 14 10:49:54][LOCAL_IP <-> REMOTE_IP] Parsing notification payload for local:LOCAL_IP, remote:REMOTE_IP IKEv1 [Oct 14 10:49:54][LOCAL_IP <-> REMOTE_IP] P1 SA 2593437 stop timer. timer duration 30, reason 1. [Oct 14 10:49:54][LOCAL_IP <-> REMOTE_IP] ssh_ike_connect_notify: Start, remote_name = :500, flags = 00010000 [Oct 14 10:49:54][LOCAL_IP <-> REMOTE_IP] ike_sa_find_ip_port: Remote = all:500, Found SA = { 45059d66 1ca03d78 - c7c82530 6e2e2e78} [Oct 14 10:49:54][LOCAL_IP <-> REMOTE_IP] ike_alloc_negotiation: Start, SA = { 45059d66 1ca03d78 - c7c82530 6e2e2e78} [Oct 14 10:49:54][LOCAL_IP <-> REMOTE_IP] ike_alloc_negotiation: Found slot 0, max 1 [Oct 14 10:49:54][LOCAL_IP <-> REMOTE_IP] :500 (Initiator) <-> REMOTE_IP:500 { 45059d66 1ca03d78 - c7c82530 6e2e2e78 [0] / 0xfaaf96b5 } Info; Output of phase 2 IV hash[16] = 0x8ac79436 48dff43f 8faea866 94281e71 [Oct 14 10:49:54][LOCAL_IP <-> REMOTE_IP] ike_init_info_exchange: Created random message id = faaf96b5 [Oct 14 10:49:54][LOCAL_IP <-> REMOTE_IP] ike_init_info_exchange: Phase 1 done, use HASH and N or D payload [Oct 14 10:49:54][LOCAL_IP <-> REMOTE_IP] ssh_ike_connect_notify: SA = { 45059d66 1ca03d78 - c7c82530 6e2e2e78}, nego = 0 [Oct 14 10:49:54][LOCAL_IP <-> REMOTE_IP] :500 (Initiator) <-> REMOTE_IP:500 { 45059d66 1ca03d78 - c7c82530 6e2e2e78 [0] / 0xfaaf96b5 } Info; Start notify negotiation [Oct 14 10:49:54][LOCAL_IP <-> REMOTE_IP] ike_encode_packet: Start, SA = { 0x45059d66 1ca03d78 - c7c82530 6e2e2e78 } / faaf96b5, nego = 0 [Oct 14 10:49:54][LOCAL_IP <-> REMOTE_IP] ike_encode_packet: Encrypting packet [Oct 14 10:49:54][LOCAL_IP <-> REMOTE_IP] ike_encode_packet: Final length = 92 [Oct 14 10:49:54][LOCAL_IP <-> REMOTE_IP] ssh_ike_connect_notify: Sending notification to (null):500 [Oct 14 10:49:54][LOCAL_IP <-> REMOTE_IP] ike_send_packet: Start, send SA = { 45059d66 1ca03d78 - c7c82530 6e2e2e78}, nego = 0, dst = REMOTE_IP:500, routing table id = 0 [Oct 14 10:49:54][LOCAL_IP <-> REMOTE_IP] ike_delete_negotiation: Start, SA = { 45059d66 1ca03d78 - c7c82530 6e2e2e78}, nego = 0 [Oct 14 10:49:54][LOCAL_IP <-> REMOTE_IP] :500 (Initiator) <-> REMOTE_IP:500 { 45059d66 1ca03d78 - c7c82530 6e2e2e78 [0] / 0xfaaf96b5 } Info; Deleting negotiation [Oct 14 10:49:54][LOCAL_IP <-> REMOTE_IP] ike_free_negotiation_info: Start, nego = 0 [Oct 14 10:49:54][LOCAL_IP <-> REMOTE_IP] ike_free_negotiation: Start, nego = 0 [Oct 14 10:49:54][LOCAL_IP <-> REMOTE_IP] iked_pm_ike_info_done_callback: P1 SA 2593437 (ref 2). pending req? 0, status: Error ok [Oct 14 10:49:54][LOCAL_IP <-> REMOTE_IP] ikev2_fallback_negotiation_free: Freeing fallback negotiation dfc800 [Oct 14 10:49:54][LOCAL_IP <-> REMOTE_IP] ike_sa_find: Found SA = { 45059d66 1ca03d78 - c7c82530 6e2e2e78 } [Oct 14 10:49:54][LOCAL_IP <-> REMOTE_IP] ikev2_packet_v1_start: Passing IKE v1.0 packet to IKEv1 library [Oct 14 10:49:54][LOCAL_IP <-> REMOTE_IP] ike_get_sa: Start, SA = { 45059d66 1ca03d78 - c7c82530 6e2e2e78 } / f282596a, remote = REMOTE_IP:500 [Oct 14 10:49:54][LOCAL_IP <-> REMOTE_IP] ike_sa_find: Found SA = { 45059d66 1ca03d78 - c7c82530 6e2e2e78 } [Oct 14 10:49:54][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { 45059d66 1ca03d78 - c7c82530 6e2e2e78 [-1] / 0x00000000 } IP; Version = 1.0, Input packet fields = 0024 ID HASH [Oct 14 10:49:54][LOCAL_IP <-> REMOTE_IP] ike_state_step: Current state = MM done I (9)/-1, exchange = 2, auth_method = pre shared key, Initiator [Oct 14 10:49:54][LOCAL_IP <-> REMOTE_IP] ike_st_o_done: ISAKMP SA negotiation done [Oct 14 10:49:54][LOCAL_IP <-> REMOTE_IP] ike_state_step: All done, new state = Done (30) [Oct 14 10:49:54][LOCAL_IP <-> REMOTE_IP] ike_udp_callback_common: Connected, sending notify [Oct 14 10:49:54][LOCAL_IP <-> REMOTE_IP] ike_send_notify: Connected, SA = { 45059d66 1ca03d78 - c7c82530 6e2e2e78}, nego = -1 [Oct 14 10:49:54][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { 45059d66 1ca03d78 - c7c82530 6e2e2e78 [-1] / 0x00000000 } IP; Connected [Oct 14 10:49:54][LOCAL_IP <-> REMOTE_IP] ike_free_negotiation_isakmp: Start, nego = -1 [Oct 14 10:49:54][LOCAL_IP <-> REMOTE_IP] ike_free_negotiation: Start, nego = -1 [Oct 14 10:49:54][LOCAL_IP <-> REMOTE_IP] ike_alloc_negotiation: Start, SA = { 45059d66 1ca03d78 - c7c82530 6e2e2e78} [Oct 14 10:49:54][LOCAL_IP <-> REMOTE_IP] ike_alloc_negotiation: Found slot 0, max 1 [Oct 14 10:49:54][LOCAL_IP <-> REMOTE_IP] ike_init_cfg_negotiation: Start, initiator = 0, message_id = f282596a [Oct 14 10:49:54][LOCAL_IP <-> REMOTE_IP] :500 (Responder) <-> REMOTE_IP:500 { 45059d66 1ca03d78 - c7c82530 6e2e2e78 [0] / 0xf282596a } CFG; New negotiation [Oct 14 10:49:54][LOCAL_IP <-> REMOTE_IP] ikev2_fallback_negotiation_alloc: Allocated fallback negotiation dfc800 [Oct 14 10:49:54][LOCAL_IP <-> REMOTE_IP] ikev2_fb_alloc_cfgmode_negotiation: Accepting new Cfg/XAuth negotiation: local=:500, remote=REMOTE_IP:500 [Oct 14 10:49:54][LOCAL_IP <-> REMOTE_IP] :500 (Responder) <-> REMOTE_IP:500 { 45059d66 1ca03d78 - c7c82530 6e2e2e78 [0] / 0xf282596a } CFG; Output of phase 2 IV hash[16] = 0x406e3487 b794d30a e4b617ad 4132e1ca [Oct 14 10:49:54][LOCAL_IP <-> REMOTE_IP] ike_decode_packet: Start [Oct 14 10:49:54][LOCAL_IP <-> REMOTE_IP] ike_decode_packet: Start, SA = { 45059d66 1ca03d78 - c7c82530 6e2e2e78} / f282596a, nego = 0 [Oct 14 10:49:54][LOCAL_IP <-> REMOTE_IP] ike_decode_packet: Decrypting packet [Oct 14 10:49:54][LOCAL_IP <-> REMOTE_IP] ike_decode_payload_attr: Start [Oct 14 10:49:54][LOCAL_IP <-> REMOTE_IP] :500 (Responder) <-> REMOTE_IP:500 { 45059d66 1ca03d78 - c7c82530 6e2e2e78 [0] / 0xf282596a } CFG; Version = 1.0, Input packet fields = 0820 HASH ATTR [Oct 14 10:49:54][LOCAL_IP <-> REMOTE_IP] ike_state_step: Current state = Start CFG R (26)/-1, exchange = 6, auth_method = any, Responder [Oct 14 10:49:54][LOCAL_IP <-> REMOTE_IP] ike_st_i_encrypt: Check that packet was encrypted succeeded [Oct 14 10:49:54][LOCAL_IP <-> REMOTE_IP] ike_st_i_gen_hash: Start, hash[0..20] = 1a342a53 a649e8fc ... [Oct 14 10:49:54][LOCAL_IP <-> REMOTE_IP] ike_st_i_cfg_attr: Start [Oct 14 10:49:54][LOCAL_IP <-> REMOTE_IP] ike_process_packet: No output packet, returning [Oct 14 10:49:54][LOCAL_IP <-> REMOTE_IP] ike_cfg_attrs_reply: Start [Oct 14 10:49:54][LOCAL_IP <-> REMOTE_IP] ikev2_fallback_negotiation_free: Fallback negotiation dfc800 has still 2 references [Oct 14 10:49:54][LOCAL_IP <-> REMOTE_IP] ikev2_fallback_negotiation_free: Fallback negotiation dfc800 has still 1 references [Oct 14 10:49:54][LOCAL_IP <-> REMOTE_IP] ikev2_fallback_negotiation_free: Freeing fallback negotiation dfc800 [Oct 14 10:49:54][LOCAL_IP <-> REMOTE_IP] ike_sa_find: Found SA = { 45059d66 1ca03d78 - c7c82530 6e2e2e78 } [Oct 14 10:49:54][LOCAL_IP <-> REMOTE_IP] ikev2_packet_v1_start: Passing IKE v1.0 packet to IKEv1 library [Oct 14 10:49:54][LOCAL_IP <-> REMOTE_IP] ike_get_sa: Start, SA = { 45059d66 1ca03d78 - c7c82530 6e2e2e78 } / 368014fa, remote = REMOTE_IP:500 [Oct 14 10:49:54][LOCAL_IP <-> REMOTE_IP] ike_sa_find: Found SA = { 45059d66 1ca03d78 - c7c82530 6e2e2e78 } [Oct 14 10:49:54][LOCAL_IP <-> REMOTE_IP] ike_alloc_negotiation: Start, SA = { 45059d66 1ca03d78 - c7c82530 6e2e2e78} [Oct 14 10:49:54][LOCAL_IP <-> REMOTE_IP] ike_alloc_negotiation: Found slot 1, max 2 [Oct 14 10:49:54][LOCAL_IP <-> REMOTE_IP] :500 (Responder) <-> REMOTE_IP:500 { 45059d66 1ca03d78 - c7c82530 6e2e2e78 [1] / 0x368014fa } Info; New informational negotiation [Oct 14 10:49:54][LOCAL_IP <-> REMOTE_IP] :500 (Responder) <-> REMOTE_IP:500 { 45059d66 1ca03d78 - c7c82530 6e2e2e78 [1] / 0x368014fa } Info; Packet to old negotiation [Oct 14 10:49:54][LOCAL_IP <-> REMOTE_IP] :500 (Responder) <-> REMOTE_IP:500 { 45059d66 1ca03d78 - c7c82530 6e2e2e78 [1] / 0x368014fa } Info; Output of phase 2 IV hash[16] = 0xceb0912d a48514bb 4654d666 4bac4914 [Oct 14 10:49:54][LOCAL_IP <-> REMOTE_IP] ike_decode_packet: Start [Oct 14 10:49:54][LOCAL_IP <-> REMOTE_IP] ike_decode_packet: Start, SA = { 45059d66 1ca03d78 - c7c82530 6e2e2e78} / 368014fa, nego = 1 [Oct 14 10:49:54][LOCAL_IP <-> REMOTE_IP] ike_decode_packet: Decrypting packet [Oct 14 10:49:54][LOCAL_IP <-> REMOTE_IP] :500 (Responder) <-> REMOTE_IP:500 { 45059d66 1ca03d78 - c7c82530 6e2e2e78 [1] / 0x368014fa } Info; Version = 1.0, Input packet fields = 0220 HASH N [Oct 14 10:49:54][LOCAL_IP <-> REMOTE_IP] ike_state_step: Current state = Done (30)/-1, exchange = 5, auth_method = any, Responder [Oct 14 10:49:54][LOCAL_IP <-> REMOTE_IP] ike_st_i_encrypt: Check that packet was encrypted succeeded [Oct 14 10:49:54][LOCAL_IP <-> REMOTE_IP] ike_st_i_gen_hash: Start, hash[0..20] = afe414c8 13f7e7d1 ... [Oct 14 10:49:54][LOCAL_IP <-> REMOTE_IP] ike_st_i_n: Start, doi = 1, protocol = 1, code = Payload malformed (16), spi[0..0] = 00000000 00000000 ..., data[0..0] = 00000000 00000000 ... [Oct 14 10:49:54][LOCAL_IP <-> REMOTE_IP] :500 (Responder) <-> REMOTE_IP:500 { 45059d66 1ca03d78 - c7c82530 6e2e2e78 [1] / 0x368014fa } Info; Received notify err = Payload malformed (16) to isakmp sa, delete it [Oct 14 10:49:54][LOCAL_IP <-> REMOTE_IP] ike_st_i_private: Start [Oct 14 10:49:54][LOCAL_IP <-> REMOTE_IP] ike_state_step: All done, new state = Done (30) [Oct 14 10:49:54][LOCAL_IP <-> REMOTE_IP] ike_process_packet: Connected, sending notify [Oct 14 10:49:54][LOCAL_IP <-> REMOTE_IP] ike_send_notify: Connected, SA = { 45059d66 1ca03d78 - c7c82530 6e2e2e78}, nego = 1 [Oct 14 10:49:54][LOCAL_IP <-> REMOTE_IP] :500 (Responder) <-> REMOTE_IP:500 { 45059d66 1ca03d78 - c7c82530 6e2e2e78 [1] / 0x368014fa } Info; Connected [Oct 14 10:49:54][LOCAL_IP <-> REMOTE_IP] ike_delete_negotiation: Start, SA = { 45059d66 1ca03d78 - c7c82530 6e2e2e78}, nego = 1 [Oct 14 10:49:54][LOCAL_IP <-> REMOTE_IP] :500 (Responder) <-> REMOTE_IP:500 { 45059d66 1ca03d78 - c7c82530 6e2e2e78 [1] / 0x368014fa } Info; Deleting negotiation [Oct 14 10:49:54][LOCAL_IP <-> REMOTE_IP] ike_free_negotiation_info: Start, nego = 1 [Oct 14 10:49:54][LOCAL_IP <-> REMOTE_IP] ike_free_negotiation: Start, nego = 1 [Oct 14 10:49:54][LOCAL_IP <-> REMOTE_IP] ike_remove_callback: Start, delete SA = { 45059d66 1ca03d78 - c7c82530 6e2e2e78}, nego = -1 [Oct 14 10:49:54][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { 45059d66 1ca03d78 - c7c82530 6e2e2e78 [-1] / unknown } IP; Removing negotiation [Oct 14 10:49:54][LOCAL_IP <-> REMOTE_IP] ike_delete_negotiation: Start, SA = { 45059d66 1ca03d78 - c7c82530 6e2e2e78}, nego = -1 [Oct 14 10:49:54][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { 45059d66 1ca03d78 - c7c82530 6e2e2e78 [-1] / unknown } IP; Deleting negotiation [Oct 14 10:49:54][LOCAL_IP <-> REMOTE_IP] ssh_ike_tunnel_table_entry_delete: Deleting tunnel_id: 0 from IKE tunnel table [Oct 14 10:49:54][LOCAL_IP <-> REMOTE_IP] ssh_ike_tunnel_table_entry_delete: The tunnel id: 0 doesn't exist in IKE tunnel table [Oct 14 10:49:54][LOCAL_IP <-> REMOTE_IP] ike_sa_delete: Start, SA = { 45059d66 1ca03d78 - c7c82530 6e2e2e78 } [Oct 14 10:49:54][LOCAL_IP <-> REMOTE_IP] ike_free_negotiation_cfg: Start, nego = 0 [Oct 14 10:49:54][LOCAL_IP <-> REMOTE_IP] ike_free_negotiation: Start, nego = 0 [Oct 14 10:49:54][LOCAL_IP <-> REMOTE_IP] ike_free_negotiation_isakmp: Start, nego = -1 [Oct 14 10:49:54][LOCAL_IP <-> REMOTE_IP] ike_free_negotiation: Start, nego = -1 [Oct 14 10:49:54][LOCAL_IP <-> REMOTE_IP] ikev2_fb_isakmp_sa_freed: Received notification from the ISAKMP library that the IKE SA df6400 is freed [Oct 14 10:49:54][LOCAL_IP <-> REMOTE_IP] IKE SA delete called for p1 sa 2593437 (ref cnt 1) local:LOCAL_IP, remote:REMOTE_IP, IKEv1 [Oct 14 10:49:54][LOCAL_IP <-> REMOTE_IP] P1 SA 2593437 stop timer. timer duration 30, reason 0. [Oct 14 10:49:54][LOCAL_IP <-> REMOTE_IP] iked_pm_p1_sa_destroy: p1 sa 2593437 (ref cnt 0), waiting_for_del 0x0 [Oct 14 10:49:54][LOCAL_IP <-> REMOTE_IP] iked_peer_remove_p1sa_entry: Remove p1 sa 2593437 from peer entry 0x9cc400 [Oct 14 10:49:54][LOCAL_IP <-> REMOTE_IP] ike_free_id_payload: Start, id type = 1 [Oct 14 10:49:54][LOCAL_IP <-> REMOTE_IP] ike_free_id_payload: Start, id type = 1 [Oct 14 10:49:54][LOCAL_IP <-> REMOTE_IP] ike_free_sa: Start [Oct 14 10:49:58][LOCAL_IP <-> REMOTE_IP] ike_sa_find: Not found SA = { 45059d66 1ca03d78 - c7c82530 6e2e2e78 } [Oct 14 10:49:58][LOCAL_IP <-> REMOTE_IP] ikev2_packet_v1_start: Passing IKE v1.0 packet to IKEv1 library [Oct 14 10:49:58][LOCAL_IP <-> REMOTE_IP] ike_get_sa: Start, SA = { 45059d66 1ca03d78 - c7c82530 6e2e2e78 } / f282596a, remote = REMOTE_IP:500 [Oct 14 10:49:58][LOCAL_IP <-> REMOTE_IP] ike_sa_find: Not found SA = { 45059d66 1ca03d78 - c7c82530 6e2e2e78 } [Oct 14 10:49:58][LOCAL_IP <-> REMOTE_IP] ike_sa_find_half: Not found half SA = { 45059d66 1ca03d78 - 00000000 00000000 } [Oct 14 10:49:58][LOCAL_IP <-> REMOTE_IP] ike_get_sa: Invalid cookie, no sa found, SA = { 45059d66 1ca03d78 - c7c82530 6e2e2e78 } / f282596a, remote = REMOTE_IP:500 [Oct 14 10:49:58][LOCAL_IP <-> REMOTE_IP] iked_pv_audit_callback: Empty SSH audit event [Oct 14 10:49:58][LOCAL_IP <-> REMOTE_IP] unknown (unknown) <-> unknown { unknown [unknown] / unknown } unknown; Packet to unknown Isakmp SA, ip = REMOTE_IP:500 [Oct 14 10:50:04][LOCAL_IP <-> REMOTE_IP] Received DPD Trigger message with local_gw_addr = LOCAL_IP remote_gw_addr = REMOTE_IP [Oct 14 10:50:04][LOCAL_IP <-> REMOTE_IP] DPD -> TTL decrement 4 (no-response) for remote peer REMOTE_IP [Oct 14 10:50:04][LOCAL_IP <-> REMOTE_IP] P1 SA 2593438 start timer. timer duration 30, reason 1. [Oct 14 10:50:04][LOCAL_IP <-> REMOTE_IP] iked_peer_insert_p1sa_entry: Insert p1 sa 2593438 in peer entry 0x9cc400 [Oct 14 10:50:04][LOCAL_IP <-> REMOTE_IP] ikev2_fallback_negotiation_alloc: Allocated fallback negotiation dfc800 [Oct 14 10:50:04][LOCAL_IP <-> REMOTE_IP] Parsing notification payload for local:LOCAL_IP, remote:REMOTE_IP IKEv1 [Oct 14 10:50:04][LOCAL_IP <-> REMOTE_IP] IKE SA fill called for negotiation of local:LOCAL_IP, remote:REMOTE_IP IKEv1 [Oct 14 10:50:04][LOCAL_IP <-> REMOTE_IP] ikev2_fallback_negotiation_free: Fallback negotiation dfc800 has still 1 references [Oct 14 10:50:04][LOCAL_IP <-> REMOTE_IP] ssh_ike_connect: Start, remote_name = REMOTE_IP:500, xchg = 2, flags = 00080000 [Oct 14 10:50:04][LOCAL_IP <-> REMOTE_IP] ike_sa_allocate: Start, SA = { 49f020e9 063381de - 00000000 00000000 } [Oct 14 10:50:04][LOCAL_IP <-> REMOTE_IP] ike_init_isakmp_sa: Start, remote = REMOTE_IP:500, initiator = 1 [Oct 14 10:50:04][LOCAL_IP <-> REMOTE_IP] ssh_ike_connect: SA = { 49f020e9 063381de - 00000000 00000000}, nego = -1 [Oct 14 10:50:04][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { 49f020e9 063381de - 00000000 00000000 [-1] / 0x00000000 } IP; Start isakmp sa negotiation [Oct 14 10:50:04][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { 49f020e9 063381de - 00000000 00000000 [-1] / 0x00000000 } IP; Version = 1.0, Input packet fields = 0000 [Oct 14 10:50:04][LOCAL_IP <-> REMOTE_IP] ike_state_step: Current state = Start sa negotiation I (1)/-1, exchange = 2, auth_method = pre shared key, Initiator [Oct 14 10:50:04][LOCAL_IP <-> REMOTE_IP] ike_st_o_sa_proposal: Start [Oct 14 10:50:04][LOCAL_IP <-> REMOTE_IP] ike_policy_reply_isakmp_vendor_ids: Start [Oct 14 10:50:04][LOCAL_IP <-> REMOTE_IP] ike_st_o_private: Start [Oct 14 10:50:04][LOCAL_IP <-> REMOTE_IP] ike_policy_reply_private_payload_out: Start [Oct 14 10:50:04][LOCAL_IP <-> REMOTE_IP] ike_state_step: All done, new state = MM SA I (3) [Oct 14 10:50:04][LOCAL_IP <-> REMOTE_IP] ike_encode_packet: Start, SA = { 0x49f020e9 063381de - 00000000 00000000 } / 00000000, nego = -1 [Oct 14 10:50:04][LOCAL_IP <-> REMOTE_IP] ike_encode_packet: Final length = 288 [Oct 14 10:50:04][LOCAL_IP <-> REMOTE_IP] ike_send_packet: Start, send SA = { 49f020e9 063381de - 00000000 00000000}, nego = -1, dst = REMOTE_IP:500, routing table id = 0 [Oct 14 10:50:04][LOCAL_IP <-> REMOTE_IP] ike_sa_find: Not found SA = { 49f020e9 063381de - 12390c85 f364d65b } [Oct 14 10:50:04][LOCAL_IP <-> REMOTE_IP] ikev2_packet_v1_start: Passing IKE v1.0 packet to IKEv1 library [Oct 14 10:50:04][LOCAL_IP <-> REMOTE_IP] ike_get_sa: Start, SA = { 49f020e9 063381de - 12390c85 f364d65b } / 00000000, remote = REMOTE_IP:500 [Oct 14 10:50:04][LOCAL_IP <-> REMOTE_IP] ike_sa_find: Not found SA = { 49f020e9 063381de - 12390c85 f364d65b } [Oct 14 10:50:04][LOCAL_IP <-> REMOTE_IP] ike_sa_find_half: Found half SA = { 49f020e9 063381de - 00000000 00000000 } [Oct 14 10:50:04][LOCAL_IP <-> REMOTE_IP] ike_get_sa: We are intiator, first response packet [Oct 14 10:50:04][LOCAL_IP <-> REMOTE_IP] ike_sa_upgrade: Start, SA = { 49f020e9 063381de - 00000000 00000000 } -> { ... - 12390c85 f364d65b } [Oct 14 10:50:04][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { 49f020e9 063381de - 12390c85 f364d65b [-1] / 0x00000000 } IP; Packet to old negotiation [Oct 14 10:50:04][LOCAL_IP <-> REMOTE_IP] ike_decode_packet: Start [Oct 14 10:50:04][LOCAL_IP <-> REMOTE_IP] ike_decode_packet: Start, SA = { 49f020e9 063381de - 12390c85 f364d65b} / 00000000, nego = -1 [Oct 14 10:50:04][LOCAL_IP <-> REMOTE_IP] ike_decode_payload_sa: Start [Oct 14 10:50:04][LOCAL_IP <-> REMOTE_IP] ike_decode_payload_sa: Found 1 proposals [Oct 14 10:50:04][LOCAL_IP <-> REMOTE_IP] ike_decode_payload_t: Start, # trans = 1 [Oct 14 10:50:04][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { 49f020e9 063381de - 12390c85 f364d65b [-1] / 0x00000000 } IP; Version = 1.0, Input packet fields = 0401 SA VID [Oct 14 10:50:04][LOCAL_IP <-> REMOTE_IP] ike_state_step: Current state = MM SA I (3)/-1, exchange = 2, auth_method = pre shared key, Initiator [Oct 14 10:50:04][LOCAL_IP <-> REMOTE_IP] ike_st_i_sa_value: Start [Oct 14 10:50:04][LOCAL_IP <-> REMOTE_IP] ike_st_i_cr: Start [Oct 14 10:50:04][LOCAL_IP <-> REMOTE_IP] ike_st_i_cert: Start [Oct 14 10:50:04][LOCAL_IP <-> REMOTE_IP] ike_st_i_vid: VID[0..8] = 09002689 dfd6b712 ... [Oct 14 10:50:04][LOCAL_IP <-> REMOTE_IP] ike_st_i_vid: VID[0..16] = afcad713 68a1f1c9 ... [Oct 14 10:50:04][LOCAL_IP <-> REMOTE_IP] ike_st_i_vid: VID[0..16] = 12f5f28c 457168a9 ... [Oct 14 10:50:04][LOCAL_IP <-> REMOTE_IP] ike_st_i_vid: VID[0..16] = 4a131c81 07035845 ... [Oct 14 10:50:04][LOCAL_IP <-> REMOTE_IP] ike_st_i_private: Start [Oct 14 10:50:04][LOCAL_IP <-> REMOTE_IP] ike_st_o_ke: Start [Oct 14 10:50:04][LOCAL_IP <-> REMOTE_IP] iked_dh_get_group: DH Group 2 [Oct 14 10:50:04][LOCAL_IP <-> REMOTE_IP] iked_dh_generate_sync: Requested DH group 2 [Oct 14 10:50:04][LOCAL_IP <-> REMOTE_IP] iked_dh_generate_sync: Generated DH keys using hardware for DH group 2 [Oct 14 10:50:04][LOCAL_IP <-> REMOTE_IP] juniper_dlp_diffie_hellman_generate_async: DH Generate Secs [0] USecs [6485] [Oct 14 10:50:04][LOCAL_IP <-> REMOTE_IP] juniper_dlp_diffie_hellman_generate_async: Generated DH using hardware [Oct 14 10:50:04][LOCAL_IP <-> REMOTE_IP] ike_st_o_nonce: Start [Oct 14 10:50:04][LOCAL_IP <-> REMOTE_IP] ike_policy_reply_isakmp_nonce_data_len: Start [Oct 14 10:50:04][LOCAL_IP <-> REMOTE_IP] ike_st_o_private: Start [Oct 14 10:50:04][LOCAL_IP <-> REMOTE_IP] ike_policy_reply_private_payload_out: Start [Oct 14 10:50:04][LOCAL_IP <-> REMOTE_IP] ike_policy_reply_private_payload_out: Start [Oct 14 10:50:04][LOCAL_IP <-> REMOTE_IP] ike_policy_reply_private_payload_out: Start [Oct 14 10:50:04][LOCAL_IP <-> REMOTE_IP] ike_state_step: All done, new state = MM KE I (5) [Oct 14 10:50:04][LOCAL_IP <-> REMOTE_IP] ike_encode_packet: Start, SA = { 0x49f020e9 063381de - 12390c85 f364d65b } / 00000000, nego = -1 [Oct 14 10:50:04][LOCAL_IP <-> REMOTE_IP] ike_encode_packet: Final length = 228 [Oct 14 10:50:04][LOCAL_IP <-> REMOTE_IP] ike_send_packet: Start, send SA = { 49f020e9 063381de - 12390c85 f364d65b}, nego = -1, dst = REMOTE_IP:500, routing table id = 0 [Oct 14 10:50:04][LOCAL_IP <-> REMOTE_IP] ike_sa_find: Found SA = { 49f020e9 063381de - 12390c85 f364d65b } [Oct 14 10:50:04][LOCAL_IP <-> REMOTE_IP] ikev2_packet_v1_start: Passing IKE v1.0 packet to IKEv1 library [Oct 14 10:50:04][LOCAL_IP <-> REMOTE_IP] ike_get_sa: Start, SA = { 49f020e9 063381de - 12390c85 f364d65b } / 00000000, remote = REMOTE_IP:500 [Oct 14 10:50:04][LOCAL_IP <-> REMOTE_IP] ike_sa_find: Found SA = { 49f020e9 063381de - 12390c85 f364d65b } [Oct 14 10:50:04][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { 49f020e9 063381de - 12390c85 f364d65b [-1] / 0x00000000 } IP; Packet to old negotiation [Oct 14 10:50:04][LOCAL_IP <-> REMOTE_IP] ike_decode_packet: Start [Oct 14 10:50:04][LOCAL_IP <-> REMOTE_IP] ike_decode_packet: Start, SA = { 49f020e9 063381de - 12390c85 f364d65b} / 00000000, nego = -1 [Oct 14 10:50:04][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { 49f020e9 063381de - 12390c85 f364d65b [-1] / 0x00000000 } IP; Version = 1.0, Input packet fields = 0012 KE NONCE [Oct 14 10:50:04][LOCAL_IP <-> REMOTE_IP] ike_state_step: Current state = MM KE I (5)/-1, exchange = 2, auth_method = pre shared key, Initiator [Oct 14 10:50:04][LOCAL_IP <-> REMOTE_IP] ike_st_i_nonce: Start, nonce[0..32] = 4f641f0b cad8627f ... [Oct 14 10:50:04][LOCAL_IP <-> REMOTE_IP] ike_st_i_ke: Ke[0..128] = 8b4440dd 2618366a ... [Oct 14 10:50:04][LOCAL_IP <-> REMOTE_IP] ike_st_i_cr: Start [Oct 14 10:50:04][LOCAL_IP <-> REMOTE_IP] ike_st_i_cert: Start [Oct 14 10:50:04][LOCAL_IP <-> REMOTE_IP] ike_st_i_private: Start [Oct 14 10:50:04][LOCAL_IP <-> REMOTE_IP] ike_st_o_id: Start [Oct 14 10:50:04][LOCAL_IP <-> REMOTE_IP] ike_st_o_hash: Start [Oct 14 10:50:04][LOCAL_IP <-> REMOTE_IP] iked_dh_get_group: DH Group 2 [Oct 14 10:50:04][LOCAL_IP <-> REMOTE_IP] iked_dh_compute_synch: Requested DH group 2 [Oct 14 10:50:04][LOCAL_IP <-> REMOTE_IP] juniper_dlp_diffie_hellman_final_async: DH Compute Secs [0] USecs [6221] [Oct 14 10:50:04][LOCAL_IP <-> REMOTE_IP] juniper_dlp_diffie_hellman_final_async: Computed DH using hardware [Oct 14 10:50:04][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { 49f020e9 063381de - 12390c85 f364d65b [-1] / 0x00000000 } IP; Diffie-hellman secret g^xy[128] = 0xdaff86a7 808aaf53 7feec640 93c7b86e 86 [Oct 14 10:50:04][LOCAL_IP <-> REMOTE_IP] ike_find_pre_shared_key: Find pre shared key key for LOCAL_IP:500, id = ipv4(any:0,[0..3]=LOCAL_IP) -> REMOTE_IP:500, id = No Id [Oct 14 10:50:04][LOCAL_IP <-> REMOTE_IP] ike_policy_reply_find_pre_shared_key: Start [Oct 14 10:50:04][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { 49f020e9 063381de - 12390c85 f364d65b [-1] / 0x00000000 } IP; Hash algorithm = hmac-sha1 [Oct 14 10:50:04][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { 49f020e9 063381de - 12390c85 f364d65b [-1] / 0x00000000 } IP; Prf key[11] = 0x32303135 4d696172 657465 [Oct 14 10:50:04][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { 49f020e9 063381de - 12390c85 f364d65b [-1] / 0x00000000 } IP; Calculating SKEYID [Oct 14 10:50:04][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { 49f020e9 063381de - 12390c85 f364d65b [-1] / 0x00000000 } IP; Output of SKEYID hash[20] = 0x63b407b3 d6dd8f65 2545f7d5 31bfedd5 8b8d0b03 [Oct 14 10:50:04][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { 49f020e9 063381de - 12390c85 f364d65b [-1] / 0x00000000 } IP; Output of SKEYID_d hash[20] = 0xa1d3c2fb bd11a17a 394a4d9f 3418d0af b1e568 [Oct 14 10:50:04][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { 49f020e9 063381de - 12390c85 f364d65b [-1] / 0x00000000 } IP; Output of SKEYID_a hash[20] = 0xf2b358b6 d5060ee2 6523398b 355849d9 eeb32d [Oct 14 10:50:04][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { 49f020e9 063381de - 12390c85 f364d65b [-1] / 0x00000000 } IP; Output SKEYID_e hash[20] = 0x9ae2a790 8e2db230 c88c0bb2 8e12d8ee 8b89c350 [Oct 14 10:50:04][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { 49f020e9 063381de - 12390c85 f364d65b [-1] / 0x00000000 } IP; Final encryption key[16] = 0x9ae2a790 8e2db230 c88c0bb2 8e12d8ee [Oct 14 10:50:04][LOCAL_IP <-> REMOTE_IP] ike_calc_mac: Start, initiator = true, local = true [Oct 14 10:50:04][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { 49f020e9 063381de - 12390c85 f364d65b [-1] / 0x00000000 } IP; Output of HASH_I hash[20] = 0xa8575df6 b9e2a907 94d4d0fe c981b524 4c17ff82 [Oct 14 10:50:04][LOCAL_IP <-> REMOTE_IP] ike_st_o_status_n: Start [Oct 14 10:50:04][LOCAL_IP <-> REMOTE_IP] ike_st_o_private: Start [Oct 14 10:50:04][LOCAL_IP <-> REMOTE_IP] ike_policy_reply_private_payload_out: Start [Oct 14 10:50:04][LOCAL_IP <-> REMOTE_IP] ike_st_o_encrypt: Marking encryption for packet [Oct 14 10:50:04][LOCAL_IP <-> REMOTE_IP] ike_state_step: All done, new state = MM final I (7) [Oct 14 10:50:04][LOCAL_IP <-> REMOTE_IP] ike_encode_packet: Start, SA = { 0x49f020e9 063381de - 12390c85 f364d65b } / 00000000, nego = -1 [Oct 14 10:50:04][LOCAL_IP <-> REMOTE_IP] ike_encode_packet: Encrypting packet [Oct 14 10:50:04][LOCAL_IP <-> REMOTE_IP] ike_encode_packet: Final length = 76 [Oct 14 10:50:04][LOCAL_IP <-> REMOTE_IP] ike_send_packet: Start, send SA = { 49f020e9 063381de - 12390c85 f364d65b}, nego = -1, dst = REMOTE_IP:500, routing table id = 0 [Oct 14 10:50:04][LOCAL_IP <-> REMOTE_IP] ike_sa_find: Found SA = { 49f020e9 063381de - 12390c85 f364d65b } [Oct 14 10:50:04][LOCAL_IP <-> REMOTE_IP] ikev2_packet_v1_start: Passing IKE v1.0 packet to IKEv1 library [Oct 14 10:50:04][LOCAL_IP <-> REMOTE_IP] ike_get_sa: Start, SA = { 49f020e9 063381de - 12390c85 f364d65b } / 00000000, remote = REMOTE_IP:500 [Oct 14 10:50:04][LOCAL_IP <-> REMOTE_IP] ike_sa_find: Found SA = { 49f020e9 063381de - 12390c85 f364d65b } [Oct 14 10:50:04][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { 49f020e9 063381de - 12390c85 f364d65b [-1] / 0x00000000 } IP; Packet to old negotiation [Oct 14 10:50:04][LOCAL_IP <-> REMOTE_IP] ike_decode_packet: Start [Oct 14 10:50:04][LOCAL_IP <-> REMOTE_IP] ike_decode_packet: Start, SA = { 49f020e9 063381de - 12390c85 f364d65b} / 00000000, nego = -1 [Oct 14 10:50:04][LOCAL_IP <-> REMOTE_IP] ike_decode_packet: Decrypting packet [Oct 14 10:50:04][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { 49f020e9 063381de - 12390c85 f364d65b [-1] / 0x00000000 } IP; Version = 1.0, Input packet fields = 0024 ID HASH [Oct 14 10:50:04][LOCAL_IP <-> REMOTE_IP] ike_state_step: Current state = MM final I (7)/-1, exchange = 2, auth_method = pre shared key, Initiator [Oct 14 10:50:04][LOCAL_IP <-> REMOTE_IP] ike_st_i_encrypt: Check that packet was encrypted succeeded [Oct 14 10:50:04][LOCAL_IP <-> REMOTE_IP] ike_st_i_id: Start [Oct 14 10:50:04][LOCAL_IP <-> REMOTE_IP] ike_st_i_hash: Start, hash[0..20] = e770084a 4dbe6954 ... [Oct 14 10:50:04][LOCAL_IP <-> REMOTE_IP] ike_calc_mac: Start, initiator = true, local = false [Oct 14 10:50:04][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { 49f020e9 063381de - 12390c85 f364d65b [-1] / 0x00000000 } IP; Output of HASH_R hash[20] = 0xe770084a 4dbe6954 8140f6a5 3c5453a1 f3eb3a3e [Oct 14 10:50:04][LOCAL_IP <-> REMOTE_IP] ike_st_i_cert: Start [Oct 14 10:50:04][LOCAL_IP <-> REMOTE_IP] ike_st_i_private: Start [Oct 14 10:50:04][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { 49f020e9 063381de - 12390c85 f364d65b [-1] / 0x00000000 } IP; dec->enc iv[16] = 0x81e5e1ed f103df0b ee50f056 94b43b22 [Oct 14 10:50:04][LOCAL_IP <-> REMOTE_IP] ike_st_o_wait_done: Marking for waiting for done [Oct 14 10:50:04][LOCAL_IP <-> REMOTE_IP] ike_st_o_all_done: MESSAGE: Phase 1 { 0x49f020e9 063381de - 0x12390c85 f364d65b } / 00000000, version = 1.0, xchg = Identity protect, auth_method = Pre shared keys, Initiator, cipher = aes- [Oct 14 10:50:04][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { 49f020e9 063381de - 12390c85 f364d65b [-1] / 0x00000000 } IP; MESSAGE: Phase 1 version = 1.0, auth_method = Pre shared keys, cipher = ae [Oct 14 10:50:04][LOCAL_IP <-> REMOTE_IP] ike_state_step: All done, new state = MM done I (9) [Oct 14 10:50:04][LOCAL_IP <-> REMOTE_IP] ikev2_fallback_negotiation_free: Fallback negotiation dfc800 has still 1 references [Oct 14 10:50:04][LOCAL_IP <-> REMOTE_IP] ike_send_notify: Connected, SA = { 49f020e9 063381de - 12390c85 f364d65b}, nego = -1 [Oct 14 10:50:04][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { 49f020e9 063381de - 12390c85 f364d65b [-1] / 0x00000000 } IP; Connected [Oct 14 10:50:04][LOCAL_IP <-> REMOTE_IP] ike_process_packet: No output packet, returning [Oct 14 10:50:04][LOCAL_IP <-> REMOTE_IP] iked_pm_ike_sa_done: local:LOCAL_IP, remote:REMOTE_IP IKEv1 [Oct 14 10:50:04][LOCAL_IP <-> REMOTE_IP] IKE negotiation done for local:LOCAL_IP, remote:REMOTE_IP IKEv1 with status: Error ok [Oct 14 10:50:04][LOCAL_IP <-> REMOTE_IP] Parsing notification payload for local:LOCAL_IP, remote:REMOTE_IP IKEv1 [Oct 14 10:50:04][LOCAL_IP <-> REMOTE_IP] P1 SA 2593438 stop timer. timer duration 30, reason 1. [Oct 14 10:50:04][LOCAL_IP <-> REMOTE_IP] ssh_ike_connect_notify: Start, remote_name = :500, flags = 00010000 [Oct 14 10:50:04][LOCAL_IP <-> REMOTE_IP] ike_sa_find_ip_port: Remote = all:500, Found SA = { 49f020e9 063381de - 12390c85 f364d65b} [Oct 14 10:50:04][LOCAL_IP <-> REMOTE_IP] ike_alloc_negotiation: Start, SA = { 49f020e9 063381de - 12390c85 f364d65b} [Oct 14 10:50:04][LOCAL_IP <-> REMOTE_IP] ike_alloc_negotiation: Found slot 0, max 1 [Oct 14 10:50:04][LOCAL_IP <-> REMOTE_IP] :500 (Initiator) <-> REMOTE_IP:500 { 49f020e9 063381de - 12390c85 f364d65b [0] / 0x793168a5 } Info; Output of phase 2 IV hash[16] = 0x309a37f0 32eda7ea 17149865 9931f9d6 [Oct 14 10:50:04][LOCAL_IP <-> REMOTE_IP] ike_init_info_exchange: Created random message id = 793168a5 [Oct 14 10:50:04][LOCAL_IP <-> REMOTE_IP] ike_init_info_exchange: Phase 1 done, use HASH and N or D payload [Oct 14 10:50:04][LOCAL_IP <-> REMOTE_IP] ssh_ike_connect_notify: SA = { 49f020e9 063381de - 12390c85 f364d65b}, nego = 0 [Oct 14 10:50:04][LOCAL_IP <-> REMOTE_IP] :500 (Initiator) <-> REMOTE_IP:500 { 49f020e9 063381de - 12390c85 f364d65b [0] / 0x793168a5 } Info; Start notify negotiation [Oct 14 10:50:04][LOCAL_IP <-> REMOTE_IP] ike_encode_packet: Start, SA = { 0x49f020e9 063381de - 12390c85 f364d65b } / 793168a5, nego = 0 [Oct 14 10:50:04][LOCAL_IP <-> REMOTE_IP] ike_encode_packet: Encrypting packet [Oct 14 10:50:04][LOCAL_IP <-> REMOTE_IP] ike_encode_packet: Final length = 92 [Oct 14 10:50:04][LOCAL_IP <-> REMOTE_IP] ssh_ike_connect_notify: Sending notification to (null):500 [Oct 14 10:50:04][LOCAL_IP <-> REMOTE_IP] ike_send_packet: Start, send SA = { 49f020e9 063381de - 12390c85 f364d65b}, nego = 0, dst = REMOTE_IP:500, routing table id = 0 [Oct 14 10:50:04][LOCAL_IP <-> REMOTE_IP] ike_delete_negotiation: Start, SA = { 49f020e9 063381de - 12390c85 f364d65b}, nego = 0 [Oct 14 10:50:04][LOCAL_IP <-> REMOTE_IP] :500 (Initiator) <-> REMOTE_IP:500 { 49f020e9 063381de - 12390c85 f364d65b [0] / 0x793168a5 } Info; Deleting negotiation [Oct 14 10:50:04][LOCAL_IP <-> REMOTE_IP] ike_free_negotiation_info: Start, nego = 0 [Oct 14 10:50:04][LOCAL_IP <-> REMOTE_IP] ike_free_negotiation: Start, nego = 0 [Oct 14 10:50:04][LOCAL_IP <-> REMOTE_IP] iked_pm_ike_info_done_callback: P1 SA 2593438 (ref 2). pending req? 0, status: Error ok [Oct 14 10:50:04][LOCAL_IP <-> REMOTE_IP] ikev2_fallback_negotiation_free: Freeing fallback negotiation dfc800 [Oct 14 10:50:04][LOCAL_IP <-> REMOTE_IP] ike_sa_find: Found SA = { 49f020e9 063381de - 12390c85 f364d65b } [Oct 14 10:50:04][LOCAL_IP <-> REMOTE_IP] ikev2_packet_v1_start: Passing IKE v1.0 packet to IKEv1 library [Oct 14 10:50:04][LOCAL_IP <-> REMOTE_IP] ike_get_sa: Start, SA = { 49f020e9 063381de - 12390c85 f364d65b } / 4d569ce0, remote = REMOTE_IP:500 [Oct 14 10:50:04][LOCAL_IP <-> REMOTE_IP] ike_sa_find: Found SA = { 49f020e9 063381de - 12390c85 f364d65b } [Oct 14 10:50:04][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { 49f020e9 063381de - 12390c85 f364d65b [-1] / 0x00000000 } IP; Version = 1.0, Input packet fields = 0024 ID HASH [Oct 14 10:50:04][LOCAL_IP <-> REMOTE_IP] ike_state_step: Current state = MM done I (9)/-1, exchange = 2, auth_method = pre shared key, Initiator [Oct 14 10:50:04][LOCAL_IP <-> REMOTE_IP] ike_st_o_done: ISAKMP SA negotiation done [Oct 14 10:50:04][LOCAL_IP <-> REMOTE_IP] ike_state_step: All done, new state = Done (30) [Oct 14 10:50:04][LOCAL_IP <-> REMOTE_IP] ike_udp_callback_common: Connected, sending notify [Oct 14 10:50:04][LOCAL_IP <-> REMOTE_IP] ike_send_notify: Connected, SA = { 49f020e9 063381de - 12390c85 f364d65b}, nego = -1 [Oct 14 10:50:04][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { 49f020e9 063381de - 12390c85 f364d65b [-1] / 0x00000000 } IP; Connected [Oct 14 10:50:04][LOCAL_IP <-> REMOTE_IP] ike_free_negotiation_isakmp: Start, nego = -1 [Oct 14 10:50:04][LOCAL_IP <-> REMOTE_IP] ike_free_negotiation: Start, nego = -1 [Oct 14 10:50:04][LOCAL_IP <-> REMOTE_IP] ike_alloc_negotiation: Start, SA = { 49f020e9 063381de - 12390c85 f364d65b} [Oct 14 10:50:04][LOCAL_IP <-> REMOTE_IP] ike_alloc_negotiation: Found slot 0, max 1 [Oct 14 10:50:04][LOCAL_IP <-> REMOTE_IP] ike_init_cfg_negotiation: Start, initiator = 0, message_id = 4d569ce0 [Oct 14 10:50:04][LOCAL_IP <-> REMOTE_IP] :500 (Responder) <-> REMOTE_IP:500 { 49f020e9 063381de - 12390c85 f364d65b [0] / 0x4d569ce0 } CFG; New negotiation [Oct 14 10:50:04][LOCAL_IP <-> REMOTE_IP] ikev2_fallback_negotiation_alloc: Allocated fallback negotiation dfc800 [Oct 14 10:50:04][LOCAL_IP <-> REMOTE_IP] ikev2_fb_alloc_cfgmode_negotiation: Accepting new Cfg/XAuth negotiation: local=:500, remote=REMOTE_IP:500 [Oct 14 10:50:04][LOCAL_IP <-> REMOTE_IP] :500 (Responder) <-> REMOTE_IP:500 { 49f020e9 063381de - 12390c85 f364d65b [0] / 0x4d569ce0 } CFG; Output of phase 2 IV hash[16] = 0x4399a1ad 8db232eb 56ba5940 2df4b2aa [Oct 14 10:50:04][LOCAL_IP <-> REMOTE_IP] ike_decode_packet: Start [Oct 14 10:50:04][LOCAL_IP <-> REMOTE_IP] ike_decode_packet: Start, SA = { 49f020e9 063381de - 12390c85 f364d65b} / 4d569ce0, nego = 0 [Oct 14 10:50:04][LOCAL_IP <-> REMOTE_IP] ike_decode_packet: Decrypting packet [Oct 14 10:50:04][LOCAL_IP <-> REMOTE_IP] ike_decode_payload_attr: Start [Oct 14 10:50:04][LOCAL_IP <-> REMOTE_IP] :500 (Responder) <-> REMOTE_IP:500 { 49f020e9 063381de - 12390c85 f364d65b [0] / 0x4d569ce0 } CFG; Version = 1.0, Input packet fields = 0820 HASH ATTR [Oct 14 10:50:04][LOCAL_IP <-> REMOTE_IP] ike_state_step: Current state = Start CFG R (26)/-1, exchange = 6, auth_method = any, Responder [Oct 14 10:50:04][LOCAL_IP <-> REMOTE_IP] ike_st_i_encrypt: Check that packet was encrypted succeeded [Oct 14 10:50:04][LOCAL_IP <-> REMOTE_IP] ike_st_i_gen_hash: Start, hash[0..20] = beac97a0 01a4f3fc ... [Oct 14 10:50:04][LOCAL_IP <-> REMOTE_IP] ike_st_i_cfg_attr: Start [Oct 14 10:50:04][LOCAL_IP <-> REMOTE_IP] ike_process_packet: No output packet, returning [Oct 14 10:50:04][LOCAL_IP <-> REMOTE_IP] ike_cfg_attrs_reply: Start [Oct 14 10:50:04][LOCAL_IP <-> REMOTE_IP] ikev2_fallback_negotiation_free: Fallback negotiation dfc800 has still 2 references [Oct 14 10:50:04][LOCAL_IP <-> REMOTE_IP] ikev2_fallback_negotiation_free: Fallback negotiation dfc800 has still 1 references [Oct 14 10:50:04][LOCAL_IP <-> REMOTE_IP] ikev2_fallback_negotiation_free: Freeing fallback negotiation dfc800 [Oct 14 10:50:04][LOCAL_IP <-> REMOTE_IP] ike_sa_find: Found SA = { 49f020e9 063381de - 12390c85 f364d65b } [Oct 14 10:50:04][LOCAL_IP <-> REMOTE_IP] ikev2_packet_v1_start: Passing IKE v1.0 packet to IKEv1 library [Oct 14 10:50:04][LOCAL_IP <-> REMOTE_IP] ike_get_sa: Start, SA = { 49f020e9 063381de - 12390c85 f364d65b } / d69dcf7d, remote = REMOTE_IP:500 [Oct 14 10:50:04][LOCAL_IP <-> REMOTE_IP] ike_sa_find: Found SA = { 49f020e9 063381de - 12390c85 f364d65b } [Oct 14 10:50:04][LOCAL_IP <-> REMOTE_IP] ike_alloc_negotiation: Start, SA = { 49f020e9 063381de - 12390c85 f364d65b} [Oct 14 10:50:04][LOCAL_IP <-> REMOTE_IP] ike_alloc_negotiation: Found slot 1, max 2 [Oct 14 10:50:04][LOCAL_IP <-> REMOTE_IP] :500 (Responder) <-> REMOTE_IP:500 { 49f020e9 063381de - 12390c85 f364d65b [1] / 0xd69dcf7d } Info; New informational negotiation [Oct 14 10:50:04][LOCAL_IP <-> REMOTE_IP] :500 (Responder) <-> REMOTE_IP:500 { 49f020e9 063381de - 12390c85 f364d65b [1] / 0xd69dcf7d } Info; Packet to old negotiation [Oct 14 10:50:04][LOCAL_IP <-> REMOTE_IP] :500 (Responder) <-> REMOTE_IP:500 { 49f020e9 063381de - 12390c85 f364d65b [1] / 0xd69dcf7d } Info; Output of phase 2 IV hash[16] = 0xafa68c0e d8fe1599 bcc4f7f1 156fd733 [Oct 14 10:50:04][LOCAL_IP <-> REMOTE_IP] ike_decode_packet: Start [Oct 14 10:50:04][LOCAL_IP <-> REMOTE_IP] ike_decode_packet: Start, SA = { 49f020e9 063381de - 12390c85 f364d65b} / d69dcf7d, nego = 1 [Oct 14 10:50:04][LOCAL_IP <-> REMOTE_IP] ike_decode_packet: Decrypting packet [Oct 14 10:50:04][LOCAL_IP <-> REMOTE_IP] :500 (Responder) <-> REMOTE_IP:500 { 49f020e9 063381de - 12390c85 f364d65b [1] / 0xd69dcf7d } Info; Version = 1.0, Input packet fields = 0220 HASH N [Oct 14 10:50:04][LOCAL_IP <-> REMOTE_IP] ike_state_step: Current state = Done (30)/-1, exchange = 5, auth_method = any, Responder [Oct 14 10:50:04][LOCAL_IP <-> REMOTE_IP] ike_st_i_encrypt: Check that packet was encrypted succeeded [Oct 14 10:50:04][LOCAL_IP <-> REMOTE_IP] ike_st_i_gen_hash: Start, hash[0..20] = 6f3b9d86 cc3f2a15 ... [Oct 14 10:50:04][LOCAL_IP <-> REMOTE_IP] ike_st_i_n: Start, doi = 1, protocol = 1, code = Payload malformed (16), spi[0..0] = 00000000 00000000 ..., data[0..0] = 00000000 00000000 ... [Oct 14 10:50:04][LOCAL_IP <-> REMOTE_IP] :500 (Responder) <-> REMOTE_IP:500 { 49f020e9 063381de - 12390c85 f364d65b [1] / 0xd69dcf7d } Info; Received notify err = Payload malformed (16) to isakmp sa, delete it [Oct 14 10:50:04][LOCAL_IP <-> REMOTE_IP] ike_st_i_private: Start [Oct 14 10:50:04][LOCAL_IP <-> REMOTE_IP] ike_state_step: All done, new state = Done (30) [Oct 14 10:50:04][LOCAL_IP <-> REMOTE_IP] ike_process_packet: Connected, sending notify [Oct 14 10:50:04][LOCAL_IP <-> REMOTE_IP] ike_send_notify: Connected, SA = { 49f020e9 063381de - 12390c85 f364d65b}, nego = 1 [Oct 14 10:50:04][LOCAL_IP <-> REMOTE_IP] :500 (Responder) <-> REMOTE_IP:500 { 49f020e9 063381de - 12390c85 f364d65b [1] / 0xd69dcf7d } Info; Connected [Oct 14 10:50:04][LOCAL_IP <-> REMOTE_IP] ike_delete_negotiation: Start, SA = { 49f020e9 063381de - 12390c85 f364d65b}, nego = 1 [Oct 14 10:50:04][LOCAL_IP <-> REMOTE_IP] :500 (Responder) <-> REMOTE_IP:500 { 49f020e9 063381de - 12390c85 f364d65b [1] / 0xd69dcf7d } Info; Deleting negotiation [Oct 14 10:50:04][LOCAL_IP <-> REMOTE_IP] ike_free_negotiation_info: Start, nego = 1 [Oct 14 10:50:04][LOCAL_IP <-> REMOTE_IP] ike_free_negotiation: Start, nego = 1 [Oct 14 10:50:04][LOCAL_IP <-> REMOTE_IP] ike_remove_callback: Start, delete SA = { 49f020e9 063381de - 12390c85 f364d65b}, nego = -1 [Oct 14 10:50:04][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { 49f020e9 063381de - 12390c85 f364d65b [-1] / unknown } IP; Removing negotiation [Oct 14 10:50:04][LOCAL_IP <-> REMOTE_IP] ike_delete_negotiation: Start, SA = { 49f020e9 063381de - 12390c85 f364d65b}, nego = -1 [Oct 14 10:50:04][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { 49f020e9 063381de - 12390c85 f364d65b [-1] / unknown } IP; Deleting negotiation [Oct 14 10:50:04][LOCAL_IP <-> REMOTE_IP] ssh_ike_tunnel_table_entry_delete: Deleting tunnel_id: 0 from IKE tunnel table [Oct 14 10:50:04][LOCAL_IP <-> REMOTE_IP] ssh_ike_tunnel_table_entry_delete: The tunnel id: 0 doesn't exist in IKE tunnel table [Oct 14 10:50:04][LOCAL_IP <-> REMOTE_IP] ike_sa_delete: Start, SA = { 49f020e9 063381de - 12390c85 f364d65b } [Oct 14 10:50:04][LOCAL_IP <-> REMOTE_IP] ike_free_negotiation_cfg: Start, nego = 0 [Oct 14 10:50:04][LOCAL_IP <-> REMOTE_IP] ike_free_negotiation: Start, nego = 0 [Oct 14 10:50:04][LOCAL_IP <-> REMOTE_IP] ike_free_negotiation_isakmp: Start, nego = -1 [Oct 14 10:50:04][LOCAL_IP <-> REMOTE_IP] ike_free_negotiation: Start, nego = -1 [Oct 14 10:50:04][LOCAL_IP <-> REMOTE_IP] ikev2_fb_isakmp_sa_freed: Received notification from the ISAKMP library that the IKE SA df6400 is freed [Oct 14 10:50:04][LOCAL_IP <-> REMOTE_IP] IKE SA delete called for p1 sa 2593438 (ref cnt 1) local:LOCAL_IP, remote:REMOTE_IP, IKEv1 [Oct 14 10:50:04][LOCAL_IP <-> REMOTE_IP] P1 SA 2593438 stop timer. timer duration 30, reason 0. [Oct 14 10:50:04][LOCAL_IP <-> REMOTE_IP] iked_pm_p1_sa_destroy: p1 sa 2593438 (ref cnt 0), waiting_for_del 0x0 [Oct 14 10:50:04][LOCAL_IP <-> REMOTE_IP] iked_peer_remove_p1sa_entry: Remove p1 sa 2593438 from peer entry 0x9cc400 [Oct 14 10:50:04][LOCAL_IP <-> REMOTE_IP] ike_free_id_payload: Start, id type = 1 [Oct 14 10:50:04][LOCAL_IP <-> REMOTE_IP] ike_free_id_payload: Start, id type = 1 [Oct 14 10:50:04][LOCAL_IP <-> REMOTE_IP] ike_free_sa: Start [Oct 14 10:50:08][LOCAL_IP <-> REMOTE_IP] ike_sa_find: Not found SA = { 49f020e9 063381de - 12390c85 f364d65b } [Oct 14 10:50:08][LOCAL_IP <-> REMOTE_IP] ikev2_packet_v1_start: Passing IKE v1.0 packet to IKEv1 library [Oct 14 10:50:08][LOCAL_IP <-> REMOTE_IP] ike_get_sa: Start, SA = { 49f020e9 063381de - 12390c85 f364d65b } / 4d569ce0, remote = REMOTE_IP:500 [Oct 14 10:50:08][LOCAL_IP <-> REMOTE_IP] ike_sa_find: Not found SA = { 49f020e9 063381de - 12390c85 f364d65b } [Oct 14 10:50:08][LOCAL_IP <-> REMOTE_IP] ike_sa_find_half: Not found half SA = { 49f020e9 063381de - 00000000 00000000 } [Oct 14 10:50:08][LOCAL_IP <-> REMOTE_IP] ike_get_sa: Invalid cookie, no sa found, SA = { 49f020e9 063381de - 12390c85 f364d65b } / 4d569ce0, remote = REMOTE_IP:500 [Oct 14 10:50:08][LOCAL_IP <-> REMOTE_IP] iked_pv_audit_callback: Empty SSH audit event [Oct 14 10:50:08][LOCAL_IP <-> REMOTE_IP] unknown (unknown) <-> unknown { unknown [unknown] / unknown } unknown; Packet to unknown Isakmp SA, ip = REMOTE_IP:500 [Oct 14 10:50:15][LOCAL_IP <-> REMOTE_IP] ike_sa_find: Not found SA = { 49f020e9 063381de - 12390c85 f364d65b } [Oct 14 10:50:15][LOCAL_IP <-> REMOTE_IP] ikev2_packet_v1_start: Passing IKE v1.0 packet to IKEv1 library [Oct 14 10:50:15][LOCAL_IP <-> REMOTE_IP] ike_get_sa: Start, SA = { 49f020e9 063381de - 12390c85 f364d65b } / 4d569ce0, remote = REMOTE_IP:500 [Oct 14 10:50:15][LOCAL_IP <-> REMOTE_IP] ike_sa_find: Not found SA = { 49f020e9 063381de - 12390c85 f364d65b } [Oct 14 10:50:15][LOCAL_IP <-> REMOTE_IP] ike_sa_find_half: Not found half SA = { 49f020e9 063381de - 00000000 00000000 } [Oct 14 10:50:15][LOCAL_IP <-> REMOTE_IP] ike_get_sa: Invalid cookie, no sa found, SA = { 49f020e9 063381de - 12390c85 f364d65b } / 4d569ce0, remote = REMOTE_IP:500 [Oct 14 10:50:15][LOCAL_IP <-> REMOTE_IP] iked_pv_audit_callback: Empty SSH audit event [Oct 14 10:50:15][LOCAL_IP <-> REMOTE_IP] unknown (unknown) <-> unknown { unknown [unknown] / unknown } unknown; Packet to unknown Isakmp SA, ip = REMOTE_IP:500 [Oct 14 10:50:28][LOCAL_IP <-> REMOTE_IP] ike_sa_find: Not found SA = { 49f020e9 063381de - 12390c85 f364d65b } [Oct 14 10:50:28][LOCAL_IP <-> REMOTE_IP] ikev2_packet_v1_start: Passing IKE v1.0 packet to IKEv1 library [Oct 14 10:50:28][LOCAL_IP <-> REMOTE_IP] ike_get_sa: Start, SA = { 49f020e9 063381de - 12390c85 f364d65b } / 4d569ce0, remote = REMOTE_IP:500 [Oct 14 10:50:28][LOCAL_IP <-> REMOTE_IP] ike_sa_find: Not found SA = { 49f020e9 063381de - 12390c85 f364d65b } [Oct 14 10:50:28][LOCAL_IP <-> REMOTE_IP] ike_sa_find_half: Not found half SA = { 49f020e9 063381de - 00000000 00000000 } [Oct 14 10:50:28][LOCAL_IP <-> REMOTE_IP] ike_get_sa: Invalid cookie, no sa found, SA = { 49f020e9 063381de - 12390c85 f364d65b } / 4d569ce0, remote = REMOTE_IP:500 [Oct 14 10:50:28][LOCAL_IP <-> REMOTE_IP] iked_pv_audit_callback: Empty SSH audit event [Oct 14 10:50:28][LOCAL_IP <-> REMOTE_IP] unknown (unknown) <-> unknown { unknown [unknown] / unknown } unknown; Packet to unknown Isakmp SA, ip = REMOTE_IP:500 [Oct 14 10:50:52][LOCAL_IP <-> REMOTE_IP] ike_sa_find: Not found SA = { 49f020e9 063381de - 12390c85 f364d65b } [Oct 14 10:50:52][LOCAL_IP <-> REMOTE_IP] ikev2_packet_v1_start: Passing IKE v1.0 packet to IKEv1 library [Oct 14 10:50:52][LOCAL_IP <-> REMOTE_IP] ike_get_sa: Start, SA = { 49f020e9 063381de - 12390c85 f364d65b } / 4d569ce0, remote = REMOTE_IP:500 [Oct 14 10:50:52][LOCAL_IP <-> REMOTE_IP] ike_sa_find: Not found SA = { 49f020e9 063381de - 12390c85 f364d65b } [Oct 14 10:50:52][LOCAL_IP <-> REMOTE_IP] ike_sa_find_half: Not found half SA = { 49f020e9 063381de - 00000000 00000000 } [Oct 14 10:50:52][LOCAL_IP <-> REMOTE_IP] ike_get_sa: Invalid cookie, no sa found, SA = { 49f020e9 063381de - 12390c85 f364d65b } / 4d569ce0, remote = REMOTE_IP:500 [Oct 14 10:50:52][LOCAL_IP <-> REMOTE_IP] iked_pv_audit_callback: Empty SSH audit event [Oct 14 10:50:52][LOCAL_IP <-> REMOTE_IP] unknown (unknown) <-> unknown { unknown [unknown] / unknown } unknown; Packet to unknown Isakmp SA, ip = REMOTE_IP:500 [Oct 14 10:51:34][LOCAL_IP <-> REMOTE_IP] ike_sa_find: Not found SA = { 49f020e9 063381de - 12390c85 f364d65b } [Oct 14 10:51:34][LOCAL_IP <-> REMOTE_IP] ikev2_packet_v1_start: Passing IKE v1.0 packet to IKEv1 library [Oct 14 10:51:34][LOCAL_IP <-> REMOTE_IP] ike_get_sa: Start, SA = { 49f020e9 063381de - 12390c85 f364d65b } / 4d569ce0, remote = REMOTE_IP:500 [Oct 14 10:51:34][LOCAL_IP <-> REMOTE_IP] ike_sa_find: Not found SA = { 49f020e9 063381de - 12390c85 f364d65b } [Oct 14 10:51:34][LOCAL_IP <-> REMOTE_IP] ike_sa_find_half: Not found half SA = { 49f020e9 063381de - 00000000 00000000 } [Oct 14 10:51:34][LOCAL_IP <-> REMOTE_IP] ike_get_sa: Invalid cookie, no sa found, SA = { 49f020e9 063381de - 12390c85 f364d65b } / 4d569ce0, remote = REMOTE_IP:500 [Oct 14 10:51:34][LOCAL_IP <-> REMOTE_IP] iked_pv_audit_callback: Empty SSH audit event [Oct 14 10:51:34][LOCAL_IP <-> REMOTE_IP] unknown (unknown) <-> unknown { unknown [unknown] / unknown } unknown; Packet to unknown Isakmp SA, ip = REMOTE_IP:500 [Oct 14 10:53:13][LOCAL_IP <-> REMOTE_IP] Received DPD Trigger message with local_gw_addr = LOCAL_IP remote_gw_addr = REMOTE_IP [Oct 14 10:53:13][LOCAL_IP <-> REMOTE_IP] DPD -> TTL decrement 4 (no-response) for remote peer REMOTE_IP [Oct 14 10:53:13][LOCAL_IP <-> REMOTE_IP] P1 SA 2593439 start timer. timer duration 30, reason 1. [Oct 14 10:53:13][LOCAL_IP <-> REMOTE_IP] iked_peer_insert_p1sa_entry: Insert p1 sa 2593439 in peer entry 0x9cc400 [Oct 14 10:53:13][LOCAL_IP <-> REMOTE_IP] ikev2_fallback_negotiation_alloc: Allocated fallback negotiation dfc800 [Oct 14 10:53:13][LOCAL_IP <-> REMOTE_IP] Parsing notification payload for local:LOCAL_IP, remote:REMOTE_IP IKEv1 [Oct 14 10:53:13][LOCAL_IP <-> REMOTE_IP] IKE SA fill called for negotiation of local:LOCAL_IP, remote:REMOTE_IP IKEv1 [Oct 14 10:53:13][LOCAL_IP <-> REMOTE_IP] ikev2_fallback_negotiation_free: Fallback negotiation dfc800 has still 1 references [Oct 14 10:53:13][LOCAL_IP <-> REMOTE_IP] ssh_ike_connect: Start, remote_name = REMOTE_IP:500, xchg = 2, flags = 00080000 [Oct 14 10:53:13][LOCAL_IP <-> REMOTE_IP] ike_sa_allocate: Start, SA = { 782a6950 de1a66c8 - 00000000 00000000 } [Oct 14 10:53:13][LOCAL_IP <-> REMOTE_IP] ike_init_isakmp_sa: Start, remote = REMOTE_IP:500, initiator = 1 [Oct 14 10:53:13][LOCAL_IP <-> REMOTE_IP] ssh_ike_connect: SA = { 782a6950 de1a66c8 - 00000000 00000000}, nego = -1 [Oct 14 10:53:13][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { 782a6950 de1a66c8 - 00000000 00000000 [-1] / 0x00000000 } IP; Start isakmp sa negotiation [Oct 14 10:53:13][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { 782a6950 de1a66c8 - 00000000 00000000 [-1] / 0x00000000 } IP; Version = 1.0, Input packet fields = 0000 [Oct 14 10:53:13][LOCAL_IP <-> REMOTE_IP] ike_state_step: Current state = Start sa negotiation I (1)/-1, exchange = 2, auth_method = pre shared key, Initiator [Oct 14 10:53:13][LOCAL_IP <-> REMOTE_IP] ike_st_o_sa_proposal: Start [Oct 14 10:53:13][LOCAL_IP <-> REMOTE_IP] ike_policy_reply_isakmp_vendor_ids: Start [Oct 14 10:53:13][LOCAL_IP <-> REMOTE_IP] ike_st_o_private: Start [Oct 14 10:53:13][LOCAL_IP <-> REMOTE_IP] ike_policy_reply_private_payload_out: Start [Oct 14 10:53:13][LOCAL_IP <-> REMOTE_IP] ike_state_step: All done, new state = MM SA I (3) [Oct 14 10:53:13][LOCAL_IP <-> REMOTE_IP] ike_encode_packet: Start, SA = { 0x782a6950 de1a66c8 - 00000000 00000000 } / 00000000, nego = -1 [Oct 14 10:53:13][LOCAL_IP <-> REMOTE_IP] ike_encode_packet: Final length = 288 [Oct 14 10:53:13][LOCAL_IP <-> REMOTE_IP] ike_send_packet: Start, send SA = { 782a6950 de1a66c8 - 00000000 00000000}, nego = -1, dst = REMOTE_IP:500, routing table id = 0 [Oct 14 10:53:13][LOCAL_IP <-> REMOTE_IP] ike_sa_find: Not found SA = { 782a6950 de1a66c8 - 3262ac85 12a03a2f } [Oct 14 10:53:13][LOCAL_IP <-> REMOTE_IP] ikev2_packet_v1_start: Passing IKE v1.0 packet to IKEv1 library [Oct 14 10:53:13][LOCAL_IP <-> REMOTE_IP] ike_get_sa: Start, SA = { 782a6950 de1a66c8 - 3262ac85 12a03a2f } / 00000000, remote = REMOTE_IP:500 [Oct 14 10:53:13][LOCAL_IP <-> REMOTE_IP] ike_sa_find: Not found SA = { 782a6950 de1a66c8 - 3262ac85 12a03a2f } [Oct 14 10:53:13][LOCAL_IP <-> REMOTE_IP] ike_sa_find_half: Found half SA = { 782a6950 de1a66c8 - 00000000 00000000 } [Oct 14 10:53:13][LOCAL_IP <-> REMOTE_IP] ike_get_sa: We are intiator, first response packet [Oct 14 10:53:13][LOCAL_IP <-> REMOTE_IP] ike_sa_upgrade: Start, SA = { 782a6950 de1a66c8 - 00000000 00000000 } -> { ... - 3262ac85 12a03a2f } [Oct 14 10:53:13][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { 782a6950 de1a66c8 - 3262ac85 12a03a2f [-1] / 0x00000000 } IP; Packet to old negotiation [Oct 14 10:53:13][LOCAL_IP <-> REMOTE_IP] ike_decode_packet: Start [Oct 14 10:53:13][LOCAL_IP <-> REMOTE_IP] ike_decode_packet: Start, SA = { 782a6950 de1a66c8 - 3262ac85 12a03a2f} / 00000000, nego = -1 [Oct 14 10:53:13][LOCAL_IP <-> REMOTE_IP] ike_decode_payload_sa: Start [Oct 14 10:53:13][LOCAL_IP <-> REMOTE_IP] ike_decode_payload_sa: Found 1 proposals [Oct 14 10:53:13][LOCAL_IP <-> REMOTE_IP] ike_decode_payload_t: Start, # trans = 1 [Oct 14 10:53:13][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { 782a6950 de1a66c8 - 3262ac85 12a03a2f [-1] / 0x00000000 } IP; Version = 1.0, Input packet fields = 0401 SA VID [Oct 14 10:53:13][LOCAL_IP <-> REMOTE_IP] ike_state_step: Current state = MM SA I (3)/-1, exchange = 2, auth_method = pre shared key, Initiator [Oct 14 10:53:13][LOCAL_IP <-> REMOTE_IP] ike_st_i_sa_value: Start [Oct 14 10:53:13][LOCAL_IP <-> REMOTE_IP] ike_st_i_cr: Start [Oct 14 10:53:13][LOCAL_IP <-> REMOTE_IP] ike_st_i_cert: Start [Oct 14 10:53:13][LOCAL_IP <-> REMOTE_IP] ike_st_i_vid: VID[0..8] = 09002689 dfd6b712 ... [Oct 14 10:53:13][LOCAL_IP <-> REMOTE_IP] ike_st_i_vid: VID[0..16] = afcad713 68a1f1c9 ... [Oct 14 10:53:13][LOCAL_IP <-> REMOTE_IP] ike_st_i_vid: VID[0..16] = 12f5f28c 457168a9 ... [Oct 14 10:53:13][LOCAL_IP <-> REMOTE_IP] ike_st_i_vid: VID[0..16] = 4a131c81 07035845 ... [Oct 14 10:53:13][LOCAL_IP <-> REMOTE_IP] ike_st_i_private: Start [Oct 14 10:53:13][LOCAL_IP <-> REMOTE_IP] ike_st_o_ke: Start [Oct 14 10:53:13][LOCAL_IP <-> REMOTE_IP] iked_dh_get_group: DH Group 2 [Oct 14 10:53:13][LOCAL_IP <-> REMOTE_IP] iked_dh_generate_sync: Requested DH group 2 [Oct 14 10:53:13][LOCAL_IP <-> REMOTE_IP] iked_dh_generate_sync: Generated DH keys using hardware for DH group 2 [Oct 14 10:53:13][LOCAL_IP <-> REMOTE_IP] juniper_dlp_diffie_hellman_generate_async: DH Generate Secs [0] USecs [5726] [Oct 14 10:53:13][LOCAL_IP <-> REMOTE_IP] juniper_dlp_diffie_hellman_generate_async: Generated DH using hardware [Oct 14 10:53:13][LOCAL_IP <-> REMOTE_IP] ike_st_o_nonce: Start [Oct 14 10:53:13][LOCAL_IP <-> REMOTE_IP] ike_policy_reply_isakmp_nonce_data_len: Start [Oct 14 10:53:13][LOCAL_IP <-> REMOTE_IP] ike_st_o_private: Start [Oct 14 10:53:13][LOCAL_IP <-> REMOTE_IP] ike_policy_reply_private_payload_out: Start [Oct 14 10:53:13][LOCAL_IP <-> REMOTE_IP] ike_policy_reply_private_payload_out: Start [Oct 14 10:53:13][LOCAL_IP <-> REMOTE_IP] ike_policy_reply_private_payload_out: Start [Oct 14 10:53:13][LOCAL_IP <-> REMOTE_IP] ike_state_step: All done, new state = MM KE I (5) [Oct 14 10:53:13][LOCAL_IP <-> REMOTE_IP] ike_encode_packet: Start, SA = { 0x782a6950 de1a66c8 - 3262ac85 12a03a2f } / 00000000, nego = -1 [Oct 14 10:53:13][LOCAL_IP <-> REMOTE_IP] ike_encode_packet: Final length = 228 [Oct 14 10:53:13][LOCAL_IP <-> REMOTE_IP] ike_send_packet: Start, send SA = { 782a6950 de1a66c8 - 3262ac85 12a03a2f}, nego = -1, dst = REMOTE_IP:500, routing table id = 0 [Oct 14 10:53:13][LOCAL_IP <-> REMOTE_IP] ike_sa_find: Found SA = { 782a6950 de1a66c8 - 3262ac85 12a03a2f } [Oct 14 10:53:13][LOCAL_IP <-> REMOTE_IP] ikev2_packet_v1_start: Passing IKE v1.0 packet to IKEv1 library [Oct 14 10:53:13][LOCAL_IP <-> REMOTE_IP] ike_get_sa: Start, SA = { 782a6950 de1a66c8 - 3262ac85 12a03a2f } / 00000000, remote = REMOTE_IP:500 [Oct 14 10:53:13][LOCAL_IP <-> REMOTE_IP] ike_sa_find: Found SA = { 782a6950 de1a66c8 - 3262ac85 12a03a2f } [Oct 14 10:53:13][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { 782a6950 de1a66c8 - 3262ac85 12a03a2f [-1] / 0x00000000 } IP; Packet to old negotiation [Oct 14 10:53:13][LOCAL_IP <-> REMOTE_IP] ike_decode_packet: Start [Oct 14 10:53:13][LOCAL_IP <-> REMOTE_IP] ike_decode_packet: Start, SA = { 782a6950 de1a66c8 - 3262ac85 12a03a2f} / 00000000, nego = -1 [Oct 14 10:53:13][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { 782a6950 de1a66c8 - 3262ac85 12a03a2f [-1] / 0x00000000 } IP; Version = 1.0, Input packet fields = 0012 KE NONCE [Oct 14 10:53:13][LOCAL_IP <-> REMOTE_IP] ike_state_step: Current state = MM KE I (5)/-1, exchange = 2, auth_method = pre shared key, Initiator [Oct 14 10:53:13][LOCAL_IP <-> REMOTE_IP] ike_st_i_nonce: Start, nonce[0..32] = f235c933 ba30b819 ... [Oct 14 10:53:13][LOCAL_IP <-> REMOTE_IP] ike_st_i_ke: Ke[0..128] = 32922bc1 7667cd4b ... [Oct 14 10:53:13][LOCAL_IP <-> REMOTE_IP] ike_st_i_cr: Start [Oct 14 10:53:13][LOCAL_IP <-> REMOTE_IP] ike_st_i_cert: Start [Oct 14 10:53:13][LOCAL_IP <-> REMOTE_IP] ike_st_i_private: Start [Oct 14 10:53:13][LOCAL_IP <-> REMOTE_IP] ike_st_o_id: Start [Oct 14 10:53:13][LOCAL_IP <-> REMOTE_IP] ike_st_o_hash: Start [Oct 14 10:53:13][LOCAL_IP <-> REMOTE_IP] iked_dh_get_group: DH Group 2 [Oct 14 10:53:13][LOCAL_IP <-> REMOTE_IP] iked_dh_compute_synch: Requested DH group 2 [Oct 14 10:53:13][LOCAL_IP <-> REMOTE_IP] juniper_dlp_diffie_hellman_final_async: DH Compute Secs [0] USecs [5324] [Oct 14 10:53:13][LOCAL_IP <-> REMOTE_IP] juniper_dlp_diffie_hellman_final_async: Computed DH using hardware [Oct 14 10:53:13][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { 782a6950 de1a66c8 - 3262ac85 12a03a2f [-1] / 0x00000000 } IP; Diffie-hellman secret g^xy[128] = 0xe8234601 57af4384 d397e9b6 1efcece6 77 [Oct 14 10:53:13][LOCAL_IP <-> REMOTE_IP] ike_find_pre_shared_key: Find pre shared key key for LOCAL_IP:500, id = ipv4(any:0,[0..3]=LOCAL_IP) -> REMOTE_IP:500, id = No Id [Oct 14 10:53:13][LOCAL_IP <-> REMOTE_IP] ike_policy_reply_find_pre_shared_key: Start [Oct 14 10:53:13][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { 782a6950 de1a66c8 - 3262ac85 12a03a2f [-1] / 0x00000000 } IP; Hash algorithm = hmac-sha1 [Oct 14 10:53:13][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { 782a6950 de1a66c8 - 3262ac85 12a03a2f [-1] / 0x00000000 } IP; Prf key[11] = 0x32303135 4d696172 657465 [Oct 14 10:53:13][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { 782a6950 de1a66c8 - 3262ac85 12a03a2f [-1] / 0x00000000 } IP; Calculating SKEYID [Oct 14 10:53:13][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { 782a6950 de1a66c8 - 3262ac85 12a03a2f [-1] / 0x00000000 } IP; Output of SKEYID hash[20] = 0x95dfa2ce b47c20be a55fb12b 3aaf0695 456c093f [Oct 14 10:53:13][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { 782a6950 de1a66c8 - 3262ac85 12a03a2f [-1] / 0x00000000 } IP; Output of SKEYID_d hash[20] = 0x6f9260b0 625b2c6f 8ceee178 9b380356 42613c [Oct 14 10:53:13][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { 782a6950 de1a66c8 - 3262ac85 12a03a2f [-1] / 0x00000000 } IP; Output of SKEYID_a hash[20] = 0x6cb1642f 3b6a5951 27e97445 ec8d1c81 fc8ac1 [Oct 14 10:53:13][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { 782a6950 de1a66c8 - 3262ac85 12a03a2f [-1] / 0x00000000 } IP; Output SKEYID_e hash[20] = 0x1aef0608 6b17a797 2950ade7 83709106 6143fd8c [Oct 14 10:53:13][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { 782a6950 de1a66c8 - 3262ac85 12a03a2f [-1] / 0x00000000 } IP; Final encryption key[16] = 0x1aef0608 6b17a797 2950ade7 83709106 [Oct 14 10:53:13][LOCAL_IP <-> REMOTE_IP] ike_calc_mac: Start, initiator = true, local = true [Oct 14 10:53:13][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { 782a6950 de1a66c8 - 3262ac85 12a03a2f [-1] / 0x00000000 } IP; Output of HASH_I hash[20] = 0xacf50ad5 34ca40ad b8718940 b0dde39a 42f358fb [Oct 14 10:53:13][LOCAL_IP <-> REMOTE_IP] ike_st_o_status_n: Start [Oct 14 10:53:13][LOCAL_IP <-> REMOTE_IP] ike_st_o_private: Start [Oct 14 10:53:13][LOCAL_IP <-> REMOTE_IP] ike_policy_reply_private_payload_out: Start [Oct 14 10:53:13][LOCAL_IP <-> REMOTE_IP] ike_st_o_encrypt: Marking encryption for packet [Oct 14 10:53:13][LOCAL_IP <-> REMOTE_IP] ike_state_step: All done, new state = MM final I (7) [Oct 14 10:53:13][LOCAL_IP <-> REMOTE_IP] ike_encode_packet: Start, SA = { 0x782a6950 de1a66c8 - 3262ac85 12a03a2f } / 00000000, nego = -1 [Oct 14 10:53:13][LOCAL_IP <-> REMOTE_IP] ike_encode_packet: Encrypting packet [Oct 14 10:53:13][LOCAL_IP <-> REMOTE_IP] ike_encode_packet: Final length = 76 [Oct 14 10:53:13][LOCAL_IP <-> REMOTE_IP] ike_send_packet: Start, send SA = { 782a6950 de1a66c8 - 3262ac85 12a03a2f}, nego = -1, dst = REMOTE_IP:500, routing table id = 0 [Oct 14 10:53:13][LOCAL_IP <-> REMOTE_IP] ike_sa_find: Found SA = { 782a6950 de1a66c8 - 3262ac85 12a03a2f } [Oct 14 10:53:13][LOCAL_IP <-> REMOTE_IP] ikev2_packet_v1_start: Passing IKE v1.0 packet to IKEv1 library [Oct 14 10:53:13][LOCAL_IP <-> REMOTE_IP] ike_get_sa: Start, SA = { 782a6950 de1a66c8 - 3262ac85 12a03a2f } / 00000000, remote = REMOTE_IP:500 [Oct 14 10:53:13][LOCAL_IP <-> REMOTE_IP] ike_sa_find: Found SA = { 782a6950 de1a66c8 - 3262ac85 12a03a2f } [Oct 14 10:53:13][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { 782a6950 de1a66c8 - 3262ac85 12a03a2f [-1] / 0x00000000 } IP; Packet to old negotiation [Oct 14 10:53:13][LOCAL_IP <-> REMOTE_IP] ike_decode_packet: Start [Oct 14 10:53:13][LOCAL_IP <-> REMOTE_IP] ike_decode_packet: Start, SA = { 782a6950 de1a66c8 - 3262ac85 12a03a2f} / 00000000, nego = -1 [Oct 14 10:53:13][LOCAL_IP <-> REMOTE_IP] ike_decode_packet: Decrypting packet [Oct 14 10:53:13][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { 782a6950 de1a66c8 - 3262ac85 12a03a2f [-1] / 0x00000000 } IP; Version = 1.0, Input packet fields = 0024 ID HASH [Oct 14 10:53:13][LOCAL_IP <-> REMOTE_IP] ike_state_step: Current state = MM final I (7)/-1, exchange = 2, auth_method = pre shared key, Initiator [Oct 14 10:53:13][LOCAL_IP <-> REMOTE_IP] ike_st_i_encrypt: Check that packet was encrypted succeeded [Oct 14 10:53:13][LOCAL_IP <-> REMOTE_IP] ike_st_i_id: Start [Oct 14 10:53:13][LOCAL_IP <-> REMOTE_IP] ike_st_i_hash: Start, hash[0..20] = 26e64d67 60c92d43 ... [Oct 14 10:53:13][LOCAL_IP <-> REMOTE_IP] ike_calc_mac: Start, initiator = true, local = false [Oct 14 10:53:13][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { 782a6950 de1a66c8 - 3262ac85 12a03a2f [-1] / 0x00000000 } IP; Output of HASH_R hash[20] = 0x26e64d67 60c92d43 c87cda70 1ebc750a 47d5328d [Oct 14 10:53:13][LOCAL_IP <-> REMOTE_IP] ike_st_i_cert: Start [Oct 14 10:53:13][LOCAL_IP <-> REMOTE_IP] ike_st_i_private: Start [Oct 14 10:53:13][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { 782a6950 de1a66c8 - 3262ac85 12a03a2f [-1] / 0x00000000 } IP; dec->enc iv[16] = 0xa718487e 9426df55 2db6ce0e ace8a566 [Oct 14 10:53:13][LOCAL_IP <-> REMOTE_IP] ike_st_o_wait_done: Marking for waiting for done [Oct 14 10:53:13][LOCAL_IP <-> REMOTE_IP] ike_st_o_all_done: MESSAGE: Phase 1 { 0x782a6950 de1a66c8 - 0x3262ac85 12a03a2f } / 00000000, version = 1.0, xchg = Identity protect, auth_method = Pre shared keys, Initiator, cipher = aes- [Oct 14 10:53:13][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { 782a6950 de1a66c8 - 3262ac85 12a03a2f [-1] / 0x00000000 } IP; MESSAGE: Phase 1 version = 1.0, auth_method = Pre shared keys, cipher = ae [Oct 14 10:53:13][LOCAL_IP <-> REMOTE_IP] ike_state_step: All done, new state = MM done I (9) [Oct 14 10:53:13][LOCAL_IP <-> REMOTE_IP] ikev2_fallback_negotiation_free: Fallback negotiation dfc800 has still 1 references [Oct 14 10:53:13][LOCAL_IP <-> REMOTE_IP] ike_send_notify: Connected, SA = { 782a6950 de1a66c8 - 3262ac85 12a03a2f}, nego = -1 [Oct 14 10:53:13][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { 782a6950 de1a66c8 - 3262ac85 12a03a2f [-1] / 0x00000000 } IP; Connected [Oct 14 10:53:13][LOCAL_IP <-> REMOTE_IP] ike_process_packet: No output packet, returning [Oct 14 10:53:13][LOCAL_IP <-> REMOTE_IP] iked_pm_ike_sa_done: local:LOCAL_IP, remote:REMOTE_IP IKEv1 [Oct 14 10:53:13][LOCAL_IP <-> REMOTE_IP] IKE negotiation done for local:LOCAL_IP, remote:REMOTE_IP IKEv1 with status: Error ok [Oct 14 10:53:13][LOCAL_IP <-> REMOTE_IP] Parsing notification payload for local:LOCAL_IP, remote:REMOTE_IP IKEv1 [Oct 14 10:53:13][LOCAL_IP <-> REMOTE_IP] P1 SA 2593439 stop timer. timer duration 30, reason 1. [Oct 14 10:53:13][LOCAL_IP <-> REMOTE_IP] ssh_ike_connect_notify: Start, remote_name = :500, flags = 00010000 [Oct 14 10:53:13][LOCAL_IP <-> REMOTE_IP] ike_sa_find_ip_port: Remote = all:500, Found SA = { 782a6950 de1a66c8 - 3262ac85 12a03a2f} [Oct 14 10:53:13][LOCAL_IP <-> REMOTE_IP] ike_alloc_negotiation: Start, SA = { 782a6950 de1a66c8 - 3262ac85 12a03a2f} [Oct 14 10:53:13][LOCAL_IP <-> REMOTE_IP] ike_alloc_negotiation: Found slot 0, max 1 [Oct 14 10:53:13][LOCAL_IP <-> REMOTE_IP] :500 (Initiator) <-> REMOTE_IP:500 { 782a6950 de1a66c8 - 3262ac85 12a03a2f [0] / 0x6b945570 } Info; Output of phase 2 IV hash[16] = 0x1c2e70c3 d0273dec 25d35ce5 1ce8c9ce [Oct 14 10:53:13][LOCAL_IP <-> REMOTE_IP] ike_init_info_exchange: Created random message id = 6b945570 [Oct 14 10:53:13][LOCAL_IP <-> REMOTE_IP] ike_init_info_exchange: Phase 1 done, use HASH and N or D payload [Oct 14 10:53:13][LOCAL_IP <-> REMOTE_IP] ssh_ike_connect_notify: SA = { 782a6950 de1a66c8 - 3262ac85 12a03a2f}, nego = 0 [Oct 14 10:53:13][LOCAL_IP <-> REMOTE_IP] :500 (Initiator) <-> REMOTE_IP:500 { 782a6950 de1a66c8 - 3262ac85 12a03a2f [0] / 0x6b945570 } Info; Start notify negotiation [Oct 14 10:53:13][LOCAL_IP <-> REMOTE_IP] ike_encode_packet: Start, SA = { 0x782a6950 de1a66c8 - 3262ac85 12a03a2f } / 6b945570, nego = 0 [Oct 14 10:53:13][LOCAL_IP <-> REMOTE_IP] ike_encode_packet: Encrypting packet [Oct 14 10:53:13][LOCAL_IP <-> REMOTE_IP] ike_encode_packet: Final length = 92 [Oct 14 10:53:13][LOCAL_IP <-> REMOTE_IP] ssh_ike_connect_notify: Sending notification to (null):500 [Oct 14 10:53:13][LOCAL_IP <-> REMOTE_IP] ike_send_packet: Start, send SA = { 782a6950 de1a66c8 - 3262ac85 12a03a2f}, nego = 0, dst = REMOTE_IP:500, routing table id = 0 [Oct 14 10:53:13][LOCAL_IP <-> REMOTE_IP] ike_delete_negotiation: Start, SA = { 782a6950 de1a66c8 - 3262ac85 12a03a2f}, nego = 0 [Oct 14 10:53:13][LOCAL_IP <-> REMOTE_IP] :500 (Initiator) <-> REMOTE_IP:500 { 782a6950 de1a66c8 - 3262ac85 12a03a2f [0] / 0x6b945570 } Info; Deleting negotiation [Oct 14 10:53:13][LOCAL_IP <-> REMOTE_IP] ike_free_negotiation_info: Start, nego = 0 [Oct 14 10:53:13][LOCAL_IP <-> REMOTE_IP] ike_free_negotiation: Start, nego = 0 [Oct 14 10:53:13][LOCAL_IP <-> REMOTE_IP] iked_pm_ike_info_done_callback: P1 SA 2593439 (ref 2). pending req? 0, status: Error ok [Oct 14 10:53:13][LOCAL_IP <-> REMOTE_IP] ikev2_fallback_negotiation_free: Freeing fallback negotiation dfc800 [Oct 14 10:53:13][LOCAL_IP <-> REMOTE_IP] ike_sa_find: Found SA = { 782a6950 de1a66c8 - 3262ac85 12a03a2f } [Oct 14 10:53:13][LOCAL_IP <-> REMOTE_IP] ikev2_packet_v1_start: Passing IKE v1.0 packet to IKEv1 library [Oct 14 10:53:13][LOCAL_IP <-> REMOTE_IP] ike_get_sa: Start, SA = { 782a6950 de1a66c8 - 3262ac85 12a03a2f } / b026aa22, remote = REMOTE_IP:500 [Oct 14 10:53:13][LOCAL_IP <-> REMOTE_IP] ike_sa_find: Found SA = { 782a6950 de1a66c8 - 3262ac85 12a03a2f } [Oct 14 10:53:13][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { 782a6950 de1a66c8 - 3262ac85 12a03a2f [-1] / 0x00000000 } IP; Version = 1.0, Input packet fields = 0024 ID HASH [Oct 14 10:53:13][LOCAL_IP <-> REMOTE_IP] ike_state_step: Current state = MM done I (9)/-1, exchange = 2, auth_method = pre shared key, Initiator [Oct 14 10:53:13][LOCAL_IP <-> REMOTE_IP] ike_st_o_done: ISAKMP SA negotiation done [Oct 14 10:53:13][LOCAL_IP <-> REMOTE_IP] ike_state_step: All done, new state = Done (30) [Oct 14 10:53:13][LOCAL_IP <-> REMOTE_IP] ike_udp_callback_common: Connected, sending notify [Oct 14 10:53:13][LOCAL_IP <-> REMOTE_IP] ike_send_notify: Connected, SA = { 782a6950 de1a66c8 - 3262ac85 12a03a2f}, nego = -1 [Oct 14 10:53:13][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { 782a6950 de1a66c8 - 3262ac85 12a03a2f [-1] / 0x00000000 } IP; Connected [Oct 14 10:53:13][LOCAL_IP <-> REMOTE_IP] ike_free_negotiation_isakmp: Start, nego = -1 [Oct 14 10:53:13][LOCAL_IP <-> REMOTE_IP] ike_free_negotiation: Start, nego = -1 [Oct 14 10:53:13][LOCAL_IP <-> REMOTE_IP] ike_alloc_negotiation: Start, SA = { 782a6950 de1a66c8 - 3262ac85 12a03a2f} [Oct 14 10:53:13][LOCAL_IP <-> REMOTE_IP] ike_alloc_negotiation: Found slot 0, max 1 [Oct 14 10:53:13][LOCAL_IP <-> REMOTE_IP] ike_init_cfg_negotiation: Start, initiator = 0, message_id = b026aa22 [Oct 14 10:53:13][LOCAL_IP <-> REMOTE_IP] :500 (Responder) <-> REMOTE_IP:500 { 782a6950 de1a66c8 - 3262ac85 12a03a2f [0] / 0xb026aa22 } CFG; New negotiation [Oct 14 10:53:13][LOCAL_IP <-> REMOTE_IP] ikev2_fallback_negotiation_alloc: Allocated fallback negotiation dfc800 [Oct 14 10:53:13][LOCAL_IP <-> REMOTE_IP] ikev2_fb_alloc_cfgmode_negotiation: Accepting new Cfg/XAuth negotiation: local=:500, remote=REMOTE_IP:500 [Oct 14 10:53:13][LOCAL_IP <-> REMOTE_IP] :500 (Responder) <-> REMOTE_IP:500 { 782a6950 de1a66c8 - 3262ac85 12a03a2f [0] / 0xb026aa22 } CFG; Output of phase 2 IV hash[16] = 0x1cc923d6 760dfb38 2436ad66 9cd58a43 [Oct 14 10:53:13][LOCAL_IP <-> REMOTE_IP] ike_decode_packet: Start [Oct 14 10:53:13][LOCAL_IP <-> REMOTE_IP] ike_decode_packet: Start, SA = { 782a6950 de1a66c8 - 3262ac85 12a03a2f} / b026aa22, nego = 0 [Oct 14 10:53:13][LOCAL_IP <-> REMOTE_IP] ike_decode_packet: Decrypting packet [Oct 14 10:53:13][LOCAL_IP <-> REMOTE_IP] ike_decode_payload_attr: Start [Oct 14 10:53:13][LOCAL_IP <-> REMOTE_IP] :500 (Responder) <-> REMOTE_IP:500 { 782a6950 de1a66c8 - 3262ac85 12a03a2f [0] / 0xb026aa22 } CFG; Version = 1.0, Input packet fields = 0820 HASH ATTR [Oct 14 10:53:13][LOCAL_IP <-> REMOTE_IP] ike_state_step: Current state = Start CFG R (26)/-1, exchange = 6, auth_method = any, Responder [Oct 14 10:53:13][LOCAL_IP <-> REMOTE_IP] ike_st_i_encrypt: Check that packet was encrypted succeeded [Oct 14 10:53:13][LOCAL_IP <-> REMOTE_IP] ike_st_i_gen_hash: Start, hash[0..20] = 08928beb c7c2cc10 ... [Oct 14 10:53:13][LOCAL_IP <-> REMOTE_IP] ike_st_i_cfg_attr: Start [Oct 14 10:53:13][LOCAL_IP <-> REMOTE_IP] ike_process_packet: No output packet, returning [Oct 14 10:53:13][LOCAL_IP <-> REMOTE_IP] ike_cfg_attrs_reply: Start [Oct 14 10:53:13][LOCAL_IP <-> REMOTE_IP] ikev2_fallback_negotiation_free: Fallback negotiation dfc800 has still 2 references [Oct 14 10:53:13][LOCAL_IP <-> REMOTE_IP] ikev2_fallback_negotiation_free: Fallback negotiation dfc800 has still 1 references [Oct 14 10:53:13][LOCAL_IP <-> REMOTE_IP] ikev2_fallback_negotiation_free: Freeing fallback negotiation dfc800 [Oct 14 10:53:13][LOCAL_IP <-> REMOTE_IP] ike_sa_find: Found SA = { 782a6950 de1a66c8 - 3262ac85 12a03a2f } [Oct 14 10:53:13][LOCAL_IP <-> REMOTE_IP] ikev2_packet_v1_start: Passing IKE v1.0 packet to IKEv1 library [Oct 14 10:53:13][LOCAL_IP <-> REMOTE_IP] ike_get_sa: Start, SA = { 782a6950 de1a66c8 - 3262ac85 12a03a2f } / 994693cf, remote = REMOTE_IP:500 [Oct 14 10:53:13][LOCAL_IP <-> REMOTE_IP] ike_sa_find: Found SA = { 782a6950 de1a66c8 - 3262ac85 12a03a2f } [Oct 14 10:53:13][LOCAL_IP <-> REMOTE_IP] ike_alloc_negotiation: Start, SA = { 782a6950 de1a66c8 - 3262ac85 12a03a2f} [Oct 14 10:53:13][LOCAL_IP <-> REMOTE_IP] ike_alloc_negotiation: Found slot 1, max 2 [Oct 14 10:53:13][LOCAL_IP <-> REMOTE_IP] :500 (Responder) <-> REMOTE_IP:500 { 782a6950 de1a66c8 - 3262ac85 12a03a2f [1] / 0x994693cf } Info; New informational negotiation [Oct 14 10:53:13][LOCAL_IP <-> REMOTE_IP] :500 (Responder) <-> REMOTE_IP:500 { 782a6950 de1a66c8 - 3262ac85 12a03a2f [1] / 0x994693cf } Info; Packet to old negotiation [Oct 14 10:53:13][LOCAL_IP <-> REMOTE_IP] :500 (Responder) <-> REMOTE_IP:500 { 782a6950 de1a66c8 - 3262ac85 12a03a2f [1] / 0x994693cf } Info; Output of phase 2 IV hash[16] = 0x52d28be1 789fb9d6 2d1d8781 96a40bd1 [Oct 14 10:53:13][LOCAL_IP <-> REMOTE_IP] ike_decode_packet: Start [Oct 14 10:53:13][LOCAL_IP <-> REMOTE_IP] ike_decode_packet: Start, SA = { 782a6950 de1a66c8 - 3262ac85 12a03a2f} / 994693cf, nego = 1 [Oct 14 10:53:13][LOCAL_IP <-> REMOTE_IP] ike_decode_packet: Decrypting packet [Oct 14 10:53:13][LOCAL_IP <-> REMOTE_IP] :500 (Responder) <-> REMOTE_IP:500 { 782a6950 de1a66c8 - 3262ac85 12a03a2f [1] / 0x994693cf } Info; Version = 1.0, Input packet fields = 0220 HASH N [Oct 14 10:53:13][LOCAL_IP <-> REMOTE_IP] ike_state_step: Current state = Done (30)/-1, exchange = 5, auth_method = any, Responder [Oct 14 10:53:13][LOCAL_IP <-> REMOTE_IP] ike_st_i_encrypt: Check that packet was encrypted succeeded [Oct 14 10:53:13][LOCAL_IP <-> REMOTE_IP] ike_st_i_gen_hash: Start, hash[0..20] = c1b0b8b5 3c632054 ... [Oct 14 10:53:13][LOCAL_IP <-> REMOTE_IP] ike_st_i_n: Start, doi = 1, protocol = 1, code = Payload malformed (16), spi[0..0] = 00000000 00000000 ..., data[0..0] = 00000000 00000000 ... [Oct 14 10:53:13][LOCAL_IP <-> REMOTE_IP] :500 (Responder) <-> REMOTE_IP:500 { 782a6950 de1a66c8 - 3262ac85 12a03a2f [1] / 0x994693cf } Info; Received notify err = Payload malformed (16) to isakmp sa, delete it [Oct 14 10:53:13][LOCAL_IP <-> REMOTE_IP] ike_st_i_private: Start [Oct 14 10:53:13][LOCAL_IP <-> REMOTE_IP] ike_state_step: All done, new state = Done (30) [Oct 14 10:53:13][LOCAL_IP <-> REMOTE_IP] ike_process_packet: Connected, sending notify [Oct 14 10:53:13][LOCAL_IP <-> REMOTE_IP] ike_send_notify: Connected, SA = { 782a6950 de1a66c8 - 3262ac85 12a03a2f}, nego = 1 [Oct 14 10:53:13][LOCAL_IP <-> REMOTE_IP] :500 (Responder) <-> REMOTE_IP:500 { 782a6950 de1a66c8 - 3262ac85 12a03a2f [1] / 0x994693cf } Info; Connected [Oct 14 10:53:13][LOCAL_IP <-> REMOTE_IP] ike_delete_negotiation: Start, SA = { 782a6950 de1a66c8 - 3262ac85 12a03a2f}, nego = 1 [Oct 14 10:53:13][LOCAL_IP <-> REMOTE_IP] :500 (Responder) <-> REMOTE_IP:500 { 782a6950 de1a66c8 - 3262ac85 12a03a2f [1] / 0x994693cf } Info; Deleting negotiation [Oct 14 10:53:13][LOCAL_IP <-> REMOTE_IP] ike_free_negotiation_info: Start, nego = 1 [Oct 14 10:53:13][LOCAL_IP <-> REMOTE_IP] ike_free_negotiation: Start, nego = 1 [Oct 14 10:53:13][LOCAL_IP <-> REMOTE_IP] ike_remove_callback: Start, delete SA = { 782a6950 de1a66c8 - 3262ac85 12a03a2f}, nego = -1 [Oct 14 10:53:13][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { 782a6950 de1a66c8 - 3262ac85 12a03a2f [-1] / unknown } IP; Removing negotiation [Oct 14 10:53:13][LOCAL_IP <-> REMOTE_IP] ike_delete_negotiation: Start, SA = { 782a6950 de1a66c8 - 3262ac85 12a03a2f}, nego = -1 [Oct 14 10:53:13][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { 782a6950 de1a66c8 - 3262ac85 12a03a2f [-1] / unknown } IP; Deleting negotiation [Oct 14 10:53:13][LOCAL_IP <-> REMOTE_IP] ssh_ike_tunnel_table_entry_delete: Deleting tunnel_id: 0 from IKE tunnel table [Oct 14 10:53:13][LOCAL_IP <-> REMOTE_IP] ssh_ike_tunnel_table_entry_delete: The tunnel id: 0 doesn't exist in IKE tunnel table [Oct 14 10:53:13][LOCAL_IP <-> REMOTE_IP] ike_sa_delete: Start, SA = { 782a6950 de1a66c8 - 3262ac85 12a03a2f } [Oct 14 10:53:13][LOCAL_IP <-> REMOTE_IP] ike_free_negotiation_cfg: Start, nego = 0 [Oct 14 10:53:13][LOCAL_IP <-> REMOTE_IP] ike_free_negotiation: Start, nego = 0 [Oct 14 10:53:13][LOCAL_IP <-> REMOTE_IP] ike_free_negotiation_isakmp: Start, nego = -1 [Oct 14 10:53:13][LOCAL_IP <-> REMOTE_IP] ike_free_negotiation: Start, nego = -1 [Oct 14 10:53:13][LOCAL_IP <-> REMOTE_IP] ikev2_fb_isakmp_sa_freed: Received notification from the ISAKMP library that the IKE SA df6400 is freed [Oct 14 10:53:13][LOCAL_IP <-> REMOTE_IP] IKE SA delete called for p1 sa 2593439 (ref cnt 1) local:LOCAL_IP, remote:REMOTE_IP, IKEv1 [Oct 14 10:53:13][LOCAL_IP <-> REMOTE_IP] P1 SA 2593439 stop timer. timer duration 30, reason 0. [Oct 14 10:53:13][LOCAL_IP <-> REMOTE_IP] iked_pm_p1_sa_destroy: p1 sa 2593439 (ref cnt 0), waiting_for_del 0x0 [Oct 14 10:53:13][LOCAL_IP <-> REMOTE_IP] iked_peer_remove_p1sa_entry: Remove p1 sa 2593439 from peer entry 0x9cc400 [Oct 14 10:53:13][LOCAL_IP <-> REMOTE_IP] ike_free_id_payload: Start, id type = 1 [Oct 14 10:53:13][LOCAL_IP <-> REMOTE_IP] ike_free_id_payload: Start, id type = 1 [Oct 14 10:53:13][LOCAL_IP <-> REMOTE_IP] ike_free_sa: Start [Oct 14 10:53:17][LOCAL_IP <-> REMOTE_IP] ike_sa_find: Not found SA = { 782a6950 de1a66c8 - 3262ac85 12a03a2f } [Oct 14 10:53:17][LOCAL_IP <-> REMOTE_IP] ikev2_packet_v1_start: Passing IKE v1.0 packet to IKEv1 library [Oct 14 10:53:17][LOCAL_IP <-> REMOTE_IP] ike_get_sa: Start, SA = { 782a6950 de1a66c8 - 3262ac85 12a03a2f } / b026aa22, remote = REMOTE_IP:500 [Oct 14 10:53:17][LOCAL_IP <-> REMOTE_IP] ike_sa_find: Not found SA = { 782a6950 de1a66c8 - 3262ac85 12a03a2f } [Oct 14 10:53:17][LOCAL_IP <-> REMOTE_IP] ike_sa_find_half: Not found half SA = { 782a6950 de1a66c8 - 00000000 00000000 } [Oct 14 10:53:17][LOCAL_IP <-> REMOTE_IP] ike_get_sa: Invalid cookie, no sa found, SA = { 782a6950 de1a66c8 - 3262ac85 12a03a2f } / b026aa22, remote = REMOTE_IP:500 [Oct 14 10:53:17][LOCAL_IP <-> REMOTE_IP] iked_pv_audit_callback: Empty SSH audit event [Oct 14 10:53:17][LOCAL_IP <-> REMOTE_IP] unknown (unknown) <-> unknown { unknown [unknown] / unknown } unknown; Packet to unknown Isakmp SA, ip = REMOTE_IP:500 [Oct 14 10:53:23][LOCAL_IP <-> REMOTE_IP] Received DPD Trigger message with local_gw_addr = LOCAL_IP remote_gw_addr = REMOTE_IP [Oct 14 10:53:23][LOCAL_IP <-> REMOTE_IP] DPD -> TTL decrement 4 (no-response) for remote peer REMOTE_IP [Oct 14 10:53:23][LOCAL_IP <-> REMOTE_IP] P1 SA 2593440 start timer. timer duration 30, reason 1. [Oct 14 10:53:23][LOCAL_IP <-> REMOTE_IP] iked_peer_insert_p1sa_entry: Insert p1 sa 2593440 in peer entry 0x9cc400 [Oct 14 10:53:23][LOCAL_IP <-> REMOTE_IP] ikev2_fallback_negotiation_alloc: Allocated fallback negotiation dfc800 [Oct 14 10:53:23][LOCAL_IP <-> REMOTE_IP] Parsing notification payload for local:LOCAL_IP, remote:REMOTE_IP IKEv1 [Oct 14 10:53:23][LOCAL_IP <-> REMOTE_IP] IKE SA fill called for negotiation of local:LOCAL_IP, remote:REMOTE_IP IKEv1 [Oct 14 10:53:23][LOCAL_IP <-> REMOTE_IP] ikev2_fallback_negotiation_free: Fallback negotiation dfc800 has still 1 references [Oct 14 10:53:23][LOCAL_IP <-> REMOTE_IP] ssh_ike_connect: Start, remote_name = REMOTE_IP:500, xchg = 2, flags = 00080000 [Oct 14 10:53:23][LOCAL_IP <-> REMOTE_IP] ike_sa_allocate: Start, SA = { d9122f71 5dc6849a - 00000000 00000000 } [Oct 14 10:53:23][LOCAL_IP <-> REMOTE_IP] ike_init_isakmp_sa: Start, remote = REMOTE_IP:500, initiator = 1 [Oct 14 10:53:23][LOCAL_IP <-> REMOTE_IP] ssh_ike_connect: SA = { d9122f71 5dc6849a - 00000000 00000000}, nego = -1 [Oct 14 10:53:23][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { d9122f71 5dc6849a - 00000000 00000000 [-1] / 0x00000000 } IP; Start isakmp sa negotiation [Oct 14 10:53:23][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { d9122f71 5dc6849a - 00000000 00000000 [-1] / 0x00000000 } IP; Version = 1.0, Input packet fields = 0000 [Oct 14 10:53:23][LOCAL_IP <-> REMOTE_IP] ike_state_step: Current state = Start sa negotiation I (1)/-1, exchange = 2, auth_method = pre shared key, Initiator [Oct 14 10:53:23][LOCAL_IP <-> REMOTE_IP] ike_st_o_sa_proposal: Start [Oct 14 10:53:23][LOCAL_IP <-> REMOTE_IP] ike_policy_reply_isakmp_vendor_ids: Start [Oct 14 10:53:23][LOCAL_IP <-> REMOTE_IP] ike_st_o_private: Start [Oct 14 10:53:23][LOCAL_IP <-> REMOTE_IP] ike_policy_reply_private_payload_out: Start [Oct 14 10:53:23][LOCAL_IP <-> REMOTE_IP] ike_state_step: All done, new state = MM SA I (3) [Oct 14 10:53:23][LOCAL_IP <-> REMOTE_IP] ike_encode_packet: Start, SA = { 0xd9122f71 5dc6849a - 00000000 00000000 } / 00000000, nego = -1 [Oct 14 10:53:23][LOCAL_IP <-> REMOTE_IP] ike_encode_packet: Final length = 288 [Oct 14 10:53:23][LOCAL_IP <-> REMOTE_IP] ike_send_packet: Start, send SA = { d9122f71 5dc6849a - 00000000 00000000}, nego = -1, dst = REMOTE_IP:500, routing table id = 0 [Oct 14 10:53:23][LOCAL_IP <-> REMOTE_IP] ike_sa_find: Not found SA = { d9122f71 5dc6849a - 3adedbe0 aab57f71 } [Oct 14 10:53:23][LOCAL_IP <-> REMOTE_IP] ikev2_packet_v1_start: Passing IKE v1.0 packet to IKEv1 library [Oct 14 10:53:23][LOCAL_IP <-> REMOTE_IP] ike_get_sa: Start, SA = { d9122f71 5dc6849a - 3adedbe0 aab57f71 } / 00000000, remote = REMOTE_IP:500 [Oct 14 10:53:23][LOCAL_IP <-> REMOTE_IP] ike_sa_find: Not found SA = { d9122f71 5dc6849a - 3adedbe0 aab57f71 } [Oct 14 10:53:23][LOCAL_IP <-> REMOTE_IP] ike_sa_find_half: Found half SA = { d9122f71 5dc6849a - 00000000 00000000 } [Oct 14 10:53:23][LOCAL_IP <-> REMOTE_IP] ike_get_sa: We are intiator, first response packet [Oct 14 10:53:23][LOCAL_IP <-> REMOTE_IP] ike_sa_upgrade: Start, SA = { d9122f71 5dc6849a - 00000000 00000000 } -> { ... - 3adedbe0 aab57f71 } [Oct 14 10:53:23][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { d9122f71 5dc6849a - 3adedbe0 aab57f71 [-1] / 0x00000000 } IP; Packet to old negotiation [Oct 14 10:53:23][LOCAL_IP <-> REMOTE_IP] ike_decode_packet: Start [Oct 14 10:53:23][LOCAL_IP <-> REMOTE_IP] ike_decode_packet: Start, SA = { d9122f71 5dc6849a - 3adedbe0 aab57f71} / 00000000, nego = -1 [Oct 14 10:53:23][LOCAL_IP <-> REMOTE_IP] ike_decode_payload_sa: Start [Oct 14 10:53:23][LOCAL_IP <-> REMOTE_IP] ike_decode_payload_sa: Found 1 proposals [Oct 14 10:53:23][LOCAL_IP <-> REMOTE_IP] ike_decode_payload_t: Start, # trans = 1 [Oct 14 10:53:23][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { d9122f71 5dc6849a - 3adedbe0 aab57f71 [-1] / 0x00000000 } IP; Version = 1.0, Input packet fields = 0401 SA VID [Oct 14 10:53:23][LOCAL_IP <-> REMOTE_IP] ike_state_step: Current state = MM SA I (3)/-1, exchange = 2, auth_method = pre shared key, Initiator [Oct 14 10:53:23][LOCAL_IP <-> REMOTE_IP] ike_st_i_sa_value: Start [Oct 14 10:53:23][LOCAL_IP <-> REMOTE_IP] ike_st_i_cr: Start [Oct 14 10:53:23][LOCAL_IP <-> REMOTE_IP] ike_st_i_cert: Start [Oct 14 10:53:23][LOCAL_IP <-> REMOTE_IP] ike_st_i_vid: VID[0..8] = 09002689 dfd6b712 ... [Oct 14 10:53:23][LOCAL_IP <-> REMOTE_IP] ike_st_i_vid: VID[0..16] = afcad713 68a1f1c9 ... [Oct 14 10:53:23][LOCAL_IP <-> REMOTE_IP] ike_st_i_vid: VID[0..16] = 12f5f28c 457168a9 ... [Oct 14 10:53:23][LOCAL_IP <-> REMOTE_IP] ike_st_i_vid: VID[0..16] = 4a131c81 07035845 ... [Oct 14 10:53:23][LOCAL_IP <-> REMOTE_IP] ike_st_i_private: Start [Oct 14 10:53:23][LOCAL_IP <-> REMOTE_IP] ike_st_o_ke: Start [Oct 14 10:53:23][LOCAL_IP <-> REMOTE_IP] iked_dh_get_group: DH Group 2 [Oct 14 10:53:23][LOCAL_IP <-> REMOTE_IP] iked_dh_generate_sync: Requested DH group 2 [Oct 14 10:53:23][LOCAL_IP <-> REMOTE_IP] iked_dh_generate_sync: Generated DH keys using hardware for DH group 2 [Oct 14 10:53:23][LOCAL_IP <-> REMOTE_IP] juniper_dlp_diffie_hellman_generate_async: DH Generate Secs [0] USecs [6685] [Oct 14 10:53:23][LOCAL_IP <-> REMOTE_IP] juniper_dlp_diffie_hellman_generate_async: Generated DH using hardware [Oct 14 10:53:23][LOCAL_IP <-> REMOTE_IP] ike_st_o_nonce: Start [Oct 14 10:53:23][LOCAL_IP <-> REMOTE_IP] ike_policy_reply_isakmp_nonce_data_len: Start [Oct 14 10:53:23][LOCAL_IP <-> REMOTE_IP] ike_st_o_private: Start [Oct 14 10:53:23][LOCAL_IP <-> REMOTE_IP] ike_policy_reply_private_payload_out: Start [Oct 14 10:53:23][LOCAL_IP <-> REMOTE_IP] ike_policy_reply_private_payload_out: Start [Oct 14 10:53:23][LOCAL_IP <-> REMOTE_IP] ike_policy_reply_private_payload_out: Start [Oct 14 10:53:23][LOCAL_IP <-> REMOTE_IP] ike_state_step: All done, new state = MM KE I (5) [Oct 14 10:53:23][LOCAL_IP <-> REMOTE_IP] ike_encode_packet: Start, SA = { 0xd9122f71 5dc6849a - 3adedbe0 aab57f71 } / 00000000, nego = -1 [Oct 14 10:53:23][LOCAL_IP <-> REMOTE_IP] ike_encode_packet: Final length = 228 [Oct 14 10:53:23][LOCAL_IP <-> REMOTE_IP] ike_send_packet: Start, send SA = { d9122f71 5dc6849a - 3adedbe0 aab57f71}, nego = -1, dst = REMOTE_IP:500, routing table id = 0 [Oct 14 10:53:23][LOCAL_IP <-> REMOTE_IP] ike_sa_find: Found SA = { d9122f71 5dc6849a - 3adedbe0 aab57f71 } [Oct 14 10:53:23][LOCAL_IP <-> REMOTE_IP] ikev2_packet_v1_start: Passing IKE v1.0 packet to IKEv1 library [Oct 14 10:53:23][LOCAL_IP <-> REMOTE_IP] ike_get_sa: Start, SA = { d9122f71 5dc6849a - 3adedbe0 aab57f71 } / 00000000, remote = REMOTE_IP:500 [Oct 14 10:53:23][LOCAL_IP <-> REMOTE_IP] ike_sa_find: Found SA = { d9122f71 5dc6849a - 3adedbe0 aab57f71 } [Oct 14 10:53:23][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { d9122f71 5dc6849a - 3adedbe0 aab57f71 [-1] / 0x00000000 } IP; Packet to old negotiation [Oct 14 10:53:23][LOCAL_IP <-> REMOTE_IP] ike_decode_packet: Start [Oct 14 10:53:23][LOCAL_IP <-> REMOTE_IP] ike_decode_packet: Start, SA = { d9122f71 5dc6849a - 3adedbe0 aab57f71} / 00000000, nego = -1 [Oct 14 10:53:23][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { d9122f71 5dc6849a - 3adedbe0 aab57f71 [-1] / 0x00000000 } IP; Version = 1.0, Input packet fields = 0012 KE NONCE [Oct 14 10:53:23][LOCAL_IP <-> REMOTE_IP] ike_state_step: Current state = MM KE I (5)/-1, exchange = 2, auth_method = pre shared key, Initiator [Oct 14 10:53:23][LOCAL_IP <-> REMOTE_IP] ike_st_i_nonce: Start, nonce[0..32] = 483782e8 7e8e76fb ... [Oct 14 10:53:23][LOCAL_IP <-> REMOTE_IP] ike_st_i_ke: Ke[0..128] = 83eacbbb a06c97a6 ... [Oct 14 10:53:23][LOCAL_IP <-> REMOTE_IP] ike_st_i_cr: Start [Oct 14 10:53:23][LOCAL_IP <-> REMOTE_IP] ike_st_i_cert: Start [Oct 14 10:53:23][LOCAL_IP <-> REMOTE_IP] ike_st_i_private: Start [Oct 14 10:53:23][LOCAL_IP <-> REMOTE_IP] ike_st_o_id: Start [Oct 14 10:53:23][LOCAL_IP <-> REMOTE_IP] ike_st_o_hash: Start [Oct 14 10:53:23][LOCAL_IP <-> REMOTE_IP] iked_dh_get_group: DH Group 2 [Oct 14 10:53:23][LOCAL_IP <-> REMOTE_IP] iked_dh_compute_synch: Requested DH group 2 [Oct 14 10:53:23][LOCAL_IP <-> REMOTE_IP] juniper_dlp_diffie_hellman_final_async: DH Compute Secs [0] USecs [5343] [Oct 14 10:53:23][LOCAL_IP <-> REMOTE_IP] juniper_dlp_diffie_hellman_final_async: Computed DH using hardware [Oct 14 10:53:23][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { d9122f71 5dc6849a - 3adedbe0 aab57f71 [-1] / 0x00000000 } IP; Diffie-hellman secret g^xy[128] = 0x2c947044 5d25742e e59033fa 18f2a651 07 [Oct 14 10:53:23][LOCAL_IP <-> REMOTE_IP] ike_find_pre_shared_key: Find pre shared key key for LOCAL_IP:500, id = ipv4(any:0,[0..3]=LOCAL_IP) -> REMOTE_IP:500, id = No Id [Oct 14 10:53:23][LOCAL_IP <-> REMOTE_IP] ike_policy_reply_find_pre_shared_key: Start [Oct 14 10:53:23][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { d9122f71 5dc6849a - 3adedbe0 aab57f71 [-1] / 0x00000000 } IP; Hash algorithm = hmac-sha1 [Oct 14 10:53:23][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { d9122f71 5dc6849a - 3adedbe0 aab57f71 [-1] / 0x00000000 } IP; Prf key[11] = 0x32303135 4d696172 657465 [Oct 14 10:53:23][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { d9122f71 5dc6849a - 3adedbe0 aab57f71 [-1] / 0x00000000 } IP; Calculating SKEYID [Oct 14 10:53:23][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { d9122f71 5dc6849a - 3adedbe0 aab57f71 [-1] / 0x00000000 } IP; Output of SKEYID hash[20] = 0x5316ea49 fcc3a177 9455011f 0b1e0138 f5c7c879 [Oct 14 10:53:23][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { d9122f71 5dc6849a - 3adedbe0 aab57f71 [-1] / 0x00000000 } IP; Output of SKEYID_d hash[20] = 0x8b771d1d e76d1e1b db1e2465 298b16df 11e2b6 [Oct 14 10:53:23][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { d9122f71 5dc6849a - 3adedbe0 aab57f71 [-1] / 0x00000000 } IP; Output of SKEYID_a hash[20] = 0xd3c4a3dd e59f95cb 5ae1a89a 44f25812 a460e2 [Oct 14 10:53:23][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { d9122f71 5dc6849a - 3adedbe0 aab57f71 [-1] / 0x00000000 } IP; Output SKEYID_e hash[20] = 0x2cbffc65 ead30f00 813ba83f b941019e ebcc3d5e [Oct 14 10:53:23][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { d9122f71 5dc6849a - 3adedbe0 aab57f71 [-1] / 0x00000000 } IP; Final encryption key[16] = 0x2cbffc65 ead30f00 813ba83f b941019e [Oct 14 10:53:23][LOCAL_IP <-> REMOTE_IP] ike_calc_mac: Start, initiator = true, local = true [Oct 14 10:53:23][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { d9122f71 5dc6849a - 3adedbe0 aab57f71 [-1] / 0x00000000 } IP; Output of HASH_I hash[20] = 0x74d6c3cf c16665d0 0ff5ca81 1cb4f85a 43b4418b [Oct 14 10:53:23][LOCAL_IP <-> REMOTE_IP] ike_st_o_status_n: Start [Oct 14 10:53:23][LOCAL_IP <-> REMOTE_IP] ike_st_o_private: Start [Oct 14 10:53:23][LOCAL_IP <-> REMOTE_IP] ike_policy_reply_private_payload_out: Start [Oct 14 10:53:23][LOCAL_IP <-> REMOTE_IP] ike_st_o_encrypt: Marking encryption for packet [Oct 14 10:53:23][LOCAL_IP <-> REMOTE_IP] ike_state_step: All done, new state = MM final I (7) [Oct 14 10:53:23][LOCAL_IP <-> REMOTE_IP] ike_encode_packet: Start, SA = { 0xd9122f71 5dc6849a - 3adedbe0 aab57f71 } / 00000000, nego = -1 [Oct 14 10:53:23][LOCAL_IP <-> REMOTE_IP] ike_encode_packet: Encrypting packet [Oct 14 10:53:23][LOCAL_IP <-> REMOTE_IP] ike_encode_packet: Final length = 76 [Oct 14 10:53:23][LOCAL_IP <-> REMOTE_IP] ike_send_packet: Start, send SA = { d9122f71 5dc6849a - 3adedbe0 aab57f71}, nego = -1, dst = REMOTE_IP:500, routing table id = 0 [Oct 14 10:53:23][LOCAL_IP <-> REMOTE_IP] ike_sa_find: Found SA = { d9122f71 5dc6849a - 3adedbe0 aab57f71 } [Oct 14 10:53:23][LOCAL_IP <-> REMOTE_IP] ikev2_packet_v1_start: Passing IKE v1.0 packet to IKEv1 library [Oct 14 10:53:23][LOCAL_IP <-> REMOTE_IP] ike_get_sa: Start, SA = { d9122f71 5dc6849a - 3adedbe0 aab57f71 } / 00000000, remote = REMOTE_IP:500 [Oct 14 10:53:23][LOCAL_IP <-> REMOTE_IP] ike_sa_find: Found SA = { d9122f71 5dc6849a - 3adedbe0 aab57f71 } [Oct 14 10:53:23][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { d9122f71 5dc6849a - 3adedbe0 aab57f71 [-1] / 0x00000000 } IP; Packet to old negotiation [Oct 14 10:53:23][LOCAL_IP <-> REMOTE_IP] ike_decode_packet: Start [Oct 14 10:53:23][LOCAL_IP <-> REMOTE_IP] ike_decode_packet: Start, SA = { d9122f71 5dc6849a - 3adedbe0 aab57f71} / 00000000, nego = -1 [Oct 14 10:53:23][LOCAL_IP <-> REMOTE_IP] ike_decode_packet: Decrypting packet [Oct 14 10:53:23][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { d9122f71 5dc6849a - 3adedbe0 aab57f71 [-1] / 0x00000000 } IP; Version = 1.0, Input packet fields = 0024 ID HASH [Oct 14 10:53:23][LOCAL_IP <-> REMOTE_IP] ike_state_step: Current state = MM final I (7)/-1, exchange = 2, auth_method = pre shared key, Initiator [Oct 14 10:53:23][LOCAL_IP <-> REMOTE_IP] ike_st_i_encrypt: Check that packet was encrypted succeeded [Oct 14 10:53:23][LOCAL_IP <-> REMOTE_IP] ike_st_i_id: Start [Oct 14 10:53:23][LOCAL_IP <-> REMOTE_IP] ike_st_i_hash: Start, hash[0..20] = b9b6fc8b 1d5b26ce ... [Oct 14 10:53:23][LOCAL_IP <-> REMOTE_IP] ike_calc_mac: Start, initiator = true, local = false [Oct 14 10:53:23][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { d9122f71 5dc6849a - 3adedbe0 aab57f71 [-1] / 0x00000000 } IP; Output of HASH_R hash[20] = 0xb9b6fc8b 1d5b26ce 2c852d28 121950c0 8c247548 [Oct 14 10:53:23][LOCAL_IP <-> REMOTE_IP] ike_st_i_cert: Start [Oct 14 10:53:23][LOCAL_IP <-> REMOTE_IP] ike_st_i_private: Start [Oct 14 10:53:23][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { d9122f71 5dc6849a - 3adedbe0 aab57f71 [-1] / 0x00000000 } IP; dec->enc iv[16] = 0x64bb7b34 84014073 f4b7030f bcd2cd03 [Oct 14 10:53:23][LOCAL_IP <-> REMOTE_IP] ike_st_o_wait_done: Marking for waiting for done [Oct 14 10:53:23][LOCAL_IP <-> REMOTE_IP] ike_st_o_all_done: MESSAGE: Phase 1 { 0xd9122f71 5dc6849a - 0x3adedbe0 aab57f71 } / 00000000, version = 1.0, xchg = Identity protect, auth_method = Pre shared keys, Initiator, cipher = aes- [Oct 14 10:53:23][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { d9122f71 5dc6849a - 3adedbe0 aab57f71 [-1] / 0x00000000 } IP; MESSAGE: Phase 1 version = 1.0, auth_method = Pre shared keys, cipher = ae [Oct 14 10:53:23][LOCAL_IP <-> REMOTE_IP] ike_state_step: All done, new state = MM done I (9) [Oct 14 10:53:23][LOCAL_IP <-> REMOTE_IP] ikev2_fallback_negotiation_free: Fallback negotiation dfc800 has still 1 references [Oct 14 10:53:23][LOCAL_IP <-> REMOTE_IP] ike_send_notify: Connected, SA = { d9122f71 5dc6849a - 3adedbe0 aab57f71}, nego = -1 [Oct 14 10:53:23][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { d9122f71 5dc6849a - 3adedbe0 aab57f71 [-1] / 0x00000000 } IP; Connected [Oct 14 10:53:23][LOCAL_IP <-> REMOTE_IP] ike_process_packet: No output packet, returning [Oct 14 10:53:23][LOCAL_IP <-> REMOTE_IP] iked_pm_ike_sa_done: local:LOCAL_IP, remote:REMOTE_IP IKEv1 [Oct 14 10:53:23][LOCAL_IP <-> REMOTE_IP] IKE negotiation done for local:LOCAL_IP, remote:REMOTE_IP IKEv1 with status: Error ok [Oct 14 10:53:23][LOCAL_IP <-> REMOTE_IP] Parsing notification payload for local:LOCAL_IP, remote:REMOTE_IP IKEv1 [Oct 14 10:53:23][LOCAL_IP <-> REMOTE_IP] P1 SA 2593440 stop timer. timer duration 30, reason 1. [Oct 14 10:53:23][LOCAL_IP <-> REMOTE_IP] ssh_ike_connect_notify: Start, remote_name = :500, flags = 00010000 [Oct 14 10:53:23][LOCAL_IP <-> REMOTE_IP] ike_sa_find_ip_port: Remote = all:500, Found SA = { d9122f71 5dc6849a - 3adedbe0 aab57f71} [Oct 14 10:53:23][LOCAL_IP <-> REMOTE_IP] ike_alloc_negotiation: Start, SA = { d9122f71 5dc6849a - 3adedbe0 aab57f71} [Oct 14 10:53:23][LOCAL_IP <-> REMOTE_IP] ike_alloc_negotiation: Found slot 0, max 1 [Oct 14 10:53:23][LOCAL_IP <-> REMOTE_IP] :500 (Initiator) <-> REMOTE_IP:500 { d9122f71 5dc6849a - 3adedbe0 aab57f71 [0] / 0xcca5be25 } Info; Output of phase 2 IV hash[16] = 0xc5ac1623 7bc34793 c5ee0614 e8f1fa45 [Oct 14 10:53:23][LOCAL_IP <-> REMOTE_IP] ike_init_info_exchange: Created random message id = cca5be25 [Oct 14 10:53:23][LOCAL_IP <-> REMOTE_IP] ike_init_info_exchange: Phase 1 done, use HASH and N or D payload [Oct 14 10:53:23][LOCAL_IP <-> REMOTE_IP] ssh_ike_connect_notify: SA = { d9122f71 5dc6849a - 3adedbe0 aab57f71}, nego = 0 [Oct 14 10:53:23][LOCAL_IP <-> REMOTE_IP] :500 (Initiator) <-> REMOTE_IP:500 { d9122f71 5dc6849a - 3adedbe0 aab57f71 [0] / 0xcca5be25 } Info; Start notify negotiation [Oct 14 10:53:23][LOCAL_IP <-> REMOTE_IP] ike_encode_packet: Start, SA = { 0xd9122f71 5dc6849a - 3adedbe0 aab57f71 } / cca5be25, nego = 0 [Oct 14 10:53:23][LOCAL_IP <-> REMOTE_IP] ike_encode_packet: Encrypting packet [Oct 14 10:53:23][LOCAL_IP <-> REMOTE_IP] ike_encode_packet: Final length = 92 [Oct 14 10:53:23][LOCAL_IP <-> REMOTE_IP] ssh_ike_connect_notify: Sending notification to (null):500 [Oct 14 10:53:23][LOCAL_IP <-> REMOTE_IP] ike_send_packet: Start, send SA = { d9122f71 5dc6849a - 3adedbe0 aab57f71}, nego = 0, dst = REMOTE_IP:500, routing table id = 0 [Oct 14 10:53:23][LOCAL_IP <-> REMOTE_IP] ike_delete_negotiation: Start, SA = { d9122f71 5dc6849a - 3adedbe0 aab57f71}, nego = 0 [Oct 14 10:53:23][LOCAL_IP <-> REMOTE_IP] :500 (Initiator) <-> REMOTE_IP:500 { d9122f71 5dc6849a - 3adedbe0 aab57f71 [0] / 0xcca5be25 } Info; Deleting negotiation [Oct 14 10:53:23][LOCAL_IP <-> REMOTE_IP] ike_free_negotiation_info: Start, nego = 0 [Oct 14 10:53:23][LOCAL_IP <-> REMOTE_IP] ike_free_negotiation: Start, nego = 0 [Oct 14 10:53:23][LOCAL_IP <-> REMOTE_IP] iked_pm_ike_info_done_callback: P1 SA 2593440 (ref 2). pending req? 0, status: Error ok [Oct 14 10:53:23][LOCAL_IP <-> REMOTE_IP] ikev2_fallback_negotiation_free: Freeing fallback negotiation dfc800 [Oct 14 10:53:23][LOCAL_IP <-> REMOTE_IP] ike_sa_find: Found SA = { d9122f71 5dc6849a - 3adedbe0 aab57f71 } [Oct 14 10:53:23][LOCAL_IP <-> REMOTE_IP] ikev2_packet_v1_start: Passing IKE v1.0 packet to IKEv1 library [Oct 14 10:53:23][LOCAL_IP <-> REMOTE_IP] ike_get_sa: Start, SA = { d9122f71 5dc6849a - 3adedbe0 aab57f71 } / d2b884b8, remote = REMOTE_IP:500 [Oct 14 10:53:23][LOCAL_IP <-> REMOTE_IP] ike_sa_find: Found SA = { d9122f71 5dc6849a - 3adedbe0 aab57f71 } [Oct 14 10:53:23][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { d9122f71 5dc6849a - 3adedbe0 aab57f71 [-1] / 0x00000000 } IP; Version = 1.0, Input packet fields = 0024 ID HASH [Oct 14 10:53:23][LOCAL_IP <-> REMOTE_IP] ike_state_step: Current state = MM done I (9)/-1, exchange = 2, auth_method = pre shared key, Initiator [Oct 14 10:53:23][LOCAL_IP <-> REMOTE_IP] ike_st_o_done: ISAKMP SA negotiation done [Oct 14 10:53:23][LOCAL_IP <-> REMOTE_IP] ike_state_step: All done, new state = Done (30) [Oct 14 10:53:23][LOCAL_IP <-> REMOTE_IP] ike_udp_callback_common: Connected, sending notify [Oct 14 10:53:23][LOCAL_IP <-> REMOTE_IP] ike_send_notify: Connected, SA = { d9122f71 5dc6849a - 3adedbe0 aab57f71}, nego = -1 [Oct 14 10:53:23][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { d9122f71 5dc6849a - 3adedbe0 aab57f71 [-1] / 0x00000000 } IP; Connected [Oct 14 10:53:23][LOCAL_IP <-> REMOTE_IP] ike_free_negotiation_isakmp: Start, nego = -1 [Oct 14 10:53:23][LOCAL_IP <-> REMOTE_IP] ike_free_negotiation: Start, nego = -1 [Oct 14 10:53:23][LOCAL_IP <-> REMOTE_IP] ike_alloc_negotiation: Start, SA = { d9122f71 5dc6849a - 3adedbe0 aab57f71} [Oct 14 10:53:23][LOCAL_IP <-> REMOTE_IP] ike_alloc_negotiation: Found slot 0, max 1 [Oct 14 10:53:23][LOCAL_IP <-> REMOTE_IP] ike_init_cfg_negotiation: Start, initiator = 0, message_id = d2b884b8 [Oct 14 10:53:23][LOCAL_IP <-> REMOTE_IP] :500 (Responder) <-> REMOTE_IP:500 { d9122f71 5dc6849a - 3adedbe0 aab57f71 [0] / 0xd2b884b8 } CFG; New negotiation [Oct 14 10:53:23][LOCAL_IP <-> REMOTE_IP] ikev2_fallback_negotiation_alloc: Allocated fallback negotiation dfc800 [Oct 14 10:53:23][LOCAL_IP <-> REMOTE_IP] ikev2_fb_alloc_cfgmode_negotiation: Accepting new Cfg/XAuth negotiation: local=:500, remote=REMOTE_IP:500 [Oct 14 10:53:23][LOCAL_IP <-> REMOTE_IP] :500 (Responder) <-> REMOTE_IP:500 { d9122f71 5dc6849a - 3adedbe0 aab57f71 [0] / 0xd2b884b8 } CFG; Output of phase 2 IV hash[16] = 0x3e30412f ac279f33 ff0be02f 3fe6371c [Oct 14 10:53:23][LOCAL_IP <-> REMOTE_IP] ike_decode_packet: Start [Oct 14 10:53:23][LOCAL_IP <-> REMOTE_IP] ike_decode_packet: Start, SA = { d9122f71 5dc6849a - 3adedbe0 aab57f71} / d2b884b8, nego = 0 [Oct 14 10:53:23][LOCAL_IP <-> REMOTE_IP] ike_decode_packet: Decrypting packet [Oct 14 10:53:23][LOCAL_IP <-> REMOTE_IP] ike_decode_payload_attr: Start [Oct 14 10:53:23][LOCAL_IP <-> REMOTE_IP] :500 (Responder) <-> REMOTE_IP:500 { d9122f71 5dc6849a - 3adedbe0 aab57f71 [0] / 0xd2b884b8 } CFG; Version = 1.0, Input packet fields = 0820 HASH ATTR [Oct 14 10:53:23][LOCAL_IP <-> REMOTE_IP] ike_state_step: Current state = Start CFG R (26)/-1, exchange = 6, auth_method = any, Responder [Oct 14 10:53:23][LOCAL_IP <-> REMOTE_IP] ike_st_i_encrypt: Check that packet was encrypted succeeded [Oct 14 10:53:23][LOCAL_IP <-> REMOTE_IP] ike_st_i_gen_hash: Start, hash[0..20] = 7a477076 6f9dec57 ... [Oct 14 10:53:23][LOCAL_IP <-> REMOTE_IP] ike_st_i_cfg_attr: Start [Oct 14 10:53:23][LOCAL_IP <-> REMOTE_IP] ike_process_packet: No output packet, returning [Oct 14 10:53:23][LOCAL_IP <-> REMOTE_IP] ike_cfg_attrs_reply: Start [Oct 14 10:53:23][LOCAL_IP <-> REMOTE_IP] ikev2_fallback_negotiation_free: Fallback negotiation dfc800 has still 2 references [Oct 14 10:53:23][LOCAL_IP <-> REMOTE_IP] ikev2_fallback_negotiation_free: Fallback negotiation dfc800 has still 1 references [Oct 14 10:53:23][LOCAL_IP <-> REMOTE_IP] ikev2_fallback_negotiation_free: Freeing fallback negotiation dfc800 [Oct 14 10:53:23][LOCAL_IP <-> REMOTE_IP] ike_sa_find: Found SA = { d9122f71 5dc6849a - 3adedbe0 aab57f71 } [Oct 14 10:53:23][LOCAL_IP <-> REMOTE_IP] ikev2_packet_v1_start: Passing IKE v1.0 packet to IKEv1 library [Oct 14 10:53:23][LOCAL_IP <-> REMOTE_IP] ike_get_sa: Start, SA = { d9122f71 5dc6849a - 3adedbe0 aab57f71 } / eebfce26, remote = REMOTE_IP:500 [Oct 14 10:53:23][LOCAL_IP <-> REMOTE_IP] ike_sa_find: Found SA = { d9122f71 5dc6849a - 3adedbe0 aab57f71 } [Oct 14 10:53:23][LOCAL_IP <-> REMOTE_IP] ike_alloc_negotiation: Start, SA = { d9122f71 5dc6849a - 3adedbe0 aab57f71} [Oct 14 10:53:23][LOCAL_IP <-> REMOTE_IP] ike_alloc_negotiation: Found slot 1, max 2 [Oct 14 10:53:23][LOCAL_IP <-> REMOTE_IP] :500 (Responder) <-> REMOTE_IP:500 { d9122f71 5dc6849a - 3adedbe0 aab57f71 [1] / 0xeebfce26 } Info; New informational negotiation [Oct 14 10:53:23][LOCAL_IP <-> REMOTE_IP] :500 (Responder) <-> REMOTE_IP:500 { d9122f71 5dc6849a - 3adedbe0 aab57f71 [1] / 0xeebfce26 } Info; Packet to old negotiation [Oct 14 10:53:23][LOCAL_IP <-> REMOTE_IP] :500 (Responder) <-> REMOTE_IP:500 { d9122f71 5dc6849a - 3adedbe0 aab57f71 [1] / 0xeebfce26 } Info; Output of phase 2 IV hash[16] = 0xce354310 b45895c3 f6b9066a 019f666d [Oct 14 10:53:23][LOCAL_IP <-> REMOTE_IP] ike_decode_packet: Start [Oct 14 10:53:23][LOCAL_IP <-> REMOTE_IP] ike_decode_packet: Start, SA = { d9122f71 5dc6849a - 3adedbe0 aab57f71} / eebfce26, nego = 1 [Oct 14 10:53:23][LOCAL_IP <-> REMOTE_IP] ike_decode_packet: Decrypting packet [Oct 14 10:53:23][LOCAL_IP <-> REMOTE_IP] :500 (Responder) <-> REMOTE_IP:500 { d9122f71 5dc6849a - 3adedbe0 aab57f71 [1] / 0xeebfce26 } Info; Version = 1.0, Input packet fields = 0220 HASH N [Oct 14 10:53:23][LOCAL_IP <-> REMOTE_IP] ike_state_step: Current state = Done (30)/-1, exchange = 5, auth_method = any, Responder [Oct 14 10:53:23][LOCAL_IP <-> REMOTE_IP] ike_st_i_encrypt: Check that packet was encrypted succeeded [Oct 14 10:53:23][LOCAL_IP <-> REMOTE_IP] ike_st_i_gen_hash: Start, hash[0..20] = 3d6c7c07 767154bb ... [Oct 14 10:53:23][LOCAL_IP <-> REMOTE_IP] ike_st_i_n: Start, doi = 1, protocol = 1, code = Payload malformed (16), spi[0..0] = 00000000 00000000 ..., data[0..0] = 00000000 00000000 ... [Oct 14 10:53:23][LOCAL_IP <-> REMOTE_IP] :500 (Responder) <-> REMOTE_IP:500 { d9122f71 5dc6849a - 3adedbe0 aab57f71 [1] / 0xeebfce26 } Info; Received notify err = Payload malformed (16) to isakmp sa, delete it [Oct 14 10:53:23][LOCAL_IP <-> REMOTE_IP] ike_st_i_private: Start [Oct 14 10:53:23][LOCAL_IP <-> REMOTE_IP] ike_state_step: All done, new state = Done (30) [Oct 14 10:53:23][LOCAL_IP <-> REMOTE_IP] ike_process_packet: Connected, sending notify [Oct 14 10:53:23][LOCAL_IP <-> REMOTE_IP] ike_send_notify: Connected, SA = { d9122f71 5dc6849a - 3adedbe0 aab57f71}, nego = 1 [Oct 14 10:53:23][LOCAL_IP <-> REMOTE_IP] :500 (Responder) <-> REMOTE_IP:500 { d9122f71 5dc6849a - 3adedbe0 aab57f71 [1] / 0xeebfce26 } Info; Connected [Oct 14 10:53:23][LOCAL_IP <-> REMOTE_IP] ike_delete_negotiation: Start, SA = { d9122f71 5dc6849a - 3adedbe0 aab57f71}, nego = 1 [Oct 14 10:53:23][LOCAL_IP <-> REMOTE_IP] :500 (Responder) <-> REMOTE_IP:500 { d9122f71 5dc6849a - 3adedbe0 aab57f71 [1] / 0xeebfce26 } Info; Deleting negotiation [Oct 14 10:53:23][LOCAL_IP <-> REMOTE_IP] ike_free_negotiation_info: Start, nego = 1 [Oct 14 10:53:23][LOCAL_IP <-> REMOTE_IP] ike_free_negotiation: Start, nego = 1 [Oct 14 10:53:23][LOCAL_IP <-> REMOTE_IP] ike_remove_callback: Start, delete SA = { d9122f71 5dc6849a - 3adedbe0 aab57f71}, nego = -1 [Oct 14 10:53:23][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { d9122f71 5dc6849a - 3adedbe0 aab57f71 [-1] / unknown } IP; Removing negotiation [Oct 14 10:53:23][LOCAL_IP <-> REMOTE_IP] ike_delete_negotiation: Start, SA = { d9122f71 5dc6849a - 3adedbe0 aab57f71}, nego = -1 [Oct 14 10:53:23][LOCAL_IP <-> REMOTE_IP] LOCAL_IP:500 (Initiator) <-> REMOTE_IP:500 { d9122f71 5dc6849a - 3adedbe0 aab57f71 [-1] / unknown } IP; Deleting negotiation [Oct 14 10:53:23][LOCAL_IP <-> REMOTE_IP] ssh_ike_tunnel_table_entry_delete: Deleting tunnel_id: 0 from IKE tunnel table [Oct 14 10:53:23][LOCAL_IP <-> REMOTE_IP] ssh_ike_tunnel_table_entry_delete: The tunnel id: 0 doesn't exist in IKE tunnel table [Oct 14 10:53:23][LOCAL_IP <-> REMOTE_IP] ike_sa_delete: Start, SA = { d9122f71 5dc6849a - 3adedbe0 aab57f71 } [Oct 14 10:53:23][LOCAL_IP <-> REMOTE_IP] ike_free_negotiation_cfg: Start, nego = 0 [Oct 14 10:53:23][LOCAL_IP <-> REMOTE_IP] ike_free_negotiation: Start, nego = 0 [Oct 14 10:53:23][LOCAL_IP <-> REMOTE_IP] ike_free_negotiation_isakmp: Start, nego = -1 [Oct 14 10:53:23][LOCAL_IP <-> REMOTE_IP] ike_free_negotiation: Start, nego = -1 [Oct 14 10:53:23][LOCAL_IP <-> REMOTE_IP] ikev2_fb_isakmp_sa_freed: Received notification from the ISAKMP library that the IKE SA df6400 is freed [Oct 14 10:53:23][LOCAL_IP <-> REMOTE_IP] IKE SA delete called for p1 sa 2593440 (ref cnt 1) local:LOCAL_IP, remote:REMOTE_IP, IKEv1 [Oct 14 10:53:23][LOCAL_IP <-> REMOTE_IP] P1 SA 2593440 stop timer. timer duration 30, reason 0. [Oct 14 10:53:23][LOCAL_IP <-> REMOTE_IP] iked_pm_p1_sa_destroy: p1 sa 2593440 (ref cnt 0), waiting_for_del 0x0 [Oct 14 10:53:23][LOCAL_IP <-> REMOTE_IP] iked_peer_remove_p1sa_entry: Remove p1 sa 2593440 from peer entry 0x9cc400 [Oct 14 10:53:23][LOCAL_IP <-> REMOTE_IP] ike_free_id_payload: Start, id type = 1 [Oct 14 10:53:23][LOCAL_IP <-> REMOTE_IP] ike_free_id_payload: Start, id type = 1 [Oct 14 10:53:23][LOCAL_IP <-> REMOTE_IP] ike_free_sa: Start