hay@srx-hay# ...erface fe-0/0/0 no-resolve extensive matching udp Address resolution is OFF. Listening on fe-0/0/0, capture size 1514 bytes 13:59:39.344931 Out Juniper PCAP Flags [Ext], PCAP Extension(s) total length 16 Device Media Type Extension TLV #3, length 1, value: Ethernet (1) Logical Interface Encapsulation Extension TLV #6, length 1, value: Ethernet (14) Device Interface Index Extension TLV #1, length 2, value: 34304 Logical Interface Index Extension TLV #4, length 4, value: 72 -----original packet----- 08:81:f4:1d:27:c0 > 78:f5:fd:a9:6c:aa, ethertype IPv4 (0x0800), length 554: (tos 0xc0, ttl 64, id 40759, offset 0, flags [none], proto: UDP (17), length: 540) 172.20.20.2.500 > 195.234.177.218.29580: [udp sum ok] isakmp 1.0 msgid 00000000 cookie 637a804b0c73caac->cd71c9f0b94fe1da: phase 1 ? agg: (sa: doi=ipsec situation=identity (p: #1 protoid=isakmp transform=1 (t: #1 id=ike (type=enc value=0007)(type=keylen value=0080)(type=hash value=sha1)(type=auth value=fde9)(type=group desc value=modp1024)(type=lifetype value=sec)(type=lifeduration value=7044)))) (ke: key len=128) (nonce: n len=16) (id: idtype=IPv4 protoid=ip port=0 len=4 172.20.20.2) (hash: len=20) (vid: len=16) (vid: len=16) (vid: len=16) (vid: len=16) (vid: len=16) (vid: len=16) (vid: len=16) (vid: len=16) (vid: len=28) (#130) (#130) 13:59:40.386870 In Juniper PCAP Flags [Ext, no-L2, In], PCAP Extension(s) total length 16 Device Media Type Extension TLV #3, length 1, value: Ethernet (1) Logical Interface Encapsulation Extension TLV #6, length 1, value: Ethernet (14) Device Interface Index Extension TLV #1, length 2, value: 34304 Logical Interface Index Extension TLV #4, length 4, value: 72 -----original packet----- PFE proto 2 (ipv4): (tos 0x0, ttl 118, id 12573, offset 0, flags [none], proto: UDP (17), length: 414) 195.234.177.218.29580 > 172.20.20.2.500: [udp sum ok] isakmp 1.0 msgid 00000000 cookie b56518b732e1e601->0000000000000000: phase 1 I agg: (sa: doi=ipsec situation=identity (p: #1 protoid=isakmp transform=1 (t: #1 id=ike (type=enc value=0007)(type=keylen value=0080)(type=hash value=sha1)(type=auth value=fde9)(type=group desc value=modp1024)(type=lifetype value=sec)(type=lifeduration value=7044)))) (vid: len=16) (vid: len=8) (vid: len=16) (vid: len=16) (ke: key len=128) (nonce: n len=64) (id: idtype=FQDN protoid=udp port=0) (vid: len=18) 13:59:40.405541 Out Juniper PCAP Flags [Ext], PCAP Extension(s) total length 16 Device Media Type Extension TLV #3, length 1, value: Ethernet (1) Logical Interface Encapsulation Extension TLV #6, length 1, value: Ethernet (14) Device Interface Index Extension TLV #1, length 2, value: 34304 Logical Interface Index Extension TLV #4, length 4, value: 72 -----original packet----- 08:81:f4:1d:27:c0 > 78:f5:fd:a9:6c:aa, ethertype IPv4 (0x0800), length 554: (tos 0xc0, ttl 64, id 40761, offset 0, flags [none], proto: UDP (17), length: 540) 172.20.20.2.500 > 195.234.177.218.29580: [udp sum ok] isakmp 1.0 msgid 00000000 cookie b56518b732e1e601->ddd71011a09cf516: phase 1 R agg: (sa: doi=ipsec situation=identity (p: #1 protoid=isakmp transform=1 (t: #1 id=ike (type=enc value=0007)(type=keylen value=0080)(type=hash value=sha1)(type=auth value=fde9)(type=group desc value=modp1024)(type=lifetype value=sec)(type=lifeduration value=7044)))) (ke: key len=128) (nonce: n len=16) (id: idtype=IPv4 protoid=ip port=0 len=4 172.20.20.2) (hash: len=20) (vid: len=16) (vid: len=16) (vid: len=16) (vid: len=16) (vid: len=16) (vid: len=16) (vid: len=16) (vid: len=16) (vid: len=28) (#130) (#130) 13:59:41.450489 In Juniper PCAP Flags [Ext, no-L2, In], PCAP Extension(s) total length 16 Device Media Type Extension TLV #3, length 1, value: Ethernet (1) Logical Interface Encapsulation Extension TLV #6, length 1, value: Ethernet (14) Device Interface Index Extension TLV #1, length 2, value: 34304 Logical Interface Index Extension TLV #4, length 4, value: 72 -----original packet----- PFE proto 2 (ipv4): (tos 0x0, ttl 118, id 12886, offset 0, flags [none], proto: UDP (17), length: 414) 195.234.177.218.29580 > 172.20.20.2.500: [udp sum ok] isakmp 1.0 msgid 00000000 cookie b56518b732e1e601->0000000000000000: phase 1 I agg: (sa: doi=ipsec situation=identity (p: #1 protoid=isakmp transform=1 (t: #1 id=ike (type=enc value=0007)(type=keylen value=0080)(type=hash value=sha1)(type=auth value=fde9)(type=group desc value=modp1024)(type=lifetype value=sec)(type=lifeduration value=7044)))) (vid: len=16) (vid: len=8) (vid: len=16) (vid: len=16) (ke: key len=128) (nonce: n len=64) (id: idtype=FQDN protoid=udp port=0) (vid: len=18) 13:59:43.503133 In Juniper PCAP Flags [Ext, no-L2, In], PCAP Extension(s) total length 16 Device Media Type Extension TLV #3, length 1, value: Ethernet (1) Logical Interface Encapsulation Extension TLV #6, length 1, value: Ethernet (14) Device Interface Index Extension TLV #1, length 2, value: 34304 Logical Interface Index Extension TLV #4, length 4, value: 72 -----original packet----- PFE proto 2 (ipv4): (tos 0x0, ttl 118, id 13448, offset 0, flags [none], proto: UDP (17), length: 414) 195.234.177.218.29580 > 172.20.20.2.500: [udp sum ok] isakmp 1.0 msgid 00000000 cookie b56518b732e1e601->0000000000000000: phase 1 I agg: (sa: doi=ipsec situation=identity (p: #1 protoid=isakmp transform=1 (t: #1 id=ike (type=enc value=0007)(type=keylen value=0080)(type=hash value=sha1)(type=auth value=fde9)(type=group desc value=modp1024)(type=lifetype value=sec)(type=lifeduration value=7044)))) (vid: len=16) (vid: len=8) (vid: len=16) (vid: len=16) (ke: key len=128) (nonce: n len=64) (id: idtype=FQDN protoid=udp port=0) (vid: len=18) 13:59:47.621208 In Juniper PCAP Flags [Ext, no-L2, In], PCAP Extension(s) total length 16 Device Media Type Extension TLV #3, length 1, value: Ethernet (1) Logical Interface Encapsulation Extension TLV #6, length 1, value: Ethernet (14) Device Interface Index Extension TLV #1, length 2, value: 34304 Logical Interface Index Extension TLV #4, length 4, value: 72 -----original packet----- PFE proto 2 (ipv4): (tos 0x0, ttl 118, id 14507, offset 0, flags [none], proto: UDP (17), length: 414) 195.234.177.218.29580 > 172.20.20.2.500: [udp sum ok] isakmp 1.0 msgid 00000000 cookie b56518b732e1e601->0000000000000000: phase 1 I agg: (sa: doi=ipsec situation=identity (p: #1 protoid=isakmp transform=1 (t: #1 id=ike (type=enc value=0007)(type=keylen value=0080)(type=hash value=sha1)(type=auth value=fde9)(type=group desc value=modp1024)(type=lifetype value=sec)(type=lifeduration value=7044)))) (vid: len=16) (vid: len=8) (vid: len=16) (vid: len=16) (ke: key len=128) (nonce: n len=64) (id: idtype=FQDN protoid=udp port=0) (vid: len=18) ^C 34 packets received by filter 0 packets dropped by kernel ========================================= hay@srx-hay# ...erface fe-0/0/0 no-resolve extensive matching udp wr ^ syntax error.