Hello,
Please, excuse me if a similar question has been asked already. Since few days I am trying to establish Dial-up VPN connection to my SSG 5 (Hardware Version: 710(0); Firmware Version: 6.3.0r16a.0 (Firewall+VPN)), but I am not able to. As per the logs I can see that the connection drops on the 1st phase. Please find below the debug output from the client:
14/03/03 11:55:18 ii : opened 'C:\Program Files\ShrewSoft\VPN Client\debug\iked.log'
14/03/03 11:55:18 ii : opened 'C:\Program Files\ShrewSoft\VPN Client/debug/dump-ike-decrypt.cap'
14/03/03 11:55:18 ii : rebuilding vnet device list ...
14/03/03 11:55:18 ii : device ROOT\VNET\0000 disabled
14/03/03 11:55:18 ii : network process thread begin ...
14/03/03 11:55:18 ii : pfkey process thread begin ...
14/03/03 11:55:18 ii : ipc server process thread begin ...
14/03/03 11:55:20 !! : unable to connect to pfkey interface
14/03/03 11:55:43 ii : ipc client process thread begin ...
14/03/03 11:55:43 <A : peer config add message
14/03/03 11:55:43 <A : proposal config message
14/03/03 11:55:43 <A : proposal config message
14/03/03 11:55:43 <A : client config message
14/03/03 11:55:43 <A : xauth username message
14/03/03 11:55:43 <A : xauth password message
14/03/03 11:55:43 <A : local id 'user@domain.info' message
14/03/03 11:55:43 <A : preshared key message
14/03/03 11:55:43 <A : remote resource message
14/03/03 11:55:43 <A : remote resource message
14/03/03 11:55:43 <A : peer tunnel enable message
14/03/03 11:55:43 DB : peer added ( obj count = 1 )
14/03/03 11:55:43 ii : local address 172.17.0.101 selected for peer
14/03/03 11:55:43 DB : tunnel added ( obj count = 1 )
14/03/03 11:55:43 DB : new phase1 ( ISAKMP initiator )
14/03/03 11:55:43 DB : exchange type is aggressive
14/03/03 11:55:43 DB : 172.17.0.101:500 <-> XXX.XXX.9.33:500
14/03/03 11:55:43 DB : 35dd198b8accfb17:0000000000000000
14/03/03 11:55:43 DB : phase1 added ( obj count = 1 )
14/03/03 11:55:43 >> : security association payload
14/03/03 11:55:43 >> : - proposal #1 payload
14/03/03 11:55:43 >> : -- transform #1 payload
14/03/03 11:55:43 >> : key exchange payload
14/03/03 11:55:43 >> : nonce payload
14/03/03 11:55:43 >> : identification payload
14/03/03 11:55:43 >> : vendor id payload
14/03/03 11:55:43 ii : local supports XAUTH
14/03/03 11:55:43 >> : vendor id payload
14/03/03 11:55:43 ii : local supports nat-t ( draft v00 )
14/03/03 11:55:43 >> : vendor id payload
14/03/03 11:55:43 ii : local supports nat-t ( draft v01 )
14/03/03 11:55:43 >> : vendor id payload
14/03/03 11:55:43 ii : local supports nat-t ( draft v02 )
14/03/03 11:55:43 >> : vendor id payload
14/03/03 11:55:43 ii : local supports nat-t ( draft v03 )
14/03/03 11:55:43 >> : vendor id payload
14/03/03 11:55:43 ii : local supports nat-t ( rfc )
14/03/03 11:55:43 >> : vendor id payload
14/03/03 11:55:43 ii : local supports FRAGMENTATION
14/03/03 11:55:43 >> : vendor id payload
14/03/03 11:55:43 ii : local is SHREW SOFT compatible
14/03/03 11:55:43 >> : vendor id payload
14/03/03 11:55:43 ii : local is NETSCREEN compatible
14/03/03 11:55:43 >> : vendor id payload
14/03/03 11:55:43 ii : local is SIDEWINDER compatible
14/03/03 11:55:43 >> : vendor id payload
14/03/03 11:55:43 ii : local is CISCO UNITY compatible
14/03/03 11:55:43 >= : cookies 35dd198b8accfb17:0000000000000000
14/03/03 11:55:43 >= : message 00000000
14/03/03 11:55:43 -> : send IKE packet 172.17.0.101:500 -> XXX.XXX.9.33:500 ( 517 bytes )
14/03/03 11:55:43 DB : phase1 resend event scheduled ( ref count = 2 )
14/03/03 11:55:43 <- : recv IKE packet XXX.XXX.9.33:500 -> 172.17.0.101:500 ( 64 bytes )
14/03/03 11:55:43 DB : phase1 found
14/03/03 11:55:43 ii : processing informational packet ( 64 bytes )
14/03/03 11:55:43 =< : cookies 35dd198b8accfb17:761c20972bd23752
14/03/03 11:55:43 =< : message 00000000
14/03/03 11:55:43 << : notification payload
14/03/03 11:55:43 ii : received peer NO-PROPOSAL-CHOSEN notification
14/03/03 11:55:43 ii : - XXX.XXX.9.33:500 -> 172.17.0.101:500
14/03/03 11:55:43 ii : - isakmp spi = 35dd198b8accfb17:761c20972bd23752
14/03/03 11:55:43 ii : - data size 8
14/03/03 11:55:48 -> : resend 1 phase1 packet(s) [0/2] 172.17.0.101:500 -> XXX.XXX.9.33:500
14/03/03 11:55:48 <- : recv IKE packet XXX.XXX.9.33:500 -> 172.17.0.101:500 ( 64 bytes )
14/03/03 11:55:48 DB : phase1 found
14/03/03 11:55:48 ii : processing informational packet ( 64 bytes )
14/03/03 11:55:48 =< : cookies 35dd198b8accfb17:e6d979cd7579a65f
14/03/03 11:55:48 =< : message 00000000
14/03/03 11:55:48 << : notification payload
14/03/03 11:55:48 ii : received peer NO-PROPOSAL-CHOSEN notification
14/03/03 11:55:48 ii : - XXX.XXX.9.33:500 -> 172.17.0.101:500
14/03/03 11:55:48 ii : - isakmp spi = 35dd198b8accfb17:e6d979cd7579a65f
14/03/03 11:55:48 ii : - data size 8
14/03/03 11:55:53 -> : resend 1 phase1 packet(s) [1/2] 172.17.0.101:500 -> XXX.XXX.9.33:500
14/03/03 11:55:53 <- : recv IKE packet XXX.XXX.9.33:500 -> 172.17.0.101:500 ( 64 bytes )
14/03/03 11:55:53 DB : phase1 found
14/03/03 11:55:53 ii : processing informational packet ( 64 bytes )
14/03/03 11:55:53 =< : cookies 35dd198b8accfb17:48b0969bd0486bcf
14/03/03 11:55:53 =< : message 00000000
14/03/03 11:55:53 << : notification payload
14/03/03 11:55:53 ii : received peer NO-PROPOSAL-CHOSEN notification
14/03/03 11:55:53 ii : - XXX.XXX.9.33:500 -> 172.17.0.101:500
14/03/03 11:55:53 ii : - isakmp spi = 35dd198b8accfb17:48b0969bd0486bcf
14/03/03 11:55:53 ii : - data size 8
14/03/03 11:55:58 -> : resend 1 phase1 packet(s) [2/2] 172.17.0.101:500 -> XXX.XXX.9.33:500
14/03/03 11:55:58 <- : recv IKE packet XXX.XXX.9.33:500 -> 172.17.0.101:500 ( 64 bytes )
14/03/03 11:55:58 DB : phase1 found
14/03/03 11:55:58 ii : processing informational packet ( 64 bytes )
14/03/03 11:55:58 =< : cookies 35dd198b8accfb17:bf05f917455d62a4
14/03/03 11:55:58 =< : message 00000000
14/03/03 11:55:58 << : notification payload
14/03/03 11:55:58 ii : received peer NO-PROPOSAL-CHOSEN notification
14/03/03 11:55:58 ii : - XXX.XXX.9.33:500 -> 172.17.0.101:500
14/03/03 11:55:58 ii : - isakmp spi = 35dd198b8accfb17:bf05f917455d62a4
14/03/03 11:55:58 ii : - data size 8
14/03/03 11:56:03 ii : resend limit exceeded for phase1 exchange
14/03/03 11:56:03 ii : phase1 removal before expire time
14/03/03 11:56:03 DB : phase1 deleted ( obj count = 0 )
14/03/03 11:56:03 DB : policy not found
14/03/03 11:56:03 DB : policy not found
14/03/03 11:56:03 DB : policy not found
14/03/03 11:56:03 DB : policy not found
14/03/03 11:56:03 DB : policy not found
14/03/03 11:56:03 DB : policy not found
14/03/03 11:56:03 DB : policy not found
14/03/03 11:56:03 DB : policy not found
14/03/03 11:56:03 DB : removing tunnel config references
14/03/03 11:56:03 DB : removing tunnel phase2 references
14/03/03 11:56:03 DB : removing tunnel phase1 references
14/03/03 11:56:03 DB : tunnel deleted ( obj count = 0 )
14/03/03 11:56:03 DB : removing all peer tunnel references
14/03/03 11:56:03 DB : peer deleted ( obj count = 0 )
14/03/03 11:56:03 ii : ipc client process thread exit ..
Also the debug from the SSG5:
## 2014-03-03 12:03:24 : IKE<XXX.XXX.28.98> ike packet, len 517, action 1
## 2014-03-03 12:03:24 : IKE<XXX.XXX.28.98> Catcher: received 489 bytes from socket.
## 2014-03-03 12:03:24 : IKE<XXX.XXX.28.98> ****** Recv packet if <ethernet0/0> of vsys <Root> ******
## 2014-03-03 12:03:24 : IKE<XXX.XXX.28.98> Catcher: get 489 bytes. src port 500
## 2014-03-03 12:03:24 : IKE<0.0.0.0 > ISAKMP msg: len 489, nxp 1[SA], exch 4[AG], flag 00
## 2014-03-03 12:03:24 : IKE<XXX.XXX.28.98 > Recv : [SA] [KE] [NONCE] [ID] [VID] [VID] [VID] [VID] [VID]
## 2014-03-03 12:03:24 : [VID] [VID] [VID] [VID] [VID] [VID]
## 2014-03-03 12:03:24 : valid id checking, id type:U-FQDN, len:29.
## 2014-03-03 12:03:24 : IKE<0.0.0.0 > Validate (461): SA/56 KE/132 NONCE/24 ID/29 VID/12 VID/20 VID/20 VID/20 VID/20
## 2014-03-03 12:03:24 : IKE<XXX.XXX.28.98> Receive Id in AG mode, id-type=3, id=user@domain.info, idlen = 21
## 2014-03-03 12:03:24 : locate peer entry for (3/user@domain.info), by identity.
## 2014-03-03 12:03:24 : Found identity<user@domain.info> in group <1> user id <1>.
## 2014-03-03 12:03:24 : IKE<XXX.XXX.28.98> Found peer entry (Dialup GW) from XXX.XXX.28.98.
## 2014-03-03 12:03:24 : responder create sa: XXX.XXX.28.98->XXX.XXX.9.33
## 2014-03-03 12:03:24 : init p1sa, pidt = 0x0
## 2014-03-03 12:03:24 : change peer identity for p1 sa, pidt = 0x0
## 2014-03-03 12:03:24 : IKE<0.0.0.0 > peer_identity_create_with_uid: uid<0>
## 2014-03-03 12:03:24 : IKE<0.0.0.0 > create peer identity 0x44bdd00
## 2014-03-03 12:03:24 : IKE<0.0.0.0 > peer_identity_add_to_peer: num entry before add <1>
## 2014-03-03 12:03:24 : IKE<0.0.0.0 > peer_identity_add_to_peer: num entry after add <2>
## 2014-03-03 12:03:24 : peer identity 44bdd00 created.
## 2014-03-03 12:03:24 : IKE<0.0.0.0 > EDIPI disabled
## 2014-03-03 12:03:24 : IKE<XXX.XXX.28.98> getProfileFromP1Proposal->
## 2014-03-03 12:03:24 : IKE<XXX.XXX.28.98> find profile[0]=<00000005 00000002 00000001 00000002> for p1 proposal (id 5), xauth(0)
## 2014-03-03 12:03:24 : IKE<XXX.XXX.28.98> responder create sa: XXX.XXX.28.98->XXX.XXX.9.33
## 2014-03-03 12:03:24 : IKE<XXX.XXX.28.98> Phase 1: Responder starts AGGRESSIVE mode negotiations.
## 2014-03-03 12:03:24 : IKE<XXX.XXX.28.98> AG in state OAK_AG_NOSTATE.
## 2014-03-03 12:03:24 : IKE<XXX.XXX.28.98> Process [VID]:
## 2014-03-03 12:03:24 : IKE<XXX.XXX.28.98 > Vendor ID:
## 2014-03-03 12:03:24 : 09 00 26 89 df d6 b7 12
## 2014-03-03 12:03:24 : IKE<XXX.XXX.28.98> rcv XAUTH v6.0 vid
## 2014-03-03 12:03:24 : IKE<XXX.XXX.28.98> Process [VID]:
## 2014-03-03 12:03:24 : IKE<XXX.XXX.28.98 > Vendor ID:
## 2014-03-03 12:03:24 : 44 85 15 2d 18 b6 bb cd 0b e8 a8 46 95 79 dd cc
## 2014-03-03 12:03:24 : IKE<XXX.XXX.28.98> rcv NAT-Traversal VID payload (draft-ietf-ipsec-nat-t-ike-00).
## 2014-03-03 12:03:24 : IKE<XXX.XXX.28.98> Process [VID]:
## 2014-03-03 12:03:24 : IKE<XXX.XXX.28.98 > Vendor ID:
## 2014-03-03 12:03:24 : 16 f6 ca 16 e4 a4 06 6d 83 82 1a 0f 0a ea a8 62
## 2014-03-03 12:03:24 : IKE<XXX.XXX.28.98> rcv non-NAT-Traversal VID payload.
## 2014-03-03 12:03:24 : IKE<XXX.XXX.28.98> Process [VID]:
## 2014-03-03 12:03:24 : IKE<XXX.XXX.28.98 > Vendor ID:
## 2014-03-03 12:03:24 : 90 cb 80 91 3e bb 69 6e 08 63 81 b5 ec 42 7b 1f
## 2014-03-03 12:03:24 : IKE<XXX.XXX.28.98> rcv NAT-Traversal VID payload (draft-ietf-ipsec-nat-t-ike-02).
## 2014-03-03 12:03:24 : IKE<XXX.XXX.28.98> Process [VID]:
## 2014-03-03 12:03:24 : IKE<XXX.XXX.28.98 > Vendor ID:
## 2014-03-03 12:03:24 : 7d 94 19 a6 53 10 ca 6f 2c 17 9d 92 15 52 9d 56
## 2014-03-03 12:03:24 : IKE<XXX.XXX.28.98> rcv non-NAT-Traversal VID payload.
## 2014-03-03 12:03:24 : IKE<XXX.XXX.28.98> Process [VID]:
## 2014-03-03 12:03:24 : IKE<XXX.XXX.28.98 > Vendor ID:
## 2014-03-03 12:03:24 : 4a 13 1c 81 07 03 58 45 5c 57 28 f2 0e 95 45 2f
## 2014-03-03 12:03:24 : IKE<XXX.XXX.28.98> rcv non-NAT-Traversal VID payload.
## 2014-03-03 12:03:24 : IKE<XXX.XXX.28.98> Process [VID]:
## 2014-03-03 12:03:24 : IKE<XXX.XXX.28.98 > Vendor ID:
## 2014-03-03 12:03:24 : 40 48 b7 d5 6e bc e8 85 25 e7 de 7f 00 d6 c2 d3
## 2014-03-03 12:03:24 : 80 00 00 00
## 2014-03-03 12:03:24 : IKE<XXX.XXX.28.98> receive unknown vendor ID payload
## 2014-03-03 12:03:24 : IKE<XXX.XXX.28.98> Process [VID]:
## 2014-03-03 12:03:24 : IKE<XXX.XXX.28.98 > Vendor ID:
## 2014-03-03 12:03:24 : f1 4b 94 b7 bf f1 fe f0 27 73 b8 c4 9f ed ed 26
## 2014-03-03 12:03:24 : IKE<XXX.XXX.28.98> rcv non-NAT-Traversal VID payload.
## 2014-03-03 12:03:24 : IKE<XXX.XXX.28.98> Process [VID]:
## 2014-03-03 12:03:24 : IKE<XXX.XXX.28.98 > Vendor ID:
## 2014-03-03 12:03:24 : 16 6f 93 2d 55 eb 64 d8 e4 df 4f d3 7e 23 13 f0
## 2014-03-03 12:03:24 : d0 fd 84 51
## 2014-03-03 12:03:24 : IKE<XXX.XXX.28.98> receive unknown vendor ID payload
## 2014-03-03 12:03:24 : IKE<XXX.XXX.28.98> Process [VID]:
## 2014-03-03 12:03:24 : IKE<XXX.XXX.28.98 > Vendor ID:
## 2014-03-03 12:03:24 : 84 04 ad f9 cd a0 57 60 b2 ca 29 2e 4b ff 53 7b
## 2014-03-03 12:03:24 : IKE<XXX.XXX.28.98> rcv non-NAT-Traversal VID payload.
## 2014-03-03 12:03:24 : IKE<XXX.XXX.28.98> Process [VID]:
## 2014-03-03 12:03:24 : IKE<XXX.XXX.28.98 > Vendor ID:
## 2014-03-03 12:03:24 : 12 f5 f2 8c 45 71 68 a9 70 2d 9f e2 74 cc 01 00
## 2014-03-03 12:03:24 : IKE<XXX.XXX.28.98> rcv non-NAT-Traversal VID payload.
## 2014-03-03 12:03:24 : IKE<XXX.XXX.28.98> Process [SA]:
## 2014-03-03 12:03:24 : IKE<XXX.XXX.28.98> Proposal received: xauthflag 1
## 2014-03-03 12:03:24 : IKE<XXX.XXX.28.98> auth(1)<PRESHRD>, encr(5)<3DES>, hash(2)<SHA>, group(2)
## 2014-03-03 12:03:24 : IKE<XXX.XXX.28.98> xauth attribute: initiator
## 2014-03-03 12:03:24 : IKE<XXX.XXX.28.98> [0] expect: xauthflag 0
## 2014-03-03 12:03:24 : IKE<XXX.XXX.28.98> auth(1)<PRESHRD>, encr(5)<3DES>, hash(2)<SHA>, group(2)
## 2014-03-03 12:03:24 : IKE<XXX.XXX.28.98> xauth attribute: disabled
## 2014-03-03 12:03:24 : IKE<XXX.XXX.28.98> Phase 1: Rejected proposals from peer. Negotiations failed.
## 2014-03-03 12:03:24 : IKE<XXX.XXX.28.98> Construct ISAKMP header.
## 2014-03-03 12:03:24 : IKE<XXX.XXX.28.98> Msg header built (next payload #11)
## 2014-03-03 12:03:24 : IKE<XXX.XXX.28.98> Construct [NOTIF]:(NO-PROPOSAL-CHOSEN)
## 2014-03-03 12:03:24 : IKE<XXX.XXX.28.98 > Xmit : [NOTIF]
## 2014-03-03 12:03:24 : IKE<XXX.XXX.28.98> Responder sending IPv4 IP XXX.XXX.28.98/port 500
## 2014-03-03 12:03:24 : IKE<XXX.XXX.28.98> Send Phase 1 packet (len=64)
## 2014-03-03 12:03:24 : IKE<XXX.XXX.28.98> IKE msg done: PKI state<0> IKE state<0/10800>
## 2014-03-03 12:03:29 : IKE<XXX.XXX.28.98> ike packet, len 517, action 1
## 2014-03-03 12:03:29 : IKE<XXX.XXX.28.98> Catcher: received 489 bytes from socket.
## 2014-03-03 12:03:29 : IKE<XXX.XXX.28.98> ****** Recv packet if <ethernet0/0> of vsys <Root> ******
## 2014-03-03 12:03:29 : IKE<XXX.XXX.28.98> Catcher: get 489 bytes. src port 500
## 2014-03-03 12:03:29 : IKE<0.0.0.0 > ISAKMP msg: len 489, nxp 1[SA], exch 4[AG], flag 00
## 2014-03-03 12:03:29 : IKE<XXX.XXX.28.98 > Recv : [SA] [KE] [NONCE] [ID] [VID] [VID] [VID] [VID] [VID]
## 2014-03-03 12:03:29 : [VID] [VID] [VID] [VID] [VID] [VID]
## 2014-03-03 12:03:29 : valid id checking, id type:U-FQDN, len:29.
## 2014-03-03 12:03:29 : IKE<0.0.0.0 > Validate (461): SA/56 KE/132 NONCE/24 ID/29 VID/12 VID/20 VID/20 VID/20 VID/20
## 2014-03-03 12:03:29 : IKE<XXX.XXX.28.98> Receive Id in AG mode, id-type=3, id=user@domain.info, idlen = 21
## 2014-03-03 12:03:29 : locate peer entry for (3/user@domain.info), by identity.
## 2014-03-03 12:03:29 : Found identity<user@domain.info> in group <1> user id <1>.
## 2014-03-03 12:03:29 : IKE<XXX.XXX.28.98> Found peer entry (Dialup GW) from XXX.XXX.28.98.
## 2014-03-03 12:03:29 : responder create sa: XXX.XXX.28.98->XXX.XXX.9.33
## 2014-03-03 12:03:29 : init p1sa, pidt = 0x0
## 2014-03-03 12:03:29 : change peer identity for p1 sa, pidt = 0x0
## 2014-03-03 12:03:29 : IKE<0.0.0.0 > peer_identity_create_with_uid: uid<0>
## 2014-03-03 12:03:29 : IKE<0.0.0.0 > create peer identity 0x44be268
## 2014-03-03 12:03:29 : IKE<0.0.0.0 > peer_identity_add_to_peer: num entry before add <2>
## 2014-03-03 12:03:29 : IKE<0.0.0.0 > peer_identity_add_to_peer: num entry after add <3>
## 2014-03-03 12:03:29 : peer identity 44be268 created.
## 2014-03-03 12:03:29 : IKE<0.0.0.0 > EDIPI disabled
## 2014-03-03 12:03:29 : IKE<XXX.XXX.28.98> getProfileFromP1Proposal->
## 2014-03-03 12:03:29 : IKE<XXX.XXX.28.98> find profile[0]=<00000005 00000002 00000001 00000002> for p1 proposal (id 5), xauth(0)
## 2014-03-03 12:03:29 : IKE<XXX.XXX.28.98> responder create sa: XXX.XXX.28.98->XXX.XXX.9.33
## 2014-03-03 12:03:29 : IKE<XXX.XXX.28.98> Phase 1: Responder starts AGGRESSIVE mode negotiations.
## 2014-03-03 12:03:29 : IKE<XXX.XXX.28.98> AG in state OAK_AG_NOSTATE.
## 2014-03-03 12:03:29 : IKE<XXX.XXX.28.98> Process [VID]:
## 2014-03-03 12:03:29 : IKE<XXX.XXX.28.98 > Vendor ID:
## 2014-03-03 12:03:29 : 09 00 26 89 df d6 b7 12
## 2014-03-03 12:03:29 : IKE<XXX.XXX.28.98> rcv XAUTH v6.0 vid
## 2014-03-03 12:03:29 : IKE<XXX.XXX.28.98> Process [VID]:
## 2014-03-03 12:03:29 : IKE<XXX.XXX.28.98 > Vendor ID:
## 2014-03-03 12:03:29 : 44 85 15 2d 18 b6 bb cd 0b e8 a8 46 95 79 dd cc
## 2014-03-03 12:03:29 : IKE<XXX.XXX.28.98> rcv NAT-Traversal VID payload (draft-ietf-ipsec-nat-t-ike-00).
## 2014-03-03 12:03:29 : IKE<XXX.XXX.28.98> Process [VID]:
## 2014-03-03 12:03:29 : IKE<XXX.XXX.28.98 > Vendor ID:
## 2014-03-03 12:03:29 : 16 f6 ca 16 e4 a4 06 6d 83 82 1a 0f 0a ea a8 62
## 2014-03-03 12:03:29 : IKE<XXX.XXX.28.98> rcv non-NAT-Traversal VID payload.
## 2014-03-03 12:03:29 : IKE<XXX.XXX.28.98> Process [VID]:
## 2014-03-03 12:03:29 : IKE<XXX.XXX.28.98 > Vendor ID:
## 2014-03-03 12:03:29 : 90 cb 80 91 3e bb 69 6e 08 63 81 b5 ec 42 7b 1f
## 2014-03-03 12:03:29 : IKE<XXX.XXX.28.98> rcv NAT-Traversal VID payload (draft-ietf-ipsec-nat-t-ike-02).
## 2014-03-03 12:03:29 : IKE<XXX.XXX.28.98> Process [VID]:
## 2014-03-03 12:03:29 : IKE<XXX.XXX.28.98 > Vendor ID:
## 2014-03-03 12:03:29 : 7d 94 19 a6 53 10 ca 6f 2c 17 9d 92 15 52 9d 56
## 2014-03-03 12:03:29 : IKE<XXX.XXX.28.98> rcv non-NAT-Traversal VID payload.
## 2014-03-03 12:03:29 : IKE<XXX.XXX.28.98> Process [VID]:
## 2014-03-03 12:03:29 : IKE<XXX.XXX.28.98 > Vendor ID:
## 2014-03-03 12:03:29 : 4a 13 1c 81 07 03 58 45 5c 57 28 f2 0e 95 45 2f
## 2014-03-03 12:03:29 : IKE<XXX.XXX.28.98> rcv non-NAT-Traversal VID payload.
## 2014-03-03 12:03:29 : IKE<XXX.XXX.28.98> Process [VID]:
## 2014-03-03 12:03:29 : IKE<XXX.XXX.28.98 > Vendor ID:
## 2014-03-03 12:03:29 : 40 48 b7 d5 6e bc e8 85 25 e7 de 7f 00 d6 c2 d3
## 2014-03-03 12:03:29 : 80 00 00 00
## 2014-03-03 12:03:29 : IKE<XXX.XXX.28.98> receive unknown vendor ID payload
## 2014-03-03 12:03:29 : IKE<XXX.XXX.28.98> Process [VID]:
## 2014-03-03 12:03:29 : IKE<XXX.XXX.28.98 > Vendor ID:
## 2014-03-03 12:03:29 : f1 4b 94 b7 bf f1 fe f0 27 73 b8 c4 9f ed ed 26
## 2014-03-03 12:03:29 : IKE<XXX.XXX.28.98> rcv non-NAT-Traversal VID payload.
## 2014-03-03 12:03:29 : IKE<XXX.XXX.28.98> Process [VID]:
## 2014-03-03 12:03:29 : IKE<XXX.XXX.28.98 > Vendor ID:
## 2014-03-03 12:03:29 : 16 6f 93 2d 55 eb 64 d8 e4 df 4f d3 7e 23 13 f0
## 2014-03-03 12:03:29 : d0 fd 84 51
## 2014-03-03 12:03:29 : IKE<XXX.XXX.28.98> receive unknown vendor ID payload
## 2014-03-03 12:03:29 : IKE<XXX.XXX.28.98> Process [VID]:
## 2014-03-03 12:03:29 : IKE<XXX.XXX.28.98 > Vendor ID:
## 2014-03-03 12:03:29 : 84 04 ad f9 cd a0 57 60 b2 ca 29 2e 4b ff 53 7b
## 2014-03-03 12:03:29 : IKE<XXX.XXX.28.98> rcv non-NAT-Traversal VID payload.
## 2014-03-03 12:03:29 : IKE<XXX.XXX.28.98> Process [VID]:
## 2014-03-03 12:03:29 : IKE<XXX.XXX.28.98 > Vendor ID:
## 2014-03-03 12:03:29 : 12 f5 f2 8c 45 71 68 a9 70 2d 9f e2 74 cc 01 00
## 2014-03-03 12:03:29 : IKE<XXX.XXX.28.98> rcv non-NAT-Traversal VID payload.
## 2014-03-03 12:03:29 : IKE<XXX.XXX.28.98> Process [SA]:
## 2014-03-03 12:03:29 : IKE<XXX.XXX.28.98> Proposal received: xauthflag 1
## 2014-03-03 12:03:29 : IKE<XXX.XXX.28.98> auth(1)<PRESHRD>, encr(5)<3DES>, hash(2)<SHA>, group(2)
## 2014-03-03 12:03:29 : IKE<XXX.XXX.28.98> xauth attribute: initiator
## 2014-03-03 12:03:29 : IKE<XXX.XXX.28.98> [0] expect: xauthflag 0
## 2014-03-03 12:03:29 : IKE<XXX.XXX.28.98> auth(1)<PRESHRD>, encr(5)<3DES>, hash(2)<SHA>, group(2)
## 2014-03-03 12:03:29 : IKE<XXX.XXX.28.98> xauth attribute: disabled
## 2014-03-03 12:03:29 : IKE<XXX.XXX.28.98> Phase 1: Rejected proposals from peer. Negotiations failed.
## 2014-03-03 12:03:29 : IKE<XXX.XXX.28.98> Construct ISAKMP header.
## 2014-03-03 12:03:29 : IKE<XXX.XXX.28.98> Msg header built (next payload #11)
## 2014-03-03 12:03:29 : IKE<XXX.XXX.28.98> Construct [NOTIF]:(NO-PROPOSAL-CHOSEN)
## 2014-03-03 12:03:29 : IKE<XXX.XXX.28.98 > Xmit : [NOTIF]
## 2014-03-03 12:03:29 : IKE<XXX.XXX.28.98> Responder sending IPv4 IP XXX.XXX.28.98/port 500
## 2014-03-03 12:03:29 : IKE<XXX.XXX.28.98> Send Phase 1 packet (len=64)
## 2014-03-03 12:03:29 : IKE<XXX.XXX.28.98> IKE msg done: PKI state<0> IKE state<0/10800>
## 2014-03-03 12:03:34 : IKE<XXX.XXX.28.98> ike packet, len 517, action 1
## 2014-03-03 12:03:34 : IKE<XXX.XXX.28.98> Catcher: received 489 bytes from socket.
## 2014-03-03 12:03:34 : IKE<XXX.XXX.28.98> ****** Recv packet if <ethernet0/0> of vsys <Root> ******
## 2014-03-03 12:03:34 : IKE<XXX.XXX.28.98> Catcher: get 489 bytes. src port 500
## 2014-03-03 12:03:34 : IKE<0.0.0.0 > ISAKMP msg: len 489, nxp 1[SA], exch 4[AG], flag 00
## 2014-03-03 12:03:34 : IKE<XXX.XXX.28.98 > Recv : [SA] [KE] [NONCE] [ID] [VID] [VID] [VID] [VID] [VID]
## 2014-03-03 12:03:34 : [VID] [VID] [VID] [VID] [VID] [VID]
## 2014-03-03 12:03:34 : valid id checking, id type:U-FQDN, len:29.
## 2014-03-03 12:03:34 : IKE<0.0.0.0 > Validate (461): SA/56 KE/132 NONCE/24 ID/29 VID/12 VID/20 VID/20 VID/20 VID/20
## 2014-03-03 12:03:34 : IKE<XXX.XXX.28.98> Receive Id in AG mode, id-type=3, id=user@domain.info, idlen = 21
## 2014-03-03 12:03:34 : locate peer entry for (3/user@domain.info), by identity.
## 2014-03-03 12:03:34 : Found identity<user@domain.info> in group <1> user id <1>.
## 2014-03-03 12:03:34 : IKE<XXX.XXX.28.98> Found peer entry (Dialup GW) from XXX.XXX.28.98.
## 2014-03-03 12:03:34 : responder create sa: XXX.XXX.28.98->XXX.XXX.9.33
## 2014-03-03 12:03:34 : init p1sa, pidt = 0x0
## 2014-03-03 12:03:34 : change peer identity for p1 sa, pidt = 0x0
## 2014-03-03 12:03:34 : IKE<0.0.0.0 > peer_identity_create_with_uid: uid<0>
## 2014-03-03 12:03:34 : IKE<0.0.0.0 > create peer identity 0x44be51c
## 2014-03-03 12:03:34 : IKE<0.0.0.0 > peer_identity_add_to_peer: num entry before add <3>
## 2014-03-03 12:03:34 : IKE<0.0.0.0 > peer_identity_add_to_peer: num entry after add <4>
## 2014-03-03 12:03:34 : peer identity 44be51c created.
## 2014-03-03 12:03:34 : IKE<0.0.0.0 > EDIPI disabled
## 2014-03-03 12:03:34 : IKE<XXX.XXX.28.98> getProfileFromP1Proposal->
## 2014-03-03 12:03:34 : IKE<XXX.XXX.28.98> find profile[0]=<00000005 00000002 00000001 00000002> for p1 proposal (id 5), xauth(0)
## 2014-03-03 12:03:34 : IKE<XXX.XXX.28.98> responder create sa: XXX.XXX.28.98->XXX.XXX.9.33
## 2014-03-03 12:03:34 : IKE<XXX.XXX.28.98> Phase 1: Responder starts AGGRESSIVE mode negotiations.
## 2014-03-03 12:03:34 : IKE<XXX.XXX.28.98> AG in state OAK_AG_NOSTATE.
## 2014-03-03 12:03:34 : IKE<XXX.XXX.28.98> Process [VID]:
## 2014-03-03 12:03:34 : IKE<XXX.XXX.28.98 > Vendor ID:
## 2014-03-03 12:03:34 : 09 00 26 89 df d6 b7 12
## 2014-03-03 12:03:34 : IKE<XXX.XXX.28.98> rcv XAUTH v6.0 vid
## 2014-03-03 12:03:34 : IKE<XXX.XXX.28.98> Process [VID]:
## 2014-03-03 12:03:34 : IKE<XXX.XXX.28.98 > Vendor ID:
## 2014-03-03 12:03:34 : 44 85 15 2d 18 b6 bb cd 0b e8 a8 46 95 79 dd cc
## 2014-03-03 12:03:34 : IKE<XXX.XXX.28.98> rcv NAT-Traversal VID payload (draft-ietf-ipsec-nat-t-ike-00).
## 2014-03-03 12:03:34 : IKE<XXX.XXX.28.98> Process [VID]:
## 2014-03-03 12:03:34 : IKE<XXX.XXX.28.98 > Vendor ID:
## 2014-03-03 12:03:34 : 16 f6 ca 16 e4 a4 06 6d 83 82 1a 0f 0a ea a8 62
## 2014-03-03 12:03:34 : IKE<XXX.XXX.28.98> rcv non-NAT-Traversal VID payload.
## 2014-03-03 12:03:34 : IKE<XXX.XXX.28.98> Process [VID]:
## 2014-03-03 12:03:34 : IKE<XXX.XXX.28.98 > Vendor ID:
## 2014-03-03 12:03:34 : 90 cb 80 91 3e bb 69 6e 08 63 81 b5 ec 42 7b 1f
## 2014-03-03 12:03:34 : IKE<XXX.XXX.28.98> rcv NAT-Traversal VID payload (draft-ietf-ipsec-nat-t-ike-02).
## 2014-03-03 12:03:34 : IKE<XXX.XXX.28.98> Process [VID]:
## 2014-03-03 12:03:34 : IKE<XXX.XXX.28.98 > Vendor ID:
## 2014-03-03 12:03:34 : 7d 94 19 a6 53 10 ca 6f 2c 17 9d 92 15 52 9d 56
## 2014-03-03 12:03:34 : IKE<XXX.XXX.28.98> rcv non-NAT-Traversal VID payload.
## 2014-03-03 12:03:34 : IKE<XXX.XXX.28.98> Process [VID]:
## 2014-03-03 12:03:34 : IKE<XXX.XXX.28.98 > Vendor ID:
## 2014-03-03 12:03:34 : 4a 13 1c 81 07 03 58 45 5c 57 28 f2 0e 95 45 2f
## 2014-03-03 12:03:34 : IKE<XXX.XXX.28.98> rcv non-NAT-Traversal VID payload.
## 2014-03-03 12:03:34 : IKE<XXX.XXX.28.98> Process [VID]:
## 2014-03-03 12:03:34 : IKE<XXX.XXX.28.98 > Vendor ID:
## 2014-03-03 12:03:34 : 40 48 b7 d5 6e bc e8 85 25 e7 de 7f 00 d6 c2 d3
## 2014-03-03 12:03:34 : 80 00 00 00
## 2014-03-03 12:03:34 : IKE<XXX.XXX.28.98> receive unknown vendor ID payload
## 2014-03-03 12:03:34 : IKE<XXX.XXX.28.98> Process [VID]:
## 2014-03-03 12:03:34 : IKE<XXX.XXX.28.98 > Vendor ID:
## 2014-03-03 12:03:34 : f1 4b 94 b7 bf f1 fe f0 27 73 b8 c4 9f ed ed 26
## 2014-03-03 12:03:34 : IKE<XXX.XXX.28.98> rcv non-NAT-Traversal VID payload.
## 2014-03-03 12:03:34 : IKE<XXX.XXX.28.98> Process [VID]:
## 2014-03-03 12:03:34 : IKE<XXX.XXX.28.98 > Vendor ID:
## 2014-03-03 12:03:34 : 16 6f 93 2d 55 eb 64 d8 e4 df 4f d3 7e 23 13 f0
## 2014-03-03 12:03:34 : d0 fd 84 51
## 2014-03-03 12:03:34 : IKE<XXX.XXX.28.98> receive unknown vendor ID payload
## 2014-03-03 12:03:34 : IKE<XXX.XXX.28.98> Process [VID]:
## 2014-03-03 12:03:34 : IKE<XXX.XXX.28.98 > Vendor ID:
## 2014-03-03 12:03:34 : 84 04 ad f9 cd a0 57 60 b2 ca 29 2e 4b ff 53 7b
## 2014-03-03 12:03:34 : IKE<XXX.XXX.28.98> rcv non-NAT-Traversal VID payload.
## 2014-03-03 12:03:34 : IKE<XXX.XXX.28.98> Process [VID]:
## 2014-03-03 12:03:34 : IKE<XXX.XXX.28.98 > Vendor ID:
## 2014-03-03 12:03:34 : 12 f5 f2 8c 45 71 68 a9 70 2d 9f e2 74 cc 01 00
## 2014-03-03 12:03:34 : IKE<XXX.XXX.28.98> rcv non-NAT-Traversal VID payload.
## 2014-03-03 12:03:34 : IKE<XXX.XXX.28.98> Process [SA]:
## 2014-03-03 12:03:34 : IKE<XXX.XXX.28.98> Proposal received: xauthflag 1
## 2014-03-03 12:03:34 : IKE<XXX.XXX.28.98> auth(1)<PRESHRD>, encr(5)<3DES>, hash(2)<SHA>, group(2)
## 2014-03-03 12:03:34 : IKE<XXX.XXX.28.98> xauth attribute: initiator
## 2014-03-03 12:03:34 : IKE<XXX.XXX.28.98> [0] expect: xauthflag 0
## 2014-03-03 12:03:34 : IKE<XXX.XXX.28.98> auth(1)<PRESHRD>, encr(5)<3DES>, hash(2)<SHA>, group(2)
## 2014-03-03 12:03:34 : IKE<XXX.XXX.28.98> xauth attribute: disabled
## 2014-03-03 12:03:34 : IKE<XXX.XXX.28.98> Phase 1: Rejected proposals from peer. Negotiations failed.
## 2014-03-03 12:03:34 : IKE<XXX.XXX.28.98> Construct ISAKMP header.
## 2014-03-03 12:03:34 : IKE<XXX.XXX.28.98> Msg header built (next payload #11)
## 2014-03-03 12:03:34 : IKE<XXX.XXX.28.98> Construct [NOTIF]:(NO-PROPOSAL-CHOSEN)
## 2014-03-03 12:03:34 : IKE<XXX.XXX.28.98 > Xmit : [NOTIF]
## 2014-03-03 12:03:34 : IKE<XXX.XXX.28.98> Responder sending IPv4 IP XXX.XXX.28.98/port 500
## 2014-03-03 12:03:34 : IKE<XXX.XXX.28.98> Send Phase 1 packet (len=64)
## 2014-03-03 12:03:34 : IKE<XXX.XXX.28.98> IKE msg done: PKI state<0> IKE state<0/10800>
## 2014-03-03 12:03:39 : IKE<XXX.XXX.28.98> ike packet, len 517, action 1
## 2014-03-03 12:03:39 : IKE<XXX.XXX.28.98> Catcher: received 489 bytes from socket.
## 2014-03-03 12:03:39 : IKE<XXX.XXX.28.98> ****** Recv packet if <ethernet0/0> of vsys <Root> ******
## 2014-03-03 12:03:39 : IKE<XXX.XXX.28.98> Catcher: get 489 bytes. src port 500
## 2014-03-03 12:03:39 : IKE<0.0.0.0 > ISAKMP msg: len 489, nxp 1[SA], exch 4[AG], flag 00
## 2014-03-03 12:03:39 : IKE<XXX.XXX.28.98 > Recv : [SA] [KE] [NONCE] [ID] [VID] [VID] [VID] [VID] [VID]
## 2014-03-03 12:03:39 : [VID] [VID] [VID] [VID] [VID] [VID]
## 2014-03-03 12:03:39 : valid id checking, id type:U-FQDN, len:29.
## 2014-03-03 12:03:39 : IKE<0.0.0.0 > Validate (461): SA/56 KE/132 NONCE/24 ID/29 VID/12 VID/20 VID/20 VID/20 VID/20
## 2014-03-03 12:03:39 : IKE<XXX.XXX.28.98> Receive Id in AG mode, id-type=3, id=user@domain.info, idlen = 21
## 2014-03-03 12:03:39 : locate peer entry for (3/user@domain.info), by identity.
## 2014-03-03 12:03:39 : Found identity<user@domain.info> in group <1> user id <1>.
## 2014-03-03 12:03:39 : IKE<XXX.XXX.28.98> Found peer entry (Dialup GW) from XXX.XXX.28.98.
## 2014-03-03 12:03:39 : responder create sa: XXX.XXX.28.98->XXX.XXX.9.33
## 2014-03-03 12:03:39 : init p1sa, pidt = 0x0
## 2014-03-03 12:03:39 : change peer identity for p1 sa, pidt = 0x0
## 2014-03-03 12:03:39 : IKE<0.0.0.0 > peer_identity_create_with_uid: uid<0>
## 2014-03-03 12:03:39 : IKE<0.0.0.0 > create peer identity 0x44be7d0
## 2014-03-03 12:03:39 : IKE<0.0.0.0 > peer_identity_add_to_peer: num entry before add <4>
## 2014-03-03 12:03:39 : IKE<0.0.0.0 > peer_identity_add_to_peer: num entry after add <5>
## 2014-03-03 12:03:39 : peer identity 44be7d0 created.
## 2014-03-03 12:03:39 : IKE<0.0.0.0 > EDIPI disabled
## 2014-03-03 12:03:39 : IKE<XXX.XXX.28.98> getProfileFromP1Proposal->
## 2014-03-03 12:03:39 : IKE<XXX.XXX.28.98> find profile[0]=<00000005 00000002 00000001 00000002> for p1 proposal (id 5), xauth(0)
## 2014-03-03 12:03:39 : IKE<XXX.XXX.28.98> responder create sa: XXX.XXX.28.98->XXX.XXX.9.33
## 2014-03-03 12:03:39 : IKE<XXX.XXX.28.98> Phase 1: Responder starts AGGRESSIVE mode negotiations.
## 2014-03-03 12:03:39 : IKE<XXX.XXX.28.98> AG in state OAK_AG_NOSTATE.
## 2014-03-03 12:03:39 : IKE<XXX.XXX.28.98> Process [VID]:
## 2014-03-03 12:03:39 : IKE<XXX.XXX.28.98 > Vendor ID:
## 2014-03-03 12:03:39 : 09 00 26 89 df d6 b7 12
## 2014-03-03 12:03:39 : IKE<XXX.XXX.28.98> rcv XAUTH v6.0 vid
## 2014-03-03 12:03:39 : IKE<XXX.XXX.28.98> Process [VID]:
## 2014-03-03 12:03:39 : IKE<XXX.XXX.28.98 > Vendor ID:
## 2014-03-03 12:03:39 : 44 85 15 2d 18 b6 bb cd 0b e8 a8 46 95 79 dd cc
## 2014-03-03 12:03:39 : IKE<XXX.XXX.28.98> rcv NAT-Traversal VID payload (draft-ietf-ipsec-nat-t-ike-00).
## 2014-03-03 12:03:39 : IKE<XXX.XXX.28.98> Process [VID]:
## 2014-03-03 12:03:39 : IKE<XXX.XXX.28.98 > Vendor ID:
## 2014-03-03 12:03:39 : 16 f6 ca 16 e4 a4 06 6d 83 82 1a 0f 0a ea a8 62
## 2014-03-03 12:03:39 : IKE<XXX.XXX.28.98> rcv non-NAT-Traversal VID payload.
## 2014-03-03 12:03:39 : IKE<XXX.XXX.28.98> Process [VID]:
## 2014-03-03 12:03:39 : IKE<XXX.XXX.28.98 > Vendor ID:
## 2014-03-03 12:03:39 : 90 cb 80 91 3e bb 69 6e 08 63 81 b5 ec 42 7b 1f
## 2014-03-03 12:03:39 : IKE<XXX.XXX.28.98> rcv NAT-Traversal VID payload (draft-ietf-ipsec-nat-t-ike-02).
## 2014-03-03 12:03:39 : IKE<XXX.XXX.28.98> Process [VID]:
## 2014-03-03 12:03:39 : IKE<XXX.XXX.28.98 > Vendor ID:
## 2014-03-03 12:03:39 : 7d 94 19 a6 53 10 ca 6f 2c 17 9d 92 15 52 9d 56
## 2014-03-03 12:03:39 : IKE<XXX.XXX.28.98> rcv non-NAT-Traversal VID payload.
## 2014-03-03 12:03:39 : IKE<XXX.XXX.28.98> Process [VID]:
## 2014-03-03 12:03:39 : IKE<XXX.XXX.28.98 > Vendor ID:
## 2014-03-03 12:03:39 : 4a 13 1c 81 07 03 58 45 5c 57 28 f2 0e 95 45 2f
## 2014-03-03 12:03:39 : IKE<XXX.XXX.28.98> rcv non-NAT-Traversal VID payload.
## 2014-03-03 12:03:39 : IKE<XXX.XXX.28.98> Process [VID]:
## 2014-03-03 12:03:39 : IKE<XXX.XXX.28.98 > Vendor ID:
## 2014-03-03 12:03:39 : 40 48 b7 d5 6e bc e8 85 25 e7 de 7f 00 d6 c2 d3
## 2014-03-03 12:03:39 : 80 00 00 00
## 2014-03-03 12:03:39 : IKE<XXX.XXX.28.98> receive unknown vendor ID payload
## 2014-03-03 12:03:39 : IKE<XXX.XXX.28.98> Process [VID]:
## 2014-03-03 12:03:39 : IKE<XXX.XXX.28.98 > Vendor ID:
## 2014-03-03 12:03:39 : f1 4b 94 b7 bf f1 fe f0 27 73 b8 c4 9f ed ed 26
## 2014-03-03 12:03:39 : IKE<XXX.XXX.28.98> rcv non-NAT-Traversal VID payload.
## 2014-03-03 12:03:39 : IKE<XXX.XXX.28.98> Process [VID]:
## 2014-03-03 12:03:39 : IKE<XXX.XXX.28.98 > Vendor ID:
## 2014-03-03 12:03:39 : 16 6f 93 2d 55 eb 64 d8 e4 df 4f d3 7e 23 13 f0
## 2014-03-03 12:03:39 : d0 fd 84 51
## 2014-03-03 12:03:39 : IKE<XXX.XXX.28.98> receive unknown vendor ID payload
## 2014-03-03 12:03:39 : IKE<XXX.XXX.28.98> Process [VID]:
## 2014-03-03 12:03:39 : IKE<XXX.XXX.28.98 > Vendor ID:
## 2014-03-03 12:03:39 : 84 04 ad f9 cd a0 57 60 b2 ca 29 2e 4b ff 53 7b
## 2014-03-03 12:03:39 : IKE<XXX.XXX.28.98> rcv non-NAT-Traversal VID payload.
## 2014-03-03 12:03:39 : IKE<XXX.XXX.28.98> Process [VID]:
## 2014-03-03 12:03:39 : IKE<XXX.XXX.28.98 > Vendor ID:
## 2014-03-03 12:03:39 : 12 f5 f2 8c 45 71 68 a9 70 2d 9f e2 74 cc 01 00
## 2014-03-03 12:03:39 : IKE<XXX.XXX.28.98> rcv non-NAT-Traversal VID payload.
## 2014-03-03 12:03:39 : IKE<XXX.XXX.28.98> Process [SA]:
## 2014-03-03 12:03:39 : IKE<XXX.XXX.28.98> Proposal received: xauthflag 1
## 2014-03-03 12:03:39 : IKE<XXX.XXX.28.98> auth(1)<PRESHRD>, encr(5)<3DES>, hash(2)<SHA>, group(2)
## 2014-03-03 12:03:39 : IKE<XXX.XXX.28.98> xauth attribute: initiator
## 2014-03-03 12:03:39 : IKE<XXX.XXX.28.98> [0] expect: xauthflag 0
## 2014-03-03 12:03:39 : IKE<XXX.XXX.28.98> auth(1)<PRESHRD>, encr(5)<3DES>, hash(2)<SHA>, group(2)
## 2014-03-03 12:03:39 : IKE<XXX.XXX.28.98> xauth attribute: disabled
## 2014-03-03 12:03:39 : IKE<XXX.XXX.28.98> Phase 1: Rejected proposals from peer. Negotiations failed.
## 2014-03-03 12:03:39 : IKE<XXX.XXX.28.98> Construct ISAKMP header.
## 2014-03-03 12:03:39 : IKE<XXX.XXX.28.98> Msg header built (next payload #11)
## 2014-03-03 12:03:39 : IKE<XXX.XXX.28.98> Construct [NOTIF]:(NO-PROPOSAL-CHOSEN)
## 2014-03-03 12:03:39 : IKE<XXX.XXX.28.98 > Xmit : [NOTIF]
## 2014-03-03 12:03:39 : IKE<XXX.XXX.28.98> Responder sending IPv4 IP XXX.XXX.28.98/port 500
## 2014-03-03 12:03:39 : IKE<XXX.XXX.28.98> Send Phase 1 packet (len=64)
## 2014-03-03 12:03:39 : IKE<XXX.XXX.28.98> IKE msg done: PKI state<0> IKE state<0/10800>
## 2014-03-03 12:03:44 : reap_db. deleting p1sa 2a4e408
## 2014-03-03 12:03:44 : terminate_SA: trying to delete SA cause: 0 cond: 2
## 2014-03-03 12:03:44 : IKE<XXX.XXX.28.98> xauth_cleanup()
## 2014-03-03 12:03:44 : IKE<XXX.XXX.28.98> Done cleaning up IKE Phase 1 SA
## 2014-03-03 12:03:44 : peer_identity_unregister_p1_sa.
## 2014-03-03 12:03:44 : IKE<0.0.0.0 > delete peer identity 0x44be7d0
## 2014-03-03 12:03:44 : IKE<0.0.0.0 > peer_identity_remove_from_peer: num entry before remove <5>
## 2014-03-03 12:03:44 : peer_idt.c peer_identity_unregister_p1_sa 686: pidt deleted.
## 2014-03-03 12:03:44 : reap_db. deleting p1sa 2a4ccd4
## 2014-03-03 12:03:44 : terminate_SA: trying to delete SA cause: 0 cond: 2
## 2014-03-03 12:03:44 : IKE<XXX.XXX.28.98> xauth_cleanup()
## 2014-03-03 12:03:44 : IKE<XXX.XXX.28.98> Done cleaning up IKE Phase 1 SA
## 2014-03-03 12:03:44 : peer_identity_unregister_p1_sa.
## 2014-03-03 12:03:44 : IKE<0.0.0.0 > delete peer identity 0x44be51c
## 2014-03-03 12:03:44 : IKE<0.0.0.0 > peer_identity_remove_from_peer: num entry before remove <4>
## 2014-03-03 12:03:44 : peer_idt.c peer_identity_unregister_p1_sa 686: pidt deleted.
## 2014-03-03 12:03:44 : reap_db. deleting p1sa 2a4d61c
## 2014-03-03 12:03:44 : terminate_SA: trying to delete SA cause: 0 cond: 2
## 2014-03-03 12:03:44 : IKE<XXX.XXX.28.98> xauth_cleanup()
## 2014-03-03 12:03:44 : IKE<XXX.XXX.28.98> Done cleaning up IKE Phase 1 SA
## 2014-03-03 12:03:44 : peer_identity_unregister_p1_sa.
## 2014-03-03 12:03:44 : IKE<0.0.0.0 > delete peer identity 0x44be268
## 2014-03-03 12:03:44 : IKE<0.0.0.0 > peer_identity_remove_from_peer: num entry before remove <3>
## 2014-03-03 12:03:44 : peer_idt.c peer_identity_unregister_p1_sa 686: pidt deleted.
## 2014-03-03 12:03:44 : reap_db. deleting p1sa 2a4c830
## 2014-03-03 12:03:44 : terminate_SA: trying to delete SA cause: 0 cond: 2
## 2014-03-03 12:03:44 : IKE<XXX.XXX.28.98> xauth_cleanup()
## 2014-03-03 12:03:44 : IKE<XXX.XXX.28.98> Done cleaning up IKE Phase 1 SA
## 2014-03-03 12:03:44 : peer_identity_unregister_p1_sa.
## 2014-03-03 12:03:44 : IKE<0.0.0.0 > delete peer identity 0x44bdd00
## 2014-03-03 12:03:44 : IKE<0.0.0.0 > peer_identity_remove_from_peer: num entry before remove <2>
## 2014-03-03 12:03:44 : peer_idt.c peer_identity_unregister_p1_sa 686: pidt deleted.
Any advise will be highly appriciated
Thank you!