11/02/27 15:15:44 ii : ipc client process thread begin ... 11/02/27 15:15:44 222.61.123.22:500 11/02/27 15:15:44 DB : e11944da1f039872:0000000000000000 11/02/27 15:15:44 DB : phase1 added ( obj count = 1 ) 11/02/27 15:15:44 >> : security association payload 11/02/27 15:15:44 >> : - proposal #1 payload 11/02/27 15:15:44 >> : -- transform #1 payload 11/02/27 15:15:44 >> : -- transform #2 payload 11/02/27 15:15:44 >> : -- transform #3 payload 11/02/27 15:15:44 >> : -- transform #4 payload 11/02/27 15:15:44 >> : -- transform #5 payload 11/02/27 15:15:44 >> : -- transform #6 payload 11/02/27 15:15:44 >> : -- transform #7 payload 11/02/27 15:15:44 >> : -- transform #8 payload 11/02/27 15:15:44 >> : -- transform #9 payload 11/02/27 15:15:44 >> : -- transform #10 payload 11/02/27 15:15:44 >> : -- transform #11 payload 11/02/27 15:15:44 >> : -- transform #12 payload 11/02/27 15:15:44 >> : -- transform #13 payload 11/02/27 15:15:44 >> : -- transform #14 payload 11/02/27 15:15:44 >> : -- transform #15 payload 11/02/27 15:15:44 >> : -- transform #16 payload 11/02/27 15:15:44 >> : -- transform #17 payload 11/02/27 15:15:44 >> : -- transform #18 payload 11/02/27 15:15:44 >> : key exchange payload 11/02/27 15:15:44 >> : nonce payload 11/02/27 15:15:44 >> : identification payload 11/02/27 15:15:44 >> : vendor id payload 11/02/27 15:15:44 ii : local supports XAUTH 11/02/27 15:15:44 >> : vendor id payload 11/02/27 15:15:44 ii : local supports nat-t ( draft v00 ) 11/02/27 15:15:44 >> : vendor id payload 11/02/27 15:15:44 ii : local supports nat-t ( draft v01 ) 11/02/27 15:15:44 >> : vendor id payload 11/02/27 15:15:44 ii : local supports nat-t ( draft v02 ) 11/02/27 15:15:44 >> : vendor id payload 11/02/27 15:15:44 ii : local supports nat-t ( draft v03 ) 11/02/27 15:15:44 >> : vendor id payload 11/02/27 15:15:44 ii : local supports nat-t ( rfc ) 11/02/27 15:15:44 >> : vendor id payload 11/02/27 15:15:44 ii : local supports FRAGMENTATION 11/02/27 15:15:44 >> : vendor id payload 11/02/27 15:15:44 ii : local supports DPDv1 11/02/27 15:15:44 >> : vendor id payload 11/02/27 15:15:44 ii : local is SHREW SOFT compatible 11/02/27 15:15:44 >> : vendor id payload 11/02/27 15:15:44 ii : local is NETSCREEN compatible 11/02/27 15:15:44 >> : vendor id payload 11/02/27 15:15:44 ii : local is SIDEWINDER compatible 11/02/27 15:15:44 >> : vendor id payload 11/02/27 15:15:44 ii : local is CISCO UNITY compatible 11/02/27 15:15:44 >= : cookies e11944da1f039872:0000000000000000 11/02/27 15:15:44 >= : message 00000000 11/02/27 15:15:44 -> : send IKE packet 10.0.0.100:500 -> 222.61.123.22:500 ( 1191 bytes ) 11/02/27 15:15:44 DB : phase1 resend event scheduled ( ref count = 2 ) 11/02/27 15:15:45 <- : recv IKE packet 222.61.123.22:500 -> 10.0.0.100:500 ( 446 bytes ) 11/02/27 15:15:45 DB : phase1 found 11/02/27 15:15:45 ii : processing phase1 packet ( 446 bytes ) 11/02/27 15:15:45 =< : cookies e11944da1f039872:b6cc949745492852 11/02/27 15:15:45 =< : message 00000000 11/02/27 15:15:45 << : security association payload 11/02/27 15:15:45 << : - propsal #1 payload 11/02/27 15:15:45 << : -- transform #1 payload 11/02/27 15:15:45 ii : unmatched isakmp proposal/transform 11/02/27 15:15:45 ii : key length ( 128 != 256 ) 11/02/27 15:15:45 ii : unmatched isakmp proposal/transform 11/02/27 15:15:45 ii : key length ( 128 != 256 ) 11/02/27 15:15:45 ii : unmatched isakmp proposal/transform 11/02/27 15:15:45 ii : key length ( 128 != 192 ) 11/02/27 15:15:45 ii : unmatched isakmp proposal/transform 11/02/27 15:15:45 ii : key length ( 128 != 192 ) 11/02/27 15:15:45 !! : peer violates RFC, transform number mismatch ( 1 != 5 ) 11/02/27 15:15:45 ii : matched isakmp proposal #1 transform #1 11/02/27 15:15:45 ii : - transform = ike 11/02/27 15:15:45 ii : - cipher type = aes 11/02/27 15:15:45 ii : - key length = 128 bits 11/02/27 15:15:45 ii : - hash type = md5 11/02/27 15:15:45 ii : - dh group = modp-1024 11/02/27 15:15:45 ii : - auth type = xauth-initiator-psk 11/02/27 15:15:45 ii : - life seconds = 86400 11/02/27 15:15:45 ii : - life kbytes = 0 11/02/27 15:15:45 << : vendor id payload 11/02/27 15:15:45 ii : unknown vendor id ( 28 bytes ) 11/02/27 15:15:45 0x : 71957fc3 620a4219 70709668 132e871a 332378fc 0000000b 00000614 11/02/27 15:15:45 << : vendor id payload 11/02/27 15:15:45 ii : peer supports XAUTH 11/02/27 15:15:45 << : vendor id payload 11/02/27 15:15:45 ii : peer supports DPDv1 11/02/27 15:15:45 << : vendor id payload 11/02/27 15:15:45 ii : peer supports HEARTBEAT-NOTIFY 11/02/27 15:15:45 << : key exchange payload 11/02/27 15:15:45 << : nonce payload 11/02/27 15:15:45 << : identification payload 11/02/27 15:15:45 ii : phase1 id match 11/02/27 15:15:45 ii : received = fqdn vpngw.jersa.de 11/02/27 15:15:45 << : hash payload 11/02/27 15:15:45 << : vendor id payload 11/02/27 15:15:45 ii : peer supports nat-t ( draft v02 ) 11/02/27 15:15:45 << : nat discovery payload 11/02/27 15:15:45 << : nat discovery payload 11/02/27 15:15:45 ii : nat discovery - local address is translated 11/02/27 15:15:45 ii : switching to src nat-t udp port 4500 11/02/27 15:15:45 ii : switching to dst nat-t udp port 4500 11/02/27 15:15:45 == : DH shared secret ( 128 bytes ) 11/02/27 15:15:45 == : SETKEYID ( 16 bytes ) 11/02/27 15:15:45 == : SETKEYID_d ( 16 bytes ) 11/02/27 15:15:45 == : SETKEYID_a ( 16 bytes ) 11/02/27 15:15:45 == : SETKEYID_e ( 16 bytes ) 11/02/27 15:15:45 == : cipher key ( 16 bytes ) 11/02/27 15:15:45 == : cipher iv ( 16 bytes ) 11/02/27 15:15:45 == : phase1 hash_i ( computed ) ( 16 bytes ) 11/02/27 15:15:45 >> : hash payload 11/02/27 15:15:45 >> : nat discovery payload 11/02/27 15:15:45 >> : nat discovery payload 11/02/27 15:15:45 >= : cookies e11944da1f039872:b6cc949745492852 11/02/27 15:15:45 >= : message 00000000 11/02/27 15:15:45 >= : encrypt iv ( 16 bytes ) 11/02/27 15:15:45 == : encrypt packet ( 88 bytes ) 11/02/27 15:15:45 == : stored iv ( 16 bytes ) 11/02/27 15:15:45 DB : phase1 resend event canceled ( ref count = 1 ) 11/02/27 15:15:45 -> : send NAT-T:IKE packet 10.0.0.100:4500 -> 222.61.123.22:4500 ( 124 bytes ) 11/02/27 15:15:45 == : phase1 hash_r ( computed ) ( 16 bytes ) 11/02/27 15:15:45 == : phase1 hash_r ( received ) ( 16 bytes ) 11/02/27 15:15:45 ii : phase1 sa established 11/02/27 15:15:45 ii : 222.61.123.22:4500 <-> 10.0.0.100:4500 11/02/27 15:15:45 ii : e11944da1f039872:b6cc949745492852 11/02/27 15:15:45 ii : sending peer INITIAL-CONTACT notification 11/02/27 15:15:45 ii : - 10.0.0.100:4500 -> 222.61.123.22:4500 11/02/27 15:15:45 ii : - isakmp spi = e11944da1f039872:b6cc949745492852 11/02/27 15:15:45 ii : - data size 0 11/02/27 15:15:45 >> : hash payload 11/02/27 15:15:45 >> : notification payload 11/02/27 15:15:45 == : new informational hash ( 16 bytes ) 11/02/27 15:15:45 == : new informational iv ( 16 bytes ) 11/02/27 15:15:45 >= : cookies e11944da1f039872:b6cc949745492852 11/02/27 15:15:45 >= : message a0c38ba0 11/02/27 15:15:45 >= : encrypt iv ( 16 bytes ) 11/02/27 15:15:45 == : encrypt packet ( 76 bytes ) 11/02/27 15:15:45 == : stored iv ( 16 bytes ) 11/02/27 15:15:45 -> : send NAT-T:IKE packet 10.0.0.100:4500 -> 222.61.123.22:4500 ( 108 bytes ) 11/02/27 15:15:45 DB : phase2 not found 11/02/27 15:15:45 <- : recv NAT-T:IKE packet 222.61.123.22:4500 -> 10.0.0.100:4500 ( 76 bytes ) 11/02/27 15:15:45 DB : phase1 found 11/02/27 15:15:45 ii : processing config packet ( 76 bytes ) 11/02/27 15:15:45 DB : config not found 11/02/27 15:15:45 DB : config added ( obj count = 1 ) 11/02/27 15:15:45 == : new config iv ( 16 bytes ) 11/02/27 15:15:45 =< : cookies e11944da1f039872:b6cc949745492852 11/02/27 15:15:45 =< : message 55466abc 11/02/27 15:15:45 =< : decrypt iv ( 16 bytes ) 11/02/27 15:15:45 == : decrypt packet ( 76 bytes ) 11/02/27 15:15:45 <= : trimmed packet padding ( 8 bytes ) 11/02/27 15:15:45 <= : stored iv ( 16 bytes ) 11/02/27 15:15:45 << : hash payload 11/02/27 15:15:45 << : attribute payload 11/02/27 15:15:45 == : configure hash_i ( computed ) ( 16 bytes ) 11/02/27 15:15:45 == : configure hash_c ( computed ) ( 16 bytes ) 11/02/27 15:15:45 ii : configure hash verified 11/02/27 15:15:45 ii : - xauth authentication type 11/02/27 15:15:45 ii : - xauth username 11/02/27 15:15:45 ii : - xauth password 11/02/27 15:15:45 ii : received basic xauth request - 11/02/27 15:15:45 ii : - standard xauth username 11/02/27 15:15:45 ii : - standard xauth password 11/02/27 15:15:45 ii : sending xauth response for thorsten 11/02/27 15:15:45 >> : hash payload 11/02/27 15:15:45 >> : attribute payload 11/02/27 15:15:45 == : new configure hash ( 16 bytes ) 11/02/27 15:15:45 >= : cookies e11944da1f039872:b6cc949745492852 11/02/27 15:15:45 >= : message 55466abc 11/02/27 15:15:45 >= : encrypt iv ( 16 bytes ) 11/02/27 15:15:45 == : encrypt packet ( 84 bytes ) 11/02/27 15:15:45 == : stored iv ( 16 bytes ) 11/02/27 15:15:45 -> : send NAT-T:IKE packet 10.0.0.100:4500 -> 222.61.123.22:4500 ( 124 bytes ) 11/02/27 15:15:45 DB : config resend event scheduled ( ref count = 2 ) 11/02/27 15:15:45 <- : recv NAT-T:IKE packet 222.61.123.22:4500 -> 10.0.0.100:4500 ( 92 bytes ) 11/02/27 15:15:45 DB : phase1 found 11/02/27 15:15:45 ii : processing config packet ( 92 bytes ) 11/02/27 15:15:45 DB : config found 11/02/27 15:15:45 == : new config iv ( 16 bytes ) 11/02/27 15:15:45 =< : cookies e11944da1f039872:b6cc949745492852 11/02/27 15:15:45 =< : message 577a08a9 11/02/27 15:15:45 =< : decrypt iv ( 16 bytes ) 11/02/27 15:15:45 == : decrypt packet ( 92 bytes ) 11/02/27 15:15:45 <= : trimmed packet padding ( 12 bytes ) 11/02/27 15:15:45 <= : stored iv ( 16 bytes ) 11/02/27 15:15:45 << : hash payload 11/02/27 15:15:45 << : attribute payload 11/02/27 15:15:45 == : configure hash_i ( computed ) ( 16 bytes ) 11/02/27 15:15:45 == : configure hash_c ( computed ) ( 16 bytes ) 11/02/27 15:15:45 ii : configure hash verified 11/02/27 15:15:45 ii : received config push request 11/02/27 15:15:45 ii : - IP4 Address 11/02/27 15:15:45 ii : - IP4 Netmask 11/02/27 15:15:45 ii : - IP4 DNS Server = 10.1.1.1 11/02/27 15:15:45 ii : building config attribute list 11/02/27 15:15:45 ii : - IP4 DNS Server 11/02/27 15:15:45 ii : sending config push acknowledge 11/02/27 15:15:45 >> : hash payload 11/02/27 15:15:45 >> : attribute payload 11/02/27 15:15:45 == : new configure hash ( 16 bytes ) 11/02/27 15:15:45 >= : cookies e11944da1f039872:b6cc949745492852 11/02/27 15:15:45 >= : message 577a08a9 11/02/27 15:15:45 >= : encrypt iv ( 16 bytes ) 11/02/27 15:15:45 == : encrypt packet ( 60 bytes ) 11/02/27 15:15:45 == : stored iv ( 16 bytes ) 11/02/27 15:15:45 DB : config resend event canceled ( ref count = 1 ) 11/02/27 15:15:45 -> : send NAT-T:IKE packet 10.0.0.100:4500 -> 222.61.123.22:4500 ( 92 bytes ) 11/02/27 15:15:45 DB : config resend event scheduled ( ref count = 2 ) 11/02/27 15:15:45 <- : recv NAT-T:IKE packet 222.61.123.22:4500 -> 10.0.0.100:4500 ( 76 bytes ) 11/02/27 15:15:45 DB : phase1 found 11/02/27 15:15:45 ii : processing config packet ( 76 bytes ) 11/02/27 15:15:45 DB : config found 11/02/27 15:15:45 == : new config iv ( 16 bytes ) 11/02/27 15:15:45 =< : cookies e11944da1f039872:b6cc949745492852 11/02/27 15:15:45 =< : message 84591a7f 11/02/27 15:15:45 =< : decrypt iv ( 16 bytes ) 11/02/27 15:15:45 == : decrypt packet ( 76 bytes ) 11/02/27 15:15:45 <= : trimmed packet padding ( 16 bytes ) 11/02/27 15:15:45 <= : stored iv ( 16 bytes ) 11/02/27 15:15:45 << : hash payload 11/02/27 15:15:45 << : attribute payload 11/02/27 15:15:45 == : configure hash_i ( computed ) ( 16 bytes ) 11/02/27 15:15:45 == : configure hash_c ( computed ) ( 16 bytes ) 11/02/27 15:15:45 ii : configure hash verified 11/02/27 15:15:45 ii : received xauth result - 11/02/27 15:15:45 !! : user thorsten authentication failed 11/02/27 15:15:45 DB : phase1 soft event canceled ( ref count = 3 ) 11/02/27 15:15:45 DB : phase1 hard event canceled ( ref count = 2 ) 11/02/27 15:15:45 DB : phase1 dead event canceled ( ref count = 1 ) 11/02/27 15:15:45 ii : sending peer DELETE message 11/02/27 15:15:45 ii : - 10.0.0.100:4500 -> 222.61.123.22:4500 11/02/27 15:15:45 ii : - isakmp spi = e11944da1f039872:b6cc949745492852 11/02/27 15:15:45 ii : - data size 0 11/02/27 15:15:45 >> : hash payload 11/02/27 15:15:45 >> : delete payload 11/02/27 15:15:45 == : new informational hash ( 16 bytes ) 11/02/27 15:15:45 == : new informational iv ( 16 bytes ) 11/02/27 15:15:45 >= : cookies e11944da1f039872:b6cc949745492852 11/02/27 15:15:45 >= : message a29a73fe 11/02/27 15:15:45 >= : encrypt iv ( 16 bytes ) 11/02/27 15:15:45 == : encrypt packet ( 76 bytes ) 11/02/27 15:15:45 == : stored iv ( 16 bytes ) 11/02/27 15:15:45 -> : send NAT-T:IKE packet 10.0.0.100:4500 -> 222.61.123.22:4500 ( 108 bytes ) 11/02/27 15:15:45 DB : config resend event canceled ( ref count = 1 ) 11/02/27 15:15:45 DB : config deleted ( obj count = 0 ) 11/02/27 15:15:45 ii : phase1 removal before expire time 11/02/27 15:15:45 DB : phase1 deleted ( obj count = 0 ) 11/02/27 15:15:45 DB : policy not found 11/02/27 15:15:45 DB : policy not found 11/02/27 15:15:45 DB : policy not found 11/02/27 15:15:45 DB : policy not found 11/02/27 15:15:45 DB : policy not found 11/02/27 15:15:45 DB : policy not found 11/02/27 15:15:45 DB : tunnel dpd event canceled ( ref count = 3 ) 11/02/27 15:15:45 DB : tunnel natt event canceled ( ref count = 2 ) 11/02/27 15:15:45 DB : tunnel stats event canceled ( ref count = 1 ) 11/02/27 15:15:45 DB : removing tunnel config references 11/02/27 15:15:45 DB : removing tunnel phase2 references 11/02/27 15:15:45 DB : removing tunnel phase1 references 11/02/27 15:15:45 DB : tunnel deleted ( obj count = 0 ) 11/02/27 15:15:45 DB : removing all peer tunnel refrences 11/02/27 15:15:45 DB : peer deleted ( obj count = 0 ) 11/02/27 15:15:45 ii : ipc client process thread exit ...