EN
No results found
We couldn't find anything using that term, please try searching for something else.
L2TP/IPSec Windows 7
Hi BAlfson,thanks for your help.I asked our Internet Provider. They state that all traffice is passed through to our Firewall.It only affects L2TP/IPs
Hi BAlfson,
thanks for your help.
I asked our Internet Provider. They state that all traffice is passed through to our Firewall.
It only affects L2TP/IPsec using certificates. L2TP/IPsec with PSK is working. So I guess everything is okay with Routers and Firewalls.
On Client side i think i have tried everything already. Disabled Firewall, disabled anti-Virus, remove any 3rd Party Software, etc, etc.
Here is the log file (Debug enabled)
2014:03:20-10:29:52 fw pluto[30454]: | *received 492 bytes from 80.226.0.2:42826 on eth1
2014:03:20 – 10:29:52 fw pluto[30454 is parse ] : | * * parse ISAKMP Message :
2014:03:20 – 10:29:52 fw pluto[30454 ] : | initiator cookie :
2014:03:20 – 10:29:52 fw pluto[30454 ] : | a0 22 e4 75 e8 58 4f cf
2014:03:20 – 10:29:52 fw pluto[30454 ] : | responder cookie :
2014:03:20-10:29:52 fw pluto[30454]: | 00 00 00 00 00 00 00 00
2014:03:20 – 10:29:52 fw pluto[30454 ] : | next payload type : isakmp_next_sa
2014:03:20-10:29:52 fw pluto[30454]: | ISAKMP version: ISAKMP Version 1.0
2014:03:20 – 10:29:52 fw pluto[30454 ] : | exchange type : ISAKMP_XCHG_IDPROT
2014:03:20-10:29:52 fw pluto[30454]: | flags: none
2014:03:20 – 10:29:52 fw pluto[30454 ] : | message ID : 00 00 00 00
2014:03:20-10:29:52 fw pluto[30454]: | length: 492
2014:03:20-10:29:52 fw pluto[30454]: | ***parse ISAKMP Security Association Payload:
2014:03:20 – 10:29:52 fw pluto[30454 ] : | next payload type : isakmp_next_vid
2014:03:20 – 10:29:52 fw pluto[30454 ] : | length : 320
2014:03:20 – 10:29:52 fw pluto[30454 ] : | DOI : ISAKMP_DOI_IPSEC
2014:03:20 – 10:29:52 fw pluto[30454 is parse ] : | * * * parse ISAKMP Vendor ID Payload :
2014:03:20 – 10:29:52 fw pluto[30454 ] : | next payload type : isakmp_next_vid
2014:03:20 – 10:29:52 fw pluto[30454 ] : | length : 24
2014:03:20 – 10:29:52 fw pluto[30454 is parse ] : | * * * parse ISAKMP Vendor ID Payload :
2014:03:20 – 10:29:52 fw pluto[30454 ] : | next payload type : isakmp_next_vid
2014:03:20 – 10:29:52 fw pluto[30454 ] : | length : 20
2014:03:20 – 10:29:52 fw pluto[30454 is parse ] : | * * * parse ISAKMP Vendor ID Payload :
2014:03:20 – 10:29:52 fw pluto[30454 ] : | next payload type : isakmp_next_vid
2014:03:20 – 10:29:52 fw pluto[30454 ] : | length : 20
2014:03:20 – 10:29:52 fw pluto[30454 is parse ] : | * * * parse ISAKMP Vendor ID Payload :
2014:03:20 – 10:29:52 fw pluto[30454 ] : | next payload type : isakmp_next_vid
2014:03:20 – 10:29:52 fw pluto[30454 ] : | length : 20
2014:03:20 – 10:29:52 fw pluto[30454 is parse ] : | * * * parse ISAKMP Vendor ID Payload :
2014:03:20 – 10:29:52 fw pluto[30454 ] : | next payload type : isakmp_next_vid
2014:03:20 – 10:29:52 fw pluto[30454 ] : | length : 20
2014:03:20 – 10:29:52 fw pluto[30454 is parse ] : | * * * parse ISAKMP Vendor ID Payload :
2014:03:20 – 10:29:52 fw pluto[30454 ] : | next payload type : isakmp_next_vid
2014:03:20 – 10:29:52 fw pluto[30454 ] : | length : 20
2014:03:20 – 10:29:52 fw pluto[30454 is parse ] : | * * * parse ISAKMP Vendor ID Payload :
2014:03:20 – 10:29:52 fw pluto[30454 ] : | next payload type : ISAKMP_NEXT_NONE
2014:03:20 – 10:29:52 fw pluto[30454 ] : | length : 20
2014:03:20 – 10:29:52 fw pluto[30454 ] : packet from 80.226.0.2:42826 : receive Vendor ID payload [ MS NT5 ISAKMPOAKLEY 00000008 ]
2014:03:20-10:29:52 fw pluto[30454]: packet from 80.226.0.2:42826: received Vendor ID payload [RFC 3947]
2014:03:20 – 10:29:52 fw pluto[30454 ] : packet from 80.226.0.2:42826 : ignore Vendor ID payload [ draft – ietf – ipsec – nat – t – ike-02_n ]
2014:03:20-10:29:52 fw pluto[30454]: packet from 80.226.0.2:42826: ignoring Vendor ID payload [FRAGMENTATION]
2014:03:20-10:29:52 fw pluto[30454]: packet from 80.226.0.2:42826: ignoring Vendor ID payload [MS-Negotiation Discovery Capable]
2014:03:20-10:29:52 fw pluto[30454]: packet from 80.226.0.2:42826: ignoring Vendor ID payload [Vid-Initial-Contact]
2014:03:20-10:29:52 fw pluto[30454]: packet from 80.226.0.2:42826: ignoring Vendor ID payload [IKE CGA version 1]
2014:03:20-10:29:52 fw pluto[30454]: | ****parse IPsec DOI SIT:
2014:03:20 – 10:29:52 fw pluto[30454 is SIT_IDENTITY_ONLY ] : | IPsec DOI sit : sit_identity_only
2014:03:20-10:29:52 fw pluto[30454]: | ****parse ISAKMP Proposal Payload:
2014:03:20 – 10:29:52 fw pluto[30454 ] : | next payload type : ISAKMP_NEXT_NONE
2014:03:20 – 10:29:52 fw pluto[30454 ] : | length : 308
2014:03:20-10:29:52 fw pluto[30454]: | proposal number: 1
2014:03:20 – 10:29:52 fw pluto[30454 ] : | protocol ID : PROTO_ISAKMP
2014:03:20 – 10:29:52 fw pluto[30454 ] : | SPI size : 0
2014:03:20 – 10:29:52 fw pluto[30454 ] : | number of transform : 8
2014:03:20 – 10:29:52 fw pluto[30454 is parse ] : | * * * is parse * * parse ISAKMP Transform Payload ( ISAKMP ):
2014:03:20 – 10:29:52 fw pluto[30454 ] : | next payload type : ISAKMP_NEXT_T
2014:03:20 – 10:29:52 fw pluto[30454 ] : | length : 40
2014:03:20 – 10:29:52 fw pluto[30454 ] : | is transform transform number : 1
2014:03:20 – 10:29:52 fw pluto[30454 ] : | transform ID : KEY_IKE
2014:03:20 – 10:29:52 fw pluto[30454 is parse ] : | * * * is parse * is parse * * parse ISAKMP Oakley attribute :
2014:03:20 – 10:29:52 fw pluto[30454 ] : | af+type : OAKLEY_ENCRYPTION_ALGORITHM
2014:03:20 – 10:29:52 fw pluto[30454 ] : | length / value : 7
2014:03:20 – 10:29:52 fw pluto[30454 is parse ] : | * * * is parse * is parse * * parse ISAKMP Oakley attribute :
2014:03:20 – 10:29:52 fw pluto[30454 ] : | af+type : OAKLEY_KEY_LENGTH
2014:03:20 – 10:29:52 fw pluto[30454 ] : | length / value : 256
2014:03:20 – 10:29:52 fw pluto[30454 is parse ] : | * * * is parse * is parse * * parse ISAKMP Oakley attribute :
2014:03:20 – 10:29:52 fw pluto[30454 ] : | af+type : OAKLEY_HASH_ALGORITHM
2014:03:20 – 10:29:52 fw pluto[30454 ] : | length / value : 2
2014:03:20 – 10:29:52 fw pluto[30454 is parse ] : | * * * is parse * is parse * * parse ISAKMP Oakley attribute :
2014:03:20 – 10:29:52 fw pluto[30454 ] : | af+type : OAKLEY_GROUP_DESCRIPTION
2014:03:20 – 10:29:52 fw pluto[30454 ] : | length / value : 20
2014:03:20 – 10:29:52 fw pluto[30454 is parse ] : | * * * is parse * is parse * * parse ISAKMP Oakley attribute :
2014:03:20 – 10:29:52 fw pluto[30454 ] : | af+type : OAKLEY_AUTHENTICATION_METHOD
2014:03:20 – 10:29:52 fw pluto[30454 ] : | length / value : 3
2014:03:20 – 10:29:52 fw pluto[30454 is parse ] : | * * * is parse * is parse * * parse ISAKMP Oakley attribute :
2014:03:20 – 10:29:52 fw pluto[30454 ] : | af+type : OAKLEY_LIFE_TYPE
2014:03:20 – 10:29:52 fw pluto[30454 ] : | length / value : 1
2014:03:20 – 10:29:52 fw pluto[30454 is parse ] : | * * * is parse * is parse * * parse ISAKMP Oakley attribute :
2014:03:20 – 10:29:52 fw pluto[30454 ] : | af+type : OAKLEY_LIFE_DURATION ( variable length )
2014:03:20 – 10:29:52 fw pluto[30454 ] : | length / value : 4
2014:03:20 – 10:29:52 fw pluto[30454 is parse ] : | * * * is parse * * parse ISAKMP Transform Payload ( ISAKMP ):
2014:03:20 – 10:29:52 fw pluto[30454 ] : | next payload type : ISAKMP_NEXT_T
2014:03:20 – 10:29:52 fw pluto[30454 ] : | length : 40
2014:03:20-10:29:52 fw pluto[30454]: | transform number: 2
2014:03:20 – 10:29:52 fw pluto[30454 ] : | transform ID : KEY_IKE
2014:03:20 – 10:29:52 fw pluto[30454 is parse ] : | * * * is parse * is parse * * parse ISAKMP Oakley attribute :
2014:03:20 – 10:29:52 fw pluto[30454 ] : | af+type : OAKLEY_ENCRYPTION_ALGORITHM
2014:03:20 – 10:29:52 fw pluto[30454 ] : | length / value : 7
2014:03:20 – 10:29:52 fw pluto[30454 is parse ] : | * * * is parse * is parse * * parse ISAKMP Oakley attribute :
2014:03:20 – 10:29:52 fw pluto[30454 ] : | af+type : OAKLEY_KEY_LENGTH
2014:03:20 – 10:29:52 fw pluto[30454 ] : | length / value : 128
2014:03:20 – 10:29:52 fw pluto[30454 is parse ] : | * * * is parse * is parse * * parse ISAKMP Oakley attribute :
2014:03:20 – 10:29:52 fw pluto[30454 ] : | af+type : OAKLEY_HASH_ALGORITHM
2014:03:20 – 10:29:52 fw pluto[30454 ] : | length / value : 2
2014:03:20 – 10:29:52 fw pluto[30454 is parse ] : | * * * is parse * is parse * * parse ISAKMP Oakley attribute :
2014:03:20 – 10:29:52 fw pluto[30454 ] : | af+type : OAKLEY_GROUP_DESCRIPTION
2014:03:20 – 10:29:52 fw pluto[30454 ] : | length / value : 19
2014:03:20 – 10:29:52 fw pluto[30454 is parse ] : | * * * is parse * is parse * * parse ISAKMP Oakley attribute :
2014:03:20 – 10:29:52 fw pluto[30454 ] : | af+type : OAKLEY_AUTHENTICATION_METHOD
2014:03:20 – 10:29:52 fw pluto[30454 ] : | length / value : 3
2014:03:20 – 10:29:52 fw pluto[30454 is parse ] : | * * * is parse * is parse * * parse ISAKMP Oakley attribute :
2014:03:20 – 10:29:52 fw pluto[30454 ] : | af+type : OAKLEY_LIFE_TYPE
2014:03:20 – 10:29:52 fw pluto[30454 ] : | length / value : 1
2014:03:20 – 10:29:52 fw pluto[30454 is parse ] : | * * * is parse * is parse * * parse ISAKMP Oakley attribute :
2014:03:20 – 10:29:52 fw pluto[30454 ] : | af+type : OAKLEY_LIFE_DURATION ( variable length )
2014:03:20 – 10:29:52 fw pluto[30454 ] : | length / value : 4
2014:03:20 – 10:29:52 fw pluto[30454 is parse ] : | * * * is parse * * parse ISAKMP Transform Payload ( ISAKMP ):
2014:03:20 – 10:29:52 fw pluto[30454 ] : | next payload type : ISAKMP_NEXT_T
2014:03:20 – 10:29:52 fw pluto[30454 ] : | length : 40
2014:03:20-10:29:52 fw pluto[30454]: | transform number: 3
2014:03:20 – 10:29:52 fw pluto[30454 ] : | transform ID : KEY_IKE
2014:03:20 – 10:29:52 fw pluto[30454 is parse ] : | * * * is parse * is parse * * parse ISAKMP Oakley attribute :
2014:03:20 – 10:29:52 fw pluto[30454 ] : | af+type : OAKLEY_ENCRYPTION_ALGORITHM
2014:03:20 – 10:29:52 fw pluto[30454 ] : | length / value : 7
2014:03:20 – 10:29:52 fw pluto[30454 is parse ] : | * * * is parse * is parse * * parse ISAKMP Oakley attribute :
2014:03:20 – 10:29:52 fw pluto[30454 ] : | af+type : OAKLEY_KEY_LENGTH
2014:03:20 – 10:29:52 fw pluto[30454 ] : | length / value : 256
2014:03:20 – 10:29:52 fw pluto[30454 is parse ] : | * * * is parse * is parse * * parse ISAKMP Oakley attribute :
2014:03:20 – 10:29:52 fw pluto[30454 ] : | af+type : OAKLEY_HASH_ALGORITHM
2014:03:20 – 10:29:52 fw pluto[30454 ] : | length / value : 2
2014:03:20 – 10:29:52 fw pluto[30454 is parse ] : | * * * is parse * is parse * * parse ISAKMP Oakley attribute :
2014:03:20 – 10:29:52 fw pluto[30454 ] : | af+type : OAKLEY_GROUP_DESCRIPTION
2014:03:20 – 10:29:52 fw pluto[30454 ] : | length / value : 14
2014:03:20 – 10:29:52 fw pluto[30454 is parse ] : | * * * is parse * is parse * * parse ISAKMP Oakley attribute :
2014:03:20 – 10:29:52 fw pluto[30454 ] : | af+type : OAKLEY_AUTHENTICATION_METHOD
2014:03:20 – 10:29:52 fw pluto[30454 ] : | length / value : 3
2014:03:20 – 10:29:52 fw pluto[30454 is parse ] : | * * * is parse * is parse * * parse ISAKMP Oakley attribute :
2014:03:20 – 10:29:52 fw pluto[30454 ] : | af+type : OAKLEY_LIFE_TYPE
2014:03:20 – 10:29:52 fw pluto[30454 ] : | length / value : 1
2014:03:20 – 10:29:52 fw pluto[30454 is parse ] : | * * * is parse * is parse * * parse ISAKMP Oakley attribute :
2014:03:20 – 10:29:52 fw pluto[30454 ] : | af+type : OAKLEY_LIFE_DURATION ( variable length )
2014:03:20 – 10:29:52 fw pluto[30454 ] : | length / value : 4
2014:03:20 – 10:29:52 fw pluto[30454 is parse ] : | * * * is parse * * parse ISAKMP Transform Payload ( ISAKMP ):
2014:03:20 – 10:29:52 fw pluto[30454 ] : | next payload type : ISAKMP_NEXT_T
2014:03:20-10:29:52 fw pluto[30454]: | length: 36
2014:03:20-10:29:52 fw pluto[30454]: | transform number: 4
2014:03:20 – 10:29:52 fw pluto[30454 ] : | transform ID : KEY_IKE
2014:03:20 – 10:29:52 fw pluto[30454 is parse ] : | * * * is parse * is parse * * parse ISAKMP Oakley attribute :
2014:03:20 – 10:29:52 fw pluto[30454 ] : | af+type : OAKLEY_ENCRYPTION_ALGORITHM
2014:03:20-10:29:52 fw pluto[30454]: | length/value: 5
2014:03:20 – 10:29:52 fw pluto[30454 is parse ] : | * * * is parse * is parse * * parse ISAKMP Oakley attribute :
2014:03:20 – 10:29:52 fw pluto[30454 ] : | af+type : OAKLEY_HASH_ALGORITHM
2014:03:20 – 10:29:52 fw pluto[30454 ] : | length / value : 2
2014:03:20 – 10:29:52 fw pluto[30454 is parse ] : | * * * is parse * is parse * * parse ISAKMP Oakley attribute :
2014:03:20 – 10:29:52 fw pluto[30454 ] : | af+type : OAKLEY_GROUP_DESCRIPTION
2014:03:20 – 10:29:52 fw pluto[30454 ] : | length / value : 14
2014:03:20 – 10:29:52 fw pluto[30454 is parse ] : | * * * is parse * is parse * * parse ISAKMP Oakley attribute :
2014:03:20 – 10:29:52 fw pluto[30454 ] : | af+type : OAKLEY_AUTHENTICATION_METHOD
2014:03:20 – 10:29:52 fw pluto[30454 ] : | length / value : 3
2014:03:20 – 10:29:52 fw pluto[30454 is parse ] : | * * * is parse * is parse * * parse ISAKMP Oakley attribute :
2014:03:20 – 10:29:52 fw pluto[30454 ] : | af+type : OAKLEY_LIFE_TYPE
2014:03:20 – 10:29:52 fw pluto[30454 ] : | length / value : 1
2014:03:20 – 10:29:52 fw pluto[30454 is parse ] : | * * * is parse * is parse * * parse ISAKMP Oakley attribute :
2014:03:20 – 10:29:52 fw pluto[30454 ] : | af+type : OAKLEY_LIFE_DURATION ( variable length )
2014:03:20 – 10:29:52 fw pluto[30454 ] : | length / value : 4
2014:03:20 – 10:29:52 fw pluto[30454 is parse ] : | * * * is parse * * parse ISAKMP Transform Payload ( ISAKMP ):
2014:03:20 – 10:29:52 fw pluto[30454 ] : | next payload type : ISAKMP_NEXT_T
2014:03:20-10:29:52 fw pluto[30454]: | length: 36
2014:03:20-10:29:52 fw pluto[30454]: | transform number: 5
2014:03:20 – 10:29:52 fw pluto[30454 ] : | transform ID : KEY_IKE
2014:03:20 – 10:29:52 fw pluto[30454 is parse ] : | * * * is parse * is parse * * parse ISAKMP Oakley attribute :
2014:03:20 – 10:29:52 fw pluto[30454 ] : | af+type : OAKLEY_ENCRYPTION_ALGORITHM
2014:03:20-10:29:52 fw pluto[30454]: | length/value: 5
2014:03:20 – 10:29:52 fw pluto[30454 is parse ] : | * * * is parse * is parse * * parse ISAKMP Oakley attribute :
2014:03:20 – 10:29:52 fw pluto[30454 ] : | af+type : OAKLEY_HASH_ALGORITHM
2014:03:20 – 10:29:52 fw pluto[30454 ] : | length / value : 2
2014:03:20 – 10:29:52 fw pluto[30454 is parse ] : | * * * is parse * is parse * * parse ISAKMP Oakley attribute :
2014:03:20 – 10:29:52 fw pluto[30454 ] : | af+type : OAKLEY_GROUP_DESCRIPTION
2014:03:20 – 10:29:52 fw pluto[30454 ] : | length / value : 2
2014:03:20 – 10:29:52 fw pluto[30454 is parse ] : | * * * is parse * is parse * * parse ISAKMP Oakley attribute :
2014:03:20 – 10:29:52 fw pluto[30454 ] : | af+type : OAKLEY_AUTHENTICATION_METHOD
2014:03:20 – 10:29:52 fw pluto[30454 ] : | length / value : 3
2014:03:20 – 10:29:52 fw pluto[30454 is parse ] : | * * * is parse * is parse * * parse ISAKMP Oakley attribute :
2014:03:20 – 10:29:52 fw pluto[30454 ] : | af+type : OAKLEY_LIFE_TYPE
2014:03:20 – 10:29:52 fw pluto[30454 ] : | length / value : 1
2014:03:20 – 10:29:52 fw pluto[30454 is parse ] : | * * * is parse * is parse * * parse ISAKMP Oakley attribute :
2014:03:20 – 10:29:52 fw pluto[30454 ] : | af+type : OAKLEY_LIFE_DURATION ( variable length )
2014:03:20 – 10:29:52 fw pluto[30454 ] : | length / value : 4
2014:03:20 – 10:29:52 fw pluto[30454 is parse ] : | * * * is parse * * parse ISAKMP Transform Payload ( ISAKMP ):
2014:03:20 – 10:29:52 fw pluto[30454 ] : | next payload type : ISAKMP_NEXT_T
2014:03:20-10:29:52 fw pluto[30454]: | length: 36
2014:03:20-10:29:52 fw pluto[30454]: | transform number: 6
2014:03:20 – 10:29:52 fw pluto[30454 ] : | transform ID : KEY_IKE
2014:03:20 – 10:29:52 fw pluto[30454 is parse ] : | * * * is parse * is parse * * parse ISAKMP Oakley attribute :
2014:03:20 – 10:29:52 fw pluto[30454 ] : | af+type : OAKLEY_ENCRYPTION_ALGORITHM
2014:03:20-10:29:52 fw pluto[30454]: | length/value: 5
2014:03:20 – 10:29:52 fw pluto[30454 is parse ] : | * * * is parse * is parse * * parse ISAKMP Oakley attribute :
2014:03:20 – 10:29:52 fw pluto[30454 ] : | af+type : OAKLEY_HASH_ALGORITHM
2014:03:20 – 10:29:52 fw pluto[30454 ] : | length / value : 1
2014:03:20 – 10:29:52 fw pluto[30454 is parse ] : | * * * is parse * is parse * * parse ISAKMP Oakley attribute :
2014:03:20 – 10:29:52 fw pluto[30454 ] : | af+type : OAKLEY_GROUP_DESCRIPTION
2014:03:20 – 10:29:52 fw pluto[30454 ] : | length / value : 2
2014:03:20 – 10:29:52 fw pluto[30454 is parse ] : | * * * is parse * is parse * * parse ISAKMP Oakley attribute :
2014:03:20 – 10:29:52 fw pluto[30454 ] : | af+type : OAKLEY_AUTHENTICATION_METHOD
2014:03:20 – 10:29:52 fw pluto[30454 ] : | length / value : 3
2014:03:20 – 10:29:52 fw pluto[30454 is parse ] : | * * * is parse * is parse * * parse ISAKMP Oakley attribute :
2014:03:20 – 10:29:52 fw pluto[30454 ] : | af+type : OAKLEY_LIFE_TYPE
2014:03:20 – 10:29:52 fw pluto[30454 ] : | length / value : 1
2014:03:20 – 10:29:52 fw pluto[30454 is parse ] : | * * * is parse * is parse * * parse ISAKMP Oakley attribute :
2014:03:20 – 10:29:52 fw pluto[30454 ] : | af+type : OAKLEY_LIFE_DURATION ( variable length )
2014:03:20 – 10:29:52 fw pluto[30454 ] : | length / value : 4
2014:03:20 – 10:29:52 fw pluto[30454 is parse ] : | * * * is parse * * parse ISAKMP Transform Payload ( ISAKMP ):
2014:03:20 – 10:29:52 fw pluto[30454 ] : | next payload type : ISAKMP_NEXT_T
2014:03:20-10:29:52 fw pluto[30454]: | length: 36
2014:03:20-10:29:52 fw pluto[30454]: | transform number: 7
2014:03:20 – 10:29:52 fw pluto[30454 ] : | transform ID : KEY_IKE
2014:03:20 – 10:29:52 fw pluto[30454 is parse ] : | * * * is parse * is parse * * parse ISAKMP Oakley attribute :
2014:03:20 – 10:29:52 fw pluto[30454 ] : | af+type : OAKLEY_ENCRYPTION_ALGORITHM
2014:03:20 – 10:29:52 fw pluto[30454 ] : | length / value : 1
2014:03:20 – 10:29:52 fw pluto[30454 is parse ] : | * * * is parse * is parse * * parse ISAKMP Oakley attribute :
2014:03:20 – 10:29:52 fw pluto[30454 ] : | af+type : OAKLEY_HASH_ALGORITHM
2014:03:20 – 10:29:52 fw pluto[30454 ] : | length / value : 2
2014:03:20 – 10:29:52 fw pluto[30454 is parse ] : | * * * is parse * is parse * * parse ISAKMP Oakley attribute :
2014:03:20 – 10:29:52 fw pluto[30454 ] : | af+type : OAKLEY_GROUP_DESCRIPTION
2014:03:20 – 10:29:52 fw pluto[30454 ] : | length / value : 1
2014:03:20 – 10:29:52 fw pluto[30454 is parse ] : | * * * is parse * is parse * * parse ISAKMP Oakley attribute :
2014:03:20 – 10:29:52 fw pluto[30454 ] : | af+type : OAKLEY_AUTHENTICATION_METHOD
2014:03:20 – 10:29:52 fw pluto[30454 ] : | length / value : 3
2014:03:20 – 10:29:52 fw pluto[30454 is parse ] : | * * * is parse * is parse * * parse ISAKMP Oakley attribute :
2014:03:20 – 10:29:52 fw pluto[30454 ] : | af+type : OAKLEY_LIFE_TYPE
2014:03:20 – 10:29:52 fw pluto[30454 ] : | length / value : 1
2014:03:20 – 10:29:52 fw pluto[30454 is parse ] : | * * * is parse * is parse * * parse ISAKMP Oakley attribute :
2014:03:20 – 10:29:52 fw pluto[30454 ] : | af+type : OAKLEY_LIFE_DURATION ( variable length )
2014:03:20 – 10:29:52 fw pluto[30454 ] : | length / value : 4
2014:03:20 – 10:29:52 fw pluto[30454 is parse ] : | * * * is parse * * parse ISAKMP Transform Payload ( ISAKMP ):
2014:03:20 – 10:29:52 fw pluto[30454 ] : | next payload type : ISAKMP_NEXT_NONE
2014:03:20-10:29:52 fw pluto[30454]: | length: 36
2014:03:20-10:29:52 fw pluto[30454]: | transform number: 8
2014:03:20 – 10:29:52 fw pluto[30454 ] : | transform ID : KEY_IKE
2014:03:20 – 10:29:52 fw pluto[30454 is parse ] : | * * * is parse * is parse * * parse ISAKMP Oakley attribute :
2014:03:20 – 10:29:52 fw pluto[30454 ] : | af+type : OAKLEY_ENCRYPTION_ALGORITHM
2014:03:20 – 10:29:52 fw pluto[30454 ] : | length / value : 1
2014:03:20 – 10:29:52 fw pluto[30454 is parse ] : | * * * is parse * is parse * * parse ISAKMP Oakley attribute :
2014:03:20 – 10:29:52 fw pluto[30454 ] : | af+type : OAKLEY_HASH_ALGORITHM
2014:03:20 – 10:29:52 fw pluto[30454 ] : | length / value : 1
2014:03:20 – 10:29:52 fw pluto[30454 is parse ] : | * * * is parse * is parse * * parse ISAKMP Oakley attribute :
2014:03:20 – 10:29:52 fw pluto[30454 ] : | af+type : OAKLEY_GROUP_DESCRIPTION
2014:03:20 – 10:29:52 fw pluto[30454 ] : | length / value : 1
2014:03:20 – 10:29:52 fw pluto[30454 is parse ] : | * * * is parse * is parse * * parse ISAKMP Oakley attribute :
2014:03:20 – 10:29:52 fw pluto[30454 ] : | af+type : OAKLEY_AUTHENTICATION_METHOD
2014:03:20 – 10:29:52 fw pluto[30454 ] : | length / value : 3
2014:03:20 – 10:29:52 fw pluto[30454 is parse ] : | * * * is parse * is parse * * parse ISAKMP Oakley attribute :
2014:03:20 – 10:29:52 fw pluto[30454 ] : | af+type : OAKLEY_LIFE_TYPE
2014:03:20 – 10:29:52 fw pluto[30454 ] : | length / value : 1
2014:03:20 – 10:29:52 fw pluto[30454 is parse ] : | * * * is parse * is parse * * parse ISAKMP Oakley attribute :
2014:03:20 – 10:29:52 fw pluto[30454 ] : | af+type : OAKLEY_LIFE_DURATION ( variable length )
2014:03:20 – 10:29:52 fw pluto[30454 ] : | length / value : 4
2014:03:20-10:29:52 fw pluto[30454]: | preparse_isakmp_policy: peer requests PUBKEY authentication
2014:03:20-10:29:52 fw pluto[30454]: “L_for sophos”[143] 80.226.0.2:42826 #14878: responding to Main Mode from unknown peer 80.226.0.2:42826
2014:03:20-10:29:52 fw pluto[30454]: | **emit ISAKMP Message:
2014:03:20 – 10:29:52 fw pluto[30454 ] : | initiator cookie :
2014:03:20 – 10:29:52 fw pluto[30454 ] : | a0 22 e4 75 e8 58 4f cf
2014:03:20 – 10:29:52 fw pluto[30454 ] : | responder cookie :
2014:03:20 – 10:29:52 fw pluto[30454 ] : | e4 a6 8f 83 2f 7c a1 d8
2014:03:20 – 10:29:52 fw pluto[30454 ] : | next payload type : isakmp_next_sa
2014:03:20-10:29:52 fw pluto[30454]: | ISAKMP version: ISAKMP Version 1.0
2014:03:20 – 10:29:52 fw pluto[30454 ] : | exchange type : ISAKMP_XCHG_IDPROT
2014:03:20-10:29:52 fw pluto[30454]: | flags: none
2014:03:20 – 10:29:52 fw pluto[30454 ] : | message ID : 00 00 00 00
2014:03:20-10:29:52 fw pluto[30454]: | ***emit ISAKMP Security Association Payload:
2014:03:20 – 10:29:52 fw pluto[30454 ] : | next payload type : isakmp_next_vid
2014:03:20 – 10:29:52 fw pluto[30454 ] : | DOI : ISAKMP_DOI_IPSEC
2014:03:20 – 10:29:52 fw pluto[30454 is parse ] : | * * * is parse * * parse ISAKMP Transform Payload ( ISAKMP ):
2014:03:20 – 10:29:52 fw pluto[30454 ] : | next payload type : ISAKMP_NEXT_T
2014:03:20 – 10:29:52 fw pluto[30454 ] : | length : 40
2014:03:20 – 10:29:52 fw pluto[30454 ] : | is transform transform number : 1
2014:03:20 – 10:29:52 fw pluto[30454 ] : | transform ID : KEY_IKE
2014:03:20 – 10:29:52 fw pluto[30454 is parse ] : | * * * is parse * is parse * * parse ISAKMP Oakley attribute :
2014:03:20 – 10:29:52 fw pluto[30454 ] : | af+type : OAKLEY_ENCRYPTION_ALGORITHM
2014:03:20 – 10:29:52 fw pluto[30454 ] : | length / value : 7
2014:03:20 – 10:29:52 fw pluto[30454 ] : | [ 7 is AES_CBC ]
2014:03:20 – 10:29:52 fw pluto[30454 is parse ] : | * * * is parse * is parse * * parse ISAKMP Oakley attribute :
2014:03:20 – 10:29:52 fw pluto[30454 ] : | af+type : OAKLEY_KEY_LENGTH
2014:03:20 – 10:29:52 fw pluto[30454 ] : | length / value : 256
2014:03:20 – 10:29:52 fw pluto[30454 is parse ] : | * * * is parse * is parse * * parse ISAKMP Oakley attribute :
2014:03:20 – 10:29:52 fw pluto[30454 ] : | af+type : OAKLEY_HASH_ALGORITHM
2014:03:20 – 10:29:52 fw pluto[30454 ] : | length / value : 2
2014:03:20-10:29:52 fw pluto[30454]: | [2 is HMAC_SHA1]
2014:03:20 – 10:29:52 fw pluto[30454 is parse ] : | * * * is parse * is parse * * parse ISAKMP Oakley attribute :
2014:03:20 – 10:29:52 fw pluto[30454 ] : | af+type : OAKLEY_GROUP_DESCRIPTION
2014:03:20 – 10:29:52 fw pluto[30454 ] : | length / value : 20
2014:03:20-10:29:52 fw pluto[30454]: | [20 is ECP_384]
2014:03:20-10:29:52 fw pluto[30454]: “L_for sophos”[143] 80.226.0.2:42826 #14878: ECP_384 is not supported. Attribute OAKLEY_GROUP_DESCRIPTION
2014:03:20 – 10:29:52 fw pluto[30454 is parse ] : | * * * is parse * * parse ISAKMP Transform Payload ( ISAKMP ):
2014:03:20 – 10:29:52 fw pluto[30454 ] : | next payload type : ISAKMP_NEXT_T
2014:03:20 – 10:29:52 fw pluto[30454 ] : | length : 40
2014:03:20-10:29:52 fw pluto[30454]: | transform number: 2
2014:03:20 – 10:29:52 fw pluto[30454 ] : | transform ID : KEY_IKE
2014:03:20 – 10:29:52 fw pluto[30454 is parse ] : | * * * is parse * is parse * * parse ISAKMP Oakley attribute :
2014:03:20 – 10:29:52 fw pluto[30454 ] : | af+type : OAKLEY_ENCRYPTION_ALGORITHM
2014:03:20 – 10:29:52 fw pluto[30454 ] : | length / value : 7
2014:03:20 – 10:29:52 fw pluto[30454 ] : | [ 7 is AES_CBC ]
2014:03:20 – 10:29:52 fw pluto[30454 is parse ] : | * * * is parse * is parse * * parse ISAKMP Oakley attribute :
2014:03:20 – 10:29:52 fw pluto[30454 ] : | af+type : OAKLEY_KEY_LENGTH
2014:03:20 – 10:29:52 fw pluto[30454 ] : | length / value : 128
2014:03:20 – 10:29:52 fw pluto[30454 is parse ] : | * * * is parse * is parse * * parse ISAKMP Oakley attribute :
2014:03:20 – 10:29:52 fw pluto[30454 ] : | af+type : OAKLEY_HASH_ALGORITHM
2014:03:20 – 10:29:52 fw pluto[30454 ] : | length / value : 2
2014:03:20-10:29:52 fw pluto[30454]: | [2 is HMAC_SHA1]
2014:03:20 – 10:29:52 fw pluto[30454 is parse ] : | * * * is parse * is parse * * parse ISAKMP Oakley attribute :
2014:03:20 – 10:29:52 fw pluto[30454 ] : | af+type : OAKLEY_GROUP_DESCRIPTION
2014:03:20 – 10:29:52 fw pluto[30454 ] : | length / value : 19
2014:03:20 – 10:29:52 fw pluto[30454 is is ] : | [ 19 is is is ecp_256 ]
2014:03:20-10:29:52 fw pluto[30454]: “L_for sophos”[143] 80.226.0.2:42826 #14878: ECP_256 is not supported. Attribute OAKLEY_GROUP_DESCRIPTION
2014:03:20 – 10:29:52 fw pluto[30454 is parse ] : | * * * is parse * * parse ISAKMP Transform Payload ( ISAKMP ):
2014:03:20 – 10:29:52 fw pluto[30454 ] : | next payload type : ISAKMP_NEXT_T
2014:03:20 – 10:29:52 fw pluto[30454 ] : | length : 40
2014:03:20-10:29:52 fw pluto[30454]: | transform number: 3
2014:03:20 – 10:29:52 fw pluto[30454 ] : | transform ID : KEY_IKE
2014:03:20 – 10:29:52 fw pluto[30454 is parse ] : | * * * is parse * is parse * * parse ISAKMP Oakley attribute :
2014:03:20 – 10:29:52 fw pluto[30454 ] : | af+type : OAKLEY_ENCRYPTION_ALGORITHM
2014:03:20 – 10:29:52 fw pluto[30454 ] : | length / value : 7
2014:03:20 – 10:29:52 fw pluto[30454 ] : | [ 7 is AES_CBC ]
2014:03:20 – 10:29:52 fw pluto[30454 is parse ] : | * * * is parse * is parse * * parse ISAKMP Oakley attribute :
2014:03:20 – 10:29:52 fw pluto[30454 ] : | af+type : OAKLEY_KEY_LENGTH
2014:03:20 – 10:29:52 fw pluto[30454 ] : | length / value : 256
2014:03:20 – 10:29:52 fw pluto[30454 is parse ] : | * * * is parse * is parse * * parse ISAKMP Oakley attribute :
2014:03:20 – 10:29:52 fw pluto[30454 ] : | af+type : OAKLEY_HASH_ALGORITHM
2014:03:20 – 10:29:52 fw pluto[30454 ] : | length / value : 2
2014:03:20-10:29:52 fw pluto[30454]: | [2 is HMAC_SHA1]
2014:03:20 – 10:29:52 fw pluto[30454 is parse ] : | * * * is parse * is parse * * parse ISAKMP Oakley attribute :
2014:03:20 – 10:29:52 fw pluto[30454 ] : | af+type : OAKLEY_GROUP_DESCRIPTION
2014:03:20 – 10:29:52 fw pluto[30454 ] : | length / value : 14
2014:03:20-10:29:52 fw pluto[30454]: | [14 is MODP_2048]
2014:03:20 – 10:29:52 fw pluto[30454 is parse ] : | * * * is parse * is parse * * parse ISAKMP Oakley attribute :
2014:03:20 – 10:29:52 fw pluto[30454 ] : | af+type : OAKLEY_AUTHENTICATION_METHOD
2014:03:20 – 10:29:52 fw pluto[30454 ] : | length / value : 3
2014:03:20-10:29:52 fw pluto[30454]: | [3 is RSA signature]
2014:03:20 – 10:29:52 fw pluto[30454 is parse ] : | * * * is parse * is parse * * parse ISAKMP Oakley attribute :
2014:03:20 – 10:29:52 fw pluto[30454 ] : | af+type : OAKLEY_LIFE_TYPE
2014:03:20 – 10:29:52 fw pluto[30454 ] : | length / value : 1
2014:03:20-10:29:52 fw pluto[30454]: | [1 is OAKLEY_LIFE_SECONDS]
2014:03:20 – 10:29:52 fw pluto[30454 is parse ] : | * * * is parse * is parse * * parse ISAKMP Oakley attribute :
2014:03:20 – 10:29:52 fw pluto[30454 ] : | af+type : OAKLEY_LIFE_DURATION ( variable length )
2014:03:20 – 10:29:52 fw pluto[30454 ] : | length / value : 4
2014:03:20-10:29:52 fw pluto[30454]: | long duration: 28800
2014:03:20-10:29:52 fw pluto[30454]: | Oakley Transform 3 accepted
2014:03:20-10:29:52 fw pluto[30454]: | ****emit IPsec DOI SIT:
2014:03:20 – 10:29:52 fw pluto[30454 is SIT_IDENTITY_ONLY ] : | IPsec DOI sit : sit_identity_only
2014:03:20-10:29:52 fw pluto[30454]: | ****emit ISAKMP Proposal Payload:
2014:03:20 – 10:29:52 fw pluto[30454 ] : | next payload type : ISAKMP_NEXT_NONE
2014:03:20-10:29:52 fw pluto[30454]: | proposal number: 1
2014:03:20 – 10:29:52 fw pluto[30454 ] : | protocol ID : PROTO_ISAKMP
2014:03:20 – 10:29:52 fw pluto[30454 ] : | SPI size : 0
2014:03:20-10:29:52 fw pluto[30454]: | number of transforms: 1
2014:03:20 – 10:29:52 fw pluto[30454 ] : | * * * * * emit ISAKMP Transform Payload ( ISAKMP ):
2014:03:20 – 10:29:52 fw pluto[30454 ] : | next payload type : ISAKMP_NEXT_NONE
2014:03:20-10:29:52 fw pluto[30454]: | transform number: 3
2014:03:20 – 10:29:52 fw pluto[30454 ] : | transform ID : KEY_IKE
2014:03:20-10:29:52 fw pluto[30454]: | emitting 32 raw bytes of attributes into ISAKMP Transform Payload (ISAKMP)
2014:03:20 – 10:29:52 fw pluto[30454 ] : | attribute 80 01 00 07 80 0e 01 00 80 02 00 02 80 04 00 0e
2014:03:20-10:29:52 fw pluto[30454]: | 80 03 00 03 80 0b 00 01 00 0c 00 04 00 00 70 80
2014:03:20-10:29:52 fw pluto[30454]: | emitting length of ISAKMP Transform Payload (ISAKMP): 40
2014:03:20 – 10:29:52 fw pluto[30454 ] : | emit length of ISAKMP Proposal Payload : 48
2014:03:20-10:29:52 fw pluto[30454]: | emitting length of ISAKMP Security Association Payload: 60
2014:03:20-10:29:52 fw pluto[30454]: | out_vendorid(): sending [strongSwan]
2014:03:20 – 10:29:52 fw pluto[30454 is Payload ] : | * * * emit ISAKMP Vendor ID Payload :
2014:03:20 – 10:29:52 fw pluto[30454 ] : | next payload type : isakmp_next_vid
2014:03:20 – 10:29:52 fw pluto[30454 ] : | emit 16 raw byte of V_ID into ISAKMP Vendor ID Payload
2014:03:20 – 10:29:52 fw pluto[30454 ] : | V_ID 88 2f e5 6d 6f d2 0d is be bc 22 51 61 3b 2e is be be 5b eb
2014:03:20 – 10:29:52 fw pluto[30454 ] : | emit length of ISAKMP Vendor ID Payload : 20
2014:03:20-10:29:52 fw pluto[30454]: | out_vendorid(): sending [Cisco-Unity]
2014:03:20 – 10:29:52 fw pluto[30454 is Payload ] : | * * * emit ISAKMP Vendor ID Payload :
2014:03:20 – 10:29:52 fw pluto[30454 ] : | next payload type : isakmp_next_vid
2014:03:20 – 10:29:52 fw pluto[30454 ] : | emit 16 raw byte of V_ID into ISAKMP Vendor ID Payload
2014:03:20-10:29:52 fw pluto[30454]: | V_ID 12 f5 f2 8c 45 71 68 a9 70 2d 9f e2 74 cc 01 00
2014:03:20 – 10:29:52 fw pluto[30454 ] : | emit length of ISAKMP Vendor ID Payload : 20
2014:03:20-10:29:52 fw pluto[30454]: | out_vendorid(): sending [XAUTH]
2014:03:20 – 10:29:52 fw pluto[30454 is Payload ] : | * * * emit ISAKMP Vendor ID Payload :
2014:03:20 – 10:29:52 fw pluto[30454 ] : | next payload type : isakmp_next_vid
2014:03:20-10:29:52 fw pluto[30454]: | emitting 8 raw bytes of V_ID into ISAKMP Vendor ID Payload
2014:03:20-10:29:52 fw pluto[30454]: | V_ID 09 00 26 89 df d6 b7 12
2014:03:20 – 10:29:52 fw pluto[30454 ] : | emit length of ISAKMP Vendor ID Payload : 12
2014:03:20-10:29:52 fw pluto[30454]: | out_vendorid(): sending [Dead Peer Detection]
2014:03:20 – 10:29:52 fw pluto[30454 is Payload ] : | * * * emit ISAKMP Vendor ID Payload :
2014:03:20 – 10:29:52 fw pluto[30454 ] : | next payload type : isakmp_next_vid
2014:03:20 – 10:29:52 fw pluto[30454 ] : | emit 16 raw byte of V_ID into ISAKMP Vendor ID Payload
2014:03:20-10:29:52 fw pluto[30454]: | V_ID af ca d7 13 68 a1 f1 c9 6b 86 96 fc 77 57 01 00
2014:03:20 – 10:29:52 fw pluto[30454 ] : | emit length of ISAKMP Vendor ID Payload : 20
2014:03:20-10:29:52 fw pluto[30454]: | out_vendorid(): sending [RFC 3947]
2014:03:20 – 10:29:52 fw pluto[30454 is Payload ] : | * * * emit ISAKMP Vendor ID Payload :
2014:03:20 – 10:29:52 fw pluto[30454 ] : | next payload type : ISAKMP_NEXT_NONE
2014:03:20 – 10:29:52 fw pluto[30454 ] : | emit 16 raw byte of V_ID into ISAKMP Vendor ID Payload
2014:03:20-10:29:52 fw pluto[30454]: | V_ID 4a 13 1c 81 07 03 58 45 5c 57 28 f2 0e 95 45 2f
2014:03:20 – 10:29:52 fw pluto[30454 ] : | emit length of ISAKMP Vendor ID Payload : 20
2014:03:20-10:29:52 fw pluto[30454]: | emitting length of ISAKMP Message: 180
2014:03:20-10:29:52 fw pluto[30454]: |
2014:03:20 – 10:29:52 fw pluto[30454 ] : | * receive 388 byte from 80.226.0.2:42826 on eth1
2014:03:20 – 10:29:52 fw pluto[30454 is parse ] : | * * parse ISAKMP Message :
2014:03:20 – 10:29:52 fw pluto[30454 ] : | initiator cookie :
2014:03:20 – 10:29:52 fw pluto[30454 ] : | a0 22 e4 75 e8 58 4f cf
2014:03:20 – 10:29:52 fw pluto[30454 ] : | responder cookie :
2014:03:20 – 10:29:52 fw pluto[30454 ] : | e4 a6 8f 83 2f 7c a1 d8
2014:03:20 – 10:29:52 fw pluto[30454 ] : | next payload type : isakmp_next_ke
2014:03:20-10:29:52 fw pluto[30454]: | ISAKMP version: ISAKMP Version 1.0
2014:03:20 – 10:29:52 fw pluto[30454 ] : | exchange type : ISAKMP_XCHG_IDPROT
2014:03:20-10:29:52 fw pluto[30454]: | flags: none
2014:03:20 – 10:29:52 fw pluto[30454 ] : | message ID : 00 00 00 00
2014:03:20 – 10:29:52 fw pluto[30454 ] : | length : 388
2014:03:20-10:29:52 fw pluto[30454]: | ***parse ISAKMP Key Exchange Payload:
2014:03:20 – 10:29:52 fw pluto[30454 ] : | next payload type : ISAKMP_NEXT_NONCE
2014:03:20-10:29:52 fw pluto[30454]: | length: 260
2014:03:20-10:29:52 fw pluto[30454]: | ***parse ISAKMP Nonce Payload:
2014:03:20-10:29:52 fw pluto[30454]: | next payload type: ISAKMP_NEXT_NAT-D
2014:03:20-10:29:52 fw pluto[30454]: | length: 52
2014:03:20-10:29:52 fw pluto[30454]: | ***parse ISAKMP NAT-D Payload:
2014:03:20-10:29:52 fw pluto[30454]: | next payload type: ISAKMP_NEXT_NAT-D
2014:03:20 – 10:29:52 fw pluto[30454 ] : | length : 24
2014:03:20-10:29:52 fw pluto[30454]: | ***parse ISAKMP NAT-D Payload:
2014:03:20 – 10:29:52 fw pluto[30454 ] : | next payload type : ISAKMP_NEXT_NONE
2014:03:20 – 10:29:52 fw pluto[30454 ] : | length : 24
2014:03:20-10:29:52 fw pluto[30454]: | **emit ISAKMP Message:
2014:03:20 – 10:29:52 fw pluto[30454 ] : | initiator cookie :
2014:03:20 – 10:29:52 fw pluto[30454 ] : | a0 22 e4 75 e8 58 4f cf
2014:03:20 – 10:29:52 fw pluto[30454 ] : | responder cookie :
2014:03:20 – 10:29:52 fw pluto[30454 ] : | e4 a6 8f 83 2f 7c a1 d8
2014:03:20 – 10:29:52 fw pluto[30454 ] : | next payload type : isakmp_next_ke
2014:03:20-10:29:52 fw pluto[30454]: | ISAKMP version: ISAKMP Version 1.0
2014:03:20 – 10:29:52 fw pluto[30454 ] : | exchange type : ISAKMP_XCHG_IDPROT
2014:03:20-10:29:52 fw pluto[30454]: | flags: none
2014:03:20 – 10:29:52 fw pluto[30454 ] : | message ID : 00 00 00 00
2014:03:20-10:29:52 fw pluto[30454]: “L_for sophos”[143] 80.226.0.2:42826 #14878: NAT-Traversal: Result using RFC 3947: peer is NATed
2014:03:20 – 10:29:52 fw pluto[30454 ] : | size of dh secret exponent : 2047 bit
2014:03:20-10:29:52 fw pluto[30454]: | ***emit ISAKMP Key Exchange Payload:
2014:03:20 – 10:29:52 fw pluto[30454 ] : | next payload type : ISAKMP_NEXT_NONCE
2014:03:20 – 10:29:52 fw pluto[30454 ] : | emit 256 raw byte of keyex value into ISAKMP Key Exchange Payload
2014:03:20 – 10:29:52 fw pluto[30454 ] : | keyex value 5c 43 52 a9 47 00 b0 ab 56 63 7f 10 35 c9 27 ac
2014:03:20 – 10:29:52 fw pluto[30454 ] : | a2 37 7f 1a 8e e8 9f a4 e3 1c 9c dc 19 24 f4 7a
2014:03:20-10:29:52 fw pluto[30454]: | 6f 56 ee 52 b2 16 61 76 40 d7 31 7c f9 e5 f8 29
2014:03:20 – 10:29:52 fw pluto[30454 ] : | 53 bb a3 d7 78 d8 a2 12 1d e3 5e bb 36 2f 68 42
2014:03:20-10:29:52 fw pluto[30454]: | 6a eb e9 53 0c fc 65 3f 1e db 84 21 e3 b4 2b ae
2014:03:20-10:29:52 fw pluto[30454]: | 20 55 f4 92 b6 e2 0e b1 55 bd 00 1a 51 bf 5a e9
2014:03:20-10:29:52 fw pluto[30454]: | 4b ea 5d 10 51 74 5d ce 2d b9 4f 5e 7a bb f8 f4
2014:03:20-10:29:52 fw pluto[30454]: | 43 6d b4 62 03 8e ec 4a 5d 26 74 e9 bd b2 a3 c5
2014:03:20 – 10:29:52 fw pluto[30454 ] : | 9c fe 0a 2b a7 a1 d1 b7 97 d7 de c7 f5 ae 52 a2
2014:03:20-10:29:52 fw pluto[30454]: | 41 55 f4 51 ff 49 5c 2f 48 59 51 c0 0a 56 ac 4d
2014:03:20-10:29:52 fw pluto[30454]: | 17 fb 65 2a 25 fe 0d c0 ba 6c 34 a1 d5 ce 4c 79
2014:03:20-10:29:52 fw pluto[30454]: | ee bb 60 a4 28 92 fe 87 c0 ee d6 90 81 04 5f 35
2014:03:20-10:29:52 fw pluto[30454]: | 07 de 1d c0 8e 5d b8 42 05 2c e8 9e 0c d2 41 d4
2014:03:20 – 10:29:52 fw pluto[30454 ] : | cd b7 63 bb 07 35 ab 58 2e df 5f 27 42 6f 90 d9
2014:03:20-10:29:52 fw pluto[30454]: | ea fe 6a 24 d0 bc 4b 51 d0 cc a2 f8 13 6a 26 b4
2014:03:20-10:29:52 fw pluto[30454]: | 6e b8 a6 ed d9 02 70 5d 33 0a 68 0c 63 78 c4 88
2014:03:20-10:29:52 fw pluto[30454]: | emitting length of ISAKMP Key Exchange Payload: 260
2014:03:20 – 10:29:52 fw pluto[30454 ] : | * * * emit ISAKMP Nonce Payload :
2014:03:20-10:29:52 fw pluto[30454]: | next payload type: ISAKMP_NEXT_NAT-D
2014:03:20-10:29:52 fw pluto[30454]: | emitting 16 raw bytes of Nr into ISAKMP Nonce Payload
2014:03:20-10:29:52 fw pluto[30454]: | Nr 71 14 a7 e8 cd c4 f8 59 da ea 1d 3b b3 06 34 e2
2014:03:20 – 10:29:52 fw pluto[30454 ] : | emit length of ISAKMP Nonce Payload : 20
2014:03:20 – 10:29:52 fw pluto[30454 ] : | send NATD payload
2014:03:20-10:29:52 fw pluto[30454]: | ***emit ISAKMP NAT-D Payload:
2014:03:20-10:29:52 fw pluto[30454]: | next payload type: ISAKMP_NEXT_NAT-D
2014:03:20-10:29:52 fw pluto[30454]: | emitting 20 raw bytes of NAT-D into ISAKMP NAT-D Payload
2014:03:20-10:29:52 fw pluto[30454]: | NAT-D dc e0 fe 0b fa 71 ef f1 79 64 f8 03 00 df 04 87
2014:03:20-10:29:52 fw pluto[30454]: | 42 a4 51 d5
2014:03:20 – 10:29:52 fw pluto[30454 ] : | emit length of ISAKMP NAT – D Payload : 24
2014:03:20-10:29:52 fw pluto[30454]: | ***emit ISAKMP NAT-D Payload:
2014:03:20 – 10:29:52 fw pluto[30454 ] : | next payload type : ISAKMP_NEXT_NONE
2014:03:20-10:29:52 fw pluto[30454]: | emitting 20 raw bytes of NAT-D into ISAKMP NAT-D Payload
2014:03:20 – 10:29:52 fw pluto[30454 ] : | NAT – D b9 48 45 95 d1 aa 13 b9 f9 93 e5 8d 96 05 00 d5
2014:03:20-10:29:52 fw pluto[30454]: | ec 57 32 3b
2014:03:20 – 10:29:52 fw pluto[30454 ] : | emit length of ISAKMP NAT – D Payload : 24
2014:03:20-10:29:52 fw pluto[30454]: | emitting length of ISAKMP Message: 356
2014:03:20-10:29:54 fw pluto[30454]: |
2014:03:20-10:29:54 fw pluto[30454]: | *received 92 bytes from 80.238.229.176:500 on eth1
2014:03:20-10:29:54 fw pluto[30454]: | **parse ISAKMP Message:
2014:03:20 – 10:29:54 fw pluto[30454 ] : | initiator cookie :
2014:03:20 – 10:29:54 fw pluto[30454 ] : | fb 90 f7 5b c6 d3 c9 ed
2014:03:20-10:29:54 fw pluto[30454]: | responder cookie:
2014:03:20-10:29:54 fw pluto[30454]: | 0e 58 aa 14 a7 51 4b a2
2014:03:20-10:29:54 fw pluto[30454]: | next payload type: ISAKMP_NEXT_HASH
2014:03:20 – 10:29:54 fw pluto[30454 ] : | ISAKMP version : ISAKMP Version 1.0
2014:03:20 – 10:29:54 fw pluto[30454 ] : | exchange type : ISAKMP_XCHG_INFO
2014:03:20-10:29:54 fw pluto[30454]: | flags: ISAKMP_FLAG_ENCRYPTION
2014:03:20-10:29:54 fw pluto[30454]: | message ID: 8b b7 5a ad
2014:03:20-10:29:54 fw pluto[30454]: | length: 92
2014:03:20-10:29:54 fw pluto[30454]: | ***parse ISAKMP Hash Payload:
2014:03:20 – 10:29:54 fw pluto[30454 ] : | next payload type : ISAKMP_NEXT_N
2014:03:20 – 10:29:54 fw pluto[30454 ] : | length : 20
2014:03:20-10:29:54 fw pluto[30454]: | ***parse ISAKMP Notification Payload:
2014:03:20 – 10:29:54 fw pluto[30454 ] : | next payload type : ISAKMP_NEXT_NONE
2014:03:20-10:29:54 fw pluto[30454]: | length: 32
2014:03:20-10:29:54 fw pluto[30454]: | DOI: ISAKMP_DOI_IPSEC
2014:03:20 – 10:29:54 fw pluto[30454 ] : | protocol ID : 1
2014:03:20 – 10:29:54 fw pluto[30454 ] : | SPI size : 16
2014:03:20 – 10:29:54 fw pluto[30454 ] : | Notify Message Type : r_u_there
2014:03:20 – 10:29:54 fw pluto[30454 ] : | remove 12 byte of padding
2014:03:20 – 10:29:54 fw pluto[30454 ] : | info : fb 90 f7 5b c6 d3 c9 ed 0e 58 aa 14 a7 51 4b a2
2014:03:20-10:29:54 fw pluto[30454]: | 00 00 42 3f
2014:03:20-10:29:54 fw pluto[30454]: | **emit ISAKMP Message:
2014:03:20 – 10:29:54 fw pluto[30454 ] : | initiator cookie :
2014:03:20 – 10:29:54 fw pluto[30454 ] : | fb 90 f7 5b c6 d3 c9 ed
2014:03:20-10:29:54 fw pluto[30454]: | responder cookie:
2014:03:20-10:29:54 fw pluto[30454]: | 0e 58 aa 14 a7 51 4b a2
2014:03:20-10:29:54 fw pluto[30454]: | next payload type: ISAKMP_NEXT_HASH
2014:03:20 – 10:29:54 fw pluto[30454 ] : | ISAKMP version : ISAKMP Version 1.0
2014:03:20 – 10:29:54 fw pluto[30454 ] : | exchange type : ISAKMP_XCHG_INFO
2014:03:20-10:29:54 fw pluto[30454]: | flags: ISAKMP_FLAG_ENCRYPTION
2014:03:20-10:29:54 fw pluto[30454]: | message ID: 53 88 95 6f
2014:03:20-10:29:54 fw pluto[30454]: | ***emit ISAKMP Hash Payload:
2014:03:20 – 10:29:54 fw pluto[30454 ] : | next payload type : ISAKMP_NEXT_N
2014:03:20-10:29:54 fw pluto[30454]: | emitting 16 zero bytes of HASH into ISAKMP Hash Payload
2014:03:20-10:29:54 fw pluto[30454]: | emitting length of ISAKMP Hash Payload: 20
2014:03:20-10:29:54 fw pluto[30454]: | ***emit ISAKMP Notification Payload:
2014:03:20 – 10:29:54 fw pluto[30454 ] : | next payload type : ISAKMP_NEXT_NONE
2014:03:20-10:29:54 fw pluto[30454]: | DOI: ISAKMP_DOI_IPSEC
2014:03:20 – 10:29:54 fw pluto[30454 ] : | protocol ID : 1
2014:03:20 – 10:29:54 fw pluto[30454 ] : | SPI size : 16
2014:03:20 – 10:29:54 fw pluto[30454 ] : | Notify Message Type : r_u_there_ACK
2014:03:20-10:29:54 fw pluto[30454]: | emitting 8 raw bytes of notify icookie into ISAKMP Notification Payload
2014:03:20-10:29:54 fw pluto[30454]: | notify icookie fb 90 f7 5b c6 d3 c9 ed
2014:03:20-10:29:54 fw pluto[30454]: | emitting 8 raw bytes of notify rcookie into ISAKMP Notification Payload
2014:03:20-10:29:54 fw pluto[30454]: | notify rcookie 0e 58 aa 14 a7 51 4b a2
2014:03:20 – 10:29:54 fw pluto[30454 ] : | emit 4 raw byte of notify datum into ISAKMP Notification Payload
2014:03:20-10:29:54 fw pluto[30454]: | notify data 00 00 42 3f
2014:03:20-10:29:54 fw pluto[30454]: | emitting length of ISAKMP Notification Payload: 32
2014:03:20-10:29:54 fw pluto[30454]: | emitting 12 zero bytes of encryption padding into ISAKMP Message
2014:03:20-10:29:54 fw pluto[30454]: | emitting length of ISAKMP Message: 92
Debug is enabled, because there is also a Support call open at sophos. But at the Moment they also have no clue.
I is have have no idea if the Problem is on utm or Client side .