[prev in list] [next in list] [prev in thread] [next in thread]
List: openikev2-users
Subject: [openikev2-users] Re: hello Dr Perez
From: Alejandro Perez Mendez <alejandro_perez () dif ! um ! es>
Date: 2007-03-30 12:32:04
Message-ID: 1175257924.3787.9.camel () localhost ! localdomain
[Download RAW message or body]
Hi,
The responder log should show what is the exact fail reason.
Best regards,
Alejandro
> Hello Sir
> Openikev2 is running in two peers configured with ICMP
> but there is a problem when i execute ping("AUTHENTICATION FAILED: Peer does not
> authenticaticate us")
>
> this the initiator's log file :
> �[01;37m[2007/03/30 13:56:38.498] �[01;37m[INFOR] OpenIKEv2: Running version
> 0.93: Mode=[BACKGROUND] PID=[3222]�[01;37m
> �[01;37m[2007/03/30 13:56:38.498] �[01;37m[INFOR] OpenIKEv2: Executable MD5
> Checksum: MD5SUM=[execute OpenIKEv2 using the full path to enable this
> feature]�[01;37m
> �[01;37m[2007/03/30 13:56:38.498] �[01;35m[THRDS] OpenIKEv2: Starting: Thread
> ID=[-1213356368] (Main thread)�[01;37m
> �[01;37m[2007/03/30 13:56:38.499] �[01;37m[INFOR] UDPSocket: Listening from
> interface: Name=[eth0] Address=[192.168.1.2#500]�[01;37m
> �[01;37m[2007/03/30 13:56:38.499] �[01;37m[INFOR] UDPSocket: Listening from
> interface: Name=[eth0] Address=[fe80::2b0:d0ff:fed7:e058%eth0#500]�[01;37m
> �[01;37m[2007/03/30 13:56:38.499] �[01;36m[IPSEC] IPSecController: Updating
> policies: Found Policies=[3]�[01;37m
> �[00;36m <IPSEC_POLICY> {
> id = 392
> direction = DIR_IN
> SRC SELECTOR ADDRESS = 192.168.1.0/24
> DST SELECTOR ADDRESS = 192.168.1.0/24
> ip protocol = ICMP
> icmp type = 0
> icmp code = 0
> <SA_REQUEST> {
> mode = TRANSPORT_MODE
> ipsec protocol = PROTO_ESP
> level = LEVEL_REQUIRE
> request id = 0
> }
> }
> �[01;37m
> �[00;36m <IPSEC_POLICY> {
> id = 385
> direction = DIR_OUT
> SRC SELECTOR ADDRESS = 192.168.1.0/24
> DST SELECTOR ADDRESS = 192.168.1.0/24
> ip protocol = ICMP
> icmp type = 0
> icmp code = 0
> <SA_REQUEST> {
> mode = TRANSPORT_MODE
> ipsec protocol = PROTO_ESP
> level = LEVEL_REQUIRE
> request id = 0
> }
> }
> �[01;37m
> �[00;36m <IPSEC_POLICY> {
> id = 402
> direction = DIR_FWD
> SRC SELECTOR ADDRESS = 192.168.1.0/24
> DST SELECTOR ADDRESS = 192.168.1.0/24
> ip protocol = ICMP
> icmp type = 0
> icmp code = 0
> <SA_REQUEST> {
> mode = TRANSPORT_MODE
> ipsec protocol = PROTO_ESP
> level = LEVEL_REQUIRE
> request id = 0
> }
> }
> �[01;37m
> �[01;37m[2007/03/30 13:56:38.500] �[01;36m[CONFG] OpenIKEv2: Reading data from
> file: Path=[/etc/openikev2/openikev2.conf]�[01;37m
> �[00;36m <CONFIGURATION> {
> <GENERAL_CONFIGURATION> {
> cookie threshold = 5
> cookie lifetime = 20
> ike max halfopen time = 30
> vendor id = openikev2-0.93
> <ATTRIBUTE_MAP> {
> eap_users_filename = /etc/openikev2/eap_users.txt [STR]
> }
> }
> <PEERS> {
> <PEER_CONFIGURATION> {
> role = ROLE_ANY
> <PEER_IDs> {
> <ID> {
> id type = ID_IPV4_ADDR
> identification data = 192.168.1.1
> }
> }
> <IKE_CONFIGURATION> {
> <PROPOSAL> {
> proposal # = 0
> <PROTOCOL> {
> id = PROTO_IKE
> spi size = 8
> spi value = [00:00:00:00:00:00:00:00]
> <TRANSFORM> {
> type = ENCR
> id = ENCR_3DES
> }
> <TRANSFORM> {
> type = ENCR
> id = ENCR_DES
> }
> <TRANSFORM> {
> type = INTEG
> id = AUTH_HMAC_SHA1_96
> }
> <TRANSFORM> {
> type = INTEG
> id = AUTH_HMAC_MD5_96
> }
> <TRANSFORM> {
> type = PRF
> id = PRF_HMAC_MD5
> }
> <TRANSFORM> {
> type = DH
> id = 2
> }
> <TRANSFORM> {
> type = DH
> id = 1
> }
> }
> }
> <ID> {
> id type = ID_IPV4_ADDR
> identification data = 192.168.1.2
> }
> auth method = AUTH_METHOD_PSK
> peer auth method = AUTH_METHOD_PSK
> preshared key =
>
> [74:68:69:73:20:66:69:6C:65:20:63:61:6E:20:62:65:20:77:68:61:74:65:76:65:72:20:6B:69:6E:64:20:6F:
>
> 66:20:66:69:6C:65:3A:20:54:58:54:2C:20:4A:50:47:2C:20:47:5A:49:50:2C:20:2E:2E:2E:0A]
> peer preshared key =
>
> [74:68:69:73:20:66:69:6C:65:20:63:61:6E:20:62:65:20:77:68:61:74:65:76:65:72:20:6B:69:6E:64:20:6F:
>
> 66:20:66:69:6C:65:3A:20:54:58:54:2C:20:4A:50:47:2C:20:47:5A:49:50:2C:20:2E:2E:2E:0A]
> request configuration = NO
> retransmition time = 5
> retransmition factor = 2
> rekey time = 60
> ike max exchange retransmitions = 10
> use eap = NO
> hash & url support = NO
> send CERT payload = NO
> send CERTREQ payload = NO
> <CERTIFICATE_CONTROLLER> {
> <CA_CERTIFICATES> {
> }
> <MY_CERTIFICATES> {
> }
> <MY_HASH_URL_CERTIFICATES> {
> }
> <BLACK_LIST> {
> }
> <WHITE_LIST> {
> }
> }
> <ATTRIBUTE_MAP> {
> configuration_method = none [STR]
> reauth_time = 600 [INT32]
> use_uname = NO [BOOL]
> }
> }
> <IPSEC_CONFIGURATION> {
> <PROPOSAL> {
> proposal # = 0
> <PROTOCOL> {
> id = PROTO_ESP
> spi size = 4
> spi value = [00:00:00:00]
> <TRANSFORM> {
> type = ENCR
> id = ENCR_3DES
> }
> <TRANSFORM> {
> type = ENCR
> id = ENCR_DES
> }
> <TRANSFORM> {
> type = INTEG
> id = AUTH_HMAC_SHA1_96
> }
> }
> }
> <PROPOSAL> {
> proposal # = 0
> <PROTOCOL> {
> id = PROTO_AH
> spi size = 4
> spi value = [00:00:00:00]
> <TRANSFORM> {
> type = INTEG
> id = AUTH_HMAC_SHA1_96
> }
> }
> }
> max_allocations_soft = 268435455
> max_allocations_hard = 268435455
> max_bytes_soft = 1000000
> max_bytes_hard = 1200000
> lifetime_soft = 500
> lifetime_hard = 800
> <ATTRIBUTE_MAP> {
> }
> }
> }
> }
> }
> �[01;37m
> �[01;37m[2007/03/30 13:56:38.502] �[01;35m[THRDS] NetworkController: Start:
> Thread ID=[20] Cookie Threshold=[5 half-opened IKE SAs] Max. Cookie Time=[20
> seconds]�[01;37m
> �[01;37m[2007/03/30 13:56:38.502] �[01;35m[THRDS] IPSecController: Start: Thread
> ID=[21] Implementation=[XFRM]�[01;37m
> �[01;37m[2007/03/30 13:56:38.502] �[01;35m[THRDS] AlarmController: Start: Thread
> ID=[22]�[01;37m
> �[01;37m[2007/03/30 13:57:04.907] �[01;36m[IPSEC] IPSecController: Recv acquire:
> Policy=[385]�[01;37m
> �[00;36m SRC=[192.168.1.2]�[01;37m
> �[00;36m DST=[192.168.1.1]�[01;37m
> �[00;36m SEL SRC=[192.168.1.2]�[01;37m
> �[00;36m SEL DST=[192.168.1.1]�[01;37m
> �[00;36m SEL PROTO=[ICMP]�[01;37m
> �[00;36m SEL SRC PORT=[8]�[01;37m
> �[00;36m SEL DST PORT=[0]�[01;37m
> �[00;36m <IPSEC_POLICY> {
> id = 385
> direction = DIR_OUT
> SRC SELECTOR ADDRESS = 192.168.1.0/24
> DST SELECTOR ADDRESS = 192.168.1.0/24
> ip protocol = ICMP
> icmp type = 0
> icmp code = 0
> <SA_REQUEST> {
> mode = TRANSPORT_MODE
> ipsec protocol = PROTO_ESP
> level = LEVEL_REQUIRE
> request id = 0
> }
> }
> �[01;37m
> �[01;37m[2007/03/30 13:57:04.909] �[01;37m[INFOR] ThreadController:
> IKE_SA_Controller for IP=[192.168.1.1#500] does not exist. Creating a new
> one�[01;37m
> �[01;37m[2007/03/30 13:57:04.909] �[01;34m[ALARM] Alarm=[B8:26:10:AC]: New Alarm
> created�[01;37m
> �[01;37m[2007/03/30 13:57:04.909] �[01;34m[ALARM] Alarm=[00:27:10:AC]: New Alarm
> created�[01;37m
> �[01;37m[2007/03/30 13:57:04.909] �[01;34m[ALARM] Alarm=[78:27:10:AC]: New Alarm
> created�[01;37m
> �[01;37m[2007/03/30 13:57:04.909] �[01;34m[ALARM] AlarmController: Register
> alarm: Alarm Id=[B8:26:10:AC] Total Alarms=[1]�[01;37m
> �[01;37m[2007/03/30 13:57:04.909] �[01;34m[ALARM] AlarmController: Register
> alarm: Alarm Id=[00:27:10:AC] Total Alarms=[2]�[01;37m
> �[01;37m[2007/03/30 13:57:04.909] �[01;34m[ALARM] AlarmController: Register
> alarm: Alarm Id=[78:27:10:AC] Total Alarms=[3]�[01;37m
> �[01;37m[2007/03/30 13:57:04.909] �[00;33m[EVBUS]
> IKE_SA=[01:00:00:00:00:00:00:00]: New IKE_SA IKE_SA=[01:00:00:00:00:00:00:00]
> PEER_IP=[192.168.1.1#500]�[01;37m
> �[01;37m[2007/03/30 13:57:04.909] �[01;37m[INFOR]
> IKE_SA=[01:00:00:00:00:00:00:00]: New IKE_SA�[01;37m
> �[00;37m Local peer:
> IP=[192.168.1.2]
> <ID> {
> id type = ID_IPV4_ADDR
> identification data = 192.168.1.2
> }
> �[01;37m
> �[00;37m Remote peer:
> IP=[192.168.1.1#500]
> <ID> {
> id type = ID_IPV4_ADDR
> identification data = 192.168.1.1
> }
> �[01;37m
> �[00;37m REKEY_TIME=[64]�[01;37m
> �[00;37m TIMEOUT=[5]�[01;37m
> �[00;37m RETRIES=[10]�[01;37m
> �[01;37m[2007/03/30 13:57:04.910] �[01;35m[HOPEN] ThreadController: Increment
> Half-open count: Count=[1]�[01;37m
> �[01;37m[2007/03/30 13:57:04.910] �[01;37m[INFOR] ThreadController: New
> IKE_SA_Controller added: SPI=[01:00:00:00:00:00:00:00] Count=[1]�[01;37m
> �[01;37m[2007/03/30 13:57:04.910] �[01;35m[THRDS] CommandExecuter[0]: Assigned
> to an IKE_SA=[01:00:00:00:00:00:00:00]�[01;37m
> �[01;37m[2007/03/30 13:57:04.910] �[01;35m[THRDS]
> IKE_SA=[01:00:00:00:00:00:00:00]: Processing
> command=[START_INIT_EX_COMMAND]�[01;37m
> �[01;37m[2007/03/30 13:57:04.964] �[01;34m[ALARM] Alarm=[B8:26:10:AC]: Alarm
> reset�[01;37m
> �[01;37m[2007/03/30 13:57:04.967] �[01;32m[MESSG]
> IKE_SA=[01:00:00:00:00:00:00:00]: Send: IKE_SA_INIT request�[01;37m
> �[00;32m <MESSAGE> {
> exchange type = IKE_SA_INIT
> message id = 0
> initiator spi = [01:00:00:00:00:00:00:00]
> responder spi = [00:00:00:00:00:00:00:00]
> protocol version = 2.0
> is original initiator? = YES
> is a response? = NO
> can use a higher major version? = NO
> <UNENCRYPTED PAYLOADS> {
> <PAYLOAD_SA> {
> <PROPOSAL> {
> proposal # = 1
> <PROTOCOL> {
> id = PROTO_IKE
> spi size = 0
> spi value = []
> <TRANSFORM> {
> type = ENCR
> id = ENCR_3DES
> }
> <TRANSFORM> {
> type = ENCR
> id = ENCR_DES
> }
> <TRANSFORM> {
> type = INTEG
> id = AUTH_HMAC_SHA1_96
> }
> <TRANSFORM> {
> type = INTEG
> id = AUTH_HMAC_MD5_96
> }
> <TRANSFORM> {
> type = PRF
> id = PRF_HMAC_MD5
> }
> <TRANSFORM> {
> type = DH
> id = 2
> }
> <TRANSFORM> {
> type = DH
> id = 1
> }
> }
> }
> }
> <PAYLOAD_KE> {
> gruop id = 2
> public key size = 128
> public key =
> [8A:95:8B:66:F8:8B:D5:73:A9:C4:FD:E9:3E:E4:40:23:
> B2:49:A0:1F:59:E6:E4:23:C2:C8:D7:FE:05:8F:77:C6:
> C6:2D:2A:6B:1E:83:A9:2C:BC:A1:20:EB:1E:4B:B3:E2:
> F4:2F:40:ED:C0:32:93:B4:8B:EA:CA:C8:1C:D7:CD:57:
> 68:F9:E1:9E:78:E1:50:B5:4F:65:EC:A2:E2:EC:DA:67:
> 75:46:DA:E0:A4:C9:04:C6:DE:A4:5D:59:0A:62:AA:78:
> A1:4F:CC:E5:9D:5E:E2:B0:F3:78:61:17:07:3F:2E:B7:
> C2:59:69:0D:34:92:74:49:8C:5B:16:DC:59:E1:42:C9]
> }
> <PAYLOAD_NONCE> {
> nonce length = 93
> nonce value =
> [AD:C4:D8:6C:7C:AC:E2:04:A9:0F:C9:DA:2E:BF:89:5B:
> 74:D4:21:E9:C4:98:B2:7C:CC:30:B8:F1:4E:D6:C0:C4:
> 95:9A:F1:81:FE:42:46:CA:03:52:B5:3F:CF:3B:A4:A6:
> 2C:8B:F1:1E:CA:FF:81:84:7C:C0:72:C1:BC:C0:07:77:
> FB:6A:32:60:97:F8:51:4B:17:9C:C6:FB:4C:75:ED:18:
> 4A:A4:6E:7A:56:69:BE:99:80:90:B1:C6:FE]
> }
> <PAYLOAD_VENDOR> {
> vendor id = openikev2-0.93
> }
> }
> <ENCRYPTED PAYLOADS> {
> }
> }
> �[01;37m
> �[01;37m[2007/03/30 13:57:04.967] �[01;34m[STATE]
> IKE_SA=[01:00:00:00:00:00:00:00]: Transition: [STATE_INITIAL --->
> STATE_IKE_SA_INIT_SENT]�[01;37m
> �[01;37m[2007/03/30 13:57:05.033] �[01;35m[THRDS] CommandExecuter[1]: Assigned
> to an IKE_SA=[01:00:00:00:00:00:00:00]�[01;37m
> �[01;37m[2007/03/30 13:57:05.033] �[01;35m[THRDS]
> IKE_SA=[01:00:00:00:00:00:00:00]: Processing command=[MESSAGE_COMMAND]�[01;37m
> �[01;37m[2007/03/30 13:57:05.034] �[01;32m[MESSG]
> IKE_SA=[01:00:00:00:00:00:00:00]: Recv: IKE_SA_INIT response�[01;37m
> �[00;32m <MESSAGE> {
> exchange type = IKE_SA_INIT
> message id = 0
> initiator spi = [01:00:00:00:00:00:00:00]
> responder spi = [01:00:00:00:00:00:00:00]
> protocol version = 2.0
> is original initiator? = NO
> is a response? = YES
> can use a higher major version? = NO
> <UNENCRYPTED PAYLOADS> {
> <PAYLOAD_SA> {
> <PROPOSAL> {
> proposal # = 1
> <PROTOCOL> {
> id = PROTO_IKE
> spi size = 0
> spi value = []
> <TRANSFORM> {
> type = ENCR
> id = ENCR_3DES
> }
> <TRANSFORM> {
> type = PRF
> id = PRF_HMAC_MD5
> }
> <TRANSFORM> {
> type = INTEG
> id = AUTH_HMAC_SHA1_96
> }
> <TRANSFORM> {
> type = DH
> id = 2
> }
> }
> }
> }
> <PAYLOAD_KE> {
> gruop id = 2
> public key size = 128
> public key =
> [6E:F7:0B:C0:97:35:31:BA:2D:28:BF:33:4C:2B:E7:04:
> F3:D6:03:DA:2A:B8:2D:0C:23:CC:FE:ED:AD:87:93:FC:
> DA:3E:D5:5F:E7:61:2A:2D:8E:1E:39:5C:DB:61:E9:D2:
> 7E:A9:CC:DD:C0:07:53:F5:6B:C9:72:97:02:B4:03:FD:
> B5:68:F7:F3:03:04:40:B2:BD:BF:A4:79:04:64:86:98:
> 18:AD:3A:C5:C3:19:70:6A:AF:7B:1E:B8:06:5B:7C:95:
> 48:F6:62:F1:89:CB:0D:DD:A8:4D:46:A8:BD:50:C1:F4:
> 02:88:22:0A:F9:07:4A:47:E9:1B:55:3B:5B:0C:98:5A]
> }
> <PAYLOAD_NONCE> {
> nonce length = 212
> nonce value =
> [9A:D9:4A:DE:29:D5:79:EF:D9:F7:95:E9:F0:B5:13:95:
> D3:69:05:B6:7D:73:6A:FE:36:94:4C:74:5F:5E:87:BB:
> 54:4A:D9:15:92:4E:2D:01:DF:AD:20:02:71:F3:E9:28:
> 41:5A:97:E1:0E:56:C6:18:BF:56:09:BE:C9:68:27:AC:
> 49:71:0E:1E:1F:B1:CF:58:51:9B:34:92:91:94:32:F2:
> 9F:49:93:F5:B5:E7:2F:2D:E3:C8:3B:02:BF:6A:F6:CA:
> 4A:34:8A:24:D9:53:E3:0B:3C:71:BF:DB:6B:4D:B9:CB:
> 97:EB:2B:60:33:49:EB:0B:2F:68:1B:07:7C:8B:AF:65:
> 4B:CC:0C:23:E0:51:1A:0A:9D:82:EF:63:2E:2F:FA:9C:
> A4:CE:C7:ED:ED:E2:AA:B7:F1:1F:32:E3:96:6B:3A:E8:
> 8F:13:D1:30:DF:3F:3E:AA:71:A5:74:23:F9:71:15:9C:
> 3A:23:0D:8D:20:9D:AD:9D:BB:B8:10:97:77:BF:71:BC:
> 2E:17:18:A5:68:3D:EE:3F:E2:8C:7C:6B:04:AD:EA:B0:
> 4A:AA:4C:72]
> }
> <PAYLOAD_VENDOR> {
> vendor id = openikev2-0.93
> }
> }
> <ENCRYPTED PAYLOADS> {
> }
> }
> �[01;37m
> �[01;37m[2007/03/30 13:57:05.034] �[01;37m[INFOR]
> IKE_SA=[01:00:00:00:00:00:00:00]: Peer indicates its vendor ID�[01;37m
> �[00;37m [6F:70:65:6E:69:6B:65:76:32:2D:30:2E:39:33]�[01;37m
> �[01;37m[2007/03/30 13:57:05.092] �[01;36m[CRYPT]
> IKE_SA=[01:00:00:00:00:00:00:00]: New shared secret�[01;37m
> �[00;36m
> [C6:A7:54:46:39:B6:B6:15:C0:A8:0A:0F:D5:03:F2:F3:
> 3F:D3:E8:75:2C:ED:F8:85:1A:DB:B3:72:E9:14:F9:3D:
> 8E:64:52:52:F7:F7:62:2A:4E:F6:C1:35:A6:88:00:A9:
> DE:34:47:EA:3D:34:AB:B9:C1:5D:AC:FA:5B:C5:77:13:
> 22:C0:2C:18:A3:A0:8D:7D:8D:32:3D:04:F7:F1:D1:7C:
> FA:42:A6:AF:4A:60:8C:9E:FB:8F:4D:F1:7D:21:0F:24:
> 48:DE:36:3A:34:93:4A:29:C9:E0:B9:EC:9C:3F:1F:9C:
> 6E:B3:E0:6D:B7:65:92:86:A2:1D:C8:21:81:C3:C5:19]�[01;37m
> �[01;37m[2007/03/30 13:57:05.092] �[01;36m[CRYPT]
> IKE_SA=[01:00:00:00:00:00:00:00]: New IKE keying material�[01;37m
> �[00;36m <KEY_RING> {
> SKEYSEED = [BA:7F:B3:E0:7A:B3:4B:00:DF:B5:23:A3:89:80:1F:BE]
> SK_d = [49:88:59:EC:C7:BD:86:4E:B8:0D:4B:CD:BE:D6:ED:22]
> SK_ai = [61:F9:0B:56:E6:66:36:93:06:3E:60:D3:D0:21:17:E9:FE:BA:19:E5]
> SK_ar = [E8:AB:C5:FE:A2:4C:31:8D:48:EE:32:AC:E0:D6:5E:B0:EA:60:56:4A]
> SK_ei =
> [F1:5A:C6:37:89:CF:EE:E0:40:1C:CD:3B:9F:D0:16:BB:A6:DD:42:86:2D:23:29:DF]
> SK_er =
> [7F:79:C6:70:94:10:B3:7A:43:07:1D:C8:6C:25:C5:B7:10:E7:31:8B:A9:2F:7C:FD]
> SK_pi = [17:76:FB:83:33:CE:1C:F7:2E:F7:19:28:C5:B2:69:D0]
> SK_pr = [17:03:DC:A1:06:CE:95:90:29:F5:E1:90:4E:65:5B:8F]
> }
> �[01;37m
> �[01;37m[2007/03/30 13:57:05.093] �[01;34m[ALARM] Alarm=[B8:26:10:AC]: Alarm
> disabled�[01;37m
> �[01;37m[2007/03/30 13:57:05.093] �[01;35m[THRDS] CommandExecuter[2]: Assigned
> to an IKE_SA=[01:00:00:00:00:00:00:00]�[01;37m
> �[01;37m[2007/03/30 13:57:05.093] �[01;35m[THRDS]
> IKE_SA=[01:00:00:00:00:00:00:00]: Processing
> command=[START_AUTH_EX_COMMAND]�[01;37m
> �[01;37m[2007/03/30 13:57:05.093] �[00;33m[EVBUS] EventBus: New CHILD_SA
> IKE_SA=[01:00:00:00:00:00:00:00] PEER_IP=[192.168.1.1#500]
> CHILD_SA=[CF:90:5A:7E]�[01;37m
> �[01;37m[2007/03/30 13:57:05.093] �[01;34m[ALARM] Alarm=[B8:26:10:AC]: Alarm
> reset�[01;37m
> �[01;37m[2007/03/30 13:57:05.093] �[01;32m[MESSG]
> IKE_SA=[01:00:00:00:00:00:00:00]: Send: IKE_AUTH request�[01;37m
> �[00;32m <MESSAGE> {
> exchange type = IKE_AUTH
> message id = 1
> initiator spi = [01:00:00:00:00:00:00:00]
> responder spi = [01:00:00:00:00:00:00:00]
> protocol version = 2.0
> is original initiator? = YES
> is a response? = NO
> can use a higher major version? = NO
> <UNENCRYPTED PAYLOADS> {
> }
> <ENCRYPTED PAYLOADS> {
> <PAYLOAD_NOTIFY> {
> type = USE_TRANSPORT_MODE
> protocol id = PROTO_NONE
> spi size = 0
> spi value = []
> data size = 0
> data = []
> }
> <PAYLOAD_ID> {
> type = IDi
> <ID> {
> id type = ID_IPV4_ADDR
> identification data = 192.168.1.2
> }
> <PAYLOAD_AUTH> {
> method = AUTH_METHOD_PSK
> authentication field =
> [EB:4B:33:8B:90:3A:4D:52:53:D8:DF:47:5C:72:38:CE]
> }
> <PAYLOAD_SA> {
> <PROPOSAL> {
> proposal # = 1
> <PROTOCOL> {
> id = PROTO_ESP
> spi size = 4
> spi value = [CF:90:5A:7E]
> <TRANSFORM> {
> type = ENCR
> id = ENCR_3DES
> }
> <TRANSFORM> {
> type = ENCR
> id = ENCR_DES
> }
> <TRANSFORM> {
> type = INTEG
> id = AUTH_HMAC_SHA1_96
> }
> }
> }
> }
> <PAYLOAD_TS> {
> type = TSi
> <TRAFFIC_SELECTOR> {
> type = TS_IPV4_ADDR_RANGE
> ip protocol = ICMP
> type/code range = 8/0-8/255
> start address = [C0:A8:01:02]
> end address = [C0:A8:01:02]
> }
> <TRAFFIC_SELECTOR> {
> type = TS_IPV4_ADDR_RANGE
> ip protocol = ICMP
> type/code range = 0/0-255/255
> start address = [C0:A8:01:00]
> end address = [C0:A8:01:FF]
> }
> }
> <PAYLOAD_TS> {
> type = TSr
> <TRAFFIC_SELECTOR> {
> type = TS_IPV4_ADDR_RANGE
> ip protocol = ICMP
> type/code range = 8/0-8/255
> start address = [C0:A8:01:01]
> end address = [C0:A8:01:01]
> }
> <TRAFFIC_SELECTOR> {
> type = TS_IPV4_ADDR_RANGE
> ip protocol = ICMP
> type/code range = 0/0-255/255
> start address = [C0:A8:01:00]
> end address = [C0:A8:01:FF]
> }
> }
> }
> }
> �[01;37m
> �[01;37m[2007/03/30 13:57:05.095] �[01;34m[STATE]
> IKE_SA=[01:00:00:00:00:00:00:00]: Transition: [STATE_IKE_SA_INIT_SENT --->
> STATE_IKE_AUTH_SENT]�[01;37m
> �[01;37m[2007/03/30 13:57:05.099] �[01;35m[THRDS] CommandExecuter[3]: Assigned
> to an IKE_SA=[01:00:00:00:00:00:00:00]�[01;37m
> �[01;37m[2007/03/30 13:57:05.099] �[01;35m[THRDS]
> IKE_SA=[01:00:00:00:00:00:00:00]: Processing command=[MESSAGE_COMMAND]�[01;37m
> �[01;37m[2007/03/30 13:57:05.099] �[01;32m[MESSG]
> IKE_SA=[01:00:00:00:00:00:00:00]: Recv: IKE_AUTH response�[01;37m
> �[00;32m <MESSAGE> {
> exchange type = IKE_AUTH
> message id = 1
> initiator spi = [01:00:00:00:00:00:00:00]
> responder spi = [01:00:00:00:00:00:00:00]
> protocol version = 2.0
> is original initiator? = NO
> is a response? = YES
> can use a higher major version? = NO
> <UNENCRYPTED PAYLOADS> {
> }
> <ENCRYPTED PAYLOADS> {
> <PAYLOAD_NOTIFY> {
> type = AUTHENTICATION_FAILED
> protocol id = PROTO_NONE
> spi size = 0
> spi value = []
> data size = 0
> data = []
> }
> }
> }
> �[01;37m
> �[01;37m[2007/03/30 13:57:05.100] �[01;31m[ERROR]
> IKE_SA=[01:00:00:00:00:00:00:00]: AUTHENTICATION FAILED: Peer does not
> authenticaticate us�[01;37m
> �[01;37m[2007/03/30 13:57:05.100] �[00;33m[EVBUS] EventBus: IKE_SA Fail
> IKE_SA=[01:00:00:00:00:00:00:00] PEER_IP=[192.168.1.1#500]
> reason=[authentication failed]�[01;37m
> �[01;37m[2007/03/30 13:57:05.100] �[00;33m[EVBUS] EventBus: IKE_SA Fail
> IKE_SA=[01:00:00:00:00:00:00:00] PEER_IP=[192.168.1.1#500] reason=[generic
> fail]�[01;37m
> �[01;37m[2007/03/30 13:57:05.100] �[01;37m[INFOR] ThreadController: Delete
> IKE_SA_Controller: SPI=[01:00:00:00:00:00:00:00] Count=[0]�[01;37m
> �[01;37m[2007/03/30 13:57:05.100] �[00;33m[EVBUS] EventBus: Delete IKE_SA
> IKE_SA=[01:00:00:00:00:00:00:00] PEER_IP=[192.168.1.1#500]�[01;37m
> �[01;37m[2007/03/30 13:57:05.100] �[01;35m[HOPEN] ThreadController: Decrement
> Half-open count: Count=[0]�[01;37m
> �[01;37m[2007/03/30 13:57:05.100] �[01;34m[ALARM] AlarmController: Remove alarm:
> Alarm Id=[[B8:26:10:AC]] Total Alarms=[3]�[01;37m
> �[01;37m[2007/03/30 13:57:05.100] �[01;34m[ALARM] Alarm=[B8:26:10:AC]: Alarm
> deleted�[01;37m
> �[01;37m[2007/03/30 13:57:05.100] �[01;34m[ALARM] AlarmController: Remove alarm:
> Alarm Id=[[00:27:10:AC]] Total Alarms=[2]�[01;37m
> �[01;37m[2007/03/30 13:57:05.100] �[01;34m[ALARM] Alarm=[00:27:10:AC]: Alarm
> deleted�[01;37m
> �[01;37m[2007/03/30 13:57:05.100] �[01;34m[ALARM] AlarmController: Remove alarm:
> Alarm Id=[[78:27:10:AC]] Total Alarms=[1]�[01;37m
> �[01;37m[2007/03/30 13:57:05.101] �[01;34m[ALARM] Alarm=[78:27:10:AC]: Alarm
> deleted�[01;37m
> �[01;37m[2007/03/30 13:57:05.101] �[01;37m[INFOR]
> IKE_SA=[01:00:00:00:00:00:00:00]: IKE_SA deleted�[01;37m
> �[01;37m[2007/03/30 13:57:34.908] �[01;36m[IPSEC] IPSecController: Recv HARD
> expiration: Child SA SPI=[CF:90:5A:7E]�[01;37m
> �[01;37m[2007/03/30 13:57:34.908] �[01;33m[WARNG] IPSecController: Does not
> exist any IKE_SA with this peer address.�[01;37m
> �[01;37m[2007/03/30 13:57:36.907] �[01;36m[IPSEC] IPSecController: Recv acquire:
> Policy=[385]�[01;37m
> �[00;36m SRC=[192.168.1.2]�[01;37m
> �[00;36m DST=[192.168.1.1]�[01;37m
> �[00;36m SEL SRC=[192.168.1.2]�[01;37m
> �[00;36m SEL DST=[192.168.1.1]�[01;37m
> �[00;36m SEL PROTO=[ICMP]�[01;37m
> �[00;36m SEL SRC PORT=[8]�[01;37m
> �[00;36m SEL DST PORT=[0]�[01;37m
> �[00;36m <IPSEC_POLICY> {
> id = 385
> direction = DIR_OUT
> SRC SELECTOR ADDRESS = 192.168.1.0/24
> DST SELECTOR ADDRESS = 192.168.1.0/24
> ip protocol = ICMP
> icmp type = 0
> icmp code = 0
> <SA_REQUEST> {
> mode = TRANSPORT_MODE
> ipsec protocol = PROTO_ESP
> level = LEVEL_REQUIRE
> request id = 0
> }
> }
> �[01;37m
> �[01;37m[2007/03/30 13:57:36.908] �[01;37m[INFOR] ThreadController:
> IKE_SA_Controller for IP=[192.168.1.1#500] does not exist. Creating a new
> one�[01;37m
> �[01;37m[2007/03/30 13:57:36.909] �[01;34m[ALARM] Alarm=[C8:26:10:AC]: New Alarm
> created�[01;37m
> �[01;37m[2007/03/30 13:57:36.909] �[01;34m[ALARM] Alarm=[10:27:10:AC]: New Alarm
> created�[01;37m
> �[01;37m[2007/03/30 13:57:36.909] �[01;34m[ALARM] Alarm=[00:28:10:AC]: New Alarm
> created�[01;37m
> �[01;37m[2007/03/30 13:57:36.909] �[01;34m[ALARM] AlarmController: Register
> alarm: Alarm Id=[C8:26:10:AC] Total Alarms=[1]�[01;37m
> �[01;37m[2007/03/30 13:57:36.909] �[01;34m[ALARM] AlarmController: Register
> alarm: Alarm Id=[10:27:10:AC] Total Alarms=[2]�[01;37m
> �[01;37m[2007/03/30 13:57:36.909] �[01;34m[ALARM] AlarmController: Register
> alarm: Alarm Id=[00:28:10:AC] Total Alarms=[3]�[01;37m
> �[01;37m[2007/03/30 13:57:36.909] �[00;33m[EVBUS]
> IKE_SA=[02:00:00:00:00:00:00:00]: New IKE_SA IKE_SA=[02:00:00:00:00:00:00:00]
> PEER_IP=[192.168.1.1#500]�[01;37m
> �[01;37m[2007/03/30 13:57:36.909] �[01;37m[INFOR]
> IKE_SA=[02:00:00:00:00:00:00:00]: New IKE_SA�[01;37m
> �[00;37m Local peer:
> IP=[192.168.1.2]
> <ID> {
> id type = ID_IPV4_ADDR
> identification data = 192.168.1.2
> }
> �[01;37m
> �[00;37m Remote peer:
> IP=[192.168.1.1#500]
> <ID> {
> id type = ID_IPV4_ADDR
> identification data = 192.168.1.1
> }
> �[01;37m
> �[00;37m REKEY_TIME=[55]�[01;37m
> �[00;37m TIMEOUT=[5]�[01;37m
> �[00;37m RETRIES=[10]�[01;37m
> �[01;37m[2007/03/30 13:57:36.909] �[01;35m[HOPEN] ThreadController: Increment
> Half-open count: Count=[1]�[01;37m
> �[01;37m[2007/03/30 13:57:36.910] �[01;37m[INFOR] ThreadController: New
> IKE_SA_Controller added: SPI=[02:00:00:00:00:00:00:00] Count=[1]�[01;37m
> �[01;37m[2007/03/30 13:57:36.910] �[01;35m[THRDS] CommandExecuter[4]: Assigned
> to an IKE_SA=[02:00:00:00:00:00:00:00]�[01;37m
> �[01;37m[2007/03/30 13:57:36.910] �[01;35m[THRDS]
> IKE_SA=[02:00:00:00:00:00:00:00]: Processing
> command=[START_INIT_EX_COMMAND]�[01;37m
> �[01;37m[2007/03/30 13:57:36.933] �[01;34m[ALARM] Alarm=[C8:26:10:AC]: Alarm
> reset�[01;37m
> �[01;37m[2007/03/30 13:57:36.933] �[01;32m[MESSG]
> IKE_SA=[02:00:00:00:00:00:00:00]: Send: IKE_SA_INIT request�[01;37m
> �[00;32m <MESSAGE> {
> exchange type = IKE_SA_INIT
> message id = 0
> initiator spi = [02:00:00:00:00:00:00:00]
> responder spi = [00:00:00:00:00:00:00:00]
> protocol version = 2.0
> is original initiator? = YES
> is a response? = NO
> can use a higher major version? = NO
> <UNENCRYPTED PAYLOADS> {
> <PAYLOAD_SA> {
> <PROPOSAL> {
> proposal # = 1
> <PROTOCOL> {
> id = PROTO_IKE
> spi size = 0
> spi value = []
> <TRANSFORM> {
> type = ENCR
> id = ENCR_3DES
> }
> <TRANSFORM> {
> type = ENCR
> id = ENCR_DES
> }
> <TRANSFORM> {
> type = INTEG
> id = AUTH_HMAC_SHA1_96
> }
> <TRANSFORM> {
> type = INTEG
> id = AUTH_HMAC_MD5_96
> }
> <TRANSFORM> {
> type = PRF
> id = PRF_HMAC_MD5
> }
> <TRANSFORM> {
> type = DH
> id = 2
> }
> <TRANSFORM> {
> type = DH
> id = 1
> }
> }
> }
> }
> <PAYLOAD_KE> {
> gruop id = 2
> public key size = 128
> public key =
> [DD:CE:FF:D5:E0:FC:40:D7:89:83:CB:35:3C:02:FD:7F:
> 31:A5:93:04:60:94:46:82:10:38:3A:BD:0B:F2:52:CF:
> 44:9F:BF:B0:89:CD:D6:67:99:53:63:9C:3D:65:EC:58:
> B6:D1:0C:04:F8:AF:60:6B:0C:4D:F1:8E:0C:C2:73:E6:
> 98:B6:86:11:8F:4C:24:94:81:64:32:B8:4F:4A:12:0F:
> 21:BF:39:D8:88:14:92:81:BB:70:72:DE:6F:87:00:AE:
> CE:56:31:B8:94:B1:A3:64:73:3B:0B:C3:59:A3:B3:48:
> BF:41:2A:25:77:34:87:C9:58:C6:B0:78:2D:33:88:4A]
> }
> <PAYLOAD_NONCE> {
> nonce length = 121
> nonce value =
> [17:B2:2B:59:4A:45:76:CA:00:44:8B:96:3D:64:52:FE:
> 86:86:C7:6D:C2:97:58:43:99:70:94:02:F1:7B:C4:A3:
> 9C:C0:6E:10:F1:94:83:AC:50:7C:A3:6C:40:30:1C:5A:
> 0B:14:63:4E:A4:E3:F9:8D:6C:D9:18:25:91:F9:B6:14:
> D5:F5:51:3B:C1:15:69:DC:EA:4F:48:8E:9C:0F:80:F6:
> 09:F7:C9:45:1F:6B:55:0E:30:67:7B:F6:79:19:BE:3E:
> 28:42:5F:27:A7:CD:06:77:5B:8B:6A:01:F8:9F:65:CA:
> AA:C1:F5:D5:F0:3B:09:F3:AA]
> }
> <PAYLOAD_VENDOR> {
> vendor id = openikev2-0.93
> }
> }
> <ENCRYPTED PAYLOADS> {
> }
> }
> �[01;37m
> �[01;37m[2007/03/30 13:57:36.934] �[01;34m[STATE]
> IKE_SA=[02:00:00:00:00:00:00:00]: Transition: [STATE_INITIAL --->
> STATE_IKE_SA_INIT_SENT]�[01;37m
> �[01;37m[2007/03/30 13:57:37.001] �[01;35m[THRDS] CommandExecuter[5]: Assigned
> to an IKE_SA=[02:00:00:00:00:00:00:00]�[01;37m
> �[01;37m[2007/03/30 13:57:37.001] �[01;35m[THRDS]
> IKE_SA=[02:00:00:00:00:00:00:00]: Processing command=[MESSAGE_COMMAND]�[01;37m
> �[01;37m[2007/03/30 13:57:37.001] �[01;32m[MESSG]
> IKE_SA=[02:00:00:00:00:00:00:00]: Recv: IKE_SA_INIT response�[01;37m
> �[00;32m <MESSAGE> {
> exchange type = IKE_SA_INIT
> message id = 0
> initiator spi = [02:00:00:00:00:00:00:00]
> responder spi = [02:00:00:00:00:00:00:00]
> protocol version = 2.0
> is original initiator? = NO
> is a response? = YES
> can use a higher major version? = NO
> <UNENCRYPTED PAYLOADS> {
> <PAYLOAD_SA> {
> <PROPOSAL> {
> proposal # = 1
> <PROTOCOL> {
> id = PROTO_IKE
> spi size = 0
> spi value = []
> <TRANSFORM> {
> type = ENCR
> id = ENCR_3DES
> }
> <TRANSFORM> {
> type = PRF
> id = PRF_HMAC_MD5
> }
> <TRANSFORM> {
> type = INTEG
> id = AUTH_HMAC_SHA1_96
> }
> <TRANSFORM> {
> type = DH
> id = 2
> }
> }
> }
> }
> <PAYLOAD_KE> {
> gruop id = 2
> public key size = 128
> public key =
> [15:24:56:AD:D6:A2:D9:C6:31:BF:65:C8:65:8A:CE:CD:
> 5A:75:23:98:53:0A:A4:E3:46:B2:3C:97:5D:74:68:E0:
> AF:E9:DB:25:85:D7:7F:E0:96:28:36:FF:CA:42:CB:9C:
> 42:35:63:4D:04:70:CD:8B:1C:A3:CB:7D:0C:1D:B5:5C:
> 89:F9:D3:E4:FB:61:17:11:B4:D1:1D:06:A2:27:9A:54:
> 18:0D:DF:98:94:85:83:AE:E1:42:1C:4F:19:1D:3E:EF:
> 0A:91:60:EF:9B:20:7D:D1:A3:1C:B0:E8:A3:F3:3E:8D:
> 34:D5:7D:B8:BA:C8:CB:FD:EB:92:1E:62:A5:C0:25:7D]
> }
> <PAYLOAD_NONCE> {
> nonce length = 152
> nonce value =
> [B1:D1:6F:40:E5:6A:6E:BD:46:0C:F4:2F:DE:76:F6:96:
> F0:DB:35:BB:28:5E:93:61:9C:07:BF:DD:31:8B:EE:48:
> 51:1C:B7:4E:60:2C:28:CF:6B:22:4D:33:8B:5A:05:45:
> 3A:E3:A9:7C:38:05:02:91:A7:F7:B4:3C:18:48:7E:E1:
> 1B:52:79:71:4A:6B:65:07:4A:4F:75:9C:FF:8D:E2:35:
> 1E:9C:B4:F3:B5:37:57:2D:8E:B3:99:50:05:CB:42:8E:
> F7:A5:CC:35:69:0F:6D:2B:8C:28:D3:84:BA:BE:02:69:
> E6:C4:EC:01:C5:D6:07:91:87:2D:69:E6:A4:B8:5F:8D:
> 07:23:9E:5C:26:F1:DC:03:6F:A2:C2:FC:2A:35:37:33:
> 7B:5A:EC:68:A4:8D:AC:A0]
> }
> <PAYLOAD_VENDOR> {
> vendor id = openikev2-0.93
> }
> }
> <ENCRYPTED PAYLOADS> {
> }
> }
> �[01;37m
> �[01;37m[2007/03/30 13:57:37.002] �[01;37m[INFOR]
> IKE_SA=[02:00:00:00:00:00:00:00]: Peer indicates its vendor ID�[01;37m
> �[00;37m [6F:70:65:6E:69:6B:65:76:32:2D:30:2E:39:33]�[01;37m
> �[01;37m[2007/03/30 13:57:37.057] �[01;36m[CRYPT]
> IKE_SA=[02:00:00:00:00:00:00:00]: New shared secret�[01;37m
> �[00;36m
> [B5:07:68:CE:69:4E:21:B9:31:6B:DC:1F:E0:E2:5F:8A:
> 98:AE:BE:B7:DD:8B:A1:06:2E:63:20:B6:FD:2F:C0:DA:
> 7B:15:E3:E0:44:E7:DC:34:DA:03:CC:16:9E:D8:D1:F4:
> F7:78:0B:C3:22:9C:5E:87:2B:82:83:8C:9C:AA:01:04:
> CA:B3:17:CA:A4:01:5F:9E:B7:F8:ED:19:A5:C8:61:B8:
> E5:3B:F2:22:DF:FC:D8:0A:88:11:F3:C4:2D:10:DF:57:
> 8E:68:E7:C6:30:BA:C5:35:91:07:B9:91:C9:47:24:D8:
> 92:A8:82:E1:6A:28:F1:81:05:68:28:3B:C3:8F:B2:70]�[01;37m
> �[01;37m[2007/03/30 13:57:37.057] �[01;36m[CRYPT]
> IKE_SA=[02:00:00:00:00:00:00:00]: New IKE keying material�[01;37m
> �[00;36m <KEY_RING> {
> SKEYSEED = [3D:2C:A9:79:54:AD:0E:DC:93:C2:68:00:CB:82:8B:76]
> SK_d = [97:80:40:80:A0:E8:53:F9:26:CA:0B:82:A0:AF:3F:5F]
> SK_ai = [F4:EE:9D:0D:0E:E9:61:47:07:DF:99:7A:06:6B:E5:1A:90:89:1E:13]
> SK_ar = [3B:4E:65:80:85:81:66:29:28:6C:22:8C:E5:D9:1A:13:1B:10:F6:DB]
> SK_ei =
> [36:FC:A1:29:DA:0C:BC:D2:05:49:0B:F9:CD:59:35:73:E3:98:E7:F0:3C:56:2F:F4]
> SK_er =
> [E6:7E:B3:72:A3:FC:96:63:1B:63:19:8D:E1:46:57:66:85:A1:5C:48:3E:93:12:F6]
> SK_pi = [56:D1:61:95:45:9E:2F:C0:09:18:72:20:7A:4A:AE:78]
> SK_pr = [79:D0:6C:C4:54:5C:B2:EE:EF:F7:CB:C4:F0:F0:EB:DB]
> }
> �[01;37m
> �[01;37m[2007/03/30 13:57:37.058] �[01;34m[ALARM] Alarm=[C8:26:10:AC]: Alarm
> disabled�[01;37m
> �[01;37m[2007/03/30 13:57:37.058] �[01;35m[THRDS] CommandExecuter[6]: Assigned
> to an IKE_SA=[02:00:00:00:00:00:00:00]�[01;37m
> �[01;37m[2007/03/30 13:57:37.058] �[01;35m[THRDS]
> IKE_SA=[02:00:00:00:00:00:00:00]: Processing
> command=[START_AUTH_EX_COMMAND]�[01;37m
> �[01;37m[2007/03/30 13:57:37.058] �[00;33m[EVBUS] EventBus: New CHILD_SA
> IKE_SA=[02:00:00:00:00:00:00:00] PEER_IP=[192.168.1.1#500]
> CHILD_SA=[3B:42:F1:F4]�[01;37m
> �[01;37m[2007/03/30 13:57:37.058] �[01;34m[ALARM] Alarm=[C8:26:10:AC]: Alarm
> reset�[01;37m
> �[01;37m[2007/03/30 13:57:37.058] �[01;32m[MESSG]
> IKE_SA=[02:00:00:00:00:00:00:00]: Send: IKE_AUTH request�[01;37m
> �[00;32m <MESSAGE> {
> exchange type = IKE_AUTH
> message id = 1
> initiator spi = [02:00:00:00:00:00:00:00]
> responder spi = [02:00:00:00:00:00:00:00]
> protocol version = 2.0
> is original initiator? = YES
> is a response? = NO
> can use a higher major version? = NO
> <UNENCRYPTED PAYLOADS> {
> }
> <ENCRYPTED PAYLOADS> {
> <PAYLOAD_NOTIFY> {
> type = USE_TRANSPORT_MODE
> protocol id = PROTO_NONE
> spi size = 0
> spi value = []
> data size = 0
> data = []
> }
> <PAYLOAD_ID> {
> type = IDi
> <ID> {
> id type = ID_IPV4_ADDR
> identification data = 192.168.1.2
> }
> <PAYLOAD_AUTH> {
> method = AUTH_METHOD_PSK
> authentication field =
> [A5:30:18:28:CB:84:62:24:FA:4A:13:B1:84:B9:D2:0A]
> }
> <PAYLOAD_SA> {
> <PROPOSAL> {
> proposal # = 1
> <PROTOCOL> {
> id = PROTO_ESP
> spi size = 4
> spi value = [3B:42:F1:F4]
> <TRANSFORM> {
> type = ENCR
> id = ENCR_3DES
> }
> <TRANSFORM> {
> type = ENCR
> id = ENCR_DES
> }
> <TRANSFORM> {
> type = INTEG
> id = AUTH_HMAC_SHA1_96
> }
> }
> }
> }
> <PAYLOAD_TS> {
> type = TSi
> <TRAFFIC_SELECTOR> {
> type = TS_IPV4_ADDR_RANGE
> ip protocol = ICMP
> type/code range = 8/0-8/255
> start address = [C0:A8:01:02]
> end address = [C0:A8:01:02]
> }
> <TRAFFIC_SELECTOR> {
> type = TS_IPV4_ADDR_RANGE
> ip protocol = ICMP
> type/code range = 0/0-255/255
> start address = [C0:A8:01:00]
> end address = [C0:A8:01:FF]
> }
> }
> <PAYLOAD_TS> {
> type = TSr
> <TRAFFIC_SELECTOR> {
> type = TS_IPV4_ADDR_RANGE
> ip protocol = ICMP
> type/code range = 8/0-8/255
> start address = [C0:A8:01:01]
> end address = [C0:A8:01:01]
> }
> <TRAFFIC_SELECTOR> {
> type = TS_IPV4_ADDR_RANGE
> ip protocol = ICMP
> type/code range = 0/0-255/255
> start address = [C0:A8:01:00]
> end address = [C0:A8:01:FF]
> }
> }
> }
> }
> �[01;37m
> �[01;37m[2007/03/30 13:57:37.060] �[01;34m[STATE]
> IKE_SA=[02:00:00:00:00:00:00:00]: Transition: [STATE_IKE_SA_INIT_SENT --->
> STATE_IKE_AUTH_SENT]�[01;37m
> �[01;37m[2007/03/30 13:57:37.063] �[01;35m[THRDS] CommandExecuter[7]: Assigned
> to an IKE_SA=[02:00:00:00:00:00:00:00]�[01;37m
> �[01;37m[2007/03/30 13:57:37.064] �[01;35m[THRDS]
> IKE_SA=[02:00:00:00:00:00:00:00]: Processing command=[MESSAGE_COMMAND]�[01;37m
> �[01;37m[2007/03/30 13:57:37.064] �[01;32m[MESSG]
> IKE_SA=[02:00:00:00:00:00:00:00]: Recv: IKE_AUTH response�[01;37m
> �[00;32m <MESSAGE> {
> exchange type = IKE_AUTH
> message id = 1
> initiator spi = [02:00:00:00:00:00:00:00]
> responder spi = [02:00:00:00:00:00:00:00]
> protocol version = 2.0
> is original initiator? = NO
> is a response? = YES
> can use a higher major version? = NO
> <UNENCRYPTED PAYLOADS> {
> }
> <ENCRYPTED PAYLOADS> {
> <PAYLOAD_NOTIFY> {
> type = AUTHENTICATION_FAILED
> protocol id = PROTO_NONE
> spi size = 0
> spi value = []
> data size = 0
> data = []
> }
> }
> }
> �[01;37m
> �[01;37m[2007/03/30 13:57:37.064] �[01;31m[ERROR]
> IKE_SA=[02:00:00:00:00:00:00:00]: AUTHENTICATION FAILED: Peer does not
> authenticaticate us�[01;37m
> �[01;37m[2007/03/30 13:57:37.064] �[00;33m[EVBUS] EventBus: IKE_SA Fail
> IKE_SA=[02:00:00:00:00:00:00:00] PEER_IP=[192.168.1.1#500]
> reason=[authentication failed]�[01;37m
> �[01;37m[2007/03/30 13:57:37.064] �[00;33m[EVBUS] EventBus: IKE_SA Fail
> IKE_SA=[02:00:00:00:00:00:00:00] PEER_IP=[192.168.1.1#500] reason=[generic
> fail]�[01;37m
> �[01;37m[2007/03/30 13:57:37.064] �[01;37m[INFOR] ThreadController: Delete
> IKE_SA_Controller: SPI=[02:00:00:00:00:00:00:00] Count=[0]�[01;37m
> �[01;37m[2007/03/30 13:57:37.064] �[00;33m[EVBUS] EventBus: Delete IKE_SA
> IKE_SA=[02:00:00:00:00:00:00:00] PEER_IP=[192.168.1.1#500]�[01;37m
> �[01;37m[2007/03/30 13:57:37.064] �[01;35m[HOPEN] ThreadController: Decrement
> Half-open count: Count=[0]�[01;37m
> �[01;37m[2007/03/30 13:57:37.064] �[01;34m[ALARM] AlarmController: Remove alarm:
> Alarm Id=[[C8:26:10:AC]] Total Alarms=[3]�[01;37m
> �[01;37m[2007/03/30 13:57:37.064] �[01;34m[ALARM] Alarm=[C8:26:10:AC]: Alarm
> deleted�[01;37m
> �[01;37m[2007/03/30 13:57:37.064] �[01;34m[ALARM] AlarmController: Remove alarm:
> Alarm Id=[[10:27:10:AC]] Total Alarms=[2]�[01;37m
> �[01;37m[2007/03/30 13:57:37.065] �[01;34m[ALARM] Alarm=[10:27:10:AC]: Alarm
> deleted�[01;37m
> �[01;37m[2007/03/30 13:57:37.065] �[01;34m[ALARM] AlarmController: Remove alarm:
> Alarm Id=[[00:28:10:AC]] Total Alarms=[1]�[01;37m
> �[01;37m[2007/03/30 13:57:37.065] �[01;34m[ALARM] Alarm=[00:28:10:AC]: Alarm
> deleted�[01;37m
> �[01;37m[2007/03/30 13:57:37.065] �[01;37m[INFOR]
> IKE_SA=[02:00:00:00:00:00:00:00]: IKE_SA deleted�[01;37m
> �[01;37m[2007/03/30 13:58:06.913] �[01;36m[IPSEC] IPSecController: Recv HARD
> expiration: Child SA SPI=[3B:42:F1:F4]�[01;37m
> �[01;37m[2007/03/30 13:58:06.913] �[01;33m[WARNG] IPSecController: Does not
> exist any IKE_SA with this peer address.�[01;37m
>
>
>
>
> ----------------------------------------------------------------
> This message was sent using IMP, the Internet Messaging Program.
_______________________________________________
openikev2-users mailing list
openikev2-users@dif.um.es
https://correo.dif.um.es/cgi-bin/mailman/listinfo/openikev2-users
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic