FreeBSD Mail Archives

Date:      Wed, 22 Nov 2000 00:50:41 -0800
From:      Boris <koester@x-itec.de>
To:        Josh Tiefenbach <josh@zipperup.org>
Cc:        freebsd-net@FreeBSD.ORG
Subject:   Re[2]: IPSEC Win2k
Message-ID:  <1563982125.20001122005041@x-itec.de>
In-Reply-To: <20001121124847.F37765@zipperup.org>
References:  <838997467.20001121113524@x-itec.de> <20001121124847.F37765@zipperup.org>

Hello Josh,

Tuesday, November 21, 2000, 9:48:48 AM, you wrote:



>>   I try to setup a connection between my FreeBSD Server
>>   and my Win2k server box. two machines, nothing special.

JT> By sheer coincidence, I did this just the other day.

cool -) Now i have understand something more, but i have a problem, again no connection available, details
coming now.


JT> Plus, you dont say which version of FreeBSD you are using. IIRC, only FreeBSD
JT> 4.x-STABLE supports IKE (using racoon).

FreeBSD 4.1.1 and latest version of racoon

JT> Here is a small writeup that I did for someone else on how to have BSD
JT> and Win2k talk to each other using IPsec.


JT> 2. On the FreeBSD machine, do the following (presuming that the FreeBSD
JT> machine is 1.2.3.4 and the win2k machine is 5.6.7.8)

JT>         setkey -FP # Note. This and the next line will delete all previous SPD
JT>         setkey -F  # entries.
JT>         setkey -c << EOF
JT>         spdadd 1.2.3.4/32 5.6.7.8/32 any -P out ipsec
JT>         esp/transport/1.2.3.4-5.6.7.8/require;
JT>         spdadd 5.6.7.8/32 1.2.3.4/32 any -P in ipsec
JT>         esp/transport/5.6.7.8-1.2.3.4/require;

ok, i have used this:

#! /bin/sh
#
    setkey -FP # Note. This and the next line will delete all previous SPD
        setkey -F  # entries.
        setkey -c << EOF
        spdadd 192.168.0.99/32 192.168.0.1 any -P out ipsec
        esp/transport/192.168.0.99-192.168.0.1/require;
        spdadd 192.168.0.1/32 192.168.0.99/32 any -P in ipsec
        esp/transport/192.168.0.1-192.168.0.99/require;


        
 .99 is the bsd box, .1 is the win2k box.


JT> 3. Configure psk.txt and racoon.conf. You shouldnt really need to make any
...

JT> In the psk.txt file, add the following entry:

JT>         5.6.7.8 somelongstringasasharedsecret

i have put something like
192.168.0.1 password...


JT> Make sure that psk.txt is mode 600, owned by root. Start up racoon.

JT> 4. On the Win2k machine, fire up a command window, and launch 'mmc'. Go to
Console->>Add/Remove Snap in. Add the IP Security Policy Management snap-in.

.... ok ....

But racoon gives me a lot of error messages, i have added the messages
here. I really do not know what to do now -((((((((((

Snapshot:
2000-11-22 02:53:09: isakmp_ident.c:700:ident_r1recv(): 192.168.0.1[500] peer transmitted Vendor ID.
2000-11-22 02:53:09: vendorid.c:97:check_vendorid(): Vendor ID mismatch.

2000-11-22 02:52:57: pfkey.c:1966:pk_checkalg(): WARNING: compression algorithm can not be checked.

2000-11-22 02:53:05: isakmp_ident.c:721:ident_r1recv(): 192.168.0.1[500] failed to get valid proposal.
2000-11-22 02:53:05: isakmp.c:874:isakmp_ph1begin_r(): 192.168.0.1[500] failed to process packet.



Complete protocol:

Foreground mode.
2000-11-22 02:52:57: @(#)racoon 20001111 sakane@ydc.co.jp
2000-11-22 02:52:57: @(#)This product linked software developed by the OpenSSL Project for use in the OpenSSL Toolkit. (http://www.openssl.org/)
<3># "padding" defines some parameter of padding.  You should not touch these.
begin <11>padding
<11>maximum_length
<11>20
<11># maximum padding length.
<11>randomize
<11>off
<11># enable randomize length.
<11>strict_check
<11>off
<11># enable strict check.
<11>exclusive_tail
<11>off
<11># extract last one octet.
<3># if no listen directive is specified, racoon will listen to all
<3># available interface addresses.
begin <13>listen
<13>#isakmp ::1 [7000];
<13>#isakmp 202.249.11.124 [500];
<13>#admin [7002];              # administrative's port by kmpstat.
<13>#strict_address;    # required all addresses must be bound.
<3># Specification of default various timer.
begin <15>timer
<15># These value can be changed per remote node.
<15>counter
<15>5
<15># maximum trying count to send.
<15>interval
<15>20
<15>sec
<15># maximum interval to resend.
<15>persend
<15>1
<15># the number of packets per a send.
<15># timer for waiting to complete each phase.
<15>phase1
<15>30
<15>sec
<15>phase2
<15>15
<15>sec
begin <33>remote
<33>anonymous
<35>#exchange_mode main,aggressive;
<35>exchange_mode
<35>aggressive
<35>,
<35>main
<35>doi
<35>ipsec_doi
<35>situation
<35>identity_only
<35>#my_identifier address;
<35>my_identifier
<35>user_fqdn
<35>"sakane@kame.net"
<35>peers_identifier
<35>user_fqdn
<35>"sakane@kame.net"
<35>#certificate_type x509 "mycert" "mypriv";
<35>nonce_size
<35>16
<35>lifetime
<35>time
<35>1
<35>min
<35># sec,min,hour
<35>lifetime
<35>byte
<35>5
<35>MB
<35># B,KB,GB
<35>initial_contact
<35>on
<35>support_mip6
<35>on
<35>proposal_check
<35>obey
<35># obey, strict or claim
begin <37>proposal
<37>encryption_algorithm
<37>3des
<37>hash_algorithm
<37>sha1
<37>authentication_method
<37>pre_shared_key
<37>dh_group
<37>2
lifetime = 60
lifebyte = 5120
strength=extra high
encklen=0
isakmp enc=     00000000000000000000000000010000
isakmp hash=    00000000000000000000000000000010
isakmp dh=      00000000000000000000000000000010
isakmp auth method=     00000000000000000000000000000001
p:1 t:1 0 0 0 3DES-CBC(5) SHA(2) 1024-bit MODP group(2) pre-shared key(1) 
begin <33>remote
<33>::1
<33>[8000]
<35>#exchange_mode main,aggressive;
<35>exchange_mode
<35>aggressive
<35>,
<35>main
<35>doi
<35>ipsec_doi
<35>situation
<35>identity_only
<35>my_identifier
<35>user_fqdn
<35>"sakane@kame.net"
<35>peers_identifier
<35>user_fqdn
<35>"sakane@kame.net"
<35>#certificate_type x509 "mycert" "mypriv";
<35>nonce_size
<35>16
<35>lifetime
<35>time
<35>1
<35>min
<35># sec,min,hour
<35>lifetime
<35>byte
<35>5
<35>MB
<35># B,KB,GB
begin <37>proposal
<37>encryption_algorithm
<37>3des
<37>hash_algorithm
<37>sha1
<37>authentication_method
<37>pre_shared_key
<37>dh_group
<37>2
lifetime = 60
lifebyte = 5120
strength=extra high
encklen=0
isakmp enc=     00000000000000000000000000010000
isakmp hash=    00000000000000000000000000000010
isakmp dh=      00000000000000000000000000000010
isakmp auth method=     00000000000000000000000000000001
p:1 t:1 0 0 0 3DES-CBC(5) SHA(2) 1024-bit MODP group(2) pre-shared key(1) 
begin <29>sainfo
<29>anonymous
<31>pfs_group
<31>1
<31>lifetime
<31>time
<31>30
<31>sec
<31>lifetime
<31>byte
<31>5000
<31>KB
<31>encryption_algorithm
<31>3des
<31>authentication_algorithm
<31>hmac_sha1
<31>compression_algorithm
<31>deflate
2000-11-22 02:52:57: pfkey.c:1966:pk_checkalg(): WARNING: compression algorithm can not be checked.
begin <29>sainfo
<29>address
<29>203.178.141.209
<29>any
<29>address
<29>203.178.141.218
<29>any
<31>pfs_group
<31>1
<31>lifetime
<31>time
<31>30
<31>sec
<31>lifetime
<31>byte
<31>5000
<31>KB
<31>encryption_algorithm
<31>des
<31>authentication_algorithm
<31>hmac_md5
<31>compression_algorithm
<31>deflate
2000-11-22 02:52:57: pfkey.c:1966:pk_checkalg(): WARNING: compression algorithm can not be checked.
2000-11-22 02:52:57: sainfo.c:101:getsainfo(): anonymous sainfo selected.
begin <29>sainfo
<29>address
<29>::1
<29>icmp6
<29>address
<29>::1
<29>icmp6
<31>pfs_group
<31>1
<31>lifetime
<31>time
<31>60
<31>sec
<31>lifetime
<31>byte
<31>5000
<31>KB
<31>encryption_algorithm
<31>3des
<31>,
<31>cast128
<31>,
<31>blowfish
<31>,
<31>des
<31>authentication_algorithm
<31>hmac_sha1
<31>,
<31>hmac_md5
<31>compression_algorithm
<31>deflate
2000-11-22 02:52:57: pfkey.c:1966:pk_checkalg(): WARNING: compression algorithm can not be checked.
2000-11-22 02:52:57: sainfo.c:101:getsainfo(): anonymous sainfo selected.
parse successed.
Foreground mode.
2000-11-22 02:52:57: grabmyaddr.c:213:grab_myaddrs(): my interface: 192.168.0.99 (ed1)
2000-11-22 02:52:57: grabmyaddr.c:213:grab_myaddrs(): my interface: fe80::220:18ff:fe64:f25f%ed1 (ed1)
2000-11-22 02:52:57: grabmyaddr.c:213:grab_myaddrs(): my interface: fe80::1%lo0 (lo0)
2000-11-22 02:52:57: grabmyaddr.c:213:grab_myaddrs(): my interface: ::1 (lo0)
2000-11-22 02:52:57: grabmyaddr.c:213:grab_myaddrs(): my interface: 127.0.0.1 (lo0)
2000-11-22 02:52:57: grabmyaddr.c:213:grab_myaddrs(): my interface: 62.158.21.17 (isp0)
2000-11-22 02:52:57: grabmyaddr.c:213:grab_myaddrs(): my interface: fe80::220:18ff:fe64:f25f%isp0 (isp0)
2000-11-22 02:52:57: grabmyaddr.c:479:autoconf_myaddrsport(): configuring default isakmp port.
2000-11-22 02:52:57: grabmyaddr.c:503:autoconf_myaddrsport(): isakmp_autoconf success, 7 addrs
2000-11-22 02:52:57: isakmp.c:1288:isakmp_open(): fe80::220:18ff:fe64:f25f%isp0[500] used as isakmp port (fd=9).
2000-11-22 02:52:57: isakmp.c:1288:isakmp_open(): 62.158.21.17[500] used as isakmp port (fd=10).
2000-11-22 02:52:57: isakmp.c:1288:isakmp_open(): 127.0.0.1[500] used as isakmp port (fd=11).
2000-11-22 02:52:57: isakmp.c:1288:isakmp_open(): ::1[500] used as isakmp port (fd=12).
2000-11-22 02:52:57: isakmp.c:1288:isakmp_open(): fe80::1%lo0[500] used as isakmp port (fd=13).
2000-11-22 02:52:57: isakmp.c:1288:isakmp_open(): fe80::220:18ff:fe64:f25f%ed1[500] used as isakmp port (fd=14).
2000-11-22 02:52:57: isakmp.c:1288:isakmp_open(): 192.168.0.99[500] used as isakmp port (fd=15).
2000-11-22 02:52:57: pfkey.c:192:pfkey_handler(): get pfkey X_SPDDUMP message
sadb_msg{ version=2 type=18 errno=0 satype=0
  len=15 reserved=1 seq=1 pid=2357
sadb_ext{ len=3 type=5 }
sadb_address{ proto=255 prefixlen=32 reserved=0x0000 }
sockaddr{ len=16 family=2 port=0
 c0a80001  }
sadb_ext{ len=3 type=6 }
sadb_address{ proto=255 prefixlen=32 reserved=0x0000 }
sockaddr{ len=16 family=2 port=0
 c0a80063  }
sadb_ext{ len=7 type=18 }
sadb_x_policy{ type=2 dir=1 id=2 }
 { len=40 proto=50 mode=1 level=2 reqid=0
sockaddr{ len=16 family=2 port=0
 c0a80001  }
sockaddr{ len=16 family=2 port=0
 c0a80063  }
 }
2000-11-22 02:52:57: pfkey.c:192:pfkey_handler(): get pfkey X_SPDDUMP message
sadb_msg{ version=2 type=18 errno=0 satype=0
  len=15 reserved=1 seq=0 pid=2357
sadb_ext{ len=3 type=5 }
sadb_address{ proto=255 prefixlen=32 reserved=0x0000 }
sockaddr{ len=16 family=2 port=0
 c0a80063  }
sadb_ext{ len=3 type=6 }
sadb_address{ proto=255 prefixlen=32 reserved=0x0000 }
sockaddr{ len=16 family=2 port=0
 c0a80001  }
sadb_ext{ len=7 type=18 }
sadb_x_policy{ type=2 dir=2 id=1 }
 { len=40 proto=50 mode=1 level=2 reqid=0
sockaddr{ len=16 family=2 port=0
 c0a80063  }
sockaddr{ len=16 family=2 port=0
 c0a80001  }
 }
2000-11-22 02:52:57: policy.c:189:cmpspidx(): sub:0xbfbff9c8: 192.168.0.99/32[0] 192.168.0.1/32[0] proto=255 dir=2
2000-11-22 02:52:57: policy.c:189:cmpspidx(): db :0x80a2208: 192.168.0.1/32[0] 192.168.0.99/32[0] proto=255 dir=1
2000-11-22 02:53:02: isakmp.c:207:isakmp_handler(): ===
2000-11-22 02:53:02: isakmp.c:211:isakmp_handler(): 192.168.0.99[500] 216 bytes message received from 192.168.0.1[500]
 fe6e2baf 61660328 00000000 00000000 01100200 00000000 000000d8 0d0000a4
 00000001 00000001 00000098 01010004 03000024 01010000 80010001 80020002
 80040002 80030001 800b0001 000c0004 00007080 03000024 02010000 80010001
 80020001 80040002 80030001 800b0001 000c0004 00007080 03000024 03010000
 80010001 80020002 80040001 80030001 800b0001 000c0004 00007080 00000024
 04010000 80010001 80020001 80040001 80030001 800b0001 000c0004 00007080
 00000018 1e2b5169 05991c7d 7c96fcbf b587e461 00000002
2000-11-22 02:53:02: isakmp.c:2152:isakmp_printpacket(): begin.
53:02.374683 192.168.0.1:500 -> 192.168.0.99:500: isakmp 1.0 msgid 00000000 cookie fe6e2baf61660328->0000000000000000: phase 1 I ident:
    (sa: doi=ipsec situation=identity
        (p: #1 protoid=isakmp transform=4
            (t: #1 id=ike (type=enc value=1des)(type=hash value=sha1)(type=group desc value=modp1024)(type=auth value=preshared)(type=lifetype value=sec)(type=lifeduration len=4 value=00007080))
            (t: #2 id=ike (type=enc value=1des)(type=hash value=md5)(type=group desc value=modp1024)(type=auth value=preshared)(type=lifetype value=sec)(type=lifeduration len=4 value=00007080))
            (t: #3 id=ike (type=enc value=1des)(type=hash value=sha1)(type=group desc value=modp768)(type=auth value=preshared)(type=lifetype value=sec)(type=lifeduration len=4 value=00007080))
            (t: #4 id=ike (type=enc value=1des)(type=hash value=md5)(type=group desc value=modp768)(type=auth value=preshared)(type=lifetype value=sec)(type=lifeduration len=4 value=00007080))))
    (vid: len=20 1e2b516905991c7d7c96fcbfb587e46100000002)
2000-11-22 02:53:02: remoteconf.c:131:getrmconf(): anonymous configuration selected for 192.168.0.1[500].
2000-11-22 02:53:02: isakmp.c:856:isakmp_ph1begin_r(): new responder iph1 0x8099400: local 192.168.0.99 500 remote 192.168.0.1 500
2000-11-22 02:53:02: isakmp.c:860:isakmp_ph1begin_r(): ===
2000-11-22 02:53:02: isakmp.c:863:isakmp_ph1begin_r(): begin Identity Protection mode.
2000-11-22 02:53:02: isakmp_ident.c:662:ident_r1recv(): begin.
2000-11-22 02:53:02: isakmp.c:1123:isakmp_parse(): begin.
2000-11-22 02:53:02: isakmp.c:1035:isakmp_parsewoh(): begin.
2000-11-22 02:53:02: isakmp.c:1066:isakmp_parsewoh(): seen nptype=1(sa)
2000-11-22 02:53:02: isakmp.c:1066:isakmp_parsewoh(): seen nptype=13(vid)
2000-11-22 02:53:02: isakmp.c:1104:isakmp_parsewoh(): succeed.
2000-11-22 02:53:02: isakmp.c:1131:isakmp_parse(): end.
2000-11-22 02:53:02: isakmp_ident.c:700:ident_r1recv(): 192.168.0.1[500] peer transmitted Vendor ID.
2000-11-22 02:53:02: vendorid.c:97:check_vendorid(): Vendor ID mismatch.
2000-11-22 02:53:02: ipsec_doi.c:1021:get_proppair(): total SA len=160
 00000001 00000001 00000098 01010004 03000024 01010000 80010001 80020002
 80040002 80030001 800b0001 000c0004 00007080 03000024 02010000 80010001
 80020001 80040002 80030001 800b0001 000c0004 00007080 03000024 03010000
 80010001 80020002 80040001 80030001 800b0001 000c0004 00007080 00000024
 04010000 80010001 80020001 80040001 80030001 800b0001 000c0004 00007080
2000-11-22 02:53:02: isakmp.c:1035:isakmp_parsewoh(): begin.
2000-11-22 02:53:02: isakmp.c:1066:isakmp_parsewoh(): seen nptype=2(prop)
2000-11-22 02:53:02: isakmp.c:1104:isakmp_parsewoh(): succeed.
2000-11-22 02:53:02: ipsec_doi.c:1076:get_proppair(): proposal #1 len=152
2000-11-22 02:53:02: isakmp.c:1035:isakmp_parsewoh(): begin.
2000-11-22 02:53:02: isakmp.c:1066:isakmp_parsewoh(): seen nptype=3(trns)
2000-11-22 02:53:02: isakmp.c:1066:isakmp_parsewoh(): seen nptype=3(trns)
2000-11-22 02:53:02: isakmp.c:1066:isakmp_parsewoh(): seen nptype=3(trns)
2000-11-22 02:53:02: isakmp.c:1066:isakmp_parsewoh(): seen nptype=3(trns)
2000-11-22 02:53:02: isakmp.c:1104:isakmp_parsewoh(): succeed.
2000-11-22 02:53:02: ipsec_doi.c:1220:get_transform(): transform #1 len=36
2000-11-22 02:53:02: ipsec_doi.c:1781:check_attr_isakmp(): type=Encryption Algorithm, flag=0x8000, lorv=DES-CBC
2000-11-22 02:53:02: ipsec_doi.c:1781:check_attr_isakmp(): type=Hash Algorithm, flag=0x8000, lorv=SHA
2000-11-22 02:53:02: ipsec_doi.c:1781:check_attr_isakmp(): type=Group Description, flag=0x8000, lorv=1024-bit MODP group
2000-11-22 02:53:02: ipsec_doi.c:1781:check_attr_isakmp(): type=Authentication Method, flag=0x8000, lorv=pre-shared key
2000-11-22 02:53:02: ipsec_doi.c:1781:check_attr_isakmp(): type=Life Type, flag=0x8000, lorv=seconds
2000-11-22 02:53:02: ipsec_doi.c:1781:check_attr_isakmp(): type=Life Duration, flag=0x0000, lorv=4
2000-11-22 02:53:02: ipsec_doi.c:1220:get_transform(): transform #2 len=36
2000-11-22 02:53:02: ipsec_doi.c:1781:check_attr_isakmp(): type=Encryption Algorithm, flag=0x8000, lorv=DES-CBC
2000-11-22 02:53:02: ipsec_doi.c:1781:check_attr_isakmp(): type=Hash Algorithm, flag=0x8000, lorv=MD5
2000-11-22 02:53:02: ipsec_doi.c:1781:check_attr_isakmp(): type=Group Description, flag=0x8000, lorv=1024-bit MODP group
2000-11-22 02:53:02: ipsec_doi.c:1781:check_attr_isakmp(): type=Authentication Method, flag=0x8000, lorv=pre-shared key
2000-11-22 02:53:02: ipsec_doi.c:1781:check_attr_isakmp(): type=Life Type, flag=0x8000, lorv=seconds
2000-11-22 02:53:02: ipsec_doi.c:1781:check_attr_isakmp(): type=Life Duration, flag=0x0000, lorv=4
2000-11-22 02:53:02: ipsec_doi.c:1220:get_transform(): transform #3 len=36
2000-11-22 02:53:02: ipsec_doi.c:1781:check_attr_isakmp(): type=Encryption Algorithm, flag=0x8000, lorv=DES-CBC
2000-11-22 02:53:02: ipsec_doi.c:1781:check_attr_isakmp(): type=Hash Algorithm, flag=0x8000, lorv=SHA
2000-11-22 02:53:02: ipsec_doi.c:1781:check_attr_isakmp(): type=Group Description, flag=0x8000, lorv=768-bit MODP group
2000-11-22 02:53:02: ipsec_doi.c:1781:check_attr_isakmp(): type=Authentication Method, flag=0x8000, lorv=pre-shared key
2000-11-22 02:53:02: ipsec_doi.c:1781:check_attr_isakmp(): type=Life Type, flag=0x8000, lorv=seconds
2000-11-22 02:53:02: ipsec_doi.c:1781:check_attr_isakmp(): type=Life Duration, flag=0x0000, lorv=4
2000-11-22 02:53:02: ipsec_doi.c:1220:get_transform(): transform #4 len=36
2000-11-22 02:53:02: ipsec_doi.c:1781:check_attr_isakmp(): type=Encryption Algorithm, flag=0x8000, lorv=DES-CBC
2000-11-22 02:53:02: ipsec_doi.c:1781:check_attr_isakmp(): type=Hash Algorithm, flag=0x8000, lorv=MD5
2000-11-22 02:53:02: ipsec_doi.c:1781:check_attr_isakmp(): type=Group Description, flag=0x8000, lorv=768-bit MODP group
2000-11-22 02:53:02: ipsec_doi.c:1781:check_attr_isakmp(): type=Authentication Method, flag=0x8000, lorv=pre-shared key
2000-11-22 02:53:02: ipsec_doi.c:1781:check_attr_isakmp(): type=Life Type, flag=0x8000, lorv=seconds
2000-11-22 02:53:02: ipsec_doi.c:1781:check_attr_isakmp(): type=Life Duration, flag=0x0000, lorv=4
pair 1:
2000-11-22 02:53:02: proposal.c:877:print_proppair0():  0x80aa2d0: next=0x0 tnext=0x80aa2e0
2000-11-22 02:53:02: proposal.c:877:print_proppair0():   0x80aa2e0: next=0x0 tnext=0x80aa2f0
2000-11-22 02:53:02: proposal.c:877:print_proppair0():    0x80aa2f0: next=0x0 tnext=0x80aa300
2000-11-22 02:53:02: proposal.c:877:print_proppair0():     0x80aa300: next=0x0 tnext=0x0
2000-11-22 02:53:02: ipsec_doi.c:1157:get_proppair(): proposal #1: 4 transform
2000-11-22 02:53:02: ipsec_doi.c:283:get_ph1approvalx(): prop#=1, prot-id=ISAKMP, spi-size=0, #trns=4
2000-11-22 02:53:02: ipsec_doi.c:289:get_ph1approvalx(): trns#=1, trns-id=IKE
2000-11-22 02:53:02: ipsec_doi.c:389:t2isakmpsa(): type=Encryption Algorithm, flag=0x8000, lorv=DES-CBC
2000-11-22 02:53:02: ipsec_doi.c:389:t2isakmpsa(): type=Hash Algorithm, flag=0x8000, lorv=SHA
2000-11-22 02:53:02: ipsec_doi.c:389:t2isakmpsa(): type=Group Description, flag=0x8000, lorv=1024-bit MODP group
2000-11-22 02:53:02: ipsec_doi.c:389:t2isakmpsa(): type=Authentication Method, flag=0x8000, lorv=pre-shared key
2000-11-22 02:53:02: ipsec_doi.c:389:t2isakmpsa(): type=Life Type, flag=0x8000, lorv=seconds
2000-11-22 02:53:02: ipsec_doi.c:389:t2isakmpsa(): Eà(]F@÷KgÀCÆO>ž¯òõN/ lorv=4
2000-11-22 02:53:02: ipsec_doi.c:323:get_ph1approvalx(): Compared: DB:Peer
2000-11-22 02:53:02: ipsec_doi.c:323:get_ph1approvalx(): (lifetime = 60:28800)
2000-11-22 02:53:02: ipsec_doi.c:323:get_ph1approvalx(): (lifebyte = 5120:0)
2000-11-22 02:53:02: ipsec_doi.c:323:get_ph1approvalx(): enctype = 3DES-CBC:DES-CBC
2000-11-22 02:53:02: ipsec_doi.c:323:get_ph1approvalx(): (encklen = 0:0)
2000-11-22 02:53:02: ipsec_doi.c:323:get_ph1approvalx(): hashtype = SHA:SHA
2000-11-22 02:53:02: ipsec_doi.c:323:get_ph1approvalx(): authmethod = pre-shared key:pre-shared key
2000-11-22 02:53:02: ipsec_doi.c:323:get_ph1approvalx(): dh_group = 1024-bit MODP group:1024-bit MODP group
2000-11-22 02:53:02: ipsec_doi.c:344:get_ph1approvalx(): unacceptable proposal.
2000-11-22 02:53:02: ipsec_doi.c:283:get_ph1approvalx(): prop#=1, prot-id=ISAKMP, spi-size=0, #trns=4
2000-11-22 02:53:02: ipsec_doi.c:289:get_ph1approvalx(): trns#=2, trns-id=IKE
2000-11-22 02:53:02: ipsec_doi.c:389:t2isakmpsa(): type=Encryption Algorithm, flag=0x8000, lorv=DES-CBC
2000-11-22 02:53:02: ipsec_doi.c:389:t2isakmpsa(): type=Hash Algorithm, flag=0x8000, lorv=MD5
2000-11-22 02:53:02: ipsec_doi.c:389:t2isakmpsa(): type=Group Description, flag=0x8000, lorv=1024-bit MODP group
2000-11-22 02:53:02: ipsec_doi.c:389:t2isakmpsa(): type=Authentication Method, flag=0x8000, lorv=pre-shared key
2000-11-22 02:53:02: ipsec_doi.c:389:t2isakmpsa(): type=Life Type, flag=0x8000, lorv=seconds
2000-11-22 02:53:02: ipsec_doi.c:389:t2isakmpsa(): type=Life Duration, flag=0x0000, lorv=4
2000-11-22 02:53:02: ipsec_doi.c:323:get_ph1approvalx(): Compared: DB:Peer
2000-11-22 02:53:02: ipsec_doi.c:323:get_ph1approvalx(): (lifetime = 60:28800)
2000-11-22 02:53:02: ipsec_doi.c:323:get_ph1approvalx(): (lifebyte = 5120:0)
2000-11-22 02:53:02: ipsec_doi.c:323:get_ph1approvalx(): enctype = 3DES-CBC:DES-CBC
2000-11-22 02:53:02: ipsec_doi.c:323:get_ph1approvalx(): (encklen = 0:0)
2000-11-22 02:53:02: ipsec_doi.c:323:get_ph1approvalx(): hashtype = SHA:MD5
2000-11-22 02:53:02: ipsec_doi.c:323:get_ph1approvalx(): authmethod = pre-shared key:pre-shared key
2000-11-22 02:53:02: ipsec_doi.c:323:get_ph1approvalx(): dh_group = 1024-bit MODP group:1024-bit MODP group
2000-11-22 02:53:02: ipsec_doi.c:344:get_ph1approvalx(): unacceptable proposal.
2000-11-22 02:53:02: ipsec_doi.c:283:get_ph1approvalx(): prop#=1, prot-id=ISAKMP, spi-size=0, #trns=4
2000-11-22 02:53:02: ipsec_doi.c:289:get_ph1approvalx(): trns#=3, trns-id=IKE
2000-11-22 02:53:02: ipsec_doi.c:389:t2isakmpsa(): type=Encryption Algorithm, flag=0x8000, lorv=DES-CBC
2000-11-22 02:53:02: ipsec_doi.c:389:t2isakmpsa(): type=Hash Algorithm, flag=0x8000, lorv=SHA
2000-11-22 02:53:02: ipsec_doi.c:389:t2isakmpsa(): type=Group Description, flag=0x8000, lorv=768-bit MODP group
2000-11-22 02:53:02: ipsec_doi.c:389:t2isakmpsa(): type=Authentication Method, flag=0x8000, lorv=pre-shared key
2000-11-22 02:53:02: ipsec_doi.c:389:t2isakmpsa(): type=Life Type, flag=0x8000, lorv=seconds
2000-11-22 02:53:02: ipsec_doi.c:389:t2isakmpsa(): type=Life Duration, flag=0x0000, lorv=4
2000-11-22 02:53:02: ipsec_doi.c:323:get_ph1approvalx(): Compared: DB:Peer
2000-11-22 02:53:02: ipsec_doi.c:323:get_ph1approvalx(): (lifetime = 60:28800)
2000-11-22 02:53:02: ipsec_doi.c:323:get_ph1approvalx(): (lifebyte = 5120:0)
2000-11-22 02:53:02: ipsec_doi.c:323:get_ph1approvalx(): enctype = 3DES-CBC:DES-CBC
2000-11-22 02:53:02: ipsec_doi.c:323:get_ph1approvalx(): (encklen = 0:0)
2000-11-22 02:53:02: ipsec_doi.c:323:get_ph1approvalx(): hashtype = SHA:SHA
2000-11-22 02:53:02: ipsec_doi.c:323:get_ph1approvalx(): authmethod = pre-shared key:pre-shared key
2000-11-22 02:53:02: ipsec_doi.c:323:get_ph1approvalx(): dh_group = 1024-bit MODP group:768-bit MODP group
2000-11-22 02:53:02: ipsec_doi.c:344:get_ph1approvalx(): unacceptable proposal.
2000-11-22 02:53:02: ipsec_doi.c:283:get_ph1approvalx(): prop#=1, prot-id=ISAKMP, spi-size=0, #trns=4
2000-11-22 02:53:02: ipsec_doi.c:289:get_ph1approvalx(): trns#=4, trns-id=IKE
2000-11-22 02:53:02: ipsec_doi.c:389:t2isakmpsa(): type=Encryption Algorithm, flag=0x8000, lorv=DES-CBC
2000-11-22 02:53:02: ipsec_doi.c:389:t2isakmpsa(): type=Hash Algorithm, flag=0x8000, lorv=MD5
2000-11-22 02:53:02: ipsec_doi.c:389:t2isakmpsa(): type=Group Description, flag=0x8000, lorv=768-bit MODP group
2000-11-22 02:53:02: ipsec_doi.c:389:t2isakmpsa(): type=Authentication Method, flag=0x8000, lorv=pre-shared key
2000-11-22 02:53:02: ipsec_doi.c:389:t2isakmpsa(): type=Life Type, flag=0x8000, lorv=seconds
2000-11-22 02:53:02: ipsec_doi.c:389:t2isakmpsa(): type=Life Duration, flag=0x0000, lorv=4
2000-11-22 02:53:02: ipsec_doi.c:323:get_ph1approvalx(): Compared: DB:Peer
2000-11-22 02:53:02: ipsec_doi.c:323:get_ph1approvalx(): (lifetime = 60:28800)
2000-11-22 02:53:02: ipsec_doi.c:323:get_ph1approvalx(): (lifebyte = 5120:0)
2000-11-22 02:53:02: ipsec_doi.c:323:get_ph1approvalx(): enctype = 3DES-CBC:DES-CBC
2000-11-22 02:53:02: ipsec_doi.c:323:get_ph1approvalx(): (encklen = 0:0)
2000-11-22 02:53:02: ipsec_doi.c:323:get_ph1approvalx(): hashtype = SHA:MD5
2000-11-22 02:53:02: ipsec_doi.c:323:get_ph1approvalx(): authmethod = pre-shared key:pre-shared key
2000-11-22 02:53:02: ipsec_doi.c:323:get_ph1approvalx(): dh_group = 1024-bit MODP group:768-bit MODP group
2000-11-22 02:53:02: ipsec_doi.c:344:get_ph1approvalx(): unacceptable proposal.
2000-11-22 02:53:02: isakmp_ident.c:721:ident_r1recv(): 192.168.0.1[500] failed to get valid proposal.
2000-11-22 02:53:02: isakmp.c:874:isakmp_ph1begin_r(): 192.168.0.1[500] failed to process packet.
2000-11-22 02:53:03: isakmp.c:207:isakmp_handler(): ===
2000-11-22 02:53:03: isakmp.c:211:isakmp_handler(): 192.168.0.99[500] 216 bytes message received from 192.168.EàÜg@÷ž’ÀCÆO>žndšN>N´™oP"80 00000000 01100200 00000000 000000d8 0d0000a4
 00000001 00000001 00000098 01010004 03000024 01010000 80010001 80020002
 80040002 80030001 800b0001 000c0004 00007080 03000024 02010000 80010001
 80020001 80040002 80030001 800b0001 000c0004 00007080 03000024 03010000
 80010001 80020002 80040001 80030001 800b0001 000c0004 00007080 00000024
 04010000 80010001 80020001 80040001 80030001 800b0001 000c0004 00007080
 00000018 1e2b5169 05991c7d 7c96fcbf b587e461 00000002
2000-11-22 02:53:03: isakmp.c:2152:isakmp_printpacket(): begin.
53:03.364853 192.168.0.1:500 -> 192.168.0.99:500: isakmp 1.0 msgid 00000000 cookie fe6e2baf61660328->0000000000000000: phase 1 I ident:
    (sa: doi=ipsec situation=identity
        (p: #1 protoid=isakmp transform=4
            (t: #1 id=ike (type=enc value=1des)(type=hash value=sha1)(type=group desc value=modp1024)(type=auth value=preshared)(type=lifetype value=sec)(type=lifeduration len=4 value=00007080))
            (t: #2 id=ike (type=enc value=1des)(type=hash value=md5)(type=group desc value=modp1024)(type=auth value=preshared)(type=lifetype value=sec)(type=lifeduration len=4 value=00007080))
            (t: #3 id=ike (type=enc value=1des)(type=hash value=sha1)(type=group desc value=modp768)(type=auth value=preshared)(type=lifetype value=sec)(type=lifeduration len=4 value=00007080))
            (t: #4 id=ike (type=enc value=1des)(type=hash value=md5)(type=group desc value=modp768)(type=auth value=preshared)(type=lifetype value=sec)(type=lifeduration len=4 value=00007080))))
    (vid: len=20 1e2b516905991c7d7c96fcbfb587e46100000002)
2000-11-22 02:53:03: remoteconf.c:131:getrmconf(): anonymous configuration selected for 192.168.0.1[500].
2000-11-22 02:53:03: isakmp.c:856:isakmp_ph1begin_r(): new responder iph1 0x8099500: local 192.168.0.99 500 remote 192.168.0.1 500
2000-11-22 02:53:03: isakmp.c:860:isakmp_ph1begin_r(): ===
2000-11-22 02:53:03: isakmp.c:863:isakmp_ph1begin_r(): begin Identity Protection mode.
2000-11-22 02:53:03: isakmp_ident.c:662:ident_r1recv(): begin.
2000-11-22 02:53:03: isakmp.c:1123:isakmp_parse(): begin.
2000-11-22 02:53:03: isakmp.c:1035:isakmp_parsewoh(): begin.
2000-11-22 02:53:03: isakmp.c:1066:isakmp_parsewoh(): seen nptype=1(sa)
2000-11-22 02:53:03: isakmp.c:1066:isakmp_parsewoh(): seen nptype=13(vid)
2000-11-22 02:53:03: isakmp.c:1104:isakmp_parsewoh(): succeed.
2000-11-22 02:53:03: isakmp.c:1131:isakmp_parse(): end.
2000-11-22 02:53:03: isakmp_ident.c:700:ident_r1recv(): 192.168.0.1[500] peer transmitted Vendor ID.
2000-11-22 02:53:03: vendorid.c:97:check_vendorid(): Vendor ID mismatch.
2000-11-22 02:53:03: ipsec_doi.c:1021:get_proppair(): total SA len=160
 00000001 00000001 00000098 01010004 03000024 01010000 80010001 80020002
 80040002 80030001 800b0001 000c0004 00007080 03000024 02010000 80010001
 80020001 80040002 80030001 800b0001 000c0004 00007080 03000024 03010000
 80010001 80020002 80040001 80030001 800b0001 000c0004 00007080 00000024
 04010000 80010001 80020001 80040001 80030001 800b0001 000c0004 00007080
2000-11-22 02:53:03: isakmp.c:1035:isakmp_parsewoh(): begin.
2000-11-22 02:53:03: isakmp.c:1066:isakmp_parsewoh(): seen nptype=2(prop)
2000-11-22 02:53:03: isakmp.c:1104:isakmp_parsewoh(): succeed.
2000-11-22 02:53:03: ipsec_doi.c:1076:get_proppair(): proposal #1 len=152
2000-11-22 02:53:03: isakmp.c:1035:isakmp_parsewoh(): begin.
2000-11-22 02:53:03: isakmp.c:1066:isakmp_parsewoh(): seen nptype=3(trns)
2000-11-22 02:53:03: isakmp.c:1066:isakmp_parsewoh(): seen nptype=3(trns)
2000-11-22 02:53:03: isakmp.c:1066:isakmp_parsewoh(): seen nptype=3(trns)
2000-11-22 02:53:03: isakmp.c:1066:isakmp_parsewoh(): seen nptype=3(trns)
2000-11-22 02:53:03: isakmp.c:1104:isakmp_parsewoh(): succeed.
2000-11-22 02:53:03: ipsec_doi.c:1220:get_transform(): transform #1 len=36
2000-11-22 02:53:03: ipsec_doi.c:1781:check_attr_isakmp(): type=Encryption Algorithm, flag=0x8000, lorv=DES-CBC
2000-11-22 02:53:03: ipsec_doi.c:1781:check_attr_isakmp(): type=Hash Algorithm, flag=0x8000, lorv=SHA
2000-11-22 02:53:03: ipsec_doi.c:1781:check_attr_isakmp(): type=Group Description, flag=0x8000, lorv=1024-bit MODP group
2000-11-22 02:53:03: ipsec_doi.c:1781:check_attr_isakmp(): type=Authentication Method, flag=0x8000, lorv=pre-shared key
2000-11-22 02:53:03: ipsec_doi.c:1781:check_attr_isakmp(): type=Life Type, flag=0x8000, lorv=seconds
2000-11-22 02:53:03: ipsec_doi.c:1781:check_attr_isakmp(): type=Life Duration, flag=0x0000, lorv=4
2000-11-22 02:53:03: ipsec_doi.c:1220:get_transform(): transform #2 len=36
2000-11-22 02:53:03: ipsec_doi.c:1781:check_attr_isakmp(): type=Encryption Algorithm, flag=0x8000, lorv=DES-CBC
2000-11-22 02:53:03: ipsec_doi.c:1781:check_attr_isakmp(): type=Hash Algorithm, flag=0x8000, lorv=MD5
2000-11-22 02:53:03: ipsec_doi.c:1781:check_attr_isakmp(): type=Group Description, flag=0x8000, lorv=1024-bit MODP group
2000-11-22 02:53:03: ipsec_doi.c:1781:check_attr_isakmp(): type=Authentication Method, flag=0x8000, lorv=pre-shared key
2000-11-22 02:53:03: ipsec_doi.c:1781:check_attr_isakmp(): type=Life Type, flag=0x8000, lorv=seconds
2000-11-22 02:53:03: ipsec_doi.c:1781:check_attr_isakmp(): type=Life Duration, flag=0x0000, lorv=4
2000-11-22 02:53:03: ipsec_doi.c:1220:get_transform(): transform #3 len=36
2000-11-22 02:53:03: ipsec_doi.c:1781:check_attr_isakmp(): type=Encryption Algorithm, flag=0x8000, lorv=DES-CBC
2000-11-22 02:53:03: ipsec_doi.c:1781:check_attr_isakmp(): type=Hash Algorithm, flag=0x8000, lorv=SHA
2000-11-22 02:53:03: ipsec_doi.c:1781:check_attr_isakmp(): type=Group Description, flag=0x8000, lorv=768-bit MODP group
2000-11-22 02:53:03: ipsec_doi.c:1781:check_attr_isakmp(): type=Authentication Method, flag=0x8000, lorv=pre-shared key
2000-11-22 02:53:03: ipsec_doi.c:1781:check_attr_isakmp(): type=Life Type, flag=0x8000, lorv=seconds
2000-11-22 02:53:03: ipsec_doi.c:1781:check_attr_isakmp(): type=Life Duration, flag=0x0000, lorv=4
2000-11-22 02:53:03: ipsec_doi.c:1220:get_transform(): transform #4 len=36
2000-11-22 02:53:03: ipsec_doi.c:1781:check_attr_isakmp(): type=Encryption Algorithm, flag=0x8000, lorv=DES-CBC
2000-11-22 02:53:03: ipsec_doi.c:1781:check_attr_isakmp(): type=Hash Algorithm, flag=0x8000, lorv=MD5
2000-11-22 02:53:03: ipsec_doi.c:1781:check_attr_isakmp(): type=Group Description, flag=0x8000, lorv=768-bit MODP group
2000-11-22 02:53:03: ipsec_doi.c:1781:check_attr_isakmp(): type=Authentication Method, flag=0x8000, lorv=pre-shared key
2000-11-22 02:53:03: ipsec_doi.c:1781:check_attr_isakmp(): type=Life Type, flag=0x8000, lorv=seconds
2000-11-22 02:53:03: ipsec_doi.c:1781:check_attr_isakmp(): type=Life Duration, flag=0x0000, lorv=4
pair 1:
2000-11-22 02:53:03: proposal.c:877:print_proppair0():  0x80aa310: next=0x0 tnext=0x80aa320
2000-11-22 02:53:03: proposal.c:877:print_proppair0():   0x80aa320: next=0x0 tnext=0x80aa330
2000-11-22 02:53:03: proposal.c:877:print_proppair0():    0x80aa330: next=0x0 tnext=0x80aa340
2000-11-22 02:53:03: proposal.c:877:print_proppair0():     0x80aa340: next=0x0 tnext=0x0
2000-11-22 02:53:03: ipsec_doi.c:1157:get_proppair(): proposal #1: 4 transform
2000-11-22 02:53:03: ipsec_doi.c:283:get_ph1approvalx(): prop#=1, prot-id=ISAKMP, spi-size=0, #trns=4
2000-11-22 02:53:03: ipsec_doi.c:289:get_ph1approvalx(): trns#=1, trns-id=IKE
2000-11-22 02:53:03: ipsec_doi.c:389:t2isakmpsa(): type=Encryption Algorithm, flag=0x8000, lorv=DES-CBC
2000-11-22 02:53:03: ipsec_doi.c:389:t2isakmpsa(): type=Hash Algorithm, flag=0x8000, lorv=SHA
2000-11-22 02:53:03: ipsec_doi.c:389:t2isakmpsa(): type=Group Description, flag=0x8000, lorv=1024-bit MODP group
2000-11-22 02:53:03: ipsec_doi.c:389:t2isakmpsa(): type=Authentication Method, flag=0x8000, lorv=pre-shared key
2000-11-22 02:53:03: ipsec_doi.c:389:t2isakmpsa(): type=Life Type, flag=0x8000, lorv=seconds
2000-11-22 02:53:03: ipsec_doi.c:389:t2isakmpsa(): type=Life Duration, flag=0x0000, lorv=4
2000-11-22 02:53:03: ipsec_doi.c:323:get_ph1approvalx(): Compared: DB:Peer
2000-11-22 02:53:03: ipsec_doi.c:323:get_ph1approvalx(): (lifetime = 60:28800)
2000-11-22 02:53:03: ipsec_doi.c:323:get_ph1approvalx(): (lifebyte = 5120:0)
2000-11-22 02:53:03: ipsec_doi.c:323:get_ph1approvalx(): enctype = 3DES-CBC:DES-CBC
2000-11-22 02:53:03: ipsec_doi.c:323:get_ph1approvalx(): (encklen = 0:0)
2000-11-22 02:53:03: ipsec_doi.c:323:get_ph1approvalx(): hashtype = SHA:SHA
2000-11-22 02:53:03: ipsec_doi.c:323:get_ph1approvalx(): authmethod = pre-shared key:pre-shared key
2000-11-22 02:53:03: ipsec_doi.c:323:get_ph1approvalx(): dh_group = 1024-bit MODP group:1024-bit MODP group
2000-11-22 02:53:03: ipsec_doi.c:344:get_ph1approvalx(): unacceptable proposal.
2000-11-22 02:53:03: ipsec_doi.c:283:get_ph1approvalx(): prop#=1, prot-id=ISAKMP, spi-size=0, #trns=4
2000-11-22 02:53:03: ipsec_doi.c:289:get_ph1approvalx(): trns#=2, trns-id=IKE
2000-11-22 02:53:03: ipsec_doi.c:389:t2isakmpsa(): type=Encryption Algorithm, flag=0x8000, lorv=DES-CBC
2000-11-22 02:53:03: ipsec_doi.c:389:t2isakmpsa(): type=Hash Algorithm, flag=0x8000, lorv=MD5
2000-11-22 02:53:03: ipsec_doi.c:389:t2isakmpsa(): type=Group Description, flag=0x8000, lorv=1024-bit MODP group
2000-11-22 02:53:03: ipsec_doi.c:389:t2isakmpsa(): type=Authentication Method, flag=0x8000, lorv=pre-shared key
2000-11-22 02:53:03: ipsec_doi.c:389:t2isakmpsa(): type=Life Type, flag=0x8000, lorv=seconds
2000-11-22 02:53:03: ipsec_doi.c:389:t2isakmpsa(): type=Life Duration, flag=0x0000, lorv=4
2000-11-22 02:53:03: ipsec_doi.c:323:get_ph1approvalx(): Compared: DB:Peer
2000-11-22 02:53:03: ipsec_doi.c:323:get_ph1approvalx(): (lifetime = 60:28800)
2000-11-22 02:53:03: ipsec_doi.c:323:get_ph1approvalx(): (lifebyte = 5120:0)
2000-11-22 02:53:03: ipsec_doi.c:323:get_ph1approvalx(): enctype = 3DES-CBC:DES-CBC
2000-11-22 02:53:03: ipsec_doi.c:323:get_ph1approvalx(): (encklen = 0:0)
2000-11-22 02:53:03: ipsec_doi.c:323:get_ph1approvalx(): hashtype = SHA:MD5
2000-11-22 02:53:03: ipsec_doi.c:323:get_ph1approvalx(): authmethod = pre-shared key:pre-shared key
2000-11-22 02:53:03: ipsec_doi.c:323:get_ph1approvalx(): dh_group = 1024-bit MODP group:1024-bit MODP group
2000-11-22 02:53:03: ipsec_doi.c:344:get_ph1approvalx(): unacceptable proposal.
2000-11-22 02:53:03: ipsec_doi.c:283:get_ph1approvalx(): prop#=1, prot-id=ISAKMP, spi-size=0, #trns=4
2000-11-22 02:53:03: ipsec_doi.c:289:get_ph1approvalx(): trns#=3, trns-id=IKE
2000-11-22 02:53:03: ipsec_doi.c:389:t2isakmpsa(): type=Encryption Algorithm, flag=0x8000, lorv=DES-CBC
2000-11-22 02:53:03: ipsec_doi.c:389:t2isakmpsa(): type=Hash Algorithm, flag=0x8000, lorv=SHA
2000-11-22 02:53:03: ipsec_doi.c:389:t2isakmpsa(): type=Group Description, flag=0x8000, lorv=768-bit MODP group
2000-11-22 02:53:03: ipsec_doi.c:389:t2isakmpsa(): type=Authentication Method, flag=0x8000, lorv=pre-shared key
2000-11-22 02:53:03: ipsec_doi.c:389:t2isakmpsa(): type=Life Type, flag=0x8000, lorv=seconds
2000-11-22 02:53:03: ipsec_doi.c:389:t2isakmpsa(): type=Life Duration, flag=0x0000, lorv=4
2000-11-22 02:53:03: ipsec_doi.c:323:get_ph1approvalx(): Compared: DB:Peer
2000-11-22 02:53:03: ipsec_doi.c:323:get_ph1approvalx(): (lifetime = 60:28800)
2000-11-22 02:53:03: ipsec_doi.c:323:get_ph1approvalx(): (lifebyte = 5120:0)
2000-11-22 02:53:03: ipsec_doi.c:323:get_ph1approvalx(): enctype = 3DES-CBC:DES-CBC
2000-11-22 02:53:03: ipsec_doi.c:323:get_ph1approvalx(): (encklen = 0:0)
2000-11-22 02:53:03: ipsec_doi.c:323:get_ph1approvalx(): hashtype = SHA:SHA
2000-11-22 02:53:03: ipsec_doi.c:323:get_ph1approvalx(): authmethod = pre-shared key:pre-shared key
2000-11-22 02:53:03: ipsec_doi.c:323:get_ph1approvalx(): dh_group = 1024-bit MODP group:768-bit MODP group
2000-11-22 02:53:03: ipsec_doi.c:344:get_ph1approvalx(): unacceptable proposal.
2000-11-22 02:53:03: ipsec_doi.c:283:get_ph1approvalx(): prop#=1, prot-id=ISAKMP, spi-size=0, #trns=4
2000-11-22 02:53:03: ipsec_doi.c:289:get_ph1approvalx(): trns#=4, trns-id=IKE
2000-11-22 02:53:03: ipsec_doi.c:389:t2isakmpsa(): type=Encryption Algorithm, flag=0x8000, lorv=DES-CBC
2000-11-22 02:53:03: ipsec_doi.c:389:t2isakmpsa(): type=Hash Algorithm, flag=0x8000, lorv=MD5
2000-11-22 02:53:03: ipsec_doi.c:389:t2isakmpsa(): type=Group Description, flag=0x8000, lorv=768-bit MODP group
2000-11-22 02:53:03: ipsec_doi.c:389:t2isakmpsa(): type=Authentication Method, flag=0x8000, lorv=pre-shared key
2000-11-22 02:53:03: ipsec_doi.c:389:t2isakmpsa(): type=Life Type, flag=0x8000, lorv=seconds
2000-11-22 02:53:03: ipsec_doi.c:389:t2isakmpsa(): type=Life Duration, flag=0x0000, lorv=4
2000-11-22 02:53:03: ipsec_doi.c:323:get_ph1approvalx(): Compared: DB:Peer
2000-11-22 02:53:03: ipsec_doi.c:323:get_ph1approvalx(): (lifetime = 60:28800)
2000-11-22 02:53:03: ipsec_doi.c:323:get_ph1approvalx(): (lifebyte = 5120:0)
2000-11-22 02:53:03: ipsec_doi.c:323:get_ph1approvalx(): enctype = 3DES-CBC:DES-CBC
2000-11-22 02:53:03: ipsec_doi.c:323:get_ph1approvalx(): (encklen = 0:0)
2000-11-22 02:53:03: ipsec_doi.c:323:get_ph1approvalx(): hashtype = SHA:MD5
2000-11-22 02:53:03: ipsec_doi.c:323:get_ph1approvalx(): authmethod = pre-shared key:pre-shared key
2000-11-22 02:53:03: ipsec_doi.c:323:get_ph1approvalx(): dh_group = 1024-bit MODP group:768-bit MODP group
2000-11-22 02:53:03: ipsec_doi.c:344:get_ph1approvalx(): unacceptable proposal.
2000-11-22 02:53:03: isakmp_ident.c:721:ident_r1recv(): 192.168.0.1[500] failed to get valid proposal.
2000-11-22 02:53:03: isakmp.c:874:isakmp_ph1begin_r(): 192.168.0.1[500] failed to process packet.
2000-11-22 02:53:05: isakmp.c:207:isakmp_handler(): ===
2000-11-22 02:53:05: isakmp.c:211:isakmp_handler(): 192.168.0.99[500] 216 bytes message received from 192.168.0.1[500]
 fe6e2baf 61660328 00000000 00000000 01100200 00000000 000000d8 0d0000a4
 00000001 00000001 00000098 01010004 03000024 01010000 80010001 80020002
 80040002 80030001 800b0001 000c0004 00007080 03000024 02010000 80010001
 80020001 80040002 80030001 800b0001 000c0004 00007080 03000024 03010000
 80010001 80020002 80040001 80030001 800b0001 000c0004 00007080 00000024
 04010000 80010001 80020001 80040001 80030001 800b0001 000c0004 00007080
 00000018 1e2b5169 05991c7d 7c96fcbf b587e461 00000002
2000-11-22 02:53:05: isakmp.c:2152:isakmp_printpacket(): begin.
53:05.394810 192.168.0.1:500 -> 192.168.0.99:500: isakmp 1.0 msgid 00000000 cookie fe6e2baf61660328->0000000000000000: phase 1 I ident:
    (sa: doi=ipsec situation=identity
        (p: #1 protoid=isakmp transform=4
            (t: #1 id=ike (type=enc value=1des)(type=hash value=sha1)(type=group desc value=modp1024)(type=auth value=preshared)(type=lifetype value=sec)(type=lifeduration len=4 value=00007080))
            (t: #2 id=ike (type=enc value=1des)(type=hash value=md5)(type=group desc value=modp1024)(type=auth value=preshared)(type=lifetype value=sec)(type=lifeduration len=4 value=00007080))
            (t: #3 id=ike (type=enc value=1des)(type=hash value=sha1)(type=group desc value=modp768)(type=auth value=preshared)(type=lifetype value=sec)(type=lifeduration len=4 value=00007080))
            (t: #4 id=ike (type=enc value=1des)(type=hash value=md5)(type=group desc value=modp768)(type=auth value=preshared)(type=lifetype value=sec)(type=lifeduration len=4 value=00007080))))
    (vid: len=20 1e2b516905991c7d7c96fcbfb587e46100000002)
2000-11-22 02:53:05: remoteconf.c:131:getrmconf(): anonymous configuration selected for 192.168.0.1[500].
2000-11-22 02:53:05: isakmp.c:856:isakmp_ph1begin_r(): new responder iph1 0x8099600: local 192.168.0.99 500 remote 192.168.0.1 500
2000-11-22 02:53:05: isakmp.c:860:isakmp_ph1begin_r(): ===
2000-11-22 02:53:05: isakmp.c:863:isakmp_ph1begin_r(): begin Identity Protection mode.
2000-11-22 02:53:05: isakmp_ident.c:662:ident_r1recv(): begin.
2000-11-22 02:53:05: isakmp.c:1123:isakmp_parse(): begin.
2000-11-22 02:53:05: isakmp.c:1035:isakmp_parsewoh(): begin.
2000-11-22 02:53:05: isakmp.c:1066:isakmp_parsewoh(): seen nptype=1(sa)
2000-11-22 02:53:05: isakmp.c:1066:isakmp_parsewoh(): seen nptype=13(vid)
2000-11-22 02:53:05: isakmp.c:1104:isakmp_parsewoh(): succeed.
2000-11-22 02:53:05: isakmp.c:1131:isakmp_parse(): end.
2000-11-22 02:53:05: isakmp_ident.c:700:ident_r1recv(): 192.168.0.1[500] peer transmitted Vendor ID.
2000-11-22 02:53:05: vendorid.c:97:check_vendorid(): Vendor ID mismatch.
2000-11-22 02:53:05: ipsec_doi.c:1021:get_proppair(): total SA len=160
 00000001 00000001 00000098 01010004 03000024 01010000 80010001 80020002
 80040002 80030001 800b0001 000c0004 00007080 03000024 02010000 80010001
 80020001 80040002 80030001 800b0001 000c0004 00007080 03000024 03010000
 80010001 80020002 80040001 80030001 800b0001 000c0004 00007080 00000024
 04010000 80010001 80020001 80040001 80030001 800b0001 000c0004 00007080
2000-11-22 02:53:05: isakmp.c:1035:isakmp_parsewoh(): begin.
2000-11-22 02:53:05: isakmp.c:1066:isakmp_parsewoh(): seen nptype=2(prop)
2000-11-22 02:53:05: isakmp.c:1104:isakmp_parsewoh(): succeed.
2000-11-22 02:53:05: ipsec_doi.c:1076:get_proppair(): proposal #1 len=152
2000-11-22 02:53:05: isakmp.c:1035:isakmp_parsewoh(): begin.
2000-11-22 02:53:05: isakmp.c:1066:isakmp_parsewoh(): seen nptype=3(trns)
2000-11-22 02:53:05: isakmp.c:1066:isakmp_parsewoh(): seen nptype=3(trns)
2000-11-22 02:53:05: isakmp.c:1066:isakmp_parsewoh(): seen nptype=3(trns)
2000-11-22 02:53:05: isakmp.c:1066:isakmp_parsewoh(): seen nptype=3(trns)
2000-11-22 02:53:05: isakmp.c:1104:isakmp_parsewoh(): succeed.
2000-11-22 02:53:05: ipsec_doi.c:1220:get_transform(): transform #1 len=36
2000-11-22 02:53:05: ipsec_doi.c:1781:check_attr_isakmp(): type=Encryption Algorithm, flag=0x8000, lorv=DES-CBC
2000-11-22 02:53:05: ipsec_doi.c:1781:check_attr_isakmp(): type=Hash Algorithm, flag=0x8000, lorv=SHA
2000-11-22 02:53:05: ipsec_doi.c:1781:check_attr_isakmp(): type=Group Description, flag=0x8000, lorv=1024-bit MODP group
2000-11-22 02:53:05: ipsec_doi.c:1781:check_attr_isakmp(): type=Authentication Method, flag=0x8000, lorv=pre-shared key
2000-11-22 02:53:05: ipsec_doi.c:1781:check_attr_isakmp(): type=Life Type, flag=0x8000, lorv=seconds
2000-11-22 02:53:05: ipsec_doi.c:1781:check_attr_isakmp(): type=Life Duration, flag=0x0000, lorv=4
2000-11-22 02:53:05: ipsec_doi.c:1220:get_transform(): transform #2 len=36
2000-11-22 02:53:05: ipsec_doi.c:1781:check_attr_isakmp(): type=Encryption Algorithm, flag=0x8000, lorv=DES-CBC
2000-11-22 02:53:05: ipsec_doi.c:1781:check_attr_isakmp(): type=Hash Algorithm, flag=0x8000, lorv=MD5
2000-11-22 02:53:05: ipsec_doi.c:1781:check_attr_isakmp(): type=Group Description, flag=0x8000, lorv=1024-bit MODP group
2000-11-22 02:53:05: ipsec_doi.c:1781:check_attr_isakmp(): type=Authentication Method, flag=0x8000, lorv=pre-shared key
2000-11-22 02:53:05: ipsec_doi.c:1781:check_attr_isakmp(): type=Life Type, flag=0x8000, lorv=seconds
2000-11-22 02:53:05: ipsec_doi.c:1781:check_attr_isakmp(): type=Life Duration, flag=0x0000, lorv=4
2000-11-22 02:53:05: ipsec_doi.c:1220:get_transform(): transform #3 len=36
2000-11-22 02:53:05: ipsec_doi.c:1781:check_attr_isakmp(): type=Encryption Algorithm, flag=0x8000, lorv=DES-CBC
2000-11-22 02:53:05: ipsec_doi.c:1781:check_attr_isakmp(): type=Hash Algorithm, flag=0x8000, lorv=SHA
2000-11-22 02:53:05: ipsec_doi.c:1781:check_attr_isakmp(): type=Group Description, flag=0x8000, lorv=768-bit MODP group
2000-11-22 02:53:05: ipsec_doi.c:1781:check_attr_isakmp(): type=Authentication Method, flag=0x8000, lorv=pre-shared key
2000-11-22 02:53:05: ipsec_doi.c:1781:check_attr_isakmp(): type=Life Type, flag=0x8000, lorv=seconds
2000-11-22 02:53:05: ipsec_doi.c:1781:check_attr_isakmp(): type=Life Duration, flag=0x0000, lorv=4
2000-11-22 02:53:05: ipsec_doi.c:1220:get_transform(): transform #4 len=36
2000-11-22 02:53:05: ipsec_doi.c:1781:check_attr_isakmp(): type=Encryption Algorithm, flag=0x8000, lorv=DES-CBC
2000-11-22 02:53:05: ipsec_doi.c:1781:check_attr_isakmp(): type=Hash Algorithm, flag=0x8000, lorv=MD5
2000-11-22 02:53:05: ipsec_doi.c:1781:check_attr_isakmp(): type=Group Description, flag=0x8000, lorv=768-bit MODP group
2000-11-22 02:53:05: ipsec_doi.c:1781:check_attr_isakmp(): type=Authentication Method, flag=0x8000, lorv=pre-shared key
2000-11-22 02:53:05: ipsec_doi.c:1781:check_attr_isakmp(): type=Life Type, flag=0x8000, lorv=seconds
2000-11-22 02:53:05: ipsec_doi.c:1781:check_attr_isakmp(): type=Life Duration, flag=0x0000, lorv=4
pair 1:
2000-11-22 02:53:05: proposal.c:877:print_proppair0():  0x80aa350: next=0x0 tnext=0x80aa360
2000-11-22 02:53:05: proposal.c:877:print_proppair0():   0x80aa360: next=0x0 tnext=0x80aa370
2000-11-22 02:53:05: proposal.c:877:print_proppair0():    0x80aa370: next=0x0 tnext=0x80aa380
2000-11-22 02:53:05: proposal.c:877:print_proppair0():     0x80aa380: next=0x0 tnext=0x0
2000-11-22 02:53:05: ipsec_doi.c:1157:get_proppair(): proposal #1: 4 transform
2000-11-22 02:53:05: ipsec_doi.c:283:get_ph1approvalx(): prop#=1, prot-id=ISAKMP, spi-size=0, #trns=4
2000-11-22 02:53:05: ipsec_doi.c:289:get_ph1approvalx(): trns#=1, trns-id=IKE
2000-11-22 02:53:05: ipsec_doi.c:389:t2isakmpsa(): type=Encryption Algorithm, flag=0x8000, lorv=DES-CBC
2000-11-22 02:53:05: ipsec_doi.c:389:t2isakmpsa(): type=Hash Algorithm, flag=0x8000, lorv=SHA
2000-11-22 02:53:05: ipsec_doi.c:389:t2isakmpsa(): type=Group Description, flag=0x8000, lorv=1024-bit MODP group
2000-11-22 02:53:05: ipsec_doi.c:389:t2isakmpsa(): type=Authentication Method, flag=0x8000, lorv=pre-shared key
2000-11-22 02:53:05: ipsec_doi.c:389:t2isakmpsa(): type=Life Type, flag=0x8000, lorv=seconds
2000-11-22 02:53:05: ipsec_doi.c:389:t2isakmpsa(): type=Life Duration, flag=0x0000, lorv=4
2000-11-22 02:53:05: ipsec_doi.c:323:get_ph1approvalx(): Compared: DB:Peer
2000-11-22 02:53:05: ipsec_doi.c:323:get_ph1approvalx(): (lifetime = 60:28800)
2000-11-22 02:53:05: ipsec_doi.c:323:get_ph1approvalx(): (lifebyte = 5120:0)
2000-11-22 02:53:05: ipsec_doi.c:323:get_ph1approvalx(): enctype = 3DES-CBC:DES-CBC
2000-11-22 02:53:05: ipsec_doi.c:323:get_ph1approvalx(): (encklen = 0:0)
2000-11-22 02:53:05: ipsec_doi.c:323:get_ph1approvalx(): hashtype = SHA:SHA
2000-11-22 02:53:05: ipsec_doi.c:323:get_ph1approvalx(): authmethod = pre-shared key:pre-shared key
2000-11-22 02:53:05: ipsec_doi.c:323:get_ph1approvalx(): dh_group = 1024-bit MODP group:1024-bit MODP group
2000-11-22 02:53:05: ipsec_doi.c:344:get_ph1approvalx(): unacceptable proposal.
2000-11-22 02:53:05: ipsec_doi.c:283:get_ph1approvalx(): prop#=1, prot-id=ISAKMP, spi-size=0, #trns=4
2000-11-22 02:53:05: ipsec_doi.c:289:get_ph1approvalx(): trns#=2, trns-id=IKE
2000-11-22 02:53:05: ipsec_doi.c:389:t2isakmpsa(): type=Encryption Algorithm, flag=0x8000, lorv=DES-CBC
2000-11-22 02:53:05: ipsec_doi.c:389:t2isakmpsa(): type=Hash Algorithm, flag=0x8000, lorv=MD5
2000-11-22 02:53:05: ipsec_doi.c:389:t2isakmpsa(): type=Group Description, flag=0x8000, lorv=1024-bit MODP group
2000-11-22 02:53:05: ipsec_doi.c:389:t2isakmpsa(): type=Authentication Method, flag=0x8000, lorv=pre-shared key
2000-11-22 02:53:05: ipsec_doi.c:389:t2isakmpsa(): type=Life Type, flag=0x8000, lorv=seconds
2000-11-22 02:53:05: ipsec_doi.c:389:t2isakmpsa(): type=Life Duration, flag=0x0000, lorv=4
2000-11-22 02:53:05: ipsec_doi.c:323:get_ph1approvalx(): Compared: DB:Peer
2000-11-22 02:53:05: ipsec_doi.c:323:get_ph1approvalx(): (lifetime = 60:28800)
2000-11-22 02:53:05: ipsec_doi.c:323:get_ph1approvalx(): (lifebyte = 5120:0)
2000-11-22 02:53:05: ipsec_doi.c:323:get_ph1approvalx(): enctype = 3DES-CBC:DES-CBC
2000-11-22 02:53:05: ipsec_doi.c:323:get_ph1approvalx(): (encklen = 0:0)
2000-11-22 02:53:05: ipsec_doi.c:323:get_ph1approvalx(): hashtype = SHA:MD5
2000-11-22 02:53:05: ipsec_doi.c:323:get_ph1approvalx(): authmethod = pre-shared key:pre-shared key
2000-11-22 02:53:05: ipsec_doi.c:323:get_ph1approvalx(): dh_group = 1024-bit MODP group:1024-bit MODP group
2000-11-22 02:53:05: ipsec_doi.c:344:get_ph1approvalx(): unacceptable proposal.
2000-11-22 02:53:05: ipsec_doi.c:283:get_ph1approvalx(): prop#=1, prot-id=ISAKMP, spi-size=0, #trns=4
2000-11-22 02:53:05: ipsec_doi.c:289:get_ph1approvalx(): trns#=3, trns-id=IKE
2000-11-22 02:53:05: ipsec_doi.c:389:t2isakmpsa(): type=Encryption Algorithm, flag=0x8000, lorv=DES-CBC
2000-11-22 02:53:05: ipsec_doi.c:389:t2isakmpsa(): type=Hash Algorithm, flag=0x8000, lorv=SHA
2000-11-22 02:53:05: ipsec_doi.c:389:t2isakmpsa(): type=Group Description, flag=0x8000, lorv=768-bit MODP group
2000-11-22 02:53:05: ipsec_doi.c:389:t2isakmpsa(): type=Authentication Method, flag=0x8000, lorv=pre-shared key
2000-11-22 02:53:05: ipsec_doi.c:389:t2isakmpsa(): type=Life Type, flag=0x8000, lorv=seconds
2000-11-22 02:53:05: ipsec_doi.c:389:t2isakmpsa(): type=Life Duration, flag=0x0000, lorv=4
2000-11-22 02:53:05: ipsec_doi.c:323:get_ph1approvalx(): Compared: DB:Peer
2000-11-22 02:53:05: ipsec_doi.c:323:get_ph1approvalx(): (lifetime = 60:28800)
2000-11-22 02:53:05: ipsec_doi.c:323:get_ph1approvalx(): (lifebyte = 5120:0)
2000-11-22 02:53:05: ipsec_doi.c:323:get_ph1approvalx(): enctype = 3DES-CBC:DES-CBC
2000-11-22 02:53:05: ipsec_doi.c:323:get_ph1approvalx(): (encklen = 0:0)
2000-11-22 02:53:05: ipsec_doi.c:323:get_ph1approvalx(): hashtype = SHA:SHA
2000-11-22 02:53:05: ipsec_doi.c:323:get_ph1approvalx(): authmethod = pre-shared key:pre-shared key
2000-11-22 02:53:05: ipsec_doi.c:323:get_ph1approvalx(): dh_group = 1024-bit MODP group:768-bit MODP group
2000-11-22 02:53:05: ipsec_doi.c:344:get_ph1approvalx(): unacceptable proposal.
2000-11-22 02:53:05: ipsec_doi.c:283:get_ph1approvalx(): prop#=1, prot-id=ISAKMP, spi-size=0, #trns=4
2000-11-22 02:53:05: ipsec_doi.c:289:get_ph1approvalx(): trns#=4, trns-id=IKE
2000-11-22 02:53:05: ipsec_doi.c:389:t2isakmpsa(): type=Encryption Algorithm, flag=0x8000, lorv=DES-CBC
2000-11-22 02:53:05: ipsec_doi.c:389:t2isakmpsa(): type=Hash Algorithm, flag=0x8000, lorv=MD5
2000-11-22 02:53:05: ipsec_doi.c:389:t2isakmpsa(): type=Group Description, flag=0x8000, lorv=768-bit MODP group
2000-11-22 02:53:05: ipsec_doi.c:389:t2isakmpsa(): type=Authentication Method, flag=0x8000, lorv=pre-shared key
2000-11-22 02:53:05: ipsec_doi.c:389:t2isakmpsa(): type=Life Type, flag=0x8000, lorv=seconds
2000-11-22 02:53:05: ipsec_doi.c:389:t2isakmpsa(): type=Life Duration, flag=0x0000, lorv=4
2000-11-22 02:53:05: ipsec_doi.c:323:get_ph1approvalx(): Compared: DB:Peer
2000-11-22 02:53:05: ipsec_doi.c:323:get_ph1approvalx(): (lifetime = 60:28800)
2000-11-22 02:53:05: ipsec_doi.c:323:get_ph1approvalx(): (lifebyte = 5120:0)
2000-11-22 02:53:05: ipsec_doi.c:323:get_ph1approvalx(): enctype = 3DES-CBC:DES-CBC
2000-11-22 02:53:05: ipsec_doi.c:323:get_ph1approvalx(): (encklen = 0:0)
2000-11-22 02:53:05: ipsec_doi.c:323:get_ph1approvalx(): hashtype = SHA:MD5
2000-11-22 02:53:05: ipsec_doi.c:323:get_ph1approvalx(): authmethod = pre-shared key:pre-shared key
2000-11-22 02:53:05: ipsec_doi.c:323:get_ph1approvalx(): dh_group = 1024-bit MODP group:768-bit MODP group
2000-11-22 02:53:05: ipsec_doi.c:344:get_ph1approvalx(): unacceptable proposal.
2000-11-22 02:53:05: isakmp_ident.c:721:ident_r1recv(): 192.168.0.1[500] failed to get valid proposal.
2000-11-22 02:53:05: isakmp.c:874:isakmp_ph1begin_r(): 192.168.0.1[500] failed to process packet.
2000-11-22 02:53:09: isakmp.c:207:isakmp_handler(): ===
2000-11-22 02:53:09: isakmp.c:211:isakmp_handler(): 192.168.0.99[500] 216 bytes message received from 192.168.0.1[500]
 fe6e2baf 61660328 00000000 00000000 01100200 00000000 000000d8 0d0000a4
 00000001 00000001 00000098 01010004 03000024 01010000 80010001 80020002
 80040002 80030001 800b0001 000c0004 00007080 03000024 02010000 80010001
 80020001 80040002 80030001 800b0001 000c0004 00007080 03000024 03010000
 80010001 80020002 80040001 80030001 800b0001 000c0004 00007080 00000024
 04010000 80010001 80020001 80040001 80030001 800b0001 000c0004 00007080
 00000018 1e2b5169 05991c7d 7c96fcbf b587e461 00000002
2000-11-22 02:53:09: isakmp.c:2152:isakmp_printpacket(): begin.
53:09.396907 192.168.0.1:500 -> 192.168.0.99:500: isakmp 1.0 msgid 00000000 cookie fe6e2baf61660328->0000000000000000: phase 1 I ident:
    (sa: doi=ipsec situation=identity
        (p: #1 protoid=isakmp transform=4
            (t: #1 id=ike (type=enc value=1des)(type=hash value=sha1)(type=group desc value=modp1024)(type=auth value=preshared)(type=lifetype value=sec)(type=lifeduration len=4 value=00007080))
            (t: #2 id=ike (type=enc value=1des)(type=hash value=md5)(type=group desc value=modp1024)(type=auth value=preshared)(type=lifetype value=sec)(type=lifeduration len=4 value=00007080))
            (t: #3 id=ike (type=enc value=1des)(type=hash value=sha1)(type=group desc value=modp768)(type=auth value=preshared)(type=lifetype value=sec)(type=lifeduration len=4 value=00007080))
            (t: #4 id=ike (type=enc value=1des)(type=hash value=md5)(type=group desc value=modp768)(type=auth value=preshared)(type=lifetype value=sec)(type=lifeduration len=4 value=00007080))))
    (vid: len=20 1e2b516905991c7d7c96fcbfb587e46100000002)
2000-11-22 02:53:09: remoteconf.c:131:getrmconf(): anonymous configuration selected for 192.168.0.1[500].
2000-11-22 02:53:09: isakmp.c:856:isakmp_ph1begin_r(): new responder iph1 0x8099700: local 192.168.0.99 500 remote 192.168.0.1 500
2000-11-22 02:53:09: isakmp.c:860:isakmp_ph1begin_r(): ===
2000-11-22 02:53:09: isakmp.c:863:isakmp_ph1begin_r(): begin Identity Protection mode.
2000-11-22 02:53:09: isakmp_ident.c:662:ident_r1recv(): begin.
2000-11-22 02:53:09: isakmp.c:1123:isakmp_parse(): begin.
2000-11-22 02:53:09: isakmp.c:1035:isakmp_parsewoh(): begin.
2000-11-22 02:53:09: isakmp.c:1066:isakmp_parsewoh(): seen nptype=1(sa)
2000-11-22 02:53:09: isakmp.c:1066:isakmp_parsewoh(): seen nptype=13(vid)
2000-11-22 02:53:09: isakmp.c:1104:isakmp_parsewoh(): succeed.
2000-11-22 02:53:09: isakmp.c:1131:isakmp_parse(): end.
2000-11-22 02:53:09: isakmp_ident.c:700:ident_r1recv(): 192.168.0.1[500] peer transmitted Vendor ID.
2000-11-22 02:53:09: vendorid.c:97:check_vendorid(): Vendor ID mismatch.
2000-11-22 02:53:09: ipsec_doi.c:1021:get_proppair(): total SA len=160
 00000001 00000001 00000098 01010004 03000024 01010000 80010001 80020002
 80040002 80030001 800b0001 000c0004 00007080 03000024 02010000 80010001
 80020001 80040002 80030001 800b0001 000c0004 00007080 03000024 03010000
 80010001 80020002 80040001 80030001 800b0001 000c0004 00007080 00000024
 04010000 80010001 80020001 80040001 80030001 800b0001 000c0004 00007080
2000-11-22 02:53:09: isakmp.c:1035:isakmp_parsewoh(): begin.
2000-11-22 02:53:09: isakmp.c:1066:isakmp_parsewoh(): seen nptype=2(prop)
2000-11-22 02:53:09: isakmp.c:1104:isakmp_parsewoh(): succeed.
2000-11-22 02:53:09: ipsec_doi.c:1076:get_proppair(): proposal #1 len=152
2000-11-22 02:53:09: isakmp.c:1035:isakmp_parsewoh(): begin.
2000-11-22 02:53:09: isakmp.c:1066:isakmp_parsewoh(): seen nptype=3(trns)
2000-11-22 02:53:09: isakmp.c:1066:isakmp_parsewoh(): seen nptype=3(trns)
2000-11-22 02:53:09: isakmp.c:1066:isakmp_parsewoh(): seen nptype=3(trns)
2000-11-22 02:53:09: isakmp.c:1066:isakmp_parsewoh(): seen nptype=3(trns)
2000-11-22 02:53:09: isakmp.c:1104:isakmp_parsewoh(): succeed.
2000-11-22 02:53:09: ipsec_doi.c:1220:get_transform(): transform #1 len=36
2000-11-22 02:53:09: ipsec_doi.c:1781:check_attr_isakmp(): type=Encryption Algorithm, flag=0x8000, lorv=DES-CBC
2000-11-22 02:53:09: ipsec_doi.c:1781:check_attr_isakmp(): type=Hash Algorithm, flag=0x8000, lorv=SHA
2000-11-22 02:53:09: ipsec_doi.c:1781:check_attr_isakmp(): type=Group Description, flag=0x8000, lorv=1024-bit MODP group
2000-11-22 02:53:09: ipsec_doi.c:1781:check_attr_isakmp(): type=Authentication Method, flag=0x8000, lorv=pre-shared key
2000-11-22 02:53:09: ipsec_doi.c:1781:check_attr_isakmp(): type=Life Type, flag=0x8000, lorv=seconds
2000-11-22 02:53:09: ipsec_doi.c:1781:check_attr_isakmp(): type=Life Duration, flag=0x0000, lorv=4
2000-11-22 02:53:09: ipsec_doi.c:1220:get_transform(): transform #2 len=36
2000-11-22 02:53:09: ipsec_doi.c:1781:check_attr_isakmp(): type=Encryption Algorithm, flag=0x8000, lorv=DES-CBC
2000-11-22 02:53:09: ipsec_doi.c:1781:check_attr_isakmp(): type=Hash Algorithm, flag=0x8000, lorv=MD5
2000-11-22 02:53:09: ipsec_doi.c:1781:check_attr_isakmp(): type=Group Description, flag=0x8000, lorv=1024-bit MODP group
2000-11-22 02:53:09: ipsec_doi.c:1781:check_attr_isakmp(): type=Authentication Method, flag=0x8000, lorv=pre-shared key
2000-11-22 02:53:09: ipsec_doi.c:1781:check_attr_isakmp(): type=Life Type, flag=0x8000, lorv=seconds
2000-11-22 02:53:09: ipsec_doi.c:1781:check_attr_isakmp(): type=Life Duration, flag=0x0000, lorv=4
2000-11-22 02:53:09: ipsec_doi.c:1220:get_transform(): transform #3 len=36
2000-11-22 02:53:09: ipsec_doi.c:1781:check_attr_isakmp(): type=Encryption Algorithm, flag=0x8000, lorv=DES-CBC
2000-11-22 02:53:09: ipsec_doi.c:1781:check_attr_isakmp(): type=Hash Algorithm, flag=0x8000, lorv=SHA
2000-11-22 02:53:09: ipsec_doi.c:1781:check_attr_isakmp(): type=Group Description, flag=0x8000, lorv=768-bit MODP group
2000-11-22 02:53:09: ipsec_doi.c:1781:check_attr_isakmp(): type=Authentication Method, flag=0x8000, lorv=pre-shared key
2000-11-22 02:53:09: ipsec_doi.c:1781:check_attr_isakmp(): type=Life Type, flag=0x8000, lorv=seconds
2000-11-22 02:53:09: ipsec_doi.c:1781:check_attr_isakmp(): type=Life Duration, flag=0x0000, lorv=4
2000-11-22 02:53:09: ipsec_doi.c:1220:get_transform(): transform #4 len=36
2000-11-22 02:53:09: ipsec_doi.c:1781:check_attr_isakmp(): type=Encryption Algorithm, flag=0x8000, lorv=DES-CBC
2000-11-22 02:53:09: ipsec_doi.c:1781:check_attr_isakmp(): type=Hash Algorithm, flag=0x8000, lorv=MD5
2000-11-22 02:53:09: ipsec_doi.c:1781:check_attr_isakmp(): type=Group Description, flag=0x8000, lorv=768-bit MODP group
2000-11-22 02:53:09: ipsec_doi.c:1781:check_attr_isakmp(): type=Authentication Method, flag=0x8000, lorv=pre-shared key
2000-11-22 02:53:09: ipsec_doi.c:1781:check_attr_isakmp(): type=Life Type, flag=0x8000, lorv=seconds
2000-11-22 02:53:09: ipsec_doi.c:1781:check_attr_isakmp(): type=Life Duration, flag=0x0000, lorv=4
pair 1:
2000-11-22 02:53:09: proposal.c:877:print_proppair0():  0x80aa390: next=0x0 tnext=0x80aa3a0
2000-11-22 02:53:09: proposal.c:877:print_proppair0():   0x80aa3a0: next=0x0 tnext=0x80aa3b0
2000-11-22 02:53:09: proposal.c:877:print_proppair0():    0x80aa3b0: next=0x0 tnext=0x80aa3c0
2000-11-22 02:53:09: proposal.c:877:print_proppair0():     0x80aa3c0: next=0x0 tnext=0x0
2000-11-22 02:53:09: ipsec_doi.c:1157:get_proppair(): proposal #1: 4 transform
2000-11-22 02:53:09: ipsec_doi.c:283:get_ph1approvalx(): prop#=1, prot-id=ISAKMP, spi-size=0, #trns=4
2000-11-22 02:53:09: ipsec_doi.c:289:get_ph1approvalx(): trns#=1, trns-id=IKE
2000-11-22 02:53:09: ipsec_doi.c:389:t2isakmpsa(): type=Encryption AlgEà(]i@÷KDÀCÆO>ž¯òõNÏËC
2000-11-22 02:53:09: ipsec_doi.c:389:t2isakmpsa(): type=Hash Algorithm, flag=0x8000, lorv=SHA
2000-11-22 02:53:09: ipsec_doi.c:389:t2isakmpsa(): type=Group Description, flag=0x8000, lorv=1024-bit MODP group
2000-11-22 02:53:09: ipsec_doi.c:389:t2isakmpsa(): type=Authentication Method, flag=0x8000, lorv=pre-shared key
2000-11-22 02:53:09: ipsec_doi.c:389:t2isakmpsa(): type=Life Type, flag=0x8000, lorv=seconds
2000-11-22 02:53:09: ipsec_doi.c:389:t2isakmpsa(): type=Life Duration, flag=0x0000, lorv=4
2000-11-22 02:53:09: ipsec_doi.c:323:get_ph1approvalx(): Compared: DB:Peer
2000-11-22 02:53:09: ipsec_doi.c:323:get_ph1approvalx(): (lifetime = 60:28800)
2000-11-22 02:53:09: ipsec_doi.c:323:get_ph1approvalx(): (lifebyte = 5120:0)
2000-11-22 02:53:09: ipsec_doi.c:323:get_ph1approvalx(): enctype = 3DES-CBC:DES-CBC
2000-11-22 02:53:09: ipsec_doi.c:323:get_ph1approvalx(): (encklen = 0:0)
2000-11-22 02:53:09: ipsec_doi.c:323:get_ph1approvalx(): hashtype = SHA:SHA
2000-11-22 02:53:09: ipsec_doi.c:323:get_ph1approvalx(): authmethod = pre-shared key:pre-shared key
2000-11-22 02:53:09: ipsec_doi.c:323:get_ph1approvalx(): dh_group = 1024-bit MODP group:1024-bit MODP group
2000-11-22 02:53:09: ipsec_doi.c:344:get_ph1approvalx(): unacceptable proposal.
2000-11-22 02:53:09: ipsec_doi.c:283:get_ph1approvalx(): prop#=1, prot-id=ISAKMP, spi-size=0, #trns=4
2000-11-22 02:53:09: ipsec_doi.c:289:get_ph1approvalx(): trns#=2, trns-id=IKE
2000-11-22 02:53:09: ipsec_doi.c:389:t2isakmpsa(): type=Encryption Algorithm, flag=0x8000, lorv=DES-CBC
2000-11-22 02:53:09: ipsec_doi.c:389:t2isakmpsa(): type=Hash Algorithm, flag=0x8000, lorv=MD5
2000-11-22 02:53:09: ipsec_doi.c:389:t2isakmpsa(): type=Group Description, flag=0x8000, lorv=1024-bit MODP group
2000-11-22 02:53:09: ipsec_doi.c:389:t2isakmpsa(): type=Authentication Method, flag=0x8000, lorv=pre-shared key
2000-11-22 02:53:09: ipsec_doi.c:389:t2isakmpsa(): type=Life Type, flag=0x8000, lorv=seconds
2000-11-22 02:53:09: ipsec_doi.c:389:t2isakmpsa(): type=Life Duration, flag=0x0000, lorv=4
2000-11-22 02:53:09: ipsec_doi.c:323:get_ph1approvalx(): Compared: DB:Peer
2000-11-22 02:53:09: ipsec_doi.c:323:get_ph1approvalx(): (lifetime = 60:28800)
2000-11-22 02:53:09: ipsec_doi.c:323:get_ph1approvalx(): (lifebyte = 5120:0)
2000-11-22 02:53:09: ipsec_doi.c:323:get_ph1approvalx(): enctype = 3DES-CBC:DES-CBC
2000-11-22 02:53:09: ipsec_doi.c:323:get_ph1approvalx(): (encklen = 0:0)
2000-11-22 02:53:09: ipsec_doi.c:323:get_ph1approvalx(): hashtype = SHA:MD5
2000-11-22 02:53:09: ipsec_doi.c:323:get_ph1approvalx(): authmethod = pre-shared key:pre-shared key
2000-11-22 02:53:09: ipsec_doi.c:323:get_ph1approvalx(): dh_group = 1024-bit MODP group:1024-bit MODP group
2000-11-22 02:53:09: ipsec_doi.c:344:get_ph1approvalx(): unacceptable proposal.
2000-11-22 02:53:09: ipsec_doi.c:283:get_ph1approvalx(): prop#=1, prot-id=ISAKMP, spi-size=0, #trns=4
2000-11-22 02:53:09: ipsec_doi.c:289:get_ph1approvalx(): trns#=3, trns-id=IKE
2000-11-22 02:53:09: ipsec_doi.c:389:t2isakmpsa(): type=Encryption Algorithm, flag=0x8000, lorv=DES-CBC
2000-11-22 02:53:09: ipsec_doi.c:389:t2isakmpsa(): type=Hash Algorithm, flag=0x8000, lorv=SHA
2000-11-22 02:53:09: ipsec_doi.c:389:t2isakmpsa(): type=Group Description, flag=0x8000, lorv=768-bit MODP group
2000-11-22 02:53:09: ipsec_doi.c:389:t2isakmpsa(): type=Authentication Method, flag=0x8000, lorv=pre-shared key
2000-11-22 02:53:09: ipsec_doi.c:389:t2isakmpsa(): type=Life Type, flag=0x8000, lorv=seconds
2000-11-22 02:53:09: ipsec_doi.c:389:t2isakmpsa(): type=Life Duration, flag=0x0000, lorv=4
2000-11-22 02:53:09: ipsec_doi.c:323:get_ph1approvalx(): Compared: DB:Peer
2000-11-22 02:53:09: ipsec_doi.c:323:get_ph1approvalx(): (lifetime = 60:28800)
2000-11-22 02:53:09: ipsec_doi.c:323:get_ph1approvalx(): (lifebyte = 5120:0)
2000-11-22 02:53:09: ipsec_doi.c:323:get_ph1approvalx(): enctype = 3DES-CBC:DES-CBC
2000-11-22 02:53:09: ipsec_doi.c:323:get_ph1approvalx(): (encklen = 0:0)
2000-11-22 02:53:09: ipsec_doi.c:323:get_ph1approvalx(): hashtype = SHA:SHA
2000-11-22 02:53:09: ipsec_doi.c:323:get_ph1approvalx(): authmethod = pre-shared key:pre-shared key
2000-11-22 02:53:09: ipsec_doi.c:323:get_ph1approvalx(): dh_group = 1024-bit MODP group:768-bit MODP group
2000-11-22 02:53:09: ipsec_doi.c:344:get_ph1approvalx(): unacceptable proposal.
2000-11-22 02:53:09: ipsec_doi.c:283:get_ph1approvalx(): prop#=1, prot-id=ISAKMP, spi-size=0, #trns=4
2000-11-22 02:53:09: ipsec_doi.c:289:get_ph1approvalx(): trns#=4, trns-id=IKE
2000-11-22 02:53:09: ipsec_doi.c:389:t2isakmpsa(): type=Encryption Algorithm, flag=0x8000, lorv=DES-CBC
2000-11-22 02:53:09: ipsec_doi.c:389:t2isakmpsa(): type=Hash Algorithm, flag=0x8000, lorv=MD5
2000-11-22 02:53:09: ipsec_doi.c:389:t2isakmpsa(): type=Group Description, flag=0x8000, lorv=768-bit MODP group
2000-11-22 02:53:09: ipsec_doi.c:389:t2isakmpsa(): type=Authentication Method, flag=0x8000, lorv=pre-shared key
2000-11-22 02:53:09: ipsec_doi.c:389:t2isakmpsa(): type=Life Type, flag=0x8000, lorv=seconds
2000-11-22 02:53:09: ipsec_doi.c:389:t2isakmpsa(): type=Life Duration, flag=0x0000, lorv=4
2000-11-22 02:53:09: ipsec_doi.c:323:get_ph1approvalx(): Compared: DB:Peer
2000-11-22 02:53:09: ipsec_doi.c:323:get_ph1approvalx(): (lifetime = 60:28800)
2000-11-22 02:53:09: ipsec_doi.c:323:get_ph1approvalx(): (lifebyte = 5120:0)
2000-11-22 02:53:09: ipsec_doi.c:323:get_ph1approvalx(): enctype = 3DES-CBC:DES-CBC
2000-11-22 02:53:09: ipsec_doi.c:323:get_ph1approvalx(): (encklen = 0:0)
2000-11-22 02:53:09: ipsec_doi.c:323:get_ph1approvalx(): hashtype = SHA:MD5
2000-11-22 02:53:09: ipsec_doi.c:323:get_ph1approvalx(): authmethod = pre-shared key:pre-shared key
2000-11-22 02:53:09: ipsec_doi.c:323:get_ph1approvalx(): dh_group = 1024-bit MODP group:768-bit MODP group
2000-11-22 02:53:09: ipsec_doi.c:344:get_ph1approvalx(): unacceptable proposal.
2000-11-22 02:53:09: isakmp_ident.c:721:ident_r1recv(): 192.168.0.1[500] failed to get valid proposal.
2000-11-22 02:53:09: isakmp.c:874:isakmp_ph1begin_r(): 192.168.0.1[500] failed to process packet.
2000-11-22 02:53:17: isakmp.c:207:isakmp_handler(): ===
2000-11-22 02:53:17: isakmp.c:211:isakmp_handler(): 192.168.0.99[500] 216 bytes message received from 192.168.0.1[500]
 fe6e2baf 61660328 00000000 00000000 01100200 00000000 000000d8 0d0000a4
 00000001 00000001 00000098 01010004 03000024 01010000 80010001 80020002
 80040002 80030001 800b0001 000c0004 00007080 03000024 02010000 80010001
 80020001 80040002 80030001 800b0001 000c0004 00007080 03000024 03010000
 80010001 80020002 80040001 80030001 800b0001 000c0004 00007080 00000024
 04010000 80010001 80020001 80040001 80030001 800b0001 000c0004 00007080
 00000018 1e2b5169 05991c7d 7c96fcbf b587e461 00000002
2000-11-22 02:53:17: isakmp.c:2152:isakmp_printpacket(): begin.
53:17.389391 192.168.0.1:500 -> 192.168.0.99:500: isakmp 1.0 msgid 00000000 cookie fe6e2baf61660328->0000000000000000: phase 1 I ident:
    (sa: doi=ipsec situation=identity
        (p: #1 protoid=isakmp transform=4
            (t: #1 id=ike (type=enc value=1des)(type=hash value=sha1)(type=group desc value=modp1024)(type=auth value=preshared)(type=lifetype value=sec)(type=lifeduration len=4 value=00007080))
            (t: #2 id=ike (type=enc value=1des)(type=hash value=md5)(type=group desc value=modp1024)(type=auth value=preshared)(type=lifetype value=sec)(type=lifeduration len=4 value=00007080))
            (t: #3 id=ike (type=enc value=1des)(type=hash value=sha1)(type=group desc value=modp768)(type=auth value=preshared)(type=lifetype value=sec)(type=lifeduration len=4 value=00007080))
            (t: #4 id=ike (type=enc value=1des)(type=hash value=md5)(type=group desc value=modp768)(type=auth value=preshared)(type=lifetype value=sec)(type=lifeduration len=4 value=00007080))))
    (vid: len=20 1e2b516905991c7d7c96fcbfb587e46100000002)
2000-11-22 02:53:17: remoteconf.c:131:getrmconf(): anonymous configuration selected for 192.168.0.1[500].
2000-11-22 02:53:17: isakmp.c:856:isakmp_ph1begin_r(): new responder iph1 0x8099800: local 192.168.0.99 500 remote 192.168.0.1 500
2000-11-22 02:53:17: isakmp.c:860:isakmp_ph1begin_r(): ===
2000-11-22 02:53:17: isakmp.c:863:isakmp_ph1begin_r(): begin Identity Protection mode.
2000-11-22 02:53:17: isakmp_ident.c:662:ident_r1recv(): begin.
2000-11-22 02:53:17: isakmp.c:1123:isakmp_parse(): begin.
2000-11-22 02:53:17: isakmp.c:1035:isakmp_parsewoh(): begin.
2000-11-22 02:53:17: isakmp.c:1066:isakmp_parsewoh(): seen nptype=1(sa)
2000-11-22 02:53:17: isakmp.c:1066:isakmp_parsewoh(): seen nptype=13(vid)
2000-11-22 02:53:17: isakmp.c:1104:isakmp_parsewoh(): succeed.
2000-11-22 02:53:17: isakmp.c:1131:isakmp_parse(): end.
2000-11-22 02:53:17: isakmp_ident.c:700:ident_r1recv(): 192.168.0.1[500] peer transmitted Vendor ID.
2000-11-22 02:53:17: vendorid.c:97:check_vendorid(): Vendor ID mismatch.
2000-11-22 02:53:17: ipsec_doi.c:1021:get_proppair(): total SA len=160
 00000001 00000001 00000098 01010004 03000024 01010000 80010001 80020002
 80040002 80030001 800b0001 000c0004 00007080 03000024 02010000 80010001
 80020001 80040002 80030001 800b0001 000c0004 00007080 03000024 03010000
 80010001 80020002 80040001 80030001 800b0001 000c0004 00007080 00000024
 04010000 80010001 80020001 80040001 80030001 800b0001 000c0004 00007080
2000-11-22 02:53:17: isakmp.c:1035:isakmp_parsewoh(): begin.
2000-11-22 02:53:17: isakmp.c:1066:isakmp_parsewoh(): seen nptype=2(prop)
2000-11-22 02:53:17: isakmp.c:1104:isakmp_parsewoh(): succeed.
2000-11-22 02:53:17: ipsec_doi.c:1076:get_proppair(): proposal #1 len=152
2000-11-22 02:53:17: isakmp.c:1035:isakmp_parsewoh(): begin.
2000-11-22 02:53:17: isakmp.c:1066:isakmp_parsewoh(): seen nptype=3(trns)
2000-11-22 02:53:17: isakmp.c:1066:isakmp_parsewoh(): seen nptype=3(trns)
2000-11-22 02:53:17: isakmp.c:1066:isakmp_parsewoh(): seen nptype=3(trns)
2000-11-22 02:53:17: isakmp.c:1066:isakmp_parsewoh(): seen nptype=3(trns)
2000-11-22 02:53:17: isakmp.c:1104:isakmp_parsewoh(): succeed.
2000-11-22 02:53:17: ipsec_doi.c:1220:get_transform(): transform #1 len=36
2000-11-22 02:53:17: ipsec_doi.c:1781:check_attr_isakmp(): type=Encryption Algorithm, flag=0x8000, lorv=DES-CBC
2000-11-22 02:53:17: ipsec_doi.c:1781:check_attr_isakmp(): type=Hash Algorithm, flag=0x8000, lorv=SHA
2000-11-22 02:53:17: ipsec_doi.c:1781:check_attr_isakmp(): type=Group Description, flag=0x8000, lorv=1024-bit MODP group
2000-11-22 02:53:17: ipsec_doi.c:1781:check_attr_isakmp(): type=Authentication Method, flag=0x8000, lorv=pre-shared key
2000-11-22 02:53:17: ipsec_doi.c:1781:check_attr_isakmp(): type=Life Type, flag=0x8000, lorv=seconds
2000-11-22 02:53:17: ipsec_doi.c:1781:check_attr_isakmp(): type=Life Duration, flag=0x0000, lorv=4
2000-11-22 02:53:17: ipsec_doi.c:1220:get_transform(): transform #2 len=36
2000-11-22 02:53:17: ipsec_doi.c:1781:check_attr_isakmp(): type=Encryption Algorithm, flag=0x8000, lorv=DES-CBC
2000-11-22 02:53:17: ipsec_doi.c:1781:check_attr_isakmp(): type=Hash Algorithm, flag=0x8000, lorv=MD5
2000-11-22 02:53:17: ipsec_doi.c:1781:check_attr_isakmp(): type=Group Description, flag=0x8000, lorv=1024-bit MODP group
2000-11-22 02:53:17: ipsec_doi.c:1781:check_attr_isakmp(): type=Authentication Method, flag=0x8000, lorv=pre-shared key
2000-11-22 02:53:17: ipsec_doi.c:1781:check_attr_isakmp(): type=Life Type, flag=0x8000, lorv=seconds
2000-11-22 02:53:17: ipsec_doi.c:1781:check_attr_isakmp(): type=Life Duration, flag=0x0000, lorv=4
2000-11-22 02:53:17: ipsec_doi.c:1220:get_transform(): transform #3 len=36
2000-11-22 02:53:17: ipsec_doi.c:1781:check_attr_isakmp(): type=Encryption Algorithm, flag=0x8000, lorv=DES-CBC
2000-11-22 02:53:17: ipsec_doi.c:1781:check_attr_isakmp(): type=Hash Algorithm, flag=0x8000, lorv=SHA
2000-11-22 02:53:17: ipsec_doi.c:1781:check_attr_isakmp(): type=Group Description, flag=0x8000, lorv=768-bit MODP group
2000-11-22 02:53:17: ipsec_doi.c:1781:check_attr_isakmp(): type=Authentication Method, flag=0x8000, lorv=pre-shared key
2000-11-22 02:53:17: ipsec_doi.c:1781:check_attr_isakmp(): type=Life Type, flag=0x8000, lorv=seconds
2000-11-22 02:53:17: ipsec_doi.c:1781:check_attr_isakmp(): type=Life Duration, flag=0x0000, lorv=4
2000-11-22 02:53:17: ipsec_doi.c:1220:get_transform(): transform #4 len=36
2000-11-22 02:53:17: ipsec_doi.c:1781:check_attr_isakmp(): type=Encryption Algorithm, flag=0x8000, lorv=DES-CBC
2000-11-22 02:53:17: ipsec_doi.c:1781:check_attr_isakmp(): type=Hash Algorithm, flag=0x8000, lorv=MD5
2000-11-22 02:53:17: ipsec_doi.c:1781:check_attr_isakmp(): type=Group Description, flag=0x8000, lorv=768-bit MODP group
2000-11-22 02:53:17: ipsec_doi.c:1781:check_attr_isakmp(): type=Authentication Method, flag=0x8000, lorv=pre-shared key
2000-11-22 02:53:17: ipsec_doi.c:1781:check_attr_isakmp(): type=Life Type, flag=0x8000, lorv=seconds
2000-11-22 02:53:17: ipsec_doi.c:1781:check_attr_isakmp(): type=Life Duration, flag=0x0000, lorv=4
pair 1:
2000-11-22 02:53:17: proposal.c:877:print_proppair0():  0x80aa3d0: next=0x0 tnext=0x80aa3e0
2000-11-22 02:53:17: proposal.c:877:print_proppair0():   0x80aa3e0: next=0x0 tnext=0x80aa3f0
2000-11-22 02:53:17: proposal.c:877:print_proppair0():    0x80aa3f0: next=0x0 tnext=0x80aa400
2000-11-22 02:53:17: proposal.c:877:print_proppair0():     0x80aa400: next=0x0 tnext=0x0
2000-11-22 02:53:17: ipsec_doi.c:1157:get_proppair(): proposal #1: 4 transform
2000-11-22 02:53:17: ipsec_doi.c:283:get_ph1approvalx(): prop#=1, prot-id=ISAKMP, spi-size=0, #trns=4
2000-11-22 02:53:17: ipsec_doi.c:289:get_ph1approvalx(): trns#=1, trns-id=IKE
2000-11-22 02:53:17: ipsec_doi.c:389:t2isakmpsa(): type=Encryption Algorithm, flag=0x8000, lorv=DES-CBC
2000-11-22 02:53:17: ipsec_doi.c:389:t2isakmpsa(): type=Hash Algorithm, flag=0x8000, lorv=SHA
2000-11-22 02:53:17: ipsec_doi.c:389:t2isakmpsa(): type=Group Description, flag=0x8000, lorv=1024-bit MODP group
2000-11-22 02:53:17: ipsec_doi.c:389:t2isakmpsa(): type=Authentication Method, flag=0x8000, lorv=pre-shared key
2000-11-22 02:53:17: ipsec_doi.c:389:t2isakmpsa(): type=Life Type, flag=0x8000, lorv=seconds
2000-11-22 02:53:17: ipsec_doi.c:389:t2isakmpsa(): type=Life Duration, flag=0x0000, lorv=4
2000-11-22 02:53:17: ipsec_doi.c:323:get_ph1approvalx(): Compared: DB:Peer
2000-11-22 02:53:17: ipsec_doi.c:323:get_ph1approvalx(): (lifetime = 60:28800)
2000-11-22 02:53:17: ipsec_doi.c:323:get_ph1approvalx(): (lifebyte = 5120:0)
2000-11-22 02:53:17: ipsec_doi.c:323:get_ph1approvalx(): enctype = 3DES-CBC:DES-CBC
2000-11-22 02:53:17: ipsec_doi.c:323:get_ph1approvalx(): (encklen = 0:0)
2000-11-22 02:53:17: ipsec_doi.c:323:get_ph1approvalx(): hashtype = SHA:SHA
2000-11-22 02:53:17: ipsec_doi.c:323:get_ph1approvalx(): authmethod = pre-shared key:pre-shared key
2000-11-22 02:53:17: ipsec_doi.c:323:get_ph1approvalx(): dh_group = 1024-bit MODP group:1024-bit MODP group
2000-11-22 02:53:17: ipsec_doi.c:344:get_ph1approvalx(): unacceptable proposal.
2000-11-22 02:53:17: ipsec_doi.c:283:get_ph1approvalx(): prop#=1, prot-id=ISAKMP, spi-size=0, #trns=4
2000-11-22 02:53:17: ipsec_doi.c:289:get_ph1approvalx(): trns#=2, trns-id=IKE
2000-11-22 02:53:17: ipsec_doi.c:389:t2isakmpsa(): type=Encryption Algorithm, flag=0x8000, lorv=DES-CBC
2000-11-22 02:53:17: ipsec_doi.c:389:t2isakmpsa(): type=Hash Algorithm, flag=0x8000, lorv=MD5
2000-11-22 02:53:17: ipsec_doi.c:389:t2isakmpsa(): type=Group Description, flag=0x8000, lorv=1024-bit MODP group
2000-11-22 02:53:17: ipsec_doi.c:389:t2isakmpsa(): type=Authentication Method, flag=0x8000, lorv=pre-shared key
2000-11-22 02:53:17: ipsec_doi.c:389:t2isakmpsa(): type=Life Type, flag=0x8000, lorv=seconds
2000-11-22 02:53:17: ipsec_doi.c:389:t2isakmpsa(): type=Life Duration, flag=0x0000, lorv=4
2000-11-22 02:53:17: ipsec_doi.c:323:get_ph1approvalx(): Compared: DB:Peer
2000-11-22 02:53:17: ipsec_doi.c:323:get_ph1approvalx(): (lifetime = 60:28800)
2000-11-22 02:53:17: ipsec_doi.c:323:get_ph1approvalx(): (lifebyte = 5120:0)
2000-11-22 02:53:17: ipsec_doi.c:323:get_ph1approvalx(): enctype = 3DES-CBC:DES-CBC
2000-11-22 02:53:17: ipsec_doi.c:323:get_ph1approvalx(): (encklen = 0:0)
2000-11-22 02:53:17: ipsec_doi.c:323:get_ph1approvalx(): hashtype = SHA:MD5
2000-11-22 02:53:17: ipsec_doi.c:323:get_ph1approvalx(): authmethod = pre-shared key:pre-shared key
2000-11-22 02:53:17: ipsec_doi.c:323:get_ph1approvalx(): dh_group = 1024-bit MODP group:1024-bit MODP group
2000-11-22 02:53:17: ipsec_doi.c:344:get_ph1approvalx(): unacceptable proposal.
2000-11-22 02:53:17: ipsec_doi.c:283:get_ph1approvalx(): prop#=1, prot-id=ISAKMP, spi-size=0, #trns=4
2000-11-22 02:53:17: ipsec_doi.c:289:get_ph1approvalx(): trns#=3, trns-id=IKE
2000-11-22 02:53:17: ipsec_doi.c:389:t2isakmpsa(): type=Encryption Algorithm, flag=0x8000, lorv=DES-CBC
2000-11-22 02:53:17: ipsec_doi.c:389:t2isakmpsa(): type=Hash Algorithm, flag=0x8000, lorv=SHA
2000-11-22 02:53:17: ipsec_doi.c:389:t2isakmpsa(): type=Group Description, flag=0x8000, lorv=768-bit MODP group
2000-11-22 02:53:17: ipsec_doi.c:389:t2isakmpsa(): type=Authentication Method, flag=0x8000, lorv=pre-shared key
2000-11-22 02:53:17: ipsec_doi.c:389:t2isakmpsa(): type=Life Type, flag=0x8000, lorv=seconds
2000-11-22 02:53:17: ipsec_doi.c:389:t2isakmpsa(): type=Life Duration, flag=0x0000, lorv=4
2000-11-22 02:53:17: ipsec_doi.c:323:get_ph1approvalx(): Compared: DB:Peer
2000-11-22 02:53:17: ipsec_doi.c:323:get_ph1approvalx(): (lifetime = 60:28800)
2000-11-22 02:53:17: ipsec_doi.c:323:get_ph1approvalx(): (lifebyte = 5120:0)
2000-11-22 02:53:17: ipsec_doi.c:323:get_ph1approvalx(): enctype = 3DES-CBC:DES-CBC
2000-11-22 02:53:17: ipsec_doi.c:323:get_ph1approvalx(): (encklen = 0:0)
2000-11-22 02:53:17: ipsec_doi.c:323:get_ph1approvalx(): hashtype = SHA:SHA
2000-11-22 02:53:17: ipsec_doi.c:323:get_ph1approvalx(): authmethod = pre-shared key:pre-shared key
2000-11-22 02:53:17: ipsec_doi.c:323:get_ph1approvalx(): dh_group = 1024-bit MODP group:768-bit MODP group
2000-11-22 02:53:17: ipsec_doi.c:344:get_ph1approvalx(): unacceptable proposal.
2000-11-22 02:53:17: ipsec_doi.c:283:get_ph1approvalx(): prop#=1, prot-id=ISAKMP, spi-size=0, #trns=4
2000-11-22 02:53:17: ipsec_doi.c:289:get_ph1approvalx(): trns#=4, trns-id=IKE
2000-11-22 02:53:17: ipsec_doi.c:389:t2isakmpsa(): type=Encryption Algorithm, flag=0x8000, lorv=DES-CBC
2000-11-22 02:53:17: ipsec_doi.c:389:t2isakmpsa(): type=Hash Algorithm, flag=0x8000, lorv=MD5
2000-11-22 02:53:17: ipsec_doi.c:389:t2isakmpsa(): type=Group Description, flag=0x8000, lorv=768-bit MODP group
2000-11-22 02:53:17: ipsec_doi.c:389:t2isakmpsa(): type=Authentication Method, flag=0x8000, lorv=pre-shared key
2000-11-22 02:53:17: ipsec_doi.c:389:t2isakmpsa(): type=Life Type, flag=0x8000, lorv=seconds
2000-11-22 02:53:17: ipsec_doi.c:389:t2isakmpsa(): type=Life Duration, flag=0x0000, lorv=4
2000-11-22 02:53:17: ipsec_doi.c:323:get_ph1approvalx(): Compared: DB:Peer
2000-11-22 02:53:17: ipsec_doi.c:323:get_ph1approvalx(): (lifetime = 60:28800)
2000-11-22 02:53:17: ipsec_doi.c:323:get_ph1approvalx(): (lifebyte = 5120:0)
2000-11-22 02:53:17: ipsec_doi.c:323:get_ph1approvalx(): enctype = 3DES-CBC:DES-CBC
2000-11-22 02:53:17: ipsec_doi.c:323:get_ph1approvalx(): (encklen = 0:0)
2000-11-22 02:53:17: ipsec_doi.c:323:get_ph1approvalx(): hashtype = SHA:MD5
2000-11-22 02:53:17: ipsec_doi.c:323:get_ph1approvalx(): authmethod = pre-shared key:pre-shared key
2000-11-22 02:53:17: ipsec_doi.c:323:get_ph1approvalx(): dh_group = 1024-bit MODP group:768-bit MODP group
2000-11-22 02:53:17: ipsec_doi.c:344:get_ph1approvalx(): unacceptable proposal.
2000-11-22 02:53:17: isakmp_ident.c:721:ident_r1recv(): 192.168.0.1[500] failed to get valid proposal.
2000-11-22 02:53:17: isakmp.c:874:isakmp_ph1begin_r(): 192.168.0.1[500] failed to process packet.
2000-11-22 02:53:27: session.c:262:check_sigreq(): caught signal 2
2000-11-22 02:53:27: pfkey.c:192:pfkey_handler(): get pfkey FLUSH message
sadb_msg{ version=2 type=9 errno=0 satype=0
  len=2 reserved=0 seq=0 pid=2357
2000-11-22 02:53:28: pfkey.c:270:pfkey_dump_sadb(): call pfkey_send_dump


JT> josh


Please help me i have no idea what to do next -((( The passwords are
all the same on both machines.

-- 
Best regards,
 Boris                            mailto:koester@x-itec.de




To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-net" in the body of the message

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?1563982125.20001122005041>

Header And Logo

Peripheral Links

Site Navigation

Header And Logo

Peripheral Links

Search

Site Navigation