Aug 26 18:24:47.910483: FIPS Product: YES Aug 26 18:24:47.910521: FIPS Kernel: NO Aug 26 18:24:47.910524: FIPS Mode: NO Aug 26 18:24:47.910527: NSS DB directory: sql:/etc/ipsec.d Aug 26 18:24:47.910670: Initializing NSS Aug 26 18:24:47.910677: Opening NSS database "sql:/etc/ipsec.d" read-only Aug 26 18:24:47.941761: NSS initialized Aug 26 18:24:47.941774: NSS crypto library initialized Aug 26 18:24:47.941777: FIPS HMAC integrity support [enabled] Aug 26 18:24:47.941780: FIPS mode disabled for pluto daemon Aug 26 18:24:47.978979: FIPS HMAC integrity verification self-test FAILED Aug 26 18:24:47.979068: libcap-ng support [enabled] Aug 26 18:24:47.979073: Linux audit support [enabled] Aug 26 18:24:47.979108: Linux audit activated Aug 26 18:24:47.979118: Starting Pluto (Libreswan Version v3.28-685-gbfd5aef521-master-s2 XFRM(netkey) esp-hw-offload FORK PTHREAD_SETSCHEDPRIO NSS (IPsec profile) DNSSEC FIPS_CHECK LABELED_IPSEC SECCOMP LIBCAP_NG LINUX_AUDIT XAUTH_PAM NETWORKMANAGER CURL(non-NSS)) pid:26839 Aug 26 18:24:47.979119: core dump dir: /tmp Aug 26 18:24:47.979121: secrets file: /etc/ipsec.secrets Aug 26 18:24:47.979123: leak-detective disabled Aug 26 18:24:47.979124: NSS crypto [enabled] Aug 26 18:24:47.979125: XAUTH PAM support [enabled] Aug 26 18:24:47.979183: | libevent is using pluto's memory allocator Aug 26 18:24:47.979189: Initializing libevent in pthreads mode: headers: 2.1.8-stable (2010800); library: 2.1.8-stable (2010800) Aug 26 18:24:47.979200: | libevent_malloc: new ptr-libevent@0x55ce53a52fe0 size 40 Aug 26 18:24:47.979205: | libevent_malloc: new ptr-libevent@0x55ce53a54290 size 40 Aug 26 18:24:47.979209: | libevent_malloc: new ptr-libevent@0x55ce53a542c0 size 40 Aug 26 18:24:47.979210: | creating event base Aug 26 18:24:47.979212: | libevent_malloc: new ptr-libevent@0x55ce53a54250 size 56 Aug 26 18:24:47.979214: | libevent_malloc: new ptr-libevent@0x55ce53a542f0 size 664 Aug 26 18:24:47.979223: | libevent_malloc: new ptr-libevent@0x55ce53a54590 size 24 Aug 26 18:24:47.979226: | libevent_malloc: new ptr-libevent@0x55ce53a45eb0 size 384 Aug 26 18:24:47.979234: | libevent_malloc: new ptr-libevent@0x55ce53a545b0 size 16 Aug 26 18:24:47.979236: | libevent_malloc: new ptr-libevent@0x55ce53a545d0 size 40 Aug 26 18:24:47.979237: | libevent_malloc: new ptr-libevent@0x55ce53a54600 size 48 Aug 26 18:24:47.979242: | libevent_realloc: new ptr-libevent@0x55ce539d6370 size 256 Aug 26 18:24:47.979244: | libevent_malloc: new ptr-libevent@0x55ce53a54640 size 16 Aug 26 18:24:47.979248: | libevent_free: release ptr-libevent@0x55ce53a54250 Aug 26 18:24:47.979251: | libevent initialized Aug 26 18:24:47.979253: | libevent_realloc: new ptr-libevent@0x55ce53a54660 size 64 Aug 26 18:24:47.979258: | global periodic timer EVENT_RESET_LOG_RATE_LIMIT enabled with interval of 3600 seconds Aug 26 18:24:47.979268: | init_nat_traversal() initialized with keep_alive=0s Aug 26 18:24:47.979270: NAT-Traversal support [enabled] Aug 26 18:24:47.979272: | global one-shot timer EVENT_NAT_T_KEEPALIVE initialized Aug 26 18:24:47.979276: | global one-shot timer EVENT_FREE_ROOT_CERTS initialized Aug 26 18:24:47.979279: | global periodic timer EVENT_REINIT_SECRET enabled with interval of 3600 seconds Aug 26 18:24:47.979316: | global one-shot timer EVENT_REVIVE_CONNS initialized Aug 26 18:24:47.979323: | global periodic timer EVENT_PENDING_DDNS enabled with interval of 60 seconds Aug 26 18:24:47.979327: | global periodic timer EVENT_PENDING_PHASE2 enabled with interval of 120 seconds Aug 26 18:24:47.979367: Encryption algorithms: Aug 26 18:24:47.979374: AES_CCM_16 IKEv1: ESP IKEv2: ESP FIPS {256,192,*128} aes_ccm, aes_ccm_c Aug 26 18:24:47.979377: AES_CCM_12 IKEv1: ESP IKEv2: ESP FIPS {256,192,*128} aes_ccm_b Aug 26 18:24:47.979379: AES_CCM_8 IKEv1: ESP IKEv2: ESP FIPS {256,192,*128} aes_ccm_a Aug 26 18:24:47.979381: 3DES_CBC IKEv1: IKE ESP IKEv2: IKE ESP FIPS [*192] 3des Aug 26 18:24:47.979384: CAMELLIA_CTR IKEv1: ESP IKEv2: ESP {256,192,*128} Aug 26 18:24:47.979390: CAMELLIA_CBC IKEv1: IKE ESP IKEv2: IKE ESP {256,192,*128} camellia Aug 26 18:24:47.979393: AES_GCM_16 IKEv1: ESP IKEv2: IKE ESP FIPS {256,192,*128} aes_gcm, aes_gcm_c Aug 26 18:24:47.979395: AES_GCM_12 IKEv1: ESP IKEv2: IKE ESP FIPS {256,192,*128} aes_gcm_b Aug 26 18:24:47.979398: AES_GCM_8 IKEv1: ESP IKEv2: IKE ESP FIPS {256,192,*128} aes_gcm_a Aug 26 18:24:47.979400: AES_CTR IKEv1: IKE ESP IKEv2: IKE ESP FIPS {256,192,*128} aesctr Aug 26 18:24:47.979402: AES_CBC IKEv1: IKE ESP IKEv2: IKE ESP FIPS {256,192,*128} aes Aug 26 18:24:47.979404: SERPENT_CBC IKEv1: IKE ESP IKEv2: IKE ESP {256,192,*128} serpent Aug 26 18:24:47.979406: TWOFISH_CBC IKEv1: IKE ESP IKEv2: IKE ESP {256,192,*128} twofish Aug 26 18:24:47.979409: TWOFISH_SSH IKEv1: IKE IKEv2: IKE ESP {256,192,*128} twofish_cbc_ssh Aug 26 18:24:47.979411: NULL_AUTH_AES_GMAC IKEv1: ESP IKEv2: ESP FIPS {256,192,*128} aes_gmac Aug 26 18:24:47.979413: NULL IKEv1: ESP IKEv2: ESP [] Aug 26 18:24:47.979415: CHACHA20_POLY1305 IKEv1: IKEv2: IKE ESP [*256] chacha20poly1305 Aug 26 18:24:47.979420: Hash algorithms: Aug 26 18:24:47.979421: MD5 IKEv1: IKE IKEv2: Aug 26 18:24:47.979423: SHA1 IKEv1: IKE IKEv2: FIPS sha Aug 26 18:24:47.979426: SHA2_256 IKEv1: IKE IKEv2: FIPS sha2, sha256 Aug 26 18:24:47.979428: SHA2_384 IKEv1: IKE IKEv2: FIPS sha384 Aug 26 18:24:47.979429: SHA2_512 IKEv1: IKE IKEv2: FIPS sha512 Aug 26 18:24:47.979438: PRF algorithms: Aug 26 18:24:47.979440: HMAC_MD5 IKEv1: IKE IKEv2: IKE md5 Aug 26 18:24:47.979442: HMAC_SHA1 IKEv1: IKE IKEv2: IKE FIPS sha, sha1 Aug 26 18:24:47.979444: HMAC_SHA2_256 IKEv1: IKE IKEv2: IKE FIPS sha2, sha256, sha2_256 Aug 26 18:24:47.979446: HMAC_SHA2_384 IKEv1: IKE IKEv2: IKE FIPS sha384, sha2_384 Aug 26 18:24:47.979448: HMAC_SHA2_512 IKEv1: IKE IKEv2: IKE FIPS sha512, sha2_512 Aug 26 18:24:47.979450: AES_XCBC IKEv1: IKEv2: IKE aes128_xcbc Aug 26 18:24:47.979467: Integrity algorithms: Aug 26 18:24:47.979469: HMAC_MD5_96 IKEv1: IKE ESP AH IKEv2: IKE ESP AH md5, hmac_md5 Aug 26 18:24:47.979471: HMAC_SHA1_96 IKEv1: IKE ESP AH IKEv2: IKE ESP AH FIPS sha, sha1, sha1_96, hmac_sha1 Aug 26 18:24:47.979474: HMAC_SHA2_512_256 IKEv1: IKE ESP AH IKEv2: IKE ESP AH FIPS sha512, sha2_512, sha2_512_256, hmac_sha2_512 Aug 26 18:24:47.979476: HMAC_SHA2_384_192 IKEv1: IKE ESP AH IKEv2: IKE ESP AH FIPS sha384, sha2_384, sha2_384_192, hmac_sha2_384 Aug 26 18:24:47.979479: HMAC_SHA2_256_128 IKEv1: IKE ESP AH IKEv2: IKE ESP AH FIPS sha2, sha256, sha2_256, sha2_256_128, hmac_sha2_256 Aug 26 18:24:47.979480: HMAC_SHA2_256_TRUNCBUG IKEv1: ESP AH IKEv2: AH Aug 26 18:24:47.979483: AES_XCBC_96 IKEv1: ESP AH IKEv2: IKE ESP AH aes_xcbc, aes128_xcbc, aes128_xcbc_96 Aug 26 18:24:47.979485: AES_CMAC_96 IKEv1: ESP AH IKEv2: ESP AH FIPS aes_cmac Aug 26 18:24:47.979487: NONE IKEv1: ESP IKEv2: IKE ESP FIPS null Aug 26 18:24:47.979494: DH algorithms: Aug 26 18:24:47.979496: NONE IKEv1: IKEv2: IKE ESP AH FIPS null, dh0 Aug 26 18:24:47.979498: MODP1536 IKEv1: IKE ESP AH IKEv2: IKE ESP AH dh5 Aug 26 18:24:47.979500: MODP2048 IKEv1: IKE ESP AH IKEv2: IKE ESP AH FIPS dh14 Aug 26 18:24:47.979503: MODP3072 IKEv1: IKE ESP AH IKEv2: IKE ESP AH FIPS dh15 Aug 26 18:24:47.979505: MODP4096 IKEv1: IKE ESP AH IKEv2: IKE ESP AH FIPS dh16 Aug 26 18:24:47.979507: MODP6144 IKEv1: IKE ESP AH IKEv2: IKE ESP AH FIPS dh17 Aug 26 18:24:47.979509: MODP8192 IKEv1: IKE ESP AH IKEv2: IKE ESP AH FIPS dh18 Aug 26 18:24:47.979511: DH19 IKEv1: IKE IKEv2: IKE ESP AH FIPS ecp_256, ecp256 Aug 26 18:24:47.979513: DH20 IKEv1: IKE IKEv2: IKE ESP AH FIPS ecp_384, ecp384 Aug 26 18:24:47.979515: DH21 IKEv1: IKE IKEv2: IKE ESP AH FIPS ecp_521, ecp521 Aug 26 18:24:47.979517: DH31 IKEv1: IKE IKEv2: IKE ESP AH curve25519 Aug 26 18:24:47.979518: testing CAMELLIA_CBC: Aug 26 18:24:47.979521: Camellia: 16 bytes with 128-bit key Aug 26 18:24:47.979611: Camellia: 16 bytes with 128-bit key Aug 26 18:24:47.979630: Camellia: 16 bytes with 256-bit key Aug 26 18:24:47.979649: Camellia: 16 bytes with 256-bit key Aug 26 18:24:47.979666: testing AES_GCM_16: Aug 26 18:24:47.979668: empty string Aug 26 18:24:47.979687: one block Aug 26 18:24:47.979703: two blocks Aug 26 18:24:47.979719: two blocks with associated data Aug 26 18:24:47.979735: testing AES_CTR: Aug 26 18:24:47.979737: Encrypting 16 octets using AES-CTR with 128-bit key Aug 26 18:24:47.979754: Encrypting 32 octets using AES-CTR with 128-bit key Aug 26 18:24:47.979770: Encrypting 36 octets using AES-CTR with 128-bit key Aug 26 18:24:47.979788: Encrypting 16 octets using AES-CTR with 192-bit key Aug 26 18:24:47.979804: Encrypting 32 octets using AES-CTR with 192-bit key Aug 26 18:24:47.979821: Encrypting 36 octets using AES-CTR with 192-bit key Aug 26 18:24:47.979837: Encrypting 16 octets using AES-CTR with 256-bit key Aug 26 18:24:47.979853: Encrypting 32 octets using AES-CTR with 256-bit key Aug 26 18:24:47.979871: Encrypting 36 octets using AES-CTR with 256-bit key Aug 26 18:24:47.979888: testing AES_CBC: Aug 26 18:24:47.979890: Encrypting 16 bytes (1 block) using AES-CBC with 128-bit key Aug 26 18:24:47.979906: Encrypting 32 bytes (2 blocks) using AES-CBC with 128-bit key Aug 26 18:24:47.979932: Encrypting 48 bytes (3 blocks) using AES-CBC with 128-bit key Aug 26 18:24:47.979975: Encrypting 64 bytes (4 blocks) using AES-CBC with 128-bit key Aug 26 18:24:47.980009: testing AES_XCBC: Aug 26 18:24:47.980013: RFC 3566 Test Case #1: AES-XCBC-MAC-96 with 0-byte input Aug 26 18:24:47.980106: RFC 3566 Test Case #2: AES-XCBC-MAC-96 with 3-byte input Aug 26 18:24:47.980201: RFC 3566 Test Case #3: AES-XCBC-MAC-96 with 16-byte input Aug 26 18:24:47.980275: RFC 3566 Test Case #4: AES-XCBC-MAC-96 with 20-byte input Aug 26 18:24:47.980395: RFC 3566 Test Case #5: AES-XCBC-MAC-96 with 32-byte input Aug 26 18:24:47.980504: RFC 3566 Test Case #6: AES-XCBC-MAC-96 with 34-byte input Aug 26 18:24:47.980580: RFC 3566 Test Case #7: AES-XCBC-MAC-96 with 1000-byte input Aug 26 18:24:47.980761: RFC 4434 Test Case AES-XCBC-PRF-128 with 20-byte input (key length 16) Aug 26 18:24:47.980837: RFC 4434 Test Case AES-XCBC-PRF-128 with 20-byte input (key length 10) Aug 26 18:24:47.980930: RFC 4434 Test Case AES-XCBC-PRF-128 with 20-byte input (key length 18) Aug 26 18:24:47.981069: testing HMAC_MD5: Aug 26 18:24:47.981071: RFC 2104: MD5_HMAC test 1 Aug 26 18:24:47.981180: RFC 2104: MD5_HMAC test 2 Aug 26 18:24:47.981285: RFC 2104: MD5_HMAC test 3 Aug 26 18:24:47.981414: 8 CPU cores online Aug 26 18:24:47.981419: starting up 7 crypto helpers Aug 26 18:24:47.981443: started thread for crypto helper 0 Aug 26 18:24:47.981449: | starting up helper thread 0 Aug 26 18:24:47.981459: started thread for crypto helper 1 Aug 26 18:24:47.981462: | status value returned by setting the priority of this thread (crypto helper 0) 22 Aug 26 18:24:47.981466: | starting up helper thread 1 Aug 26 18:24:47.981466: | crypto helper 0 waiting (nothing to do) Aug 26 18:24:47.981480: | starting up helper thread 2 Aug 26 18:24:47.981475: started thread for crypto helper 2 Aug 26 18:24:47.981494: | status value returned by setting the priority of this thread (crypto helper 2) 22 Aug 26 18:24:47.981499: | crypto helper 2 waiting (nothing to do) Aug 26 18:24:47.981481: | status value returned by setting the priority of this thread (crypto helper 1) 22 Aug 26 18:24:47.981511: | crypto helper 1 waiting (nothing to do) Aug 26 18:24:47.981514: | starting up helper thread 3 Aug 26 18:24:47.981512: started thread for crypto helper 3 Aug 26 18:24:47.981523: | status value returned by setting the priority of this thread (crypto helper 3) 22 Aug 26 18:24:47.981532: | crypto helper 3 waiting (nothing to do) Aug 26 18:24:47.981543: started thread for crypto helper 4 Aug 26 18:24:47.981560: started thread for crypto helper 5 Aug 26 18:24:47.981563: | starting up helper thread 5 Aug 26 18:24:47.981569: | starting up helper thread 4 Aug 26 18:24:47.981577: | status value returned by setting the priority of this thread (crypto helper 5) 22 Aug 26 18:24:47.981587: | status value returned by setting the priority of this thread (crypto helper 4) 22 Aug 26 18:24:47.981589: | crypto helper 5 waiting (nothing to do) Aug 26 18:24:47.981595: | crypto helper 4 waiting (nothing to do) Aug 26 18:24:47.981595: started thread for crypto helper 6 Aug 26 18:24:47.981599: | starting up helper thread 6 Aug 26 18:24:47.981606: | status value returned by setting the priority of this thread (crypto helper 6) 22 Aug 26 18:24:47.981608: | checking IKEv1 state table Aug 26 18:24:47.981609: | crypto helper 6 waiting (nothing to do) Aug 26 18:24:47.981621: | MAIN_R0: category: half-open IKE SA flags: 0: Aug 26 18:24:47.981624: | -> MAIN_R1 EVENT_SO_DISCARD Aug 26 18:24:47.981628: | MAIN_I1: category: half-open IKE SA flags: 0: Aug 26 18:24:47.981631: | -> MAIN_I2 EVENT_RETRANSMIT Aug 26 18:24:47.981634: | MAIN_R1: category: open IKE SA flags: 200: Aug 26 18:24:47.981637: | -> MAIN_R2 EVENT_RETRANSMIT Aug 26 18:24:47.981639: | -> UNDEFINED EVENT_RETRANSMIT Aug 26 18:24:47.981640: | -> UNDEFINED EVENT_RETRANSMIT Aug 26 18:24:47.981642: | MAIN_I2: category: open IKE SA flags: 0: Aug 26 18:24:47.981643: | -> MAIN_I3 EVENT_RETRANSMIT Aug 26 18:24:47.981645: | -> UNDEFINED EVENT_RETRANSMIT Aug 26 18:24:47.981646: | -> UNDEFINED EVENT_RETRANSMIT Aug 26 18:24:47.981648: | MAIN_R2: category: open IKE SA flags: 0: Aug 26 18:24:47.981650: | -> MAIN_R3 EVENT_SA_REPLACE Aug 26 18:24:47.981651: | -> MAIN_R3 EVENT_SA_REPLACE Aug 26 18:24:47.981653: | -> UNDEFINED EVENT_SA_REPLACE Aug 26 18:24:47.981654: | MAIN_I3: category: open IKE SA flags: 0: Aug 26 18:24:47.981656: | -> MAIN_I4 EVENT_SA_REPLACE Aug 26 18:24:47.981657: | -> MAIN_I4 EVENT_SA_REPLACE Aug 26 18:24:47.981659: | -> UNDEFINED EVENT_SA_REPLACE Aug 26 18:24:47.981661: | MAIN_R3: category: established IKE SA flags: 200: Aug 26 18:24:47.981662: | -> UNDEFINED EVENT_NULL Aug 26 18:24:47.981664: | MAIN_I4: category: established IKE SA flags: 0: Aug 26 18:24:47.981665: | -> UNDEFINED EVENT_NULL Aug 26 18:24:47.981667: | AGGR_R0: category: half-open IKE SA flags: 0: Aug 26 18:24:47.981668: | -> AGGR_R1 EVENT_SO_DISCARD Aug 26 18:24:47.981670: | AGGR_I1: category: half-open IKE SA flags: 0: Aug 26 18:24:47.981672: | -> AGGR_I2 EVENT_SA_REPLACE Aug 26 18:24:47.981673: | -> AGGR_I2 EVENT_SA_REPLACE Aug 26 18:24:47.981675: | AGGR_R1: category: open IKE SA flags: 200: Aug 26 18:24:47.981676: | -> AGGR_R2 EVENT_SA_REPLACE Aug 26 18:24:47.981678: | -> AGGR_R2 EVENT_SA_REPLACE Aug 26 18:24:47.981680: | AGGR_I2: category: established IKE SA flags: 200: Aug 26 18:24:47.981681: | -> UNDEFINED EVENT_NULL Aug 26 18:24:47.981683: | AGGR_R2: category: established IKE SA flags: 0: Aug 26 18:24:47.981684: | -> UNDEFINED EVENT_NULL Aug 26 18:24:47.981686: | QUICK_R0: category: established CHILD SA flags: 0: Aug 26 18:24:47.981688: | -> QUICK_R1 EVENT_RETRANSMIT Aug 26 18:24:47.981694: | QUICK_I1: category: established CHILD SA flags: 0: Aug 26 18:24:47.981695: | -> QUICK_I2 EVENT_SA_REPLACE Aug 26 18:24:47.981697: | QUICK_R1: category: established CHILD SA flags: 0: Aug 26 18:24:47.981699: | -> QUICK_R2 EVENT_SA_REPLACE Aug 26 18:24:47.981700: | QUICK_I2: category: established CHILD SA flags: 200: Aug 26 18:24:47.981702: | -> UNDEFINED EVENT_NULL Aug 26 18:24:47.981704: | QUICK_R2: category: established CHILD SA flags: 0: Aug 26 18:24:47.981705: | -> UNDEFINED EVENT_NULL Aug 26 18:24:47.981707: | INFO: category: informational flags: 0: Aug 26 18:24:47.981708: | -> UNDEFINED EVENT_NULL Aug 26 18:24:47.981710: | INFO_PROTECTED: category: informational flags: 0: Aug 26 18:24:47.981711: | -> UNDEFINED EVENT_NULL Aug 26 18:24:47.981713: | XAUTH_R0: category: established IKE SA flags: 0: Aug 26 18:24:47.981715: | -> XAUTH_R1 EVENT_NULL Aug 26 18:24:47.981716: | XAUTH_R1: category: established IKE SA flags: 0: Aug 26 18:24:47.981718: | -> MAIN_R3 EVENT_SA_REPLACE Aug 26 18:24:47.981720: | MODE_CFG_R0: category: informational flags: 0: Aug 26 18:24:47.981721: | -> MODE_CFG_R1 EVENT_SA_REPLACE Aug 26 18:24:47.981723: | MODE_CFG_R1: category: established IKE SA flags: 0: Aug 26 18:24:47.981725: | -> MODE_CFG_R2 EVENT_SA_REPLACE Aug 26 18:24:47.981726: | MODE_CFG_R2: category: established IKE SA flags: 0: Aug 26 18:24:47.981728: | -> UNDEFINED EVENT_NULL Aug 26 18:24:47.981729: | MODE_CFG_I1: category: established IKE SA flags: 0: Aug 26 18:24:47.981731: | -> MAIN_I4 EVENT_SA_REPLACE Aug 26 18:24:47.981733: | XAUTH_I0: category: established IKE SA flags: 0: Aug 26 18:24:47.981734: | -> XAUTH_I1 EVENT_RETRANSMIT Aug 26 18:24:47.981736: | XAUTH_I1: category: established IKE SA flags: 0: Aug 26 18:24:47.981737: | -> MAIN_I4 EVENT_RETRANSMIT Aug 26 18:24:47.981742: | checking IKEv2 state table Aug 26 18:24:47.981747: | PARENT_I0: category: ignore flags: 0: Aug 26 18:24:47.981749: | -> PARENT_I1 EVENT_RETRANSMIT send-request (initiate IKE_SA_INIT) Aug 26 18:24:47.981751: | PARENT_I1: category: half-open IKE SA flags: 0: Aug 26 18:24:47.981753: | -> PARENT_I1 EVENT_RETAIN send-request (Initiator: process SA_INIT reply notification) Aug 26 18:24:47.981755: | -> PARENT_I2 EVENT_RETRANSMIT send-request (Initiator: process IKE_SA_INIT reply, initiate IKE_AUTH) Aug 26 18:24:47.981756: | PARENT_I2: category: open IKE SA flags: 0: Aug 26 18:24:47.981758: | -> PARENT_I2 EVENT_NULL (Initiator: process INVALID_SYNTAX AUTH notification) Aug 26 18:24:47.981760: | -> PARENT_I2 EVENT_NULL (Initiator: process AUTHENTICATION_FAILED AUTH notification) Aug 26 18:24:47.981762: | -> PARENT_I2 EVENT_NULL (Initiator: process UNSUPPORTED_CRITICAL_PAYLOAD AUTH notification) Aug 26 18:24:47.981764: | -> V2_IPSEC_I EVENT_SA_REPLACE (Initiator: process IKE_AUTH response) Aug 26 18:24:47.981765: | -> PARENT_I2 EVENT_NULL (IKE SA: process IKE_AUTH response containing unknown notification) Aug 26 18:24:47.981767: | PARENT_I3: category: established IKE SA flags: 0: Aug 26 18:24:47.981769: | -> PARENT_I3 EVENT_RETAIN (I3: Informational Request) Aug 26 18:24:47.981771: | -> PARENT_I3 EVENT_RETAIN (I3: Informational Response) Aug 26 18:24:47.981772: | -> PARENT_I3 EVENT_RETAIN (I3: INFORMATIONAL Request) Aug 26 18:24:47.981774: | -> PARENT_I3 EVENT_RETAIN (I3: INFORMATIONAL Response) Aug 26 18:24:47.981775: | PARENT_R0: category: half-open IKE SA flags: 0: Aug 26 18:24:47.981777: | -> PARENT_R1 EVENT_SO_DISCARD send-request (Respond to IKE_SA_INIT) Aug 26 18:24:47.981779: | PARENT_R1: category: half-open IKE SA flags: 0: Aug 26 18:24:47.981781: | -> PARENT_R1 EVENT_SA_REPLACE send-request (Responder: process IKE_AUTH request (no SKEYSEED)) Aug 26 18:24:47.981783: | -> V2_IPSEC_R EVENT_SA_REPLACE send-request (Responder: process IKE_AUTH request) Aug 26 18:24:47.981784: | PARENT_R2: category: established IKE SA flags: 0: Aug 26 18:24:47.981786: | -> PARENT_R2 EVENT_RETAIN (R2: process Informational Request) Aug 26 18:24:47.981789: | -> PARENT_R2 EVENT_RETAIN (R2: process Informational Response) Aug 26 18:24:47.981791: | -> PARENT_R2 EVENT_RETAIN (R2: process INFORMATIONAL Request) Aug 26 18:24:47.981792: | -> PARENT_R2 EVENT_RETAIN (R2: process INFORMATIONAL Response) Aug 26 18:24:47.981794: | V2_CREATE_I0: category: established IKE SA flags: 0: Aug 26 18:24:47.981796: | -> V2_CREATE_I EVENT_RETRANSMIT send-request (Initiate CREATE_CHILD_SA IPsec SA) Aug 26 18:24:47.981798: | V2_CREATE_I: category: established IKE SA flags: 0: Aug 26 18:24:47.981800: | -> V2_IPSEC_I EVENT_SA_REPLACE (Process CREATE_CHILD_SA IPsec SA Response) Aug 26 18:24:47.981801: | V2_REKEY_IKE_I0: category: established IKE SA flags: 0: Aug 26 18:24:47.981803: | -> V2_REKEY_IKE_I EVENT_RETRANSMIT send-request (Initiate CREATE_CHILD_SA IKE Rekey) Aug 26 18:24:47.981805: | V2_REKEY_IKE_I: category: established IKE SA flags: 0: Aug 26 18:24:47.981807: | -> PARENT_I3 EVENT_SA_REPLACE (Process CREATE_CHILD_SA IKE Rekey Response) Aug 26 18:24:47.981809: | V2_REKEY_CHILD_I0: category: established IKE SA flags: 0: Aug 26 18:24:47.981810: | -> V2_REKEY_CHILD_I EVENT_RETRANSMIT send-request (Initiate CREATE_CHILD_SA IPsec Rekey SA) Aug 26 18:24:47.981812: | V2_REKEY_CHILD_I: category: established IKE SA flags: 0: Aug 26 18:24:47.981814: | V2_CREATE_R: category: established IKE SA flags: 0: Aug 26 18:24:47.981816: | -> V2_IPSEC_R EVENT_SA_REPLACE send-request (Respond to CREATE_CHILD_SA IPsec SA Request) Aug 26 18:24:47.981818: | V2_REKEY_IKE_R: category: established IKE SA flags: 0: Aug 26 18:24:47.981819: | -> PARENT_R2 EVENT_SA_REPLACE send-request (Respond to CREATE_CHILD_SA IKE Rekey) Aug 26 18:24:47.981821: | V2_REKEY_CHILD_R: category: established IKE SA flags: 0: Aug 26 18:24:47.981823: | V2_IPSEC_I: category: established CHILD SA flags: 0: Aug 26 18:24:47.981825: | V2_IPSEC_R: category: established CHILD SA flags: 0: Aug 26 18:24:47.981827: | IKESA_DEL: category: established IKE SA flags: 0: Aug 26 18:24:47.981828: | -> IKESA_DEL EVENT_RETAIN (IKE_SA_DEL: process INFORMATIONAL) Aug 26 18:24:47.981830: | CHILDSA_DEL: category: informational flags: 0: Aug 26 18:24:47.981863: Using Linux XFRM/NETKEY IPsec interface code on 5.1.18-200.fc29.x86_64 Aug 26 18:24:47.982166: | Hard-wiring algorithms Aug 26 18:24:47.982169: | adding AES_CCM_16 to kernel algorithm db Aug 26 18:24:47.982172: | adding AES_CCM_12 to kernel algorithm db Aug 26 18:24:47.982174: | adding AES_CCM_8 to kernel algorithm db Aug 26 18:24:47.982176: | adding 3DES_CBC to kernel algorithm db Aug 26 18:24:47.982177: | adding CAMELLIA_CBC to kernel algorithm db Aug 26 18:24:47.982179: | adding AES_GCM_16 to kernel algorithm db Aug 26 18:24:47.982181: | adding AES_GCM_12 to kernel algorithm db Aug 26 18:24:47.982182: | adding AES_GCM_8 to kernel algorithm db Aug 26 18:24:47.982184: | adding AES_CTR to kernel algorithm db Aug 26 18:24:47.982185: | adding AES_CBC to kernel algorithm db Aug 26 18:24:47.982187: | adding SERPENT_CBC to kernel algorithm db Aug 26 18:24:47.982189: | adding TWOFISH_CBC to kernel algorithm db Aug 26 18:24:47.982191: | adding NULL_AUTH_AES_GMAC to kernel algorithm db Aug 26 18:24:47.982192: | adding NULL to kernel algorithm db Aug 26 18:24:47.982194: | adding CHACHA20_POLY1305 to kernel algorithm db Aug 26 18:24:47.982196: | adding HMAC_MD5_96 to kernel algorithm db Aug 26 18:24:47.982198: | adding HMAC_SHA1_96 to kernel algorithm db Aug 26 18:24:47.982199: | adding HMAC_SHA2_512_256 to kernel algorithm db Aug 26 18:24:47.982201: | adding HMAC_SHA2_384_192 to kernel algorithm db Aug 26 18:24:47.982203: | adding HMAC_SHA2_256_128 to kernel algorithm db Aug 26 18:24:47.982205: | adding HMAC_SHA2_256_TRUNCBUG to kernel algorithm db Aug 26 18:24:47.982206: | adding AES_XCBC_96 to kernel algorithm db Aug 26 18:24:47.982208: | adding AES_CMAC_96 to kernel algorithm db Aug 26 18:24:47.982209: | adding NONE to kernel algorithm db Aug 26 18:24:47.982228: | net.ipv6.conf.all.disable_ipv6=1 ignore ipv6 holes Aug 26 18:24:47.982233: | global periodic timer EVENT_SHUNT_SCAN enabled with interval of 20 seconds Aug 26 18:24:47.982235: | setup kernel fd callback Aug 26 18:24:47.982237: | add_fd_read_event_handler: new KERNEL_XRM_FD-pe@0x55ce53a59cf0 Aug 26 18:24:47.982239: | libevent_malloc: new ptr-libevent@0x55ce53a65e20 size 128 Aug 26 18:24:47.982241: | libevent_malloc: new ptr-libevent@0x55ce53a54920 size 16 Aug 26 18:24:47.982246: | add_fd_read_event_handler: new KERNEL_ROUTE_FD-pe@0x55ce53a59cb0 Aug 26 18:24:47.982248: | libevent_malloc: new ptr-libevent@0x55ce53a65eb0 size 128 Aug 26 18:24:47.982250: | libevent_malloc: new ptr-libevent@0x55ce53a58ff0 size 16 Aug 26 18:24:47.982402: | global one-shot timer EVENT_CHECK_CRLS initialized Aug 26 18:24:47.982411: selinux support is enabled. Aug 26 18:24:47.982928: | unbound context created - setting debug level to 5 Aug 26 18:24:47.982948: | /etc/hosts lookups activated Aug 26 18:24:47.982961: | /etc/resolv.conf usage activated Aug 26 18:24:47.982997: | outgoing-port-avoid set 0-65535 Aug 26 18:24:47.983014: | outgoing-port-permit set 32768-60999 Aug 26 18:24:47.983017: | Loading dnssec root key from:/var/lib/unbound/root.key Aug 26 18:24:47.983019: | No additional dnssec trust anchors defined via dnssec-trusted= option Aug 26 18:24:47.983021: | Setting up events, loop start Aug 26 18:24:47.983023: | add_fd_read_event_handler: new PLUTO_CTL_FD-pe@0x55ce53a54250 Aug 26 18:24:47.983026: | libevent_malloc: new ptr-libevent@0x55ce53a703d0 size 128 Aug 26 18:24:47.983028: | libevent_malloc: new ptr-libevent@0x55ce53a70460 size 16 Aug 26 18:24:47.983034: | libevent_realloc: new ptr-libevent@0x55ce539d45b0 size 256 Aug 26 18:24:47.983036: | libevent_malloc: new ptr-libevent@0x55ce53a70480 size 8 Aug 26 18:24:47.983038: | libevent_realloc: new ptr-libevent@0x55ce53a65210 size 144 Aug 26 18:24:47.983040: | libevent_malloc: new ptr-libevent@0x55ce53a704a0 size 152 Aug 26 18:24:47.983043: | libevent_malloc: new ptr-libevent@0x55ce53a70540 size 16 Aug 26 18:24:47.983045: | signal event handler PLUTO_SIGCHLD installed Aug 26 18:24:47.983047: | libevent_malloc: new ptr-libevent@0x55ce53a70560 size 8 Aug 26 18:24:47.983049: | libevent_malloc: new ptr-libevent@0x55ce53a70580 size 152 Aug 26 18:24:47.983051: | signal event handler PLUTO_SIGTERM installed Aug 26 18:24:47.983053: | libevent_malloc: new ptr-libevent@0x55ce53a70620 size 8 Aug 26 18:24:47.983055: | libevent_malloc: new ptr-libevent@0x55ce53a70640 size 152 Aug 26 18:24:47.983057: | signal event handler PLUTO_SIGHUP installed Aug 26 18:24:47.983058: | libevent_malloc: new ptr-libevent@0x55ce53a706e0 size 8 Aug 26 18:24:47.983060: | libevent_realloc: release ptr-libevent@0x55ce53a65210 Aug 26 18:24:47.983062: | libevent_realloc: new ptr-libevent@0x55ce53a70700 size 256 Aug 26 18:24:47.983064: | libevent_malloc: new ptr-libevent@0x55ce53a65210 size 152 Aug 26 18:24:47.983066: | signal event handler PLUTO_SIGSYS installed Aug 26 18:24:47.983321: | created addconn helper (pid:26932) using fork+execve Aug 26 18:24:47.983343: | forked child 26932 Aug 26 18:24:47.983383: | accept(whackctlfd, (struct sockaddr *)&whackaddr, &whackaddrlen) -> fd@16 (in whack_handle() at rcv_whack.c:722) Aug 26 18:24:47.983411: listening for IKE messages Aug 26 18:24:47.983893: | Inspecting interface lo Aug 26 18:24:47.983905: | found lo with address 127.0.0.1 Aug 26 18:24:47.983909: | Inspecting interface eth0 Aug 26 18:24:47.983914: | found eth0 with address 192.0.3.254 Aug 26 18:24:47.983917: | Inspecting interface eth1 Aug 26 18:24:47.983922: | found eth1 with address 192.1.3.33 Aug 26 18:24:47.984018: Kernel supports NIC esp-hw-offload Aug 26 18:24:47.984033: adding interface eth1/eth1 (esp-hw-offload not supported by kernel) 192.1.3.33:500 Aug 26 18:24:47.984089: | NAT-Traversal: Trying sockopt style NAT-T Aug 26 18:24:47.984094: | NAT-Traversal: ESPINUDP(2) setup succeeded for sockopt style NAT-T family IPv4 Aug 26 18:24:47.984097: adding interface eth1/eth1 192.1.3.33:4500 Aug 26 18:24:47.984123: adding interface eth0/eth0 (esp-hw-offload not supported by kernel) 192.0.3.254:500 Aug 26 18:24:47.984140: | NAT-Traversal: Trying sockopt style NAT-T Aug 26 18:24:47.984143: | NAT-Traversal: ESPINUDP(2) setup succeeded for sockopt style NAT-T family IPv4 Aug 26 18:24:47.984146: adding interface eth0/eth0 192.0.3.254:4500 Aug 26 18:24:47.984168: adding interface lo/lo (esp-hw-offload not supported by kernel) 127.0.0.1:500 Aug 26 18:24:47.984187: | NAT-Traversal: Trying sockopt style NAT-T Aug 26 18:24:47.984191: | NAT-Traversal: ESPINUDP(2) setup succeeded for sockopt style NAT-T family IPv4 Aug 26 18:24:47.984193: adding interface lo/lo 127.0.0.1:4500 Aug 26 18:24:47.984248: | no interfaces to sort Aug 26 18:24:47.984252: | FOR_EACH_UNORIENTED_CONNECTION_... in check_orientations Aug 26 18:24:47.984258: | add_fd_read_event_handler: new ethX-pe@0x55ce53a70a70 Aug 26 18:24:47.984260: | libevent_malloc: new ptr-libevent@0x55ce53a70ab0 size 128 Aug 26 18:24:47.984263: | libevent_malloc: new ptr-libevent@0x55ce53a70b40 size 16 Aug 26 18:24:47.984269: | setup callback for interface lo 127.0.0.1:4500 fd 22 Aug 26 18:24:47.984271: | add_fd_read_event_handler: new ethX-pe@0x55ce53a70b60 Aug 26 18:24:47.984273: | libevent_malloc: new ptr-libevent@0x55ce53a70ba0 size 128 Aug 26 18:24:47.984275: | libevent_malloc: new ptr-libevent@0x55ce53a70c30 size 16 Aug 26 18:24:47.984278: | setup callback for interface lo 127.0.0.1:500 fd 21 Aug 26 18:24:47.984280: | add_fd_read_event_handler: new ethX-pe@0x55ce53a70c50 Aug 26 18:24:47.984282: | libevent_malloc: new ptr-libevent@0x55ce53a70c90 size 128 Aug 26 18:24:47.984283: | libevent_malloc: new ptr-libevent@0x55ce53a70d20 size 16 Aug 26 18:24:47.984286: | setup callback for interface eth0 192.0.3.254:4500 fd 20 Aug 26 18:24:47.984292: | add_fd_read_event_handler: new ethX-pe@0x55ce53a70d40 Aug 26 18:24:47.984299: | libevent_malloc: new ptr-libevent@0x55ce53a70d80 size 128 Aug 26 18:24:47.984301: | libevent_malloc: new ptr-libevent@0x55ce53a70e10 size 16 Aug 26 18:24:47.984305: | setup callback for interface eth0 192.0.3.254:500 fd 19 Aug 26 18:24:47.984306: | add_fd_read_event_handler: new ethX-pe@0x55ce53a70e30 Aug 26 18:24:47.984308: | libevent_malloc: new ptr-libevent@0x55ce53a70e70 size 128 Aug 26 18:24:47.984310: | libevent_malloc: new ptr-libevent@0x55ce53a70f00 size 16 Aug 26 18:24:47.984313: | setup callback for interface eth1 192.1.3.33:4500 fd 18 Aug 26 18:24:47.984315: | add_fd_read_event_handler: new ethX-pe@0x55ce53a70f20 Aug 26 18:24:47.984316: | libevent_malloc: new ptr-libevent@0x55ce53a70f60 size 128 Aug 26 18:24:47.984318: | libevent_malloc: new ptr-libevent@0x55ce53a70ff0 size 16 Aug 26 18:24:47.984321: | setup callback for interface eth1 192.1.3.33:500 fd 17 Aug 26 18:24:47.984325: | certs and keys locked by 'free_preshared_secrets' Aug 26 18:24:47.984326: | certs and keys unlocked by 'free_preshared_secrets' Aug 26 18:24:47.984342: loading secrets from "/etc/ipsec.secrets" Aug 26 18:24:47.984357: | saving Modulus Aug 26 18:24:47.984362: | saving PublicExponent Aug 26 18:24:47.984364: | ignoring PrivateExponent Aug 26 18:24:47.984366: | ignoring Prime1 Aug 26 18:24:47.984368: | ignoring Prime2 Aug 26 18:24:47.984370: | ignoring Exponent1 Aug 26 18:24:47.984372: | ignoring Exponent2 Aug 26 18:24:47.984374: | ignoring Coefficient Aug 26 18:24:47.984377: | ignoring CKAIDNSS Aug 26 18:24:47.984406: | computed rsa CKAID 90 5d fc a1 08 68 74 7c 6f 20 d3 1b 2d 20 4b 8f Aug 26 18:24:47.984408: | computed rsa CKAID 88 aa 7c 5d Aug 26 18:24:47.984412: loaded private key for keyid: PKK_RSA:AQPl33O2P Aug 26 18:24:47.984521: | certs and keys locked by 'process_secret' Aug 26 18:24:47.984526: | certs and keys unlocked by 'process_secret' Aug 26 18:24:47.984536: | close_any(fd@16) (in whack_process() at rcv_whack.c:700) Aug 26 18:24:47.984543: | spent 1.06 milliseconds in whack Aug 26 18:24:48.011782: | accept(whackctlfd, (struct sockaddr *)&whackaddr, &whackaddrlen) -> fd@16 (in whack_handle() at rcv_whack.c:722) Aug 26 18:24:48.011806: listening for IKE messages Aug 26 18:24:48.011844: | Inspecting interface lo Aug 26 18:24:48.011850: | found lo with address 127.0.0.1 Aug 26 18:24:48.011852: | Inspecting interface eth0 Aug 26 18:24:48.011855: | found eth0 with address 192.0.3.254 Aug 26 18:24:48.011857: | Inspecting interface eth1 Aug 26 18:24:48.011859: | found eth1 with address 192.1.3.33 Aug 26 18:24:48.011911: | no interfaces to sort Aug 26 18:24:48.011918: | libevent_free: release ptr-libevent@0x55ce53a70ab0 Aug 26 18:24:48.011921: | free_event_entry: release EVENT_NULL-pe@0x55ce53a70a70 Aug 26 18:24:48.011923: | add_fd_read_event_handler: new ethX-pe@0x55ce53a70a70 Aug 26 18:24:48.011925: | libevent_malloc: new ptr-libevent@0x55ce53a70ab0 size 128 Aug 26 18:24:48.011931: | setup callback for interface lo 127.0.0.1:4500 fd 22 Aug 26 18:24:48.011933: | libevent_free: release ptr-libevent@0x55ce53a70ba0 Aug 26 18:24:48.011935: | free_event_entry: release EVENT_NULL-pe@0x55ce53a70b60 Aug 26 18:24:48.011937: | add_fd_read_event_handler: new ethX-pe@0x55ce53a70b60 Aug 26 18:24:48.011938: | libevent_malloc: new ptr-libevent@0x55ce53a70ba0 size 128 Aug 26 18:24:48.011941: | setup callback for interface lo 127.0.0.1:500 fd 21 Aug 26 18:24:48.011944: | libevent_free: release ptr-libevent@0x55ce53a70c90 Aug 26 18:24:48.011945: | free_event_entry: release EVENT_NULL-pe@0x55ce53a70c50 Aug 26 18:24:48.011947: | add_fd_read_event_handler: new ethX-pe@0x55ce53a70c50 Aug 26 18:24:48.011949: | libevent_malloc: new ptr-libevent@0x55ce53a70c90 size 128 Aug 26 18:24:48.011952: | setup callback for interface eth0 192.0.3.254:4500 fd 20 Aug 26 18:24:48.011954: | libevent_free: release ptr-libevent@0x55ce53a70d80 Aug 26 18:24:48.011956: | free_event_entry: release EVENT_NULL-pe@0x55ce53a70d40 Aug 26 18:24:48.011957: | add_fd_read_event_handler: new ethX-pe@0x55ce53a70d40 Aug 26 18:24:48.011959: | libevent_malloc: new ptr-libevent@0x55ce53a70d80 size 128 Aug 26 18:24:48.011962: | setup callback for interface eth0 192.0.3.254:500 fd 19 Aug 26 18:24:48.011965: | libevent_free: release ptr-libevent@0x55ce53a70e70 Aug 26 18:24:48.011966: | free_event_entry: release EVENT_NULL-pe@0x55ce53a70e30 Aug 26 18:24:48.011968: | add_fd_read_event_handler: new ethX-pe@0x55ce53a70e30 Aug 26 18:24:48.011970: | libevent_malloc: new ptr-libevent@0x55ce53a70e70 size 128 Aug 26 18:24:48.011973: | setup callback for interface eth1 192.1.3.33:4500 fd 18 Aug 26 18:24:48.011975: | libevent_free: release ptr-libevent@0x55ce53a70f60 Aug 26 18:24:48.011977: | free_event_entry: release EVENT_NULL-pe@0x55ce53a70f20 Aug 26 18:24:48.011979: | add_fd_read_event_handler: new ethX-pe@0x55ce53a70f20 Aug 26 18:24:48.011980: | libevent_malloc: new ptr-libevent@0x55ce53a70f60 size 128 Aug 26 18:24:48.011983: | setup callback for interface eth1 192.1.3.33:500 fd 17 Aug 26 18:24:48.011986: | certs and keys locked by 'free_preshared_secrets' Aug 26 18:24:48.011987: forgetting secrets Aug 26 18:24:48.011994: | certs and keys unlocked by 'free_preshared_secrets' Aug 26 18:24:48.012008: loading secrets from "/etc/ipsec.secrets" Aug 26 18:24:48.012019: | saving Modulus Aug 26 18:24:48.012022: | saving PublicExponent Aug 26 18:24:48.012024: | ignoring PrivateExponent Aug 26 18:24:48.012026: | ignoring Prime1 Aug 26 18:24:48.012028: | ignoring Prime2 Aug 26 18:24:48.012030: | ignoring Exponent1 Aug 26 18:24:48.012032: | ignoring Exponent2 Aug 26 18:24:48.012034: | ignoring Coefficient Aug 26 18:24:48.012036: | ignoring CKAIDNSS Aug 26 18:24:48.012055: | computed rsa CKAID 90 5d fc a1 08 68 74 7c 6f 20 d3 1b 2d 20 4b 8f Aug 26 18:24:48.012057: | computed rsa CKAID 88 aa 7c 5d Aug 26 18:24:48.012059: loaded private key for keyid: PKK_RSA:AQPl33O2P Aug 26 18:24:48.012063: | certs and keys locked by 'process_secret' Aug 26 18:24:48.012065: | certs and keys unlocked by 'process_secret' Aug 26 18:24:48.012072: | close_any(fd@16) (in whack_process() at rcv_whack.c:700) Aug 26 18:24:48.012077: | spent 0.303 milliseconds in whack Aug 26 18:24:48.012741: | processing signal PLUTO_SIGCHLD Aug 26 18:24:48.012765: | waitpid returned pid 26932 (exited with status 0) Aug 26 18:24:48.012773: | reaped addconn helper child (status 0) Aug 26 18:24:48.012779: | waitpid returned ECHILD (no child processes left) Aug 26 18:24:48.012784: | spent 0.0271 milliseconds in signal handler PLUTO_SIGCHLD Aug 26 18:24:48.327703: | accept(whackctlfd, (struct sockaddr *)&whackaddr, &whackaddrlen) -> fd@16 (in whack_handle() at rcv_whack.c:722) Aug 26 18:24:48.327726: | FOR_EACH_CONNECTION_... in conn_by_name Aug 26 18:24:48.327728: | FOR_EACH_CONNECTION_... in foreach_connection_by_alias Aug 26 18:24:48.327730: | FOR_EACH_CONNECTION_... in conn_by_name Aug 26 18:24:48.327732: | FOR_EACH_CONNECTION_... in foreach_connection_by_alias Aug 26 18:24:48.327735: | FOR_EACH_CONNECTION_... in conn_by_name Aug 26 18:24:48.327740: | Added new connection north-eastnets/0x1 with policy ENCRYPT+TUNNEL+PFS+IKEV2_ALLOW+SAREF_TRACK+IKE_FRAG_ALLOW+ESN_NO Aug 26 18:24:48.327743: | No AUTH policy was set - defaulting to RSASIG Aug 26 18:24:48.327761: | ike (phase1) algorithm values: AES_CBC_256-HMAC_SHA2_256-MODP2048 Aug 26 18:24:48.327763: | from whack: got --esp=aes128-sha2_512;modp3072 Aug 26 18:24:48.327773: | ESP/AH string values: AES_CBC_128-HMAC_SHA2_512_256-MODP3072 Aug 26 18:24:48.327776: | counting wild cards for @north is 0 Aug 26 18:24:48.327778: | counting wild cards for @east is 0 Aug 26 18:24:48.327786: | connect_to_host_pair: 192.1.3.33:500 192.1.2.23:500 -> hp@(nil): none Aug 26 18:24:48.327789: | new hp@0x55ce53a3d4f0 Aug 26 18:24:48.327792: added connection description "north-eastnets/0x1" Aug 26 18:24:48.327800: | ike_life: 3600s; ipsec_life: 28800s; rekey_margin: 540s; rekey_fuzz: 100%; keyingtries: 0; replay_window: 32; policy: RSASIG+ENCRYPT+TUNNEL+PFS+IKEV2_ALLOW+SAREF_TRACK+IKE_FRAG_ALLOW+ESN_NO Aug 26 18:24:48.327808: | 192.0.3.0/24===192.1.3.33<192.1.3.33>[@north]...192.1.2.23<192.1.2.23>[@east]===192.0.2.0/24 Aug 26 18:24:48.327814: | close_any(fd@16) (in whack_process() at rcv_whack.c:700) Aug 26 18:24:48.327820: | spent 0.125 milliseconds in whack Aug 26 18:24:48.327887: | accept(whackctlfd, (struct sockaddr *)&whackaddr, &whackaddrlen) -> fd@16 (in whack_handle() at rcv_whack.c:722) Aug 26 18:24:48.327895: add keyid @north Aug 26 18:24:48.327898: | add pubkey 01 03 e5 df 73 b6 3e d5 36 a8 f1 3d 0d d3 02 ab Aug 26 18:24:48.327900: | add pubkey 7f ec 4c 9e 8b 0e 0e d2 cf 0f 59 bf 6d 88 21 86 Aug 26 18:24:48.327901: | add pubkey 93 9e 10 34 af 2d cf b3 7e eb e5 b2 24 b2 a5 b0 Aug 26 18:24:48.327903: | add pubkey 01 03 7d b5 96 ad 66 ee 48 c2 28 d9 9a 76 36 a9 Aug 26 18:24:48.327904: | add pubkey 10 84 b5 09 8f 17 4f 65 ce d8 2f 8e 78 80 8a 87 Aug 26 18:24:48.327906: | add pubkey f4 6b 98 d9 91 94 6b 52 15 5b 9c 47 12 be d8 6f Aug 26 18:24:48.327907: | add pubkey 25 b4 65 38 7e e4 8d c7 f0 58 d3 9f 69 14 cc 3e Aug 26 18:24:48.327909: | add pubkey c8 16 1f af bb 5d 93 2b 33 39 0e 94 55 81 f4 b3 Aug 26 18:24:48.327911: | add pubkey cc 92 58 6e 4a 5a 4e c3 76 ab 04 2e 11 08 06 55 Aug 26 18:24:48.327912: | add pubkey 13 0f 02 6c dd d1 bc c0 b8 8d 65 f5 97 ed fc 18 Aug 26 18:24:48.327914: | add pubkey 39 f9 55 ab fa 0d c5 49 99 7f 1b cf c3 de 99 7d Aug 26 18:24:48.327915: | add pubkey 9e ca 6f 9e 14 d6 5a ff de d6 4f 57 6a 83 ab 51 Aug 26 18:24:48.327917: | add pubkey ba 64 74 e0 22 e9 9a c5 10 71 bb d4 eb a4 99 28 Aug 26 18:24:48.327918: | add pubkey 9c 85 0e 31 ea cc ab ef 98 84 3f 59 c1 75 aa b3 Aug 26 18:24:48.327920: | add pubkey 61 eb 61 8c 58 a5 92 25 84 ad c7 79 f3 87 d0 c7 Aug 26 18:24:48.327921: | add pubkey 83 c2 d6 8a fe 26 9d 2a ff b1 dd 9b 89 21 7c ca Aug 26 18:24:48.327923: | add pubkey f5 38 2d 3f 64 0c 41 9c 34 e9 b2 55 0f 82 1a b3 Aug 26 18:24:48.327924: | add pubkey c7 5e a5 99 Aug 26 18:24:48.327942: | computed rsa CKAID 90 5d fc a1 08 68 74 7c 6f 20 d3 1b 2d 20 4b 8f Aug 26 18:24:48.327944: | computed rsa CKAID 88 aa 7c 5d Aug 26 18:24:48.327952: | close_any(fd@16) (in whack_process() at rcv_whack.c:700) Aug 26 18:24:48.327956: | spent 0.0732 milliseconds in whack Aug 26 18:24:48.327980: | accept(whackctlfd, (struct sockaddr *)&whackaddr, &whackaddrlen) -> fd@16 (in whack_handle() at rcv_whack.c:722) Aug 26 18:24:48.327985: add keyid @east Aug 26 18:24:48.327988: | add pubkey 01 03 bd 6c 96 eb df 78 89 b3 ed 77 0d a1 7f 7b Aug 26 18:24:48.327989: | add pubkey e5 16 c2 c9 e4 7d 92 0a 90 9d 55 43 b4 62 13 03 Aug 26 18:24:48.327991: | add pubkey 85 7a e0 26 7b 54 1f ca 09 93 cf ff 25 c9 02 4c Aug 26 18:24:48.327992: | add pubkey 78 ca 94 e5 3e ac d1 f9 a8 e5 bb 7f cc 20 84 e0 Aug 26 18:24:48.327994: | add pubkey 21 c9 f0 0d c5 44 ba f3 48 64 61 58 f6 0f 63 0d Aug 26 18:24:48.327996: | add pubkey d2 67 1e 59 8b ec f3 50 39 71 fb 39 da 11 64 b6 Aug 26 18:24:48.327997: | add pubkey 62 cd 5f d3 8d 2e c1 50 ed 9c 6e 22 0c 39 a7 ce Aug 26 18:24:48.327999: | add pubkey 62 b5 af 8a 80 0f 2e 4c 05 5c 82 c7 8d 29 02 2e Aug 26 18:24:48.328000: | add pubkey bb 23 5f db f2 9e b5 7d e2 20 70 1a 63 f3 8e 5d Aug 26 18:24:48.328002: | add pubkey ac 47 f0 5c 26 4e b1 d0 42 60 52 4a b0 77 25 ce Aug 26 18:24:48.328003: | add pubkey e0 98 2b 43 f4 c7 59 1a 64 01 83 ea 4e e3 1a 2a Aug 26 18:24:48.328005: | add pubkey 92 b8 55 ab 63 dd 4b 70 47 29 dc e9 b4 60 bf 43 Aug 26 18:24:48.328006: | add pubkey 4d 58 8f 64 73 95 70 ac 35 89 b2 c2 9c d4 62 c0 Aug 26 18:24:48.328008: | add pubkey 5f 56 5f ad 1b e5 dd 49 93 6a f5 23 82 ed d4 e7 Aug 26 18:24:48.328010: | add pubkey d5 f1 55 f2 2d a2 26 a6 36 53 2f 94 fb 99 22 5c Aug 26 18:24:48.328011: | add pubkey 47 cc 6d 80 30 88 96 38 0c f5 f2 ed 37 d0 09 d5 Aug 26 18:24:48.328013: | add pubkey 07 8f 69 ef a9 99 ce 4d 1a 77 9e 39 c4 38 f3 c5 Aug 26 18:24:48.328014: | add pubkey 51 51 48 ef Aug 26 18:24:48.328021: | computed rsa CKAID 61 55 99 73 d3 ac ef 7d 3a 37 0e 3e 82 ad 92 c1 Aug 26 18:24:48.328022: | computed rsa CKAID 8a 82 25 f1 Aug 26 18:24:48.328028: | close_any(fd@16) (in whack_process() at rcv_whack.c:700) Aug 26 18:24:48.328031: | spent 0.0536 milliseconds in whack Aug 26 18:24:48.328054: | accept(whackctlfd, (struct sockaddr *)&whackaddr, &whackaddrlen) -> fd@16 (in whack_handle() at rcv_whack.c:722) Aug 26 18:24:48.328060: | FOR_EACH_CONNECTION_... in conn_by_name Aug 26 18:24:48.328062: | FOR_EACH_CONNECTION_... in foreach_connection_by_alias Aug 26 18:24:48.328063: | FOR_EACH_CONNECTION_... in conn_by_name Aug 26 18:24:48.328065: | FOR_EACH_CONNECTION_... in foreach_connection_by_alias Aug 26 18:24:48.328067: | FOR_EACH_CONNECTION_... in conn_by_name Aug 26 18:24:48.328070: | Added new connection north-eastnets/0x2 with policy ENCRYPT+TUNNEL+PFS+IKEV2_ALLOW+SAREF_TRACK+IKE_FRAG_ALLOW+ESN_NO Aug 26 18:24:48.328072: | No AUTH policy was set - defaulting to RSASIG Aug 26 18:24:48.328082: | ike (phase1) algorithm values: AES_CBC_256-HMAC_SHA2_256-MODP2048 Aug 26 18:24:48.328084: | from whack: got --esp=aes128-sha2_512;modp3072 Aug 26 18:24:48.328092: | ESP/AH string values: AES_CBC_128-HMAC_SHA2_512_256-MODP3072 Aug 26 18:24:48.328095: | counting wild cards for @north is 0 Aug 26 18:24:48.328097: | counting wild cards for @east is 0 Aug 26 18:24:48.328101: | find_host_pair: comparing 192.1.3.33:500 to 192.1.2.23:500 but ignoring ports Aug 26 18:24:48.328104: | connect_to_host_pair: 192.1.3.33:500 192.1.2.23:500 -> hp@0x55ce53a3d4f0: north-eastnets/0x1 Aug 26 18:24:48.328105: added connection description "north-eastnets/0x2" Aug 26 18:24:48.328111: | ike_life: 3600s; ipsec_life: 28800s; rekey_margin: 540s; rekey_fuzz: 100%; keyingtries: 0; replay_window: 32; policy: RSASIG+ENCRYPT+TUNNEL+PFS+IKEV2_ALLOW+SAREF_TRACK+IKE_FRAG_ALLOW+ESN_NO Aug 26 18:24:48.328118: | 192.0.3.0/24===192.1.3.33<192.1.3.33>[@north]...192.1.2.23<192.1.2.23>[@east]===192.0.22.0/24 Aug 26 18:24:48.328124: | close_any(fd@16) (in whack_process() at rcv_whack.c:700) Aug 26 18:24:48.328127: | spent 0.0749 milliseconds in whack Aug 26 18:24:48.328162: | accept(whackctlfd, (struct sockaddr *)&whackaddr, &whackaddrlen) -> fd@16 (in whack_handle() at rcv_whack.c:722) Aug 26 18:24:48.328177: add keyid @north Aug 26 18:24:48.328186: | unreference key: 0x55ce539f9180 @north cnt 1-- Aug 26 18:24:48.328190: | add pubkey 01 03 e5 df 73 b6 3e d5 36 a8 f1 3d 0d d3 02 ab Aug 26 18:24:48.328193: | add pubkey 7f ec 4c 9e 8b 0e 0e d2 cf 0f 59 bf 6d 88 21 86 Aug 26 18:24:48.328195: | add pubkey 93 9e 10 34 af 2d cf b3 7e eb e5 b2 24 b2 a5 b0 Aug 26 18:24:48.328198: | add pubkey 01 03 7d b5 96 ad 66 ee 48 c2 28 d9 9a 76 36 a9 Aug 26 18:24:48.328200: | add pubkey 10 84 b5 09 8f 17 4f 65 ce d8 2f 8e 78 80 8a 87 Aug 26 18:24:48.328202: | add pubkey f4 6b 98 d9 91 94 6b 52 15 5b 9c 47 12 be d8 6f Aug 26 18:24:48.328205: | add pubkey 25 b4 65 38 7e e4 8d c7 f0 58 d3 9f 69 14 cc 3e Aug 26 18:24:48.328207: | add pubkey c8 16 1f af bb 5d 93 2b 33 39 0e 94 55 81 f4 b3 Aug 26 18:24:48.328209: | add pubkey cc 92 58 6e 4a 5a 4e c3 76 ab 04 2e 11 08 06 55 Aug 26 18:24:48.328212: | add pubkey 13 0f 02 6c dd d1 bc c0 b8 8d 65 f5 97 ed fc 18 Aug 26 18:24:48.328214: | add pubkey 39 f9 55 ab fa 0d c5 49 99 7f 1b cf c3 de 99 7d Aug 26 18:24:48.328216: | add pubkey 9e ca 6f 9e 14 d6 5a ff de d6 4f 57 6a 83 ab 51 Aug 26 18:24:48.328218: | add pubkey ba 64 74 e0 22 e9 9a c5 10 71 bb d4 eb a4 99 28 Aug 26 18:24:48.328221: | add pubkey 9c 85 0e 31 ea cc ab ef 98 84 3f 59 c1 75 aa b3 Aug 26 18:24:48.328223: | add pubkey 61 eb 61 8c 58 a5 92 25 84 ad c7 79 f3 87 d0 c7 Aug 26 18:24:48.328226: | add pubkey 83 c2 d6 8a fe 26 9d 2a ff b1 dd 9b 89 21 7c ca Aug 26 18:24:48.328228: | add pubkey f5 38 2d 3f 64 0c 41 9c 34 e9 b2 55 0f 82 1a b3 Aug 26 18:24:48.328230: | add pubkey c7 5e a5 99 Aug 26 18:24:48.328241: | computed rsa CKAID 90 5d fc a1 08 68 74 7c 6f 20 d3 1b 2d 20 4b 8f Aug 26 18:24:48.328244: | computed rsa CKAID 88 aa 7c 5d Aug 26 18:24:48.328255: | close_any(fd@16) (in whack_process() at rcv_whack.c:700) Aug 26 18:24:48.328260: | spent 0.105 milliseconds in whack Aug 26 18:24:48.328283: | accept(whackctlfd, (struct sockaddr *)&whackaddr, &whackaddrlen) -> fd@16 (in whack_handle() at rcv_whack.c:722) Aug 26 18:24:48.328308: add keyid @east Aug 26 18:24:48.328316: | unreference key: 0x55ce539cb8f0 @east cnt 1-- Aug 26 18:24:48.328320: | add pubkey 01 03 bd 6c 96 eb df 78 89 b3 ed 77 0d a1 7f 7b Aug 26 18:24:48.328322: | add pubkey e5 16 c2 c9 e4 7d 92 0a 90 9d 55 43 b4 62 13 03 Aug 26 18:24:48.328324: | add pubkey 85 7a e0 26 7b 54 1f ca 09 93 cf ff 25 c9 02 4c Aug 26 18:24:48.328327: | add pubkey 78 ca 94 e5 3e ac d1 f9 a8 e5 bb 7f cc 20 84 e0 Aug 26 18:24:48.328329: | add pubkey 21 c9 f0 0d c5 44 ba f3 48 64 61 58 f6 0f 63 0d Aug 26 18:24:48.328331: | add pubkey d2 67 1e 59 8b ec f3 50 39 71 fb 39 da 11 64 b6 Aug 26 18:24:48.328333: | add pubkey 62 cd 5f d3 8d 2e c1 50 ed 9c 6e 22 0c 39 a7 ce Aug 26 18:24:48.328335: | add pubkey 62 b5 af 8a 80 0f 2e 4c 05 5c 82 c7 8d 29 02 2e Aug 26 18:24:48.328338: | add pubkey bb 23 5f db f2 9e b5 7d e2 20 70 1a 63 f3 8e 5d Aug 26 18:24:48.328340: | add pubkey ac 47 f0 5c 26 4e b1 d0 42 60 52 4a b0 77 25 ce Aug 26 18:24:48.328342: | add pubkey e0 98 2b 43 f4 c7 59 1a 64 01 83 ea 4e e3 1a 2a Aug 26 18:24:48.328345: | add pubkey 92 b8 55 ab 63 dd 4b 70 47 29 dc e9 b4 60 bf 43 Aug 26 18:24:48.328347: | add pubkey 4d 58 8f 64 73 95 70 ac 35 89 b2 c2 9c d4 62 c0 Aug 26 18:24:48.328349: | add pubkey 5f 56 5f ad 1b e5 dd 49 93 6a f5 23 82 ed d4 e7 Aug 26 18:24:48.328351: | add pubkey d5 f1 55 f2 2d a2 26 a6 36 53 2f 94 fb 99 22 5c Aug 26 18:24:48.328354: | add pubkey 47 cc 6d 80 30 88 96 38 0c f5 f2 ed 37 d0 09 d5 Aug 26 18:24:48.328356: | add pubkey 07 8f 69 ef a9 99 ce 4d 1a 77 9e 39 c4 38 f3 c5 Aug 26 18:24:48.328358: | add pubkey 51 51 48 ef Aug 26 18:24:48.328366: | computed rsa CKAID 61 55 99 73 d3 ac ef 7d 3a 37 0e 3e 82 ad 92 c1 Aug 26 18:24:48.328369: | computed rsa CKAID 8a 82 25 f1 Aug 26 18:24:48.328377: | close_any(fd@16) (in whack_process() at rcv_whack.c:700) Aug 26 18:24:48.328382: | spent 0.0869 milliseconds in whack Aug 26 18:24:48.389619: | accept(whackctlfd, (struct sockaddr *)&whackaddr, &whackaddrlen) -> fd@16 (in whack_handle() at rcv_whack.c:722) Aug 26 18:24:48.389648: | dup_any(fd@16) -> fd@23 (in whack_process() at rcv_whack.c:590) Aug 26 18:24:48.389652: | FOR_EACH_CONNECTION_... in conn_by_name Aug 26 18:24:48.389655: initiating all conns with alias='north-eastnets' Aug 26 18:24:48.389660: | FOR_EACH_CONNECTION_... in foreach_connection_by_alias Aug 26 18:24:48.389666: | start processing: connection "north-eastnets/0x2" (in initiate_a_connection() at initiate.c:186) Aug 26 18:24:48.389670: | connection 'north-eastnets/0x2' +POLICY_UP Aug 26 18:24:48.389673: | dup_any(fd@23) -> fd@24 (in initiate_a_connection() at initiate.c:342) Aug 26 18:24:48.389676: | FOR_EACH_STATE_... in find_phase1_state Aug 26 18:24:48.389691: | creating state object #1 at 0x55ce53a72a70 Aug 26 18:24:48.389693: | State DB: adding IKEv2 state #1 in UNDEFINED Aug 26 18:24:48.389700: | pstats #1 ikev2.ike started Aug 26 18:24:48.389702: | Message ID: init #1: msgid=0 lastack=4294967295 nextuse=0 lastrecv=4294967295 lastreplied=0 Aug 26 18:24:48.389705: | parent state #1: UNDEFINED(ignore) => PARENT_I0(ignore) Aug 26 18:24:48.389709: | Message ID: init_ike #1; ike: initiator.sent=0->-1 initiator.recv=0->-1 responder.sent=0->-1 responder.recv=0->-1 wip.initiator=0->-1 wip.responder=0->-1 Aug 26 18:24:48.389715: | suspend processing: connection "north-eastnets/0x2" (in ikev2_parent_outI1() at ikev2_parent.c:535) Aug 26 18:24:48.389718: | start processing: state #1 connection "north-eastnets/0x2" from 192.1.2.23 (in ikev2_parent_outI1() at ikev2_parent.c:535) Aug 26 18:24:48.389721: | dup_any(fd@24) -> fd@25 (in ikev2_parent_outI1() at ikev2_parent.c:551) Aug 26 18:24:48.389724: | Queuing pending IPsec SA negotiating with 192.1.2.23 "north-eastnets/0x2" IKE SA #1 "north-eastnets/0x2" Aug 26 18:24:48.389728: "north-eastnets/0x2" #1: initiating v2 parent SA Aug 26 18:24:48.389735: | constructing local IKE proposals for north-eastnets/0x2 (IKE SA initiator selecting KE) Aug 26 18:24:48.389741: | converting ike_info AES_CBC_256-HMAC_SHA2_256-MODP2048 to ikev2 ... Aug 26 18:24:48.389747: | ... ikev2_proposal: 1:IKE:ENCR=AES_CBC_256;PRF=HMAC_SHA2_256;INTEG=HMAC_SHA2_256_128;DH=MODP2048 Aug 26 18:24:48.389750: "north-eastnets/0x2": constructed local IKE proposals for north-eastnets/0x2 (IKE SA initiator selecting KE): 1:IKE:ENCR=AES_CBC_256;PRF=HMAC_SHA2_256;INTEG=HMAC_SHA2_256_128;DH=MODP2048 Aug 26 18:24:48.389761: | adding ikev2_outI1 KE work-order 1 for state #1 Aug 26 18:24:48.389764: | event_schedule: new EVENT_CRYPTO_TIMEOUT-pe@0x55ce53a74790 Aug 26 18:24:48.389767: | inserting event EVENT_CRYPTO_TIMEOUT, timeout in 60 seconds for #1 Aug 26 18:24:48.389770: | libevent_malloc: new ptr-libevent@0x55ce53a747d0 size 128 Aug 26 18:24:48.389781: | #1 spent 0.113 milliseconds in ikev2_parent_outI1() Aug 26 18:24:48.389783: | crypto helper 0 resuming Aug 26 18:24:48.389785: | processing: RESET whack log_fd (was fd@16) (in ikev2_parent_outI1() at ikev2_parent.c:610) Aug 26 18:24:48.389793: | crypto helper 0 starting work-order 1 for state #1 Aug 26 18:24:48.389799: | RESET processing: state #1 connection "north-eastnets/0x2" from 192.1.2.23 (in ikev2_parent_outI1() at ikev2_parent.c:610) Aug 26 18:24:48.389801: | crypto helper 0 doing build KE and nonce (ikev2_outI1 KE); request ID 1 Aug 26 18:24:48.389803: | RESET processing: connection "north-eastnets/0x2" (in ikev2_parent_outI1() at ikev2_parent.c:610) Aug 26 18:24:48.389803: | crypto helper is pausing for 1 seconds Aug 26 18:24:48.389807: | processing: STOP connection NULL (in initiate_a_connection() at initiate.c:349) Aug 26 18:24:48.389812: | start processing: connection "north-eastnets/0x1" (in initiate_a_connection() at initiate.c:186) Aug 26 18:24:48.389815: | connection 'north-eastnets/0x1' +POLICY_UP Aug 26 18:24:48.389817: | dup_any(fd@23) -> fd@26 (in initiate_a_connection() at initiate.c:342) Aug 26 18:24:48.389819: | FOR_EACH_STATE_... in find_phase1_state Aug 26 18:24:48.389822: | Queuing pending IPsec SA negotiating with 192.1.2.23 "north-eastnets/0x1" IKE SA #1 "north-eastnets/0x2" Aug 26 18:24:48.389828: | stop processing: connection "north-eastnets/0x1" (in initiate_a_connection() at initiate.c:349) Aug 26 18:24:48.389831: | close_any(fd@23) (in initiate_connection() at initiate.c:384) Aug 26 18:24:48.389833: | close_any(fd@16) (in whack_process() at rcv_whack.c:700) Aug 26 18:24:48.389836: | spent 0.223 milliseconds in whack Aug 26 18:24:48.534751: | spent 0.00322 milliseconds in comm_handle_cb() calling check_incoming_msg_errqueue() Aug 26 18:24:48.534783: | *received 440 bytes from 192.1.2.23:500 on eth1 (192.1.3.33:500) Aug 26 18:24:48.534789: | df 94 67 26 a0 0a d8 6e 00 00 00 00 00 00 00 00 Aug 26 18:24:48.534792: | 21 20 22 08 00 00 00 00 00 00 01 b8 22 00 00 30 Aug 26 18:24:48.534795: | 00 00 00 2c 01 01 00 04 03 00 00 0c 01 00 00 0c Aug 26 18:24:48.534797: | 80 0e 01 00 03 00 00 08 02 00 00 05 03 00 00 08 Aug 26 18:24:48.534800: | 03 00 00 0c 00 00 00 08 04 00 00 0e 28 00 01 08 Aug 26 18:24:48.534802: | 00 0e 00 00 18 68 30 51 ca f2 2b 45 79 ff b0 6d Aug 26 18:24:48.534805: | 17 47 95 f1 2f a6 b7 8f 9c ae 70 41 3c f3 db 63 Aug 26 18:24:48.534807: | 6d 46 8e 88 1f f5 00 2e f7 44 58 17 1a e1 e3 77 Aug 26 18:24:48.534810: | 19 56 7c e4 a6 a5 25 c9 c6 fe 04 b0 f9 f6 cd 93 Aug 26 18:24:48.534812: | 33 2b 69 1e 64 cc 80 d7 07 95 f3 1d a0 d5 7c ff Aug 26 18:24:48.534815: | d1 08 37 59 cb 22 fb 7b 27 de d5 fd c5 9e cb 97 Aug 26 18:24:48.534817: | d9 2c 2c ac 15 88 fe e6 08 4c fb 0d 97 d5 42 5c Aug 26 18:24:48.534820: | 40 53 9d ee e4 60 55 01 a1 1d b7 89 8e 35 a7 59 Aug 26 18:24:48.534823: | 59 d4 df 54 0c 57 25 0b c8 2a e4 f4 5a bd ee 47 Aug 26 18:24:48.534825: | 2c 71 bc 4e 9a e5 bc 4f 68 58 a7 ce 6f 25 80 33 Aug 26 18:24:48.534828: | 59 85 b7 fc bd a9 48 3d ba 06 96 27 f0 cf f6 8a Aug 26 18:24:48.534830: | 95 83 38 6a 63 2b ae 73 11 b2 0a 44 e5 f5 52 d3 Aug 26 18:24:48.534833: | 9d 99 2f 9e 38 0c 5c 09 cc ce 14 56 e1 48 0a 63 Aug 26 18:24:48.534835: | d5 fd 09 af f3 64 84 96 36 23 df 57 7a 33 bd 67 Aug 26 18:24:48.534838: | 68 75 93 cd 3a b2 94 1c 2b d2 89 62 a0 3b d8 74 Aug 26 18:24:48.534840: | fd 1c 59 5f 75 53 d4 f3 de 10 68 80 96 08 1b 23 Aug 26 18:24:48.534843: | 48 c2 21 87 29 00 00 24 fd e1 c8 6f ad 32 97 7a Aug 26 18:24:48.534845: | 68 76 cf 4e 1a ee b7 b2 17 a9 1c 51 e6 a9 42 91 Aug 26 18:24:48.534848: | 72 cb 44 19 fa 7f e5 46 29 00 00 08 00 00 40 2e Aug 26 18:24:48.534850: | 29 00 00 1c 00 00 40 04 82 18 c7 b4 60 d3 de bf Aug 26 18:24:48.534853: | 90 7b c5 cb d0 22 61 a4 a7 d4 29 e1 00 00 00 1c Aug 26 18:24:48.534855: | 00 00 40 05 30 00 c9 30 25 dc 14 72 1b 5e db b3 Aug 26 18:24:48.534858: | a7 d8 8c 5c c1 d3 f1 3c Aug 26 18:24:48.534862: | start processing: from 192.1.2.23:500 (in process_md() at demux.c:378) Aug 26 18:24:48.534867: | **parse ISAKMP Message: Aug 26 18:24:48.534870: | initiator cookie: Aug 26 18:24:48.534873: | df 94 67 26 a0 0a d8 6e Aug 26 18:24:48.534876: | responder cookie: Aug 26 18:24:48.534878: | 00 00 00 00 00 00 00 00 Aug 26 18:24:48.534882: | next payload type: ISAKMP_NEXT_v2SA (0x21) Aug 26 18:24:48.534885: | ISAKMP version: IKEv2 version 2.0 (rfc4306/rfc5996) (0x20) Aug 26 18:24:48.534888: | exchange type: ISAKMP_v2_IKE_SA_INIT (0x22) Aug 26 18:24:48.534890: | flags: ISAKMP_FLAG_v2_IKE_INIT (0x8) Aug 26 18:24:48.534893: | Message ID: 0 (0x0) Aug 26 18:24:48.534896: | length: 440 (0x1b8) Aug 26 18:24:48.534899: | processing version=2.0 packet with exchange type=ISAKMP_v2_IKE_SA_INIT (34) Aug 26 18:24:48.534902: | I am the IKE SA Original Responder receiving an IKEv2 IKE_SA_INIT request Aug 26 18:24:48.534906: | State DB: IKEv2 state not found (find_v2_ike_sa_by_initiator_spi) Aug 26 18:24:48.534909: | Now let's proceed with payload (ISAKMP_NEXT_v2SA) Aug 26 18:24:48.534913: | ***parse IKEv2 Security Association Payload: Aug 26 18:24:48.534915: | next payload type: ISAKMP_NEXT_v2KE (0x22) Aug 26 18:24:48.534918: | flags: none (0x0) Aug 26 18:24:48.534937: | length: 48 (0x30) Aug 26 18:24:48.534940: | processing payload: ISAKMP_NEXT_v2SA (len=44) Aug 26 18:24:48.534943: | Now let's proceed with payload (ISAKMP_NEXT_v2KE) Aug 26 18:24:48.534945: | ***parse IKEv2 Key Exchange Payload: Aug 26 18:24:48.534948: | next payload type: ISAKMP_NEXT_v2Ni (0x28) Aug 26 18:24:48.534951: | flags: none (0x0) Aug 26 18:24:48.534953: | length: 264 (0x108) Aug 26 18:24:48.534956: | DH group: OAKLEY_GROUP_MODP2048 (0xe) Aug 26 18:24:48.534959: | processing payload: ISAKMP_NEXT_v2KE (len=256) Aug 26 18:24:48.534961: | Now let's proceed with payload (ISAKMP_NEXT_v2Ni) Aug 26 18:24:48.534964: | ***parse IKEv2 Nonce Payload: Aug 26 18:24:48.534966: | next payload type: ISAKMP_NEXT_v2N (0x29) Aug 26 18:24:48.534969: | flags: none (0x0) Aug 26 18:24:48.534971: | length: 36 (0x24) Aug 26 18:24:48.534974: | processing payload: ISAKMP_NEXT_v2Ni (len=32) Aug 26 18:24:48.534976: | Now let's proceed with payload (ISAKMP_NEXT_v2N) Aug 26 18:24:48.534979: | ***parse IKEv2 Notify Payload: Aug 26 18:24:48.534982: | next payload type: ISAKMP_NEXT_v2N (0x29) Aug 26 18:24:48.534985: | flags: none (0x0) Aug 26 18:24:48.534988: | length: 8 (0x8) Aug 26 18:24:48.534990: | Protocol ID: PROTO_v2_RESERVED (0x0) Aug 26 18:24:48.534993: | SPI size: 0 (0x0) Aug 26 18:24:48.534996: | Notify Message Type: v2N_IKEV2_FRAGMENTATION_SUPPORTED (0x402e) Aug 26 18:24:48.534999: | processing payload: ISAKMP_NEXT_v2N (len=0) Aug 26 18:24:48.535001: | Now let's proceed with payload (ISAKMP_NEXT_v2N) Aug 26 18:24:48.535004: | ***parse IKEv2 Notify Payload: Aug 26 18:24:48.535007: | next payload type: ISAKMP_NEXT_v2N (0x29) Aug 26 18:24:48.535009: | flags: none (0x0) Aug 26 18:24:48.535011: | length: 28 (0x1c) Aug 26 18:24:48.535014: | Protocol ID: PROTO_v2_RESERVED (0x0) Aug 26 18:24:48.535017: | SPI size: 0 (0x0) Aug 26 18:24:48.535020: | Notify Message Type: v2N_NAT_DETECTION_SOURCE_IP (0x4004) Aug 26 18:24:48.535022: | processing payload: ISAKMP_NEXT_v2N (len=20) Aug 26 18:24:48.535025: | Now let's proceed with payload (ISAKMP_NEXT_v2N) Aug 26 18:24:48.535027: | ***parse IKEv2 Notify Payload: Aug 26 18:24:48.535030: | next payload type: ISAKMP_NEXT_v2NONE (0x0) Aug 26 18:24:48.535033: | flags: none (0x0) Aug 26 18:24:48.535036: | length: 28 (0x1c) Aug 26 18:24:48.535038: | Protocol ID: PROTO_v2_RESERVED (0x0) Aug 26 18:24:48.535040: | SPI size: 0 (0x0) Aug 26 18:24:48.535043: | Notify Message Type: v2N_NAT_DETECTION_DESTINATION_IP (0x4005) Aug 26 18:24:48.535046: | processing payload: ISAKMP_NEXT_v2N (len=20) Aug 26 18:24:48.535049: | DDOS disabled and no cookie sent, continuing Aug 26 18:24:48.535057: | find_host_connection local=192.1.3.33:500 remote=192.1.2.23:500 policy=ECDSA+IKEV2_ALLOW but ignoring ports Aug 26 18:24:48.535063: | find_host_pair: comparing 192.1.3.33:500 to 192.1.2.23:500 but ignoring ports Aug 26 18:24:48.535067: | find_next_host_connection policy=ECDSA+IKEV2_ALLOW Aug 26 18:24:48.535072: | found policy = RSASIG+ENCRYPT+TUNNEL+PFS+UP+IKEV2_ALLOW+SAREF_TRACK+IKE_FRAG_ALLOW+ESN_NO (north-eastnets/0x2) Aug 26 18:24:48.535076: | found policy = RSASIG+ENCRYPT+TUNNEL+PFS+UP+IKEV2_ALLOW+SAREF_TRACK+IKE_FRAG_ALLOW+ESN_NO (north-eastnets/0x1) Aug 26 18:24:48.535079: | find_next_host_connection returns empty Aug 26 18:24:48.535083: | find_host_connection local=192.1.3.33:500 remote= policy=ECDSA+IKEV2_ALLOW but ignoring ports Aug 26 18:24:48.535086: | find_next_host_connection policy=ECDSA+IKEV2_ALLOW Aug 26 18:24:48.535089: | find_next_host_connection returns empty Aug 26 18:24:48.535093: | initial parent SA message received on 192.1.3.33:500 but no connection has been authorized with policy ECDSA+IKEV2_ALLOW Aug 26 18:24:48.535098: | find_host_connection local=192.1.3.33:500 remote=192.1.2.23:500 policy=RSASIG+IKEV2_ALLOW but ignoring ports Aug 26 18:24:48.535103: | find_host_pair: comparing 192.1.3.33:500 to 192.1.2.23:500 but ignoring ports Aug 26 18:24:48.535105: | find_next_host_connection policy=RSASIG+IKEV2_ALLOW Aug 26 18:24:48.535112: | found policy = RSASIG+ENCRYPT+TUNNEL+PFS+UP+IKEV2_ALLOW+SAREF_TRACK+IKE_FRAG_ALLOW+ESN_NO (north-eastnets/0x2) Aug 26 18:24:48.535116: | find_next_host_connection returns north-eastnets/0x2 Aug 26 18:24:48.535119: | find_next_host_connection policy=RSASIG+IKEV2_ALLOW Aug 26 18:24:48.535122: | found policy = RSASIG+ENCRYPT+TUNNEL+PFS+UP+IKEV2_ALLOW+SAREF_TRACK+IKE_FRAG_ALLOW+ESN_NO (north-eastnets/0x1) Aug 26 18:24:48.535125: | find_next_host_connection returns north-eastnets/0x1 Aug 26 18:24:48.535128: | find_next_host_connection policy=RSASIG+IKEV2_ALLOW Aug 26 18:24:48.535131: | find_next_host_connection returns empty Aug 26 18:24:48.535134: | found connection: north-eastnets/0x2 with policy RSASIG+IKEV2_ALLOW Aug 26 18:24:48.535164: | creating state object #2 at 0x55ce53a75de0 Aug 26 18:24:48.535168: | State DB: adding IKEv2 state #2 in UNDEFINED Aug 26 18:24:48.535174: | pstats #2 ikev2.ike started Aug 26 18:24:48.535178: | Message ID: init #2: msgid=0 lastack=4294967295 nextuse=0 lastrecv=4294967295 lastreplied=0 Aug 26 18:24:48.535182: | parent state #2: UNDEFINED(ignore) => PARENT_R0(half-open IKE SA) Aug 26 18:24:48.535189: | Message ID: init_ike #2; ike: initiator.sent=0->-1 initiator.recv=0->-1 responder.sent=0->-1 responder.recv=0->-1 wip.initiator=0->-1 wip.responder=0->-1 Aug 26 18:24:48.535197: | start processing: state #2 connection "north-eastnets/0x2" from 192.1.2.23 (in ikev2_process_packet() at ikev2.c:2016) Aug 26 18:24:48.535200: | State DB: IKEv2 state not found (find_v2_sa_by_responder_wip) Aug 26 18:24:48.535205: | [RE]START processing: state #2 connection "north-eastnets/0x2" from 192.1.2.23 (in ike_process_packet() at ikev2.c:2064) Aug 26 18:24:48.535208: | #2 st.st_msgid_lastrecv -1 md.hdr.isa_msgid 00000000 Aug 26 18:24:48.535213: | Message ID: #2 not a duplicate - message is new; initiator.sent=-1 initiator.recv=-1 responder.sent=-1 responder.recv=-1 Aug 26 18:24:48.535217: | Message ID: start-responder #2 request 0; ike: initiator.sent=-1 initiator.recv=-1 responder.sent=-1 responder.recv=-1 wip.initiator=-1 wip.responder=-1->0 Aug 26 18:24:48.535221: | #2 in state PARENT_R0: processing SA_INIT request Aug 26 18:24:48.535224: | selected state microcode Respond to IKE_SA_INIT Aug 26 18:24:48.535226: | Now let's proceed with state specific processing Aug 26 18:24:48.535229: | calling processor Respond to IKE_SA_INIT Aug 26 18:24:48.535235: | #2 updating local interface from 192.1.3.33:500 to 192.1.3.33:500 using md->iface (in update_ike_endpoints() at state.c:2669) Aug 26 18:24:48.535242: | using existing local IKE proposals for connection north-eastnets/0x2 (IKE SA responder matching remote proposals): 1:IKE:ENCR=AES_CBC_256;PRF=HMAC_SHA2_256;INTEG=HMAC_SHA2_256_128;DH=MODP2048 Aug 26 18:24:48.535246: | Comparing remote proposals against IKE responder 1 local proposals Aug 26 18:24:48.535249: | local proposal 1 type ENCR has 1 transforms Aug 26 18:24:48.535252: | local proposal 1 type PRF has 1 transforms Aug 26 18:24:48.535254: | local proposal 1 type INTEG has 1 transforms Aug 26 18:24:48.535257: | local proposal 1 type DH has 1 transforms Aug 26 18:24:48.535259: | local proposal 1 type ESN has 0 transforms Aug 26 18:24:48.535263: | local proposal 1 transforms: required: ENCR+PRF+INTEG+DH; optional: none Aug 26 18:24:48.535266: | ****parse IKEv2 Proposal Substructure Payload: Aug 26 18:24:48.535269: | last proposal: v2_PROPOSAL_LAST (0x0) Aug 26 18:24:48.535272: | length: 44 (0x2c) Aug 26 18:24:48.535274: | prop #: 1 (0x1) Aug 26 18:24:48.535277: | proto ID: IKEv2_SEC_PROTO_IKE (0x1) Aug 26 18:24:48.535279: | spi size: 0 (0x0) Aug 26 18:24:48.535282: | # transforms: 4 (0x4) Aug 26 18:24:48.535286: | Comparing remote proposal 1 containing 4 transforms against local proposal [1..1] of 1 local proposals Aug 26 18:24:48.535292: | *****parse IKEv2 Transform Substructure Payload: Aug 26 18:24:48.535311: | last transform: v2_TRANSFORM_NON_LAST (0x3) Aug 26 18:24:48.535314: | length: 12 (0xc) Aug 26 18:24:48.535316: | IKEv2 transform type: TRANS_TYPE_ENCR (0x1) Aug 26 18:24:48.535323: | IKEv2 transform ID: AES_CBC (0xc) Aug 26 18:24:48.535325: | ******parse IKEv2 Attribute Substructure Payload: Aug 26 18:24:48.535327: | af+type: AF+IKEv2_KEY_LENGTH (0x800e) Aug 26 18:24:48.535329: | length/value: 256 (0x100) Aug 26 18:24:48.535332: | remote proposal 1 transform 0 (ENCR=AES_CBC_256) matches local proposal 1 type 1 (ENCR) transform 0 Aug 26 18:24:48.535347: | *****parse IKEv2 Transform Substructure Payload: Aug 26 18:24:48.535348: | last transform: v2_TRANSFORM_NON_LAST (0x3) Aug 26 18:24:48.535350: | length: 8 (0x8) Aug 26 18:24:48.535352: | IKEv2 transform type: TRANS_TYPE_PRF (0x2) Aug 26 18:24:48.535353: | IKEv2 transform ID: PRF_HMAC_SHA2_256 (0x5) Aug 26 18:24:48.535355: | remote proposal 1 transform 1 (PRF=HMAC_SHA2_256) matches local proposal 1 type 2 (PRF) transform 0 Aug 26 18:24:48.535357: | *****parse IKEv2 Transform Substructure Payload: Aug 26 18:24:48.535359: | last transform: v2_TRANSFORM_NON_LAST (0x3) Aug 26 18:24:48.535360: | length: 8 (0x8) Aug 26 18:24:48.535362: | IKEv2 transform type: TRANS_TYPE_INTEG (0x3) Aug 26 18:24:48.535363: | IKEv2 transform ID: AUTH_HMAC_SHA2_256_128 (0xc) Aug 26 18:24:48.535366: | remote proposal 1 transform 2 (INTEG=HMAC_SHA2_256_128) matches local proposal 1 type 3 (INTEG) transform 0 Aug 26 18:24:48.535367: | *****parse IKEv2 Transform Substructure Payload: Aug 26 18:24:48.535369: | last transform: v2_TRANSFORM_LAST (0x0) Aug 26 18:24:48.535370: | length: 8 (0x8) Aug 26 18:24:48.535372: | IKEv2 transform type: TRANS_TYPE_DH (0x4) Aug 26 18:24:48.535374: | IKEv2 transform ID: OAKLEY_GROUP_MODP2048 (0xe) Aug 26 18:24:48.535376: | remote proposal 1 transform 3 (DH=MODP2048) matches local proposal 1 type 4 (DH) transform 0 Aug 26 18:24:48.535378: | remote proposal 1 proposed transforms: ENCR+PRF+INTEG+DH; matched: ENCR+PRF+INTEG+DH; unmatched: none Aug 26 18:24:48.535381: | comparing remote proposal 1 containing ENCR+PRF+INTEG+DH transforms to local proposal 1; required: ENCR+PRF+INTEG+DH; optional: none; matched: ENCR+PRF+INTEG+DH Aug 26 18:24:48.535383: | remote proposal 1 matches local proposal 1 Aug 26 18:24:48.535386: "north-eastnets/0x2" #2: proposal 1:IKE:ENCR=AES_CBC_256;PRF=HMAC_SHA2_256;INTEG=HMAC_SHA2_256_128;DH=MODP2048 chosen from remote proposals 1:IKE:ENCR=AES_CBC_256;PRF=HMAC_SHA2_256;INTEG=HMAC_SHA2_256_128;DH=MODP2048[first-match] Aug 26 18:24:48.535389: | accepted IKE proposal ikev2_proposal: 1:IKE:ENCR=AES_CBC_256;PRF=HMAC_SHA2_256;INTEG=HMAC_SHA2_256_128;DH=MODP2048 Aug 26 18:24:48.535391: | converting proposal to internal trans attrs Aug 26 18:24:48.535395: | natd_hash: rcookie is zero Aug 26 18:24:48.535402: | natd_hash: hasher=0x55ce535b7800(20) Aug 26 18:24:48.535404: | natd_hash: icookie= df 94 67 26 a0 0a d8 6e Aug 26 18:24:48.535406: | natd_hash: rcookie= 00 00 00 00 00 00 00 00 Aug 26 18:24:48.535408: | natd_hash: ip= c0 01 03 21 Aug 26 18:24:48.535409: | natd_hash: port=500 Aug 26 18:24:48.535411: | natd_hash: hash= 30 00 c9 30 25 dc 14 72 1b 5e db b3 a7 d8 8c 5c Aug 26 18:24:48.535412: | natd_hash: hash= c1 d3 f1 3c Aug 26 18:24:48.535414: | natd_hash: rcookie is zero Aug 26 18:24:48.535417: | natd_hash: hasher=0x55ce535b7800(20) Aug 26 18:24:48.535419: | natd_hash: icookie= df 94 67 26 a0 0a d8 6e Aug 26 18:24:48.535420: | natd_hash: rcookie= 00 00 00 00 00 00 00 00 Aug 26 18:24:48.535422: | natd_hash: ip= c0 01 02 17 Aug 26 18:24:48.535423: | natd_hash: port=500 Aug 26 18:24:48.535425: | natd_hash: hash= 82 18 c7 b4 60 d3 de bf 90 7b c5 cb d0 22 61 a4 Aug 26 18:24:48.535426: | natd_hash: hash= a7 d4 29 e1 Aug 26 18:24:48.535428: | NAT_TRAVERSAL encaps using auto-detect Aug 26 18:24:48.535429: | NAT_TRAVERSAL this end is NOT behind NAT Aug 26 18:24:48.535431: | NAT_TRAVERSAL that end is NOT behind NAT Aug 26 18:24:48.535433: | NAT_TRAVERSAL nat-keepalive enabled 192.1.2.23 Aug 26 18:24:48.535437: | adding ikev2_inI1outR1 KE work-order 2 for state #2 Aug 26 18:24:48.535440: | event_schedule: new EVENT_CRYPTO_TIMEOUT-pe@0x55ce53a75d70 Aug 26 18:24:48.535459: | inserting event EVENT_CRYPTO_TIMEOUT, timeout in 60 seconds for #2 Aug 26 18:24:48.535461: | libevent_malloc: new ptr-libevent@0x55ce53a77790 size 128 Aug 26 18:24:48.535470: | #2 spent 0.234 milliseconds in processing: Respond to IKE_SA_INIT in ikev2_process_state_packet() Aug 26 18:24:48.535475: | [RE]START processing: state #2 connection "north-eastnets/0x2" from 192.1.2.23:500 (in complete_v2_state_transition() at ikev2.c:3379) Aug 26 18:24:48.535477: | crypto helper 2 resuming Aug 26 18:24:48.535500: | crypto helper 2 starting work-order 2 for state #2 Aug 26 18:24:48.535478: | #2 complete_v2_state_transition() PARENT_R0->PARENT_R1 with status STF_SUSPEND Aug 26 18:24:48.535505: | crypto helper 2 doing build KE and nonce (ikev2_inI1outR1 KE); request ID 2 Aug 26 18:24:48.535508: | suspending state #2 and saving MD Aug 26 18:24:48.535508: | crypto helper is pausing for 1 seconds Aug 26 18:24:48.535517: | #2 is busy; has a suspended MD Aug 26 18:24:48.535527: | [RE]START processing: state #2 connection "north-eastnets/0x2" from 192.1.2.23:500 (in log_stf_suspend() at ikev2.c:3269) Aug 26 18:24:48.535532: | "north-eastnets/0x2" #2 complete v2 state STATE_PARENT_R0 transition with STF_SUSPEND suspended from complete_v2_state_transition:3451 Aug 26 18:24:48.535537: | stop processing: state #2 connection "north-eastnets/0x2" from 192.1.2.23:500 (in ikev2_process_packet() at ikev2.c:2018) Aug 26 18:24:48.535542: | #2 spent 0.758 milliseconds in ikev2_process_packet() Aug 26 18:24:48.535547: | stop processing: from 192.1.2.23:500 (in process_md() at demux.c:380) Aug 26 18:24:48.535550: | processing: STOP state #0 (in process_md() at demux.c:382) Aug 26 18:24:48.535553: | processing: STOP connection NULL (in process_md() at demux.c:383) Aug 26 18:24:48.535558: | spent 0.774 milliseconds in comm_handle_cb() reading and processing packet Aug 26 18:24:49.390496: | crypto helper 0 finished build KE and nonce (ikev2_outI1 KE); request ID 1 time elapsed 1.000693 seconds Aug 26 18:24:49.390516: | (#1) spent 0.627 milliseconds in crypto helper computing work-order 1: ikev2_outI1 KE (pcr) Aug 26 18:24:49.390519: | crypto helper 0 sending results from work-order 1 for state #1 to event queue Aug 26 18:24:49.390521: | scheduling resume sending helper answer for #1 Aug 26 18:24:49.390524: | libevent_malloc: new ptr-libevent@0x7ffaa4006900 size 128 Aug 26 18:24:49.390533: | crypto helper 0 waiting (nothing to do) Aug 26 18:24:49.390544: | processing resume sending helper answer for #1 Aug 26 18:24:49.390557: | start processing: state #1 connection "north-eastnets/0x2" from 192.1.2.23 (in resume_handler() at server.c:797) Aug 26 18:24:49.390562: | crypto helper 0 replies to request ID 1 Aug 26 18:24:49.390565: | calling continuation function 0x55ce534e2b50 Aug 26 18:24:49.390568: | ikev2_parent_outI1_continue for #1 Aug 26 18:24:49.390600: | **emit ISAKMP Message: Aug 26 18:24:49.390603: | initiator cookie: Aug 26 18:24:49.390606: | ff 40 95 92 e6 85 07 d9 Aug 26 18:24:49.390608: | responder cookie: Aug 26 18:24:49.390611: | 00 00 00 00 00 00 00 00 Aug 26 18:24:49.390614: | next payload type: ISAKMP_NEXT_NONE (0x0) Aug 26 18:24:49.390617: | ISAKMP version: IKEv2 version 2.0 (rfc4306/rfc5996) (0x20) Aug 26 18:24:49.390620: | exchange type: ISAKMP_v2_IKE_SA_INIT (0x22) Aug 26 18:24:49.390623: | flags: ISAKMP_FLAG_v2_IKE_INIT (0x8) Aug 26 18:24:49.390626: | Message ID: 0 (0x0) Aug 26 18:24:49.390629: | next payload chain: saving message location 'ISAKMP Message'.'next payload type' Aug 26 18:24:49.390636: | using existing local IKE proposals for connection north-eastnets/0x2 (IKE SA initiator emitting local proposals): 1:IKE:ENCR=AES_CBC_256;PRF=HMAC_SHA2_256;INTEG=HMAC_SHA2_256_128;DH=MODP2048 Aug 26 18:24:49.390639: | Emitting ikev2_proposals ... Aug 26 18:24:49.390642: | ***emit IKEv2 Security Association Payload: Aug 26 18:24:49.390645: | next payload type: ISAKMP_NEXT_v2NONE (0x0) Aug 26 18:24:49.390647: | flags: none (0x0) Aug 26 18:24:49.390651: | next payload chain: setting previous 'ISAKMP Message'.'next payload type' to current IKEv2 Security Association Payload (33:ISAKMP_NEXT_v2SA) Aug 26 18:24:49.390657: | next payload chain: saving location 'IKEv2 Security Association Payload'.'next payload type' in 'reply packet' Aug 26 18:24:49.390661: | ****emit IKEv2 Proposal Substructure Payload: Aug 26 18:24:49.390664: | last proposal: v2_PROPOSAL_LAST (0x0) Aug 26 18:24:49.390666: | prop #: 1 (0x1) Aug 26 18:24:49.390669: | proto ID: IKEv2_SEC_PROTO_IKE (0x1) Aug 26 18:24:49.390671: | spi size: 0 (0x0) Aug 26 18:24:49.390674: | # transforms: 4 (0x4) Aug 26 18:24:49.390677: | last substructure: saving location 'IKEv2 Security Association Payload'.'IKEv2 Proposal Substructure Payload'.'last proposal' Aug 26 18:24:49.390680: | *****emit IKEv2 Transform Substructure Payload: Aug 26 18:24:49.390683: | last transform: v2_TRANSFORM_NON_LAST (0x3) Aug 26 18:24:49.390685: | IKEv2 transform type: TRANS_TYPE_ENCR (0x1) Aug 26 18:24:49.390688: | IKEv2 transform ID: AES_CBC (0xc) Aug 26 18:24:49.390691: | last substructure: saving location 'IKEv2 Proposal Substructure Payload'.'IKEv2 Transform Substructure Payload'.'last transform' Aug 26 18:24:49.390694: | ******emit IKEv2 Attribute Substructure Payload: Aug 26 18:24:49.390697: | af+type: AF+IKEv2_KEY_LENGTH (0x800e) Aug 26 18:24:49.390699: | length/value: 256 (0x100) Aug 26 18:24:49.390702: | emitting length of IKEv2 Transform Substructure Payload: 12 Aug 26 18:24:49.390705: | *****emit IKEv2 Transform Substructure Payload: Aug 26 18:24:49.390708: | last transform: v2_TRANSFORM_NON_LAST (0x3) Aug 26 18:24:49.390710: | IKEv2 transform type: TRANS_TYPE_PRF (0x2) Aug 26 18:24:49.390713: | IKEv2 transform ID: PRF_HMAC_SHA2_256 (0x5) Aug 26 18:24:49.390717: | last substructure: checking 'IKEv2 Proposal Substructure Payload'.'IKEv2 Transform Substructure Payload'.'last transform' is v2_TRANSFORM_NON_LAST (0x3) Aug 26 18:24:49.390720: | last substructure: saving location 'IKEv2 Proposal Substructure Payload'.'IKEv2 Transform Substructure Payload'.'last transform' Aug 26 18:24:49.390722: | emitting length of IKEv2 Transform Substructure Payload: 8 Aug 26 18:24:49.390725: | *****emit IKEv2 Transform Substructure Payload: Aug 26 18:24:49.390728: | last transform: v2_TRANSFORM_NON_LAST (0x3) Aug 26 18:24:49.390730: | IKEv2 transform type: TRANS_TYPE_INTEG (0x3) Aug 26 18:24:49.390733: | IKEv2 transform ID: AUTH_HMAC_SHA2_256_128 (0xc) Aug 26 18:24:49.390736: | last substructure: checking 'IKEv2 Proposal Substructure Payload'.'IKEv2 Transform Substructure Payload'.'last transform' is v2_TRANSFORM_NON_LAST (0x3) Aug 26 18:24:49.390739: | last substructure: saving location 'IKEv2 Proposal Substructure Payload'.'IKEv2 Transform Substructure Payload'.'last transform' Aug 26 18:24:49.390742: | emitting length of IKEv2 Transform Substructure Payload: 8 Aug 26 18:24:49.390744: | *****emit IKEv2 Transform Substructure Payload: Aug 26 18:24:49.390747: | last transform: v2_TRANSFORM_LAST (0x0) Aug 26 18:24:49.390750: | IKEv2 transform type: TRANS_TYPE_DH (0x4) Aug 26 18:24:49.390752: | IKEv2 transform ID: OAKLEY_GROUP_MODP2048 (0xe) Aug 26 18:24:49.390755: | last substructure: checking 'IKEv2 Proposal Substructure Payload'.'IKEv2 Transform Substructure Payload'.'last transform' is v2_TRANSFORM_NON_LAST (0x3) Aug 26 18:24:49.390758: | last substructure: saving location 'IKEv2 Proposal Substructure Payload'.'IKEv2 Transform Substructure Payload'.'last transform' Aug 26 18:24:49.390761: | emitting length of IKEv2 Transform Substructure Payload: 8 Aug 26 18:24:49.390764: | emitting length of IKEv2 Proposal Substructure Payload: 44 Aug 26 18:24:49.390767: | last substructure: checking 'IKEv2 Proposal Substructure Payload'.'IKEv2 Transform Substructure Payload'.'last transform' is 0 Aug 26 18:24:49.390769: | emitting length of IKEv2 Security Association Payload: 48 Aug 26 18:24:49.390772: | last substructure: checking 'IKEv2 Security Association Payload'.'IKEv2 Proposal Substructure Payload'.'last proposal' is 0 Aug 26 18:24:49.390776: | ***emit IKEv2 Key Exchange Payload: Aug 26 18:24:49.390779: | next payload type: ISAKMP_NEXT_v2NONE (0x0) Aug 26 18:24:49.390782: | flags: none (0x0) Aug 26 18:24:49.390785: | DH group: OAKLEY_GROUP_MODP2048 (0xe) Aug 26 18:24:49.390788: | next payload chain: setting previous 'IKEv2 Security Association Payload'.'next payload type' to current IKEv2 Key Exchange Payload (34:ISAKMP_NEXT_v2KE) Aug 26 18:24:49.390791: | next payload chain: saving location 'IKEv2 Key Exchange Payload'.'next payload type' in 'reply packet' Aug 26 18:24:49.390794: | emitting 256 raw bytes of ikev2 g^x into IKEv2 Key Exchange Payload Aug 26 18:24:49.390797: | ikev2 g^x bc b2 c3 3c bb d4 d9 ac 88 59 ea bb 02 71 f5 3c Aug 26 18:24:49.390800: | ikev2 g^x 4f 8e 3b 56 84 b8 ab 3c b3 af 59 e9 61 aa 65 4e Aug 26 18:24:49.390802: | ikev2 g^x 7c 34 ba 54 2d ea de ac db 5a e0 67 c2 0a 62 ca Aug 26 18:24:49.390805: | ikev2 g^x 2b 56 71 71 94 8b 11 04 46 66 bd 4f b7 8a 64 5a Aug 26 18:24:49.390807: | ikev2 g^x e6 69 83 fe 3c 10 59 24 06 86 a5 87 d4 3d d2 62 Aug 26 18:24:49.390810: | ikev2 g^x 7d 0e 40 b5 05 9d 86 2a b1 e2 c8 90 f7 b8 f1 13 Aug 26 18:24:49.390812: | ikev2 g^x a8 be eb 1c c3 60 19 04 e4 b0 4e 17 fd 87 94 29 Aug 26 18:24:49.390815: | ikev2 g^x ad dd 78 ab 0f 7b 76 b0 3a 01 a1 20 78 d7 d9 20 Aug 26 18:24:49.390817: | ikev2 g^x 7c 6c e2 88 1b 34 3a ed c9 72 b1 cb 09 79 1d b5 Aug 26 18:24:49.390820: | ikev2 g^x 8c 2d be 55 5c 55 c6 6a 8f d6 8a 69 c1 34 de d0 Aug 26 18:24:49.390822: | ikev2 g^x f4 45 e7 03 df 99 8d 25 ec af f9 c0 8a 36 e1 93 Aug 26 18:24:49.390825: | ikev2 g^x ee af 17 21 ae ab d0 17 1b 92 5c 34 dd 08 c8 ea Aug 26 18:24:49.390827: | ikev2 g^x e6 51 80 f4 db 2b 0e af 21 e8 2f da af 64 54 e6 Aug 26 18:24:49.390830: | ikev2 g^x c4 a5 fa 44 eb c5 7c 3d 9d ed 93 72 e9 81 8f ca Aug 26 18:24:49.390832: | ikev2 g^x 3c 5c 81 f0 80 bc d8 e3 be 0e d5 24 b7 b8 51 1c Aug 26 18:24:49.390835: | ikev2 g^x 7d a6 a8 63 04 eb b7 69 3d 75 55 2c a9 8a de 83 Aug 26 18:24:49.390838: | emitting length of IKEv2 Key Exchange Payload: 264 Aug 26 18:24:49.390840: | ***emit IKEv2 Nonce Payload: Aug 26 18:24:49.390843: | next payload type: ISAKMP_NEXT_v2N (0x29) Aug 26 18:24:49.390846: | flags: none (0x0) Aug 26 18:24:49.390849: | next payload chain: ignoring supplied 'IKEv2 Nonce Payload'.'next payload type' value 41:ISAKMP_NEXT_v2N Aug 26 18:24:49.390852: | next payload chain: setting previous 'IKEv2 Key Exchange Payload'.'next payload type' to current IKEv2 Nonce Payload (40:ISAKMP_NEXT_v2Ni) Aug 26 18:24:49.390855: | next payload chain: saving location 'IKEv2 Nonce Payload'.'next payload type' in 'reply packet' Aug 26 18:24:49.390858: | emitting 32 raw bytes of IKEv2 nonce into IKEv2 Nonce Payload Aug 26 18:24:49.390861: | IKEv2 nonce b9 e9 76 28 2e 09 dc d9 d0 d0 61 9a 4a a4 92 48 Aug 26 18:24:49.390864: | IKEv2 nonce cf 3a 70 3c 9e 04 0b b2 09 a7 c2 42 0b 9a ac 91 Aug 26 18:24:49.390866: | emitting length of IKEv2 Nonce Payload: 36 Aug 26 18:24:49.390869: | Adding a v2N Payload Aug 26 18:24:49.390871: | ***emit IKEv2 Notify Payload: Aug 26 18:24:49.390874: | next payload type: ISAKMP_NEXT_v2NONE (0x0) Aug 26 18:24:49.390877: | flags: none (0x0) Aug 26 18:24:49.390880: | Protocol ID: PROTO_v2_RESERVED (0x0) Aug 26 18:24:49.390882: | SPI size: 0 (0x0) Aug 26 18:24:49.390885: | Notify Message Type: v2N_IKEV2_FRAGMENTATION_SUPPORTED (0x402e) Aug 26 18:24:49.390888: | next payload chain: setting previous 'IKEv2 Nonce Payload'.'next payload type' to current IKEv2 Notify Payload (41:ISAKMP_NEXT_v2N) Aug 26 18:24:49.390891: | next payload chain: saving location 'IKEv2 Notify Payload'.'next payload type' in 'reply packet' Aug 26 18:24:49.390894: | emitting length of IKEv2 Notify Payload: 8 Aug 26 18:24:49.390897: | NAT-Traversal support [enabled] add v2N payloads. Aug 26 18:24:49.390900: | natd_hash: rcookie is zero Aug 26 18:24:49.390911: | natd_hash: hasher=0x55ce535b7800(20) Aug 26 18:24:49.390914: | natd_hash: icookie= ff 40 95 92 e6 85 07 d9 Aug 26 18:24:49.390919: | natd_hash: rcookie= 00 00 00 00 00 00 00 00 Aug 26 18:24:49.390921: | natd_hash: ip= c0 01 03 21 Aug 26 18:24:49.390924: | natd_hash: port=500 Aug 26 18:24:49.390926: | natd_hash: hash= 19 32 e5 d7 53 8a 5f 18 5d 50 36 b0 3f 52 1a 19 Aug 26 18:24:49.390929: | natd_hash: hash= ad 88 00 bf Aug 26 18:24:49.390931: | Adding a v2N Payload Aug 26 18:24:49.390934: | ***emit IKEv2 Notify Payload: Aug 26 18:24:49.390936: | next payload type: ISAKMP_NEXT_v2NONE (0x0) Aug 26 18:24:49.390939: | flags: none (0x0) Aug 26 18:24:49.390941: | Protocol ID: PROTO_v2_RESERVED (0x0) Aug 26 18:24:49.390944: | SPI size: 0 (0x0) Aug 26 18:24:49.390947: | Notify Message Type: v2N_NAT_DETECTION_SOURCE_IP (0x4004) Aug 26 18:24:49.390950: | next payload chain: setting previous 'IKEv2 Notify Payload'.'next payload type' to current IKEv2 Notify Payload (41:ISAKMP_NEXT_v2N) Aug 26 18:24:49.390953: | next payload chain: saving location 'IKEv2 Notify Payload'.'next payload type' in 'reply packet' Aug 26 18:24:49.390956: | emitting 20 raw bytes of Notify data into IKEv2 Notify Payload Aug 26 18:24:49.390958: | Notify data 19 32 e5 d7 53 8a 5f 18 5d 50 36 b0 3f 52 1a 19 Aug 26 18:24:49.390961: | Notify data ad 88 00 bf Aug 26 18:24:49.390963: | emitting length of IKEv2 Notify Payload: 28 Aug 26 18:24:49.390966: | natd_hash: rcookie is zero Aug 26 18:24:49.390972: | natd_hash: hasher=0x55ce535b7800(20) Aug 26 18:24:49.390975: | natd_hash: icookie= ff 40 95 92 e6 85 07 d9 Aug 26 18:24:49.390978: | natd_hash: rcookie= 00 00 00 00 00 00 00 00 Aug 26 18:24:49.390980: | natd_hash: ip= c0 01 02 17 Aug 26 18:24:49.390982: | natd_hash: port=500 Aug 26 18:24:49.390985: | natd_hash: hash= 0e 6c ca 14 6e 8c 25 3e 97 24 e7 26 07 a8 d7 4b Aug 26 18:24:49.390987: | natd_hash: hash= 6d 3d 2a de Aug 26 18:24:49.390990: | Adding a v2N Payload Aug 26 18:24:49.390992: | ***emit IKEv2 Notify Payload: Aug 26 18:24:49.390995: | next payload type: ISAKMP_NEXT_v2NONE (0x0) Aug 26 18:24:49.390997: | flags: none (0x0) Aug 26 18:24:49.391000: | Protocol ID: PROTO_v2_RESERVED (0x0) Aug 26 18:24:49.391002: | SPI size: 0 (0x0) Aug 26 18:24:49.391005: | Notify Message Type: v2N_NAT_DETECTION_DESTINATION_IP (0x4005) Aug 26 18:24:49.391008: | next payload chain: setting previous 'IKEv2 Notify Payload'.'next payload type' to current IKEv2 Notify Payload (41:ISAKMP_NEXT_v2N) Aug 26 18:24:49.391011: | next payload chain: saving location 'IKEv2 Notify Payload'.'next payload type' in 'reply packet' Aug 26 18:24:49.391014: | emitting 20 raw bytes of Notify data into IKEv2 Notify Payload Aug 26 18:24:49.391017: | Notify data 0e 6c ca 14 6e 8c 25 3e 97 24 e7 26 07 a8 d7 4b Aug 26 18:24:49.391019: | Notify data 6d 3d 2a de Aug 26 18:24:49.391022: | emitting length of IKEv2 Notify Payload: 28 Aug 26 18:24:49.391024: | emitting length of ISAKMP Message: 440 Aug 26 18:24:49.391031: | stop processing: state #1 connection "north-eastnets/0x2" from 192.1.2.23 (in ikev2_parent_outI1_common() at ikev2_parent.c:817) Aug 26 18:24:49.391042: | start processing: state #1 connection "north-eastnets/0x2" from 192.1.2.23 (in complete_v2_state_transition() at ikev2.c:3379) Aug 26 18:24:49.391046: | #1 complete_v2_state_transition() PARENT_I0->PARENT_I1 with status STF_OK Aug 26 18:24:49.391049: | IKEv2: transition from state STATE_PARENT_I0 to state STATE_PARENT_I1 Aug 26 18:24:49.391053: | parent state #1: PARENT_I0(ignore) => PARENT_I1(half-open IKE SA) Aug 26 18:24:49.391056: | Message ID: updating counters for #1 to 4294967295 after switching state Aug 26 18:24:49.391059: | Message ID: IKE #1 skipping update_recv as MD is fake Aug 26 18:24:49.391064: | Message ID: sent #1 request 0; ike: initiator.sent=-1->0 initiator.recv=-1 responder.sent=-1 responder.recv=-1 wip.initiator=-1->0 wip.responder=-1 Aug 26 18:24:49.391067: "north-eastnets/0x2" #1: STATE_PARENT_I1: sent v2I1, expected v2R1 Aug 26 18:24:49.391081: | sending V2 reply packet to 192.1.2.23:500 (from 192.1.3.33:500) Aug 26 18:24:49.391088: | sending 440 bytes for STATE_PARENT_I0 through eth1 from 192.1.3.33:500 to 192.1.2.23:500 (using #1) Aug 26 18:24:49.391094: | ff 40 95 92 e6 85 07 d9 00 00 00 00 00 00 00 00 Aug 26 18:24:49.391097: | 21 20 22 08 00 00 00 00 00 00 01 b8 22 00 00 30 Aug 26 18:24:49.391099: | 00 00 00 2c 01 01 00 04 03 00 00 0c 01 00 00 0c Aug 26 18:24:49.391102: | 80 0e 01 00 03 00 00 08 02 00 00 05 03 00 00 08 Aug 26 18:24:49.391104: | 03 00 00 0c 00 00 00 08 04 00 00 0e 28 00 01 08 Aug 26 18:24:49.391107: | 00 0e 00 00 bc b2 c3 3c bb d4 d9 ac 88 59 ea bb Aug 26 18:24:49.391109: | 02 71 f5 3c 4f 8e 3b 56 84 b8 ab 3c b3 af 59 e9 Aug 26 18:24:49.391112: | 61 aa 65 4e 7c 34 ba 54 2d ea de ac db 5a e0 67 Aug 26 18:24:49.391114: | c2 0a 62 ca 2b 56 71 71 94 8b 11 04 46 66 bd 4f Aug 26 18:24:49.391117: | b7 8a 64 5a e6 69 83 fe 3c 10 59 24 06 86 a5 87 Aug 26 18:24:49.391119: | d4 3d d2 62 7d 0e 40 b5 05 9d 86 2a b1 e2 c8 90 Aug 26 18:24:49.391122: | f7 b8 f1 13 a8 be eb 1c c3 60 19 04 e4 b0 4e 17 Aug 26 18:24:49.391124: | fd 87 94 29 ad dd 78 ab 0f 7b 76 b0 3a 01 a1 20 Aug 26 18:24:49.391127: | 78 d7 d9 20 7c 6c e2 88 1b 34 3a ed c9 72 b1 cb Aug 26 18:24:49.391129: | 09 79 1d b5 8c 2d be 55 5c 55 c6 6a 8f d6 8a 69 Aug 26 18:24:49.391132: | c1 34 de d0 f4 45 e7 03 df 99 8d 25 ec af f9 c0 Aug 26 18:24:49.391134: | 8a 36 e1 93 ee af 17 21 ae ab d0 17 1b 92 5c 34 Aug 26 18:24:49.391137: | dd 08 c8 ea e6 51 80 f4 db 2b 0e af 21 e8 2f da Aug 26 18:24:49.391139: | af 64 54 e6 c4 a5 fa 44 eb c5 7c 3d 9d ed 93 72 Aug 26 18:24:49.391141: | e9 81 8f ca 3c 5c 81 f0 80 bc d8 e3 be 0e d5 24 Aug 26 18:24:49.391144: | b7 b8 51 1c 7d a6 a8 63 04 eb b7 69 3d 75 55 2c Aug 26 18:24:49.391146: | a9 8a de 83 29 00 00 24 b9 e9 76 28 2e 09 dc d9 Aug 26 18:24:49.391149: | d0 d0 61 9a 4a a4 92 48 cf 3a 70 3c 9e 04 0b b2 Aug 26 18:24:49.391151: | 09 a7 c2 42 0b 9a ac 91 29 00 00 08 00 00 40 2e Aug 26 18:24:49.391154: | 29 00 00 1c 00 00 40 04 19 32 e5 d7 53 8a 5f 18 Aug 26 18:24:49.391156: | 5d 50 36 b0 3f 52 1a 19 ad 88 00 bf 00 00 00 1c Aug 26 18:24:49.391159: | 00 00 40 05 0e 6c ca 14 6e 8c 25 3e 97 24 e7 26 Aug 26 18:24:49.391162: | 07 a8 d7 4b 6d 3d 2a de Aug 26 18:24:49.391204: | state #1 requesting EVENT_CRYPTO_TIMEOUT to be deleted Aug 26 18:24:49.391209: | libevent_free: release ptr-libevent@0x55ce53a747d0 Aug 26 18:24:49.391213: | free_event_entry: release EVENT_CRYPTO_TIMEOUT-pe@0x55ce53a74790 Aug 26 18:24:49.391215: | success_v2_state_transition scheduling EVENT_RETRANSMIT of c->r_interval=50ms Aug 26 18:24:49.391219: | event_schedule: new EVENT_RETRANSMIT-pe@0x55ce53a74790 Aug 26 18:24:49.391223: | inserting event EVENT_RETRANSMIT, timeout in 0.05 seconds for #1 Aug 26 18:24:49.391227: | libevent_malloc: new ptr-libevent@0x55ce53a747d0 size 128 Aug 26 18:24:49.391232: | #1 STATE_PARENT_I1: retransmits: first event in 0.05 seconds; timeout in 60 seconds; limit of 12 retransmits; current time is 29175.133685 Aug 26 18:24:49.391236: | resume sending helper answer for #1 suppresed complete_v2_state_transition() and stole MD Aug 26 18:24:49.391241: | #1 spent 0.652 milliseconds in resume sending helper answer Aug 26 18:24:49.391246: | stop processing: state #1 connection "north-eastnets/0x2" from 192.1.2.23 (in resume_handler() at server.c:833) Aug 26 18:24:49.391250: | libevent_free: release ptr-libevent@0x7ffaa4006900 Aug 26 18:24:49.393301: | spent 0.00305 milliseconds in comm_handle_cb() calling check_incoming_msg_errqueue() Aug 26 18:24:49.393324: | *received 440 bytes from 192.1.2.23:500 on eth1 (192.1.3.33:500) Aug 26 18:24:49.393329: | ff 40 95 92 e6 85 07 d9 fd 1d f4 22 0d b8 c9 16 Aug 26 18:24:49.393332: | 21 20 22 20 00 00 00 00 00 00 01 b8 22 00 00 30 Aug 26 18:24:49.393334: | 00 00 00 2c 01 01 00 04 03 00 00 0c 01 00 00 0c Aug 26 18:24:49.393337: | 80 0e 01 00 03 00 00 08 02 00 00 05 03 00 00 08 Aug 26 18:24:49.393339: | 03 00 00 0c 00 00 00 08 04 00 00 0e 28 00 01 08 Aug 26 18:24:49.393342: | 00 0e 00 00 6b 9a 3e 5b e1 af 3f 13 00 b8 fa 76 Aug 26 18:24:49.393346: | 7c 59 b3 d7 26 91 18 4d c0 16 20 d5 f5 34 ec 77 Aug 26 18:24:49.393349: | ca 3b d5 05 da d9 07 2e 90 d0 f6 3e f2 e2 8b c9 Aug 26 18:24:49.393352: | 76 bf 46 04 99 59 c1 a8 e7 f7 e5 68 6a a6 f3 e7 Aug 26 18:24:49.393354: | d0 81 6c 4d 75 81 7a 41 68 58 05 01 1d 48 3f 8e Aug 26 18:24:49.393357: | ae 27 b7 cc 09 0b 54 f0 d4 2b b6 70 e9 43 e9 75 Aug 26 18:24:49.393359: | d1 ae f7 6e ed 4b 38 cf 70 5f 41 79 91 a1 f7 22 Aug 26 18:24:49.393362: | ac ad bf de a6 90 89 4b 01 89 a3 da 5a 2e 33 f0 Aug 26 18:24:49.393364: | 44 7b f8 37 f0 0d ac 1d 7d 50 ab e4 5a 2e d0 8b Aug 26 18:24:49.393367: | 27 33 2b fe ae 3a 12 8d fd 2b a8 13 8d 8e 2e 49 Aug 26 18:24:49.393369: | e4 2a 9e 3c 11 d5 0b 1c 32 ed 46 6a a7 c6 bf 3c Aug 26 18:24:49.393372: | cf 9e d6 5e 4d a8 95 e2 3a eb 74 d8 75 fb 1f 35 Aug 26 18:24:49.393374: | c5 f1 de fe c0 d2 68 84 52 ac 50 74 df f9 3a c3 Aug 26 18:24:49.393377: | d3 f6 8c f7 53 5f 3b 3a 1c e8 80 7b bb df f9 3e Aug 26 18:24:49.393379: | a8 c5 95 dd b2 e7 36 14 82 13 26 90 fe c0 a9 8c Aug 26 18:24:49.393382: | 29 00 d4 d5 cb 08 1d 18 37 96 ff e8 7f 7a 88 d7 Aug 26 18:24:49.393384: | 02 00 0d de 29 00 00 24 e7 1b f1 d4 91 81 9b 79 Aug 26 18:24:49.393387: | d4 d5 28 01 24 54 91 02 49 33 71 56 97 51 8c fd Aug 26 18:24:49.393389: | 43 1e 1a 2a 08 15 10 ad 29 00 00 08 00 00 40 2e Aug 26 18:24:49.393392: | 29 00 00 1c 00 00 40 04 97 b5 03 ee 8f 82 77 35 Aug 26 18:24:49.393394: | d2 fe 5e 63 1c 10 94 e3 7c 9e 93 f8 00 00 00 1c Aug 26 18:24:49.393397: | 00 00 40 05 05 92 e9 c5 39 03 95 4f 68 95 b1 6f Aug 26 18:24:49.393399: | 49 3f bd 4e 6d 55 af 0f Aug 26 18:24:49.393404: | start processing: from 192.1.2.23:500 (in process_md() at demux.c:378) Aug 26 18:24:49.393408: | **parse ISAKMP Message: Aug 26 18:24:49.393411: | initiator cookie: Aug 26 18:24:49.393414: | ff 40 95 92 e6 85 07 d9 Aug 26 18:24:49.393416: | responder cookie: Aug 26 18:24:49.393419: | fd 1d f4 22 0d b8 c9 16 Aug 26 18:24:49.393422: | next payload type: ISAKMP_NEXT_v2SA (0x21) Aug 26 18:24:49.393425: | ISAKMP version: IKEv2 version 2.0 (rfc4306/rfc5996) (0x20) Aug 26 18:24:49.393428: | exchange type: ISAKMP_v2_IKE_SA_INIT (0x22) Aug 26 18:24:49.393431: | flags: ISAKMP_FLAG_v2_MSG_RESPONSE (0x20) Aug 26 18:24:49.393434: | Message ID: 0 (0x0) Aug 26 18:24:49.393436: | length: 440 (0x1b8) Aug 26 18:24:49.393440: | processing version=2.0 packet with exchange type=ISAKMP_v2_IKE_SA_INIT (34) Aug 26 18:24:49.393443: | I am the IKE SA Original Initiator receiving an IKEv2 IKE_SA_INIT response Aug 26 18:24:49.393447: | State DB: found IKEv2 state #1 in PARENT_I1 (find_v2_ike_sa_by_initiator_spi) Aug 26 18:24:49.393454: | start processing: state #1 connection "north-eastnets/0x2" from 192.1.2.23 (in ikev2_process_packet() at ikev2.c:2016) Aug 26 18:24:49.393459: | [RE]START processing: state #1 connection "north-eastnets/0x2" from 192.1.2.23 (in ike_process_packet() at ikev2.c:2062) Aug 26 18:24:49.393462: | #1 is idle Aug 26 18:24:49.393464: | #1 idle Aug 26 18:24:49.393467: | unpacking clear payload Aug 26 18:24:49.393470: | Now let's proceed with payload (ISAKMP_NEXT_v2SA) Aug 26 18:24:49.393473: | ***parse IKEv2 Security Association Payload: Aug 26 18:24:49.393476: | next payload type: ISAKMP_NEXT_v2KE (0x22) Aug 26 18:24:49.393478: | flags: none (0x0) Aug 26 18:24:49.393481: | length: 48 (0x30) Aug 26 18:24:49.393484: | processing payload: ISAKMP_NEXT_v2SA (len=44) Aug 26 18:24:49.393487: | Now let's proceed with payload (ISAKMP_NEXT_v2KE) Aug 26 18:24:49.393490: | ***parse IKEv2 Key Exchange Payload: Aug 26 18:24:49.393493: | next payload type: ISAKMP_NEXT_v2Ni (0x28) Aug 26 18:24:49.393495: | flags: none (0x0) Aug 26 18:24:49.393498: | length: 264 (0x108) Aug 26 18:24:49.393501: | DH group: OAKLEY_GROUP_MODP2048 (0xe) Aug 26 18:24:49.393503: | processing payload: ISAKMP_NEXT_v2KE (len=256) Aug 26 18:24:49.393506: | Now let's proceed with payload (ISAKMP_NEXT_v2Ni) Aug 26 18:24:49.393510: | ***parse IKEv2 Nonce Payload: Aug 26 18:24:49.393513: | next payload type: ISAKMP_NEXT_v2N (0x29) Aug 26 18:24:49.393516: | flags: none (0x0) Aug 26 18:24:49.393518: | length: 36 (0x24) Aug 26 18:24:49.393521: | processing payload: ISAKMP_NEXT_v2Ni (len=32) Aug 26 18:24:49.393524: | Now let's proceed with payload (ISAKMP_NEXT_v2N) Aug 26 18:24:49.393527: | ***parse IKEv2 Notify Payload: Aug 26 18:24:49.393529: | next payload type: ISAKMP_NEXT_v2N (0x29) Aug 26 18:24:49.393532: | flags: none (0x0) Aug 26 18:24:49.393534: | length: 8 (0x8) Aug 26 18:24:49.393537: | Protocol ID: PROTO_v2_RESERVED (0x0) Aug 26 18:24:49.393540: | SPI size: 0 (0x0) Aug 26 18:24:49.393542: | Notify Message Type: v2N_IKEV2_FRAGMENTATION_SUPPORTED (0x402e) Aug 26 18:24:49.393545: | processing payload: ISAKMP_NEXT_v2N (len=0) Aug 26 18:24:49.393548: | Now let's proceed with payload (ISAKMP_NEXT_v2N) Aug 26 18:24:49.393550: | ***parse IKEv2 Notify Payload: Aug 26 18:24:49.393553: | next payload type: ISAKMP_NEXT_v2N (0x29) Aug 26 18:24:49.393556: | flags: none (0x0) Aug 26 18:24:49.393558: | length: 28 (0x1c) Aug 26 18:24:49.393561: | Protocol ID: PROTO_v2_RESERVED (0x0) Aug 26 18:24:49.393563: | SPI size: 0 (0x0) Aug 26 18:24:49.393566: | Notify Message Type: v2N_NAT_DETECTION_SOURCE_IP (0x4004) Aug 26 18:24:49.393569: | processing payload: ISAKMP_NEXT_v2N (len=20) Aug 26 18:24:49.393571: | Now let's proceed with payload (ISAKMP_NEXT_v2N) Aug 26 18:24:49.393574: | ***parse IKEv2 Notify Payload: Aug 26 18:24:49.393576: | next payload type: ISAKMP_NEXT_v2NONE (0x0) Aug 26 18:24:49.393579: | flags: none (0x0) Aug 26 18:24:49.393581: | length: 28 (0x1c) Aug 26 18:24:49.393584: | Protocol ID: PROTO_v2_RESERVED (0x0) Aug 26 18:24:49.393586: | SPI size: 0 (0x0) Aug 26 18:24:49.393589: | Notify Message Type: v2N_NAT_DETECTION_DESTINATION_IP (0x4005) Aug 26 18:24:49.393592: | processing payload: ISAKMP_NEXT_v2N (len=20) Aug 26 18:24:49.393595: | State DB: re-hashing IKEv2 state #1 IKE SPIi and SPI[ir] Aug 26 18:24:49.393600: | #1 in state PARENT_I1: sent v2I1, expected v2R1 Aug 26 18:24:49.393604: | selected state microcode Initiator: process IKE_SA_INIT reply, initiate IKE_AUTH Aug 26 18:24:49.393607: | Now let's proceed with state specific processing Aug 26 18:24:49.393610: | calling processor Initiator: process IKE_SA_INIT reply, initiate IKE_AUTH Aug 26 18:24:49.393613: | ikev2 parent inR1: calculating g^{xy} in order to send I2 Aug 26 18:24:49.393620: | using existing local IKE proposals for connection north-eastnets/0x2 (IKE SA initiator accepting remote proposal): 1:IKE:ENCR=AES_CBC_256;PRF=HMAC_SHA2_256;INTEG=HMAC_SHA2_256_128;DH=MODP2048 Aug 26 18:24:49.393624: | Comparing remote proposals against IKE initiator (accepting) 1 local proposals Aug 26 18:24:49.393628: | local proposal 1 type ENCR has 1 transforms Aug 26 18:24:49.393631: | local proposal 1 type PRF has 1 transforms Aug 26 18:24:49.393633: | local proposal 1 type INTEG has 1 transforms Aug 26 18:24:49.393636: | local proposal 1 type DH has 1 transforms Aug 26 18:24:49.393639: | local proposal 1 type ESN has 0 transforms Aug 26 18:24:49.393642: | local proposal 1 transforms: required: ENCR+PRF+INTEG+DH; optional: none Aug 26 18:24:49.393645: | ****parse IKEv2 Proposal Substructure Payload: Aug 26 18:24:49.393648: | last proposal: v2_PROPOSAL_LAST (0x0) Aug 26 18:24:49.393651: | length: 44 (0x2c) Aug 26 18:24:49.393653: | prop #: 1 (0x1) Aug 26 18:24:49.393656: | proto ID: IKEv2_SEC_PROTO_IKE (0x1) Aug 26 18:24:49.393659: | spi size: 0 (0x0) Aug 26 18:24:49.393661: | # transforms: 4 (0x4) Aug 26 18:24:49.393665: | Comparing remote proposal 1 containing 4 transforms against local proposal [1..1] of 1 local proposals Aug 26 18:24:49.393668: | *****parse IKEv2 Transform Substructure Payload: Aug 26 18:24:49.393671: | last transform: v2_TRANSFORM_NON_LAST (0x3) Aug 26 18:24:49.393673: | length: 12 (0xc) Aug 26 18:24:49.393676: | IKEv2 transform type: TRANS_TYPE_ENCR (0x1) Aug 26 18:24:49.393680: | IKEv2 transform ID: AES_CBC (0xc) Aug 26 18:24:49.393683: | ******parse IKEv2 Attribute Substructure Payload: Aug 26 18:24:49.393686: | af+type: AF+IKEv2_KEY_LENGTH (0x800e) Aug 26 18:24:49.393689: | length/value: 256 (0x100) Aug 26 18:24:49.393693: | remote proposal 1 transform 0 (ENCR=AES_CBC_256) matches local proposal 1 type 1 (ENCR) transform 0 Aug 26 18:24:49.393696: | *****parse IKEv2 Transform Substructure Payload: Aug 26 18:24:49.393699: | last transform: v2_TRANSFORM_NON_LAST (0x3) Aug 26 18:24:49.393702: | length: 8 (0x8) Aug 26 18:24:49.393704: | IKEv2 transform type: TRANS_TYPE_PRF (0x2) Aug 26 18:24:49.393707: | IKEv2 transform ID: PRF_HMAC_SHA2_256 (0x5) Aug 26 18:24:49.393711: | remote proposal 1 transform 1 (PRF=HMAC_SHA2_256) matches local proposal 1 type 2 (PRF) transform 0 Aug 26 18:24:49.393714: | *****parse IKEv2 Transform Substructure Payload: Aug 26 18:24:49.393716: | last transform: v2_TRANSFORM_NON_LAST (0x3) Aug 26 18:24:49.393719: | length: 8 (0x8) Aug 26 18:24:49.393722: | IKEv2 transform type: TRANS_TYPE_INTEG (0x3) Aug 26 18:24:49.393724: | IKEv2 transform ID: AUTH_HMAC_SHA2_256_128 (0xc) Aug 26 18:24:49.393728: | remote proposal 1 transform 2 (INTEG=HMAC_SHA2_256_128) matches local proposal 1 type 3 (INTEG) transform 0 Aug 26 18:24:49.393731: | *****parse IKEv2 Transform Substructure Payload: Aug 26 18:24:49.393733: | last transform: v2_TRANSFORM_LAST (0x0) Aug 26 18:24:49.393736: | length: 8 (0x8) Aug 26 18:24:49.393738: | IKEv2 transform type: TRANS_TYPE_DH (0x4) Aug 26 18:24:49.393741: | IKEv2 transform ID: OAKLEY_GROUP_MODP2048 (0xe) Aug 26 18:24:49.393745: | remote proposal 1 transform 3 (DH=MODP2048) matches local proposal 1 type 4 (DH) transform 0 Aug 26 18:24:49.393749: | remote proposal 1 proposed transforms: ENCR+PRF+INTEG+DH; matched: ENCR+PRF+INTEG+DH; unmatched: none Aug 26 18:24:49.393754: | comparing remote proposal 1 containing ENCR+PRF+INTEG+DH transforms to local proposal 1; required: ENCR+PRF+INTEG+DH; optional: none; matched: ENCR+PRF+INTEG+DH Aug 26 18:24:49.393757: | remote proposal 1 matches local proposal 1 Aug 26 18:24:49.393760: | remote accepted the proposal 1:IKE:ENCR=AES_CBC_256;PRF=HMAC_SHA2_256;INTEG=HMAC_SHA2_256_128;DH=MODP2048[first-match] Aug 26 18:24:49.393763: | converting proposal to internal trans attrs Aug 26 18:24:49.393777: | natd_hash: hasher=0x55ce535b7800(20) Aug 26 18:24:49.393781: | natd_hash: icookie= ff 40 95 92 e6 85 07 d9 Aug 26 18:24:49.393784: | natd_hash: rcookie= fd 1d f4 22 0d b8 c9 16 Aug 26 18:24:49.393786: | natd_hash: ip= c0 01 03 21 Aug 26 18:24:49.393789: | natd_hash: port=500 Aug 26 18:24:49.393792: | natd_hash: hash= 05 92 e9 c5 39 03 95 4f 68 95 b1 6f 49 3f bd 4e Aug 26 18:24:49.393794: | natd_hash: hash= 6d 55 af 0f Aug 26 18:24:49.393801: | natd_hash: hasher=0x55ce535b7800(20) Aug 26 18:24:49.393804: | natd_hash: icookie= ff 40 95 92 e6 85 07 d9 Aug 26 18:24:49.393806: | natd_hash: rcookie= fd 1d f4 22 0d b8 c9 16 Aug 26 18:24:49.393809: | natd_hash: ip= c0 01 02 17 Aug 26 18:24:49.393811: | natd_hash: port=500 Aug 26 18:24:49.393814: | natd_hash: hash= 97 b5 03 ee 8f 82 77 35 d2 fe 5e 63 1c 10 94 e3 Aug 26 18:24:49.393817: | natd_hash: hash= 7c 9e 93 f8 Aug 26 18:24:49.393819: | NAT_TRAVERSAL encaps using auto-detect Aug 26 18:24:49.393822: | NAT_TRAVERSAL this end is NOT behind NAT Aug 26 18:24:49.393824: | NAT_TRAVERSAL that end is NOT behind NAT Aug 26 18:24:49.393828: | NAT_TRAVERSAL nat-keepalive enabled 192.1.2.23 Aug 26 18:24:49.393832: | offloading IKEv2 SKEYSEED using prf=HMAC_SHA2_256 integ=HMAC_SHA2_256_128 cipherkey=AES_CBC Aug 26 18:24:49.393836: | adding ikev2_inR1outI2 KE work-order 3 for state #1 Aug 26 18:24:49.393839: | state #1 requesting EVENT_RETRANSMIT to be deleted Aug 26 18:24:49.393842: | #1 STATE_PARENT_I1: retransmits: cleared Aug 26 18:24:49.393845: | libevent_free: release ptr-libevent@0x55ce53a747d0 Aug 26 18:24:49.393849: | free_event_entry: release EVENT_RETRANSMIT-pe@0x55ce53a74790 Aug 26 18:24:49.393853: | event_schedule: new EVENT_CRYPTO_TIMEOUT-pe@0x55ce53a74790 Aug 26 18:24:49.393857: | inserting event EVENT_CRYPTO_TIMEOUT, timeout in 60 seconds for #1 Aug 26 18:24:49.393860: | libevent_malloc: new ptr-libevent@0x55ce53a747d0 size 128 Aug 26 18:24:49.393871: | #1 spent 0.256 milliseconds in processing: Initiator: process IKE_SA_INIT reply, initiate IKE_AUTH in ikev2_process_state_packet() Aug 26 18:24:49.393876: | [RE]START processing: state #1 connection "north-eastnets/0x2" from 192.1.2.23 (in complete_v2_state_transition() at ikev2.c:3379) Aug 26 18:24:49.393880: | #1 complete_v2_state_transition() PARENT_I1->PARENT_I2 with status STF_SUSPEND Aug 26 18:24:49.393883: | suspending state #1 and saving MD Aug 26 18:24:49.393886: | #1 is busy; has a suspended MD Aug 26 18:24:49.393890: | [RE]START processing: state #1 connection "north-eastnets/0x2" from 192.1.2.23 (in log_stf_suspend() at ikev2.c:3269) Aug 26 18:24:49.393894: | "north-eastnets/0x2" #1 complete v2 state STATE_PARENT_I1 transition with STF_SUSPEND suspended from complete_v2_state_transition:3451 Aug 26 18:24:49.393899: | stop processing: state #1 connection "north-eastnets/0x2" from 192.1.2.23 (in ikev2_process_packet() at ikev2.c:2018) Aug 26 18:24:49.393903: | crypto helper 1 resuming Aug 26 18:24:49.393904: | #1 spent 0.588 milliseconds in ikev2_process_packet() Aug 26 18:24:49.393917: | crypto helper 1 starting work-order 3 for state #1 Aug 26 18:24:49.393924: | stop processing: from 192.1.2.23:500 (in process_md() at demux.c:380) Aug 26 18:24:49.393926: | crypto helper 1 doing compute dh (V2) (ikev2_inR1outI2 KE); request ID 3 Aug 26 18:24:49.393927: | processing: STOP state #0 (in process_md() at demux.c:382) Aug 26 18:24:49.393933: | processing: STOP connection NULL (in process_md() at demux.c:383) Aug 26 18:24:49.393929: | crypto helper is pausing for 1 seconds Aug 26 18:24:49.393938: | spent 0.618 milliseconds in comm_handle_cb() reading and processing packet Aug 26 18:24:49.536179: | crypto helper 2 finished build KE and nonce (ikev2_inI1outR1 KE); request ID 2 time elapsed 1.000672 seconds Aug 26 18:24:49.536198: | (#2) spent 0.637 milliseconds in crypto helper computing work-order 2: ikev2_inI1outR1 KE (pcr) Aug 26 18:24:49.536201: | crypto helper 2 sending results from work-order 2 for state #2 to event queue Aug 26 18:24:49.536203: | scheduling resume sending helper answer for #2 Aug 26 18:24:49.536206: | libevent_malloc: new ptr-libevent@0x7ffa9c006900 size 128 Aug 26 18:24:49.536215: | crypto helper 2 waiting (nothing to do) Aug 26 18:24:49.536247: | processing resume sending helper answer for #2 Aug 26 18:24:49.536259: | start processing: state #2 connection "north-eastnets/0x2" from 192.1.2.23:500 (in resume_handler() at server.c:797) Aug 26 18:24:49.536263: | crypto helper 2 replies to request ID 2 Aug 26 18:24:49.536265: | calling continuation function 0x55ce534e2b50 Aug 26 18:24:49.536267: | ikev2_parent_inI1outR1_continue for #2: calculated ke+nonce, sending R1 Aug 26 18:24:49.536273: | **emit ISAKMP Message: Aug 26 18:24:49.536275: | initiator cookie: Aug 26 18:24:49.536276: | df 94 67 26 a0 0a d8 6e Aug 26 18:24:49.536278: | responder cookie: Aug 26 18:24:49.536279: | 82 6d 3e 8a e9 b9 76 8e Aug 26 18:24:49.536281: | next payload type: ISAKMP_NEXT_NONE (0x0) Aug 26 18:24:49.536283: | ISAKMP version: IKEv2 version 2.0 (rfc4306/rfc5996) (0x20) Aug 26 18:24:49.536285: | exchange type: ISAKMP_v2_IKE_SA_INIT (0x22) Aug 26 18:24:49.536307: | flags: ISAKMP_FLAG_v2_MSG_RESPONSE (0x20) Aug 26 18:24:49.536313: | Message ID: 0 (0x0) Aug 26 18:24:49.536317: | next payload chain: saving message location 'ISAKMP Message'.'next payload type' Aug 26 18:24:49.536319: | Emitting ikev2_proposal ... Aug 26 18:24:49.536321: | ***emit IKEv2 Security Association Payload: Aug 26 18:24:49.536323: | next payload type: ISAKMP_NEXT_v2NONE (0x0) Aug 26 18:24:49.536324: | flags: none (0x0) Aug 26 18:24:49.536327: | next payload chain: setting previous 'ISAKMP Message'.'next payload type' to current IKEv2 Security Association Payload (33:ISAKMP_NEXT_v2SA) Aug 26 18:24:49.536332: | next payload chain: saving location 'IKEv2 Security Association Payload'.'next payload type' in 'reply packet' Aug 26 18:24:49.536335: | ****emit IKEv2 Proposal Substructure Payload: Aug 26 18:24:49.536336: | last proposal: v2_PROPOSAL_LAST (0x0) Aug 26 18:24:49.536338: | prop #: 1 (0x1) Aug 26 18:24:49.536340: | proto ID: IKEv2_SEC_PROTO_IKE (0x1) Aug 26 18:24:49.536341: | spi size: 0 (0x0) Aug 26 18:24:49.536343: | # transforms: 4 (0x4) Aug 26 18:24:49.536345: | last substructure: saving location 'IKEv2 Security Association Payload'.'IKEv2 Proposal Substructure Payload'.'last proposal' Aug 26 18:24:49.536347: | *****emit IKEv2 Transform Substructure Payload: Aug 26 18:24:49.536349: | last transform: v2_TRANSFORM_NON_LAST (0x3) Aug 26 18:24:49.536350: | IKEv2 transform type: TRANS_TYPE_ENCR (0x1) Aug 26 18:24:49.536352: | IKEv2 transform ID: AES_CBC (0xc) Aug 26 18:24:49.536354: | last substructure: saving location 'IKEv2 Proposal Substructure Payload'.'IKEv2 Transform Substructure Payload'.'last transform' Aug 26 18:24:49.536356: | ******emit IKEv2 Attribute Substructure Payload: Aug 26 18:24:49.536358: | af+type: AF+IKEv2_KEY_LENGTH (0x800e) Aug 26 18:24:49.536360: | length/value: 256 (0x100) Aug 26 18:24:49.536362: | emitting length of IKEv2 Transform Substructure Payload: 12 Aug 26 18:24:49.536364: | *****emit IKEv2 Transform Substructure Payload: Aug 26 18:24:49.536365: | last transform: v2_TRANSFORM_NON_LAST (0x3) Aug 26 18:24:49.536367: | IKEv2 transform type: TRANS_TYPE_PRF (0x2) Aug 26 18:24:49.536369: | IKEv2 transform ID: PRF_HMAC_SHA2_256 (0x5) Aug 26 18:24:49.536371: | last substructure: checking 'IKEv2 Proposal Substructure Payload'.'IKEv2 Transform Substructure Payload'.'last transform' is v2_TRANSFORM_NON_LAST (0x3) Aug 26 18:24:49.536373: | last substructure: saving location 'IKEv2 Proposal Substructure Payload'.'IKEv2 Transform Substructure Payload'.'last transform' Aug 26 18:24:49.536375: | emitting length of IKEv2 Transform Substructure Payload: 8 Aug 26 18:24:49.536376: | *****emit IKEv2 Transform Substructure Payload: Aug 26 18:24:49.536378: | last transform: v2_TRANSFORM_NON_LAST (0x3) Aug 26 18:24:49.536379: | IKEv2 transform type: TRANS_TYPE_INTEG (0x3) Aug 26 18:24:49.536381: | IKEv2 transform ID: AUTH_HMAC_SHA2_256_128 (0xc) Aug 26 18:24:49.536383: | last substructure: checking 'IKEv2 Proposal Substructure Payload'.'IKEv2 Transform Substructure Payload'.'last transform' is v2_TRANSFORM_NON_LAST (0x3) Aug 26 18:24:49.536385: | last substructure: saving location 'IKEv2 Proposal Substructure Payload'.'IKEv2 Transform Substructure Payload'.'last transform' Aug 26 18:24:49.536387: | emitting length of IKEv2 Transform Substructure Payload: 8 Aug 26 18:24:49.536388: | *****emit IKEv2 Transform Substructure Payload: Aug 26 18:24:49.536390: | last transform: v2_TRANSFORM_LAST (0x0) Aug 26 18:24:49.536392: | IKEv2 transform type: TRANS_TYPE_DH (0x4) Aug 26 18:24:49.536393: | IKEv2 transform ID: OAKLEY_GROUP_MODP2048 (0xe) Aug 26 18:24:49.536395: | last substructure: checking 'IKEv2 Proposal Substructure Payload'.'IKEv2 Transform Substructure Payload'.'last transform' is v2_TRANSFORM_NON_LAST (0x3) Aug 26 18:24:49.536397: | last substructure: saving location 'IKEv2 Proposal Substructure Payload'.'IKEv2 Transform Substructure Payload'.'last transform' Aug 26 18:24:49.536399: | emitting length of IKEv2 Transform Substructure Payload: 8 Aug 26 18:24:49.536401: | emitting length of IKEv2 Proposal Substructure Payload: 44 Aug 26 18:24:49.536403: | last substructure: checking 'IKEv2 Proposal Substructure Payload'.'IKEv2 Transform Substructure Payload'.'last transform' is 0 Aug 26 18:24:49.536404: | emitting length of IKEv2 Security Association Payload: 48 Aug 26 18:24:49.536406: | last substructure: checking 'IKEv2 Security Association Payload'.'IKEv2 Proposal Substructure Payload'.'last proposal' is 0 Aug 26 18:24:49.536409: | ***emit IKEv2 Key Exchange Payload: Aug 26 18:24:49.536412: | next payload type: ISAKMP_NEXT_v2NONE (0x0) Aug 26 18:24:49.536413: | flags: none (0x0) Aug 26 18:24:49.536415: | DH group: OAKLEY_GROUP_MODP2048 (0xe) Aug 26 18:24:49.536417: | next payload chain: setting previous 'IKEv2 Security Association Payload'.'next payload type' to current IKEv2 Key Exchange Payload (34:ISAKMP_NEXT_v2KE) Aug 26 18:24:49.536419: | next payload chain: saving location 'IKEv2 Key Exchange Payload'.'next payload type' in 'reply packet' Aug 26 18:24:49.536421: | emitting 256 raw bytes of ikev2 g^x into IKEv2 Key Exchange Payload Aug 26 18:24:49.536423: | ikev2 g^x e8 af bf 21 43 9f 3e 70 78 bb d6 d7 2f 46 13 f1 Aug 26 18:24:49.536425: | ikev2 g^x 10 a9 f3 1c 2f 6f 9b 86 2d f3 02 d1 5e 93 4f 2b Aug 26 18:24:49.536426: | ikev2 g^x 85 a5 03 62 02 50 78 3a 53 f5 71 14 0d 2b 40 8e Aug 26 18:24:49.536428: | ikev2 g^x ff 19 24 77 68 06 57 b5 79 82 a6 1e 9b 65 96 4e Aug 26 18:24:49.536429: | ikev2 g^x c5 d4 69 2a 11 69 9c b9 30 8e 32 89 60 cf c6 1d Aug 26 18:24:49.536431: | ikev2 g^x 83 77 a8 56 14 6a ef 87 d5 a6 1b 05 a4 e0 18 39 Aug 26 18:24:49.536432: | ikev2 g^x 7f 2d d0 bc ac 00 66 17 a6 02 1d 2a 2d 61 bb d0 Aug 26 18:24:49.536434: | ikev2 g^x 40 cb 35 dd 65 07 f2 cd 30 c3 fc b8 20 5c 24 0b Aug 26 18:24:49.536436: | ikev2 g^x 08 1d 52 2a 14 42 24 4e 09 66 4c 4a ee 53 89 fa Aug 26 18:24:49.536437: | ikev2 g^x 0a 7e 14 65 86 57 e6 bd 4a 7c 03 1a fd f4 6e 55 Aug 26 18:24:49.536439: | ikev2 g^x 36 3a 7d 02 1b 8b f5 f9 e7 20 f0 5d ba 8d 90 5a Aug 26 18:24:49.536440: | ikev2 g^x 68 39 90 67 61 c2 bf b0 ca 0b 5d 1e 56 c9 3e 2f Aug 26 18:24:49.536442: | ikev2 g^x 90 77 91 1a 9a 48 8f c0 90 45 14 2d 0c a9 11 96 Aug 26 18:24:49.536443: | ikev2 g^x 9e f1 11 7a fa ed da b9 66 4c 7c 2d ec 9f c2 de Aug 26 18:24:49.536445: | ikev2 g^x 5d f0 e2 d2 79 72 18 15 42 48 5a 8d f1 3d ec 78 Aug 26 18:24:49.536446: | ikev2 g^x 26 cc 09 5e f8 7c 63 3e a3 3a 85 01 09 fc e4 1d Aug 26 18:24:49.536448: | emitting length of IKEv2 Key Exchange Payload: 264 Aug 26 18:24:49.536450: | ***emit IKEv2 Nonce Payload: Aug 26 18:24:49.536452: | next payload type: ISAKMP_NEXT_v2N (0x29) Aug 26 18:24:49.536453: | flags: none (0x0) Aug 26 18:24:49.536455: | next payload chain: ignoring supplied 'IKEv2 Nonce Payload'.'next payload type' value 41:ISAKMP_NEXT_v2N Aug 26 18:24:49.536457: | next payload chain: setting previous 'IKEv2 Key Exchange Payload'.'next payload type' to current IKEv2 Nonce Payload (40:ISAKMP_NEXT_v2Ni) Aug 26 18:24:49.536459: | next payload chain: saving location 'IKEv2 Nonce Payload'.'next payload type' in 'reply packet' Aug 26 18:24:49.536461: | emitting 32 raw bytes of IKEv2 nonce into IKEv2 Nonce Payload Aug 26 18:24:49.536462: | IKEv2 nonce 18 6c 12 7b 43 7e f5 4b 92 72 7a 37 69 39 72 dc Aug 26 18:24:49.536464: | IKEv2 nonce 3f 70 50 9a c7 a0 ee 93 95 80 bd 3f 27 a5 86 f5 Aug 26 18:24:49.536466: | emitting length of IKEv2 Nonce Payload: 36 Aug 26 18:24:49.536468: | Adding a v2N Payload Aug 26 18:24:49.536470: | ***emit IKEv2 Notify Payload: Aug 26 18:24:49.536471: | next payload type: ISAKMP_NEXT_v2NONE (0x0) Aug 26 18:24:49.536473: | flags: none (0x0) Aug 26 18:24:49.536475: | Protocol ID: PROTO_v2_RESERVED (0x0) Aug 26 18:24:49.536476: | SPI size: 0 (0x0) Aug 26 18:24:49.536478: | Notify Message Type: v2N_IKEV2_FRAGMENTATION_SUPPORTED (0x402e) Aug 26 18:24:49.536480: | next payload chain: setting previous 'IKEv2 Nonce Payload'.'next payload type' to current IKEv2 Notify Payload (41:ISAKMP_NEXT_v2N) Aug 26 18:24:49.536482: | next payload chain: saving location 'IKEv2 Notify Payload'.'next payload type' in 'reply packet' Aug 26 18:24:49.536484: | emitting length of IKEv2 Notify Payload: 8 Aug 26 18:24:49.536486: | NAT-Traversal support [enabled] add v2N payloads. Aug 26 18:24:49.536496: | natd_hash: hasher=0x55ce535b7800(20) Aug 26 18:24:49.536498: | natd_hash: icookie= df 94 67 26 a0 0a d8 6e Aug 26 18:24:49.536499: | natd_hash: rcookie= 82 6d 3e 8a e9 b9 76 8e Aug 26 18:24:49.536501: | natd_hash: ip= c0 01 03 21 Aug 26 18:24:49.536503: | natd_hash: port=500 Aug 26 18:24:49.536505: | natd_hash: hash= dd dd 7e d7 70 0f cd bf 06 43 c4 34 9b 7e c1 85 Aug 26 18:24:49.536507: | natd_hash: hash= cc 6b 6d f6 Aug 26 18:24:49.536508: | Adding a v2N Payload Aug 26 18:24:49.536510: | ***emit IKEv2 Notify Payload: Aug 26 18:24:49.536511: | next payload type: ISAKMP_NEXT_v2NONE (0x0) Aug 26 18:24:49.536513: | flags: none (0x0) Aug 26 18:24:49.536515: | Protocol ID: PROTO_v2_RESERVED (0x0) Aug 26 18:24:49.536516: | SPI size: 0 (0x0) Aug 26 18:24:49.536518: | Notify Message Type: v2N_NAT_DETECTION_SOURCE_IP (0x4004) Aug 26 18:24:49.536520: | next payload chain: setting previous 'IKEv2 Notify Payload'.'next payload type' to current IKEv2 Notify Payload (41:ISAKMP_NEXT_v2N) Aug 26 18:24:49.536522: | next payload chain: saving location 'IKEv2 Notify Payload'.'next payload type' in 'reply packet' Aug 26 18:24:49.536524: | emitting 20 raw bytes of Notify data into IKEv2 Notify Payload Aug 26 18:24:49.536525: | Notify data dd dd 7e d7 70 0f cd bf 06 43 c4 34 9b 7e c1 85 Aug 26 18:24:49.536527: | Notify data cc 6b 6d f6 Aug 26 18:24:49.536528: | emitting length of IKEv2 Notify Payload: 28 Aug 26 18:24:49.536532: | natd_hash: hasher=0x55ce535b7800(20) Aug 26 18:24:49.536534: | natd_hash: icookie= df 94 67 26 a0 0a d8 6e Aug 26 18:24:49.536536: | natd_hash: rcookie= 82 6d 3e 8a e9 b9 76 8e Aug 26 18:24:49.536537: | natd_hash: ip= c0 01 02 17 Aug 26 18:24:49.536538: | natd_hash: port=500 Aug 26 18:24:49.536540: | natd_hash: hash= b3 65 c5 7c 5e 4c 73 63 4c 53 ca 21 de 6c 10 02 Aug 26 18:24:49.536542: | natd_hash: hash= 7e 22 84 04 Aug 26 18:24:49.536543: | Adding a v2N Payload Aug 26 18:24:49.536545: | ***emit IKEv2 Notify Payload: Aug 26 18:24:49.536546: | next payload type: ISAKMP_NEXT_v2NONE (0x0) Aug 26 18:24:49.536548: | flags: none (0x0) Aug 26 18:24:49.536549: | Protocol ID: PROTO_v2_RESERVED (0x0) Aug 26 18:24:49.536551: | SPI size: 0 (0x0) Aug 26 18:24:49.536553: | Notify Message Type: v2N_NAT_DETECTION_DESTINATION_IP (0x4005) Aug 26 18:24:49.536555: | next payload chain: setting previous 'IKEv2 Notify Payload'.'next payload type' to current IKEv2 Notify Payload (41:ISAKMP_NEXT_v2N) Aug 26 18:24:49.536556: | next payload chain: saving location 'IKEv2 Notify Payload'.'next payload type' in 'reply packet' Aug 26 18:24:49.536558: | emitting 20 raw bytes of Notify data into IKEv2 Notify Payload Aug 26 18:24:49.536560: | Notify data b3 65 c5 7c 5e 4c 73 63 4c 53 ca 21 de 6c 10 02 Aug 26 18:24:49.536561: | Notify data 7e 22 84 04 Aug 26 18:24:49.536563: | emitting length of IKEv2 Notify Payload: 28 Aug 26 18:24:49.536564: | emitting length of ISAKMP Message: 440 Aug 26 18:24:49.536570: | [RE]START processing: state #2 connection "north-eastnets/0x2" from 192.1.2.23:500 (in complete_v2_state_transition() at ikev2.c:3379) Aug 26 18:24:49.536573: | #2 complete_v2_state_transition() PARENT_R0->PARENT_R1 with status STF_OK Aug 26 18:24:49.536575: | IKEv2: transition from state STATE_PARENT_R0 to state STATE_PARENT_R1 Aug 26 18:24:49.536577: | parent state #2: PARENT_R0(half-open IKE SA) => PARENT_R1(half-open IKE SA) Aug 26 18:24:49.536579: | Message ID: updating counters for #2 to 0 after switching state Aug 26 18:24:49.536583: | Message ID: recv #2 request 0; ike: initiator.sent=-1 initiator.recv=-1 responder.sent=-1 responder.recv=-1->0 wip.initiator=-1 wip.responder=0->-1 Aug 26 18:24:49.536586: | Message ID: sent #2 response 0; ike: initiator.sent=-1 initiator.recv=-1 responder.sent=-1->0 responder.recv=0 wip.initiator=-1 wip.responder=-1 Aug 26 18:24:49.536589: "north-eastnets/0x2" #2: STATE_PARENT_R1: received v2I1, sent v2R1 {auth=IKEv2 cipher=AES_CBC_256 integ=HMAC_SHA2_256_128 prf=HMAC_SHA2_256 group=MODP2048} Aug 26 18:24:49.536592: | sending V2 new request packet to 192.1.2.23:500 (from 192.1.3.33:500) Aug 26 18:24:49.536596: | sending 440 bytes for STATE_PARENT_R0 through eth1 from 192.1.3.33:500 to 192.1.2.23:500 (using #2) Aug 26 18:24:49.536598: | df 94 67 26 a0 0a d8 6e 82 6d 3e 8a e9 b9 76 8e Aug 26 18:24:49.536601: | 21 20 22 20 00 00 00 00 00 00 01 b8 22 00 00 30 Aug 26 18:24:49.536603: | 00 00 00 2c 01 01 00 04 03 00 00 0c 01 00 00 0c Aug 26 18:24:49.536604: | 80 0e 01 00 03 00 00 08 02 00 00 05 03 00 00 08 Aug 26 18:24:49.536606: | 03 00 00 0c 00 00 00 08 04 00 00 0e 28 00 01 08 Aug 26 18:24:49.536607: | 00 0e 00 00 e8 af bf 21 43 9f 3e 70 78 bb d6 d7 Aug 26 18:24:49.536609: | 2f 46 13 f1 10 a9 f3 1c 2f 6f 9b 86 2d f3 02 d1 Aug 26 18:24:49.536610: | 5e 93 4f 2b 85 a5 03 62 02 50 78 3a 53 f5 71 14 Aug 26 18:24:49.536612: | 0d 2b 40 8e ff 19 24 77 68 06 57 b5 79 82 a6 1e Aug 26 18:24:49.536613: | 9b 65 96 4e c5 d4 69 2a 11 69 9c b9 30 8e 32 89 Aug 26 18:24:49.536615: | 60 cf c6 1d 83 77 a8 56 14 6a ef 87 d5 a6 1b 05 Aug 26 18:24:49.536616: | a4 e0 18 39 7f 2d d0 bc ac 00 66 17 a6 02 1d 2a Aug 26 18:24:49.536618: | 2d 61 bb d0 40 cb 35 dd 65 07 f2 cd 30 c3 fc b8 Aug 26 18:24:49.536619: | 20 5c 24 0b 08 1d 52 2a 14 42 24 4e 09 66 4c 4a Aug 26 18:24:49.536621: | ee 53 89 fa 0a 7e 14 65 86 57 e6 bd 4a 7c 03 1a Aug 26 18:24:49.536622: | fd f4 6e 55 36 3a 7d 02 1b 8b f5 f9 e7 20 f0 5d Aug 26 18:24:49.536624: | ba 8d 90 5a 68 39 90 67 61 c2 bf b0 ca 0b 5d 1e Aug 26 18:24:49.536625: | 56 c9 3e 2f 90 77 91 1a 9a 48 8f c0 90 45 14 2d Aug 26 18:24:49.536627: | 0c a9 11 96 9e f1 11 7a fa ed da b9 66 4c 7c 2d Aug 26 18:24:49.536628: | ec 9f c2 de 5d f0 e2 d2 79 72 18 15 42 48 5a 8d Aug 26 18:24:49.536630: | f1 3d ec 78 26 cc 09 5e f8 7c 63 3e a3 3a 85 01 Aug 26 18:24:49.536631: | 09 fc e4 1d 29 00 00 24 18 6c 12 7b 43 7e f5 4b Aug 26 18:24:49.536633: | 92 72 7a 37 69 39 72 dc 3f 70 50 9a c7 a0 ee 93 Aug 26 18:24:49.536634: | 95 80 bd 3f 27 a5 86 f5 29 00 00 08 00 00 40 2e Aug 26 18:24:49.536636: | 29 00 00 1c 00 00 40 04 dd dd 7e d7 70 0f cd bf Aug 26 18:24:49.536637: | 06 43 c4 34 9b 7e c1 85 cc 6b 6d f6 00 00 00 1c Aug 26 18:24:49.536639: | 00 00 40 05 b3 65 c5 7c 5e 4c 73 63 4c 53 ca 21 Aug 26 18:24:49.536640: | de 6c 10 02 7e 22 84 04 Aug 26 18:24:49.536896: | state #2 requesting EVENT_CRYPTO_TIMEOUT to be deleted Aug 26 18:24:49.536903: | libevent_free: release ptr-libevent@0x55ce53a77790 Aug 26 18:24:49.536906: | free_event_entry: release EVENT_CRYPTO_TIMEOUT-pe@0x55ce53a75d70 Aug 26 18:24:49.536909: | event_schedule: new EVENT_SO_DISCARD-pe@0x7ffaa4002b20 Aug 26 18:24:49.536913: | inserting event EVENT_SO_DISCARD, timeout in 200 seconds for #2 Aug 26 18:24:49.536916: | libevent_malloc: new ptr-libevent@0x55ce53a77790 size 128 Aug 26 18:24:49.536920: | resume sending helper answer for #2 suppresed complete_v2_state_transition() Aug 26 18:24:49.536926: | #2 spent 0.624 milliseconds in resume sending helper answer Aug 26 18:24:49.536931: | stop processing: state #2 connection "north-eastnets/0x2" from 192.1.2.23:500 (in resume_handler() at server.c:833) Aug 26 18:24:49.536934: | libevent_free: release ptr-libevent@0x7ffa9c006900 Aug 26 18:24:49.542210: | spent 0.00273 milliseconds in comm_handle_cb() calling check_incoming_msg_errqueue() Aug 26 18:24:49.542231: | *received 464 bytes from 192.1.2.23:500 on eth1 (192.1.3.33:500) Aug 26 18:24:49.542235: | df 94 67 26 a0 0a d8 6e 82 6d 3e 8a e9 b9 76 8e Aug 26 18:24:49.542238: | 2e 20 23 08 00 00 00 01 00 00 01 d0 23 00 01 b4 Aug 26 18:24:49.542240: | ad d9 e8 3f 4a bf 60 81 cb e2 2a ba 70 ac 1e b2 Aug 26 18:24:49.542242: | 26 59 16 50 3e 8a 65 49 b9 61 10 62 f4 28 66 7a Aug 26 18:24:49.542245: | 65 17 e5 81 f0 68 32 65 b2 50 6e ac 2c f8 bd fb Aug 26 18:24:49.542247: | a2 ba 55 d6 c9 62 d9 93 3b 91 88 de 90 cb 73 c9 Aug 26 18:24:49.542249: | a4 e6 a2 56 f4 15 dc 13 b5 39 ab 5e 2f 16 f9 24 Aug 26 18:24:49.542251: | 94 73 45 8c 55 0d 47 71 59 3f 08 a0 26 21 84 8f Aug 26 18:24:49.542252: | 0b 94 f8 9b 20 a6 54 3e 02 5e 90 1a ec 96 cc 98 Aug 26 18:24:49.542254: | 63 94 09 27 4e 0b db 7e 71 de f1 9c 81 ab dd 3d Aug 26 18:24:49.542255: | ed cc d9 82 13 57 0f 22 df 19 1d 4e 25 15 e7 28 Aug 26 18:24:49.542259: | 49 34 1f 51 53 b4 95 22 e0 6f f7 fa 3e cc 1f 24 Aug 26 18:24:49.542261: | b3 48 59 b6 a1 bd 71 a5 ec 4c 24 36 d2 cf 6e dc Aug 26 18:24:49.542262: | e6 7d 82 69 7a e3 38 0e c0 cc 26 7c e8 0d 44 4c Aug 26 18:24:49.542264: | 98 86 ac ed f4 56 20 6a 16 80 2e a0 84 fa 3e 7a Aug 26 18:24:49.542265: | 04 a1 16 da 10 73 36 4f 91 10 9f db 39 74 56 be Aug 26 18:24:49.542267: | 88 ea a9 77 56 19 a3 b1 e1 1c f1 ad 67 52 8b 10 Aug 26 18:24:49.542268: | bb c8 fa c7 34 10 11 9c 31 18 a3 05 89 b5 93 81 Aug 26 18:24:49.542270: | 82 7d 2f 4b e3 d2 d8 df 7b 1a e9 38 38 30 e5 99 Aug 26 18:24:49.542271: | c8 08 30 93 49 8d 5e a9 3b f1 2e 55 ef 0c 7b 94 Aug 26 18:24:49.542273: | 37 c0 a9 5c be af 6d fe 70 b1 2a e9 3d 4a 05 7d Aug 26 18:24:49.542274: | b7 0b 90 08 9c a8 64 c2 7f 62 9d 02 8f 46 de 54 Aug 26 18:24:49.542276: | 9d cc 58 68 8d 51 23 a9 74 4a 57 e5 0f 2e a5 e7 Aug 26 18:24:49.542277: | a3 48 86 ed 7c 7d 06 f9 f2 78 46 05 e1 ad 4d 9c Aug 26 18:24:49.542279: | e7 ab 84 56 ab bf 17 07 98 f0 e6 40 b7 0a ec 29 Aug 26 18:24:49.542280: | 5a 8c 01 34 d2 fc 92 dc a8 83 e4 b7 ce 18 5b e8 Aug 26 18:24:49.542282: | 03 ae bd 89 4e 2d 35 a8 88 90 f3 18 32 85 d8 17 Aug 26 18:24:49.542283: | 79 f0 fc 25 f5 54 ef b7 44 b8 8c cb 3a 99 16 bf Aug 26 18:24:49.542285: | 51 20 b7 7f b0 70 79 c2 78 b7 77 05 10 c0 35 d6 Aug 26 18:24:49.542300: | start processing: from 192.1.2.23:500 (in process_md() at demux.c:378) Aug 26 18:24:49.542305: | **parse ISAKMP Message: Aug 26 18:24:49.542307: | initiator cookie: Aug 26 18:24:49.542309: | df 94 67 26 a0 0a d8 6e Aug 26 18:24:49.542311: | responder cookie: Aug 26 18:24:49.542312: | 82 6d 3e 8a e9 b9 76 8e Aug 26 18:24:49.542314: | next payload type: ISAKMP_NEXT_v2SK (0x2e) Aug 26 18:24:49.542316: | ISAKMP version: IKEv2 version 2.0 (rfc4306/rfc5996) (0x20) Aug 26 18:24:49.542318: | exchange type: ISAKMP_v2_IKE_AUTH (0x23) Aug 26 18:24:49.542319: | flags: ISAKMP_FLAG_v2_IKE_INIT (0x8) Aug 26 18:24:49.542321: | Message ID: 1 (0x1) Aug 26 18:24:49.542323: | length: 464 (0x1d0) Aug 26 18:24:49.542325: | processing version=2.0 packet with exchange type=ISAKMP_v2_IKE_AUTH (35) Aug 26 18:24:49.542327: | I am the IKE SA Original Responder receiving an IKEv2 IKE_AUTH request Aug 26 18:24:49.542330: | State DB: found IKEv2 state #2 in PARENT_R1 (find_v2_ike_sa) Aug 26 18:24:49.542334: | start processing: state #2 connection "north-eastnets/0x2" from 192.1.2.23:500 (in ikev2_process_packet() at ikev2.c:2016) Aug 26 18:24:49.542336: | State DB: IKEv2 state not found (find_v2_sa_by_responder_wip) Aug 26 18:24:49.542339: | [RE]START processing: state #2 connection "north-eastnets/0x2" from 192.1.2.23:500 (in ike_process_packet() at ikev2.c:2064) Aug 26 18:24:49.542341: | #2 st.st_msgid_lastrecv 0 md.hdr.isa_msgid 00000001 Aug 26 18:24:49.542344: | Message ID: #2 not a duplicate - message is new; initiator.sent=-1 initiator.recv=-1 responder.sent=0 responder.recv=0 Aug 26 18:24:49.542346: | unpacking clear payload Aug 26 18:24:49.542348: | Now let's proceed with payload (ISAKMP_NEXT_v2SK) Aug 26 18:24:49.542350: | ***parse IKEv2 Encryption Payload: Aug 26 18:24:49.542351: | next payload type: ISAKMP_NEXT_v2IDi (0x23) Aug 26 18:24:49.542353: | flags: none (0x0) Aug 26 18:24:49.542355: | length: 436 (0x1b4) Aug 26 18:24:49.542356: | processing payload: ISAKMP_NEXT_v2SK (len=432) Aug 26 18:24:49.542359: | Message ID: start-responder #2 request 1; ike: initiator.sent=-1 initiator.recv=-1 responder.sent=0 responder.recv=0 wip.initiator=-1 wip.responder=-1->1 Aug 26 18:24:49.542361: | #2 in state PARENT_R1: received v2I1, sent v2R1 Aug 26 18:24:49.542363: | selected state microcode Responder: process IKE_AUTH request (no SKEYSEED) Aug 26 18:24:49.542365: | Now let's proceed with state specific processing Aug 26 18:24:49.542367: | calling processor Responder: process IKE_AUTH request (no SKEYSEED) Aug 26 18:24:49.542369: | ikev2 parent inI2outR2: calculating g^{xy} in order to decrypt I2 Aug 26 18:24:49.542376: | offloading IKEv2 SKEYSEED using prf=HMAC_SHA2_256 integ=HMAC_SHA2_256_128 cipherkey=AES_CBC Aug 26 18:24:49.542379: | adding ikev2_inI2outR2 KE work-order 4 for state #2 Aug 26 18:24:49.542381: | state #2 requesting EVENT_SO_DISCARD to be deleted Aug 26 18:24:49.542384: | libevent_free: release ptr-libevent@0x55ce53a77790 Aug 26 18:24:49.542386: | free_event_entry: release EVENT_SO_DISCARD-pe@0x7ffaa4002b20 Aug 26 18:24:49.542388: | event_schedule: new EVENT_CRYPTO_TIMEOUT-pe@0x7ffaa4002b20 Aug 26 18:24:49.542390: | inserting event EVENT_CRYPTO_TIMEOUT, timeout in 60 seconds for #2 Aug 26 18:24:49.542392: | libevent_malloc: new ptr-libevent@0x55ce53a77790 size 128 Aug 26 18:24:49.542400: | #2 spent 0.0299 milliseconds in processing: Responder: process IKE_AUTH request (no SKEYSEED) in ikev2_process_state_packet() Aug 26 18:24:49.542404: | [RE]START processing: state #2 connection "north-eastnets/0x2" from 192.1.2.23:500 (in complete_v2_state_transition() at ikev2.c:3379) Aug 26 18:24:49.542406: | #2 complete_v2_state_transition() PARENT_R1->PARENT_R1 with status STF_SUSPEND Aug 26 18:24:49.542408: | suspending state #2 and saving MD Aug 26 18:24:49.542410: | #2 is busy; has a suspended MD Aug 26 18:24:49.542413: | [RE]START processing: state #2 connection "north-eastnets/0x2" from 192.1.2.23:500 (in log_stf_suspend() at ikev2.c:3269) Aug 26 18:24:49.542415: | "north-eastnets/0x2" #2 complete v2 state STATE_PARENT_R1 transition with STF_SUSPEND suspended from complete_v2_state_transition:3451 Aug 26 18:24:49.542418: | stop processing: state #2 connection "north-eastnets/0x2" from 192.1.2.23:500 (in ikev2_process_packet() at ikev2.c:2018) Aug 26 18:24:49.542421: | #2 spent 0.189 milliseconds in ikev2_process_packet() Aug 26 18:24:49.542423: | stop processing: from 192.1.2.23:500 (in process_md() at demux.c:380) Aug 26 18:24:49.542426: | processing: STOP state #0 (in process_md() at demux.c:382) Aug 26 18:24:49.542427: | processing: STOP connection NULL (in process_md() at demux.c:383) Aug 26 18:24:49.542430: | spent 0.199 milliseconds in comm_handle_cb() reading and processing packet Aug 26 18:24:49.542437: | crypto helper 3 resuming Aug 26 18:24:49.542446: | crypto helper 3 starting work-order 4 for state #2 Aug 26 18:24:49.542450: | crypto helper 3 doing compute dh (V2) (ikev2_inI2outR2 KE); request ID 4 Aug 26 18:24:49.542451: | crypto helper is pausing for 1 seconds Aug 26 18:24:49.592474: | spent 0.0036 milliseconds in comm_handle_cb() calling check_incoming_msg_errqueue() Aug 26 18:24:49.592503: | *received 464 bytes from 192.1.2.23:500 on eth1 (192.1.3.33:500) Aug 26 18:24:49.592507: | df 94 67 26 a0 0a d8 6e 82 6d 3e 8a e9 b9 76 8e Aug 26 18:24:49.592510: | 2e 20 23 08 00 00 00 01 00 00 01 d0 23 00 01 b4 Aug 26 18:24:49.592513: | ad d9 e8 3f 4a bf 60 81 cb e2 2a ba 70 ac 1e b2 Aug 26 18:24:49.592516: | 26 59 16 50 3e 8a 65 49 b9 61 10 62 f4 28 66 7a Aug 26 18:24:49.592518: | 65 17 e5 81 f0 68 32 65 b2 50 6e ac 2c f8 bd fb Aug 26 18:24:49.592521: | a2 ba 55 d6 c9 62 d9 93 3b 91 88 de 90 cb 73 c9 Aug 26 18:24:49.592523: | a4 e6 a2 56 f4 15 dc 13 b5 39 ab 5e 2f 16 f9 24 Aug 26 18:24:49.592526: | 94 73 45 8c 55 0d 47 71 59 3f 08 a0 26 21 84 8f Aug 26 18:24:49.592529: | 0b 94 f8 9b 20 a6 54 3e 02 5e 90 1a ec 96 cc 98 Aug 26 18:24:49.592532: | 63 94 09 27 4e 0b db 7e 71 de f1 9c 81 ab dd 3d Aug 26 18:24:49.592534: | ed cc d9 82 13 57 0f 22 df 19 1d 4e 25 15 e7 28 Aug 26 18:24:49.592537: | 49 34 1f 51 53 b4 95 22 e0 6f f7 fa 3e cc 1f 24 Aug 26 18:24:49.592540: | b3 48 59 b6 a1 bd 71 a5 ec 4c 24 36 d2 cf 6e dc Aug 26 18:24:49.592543: | e6 7d 82 69 7a e3 38 0e c0 cc 26 7c e8 0d 44 4c Aug 26 18:24:49.592545: | 98 86 ac ed f4 56 20 6a 16 80 2e a0 84 fa 3e 7a Aug 26 18:24:49.592547: | 04 a1 16 da 10 73 36 4f 91 10 9f db 39 74 56 be Aug 26 18:24:49.592550: | 88 ea a9 77 56 19 a3 b1 e1 1c f1 ad 67 52 8b 10 Aug 26 18:24:49.592552: | bb c8 fa c7 34 10 11 9c 31 18 a3 05 89 b5 93 81 Aug 26 18:24:49.592557: | 82 7d 2f 4b e3 d2 d8 df 7b 1a e9 38 38 30 e5 99 Aug 26 18:24:49.592560: | c8 08 30 93 49 8d 5e a9 3b f1 2e 55 ef 0c 7b 94 Aug 26 18:24:49.592563: | 37 c0 a9 5c be af 6d fe 70 b1 2a e9 3d 4a 05 7d Aug 26 18:24:49.592565: | b7 0b 90 08 9c a8 64 c2 7f 62 9d 02 8f 46 de 54 Aug 26 18:24:49.592568: | 9d cc 58 68 8d 51 23 a9 74 4a 57 e5 0f 2e a5 e7 Aug 26 18:24:49.592570: | a3 48 86 ed 7c 7d 06 f9 f2 78 46 05 e1 ad 4d 9c Aug 26 18:24:49.592572: | e7 ab 84 56 ab bf 17 07 98 f0 e6 40 b7 0a ec 29 Aug 26 18:24:49.592575: | 5a 8c 01 34 d2 fc 92 dc a8 83 e4 b7 ce 18 5b e8 Aug 26 18:24:49.592577: | 03 ae bd 89 4e 2d 35 a8 88 90 f3 18 32 85 d8 17 Aug 26 18:24:49.592579: | 79 f0 fc 25 f5 54 ef b7 44 b8 8c cb 3a 99 16 bf Aug 26 18:24:49.592582: | 51 20 b7 7f b0 70 79 c2 78 b7 77 05 10 c0 35 d6 Aug 26 18:24:49.592587: | start processing: from 192.1.2.23:500 (in process_md() at demux.c:378) Aug 26 18:24:49.592591: | **parse ISAKMP Message: Aug 26 18:24:49.592594: | initiator cookie: Aug 26 18:24:49.592597: | df 94 67 26 a0 0a d8 6e Aug 26 18:24:49.592599: | responder cookie: Aug 26 18:24:49.592602: | 82 6d 3e 8a e9 b9 76 8e Aug 26 18:24:49.592605: | next payload type: ISAKMP_NEXT_v2SK (0x2e) Aug 26 18:24:49.592608: | ISAKMP version: IKEv2 version 2.0 (rfc4306/rfc5996) (0x20) Aug 26 18:24:49.592611: | exchange type: ISAKMP_v2_IKE_AUTH (0x23) Aug 26 18:24:49.592614: | flags: ISAKMP_FLAG_v2_IKE_INIT (0x8) Aug 26 18:24:49.592617: | Message ID: 1 (0x1) Aug 26 18:24:49.592619: | length: 464 (0x1d0) Aug 26 18:24:49.592623: | processing version=2.0 packet with exchange type=ISAKMP_v2_IKE_AUTH (35) Aug 26 18:24:49.592625: | I am the IKE SA Original Responder receiving an IKEv2 IKE_AUTH request Aug 26 18:24:49.592628: | State DB: found IKEv2 state #2 in PARENT_R1 (find_v2_ike_sa) Aug 26 18:24:49.592633: | start processing: state #2 connection "north-eastnets/0x2" from 192.1.2.23:500 (in ikev2_process_packet() at ikev2.c:2016) Aug 26 18:24:49.592636: | [RE]START processing: state #2 connection "north-eastnets/0x2" from 192.1.2.23:500 (in ike_process_packet() at ikev2.c:2062) Aug 26 18:24:49.592638: | #2 st.st_msgid_lastrecv 0 md.hdr.isa_msgid 00000001 Aug 26 18:24:49.592640: "north-eastnets/0x2" #2: discarding packet received during asynchronous work (DNS or crypto) in STATE_PARENT_R1 Aug 26 18:24:49.592643: | stop processing: state #2 connection "north-eastnets/0x2" from 192.1.2.23:500 (in ikev2_process_packet() at ikev2.c:2018) Aug 26 18:24:49.592647: | #2 spent 0.158 milliseconds in ikev2_process_packet() Aug 26 18:24:49.592650: | stop processing: from 192.1.2.23:500 (in process_md() at demux.c:380) Aug 26 18:24:49.592652: | processing: STOP state #0 (in process_md() at demux.c:382) Aug 26 18:24:49.592654: | processing: STOP connection NULL (in process_md() at demux.c:383) Aug 26 18:24:49.592657: | spent 0.168 milliseconds in comm_handle_cb() reading and processing packet Aug 26 18:24:49.643805: | spent 0.00339 milliseconds in comm_handle_cb() calling check_incoming_msg_errqueue() Aug 26 18:24:49.643829: | *received 464 bytes from 192.1.2.23:500 on eth1 (192.1.3.33:500) Aug 26 18:24:49.643834: | df 94 67 26 a0 0a d8 6e 82 6d 3e 8a e9 b9 76 8e Aug 26 18:24:49.643837: | 2e 20 23 08 00 00 00 01 00 00 01 d0 23 00 01 b4 Aug 26 18:24:49.643839: | ad d9 e8 3f 4a bf 60 81 cb e2 2a ba 70 ac 1e b2 Aug 26 18:24:49.643842: | 26 59 16 50 3e 8a 65 49 b9 61 10 62 f4 28 66 7a Aug 26 18:24:49.643845: | 65 17 e5 81 f0 68 32 65 b2 50 6e ac 2c f8 bd fb Aug 26 18:24:49.643848: | a2 ba 55 d6 c9 62 d9 93 3b 91 88 de 90 cb 73 c9 Aug 26 18:24:49.643850: | a4 e6 a2 56 f4 15 dc 13 b5 39 ab 5e 2f 16 f9 24 Aug 26 18:24:49.643853: | 94 73 45 8c 55 0d 47 71 59 3f 08 a0 26 21 84 8f Aug 26 18:24:49.643855: | 0b 94 f8 9b 20 a6 54 3e 02 5e 90 1a ec 96 cc 98 Aug 26 18:24:49.643858: | 63 94 09 27 4e 0b db 7e 71 de f1 9c 81 ab dd 3d Aug 26 18:24:49.643860: | ed cc d9 82 13 57 0f 22 df 19 1d 4e 25 15 e7 28 Aug 26 18:24:49.643865: | 49 34 1f 51 53 b4 95 22 e0 6f f7 fa 3e cc 1f 24 Aug 26 18:24:49.643868: | b3 48 59 b6 a1 bd 71 a5 ec 4c 24 36 d2 cf 6e dc Aug 26 18:24:49.643870: | e6 7d 82 69 7a e3 38 0e c0 cc 26 7c e8 0d 44 4c Aug 26 18:24:49.643873: | 98 86 ac ed f4 56 20 6a 16 80 2e a0 84 fa 3e 7a Aug 26 18:24:49.643875: | 04 a1 16 da 10 73 36 4f 91 10 9f db 39 74 56 be Aug 26 18:24:49.643878: | 88 ea a9 77 56 19 a3 b1 e1 1c f1 ad 67 52 8b 10 Aug 26 18:24:49.643880: | bb c8 fa c7 34 10 11 9c 31 18 a3 05 89 b5 93 81 Aug 26 18:24:49.643883: | 82 7d 2f 4b e3 d2 d8 df 7b 1a e9 38 38 30 e5 99 Aug 26 18:24:49.643885: | c8 08 30 93 49 8d 5e a9 3b f1 2e 55 ef 0c 7b 94 Aug 26 18:24:49.643888: | 37 c0 a9 5c be af 6d fe 70 b1 2a e9 3d 4a 05 7d Aug 26 18:24:49.643890: | b7 0b 90 08 9c a8 64 c2 7f 62 9d 02 8f 46 de 54 Aug 26 18:24:49.643892: | 9d cc 58 68 8d 51 23 a9 74 4a 57 e5 0f 2e a5 e7 Aug 26 18:24:49.643895: | a3 48 86 ed 7c 7d 06 f9 f2 78 46 05 e1 ad 4d 9c Aug 26 18:24:49.643897: | e7 ab 84 56 ab bf 17 07 98 f0 e6 40 b7 0a ec 29 Aug 26 18:24:49.643900: | 5a 8c 01 34 d2 fc 92 dc a8 83 e4 b7 ce 18 5b e8 Aug 26 18:24:49.643902: | 03 ae bd 89 4e 2d 35 a8 88 90 f3 18 32 85 d8 17 Aug 26 18:24:49.643905: | 79 f0 fc 25 f5 54 ef b7 44 b8 8c cb 3a 99 16 bf Aug 26 18:24:49.643907: | 51 20 b7 7f b0 70 79 c2 78 b7 77 05 10 c0 35 d6 Aug 26 18:24:49.643912: | start processing: from 192.1.2.23:500 (in process_md() at demux.c:378) Aug 26 18:24:49.643917: | **parse ISAKMP Message: Aug 26 18:24:49.643919: | initiator cookie: Aug 26 18:24:49.643922: | df 94 67 26 a0 0a d8 6e Aug 26 18:24:49.643924: | responder cookie: Aug 26 18:24:49.643926: | 82 6d 3e 8a e9 b9 76 8e Aug 26 18:24:49.643929: | next payload type: ISAKMP_NEXT_v2SK (0x2e) Aug 26 18:24:49.643932: | ISAKMP version: IKEv2 version 2.0 (rfc4306/rfc5996) (0x20) Aug 26 18:24:49.643935: | exchange type: ISAKMP_v2_IKE_AUTH (0x23) Aug 26 18:24:49.643938: | flags: ISAKMP_FLAG_v2_IKE_INIT (0x8) Aug 26 18:24:49.643941: | Message ID: 1 (0x1) Aug 26 18:24:49.643943: | length: 464 (0x1d0) Aug 26 18:24:49.643947: | processing version=2.0 packet with exchange type=ISAKMP_v2_IKE_AUTH (35) Aug 26 18:24:49.643951: | I am the IKE SA Original Responder receiving an IKEv2 IKE_AUTH request Aug 26 18:24:49.643955: | State DB: found IKEv2 state #2 in PARENT_R1 (find_v2_ike_sa) Aug 26 18:24:49.643962: | start processing: state #2 connection "north-eastnets/0x2" from 192.1.2.23:500 (in ikev2_process_packet() at ikev2.c:2016) Aug 26 18:24:49.643967: | [RE]START processing: state #2 connection "north-eastnets/0x2" from 192.1.2.23:500 (in ike_process_packet() at ikev2.c:2062) Aug 26 18:24:49.643971: | #2 st.st_msgid_lastrecv 0 md.hdr.isa_msgid 00000001 Aug 26 18:24:49.643975: "north-eastnets/0x2" #2: discarding packet received during asynchronous work (DNS or crypto) in STATE_PARENT_R1 Aug 26 18:24:49.643980: | stop processing: state #2 connection "north-eastnets/0x2" from 192.1.2.23:500 (in ikev2_process_packet() at ikev2.c:2018) Aug 26 18:24:49.643985: | #2 spent 0.164 milliseconds in ikev2_process_packet() Aug 26 18:24:49.643989: | stop processing: from 192.1.2.23:500 (in process_md() at demux.c:380) Aug 26 18:24:49.643993: | processing: STOP state #0 (in process_md() at demux.c:382) Aug 26 18:24:49.643996: | processing: STOP connection NULL (in process_md() at demux.c:383) Aug 26 18:24:49.644000: | spent 0.18 milliseconds in comm_handle_cb() reading and processing packet Aug 26 18:24:49.745434: | spent 0.00273 milliseconds in comm_handle_cb() calling check_incoming_msg_errqueue() Aug 26 18:24:49.745455: | *received 464 bytes from 192.1.2.23:500 on eth1 (192.1.3.33:500) Aug 26 18:24:49.745458: | df 94 67 26 a0 0a d8 6e 82 6d 3e 8a e9 b9 76 8e Aug 26 18:24:49.745460: | 2e 20 23 08 00 00 00 01 00 00 01 d0 23 00 01 b4 Aug 26 18:24:49.745462: | ad d9 e8 3f 4a bf 60 81 cb e2 2a ba 70 ac 1e b2 Aug 26 18:24:49.745463: | 26 59 16 50 3e 8a 65 49 b9 61 10 62 f4 28 66 7a Aug 26 18:24:49.745465: | 65 17 e5 81 f0 68 32 65 b2 50 6e ac 2c f8 bd fb Aug 26 18:24:49.745468: | a2 ba 55 d6 c9 62 d9 93 3b 91 88 de 90 cb 73 c9 Aug 26 18:24:49.745470: | a4 e6 a2 56 f4 15 dc 13 b5 39 ab 5e 2f 16 f9 24 Aug 26 18:24:49.745471: | 94 73 45 8c 55 0d 47 71 59 3f 08 a0 26 21 84 8f Aug 26 18:24:49.745473: | 0b 94 f8 9b 20 a6 54 3e 02 5e 90 1a ec 96 cc 98 Aug 26 18:24:49.745474: | 63 94 09 27 4e 0b db 7e 71 de f1 9c 81 ab dd 3d Aug 26 18:24:49.745476: | ed cc d9 82 13 57 0f 22 df 19 1d 4e 25 15 e7 28 Aug 26 18:24:49.745477: | 49 34 1f 51 53 b4 95 22 e0 6f f7 fa 3e cc 1f 24 Aug 26 18:24:49.745479: | b3 48 59 b6 a1 bd 71 a5 ec 4c 24 36 d2 cf 6e dc Aug 26 18:24:49.745480: | e6 7d 82 69 7a e3 38 0e c0 cc 26 7c e8 0d 44 4c Aug 26 18:24:49.745482: | 98 86 ac ed f4 56 20 6a 16 80 2e a0 84 fa 3e 7a Aug 26 18:24:49.745483: | 04 a1 16 da 10 73 36 4f 91 10 9f db 39 74 56 be Aug 26 18:24:49.745485: | 88 ea a9 77 56 19 a3 b1 e1 1c f1 ad 67 52 8b 10 Aug 26 18:24:49.745486: | bb c8 fa c7 34 10 11 9c 31 18 a3 05 89 b5 93 81 Aug 26 18:24:49.745488: | 82 7d 2f 4b e3 d2 d8 df 7b 1a e9 38 38 30 e5 99 Aug 26 18:24:49.745489: | c8 08 30 93 49 8d 5e a9 3b f1 2e 55 ef 0c 7b 94 Aug 26 18:24:49.745491: | 37 c0 a9 5c be af 6d fe 70 b1 2a e9 3d 4a 05 7d Aug 26 18:24:49.745492: | b7 0b 90 08 9c a8 64 c2 7f 62 9d 02 8f 46 de 54 Aug 26 18:24:49.745494: | 9d cc 58 68 8d 51 23 a9 74 4a 57 e5 0f 2e a5 e7 Aug 26 18:24:49.745495: | a3 48 86 ed 7c 7d 06 f9 f2 78 46 05 e1 ad 4d 9c Aug 26 18:24:49.745497: | e7 ab 84 56 ab bf 17 07 98 f0 e6 40 b7 0a ec 29 Aug 26 18:24:49.745498: | 5a 8c 01 34 d2 fc 92 dc a8 83 e4 b7 ce 18 5b e8 Aug 26 18:24:49.745500: | 03 ae bd 89 4e 2d 35 a8 88 90 f3 18 32 85 d8 17 Aug 26 18:24:49.745501: | 79 f0 fc 25 f5 54 ef b7 44 b8 8c cb 3a 99 16 bf Aug 26 18:24:49.745503: | 51 20 b7 7f b0 70 79 c2 78 b7 77 05 10 c0 35 d6 Aug 26 18:24:49.745506: | start processing: from 192.1.2.23:500 (in process_md() at demux.c:378) Aug 26 18:24:49.745509: | **parse ISAKMP Message: Aug 26 18:24:49.745511: | initiator cookie: Aug 26 18:24:49.745513: | df 94 67 26 a0 0a d8 6e Aug 26 18:24:49.745514: | responder cookie: Aug 26 18:24:49.745516: | 82 6d 3e 8a e9 b9 76 8e Aug 26 18:24:49.745518: | next payload type: ISAKMP_NEXT_v2SK (0x2e) Aug 26 18:24:49.745519: | ISAKMP version: IKEv2 version 2.0 (rfc4306/rfc5996) (0x20) Aug 26 18:24:49.745521: | exchange type: ISAKMP_v2_IKE_AUTH (0x23) Aug 26 18:24:49.745523: | flags: ISAKMP_FLAG_v2_IKE_INIT (0x8) Aug 26 18:24:49.745525: | Message ID: 1 (0x1) Aug 26 18:24:49.745527: | length: 464 (0x1d0) Aug 26 18:24:49.745529: | processing version=2.0 packet with exchange type=ISAKMP_v2_IKE_AUTH (35) Aug 26 18:24:49.745531: | I am the IKE SA Original Responder receiving an IKEv2 IKE_AUTH request Aug 26 18:24:49.745534: | State DB: found IKEv2 state #2 in PARENT_R1 (find_v2_ike_sa) Aug 26 18:24:49.745538: | start processing: state #2 connection "north-eastnets/0x2" from 192.1.2.23:500 (in ikev2_process_packet() at ikev2.c:2016) Aug 26 18:24:49.745541: | [RE]START processing: state #2 connection "north-eastnets/0x2" from 192.1.2.23:500 (in ike_process_packet() at ikev2.c:2062) Aug 26 18:24:49.745544: | #2 st.st_msgid_lastrecv 0 md.hdr.isa_msgid 00000001 Aug 26 18:24:49.745546: "north-eastnets/0x2" #2: discarding packet received during asynchronous work (DNS or crypto) in STATE_PARENT_R1 Aug 26 18:24:49.745549: | stop processing: state #2 connection "north-eastnets/0x2" from 192.1.2.23:500 (in ikev2_process_packet() at ikev2.c:2018) Aug 26 18:24:49.745552: | #2 spent 0.106 milliseconds in ikev2_process_packet() Aug 26 18:24:49.745555: | stop processing: from 192.1.2.23:500 (in process_md() at demux.c:380) Aug 26 18:24:49.745557: | processing: STOP state #0 (in process_md() at demux.c:382) Aug 26 18:24:49.745559: | processing: STOP connection NULL (in process_md() at demux.c:383) Aug 26 18:24:49.745562: | spent 0.116 milliseconds in comm_handle_cb() reading and processing packet Aug 26 18:24:49.946304: | spent 0.0116 milliseconds in comm_handle_cb() calling check_incoming_msg_errqueue() Aug 26 18:24:49.946390: | *received 464 bytes from 192.1.2.23:500 on eth1 (192.1.3.33:500) Aug 26 18:24:49.946409: | df 94 67 26 a0 0a d8 6e 82 6d 3e 8a e9 b9 76 8e Aug 26 18:24:49.946420: | 2e 20 23 08 00 00 00 01 00 00 01 d0 23 00 01 b4 Aug 26 18:24:49.946431: | ad d9 e8 3f 4a bf 60 81 cb e2 2a ba 70 ac 1e b2 Aug 26 18:24:49.946443: | 26 59 16 50 3e 8a 65 49 b9 61 10 62 f4 28 66 7a Aug 26 18:24:49.946454: | 65 17 e5 81 f0 68 32 65 b2 50 6e ac 2c f8 bd fb Aug 26 18:24:49.946465: | a2 ba 55 d6 c9 62 d9 93 3b 91 88 de 90 cb 73 c9 Aug 26 18:24:49.946479: | a4 e6 a2 56 f4 15 dc 13 b5 39 ab 5e 2f 16 f9 24 Aug 26 18:24:49.946487: | 94 73 45 8c 55 0d 47 71 59 3f 08 a0 26 21 84 8f Aug 26 18:24:49.946494: | 0b 94 f8 9b 20 a6 54 3e 02 5e 90 1a ec 96 cc 98 Aug 26 18:24:49.946501: | 63 94 09 27 4e 0b db 7e 71 de f1 9c 81 ab dd 3d Aug 26 18:24:49.946509: | ed cc d9 82 13 57 0f 22 df 19 1d 4e 25 15 e7 28 Aug 26 18:24:49.946516: | 49 34 1f 51 53 b4 95 22 e0 6f f7 fa 3e cc 1f 24 Aug 26 18:24:49.946523: | b3 48 59 b6 a1 bd 71 a5 ec 4c 24 36 d2 cf 6e dc Aug 26 18:24:49.946531: | e6 7d 82 69 7a e3 38 0e c0 cc 26 7c e8 0d 44 4c Aug 26 18:24:49.946540: | 98 86 ac ed f4 56 20 6a 16 80 2e a0 84 fa 3e 7a Aug 26 18:24:49.946551: | 04 a1 16 da 10 73 36 4f 91 10 9f db 39 74 56 be Aug 26 18:24:49.946563: | 88 ea a9 77 56 19 a3 b1 e1 1c f1 ad 67 52 8b 10 Aug 26 18:24:49.946576: | bb c8 fa c7 34 10 11 9c 31 18 a3 05 89 b5 93 81 Aug 26 18:24:49.946587: | 82 7d 2f 4b e3 d2 d8 df 7b 1a e9 38 38 30 e5 99 Aug 26 18:24:49.946600: | c8 08 30 93 49 8d 5e a9 3b f1 2e 55 ef 0c 7b 94 Aug 26 18:24:49.946613: | 37 c0 a9 5c be af 6d fe 70 b1 2a e9 3d 4a 05 7d Aug 26 18:24:49.946627: | b7 0b 90 08 9c a8 64 c2 7f 62 9d 02 8f 46 de 54 Aug 26 18:24:49.946641: | 9d cc 58 68 8d 51 23 a9 74 4a 57 e5 0f 2e a5 e7 Aug 26 18:24:49.946653: | a3 48 86 ed 7c 7d 06 f9 f2 78 46 05 e1 ad 4d 9c Aug 26 18:24:49.946665: | e7 ab 84 56 ab bf 17 07 98 f0 e6 40 b7 0a ec 29 Aug 26 18:24:49.946678: | 5a 8c 01 34 d2 fc 92 dc a8 83 e4 b7 ce 18 5b e8 Aug 26 18:24:49.946690: | 03 ae bd 89 4e 2d 35 a8 88 90 f3 18 32 85 d8 17 Aug 26 18:24:49.946703: | 79 f0 fc 25 f5 54 ef b7 44 b8 8c cb 3a 99 16 bf Aug 26 18:24:49.946717: | 51 20 b7 7f b0 70 79 c2 78 b7 77 05 10 c0 35 d6 Aug 26 18:24:49.946743: | start processing: from 192.1.2.23:500 (in process_md() at demux.c:378) Aug 26 18:24:49.946761: | **parse ISAKMP Message: Aug 26 18:24:49.946775: | initiator cookie: Aug 26 18:24:49.946786: | df 94 67 26 a0 0a d8 6e Aug 26 18:24:49.946799: | responder cookie: Aug 26 18:24:49.946810: | 82 6d 3e 8a e9 b9 76 8e Aug 26 18:24:49.946823: | next payload type: ISAKMP_NEXT_v2SK (0x2e) Aug 26 18:24:49.946837: | ISAKMP version: IKEv2 version 2.0 (rfc4306/rfc5996) (0x20) Aug 26 18:24:49.946850: | exchange type: ISAKMP_v2_IKE_AUTH (0x23) Aug 26 18:24:49.946864: | flags: ISAKMP_FLAG_v2_IKE_INIT (0x8) Aug 26 18:24:49.946876: | Message ID: 1 (0x1) Aug 26 18:24:49.946888: | length: 464 (0x1d0) Aug 26 18:24:49.946903: | processing version=2.0 packet with exchange type=ISAKMP_v2_IKE_AUTH (35) Aug 26 18:24:49.946918: | I am the IKE SA Original Responder receiving an IKEv2 IKE_AUTH request Aug 26 18:24:49.946934: | State DB: found IKEv2 state #2 in PARENT_R1 (find_v2_ike_sa) Aug 26 18:24:49.946963: | start processing: state #2 connection "north-eastnets/0x2" from 192.1.2.23:500 (in ikev2_process_packet() at ikev2.c:2016) Aug 26 18:24:49.946987: | [RE]START processing: state #2 connection "north-eastnets/0x2" from 192.1.2.23:500 (in ike_process_packet() at ikev2.c:2062) Aug 26 18:24:49.947004: | #2 st.st_msgid_lastrecv 0 md.hdr.isa_msgid 00000001 Aug 26 18:24:49.947021: "north-eastnets/0x2" #2: discarding packet received during asynchronous work (DNS or crypto) in STATE_PARENT_R1 Aug 26 18:24:49.947046: | stop processing: state #2 connection "north-eastnets/0x2" from 192.1.2.23:500 (in ikev2_process_packet() at ikev2.c:2018) Aug 26 18:24:49.947091: | #2 spent 0.729 milliseconds in ikev2_process_packet() Aug 26 18:24:49.947112: | stop processing: from 192.1.2.23:500 (in process_md() at demux.c:380) Aug 26 18:24:49.947128: | processing: STOP state #0 (in process_md() at demux.c:382) Aug 26 18:24:49.947142: | processing: STOP connection NULL (in process_md() at demux.c:383) Aug 26 18:24:49.947161: | spent 0.805 milliseconds in comm_handle_cb() reading and processing packet Aug 26 18:24:50.347127: | spent 0.00466 milliseconds in comm_handle_cb() calling check_incoming_msg_errqueue() Aug 26 18:24:50.347163: | *received 464 bytes from 192.1.2.23:500 on eth1 (192.1.3.33:500) Aug 26 18:24:50.347169: | df 94 67 26 a0 0a d8 6e 82 6d 3e 8a e9 b9 76 8e Aug 26 18:24:50.347174: | 2e 20 23 08 00 00 00 01 00 00 01 d0 23 00 01 b4 Aug 26 18:24:50.347178: | ad d9 e8 3f 4a bf 60 81 cb e2 2a ba 70 ac 1e b2 Aug 26 18:24:50.347182: | 26 59 16 50 3e 8a 65 49 b9 61 10 62 f4 28 66 7a Aug 26 18:24:50.347186: | 65 17 e5 81 f0 68 32 65 b2 50 6e ac 2c f8 bd fb Aug 26 18:24:50.347190: | a2 ba 55 d6 c9 62 d9 93 3b 91 88 de 90 cb 73 c9 Aug 26 18:24:50.347194: | a4 e6 a2 56 f4 15 dc 13 b5 39 ab 5e 2f 16 f9 24 Aug 26 18:24:50.347198: | 94 73 45 8c 55 0d 47 71 59 3f 08 a0 26 21 84 8f Aug 26 18:24:50.347202: | 0b 94 f8 9b 20 a6 54 3e 02 5e 90 1a ec 96 cc 98 Aug 26 18:24:50.347206: | 63 94 09 27 4e 0b db 7e 71 de f1 9c 81 ab dd 3d Aug 26 18:24:50.347210: | ed cc d9 82 13 57 0f 22 df 19 1d 4e 25 15 e7 28 Aug 26 18:24:50.347214: | 49 34 1f 51 53 b4 95 22 e0 6f f7 fa 3e cc 1f 24 Aug 26 18:24:50.347218: | b3 48 59 b6 a1 bd 71 a5 ec 4c 24 36 d2 cf 6e dc Aug 26 18:24:50.347222: | e6 7d 82 69 7a e3 38 0e c0 cc 26 7c e8 0d 44 4c Aug 26 18:24:50.347226: | 98 86 ac ed f4 56 20 6a 16 80 2e a0 84 fa 3e 7a Aug 26 18:24:50.347230: | 04 a1 16 da 10 73 36 4f 91 10 9f db 39 74 56 be Aug 26 18:24:50.347234: | 88 ea a9 77 56 19 a3 b1 e1 1c f1 ad 67 52 8b 10 Aug 26 18:24:50.347238: | bb c8 fa c7 34 10 11 9c 31 18 a3 05 89 b5 93 81 Aug 26 18:24:50.347242: | 82 7d 2f 4b e3 d2 d8 df 7b 1a e9 38 38 30 e5 99 Aug 26 18:24:50.347246: | c8 08 30 93 49 8d 5e a9 3b f1 2e 55 ef 0c 7b 94 Aug 26 18:24:50.347250: | 37 c0 a9 5c be af 6d fe 70 b1 2a e9 3d 4a 05 7d Aug 26 18:24:50.347254: | b7 0b 90 08 9c a8 64 c2 7f 62 9d 02 8f 46 de 54 Aug 26 18:24:50.347258: | 9d cc 58 68 8d 51 23 a9 74 4a 57 e5 0f 2e a5 e7 Aug 26 18:24:50.347262: | a3 48 86 ed 7c 7d 06 f9 f2 78 46 05 e1 ad 4d 9c Aug 26 18:24:50.347267: | e7 ab 84 56 ab bf 17 07 98 f0 e6 40 b7 0a ec 29 Aug 26 18:24:50.347271: | 5a 8c 01 34 d2 fc 92 dc a8 83 e4 b7 ce 18 5b e8 Aug 26 18:24:50.347274: | 03 ae bd 89 4e 2d 35 a8 88 90 f3 18 32 85 d8 17 Aug 26 18:24:50.347279: | 79 f0 fc 25 f5 54 ef b7 44 b8 8c cb 3a 99 16 bf Aug 26 18:24:50.347283: | 51 20 b7 7f b0 70 79 c2 78 b7 77 05 10 c0 35 d6 Aug 26 18:24:50.347311: | start processing: from 192.1.2.23:500 (in process_md() at demux.c:378) Aug 26 18:24:50.347323: | **parse ISAKMP Message: Aug 26 18:24:50.347328: | initiator cookie: Aug 26 18:24:50.347332: | df 94 67 26 a0 0a d8 6e Aug 26 18:24:50.347336: | responder cookie: Aug 26 18:24:50.347340: | 82 6d 3e 8a e9 b9 76 8e Aug 26 18:24:50.347345: | next payload type: ISAKMP_NEXT_v2SK (0x2e) Aug 26 18:24:50.347350: | ISAKMP version: IKEv2 version 2.0 (rfc4306/rfc5996) (0x20) Aug 26 18:24:50.347355: | exchange type: ISAKMP_v2_IKE_AUTH (0x23) Aug 26 18:24:50.347360: | flags: ISAKMP_FLAG_v2_IKE_INIT (0x8) Aug 26 18:24:50.347364: | Message ID: 1 (0x1) Aug 26 18:24:50.347369: | length: 464 (0x1d0) Aug 26 18:24:50.347374: | processing version=2.0 packet with exchange type=ISAKMP_v2_IKE_AUTH (35) Aug 26 18:24:50.347379: | I am the IKE SA Original Responder receiving an IKEv2 IKE_AUTH request Aug 26 18:24:50.347386: | State DB: found IKEv2 state #2 in PARENT_R1 (find_v2_ike_sa) Aug 26 18:24:50.347397: | start processing: state #2 connection "north-eastnets/0x2" from 192.1.2.23:500 (in ikev2_process_packet() at ikev2.c:2016) Aug 26 18:24:50.347410: | [RE]START processing: state #2 connection "north-eastnets/0x2" from 192.1.2.23:500 (in ike_process_packet() at ikev2.c:2062) Aug 26 18:24:50.347416: | #2 st.st_msgid_lastrecv 0 md.hdr.isa_msgid 00000001 Aug 26 18:24:50.347421: "north-eastnets/0x2" #2: discarding packet received during asynchronous work (DNS or crypto) in STATE_PARENT_R1 Aug 26 18:24:50.347429: | stop processing: state #2 connection "north-eastnets/0x2" from 192.1.2.23:500 (in ikev2_process_packet() at ikev2.c:2018) Aug 26 18:24:50.347438: | #2 spent 0.27 milliseconds in ikev2_process_packet() Aug 26 18:24:50.347445: | stop processing: from 192.1.2.23:500 (in process_md() at demux.c:380) Aug 26 18:24:50.347451: | processing: STOP state #0 (in process_md() at demux.c:382) Aug 26 18:24:50.347457: | processing: STOP connection NULL (in process_md() at demux.c:383) Aug 26 18:24:50.347463: | spent 0.297 milliseconds in comm_handle_cb() reading and processing packet Aug 26 18:24:50.394699: | calculating skeyseed using prf=sha2_256 integ=sha2_256 cipherkey-size=32 salt-size=0 Aug 26 18:24:50.395098: | crypto helper 1 finished compute dh (V2) (ikev2_inR1outI2 KE); request ID 3 time elapsed 1.00117 seconds Aug 26 18:24:50.395109: | (#1) spent 1.12 milliseconds in crypto helper computing work-order 3: ikev2_inR1outI2 KE (pcr) Aug 26 18:24:50.395112: | crypto helper 1 sending results from work-order 3 for state #1 to event queue Aug 26 18:24:50.395114: | scheduling resume sending helper answer for #1 Aug 26 18:24:50.395118: | libevent_malloc: new ptr-libevent@0x7ffaa0000f40 size 128 Aug 26 18:24:50.395128: | crypto helper 1 waiting (nothing to do) Aug 26 18:24:50.395168: | processing resume sending helper answer for #1 Aug 26 18:24:50.395181: | start processing: state #1 connection "north-eastnets/0x2" from 192.1.2.23 (in resume_handler() at server.c:797) Aug 26 18:24:50.395185: | crypto helper 1 replies to request ID 3 Aug 26 18:24:50.395188: | calling continuation function 0x55ce534e2b50 Aug 26 18:24:50.395190: | ikev2_parent_inR1outI2_continue for #1: calculating g^{xy}, sending I2 Aug 26 18:24:50.395199: | creating state object #3 at 0x55ce53a7bc40 Aug 26 18:24:50.395202: | State DB: adding IKEv2 state #3 in UNDEFINED Aug 26 18:24:50.395208: | pstats #3 ikev2.child started Aug 26 18:24:50.395211: | duplicating state object #1 "north-eastnets/0x2" as #3 for IPSEC SA Aug 26 18:24:50.395215: | #3 setting local endpoint to 192.1.3.33:500 from #1.st_localport (in duplicate_state() at state.c:1484) Aug 26 18:24:50.395221: | Message ID: init_child #1.#3; ike: initiator.sent=0 initiator.recv=-1 responder.sent=-1 responder.recv=-1; child: wip.initiator=0->-1 wip.responder=0->-1 Aug 26 18:24:50.395225: | Message ID: switch-from #1 response 0; ike: initiator.sent=0 initiator.recv=-1 responder.sent=-1 responder.recv=-1 wip.initiator=0->-1 wip.responder=-1 Aug 26 18:24:50.395229: | Message ID: switch-to #1.#3 response 0; ike: initiator.sent=0 initiator.recv=-1 responder.sent=-1 responder.recv=-1; child: wip.initiator=-1->0 wip.responder=-1 Aug 26 18:24:50.395231: | state #1 requesting EVENT_CRYPTO_TIMEOUT to be deleted Aug 26 18:24:50.395235: | libevent_free: release ptr-libevent@0x55ce53a747d0 Aug 26 18:24:50.395237: | free_event_entry: release EVENT_CRYPTO_TIMEOUT-pe@0x55ce53a74790 Aug 26 18:24:50.395240: | event_schedule: new EVENT_SA_REPLACE-pe@0x55ce53a74790 Aug 26 18:24:50.395243: | inserting event EVENT_SA_REPLACE, timeout in 60 seconds for #1 Aug 26 18:24:50.395245: | libevent_malloc: new ptr-libevent@0x55ce53a747d0 size 128 Aug 26 18:24:50.395248: | parent state #1: PARENT_I1(half-open IKE SA) => PARENT_I2(open IKE SA) Aug 26 18:24:50.395254: | **emit ISAKMP Message: Aug 26 18:24:50.395257: | initiator cookie: Aug 26 18:24:50.395259: | ff 40 95 92 e6 85 07 d9 Aug 26 18:24:50.395261: | responder cookie: Aug 26 18:24:50.395263: | fd 1d f4 22 0d b8 c9 16 Aug 26 18:24:50.395265: | next payload type: ISAKMP_NEXT_NONE (0x0) Aug 26 18:24:50.395271: | ISAKMP version: IKEv2 version 2.0 (rfc4306/rfc5996) (0x20) Aug 26 18:24:50.395273: | exchange type: ISAKMP_v2_IKE_AUTH (0x23) Aug 26 18:24:50.395276: | flags: ISAKMP_FLAG_v2_IKE_INIT (0x8) Aug 26 18:24:50.395278: | Message ID: 1 (0x1) Aug 26 18:24:50.395280: | next payload chain: saving message location 'ISAKMP Message'.'next payload type' Aug 26 18:24:50.395283: | ***emit IKEv2 Encryption Payload: Aug 26 18:24:50.395286: | next payload type: ISAKMP_NEXT_v2NONE (0x0) Aug 26 18:24:50.395292: | flags: none (0x0) Aug 26 18:24:50.395297: | next payload chain: setting previous 'ISAKMP Message'.'next payload type' to current IKEv2 Encryption Payload (46:ISAKMP_NEXT_v2SK) Aug 26 18:24:50.395299: | next payload chain: saving location 'IKEv2 Encryption Payload'.'next payload type' in 'reply packet' Aug 26 18:24:50.395302: | emitting 16 zero bytes of IV into IKEv2 Encryption Payload Aug 26 18:24:50.395309: | IKEv2 CERT: send a certificate? Aug 26 18:24:50.395311: | IKEv2 CERT: no certificate to send Aug 26 18:24:50.395314: | IDr payload will be sent Aug 26 18:24:50.395326: | ****emit IKEv2 Identification - Initiator - Payload: Aug 26 18:24:50.395333: | next payload type: ISAKMP_NEXT_v2NONE (0x0) Aug 26 18:24:50.395335: | flags: none (0x0) Aug 26 18:24:50.395337: | ID type: ID_FQDN (0x2) Aug 26 18:24:50.395340: | next payload chain: setting previous 'IKEv2 Encryption Payload'.'next payload type' to current IKEv2 Identification - Initiator - Payload (35:ISAKMP_NEXT_v2IDi) Aug 26 18:24:50.395343: | next payload chain: saving location 'IKEv2 Identification - Initiator - Payload'.'next payload type' in 'reply packet' Aug 26 18:24:50.395345: | emitting 5 raw bytes of my identity into IKEv2 Identification - Initiator - Payload Aug 26 18:24:50.395348: | my identity 6e 6f 72 74 68 Aug 26 18:24:50.395350: | emitting length of IKEv2 Identification - Initiator - Payload: 13 Aug 26 18:24:50.395357: | ****emit IKEv2 Identification - Responder - Payload: Aug 26 18:24:50.395359: | next payload type: ISAKMP_NEXT_v2AUTH (0x27) Aug 26 18:24:50.395361: | flags: none (0x0) Aug 26 18:24:50.395363: | ID type: ID_FQDN (0x2) Aug 26 18:24:50.395366: | next payload chain: ignoring supplied 'IKEv2 Identification - Responder - Payload'.'next payload type' value 39:ISAKMP_NEXT_v2AUTH Aug 26 18:24:50.395369: | next payload chain: setting previous 'IKEv2 Identification - Initiator - Payload'.'next payload type' to current IKEv2 Identification - Responder - Payload (36:ISAKMP_NEXT_v2IDr) Aug 26 18:24:50.395371: | next payload chain: saving location 'IKEv2 Identification - Responder - Payload'.'next payload type' in 'reply packet' Aug 26 18:24:50.395373: | emitting 4 raw bytes of IDr into IKEv2 Identification - Responder - Payload Aug 26 18:24:50.395375: | IDr 65 61 73 74 Aug 26 18:24:50.395377: | emitting length of IKEv2 Identification - Responder - Payload: 12 Aug 26 18:24:50.395379: | not sending INITIAL_CONTACT Aug 26 18:24:50.395382: | ****emit IKEv2 Authentication Payload: Aug 26 18:24:50.395384: | next payload type: ISAKMP_NEXT_v2NONE (0x0) Aug 26 18:24:50.395386: | flags: none (0x0) Aug 26 18:24:50.395388: | auth method: IKEv2_AUTH_RSA (0x1) Aug 26 18:24:50.395391: | next payload chain: setting previous 'IKEv2 Identification - Responder - Payload'.'next payload type' to current IKEv2 Authentication Payload (39:ISAKMP_NEXT_v2AUTH) Aug 26 18:24:50.395393: | next payload chain: saving location 'IKEv2 Authentication Payload'.'next payload type' in 'reply packet' Aug 26 18:24:50.395398: | started looking for secret for @north->@east of kind PKK_RSA Aug 26 18:24:50.395400: | actually looking for secret for @north->@east of kind PKK_RSA Aug 26 18:24:50.395403: | line 1: key type PKK_RSA(@north) to type PKK_RSA Aug 26 18:24:50.395406: | 1: compared key (none) to @north / @east -> 002 Aug 26 18:24:50.395408: | 2: compared key (none) to @north / @east -> 002 Aug 26 18:24:50.395410: | line 1: match=002 Aug 26 18:24:50.395413: | match 002 beats previous best_match 000 match=0x55ce53a66000 (line=1) Aug 26 18:24:50.395417: | concluding with best_match=002 best=0x55ce53a66000 (lineno=1) Aug 26 18:24:50.398903: | #1 spent 3.47 milliseconds in ikev2_calculate_rsa_hash() calling sign_hash_RSA() Aug 26 18:24:50.398913: | emitting 274 raw bytes of rsa signature into IKEv2 Authentication Payload Aug 26 18:24:50.398915: | rsa signature 71 ab 7f cc 22 25 8e 0f 79 41 1f be 03 41 bf 86 Aug 26 18:24:50.398917: | rsa signature f2 15 c5 e8 36 c9 fe 10 21 b0 ff a2 de 3b 5b 17 Aug 26 18:24:50.398919: | rsa signature 77 f9 b5 66 a0 14 ad 34 55 1a 81 e8 ac 35 c8 57 Aug 26 18:24:50.398921: | rsa signature 0f 37 c6 6a 50 a6 8e 3c da 96 f9 45 d1 9b f4 74 Aug 26 18:24:50.398923: | rsa signature b7 43 df 5e cf 37 47 9c 7e 64 02 94 61 93 b5 a1 Aug 26 18:24:50.398925: | rsa signature 01 a4 96 ae b3 67 53 bc dc f5 7c d7 d6 98 7b 1a Aug 26 18:24:50.398927: | rsa signature ce fc 08 db ff f6 69 ba b3 16 a5 92 5a ef 6f 20 Aug 26 18:24:50.398929: | rsa signature a8 7b d3 23 4e f3 af 61 62 f7 f7 ff 11 76 fe 4f Aug 26 18:24:50.398931: | rsa signature a4 7c 6e cf 61 5f 39 62 24 17 9e 0d aa 8a 79 e4 Aug 26 18:24:50.398933: | rsa signature c9 e9 3f 2e 43 fa 66 03 52 92 22 d0 8c d8 66 00 Aug 26 18:24:50.398934: | rsa signature 4d bb 1f 70 cd 58 8d 67 67 60 cb 8e a0 f6 2f b8 Aug 26 18:24:50.398936: | rsa signature 52 4c 32 d6 e7 cc 5f e8 25 2d 6a f6 88 be bf 57 Aug 26 18:24:50.398938: | rsa signature fb eb 63 9b d7 b8 37 79 cf 67 4a 8c e6 8e f1 a3 Aug 26 18:24:50.398940: | rsa signature 83 01 37 ed e2 9c 71 b6 ac c9 93 24 c7 23 53 82 Aug 26 18:24:50.398942: | rsa signature c8 3e 29 73 52 50 cc 7f 3c fc f8 34 38 f5 90 8b Aug 26 18:24:50.398944: | rsa signature a3 9f 3f 7b ed 2f 5d 92 8f bf f8 5d de 62 2f 27 Aug 26 18:24:50.398946: | rsa signature bb 8b 09 9a 5f e4 d8 9a ed 89 6d 73 81 50 d6 73 Aug 26 18:24:50.398948: | rsa signature 85 63 Aug 26 18:24:50.398951: | #1 spent 3.55 milliseconds in ikev2_calculate_rsa_hash() Aug 26 18:24:50.398954: | emitting length of IKEv2 Authentication Payload: 282 Aug 26 18:24:50.398956: | getting first pending from state #1 Aug 26 18:24:50.398959: | Switching Child connection for #3 to "north-eastnets/0x1" from "north-eastnets/0x2" Aug 26 18:24:50.398963: | in connection_discard for connection north-eastnets/0x2 Aug 26 18:24:50.399253: | netlink_get_spi: allocated 0x780ff6c for esp.0@192.1.3.33 Aug 26 18:24:50.399257: | constructing ESP/AH proposals with all DH removed for north-eastnets/0x1 (IKE SA initiator emitting ESP/AH proposals) Aug 26 18:24:50.399261: | converting proposal AES_CBC_128-HMAC_SHA2_512_256-MODP3072 to ikev2 ... Aug 26 18:24:50.399267: | ... ikev2_proposal: 1:ESP:ENCR=AES_CBC_128;INTEG=HMAC_SHA2_512_256;DH=NONE;ESN=DISABLED Aug 26 18:24:50.399271: "north-eastnets/0x1": constructed local ESP/AH proposals for north-eastnets/0x1 (IKE SA initiator emitting ESP/AH proposals): 1:ESP:ENCR=AES_CBC_128;INTEG=HMAC_SHA2_512_256;DH=NONE;ESN=DISABLED Aug 26 18:24:50.399280: | Emitting ikev2_proposals ... Aug 26 18:24:50.399283: | ****emit IKEv2 Security Association Payload: Aug 26 18:24:50.399285: | next payload type: ISAKMP_NEXT_v2NONE (0x0) Aug 26 18:24:50.399287: | flags: none (0x0) Aug 26 18:24:50.399303: | next payload chain: setting previous 'IKEv2 Authentication Payload'.'next payload type' to current IKEv2 Security Association Payload (33:ISAKMP_NEXT_v2SA) Aug 26 18:24:50.399306: | next payload chain: saving location 'IKEv2 Security Association Payload'.'next payload type' in 'reply packet' Aug 26 18:24:50.399308: | discarding DH=NONE Aug 26 18:24:50.399313: | *****emit IKEv2 Proposal Substructure Payload: Aug 26 18:24:50.399315: | last proposal: v2_PROPOSAL_LAST (0x0) Aug 26 18:24:50.399317: | prop #: 1 (0x1) Aug 26 18:24:50.399319: | proto ID: IKEv2_SEC_PROTO_ESP (0x3) Aug 26 18:24:50.399321: | spi size: 4 (0x4) Aug 26 18:24:50.399323: | # transforms: 3 (0x3) Aug 26 18:24:50.399325: | last substructure: saving location 'IKEv2 Security Association Payload'.'IKEv2 Proposal Substructure Payload'.'last proposal' Aug 26 18:24:50.399331: | emitting 4 raw bytes of our spi into IKEv2 Proposal Substructure Payload Aug 26 18:24:50.399333: | our spi 07 80 ff 6c Aug 26 18:24:50.399335: | ******emit IKEv2 Transform Substructure Payload: Aug 26 18:24:50.399337: | last transform: v2_TRANSFORM_NON_LAST (0x3) Aug 26 18:24:50.399339: | IKEv2 transform type: TRANS_TYPE_ENCR (0x1) Aug 26 18:24:50.399341: | IKEv2 transform ID: AES_CBC (0xc) Aug 26 18:24:50.399344: | last substructure: saving location 'IKEv2 Proposal Substructure Payload'.'IKEv2 Transform Substructure Payload'.'last transform' Aug 26 18:24:50.399346: | *******emit IKEv2 Attribute Substructure Payload: Aug 26 18:24:50.399349: | af+type: AF+IKEv2_KEY_LENGTH (0x800e) Aug 26 18:24:50.399351: | length/value: 128 (0x80) Aug 26 18:24:50.399353: | emitting length of IKEv2 Transform Substructure Payload: 12 Aug 26 18:24:50.399355: | ******emit IKEv2 Transform Substructure Payload: Aug 26 18:24:50.399357: | last transform: v2_TRANSFORM_NON_LAST (0x3) Aug 26 18:24:50.399359: | IKEv2 transform type: TRANS_TYPE_INTEG (0x3) Aug 26 18:24:50.399361: | IKEv2 transform ID: AUTH_HMAC_SHA2_512_256 (0xe) Aug 26 18:24:50.399364: | last substructure: checking 'IKEv2 Proposal Substructure Payload'.'IKEv2 Transform Substructure Payload'.'last transform' is v2_TRANSFORM_NON_LAST (0x3) Aug 26 18:24:50.399366: | last substructure: saving location 'IKEv2 Proposal Substructure Payload'.'IKEv2 Transform Substructure Payload'.'last transform' Aug 26 18:24:50.399368: | emitting length of IKEv2 Transform Substructure Payload: 8 Aug 26 18:24:50.399370: | discarding DH=NONE Aug 26 18:24:50.399372: | ******emit IKEv2 Transform Substructure Payload: Aug 26 18:24:50.399374: | last transform: v2_TRANSFORM_LAST (0x0) Aug 26 18:24:50.399376: | IKEv2 transform type: TRANS_TYPE_ESN (0x5) Aug 26 18:24:50.399378: | IKEv2 transform ID: ESN_DISABLED (0x0) Aug 26 18:24:50.399380: | last substructure: checking 'IKEv2 Proposal Substructure Payload'.'IKEv2 Transform Substructure Payload'.'last transform' is v2_TRANSFORM_NON_LAST (0x3) Aug 26 18:24:50.399383: | last substructure: saving location 'IKEv2 Proposal Substructure Payload'.'IKEv2 Transform Substructure Payload'.'last transform' Aug 26 18:24:50.399385: | emitting length of IKEv2 Transform Substructure Payload: 8 Aug 26 18:24:50.399387: | emitting length of IKEv2 Proposal Substructure Payload: 40 Aug 26 18:24:50.399389: | last substructure: checking 'IKEv2 Proposal Substructure Payload'.'IKEv2 Transform Substructure Payload'.'last transform' is 0 Aug 26 18:24:50.399391: | emitting length of IKEv2 Security Association Payload: 44 Aug 26 18:24:50.399394: | last substructure: checking 'IKEv2 Security Association Payload'.'IKEv2 Proposal Substructure Payload'.'last proposal' is 0 Aug 26 18:24:50.399396: | ****emit IKEv2 Traffic Selector - Initiator - Payload: Aug 26 18:24:50.399398: | next payload type: ISAKMP_NEXT_v2NONE (0x0) Aug 26 18:24:50.399400: | flags: none (0x0) Aug 26 18:24:50.399402: | number of TS: 1 (0x1) Aug 26 18:24:50.399405: | next payload chain: setting previous 'IKEv2 Security Association Payload'.'next payload type' to current IKEv2 Traffic Selector - Initiator - Payload (44:ISAKMP_NEXT_v2TSi) Aug 26 18:24:50.399408: | next payload chain: saving location 'IKEv2 Traffic Selector - Initiator - Payload'.'next payload type' in 'reply packet' Aug 26 18:24:50.399410: | *****emit IKEv2 Traffic Selector: Aug 26 18:24:50.399412: | TS type: IKEv2_TS_IPV4_ADDR_RANGE (0x7) Aug 26 18:24:50.399414: | IP Protocol ID: 0 (0x0) Aug 26 18:24:50.399416: | start port: 0 (0x0) Aug 26 18:24:50.399418: | end port: 65535 (0xffff) Aug 26 18:24:50.399421: | emitting 4 raw bytes of ipv4 start into IKEv2 Traffic Selector Aug 26 18:24:50.399422: | ipv4 start c0 00 03 00 Aug 26 18:24:50.399425: | emitting 4 raw bytes of ipv4 end into IKEv2 Traffic Selector Aug 26 18:24:50.399427: | ipv4 end c0 00 03 ff Aug 26 18:24:50.399429: | emitting length of IKEv2 Traffic Selector: 16 Aug 26 18:24:50.399431: | emitting length of IKEv2 Traffic Selector - Initiator - Payload: 24 Aug 26 18:24:50.399434: | ****emit IKEv2 Traffic Selector - Responder - Payload: Aug 26 18:24:50.399436: | next payload type: ISAKMP_NEXT_v2NONE (0x0) Aug 26 18:24:50.399438: | flags: none (0x0) Aug 26 18:24:50.399440: | number of TS: 1 (0x1) Aug 26 18:24:50.399443: | next payload chain: setting previous 'IKEv2 Traffic Selector - Initiator - Payload'.'next payload type' to current IKEv2 Traffic Selector - Responder - Payload (45:ISAKMP_NEXT_v2TSr) Aug 26 18:24:50.399445: | next payload chain: saving location 'IKEv2 Traffic Selector - Responder - Payload'.'next payload type' in 'reply packet' Aug 26 18:24:50.399447: | *****emit IKEv2 Traffic Selector: Aug 26 18:24:50.399449: | TS type: IKEv2_TS_IPV4_ADDR_RANGE (0x7) Aug 26 18:24:50.399451: | IP Protocol ID: 0 (0x0) Aug 26 18:24:50.399453: | start port: 0 (0x0) Aug 26 18:24:50.399455: | end port: 65535 (0xffff) Aug 26 18:24:50.399457: | emitting 4 raw bytes of ipv4 start into IKEv2 Traffic Selector Aug 26 18:24:50.399459: | ipv4 start c0 00 02 00 Aug 26 18:24:50.399461: | emitting 4 raw bytes of ipv4 end into IKEv2 Traffic Selector Aug 26 18:24:50.399463: | ipv4 end c0 00 02 ff Aug 26 18:24:50.399465: | emitting length of IKEv2 Traffic Selector: 16 Aug 26 18:24:50.399467: | emitting length of IKEv2 Traffic Selector - Responder - Payload: 24 Aug 26 18:24:50.399469: | Initiator child policy is tunnel mode, NOT sending v2N_USE_TRANSPORT_MODE Aug 26 18:24:50.399472: | Initiator child policy is compress=no, NOT sending v2N_IPCOMP_SUPPORTED Aug 26 18:24:50.399474: | adding 1 bytes of padding (including 1 byte padding-length) Aug 26 18:24:50.399477: | emitting 1 0x00 repeated bytes of padding and length into IKEv2 Encryption Payload Aug 26 18:24:50.399479: | emitting 16 zero bytes of length of truncated HMAC/KEY into IKEv2 Encryption Payload Aug 26 18:24:50.399481: | emitting length of IKEv2 Encryption Payload: 436 Aug 26 18:24:50.399483: | emitting length of ISAKMP Message: 464 Aug 26 18:24:50.399507: | data being hmac: ff 40 95 92 e6 85 07 d9 fd 1d f4 22 0d b8 c9 16 Aug 26 18:24:50.399511: | data being hmac: 2e 20 23 08 00 00 00 01 00 00 01 d0 23 00 01 b4 Aug 26 18:24:50.399513: | data being hmac: 5e 36 d4 21 c5 f2 fb 0f 72 cf b3 b2 47 62 16 3f Aug 26 18:24:50.399514: | data being hmac: 58 90 53 ef ea 58 2f 84 56 68 a9 ff bf 54 75 2e Aug 26 18:24:50.399516: | data being hmac: 63 dd 8e 27 a4 fb 9b 2d c2 c7 2b 6b 7f 59 2d 17 Aug 26 18:24:50.399518: | data being hmac: 9f 3e 97 35 f3 c3 a1 ef 0d 49 16 d4 c1 29 f6 a1 Aug 26 18:24:50.399520: | data being hmac: 05 fa d1 28 3e 73 1a e4 ce 2f 67 0d 2e de 40 59 Aug 26 18:24:50.399522: | data being hmac: f2 7e f4 22 a7 2c 8d 7a 1e 0f 74 fa 76 63 53 7b Aug 26 18:24:50.399524: | data being hmac: 75 83 ef d6 64 12 13 2e c2 f3 89 7d 58 56 11 74 Aug 26 18:24:50.399526: | data being hmac: bb a7 62 8a 3e 98 63 5d 7c 48 1f b1 6a 22 69 3a Aug 26 18:24:50.399528: | data being hmac: 20 4e 43 b9 54 6a ea b3 9c 4e dc 81 aa a7 d5 ae Aug 26 18:24:50.399530: | data being hmac: 76 54 44 33 7c f9 80 5e d4 24 41 58 45 72 60 c8 Aug 26 18:24:50.399532: | data being hmac: bc e6 e7 ce b7 2e 06 0c 1d 1a c8 fe b0 52 6d d3 Aug 26 18:24:50.399534: | data being hmac: cf dc 20 01 db fc b8 4e 92 eb cd cf 4e 81 3d 92 Aug 26 18:24:50.399536: | data being hmac: 28 4f 65 0e 81 9a 99 e8 af 67 ae 1a 4c 2c 74 dc Aug 26 18:24:50.399537: | data being hmac: 4e 1d 73 1e 0b 04 1d 63 3e 75 e2 86 e5 5e 86 18 Aug 26 18:24:50.399539: | data being hmac: 18 a4 be 43 9c ac 74 f0 9b 5b 01 90 e3 ab fc 57 Aug 26 18:24:50.399541: | data being hmac: 36 c0 1d 33 89 37 05 3f 81 3d be 22 76 07 8f cf Aug 26 18:24:50.399543: | data being hmac: c9 82 87 16 42 91 b1 e0 b4 3e b5 c3 a8 5c 04 ca Aug 26 18:24:50.399545: | data being hmac: ee 8d a4 3a ba 1a d0 da 6b 54 e1 4f a2 c7 c4 ea Aug 26 18:24:50.399547: | data being hmac: fe 4e 51 9f 78 26 8c 6a f3 2f 2d 98 d7 e8 ee 4f Aug 26 18:24:50.399549: | data being hmac: 7d 0d 43 7f d3 fa 11 ec 66 ff 5b 90 36 de e9 1d Aug 26 18:24:50.399552: | data being hmac: 4c b3 e5 aa a6 23 35 59 cd e6 3c 17 7a db e1 63 Aug 26 18:24:50.399554: | data being hmac: 6e df 09 d8 3d 9a 81 57 99 8e 95 5c 2c 67 c6 3e Aug 26 18:24:50.399556: | data being hmac: e1 15 7d c4 27 0e 7d b0 37 4b bb be 55 0d 2c 80 Aug 26 18:24:50.399558: | data being hmac: 64 46 dc 07 2a 7c 6b f2 cf 64 f3 9a 10 42 14 36 Aug 26 18:24:50.399560: | data being hmac: 61 97 2a e6 6d 57 85 f8 75 e9 a3 8e 51 59 3e 47 Aug 26 18:24:50.399562: | data being hmac: f8 10 a2 bd 88 a7 5e fa bb 5b ab 3a e0 01 1b 7f Aug 26 18:24:50.399564: | out calculated auth: Aug 26 18:24:50.399566: | 8d 95 13 f6 52 61 0a 03 fd 1b 41 dd 19 7a ef c8 Aug 26 18:24:50.399572: | suspend processing: state #1 connection "north-eastnets/0x2" from 192.1.2.23 (in complete_v2_state_transition() at ikev2.c:3379) Aug 26 18:24:50.399576: | start processing: state #3 connection "north-eastnets/0x1" from 192.1.2.23 (in complete_v2_state_transition() at ikev2.c:3379) Aug 26 18:24:50.399579: | #3 complete_v2_state_transition() md.from_state=PARENT_I1 md.svm.state[from]=PARENT_I1 UNDEFINED->PARENT_I2 with status STF_OK Aug 26 18:24:50.399582: | IKEv2: transition from state STATE_PARENT_I1 to state STATE_PARENT_I2 Aug 26 18:24:50.399585: | child state #3: UNDEFINED(ignore) => PARENT_I2(open IKE SA) Aug 26 18:24:50.399587: | Message ID: updating counters for #3 to 0 after switching state Aug 26 18:24:50.399592: | Message ID: recv #1.#3 response 0; ike: initiator.sent=0 initiator.recv=-1->0 responder.sent=-1 responder.recv=-1; child: wip.initiator=0->-1 wip.responder=-1 Aug 26 18:24:50.399595: | Message ID: sent #1.#3 request 1; ike: initiator.sent=0->1 initiator.recv=0 responder.sent=-1 responder.recv=-1; child: wip.initiator=-1->1 wip.responder=-1 Aug 26 18:24:50.399599: "north-eastnets/0x1" #3: STATE_PARENT_I2: sent v2I2, expected v2R2 {auth=IKEv2 cipher=AES_CBC_256 integ=HMAC_SHA2_256_128 prf=HMAC_SHA2_256 group=MODP2048} Aug 26 18:24:50.399607: | sending V2 reply packet to 192.1.2.23:500 (from 192.1.3.33:500) Aug 26 18:24:50.399612: | sending 464 bytes for STATE_PARENT_I1 through eth1 from 192.1.3.33:500 to 192.1.2.23:500 (using #1) Aug 26 18:24:50.399615: | ff 40 95 92 e6 85 07 d9 fd 1d f4 22 0d b8 c9 16 Aug 26 18:24:50.399616: | 2e 20 23 08 00 00 00 01 00 00 01 d0 23 00 01 b4 Aug 26 18:24:50.399618: | 5e 36 d4 21 c5 f2 fb 0f 72 cf b3 b2 47 62 16 3f Aug 26 18:24:50.399620: | 58 90 53 ef ea 58 2f 84 56 68 a9 ff bf 54 75 2e Aug 26 18:24:50.399622: | 63 dd 8e 27 a4 fb 9b 2d c2 c7 2b 6b 7f 59 2d 17 Aug 26 18:24:50.399624: | 9f 3e 97 35 f3 c3 a1 ef 0d 49 16 d4 c1 29 f6 a1 Aug 26 18:24:50.399626: | 05 fa d1 28 3e 73 1a e4 ce 2f 67 0d 2e de 40 59 Aug 26 18:24:50.399627: | f2 7e f4 22 a7 2c 8d 7a 1e 0f 74 fa 76 63 53 7b Aug 26 18:24:50.399629: | 75 83 ef d6 64 12 13 2e c2 f3 89 7d 58 56 11 74 Aug 26 18:24:50.399631: | bb a7 62 8a 3e 98 63 5d 7c 48 1f b1 6a 22 69 3a Aug 26 18:24:50.399633: | 20 4e 43 b9 54 6a ea b3 9c 4e dc 81 aa a7 d5 ae Aug 26 18:24:50.399635: | 76 54 44 33 7c f9 80 5e d4 24 41 58 45 72 60 c8 Aug 26 18:24:50.399637: | bc e6 e7 ce b7 2e 06 0c 1d 1a c8 fe b0 52 6d d3 Aug 26 18:24:50.399638: | cf dc 20 01 db fc b8 4e 92 eb cd cf 4e 81 3d 92 Aug 26 18:24:50.399640: | 28 4f 65 0e 81 9a 99 e8 af 67 ae 1a 4c 2c 74 dc Aug 26 18:24:50.399642: | 4e 1d 73 1e 0b 04 1d 63 3e 75 e2 86 e5 5e 86 18 Aug 26 18:24:50.399644: | 18 a4 be 43 9c ac 74 f0 9b 5b 01 90 e3 ab fc 57 Aug 26 18:24:50.399646: | 36 c0 1d 33 89 37 05 3f 81 3d be 22 76 07 8f cf Aug 26 18:24:50.399647: | c9 82 87 16 42 91 b1 e0 b4 3e b5 c3 a8 5c 04 ca Aug 26 18:24:50.399649: | ee 8d a4 3a ba 1a d0 da 6b 54 e1 4f a2 c7 c4 ea Aug 26 18:24:50.399651: | fe 4e 51 9f 78 26 8c 6a f3 2f 2d 98 d7 e8 ee 4f Aug 26 18:24:50.399653: | 7d 0d 43 7f d3 fa 11 ec 66 ff 5b 90 36 de e9 1d Aug 26 18:24:50.399655: | 4c b3 e5 aa a6 23 35 59 cd e6 3c 17 7a db e1 63 Aug 26 18:24:50.399657: | 6e df 09 d8 3d 9a 81 57 99 8e 95 5c 2c 67 c6 3e Aug 26 18:24:50.399660: | e1 15 7d c4 27 0e 7d b0 37 4b bb be 55 0d 2c 80 Aug 26 18:24:50.399662: | 64 46 dc 07 2a 7c 6b f2 cf 64 f3 9a 10 42 14 36 Aug 26 18:24:50.399664: | 61 97 2a e6 6d 57 85 f8 75 e9 a3 8e 51 59 3e 47 Aug 26 18:24:50.399665: | f8 10 a2 bd 88 a7 5e fa bb 5b ab 3a e0 01 1b 7f Aug 26 18:24:50.399667: | 8d 95 13 f6 52 61 0a 03 fd 1b 41 dd 19 7a ef c8 Aug 26 18:24:50.399697: | success_v2_state_transition scheduling EVENT_RETRANSMIT of c->r_interval=50ms Aug 26 18:24:50.399701: | event_schedule: new EVENT_RETRANSMIT-pe@0x55ce53a77910 Aug 26 18:24:50.399705: | inserting event EVENT_RETRANSMIT, timeout in 0.05 seconds for #3 Aug 26 18:24:50.399707: | libevent_malloc: new ptr-libevent@0x7ffa9c006900 size 128 Aug 26 18:24:50.399712: | #3 STATE_PARENT_I2: retransmits: first event in 0.05 seconds; timeout in 60 seconds; limit of 12 retransmits; current time is 29176.142167 Aug 26 18:24:50.399715: | resume sending helper answer for #1 suppresed complete_v2_state_transition() Aug 26 18:24:50.399720: | #1 spent 4.5 milliseconds in resume sending helper answer Aug 26 18:24:50.399724: | stop processing: state #3 connection "north-eastnets/0x1" from 192.1.2.23 (in resume_handler() at server.c:833) Aug 26 18:24:50.399727: | libevent_free: release ptr-libevent@0x7ffaa0000f40 Aug 26 18:24:50.414797: | spent 0.00281 milliseconds in comm_handle_cb() calling check_incoming_msg_errqueue() Aug 26 18:24:50.414821: | *received 464 bytes from 192.1.2.23:500 on eth1 (192.1.3.33:500) Aug 26 18:24:50.414826: | ff 40 95 92 e6 85 07 d9 fd 1d f4 22 0d b8 c9 16 Aug 26 18:24:50.414829: | 2e 20 23 20 00 00 00 01 00 00 01 d0 24 00 01 b4 Aug 26 18:24:50.414832: | 47 6d 5a bd e9 10 b3 e6 93 e8 80 9a 49 c1 31 fb Aug 26 18:24:50.414834: | 19 29 10 3a b3 cc c1 fb 3a a9 3e c9 84 56 97 8d Aug 26 18:24:50.414837: | 75 ac 04 13 d6 25 67 cb df 3a ba e1 25 14 81 96 Aug 26 18:24:50.414839: | 89 2f 04 3f b9 ea 1e 1c 8c 1f a7 fc 0e 90 44 76 Aug 26 18:24:50.414842: | 8b 4e a8 52 de 4f d7 ee e4 b4 a1 60 a0 4c 8d 51 Aug 26 18:24:50.414844: | a5 87 15 2a 07 8f fd 0f e7 d5 fa b1 5b 90 73 f7 Aug 26 18:24:50.414847: | 82 06 a9 3c 4a a3 a2 40 0e cd eb 33 a3 90 64 61 Aug 26 18:24:50.414849: | 6c 88 e6 4a f9 e6 ac ad e5 48 6b eb d2 1e 7e e4 Aug 26 18:24:50.414852: | f9 88 be 8c b8 74 98 5a 80 a8 92 73 d4 ab c9 2b Aug 26 18:24:50.414869: | 97 a1 2e 9b 8c 37 d0 c3 69 b7 f1 51 f9 74 a7 09 Aug 26 18:24:50.414872: | f5 a4 f6 42 d4 67 bc 9d 90 20 d4 ee 1c 2e f0 57 Aug 26 18:24:50.414874: | b6 c8 30 78 a0 cc 83 5f 71 c8 18 7e 1a ca 95 7d Aug 26 18:24:50.414877: | 27 5d 46 3a 3d c8 a0 ec 6d a5 d4 b7 8e 32 cf 18 Aug 26 18:24:50.414879: | 62 7d c1 d4 7c 04 fd c4 46 17 67 84 bd f3 a7 bc Aug 26 18:24:50.414881: | 6b 4b 1f 37 1f 18 db 26 8e 8d 43 bf 36 d8 83 1e Aug 26 18:24:50.414884: | ec 53 ce 51 b3 92 da aa 5d ef ee 45 99 1b a6 84 Aug 26 18:24:50.414886: | 18 a7 d7 c0 f8 cc 5a 0a ff 02 0b 8b 74 2f 13 1d Aug 26 18:24:50.414902: | 7c 37 cc 54 7a 9d f3 42 a5 0e ba 90 02 48 fe 4b Aug 26 18:24:50.414904: | d1 f1 69 59 69 f4 a3 d9 bf 76 31 5f 4c 1a d3 65 Aug 26 18:24:50.414906: | 79 7a cd c5 7d fb b8 6f 5c 6d ae bd c2 df 05 e4 Aug 26 18:24:50.414909: | 1e 6e 71 67 05 7f c8 19 d6 ed 13 4f 2e 81 c7 6f Aug 26 18:24:50.414911: | 88 ae 01 13 a7 21 9f 60 05 16 12 4d af d6 a4 51 Aug 26 18:24:50.414914: | 8c 54 f3 7d cb f2 8a 09 5b 38 a9 4e eb 16 bb 74 Aug 26 18:24:50.414916: | e4 a8 9c 42 b2 b1 5d 29 8e a9 53 60 02 3e ef df Aug 26 18:24:50.414919: | c4 4f 4e ef e2 93 e9 45 6e 2c 2e aa b3 5b 97 bf Aug 26 18:24:50.414921: | bb 54 b4 8a 87 97 69 ad b7 8b d7 ad e5 44 e5 d7 Aug 26 18:24:50.414923: | a3 e4 12 5d e3 57 be 46 4a 8c bf 89 ab 8b 5c 5f Aug 26 18:24:50.414929: | start processing: from 192.1.2.23:500 (in process_md() at demux.c:378) Aug 26 18:24:50.414933: | **parse ISAKMP Message: Aug 26 18:24:50.414936: | initiator cookie: Aug 26 18:24:50.414939: | ff 40 95 92 e6 85 07 d9 Aug 26 18:24:50.414941: | responder cookie: Aug 26 18:24:50.414946: | fd 1d f4 22 0d b8 c9 16 Aug 26 18:24:50.414949: | next payload type: ISAKMP_NEXT_v2SK (0x2e) Aug 26 18:24:50.414952: | ISAKMP version: IKEv2 version 2.0 (rfc4306/rfc5996) (0x20) Aug 26 18:24:50.414955: | exchange type: ISAKMP_v2_IKE_AUTH (0x23) Aug 26 18:24:50.414958: | flags: ISAKMP_FLAG_v2_MSG_RESPONSE (0x20) Aug 26 18:24:50.414960: | Message ID: 1 (0x1) Aug 26 18:24:50.414963: | length: 464 (0x1d0) Aug 26 18:24:50.414966: | processing version=2.0 packet with exchange type=ISAKMP_v2_IKE_AUTH (35) Aug 26 18:24:50.414970: | I am the IKE SA Original Initiator receiving an IKEv2 IKE_AUTH response Aug 26 18:24:50.414975: | State DB: found IKEv2 state #1 in PARENT_I2 (find_v2_ike_sa) Aug 26 18:24:50.414981: | start processing: state #1 connection "north-eastnets/0x2" from 192.1.2.23 (in ikev2_process_packet() at ikev2.c:2016) Aug 26 18:24:50.414985: | State DB: found IKEv2 state #3 in PARENT_I2 (find_v2_sa_by_initiator_wip) Aug 26 18:24:50.414990: | suspend processing: state #1 connection "north-eastnets/0x2" from 192.1.2.23 (in ike_process_packet() at ikev2.c:2062) Aug 26 18:24:50.414994: | start processing: state #3 connection "north-eastnets/0x1" from 192.1.2.23 (in ike_process_packet() at ikev2.c:2062) Aug 26 18:24:50.414997: | #3 is idle Aug 26 18:24:50.414999: | #3 idle Aug 26 18:24:50.415002: | unpacking clear payload Aug 26 18:24:50.415005: | Now let's proceed with payload (ISAKMP_NEXT_v2SK) Aug 26 18:24:50.415008: | ***parse IKEv2 Encryption Payload: Aug 26 18:24:50.415011: | next payload type: ISAKMP_NEXT_v2IDr (0x24) Aug 26 18:24:50.415013: | flags: none (0x0) Aug 26 18:24:50.415016: | length: 436 (0x1b4) Aug 26 18:24:50.415018: | processing payload: ISAKMP_NEXT_v2SK (len=432) Aug 26 18:24:50.415021: | #3 in state PARENT_I2: sent v2I2, expected v2R2 Aug 26 18:24:50.415050: | data for hmac: ff 40 95 92 e6 85 07 d9 fd 1d f4 22 0d b8 c9 16 Aug 26 18:24:50.415055: | data for hmac: 2e 20 23 20 00 00 00 01 00 00 01 d0 24 00 01 b4 Aug 26 18:24:50.415058: | data for hmac: 47 6d 5a bd e9 10 b3 e6 93 e8 80 9a 49 c1 31 fb Aug 26 18:24:50.415061: | data for hmac: 19 29 10 3a b3 cc c1 fb 3a a9 3e c9 84 56 97 8d Aug 26 18:24:50.415063: | data for hmac: 75 ac 04 13 d6 25 67 cb df 3a ba e1 25 14 81 96 Aug 26 18:24:50.415066: | data for hmac: 89 2f 04 3f b9 ea 1e 1c 8c 1f a7 fc 0e 90 44 76 Aug 26 18:24:50.415068: | data for hmac: 8b 4e a8 52 de 4f d7 ee e4 b4 a1 60 a0 4c 8d 51 Aug 26 18:24:50.415071: | data for hmac: a5 87 15 2a 07 8f fd 0f e7 d5 fa b1 5b 90 73 f7 Aug 26 18:24:50.415074: | data for hmac: 82 06 a9 3c 4a a3 a2 40 0e cd eb 33 a3 90 64 61 Aug 26 18:24:50.415076: | data for hmac: 6c 88 e6 4a f9 e6 ac ad e5 48 6b eb d2 1e 7e e4 Aug 26 18:24:50.415079: | data for hmac: f9 88 be 8c b8 74 98 5a 80 a8 92 73 d4 ab c9 2b Aug 26 18:24:50.415081: | data for hmac: 97 a1 2e 9b 8c 37 d0 c3 69 b7 f1 51 f9 74 a7 09 Aug 26 18:24:50.415084: | data for hmac: f5 a4 f6 42 d4 67 bc 9d 90 20 d4 ee 1c 2e f0 57 Aug 26 18:24:50.415087: | data for hmac: b6 c8 30 78 a0 cc 83 5f 71 c8 18 7e 1a ca 95 7d Aug 26 18:24:50.415089: | data for hmac: 27 5d 46 3a 3d c8 a0 ec 6d a5 d4 b7 8e 32 cf 18 Aug 26 18:24:50.415092: | data for hmac: 62 7d c1 d4 7c 04 fd c4 46 17 67 84 bd f3 a7 bc Aug 26 18:24:50.415094: | data for hmac: 6b 4b 1f 37 1f 18 db 26 8e 8d 43 bf 36 d8 83 1e Aug 26 18:24:50.415097: | data for hmac: ec 53 ce 51 b3 92 da aa 5d ef ee 45 99 1b a6 84 Aug 26 18:24:50.415099: | data for hmac: 18 a7 d7 c0 f8 cc 5a 0a ff 02 0b 8b 74 2f 13 1d Aug 26 18:24:50.415102: | data for hmac: 7c 37 cc 54 7a 9d f3 42 a5 0e ba 90 02 48 fe 4b Aug 26 18:24:50.415104: | data for hmac: d1 f1 69 59 69 f4 a3 d9 bf 76 31 5f 4c 1a d3 65 Aug 26 18:24:50.415107: | data for hmac: 79 7a cd c5 7d fb b8 6f 5c 6d ae bd c2 df 05 e4 Aug 26 18:24:50.415109: | data for hmac: 1e 6e 71 67 05 7f c8 19 d6 ed 13 4f 2e 81 c7 6f Aug 26 18:24:50.415112: | data for hmac: 88 ae 01 13 a7 21 9f 60 05 16 12 4d af d6 a4 51 Aug 26 18:24:50.415116: | data for hmac: 8c 54 f3 7d cb f2 8a 09 5b 38 a9 4e eb 16 bb 74 Aug 26 18:24:50.415119: | data for hmac: e4 a8 9c 42 b2 b1 5d 29 8e a9 53 60 02 3e ef df Aug 26 18:24:50.415122: | data for hmac: c4 4f 4e ef e2 93 e9 45 6e 2c 2e aa b3 5b 97 bf Aug 26 18:24:50.415124: | data for hmac: bb 54 b4 8a 87 97 69 ad b7 8b d7 ad e5 44 e5 d7 Aug 26 18:24:50.415127: | calculated auth: a3 e4 12 5d e3 57 be 46 4a 8c bf 89 ab 8b 5c 5f Aug 26 18:24:50.415130: | provided auth: a3 e4 12 5d e3 57 be 46 4a 8c bf 89 ab 8b 5c 5f Aug 26 18:24:50.415132: | authenticator matched Aug 26 18:24:50.415142: | #3 ikev2 ISAKMP_v2_IKE_AUTH decrypt success Aug 26 18:24:50.415145: | Now let's proceed with payload (ISAKMP_NEXT_v2IDr) Aug 26 18:24:50.415149: | **parse IKEv2 Identification - Responder - Payload: Aug 26 18:24:50.415152: | next payload type: ISAKMP_NEXT_v2AUTH (0x27) Aug 26 18:24:50.415154: | flags: none (0x0) Aug 26 18:24:50.415157: | length: 12 (0xc) Aug 26 18:24:50.415159: | ID type: ID_FQDN (0x2) Aug 26 18:24:50.415162: | processing payload: ISAKMP_NEXT_v2IDr (len=4) Aug 26 18:24:50.415165: | Now let's proceed with payload (ISAKMP_NEXT_v2AUTH) Aug 26 18:24:50.415168: | **parse IKEv2 Authentication Payload: Aug 26 18:24:50.415171: | next payload type: ISAKMP_NEXT_v2SA (0x21) Aug 26 18:24:50.415173: | flags: none (0x0) Aug 26 18:24:50.415176: | length: 282 (0x11a) Aug 26 18:24:50.415178: | auth method: IKEv2_AUTH_RSA (0x1) Aug 26 18:24:50.415181: | processing payload: ISAKMP_NEXT_v2AUTH (len=274) Aug 26 18:24:50.415184: | Now let's proceed with payload (ISAKMP_NEXT_v2SA) Aug 26 18:24:50.415186: | **parse IKEv2 Security Association Payload: Aug 26 18:24:50.415189: | next payload type: ISAKMP_NEXT_v2TSi (0x2c) Aug 26 18:24:50.415191: | flags: none (0x0) Aug 26 18:24:50.415194: | length: 44 (0x2c) Aug 26 18:24:50.415196: | processing payload: ISAKMP_NEXT_v2SA (len=40) Aug 26 18:24:50.415199: | Now let's proceed with payload (ISAKMP_NEXT_v2TSi) Aug 26 18:24:50.415202: | **parse IKEv2 Traffic Selector - Initiator - Payload: Aug 26 18:24:50.415204: | next payload type: ISAKMP_NEXT_v2TSr (0x2d) Aug 26 18:24:50.415207: | flags: none (0x0) Aug 26 18:24:50.415209: | length: 24 (0x18) Aug 26 18:24:50.415212: | number of TS: 1 (0x1) Aug 26 18:24:50.415214: | processing payload: ISAKMP_NEXT_v2TSi (len=16) Aug 26 18:24:50.415217: | Now let's proceed with payload (ISAKMP_NEXT_v2TSr) Aug 26 18:24:50.415220: | **parse IKEv2 Traffic Selector - Responder - Payload: Aug 26 18:24:50.415222: | next payload type: ISAKMP_NEXT_v2NONE (0x0) Aug 26 18:24:50.415225: | flags: none (0x0) Aug 26 18:24:50.415227: | length: 24 (0x18) Aug 26 18:24:50.415230: | number of TS: 1 (0x1) Aug 26 18:24:50.415233: | processing payload: ISAKMP_NEXT_v2TSr (len=16) Aug 26 18:24:50.415236: | selected state microcode Initiator: process IKE_AUTH response Aug 26 18:24:50.415238: | Now let's proceed with state specific processing Aug 26 18:24:50.415241: | calling processor Initiator: process IKE_AUTH response Aug 26 18:24:50.415246: | offered CA: '%none' Aug 26 18:24:50.415250: "north-eastnets/0x1" #3: IKEv2 mode peer ID is ID_FQDN: '@east' Aug 26 18:24:50.415275: | verifying AUTH payload Aug 26 18:24:50.415308: | required RSA CA is '%any' Aug 26 18:24:50.415314: | checking RSA keyid '@east' for match with '@east' Aug 26 18:24:50.415330: | key issuer CA is '%any' Aug 26 18:24:50.415394: | an RSA Sig check passed with *AQO9bJbr3 [preloaded key] Aug 26 18:24:50.415401: | #1 spent 0.0658 milliseconds in try_all_RSA_keys() trying a pubkey Aug 26 18:24:50.415405: "north-eastnets/0x1" #3: Authenticated using RSA Aug 26 18:24:50.415413: | #1 spent 0.115 milliseconds in ikev2_verify_rsa_hash() Aug 26 18:24:50.415417: | parent state #1: PARENT_I2(open IKE SA) => PARENT_I3(established IKE SA) Aug 26 18:24:50.415436: | #1 will start re-keying in 2607 seconds with margin of 993 seconds (attempting re-key) Aug 26 18:24:50.415440: | state #1 requesting EVENT_SA_REPLACE to be deleted Aug 26 18:24:50.415446: | libevent_free: release ptr-libevent@0x55ce53a747d0 Aug 26 18:24:50.415449: | free_event_entry: release EVENT_SA_REPLACE-pe@0x55ce53a74790 Aug 26 18:24:50.415452: | event_schedule: new EVENT_SA_REKEY-pe@0x55ce53a74790 Aug 26 18:24:50.415456: | inserting event EVENT_SA_REKEY, timeout in 2607 seconds for #1 Aug 26 18:24:50.415459: | libevent_malloc: new ptr-libevent@0x55ce53a747d0 size 128 Aug 26 18:24:50.415574: | pstats #1 ikev2.ike established Aug 26 18:24:50.415581: | TSi: parsing 1 traffic selectors Aug 26 18:24:50.415584: | ***parse IKEv2 Traffic Selector: Aug 26 18:24:50.415587: | TS type: IKEv2_TS_IPV4_ADDR_RANGE (0x7) Aug 26 18:24:50.415590: | IP Protocol ID: 0 (0x0) Aug 26 18:24:50.415593: | length: 16 (0x10) Aug 26 18:24:50.415595: | start port: 0 (0x0) Aug 26 18:24:50.415598: | end port: 65535 (0xffff) Aug 26 18:24:50.415601: | parsing 4 raw bytes of IKEv2 Traffic Selector into TS low Aug 26 18:24:50.415604: | TS low c0 00 03 00 Aug 26 18:24:50.415606: | parsing 4 raw bytes of IKEv2 Traffic Selector into TS high Aug 26 18:24:50.415609: | TS high c0 00 03 ff Aug 26 18:24:50.415612: | TSi: parsed 1 traffic selectors Aug 26 18:24:50.415614: | TSr: parsing 1 traffic selectors Aug 26 18:24:50.415617: | ***parse IKEv2 Traffic Selector: Aug 26 18:24:50.415620: | TS type: IKEv2_TS_IPV4_ADDR_RANGE (0x7) Aug 26 18:24:50.415622: | IP Protocol ID: 0 (0x0) Aug 26 18:24:50.415625: | length: 16 (0x10) Aug 26 18:24:50.415627: | start port: 0 (0x0) Aug 26 18:24:50.415630: | end port: 65535 (0xffff) Aug 26 18:24:50.415633: | parsing 4 raw bytes of IKEv2 Traffic Selector into TS low Aug 26 18:24:50.415635: | TS low c0 00 02 00 Aug 26 18:24:50.415651: | parsing 4 raw bytes of IKEv2 Traffic Selector into TS high Aug 26 18:24:50.415653: | TS high c0 00 02 ff Aug 26 18:24:50.415656: | TSr: parsed 1 traffic selectors Aug 26 18:24:50.415662: | evaluating our conn="north-eastnets/0x1" I=192.0.3.0/24:0/0 R=192.0.2.0/24:0/0 to their: Aug 26 18:24:50.415667: | TSi[0] .net=192.0.3.0-192.0.3.255 .iporotoid=0 .{start,end}port=0..65535 Aug 26 18:24:50.415673: | match address end->client=192.0.3.0/24 == TSi[0]net=192.0.3.0-192.0.3.255: YES fitness 32 Aug 26 18:24:50.415677: | narrow port end=0..65535 == TSi[0]=0..65535: 0 Aug 26 18:24:50.415679: | TSi[0] port match: YES fitness 65536 Aug 26 18:24:50.415683: | narrow protocol end=*0 == TSi[0]=*0: 0 Aug 26 18:24:50.415686: | match end->protocol=*0 == TSi[0].ipprotoid=*0: YES fitness 255 Aug 26 18:24:50.415690: | TSr[0] .net=192.0.2.0-192.0.2.255 .iporotoid=0 .{start,end}port=0..65535 Aug 26 18:24:50.415696: | match address end->client=192.0.2.0/24 == TSr[0]net=192.0.2.0-192.0.2.255: YES fitness 32 Aug 26 18:24:50.415699: | narrow port end=0..65535 == TSr[0]=0..65535: 0 Aug 26 18:24:50.415702: | TSr[0] port match: YES fitness 65536 Aug 26 18:24:50.415705: | narrow protocol end=*0 == TSr[0]=*0: 0 Aug 26 18:24:50.415707: | match end->protocol=*0 == TSr[0].ipprotoid=*0: YES fitness 255 Aug 26 18:24:50.415710: | best fit so far: TSi[0] TSr[0] Aug 26 18:24:50.415713: | found an acceptable TSi/TSr Traffic Selector Aug 26 18:24:50.415715: | printing contents struct traffic_selector Aug 26 18:24:50.415718: | ts_type: IKEv2_TS_IPV6_ADDR_RANGE Aug 26 18:24:50.415720: | ipprotoid: 0 Aug 26 18:24:50.415723: | port range: 0-65535 Aug 26 18:24:50.415727: | ip range: 192.0.3.0-192.0.3.255 Aug 26 18:24:50.415729: | printing contents struct traffic_selector Aug 26 18:24:50.415731: | ts_type: IKEv2_TS_IPV6_ADDR_RANGE Aug 26 18:24:50.415734: | ipprotoid: 0 Aug 26 18:24:50.415736: | port range: 0-65535 Aug 26 18:24:50.415740: | ip range: 192.0.2.0-192.0.2.255 Aug 26 18:24:50.415748: | using existing local ESP/AH proposals for north-eastnets/0x1 (IKE_AUTH initiator accepting remote ESP/AH proposal): 1:ESP:ENCR=AES_CBC_128;INTEG=HMAC_SHA2_512_256;DH=NONE;ESN=DISABLED Aug 26 18:24:50.415752: | Comparing remote proposals against IKE_AUTH initiator accepting remote ESP/AH proposal 1 local proposals Aug 26 18:24:50.415757: | local proposal 1 type ENCR has 1 transforms Aug 26 18:24:50.415761: | local proposal 1 type PRF has 0 transforms Aug 26 18:24:50.415763: | local proposal 1 type INTEG has 1 transforms Aug 26 18:24:50.415766: | local proposal 1 type DH has 1 transforms Aug 26 18:24:50.415769: | local proposal 1 type ESN has 1 transforms Aug 26 18:24:50.415772: | local proposal 1 transforms: required: ENCR+INTEG+ESN; optional: DH Aug 26 18:24:50.415776: | ***parse IKEv2 Proposal Substructure Payload: Aug 26 18:24:50.415779: | last proposal: v2_PROPOSAL_LAST (0x0) Aug 26 18:24:50.415781: | length: 40 (0x28) Aug 26 18:24:50.415784: | prop #: 1 (0x1) Aug 26 18:24:50.415786: | proto ID: IKEv2_SEC_PROTO_ESP (0x3) Aug 26 18:24:50.415789: | spi size: 4 (0x4) Aug 26 18:24:50.415791: | # transforms: 3 (0x3) Aug 26 18:24:50.415794: | parsing 4 raw bytes of IKEv2 Proposal Substructure Payload into remote SPI Aug 26 18:24:50.415797: | remote SPI a3 b4 d4 77 Aug 26 18:24:50.415800: | Comparing remote proposal 1 containing 3 transforms against local proposal [1..1] of 1 local proposals Aug 26 18:24:50.415803: | ****parse IKEv2 Transform Substructure Payload: Aug 26 18:24:50.415806: | last transform: v2_TRANSFORM_NON_LAST (0x3) Aug 26 18:24:50.415808: | length: 12 (0xc) Aug 26 18:24:50.415811: | IKEv2 transform type: TRANS_TYPE_ENCR (0x1) Aug 26 18:24:50.415813: | IKEv2 transform ID: AES_CBC (0xc) Aug 26 18:24:50.415816: | *****parse IKEv2 Attribute Substructure Payload: Aug 26 18:24:50.415819: | af+type: AF+IKEv2_KEY_LENGTH (0x800e) Aug 26 18:24:50.415822: | length/value: 128 (0x80) Aug 26 18:24:50.415826: | remote proposal 1 transform 0 (ENCR=AES_CBC_128) matches local proposal 1 type 1 (ENCR) transform 0 Aug 26 18:24:50.415829: | ****parse IKEv2 Transform Substructure Payload: Aug 26 18:24:50.415832: | last transform: v2_TRANSFORM_NON_LAST (0x3) Aug 26 18:24:50.415835: | length: 8 (0x8) Aug 26 18:24:50.415837: | IKEv2 transform type: TRANS_TYPE_INTEG (0x3) Aug 26 18:24:50.415840: | IKEv2 transform ID: AUTH_HMAC_SHA2_512_256 (0xe) Aug 26 18:24:50.415844: | remote proposal 1 transform 1 (INTEG=HMAC_SHA2_512_256) matches local proposal 1 type 3 (INTEG) transform 0 Aug 26 18:24:50.415847: | ****parse IKEv2 Transform Substructure Payload: Aug 26 18:24:50.415849: | last transform: v2_TRANSFORM_LAST (0x0) Aug 26 18:24:50.415852: | length: 8 (0x8) Aug 26 18:24:50.415854: | IKEv2 transform type: TRANS_TYPE_ESN (0x5) Aug 26 18:24:50.415857: | IKEv2 transform ID: ESN_DISABLED (0x0) Aug 26 18:24:50.415860: | remote proposal 1 transform 2 (ESN=DISABLED) matches local proposal 1 type 5 (ESN) transform 0 Aug 26 18:24:50.415864: | remote proposal 1 proposed transforms: ENCR+INTEG+ESN; matched: ENCR+INTEG+ESN; unmatched: none Aug 26 18:24:50.415869: | comparing remote proposal 1 containing ENCR+INTEG+ESN transforms to local proposal 1; required: ENCR+INTEG+ESN; optional: DH; matched: ENCR+INTEG+ESN Aug 26 18:24:50.415872: | remote proposal 1 matches local proposal 1 Aug 26 18:24:50.415875: | remote accepted the proposal 1:ESP:ENCR=AES_CBC_128;INTEG=HMAC_SHA2_512_256;ESN=DISABLED[first-match] Aug 26 18:24:50.415880: | IKE_AUTH initiator accepting remote ESP/AH proposal ikev2_proposal: 1:ESP:SPI=a3b4d477;ENCR=AES_CBC_128;INTEG=HMAC_SHA2_512_256;ESN=DISABLED Aug 26 18:24:50.415883: | converting proposal to internal trans attrs Aug 26 18:24:50.415888: | integ=sha2_512: .key_size=64 encrypt=aes: .key_size=16 .salt_size=0 keymat_len=80 Aug 26 18:24:50.416192: | install_ipsec_sa() for #3: inbound and outbound Aug 26 18:24:50.416198: | could_route called for north-eastnets/0x1 (kind=CK_PERMANENT) Aug 26 18:24:50.416202: | FOR_EACH_CONNECTION_... in route_owner Aug 26 18:24:50.416205: | conn north-eastnets/0x1 mark 0/00000000, 0/00000000 vs Aug 26 18:24:50.416208: | conn north-eastnets/0x2 mark 0/00000000, 0/00000000 Aug 26 18:24:50.416211: | conn north-eastnets/0x1 mark 0/00000000, 0/00000000 vs Aug 26 18:24:50.416214: | conn north-eastnets/0x1 mark 0/00000000, 0/00000000 Aug 26 18:24:50.416222: | route owner of "north-eastnets/0x1" unrouted: NULL; eroute owner: NULL Aug 26 18:24:50.416226: | looking for alg with encrypt: AES_CBC keylen: 128 integ: HMAC_SHA2_512_256 Aug 26 18:24:50.416230: | encrypt AES_CBC keylen=128 transid=12, key_size=16, encryptalg=12 Aug 26 18:24:50.416233: | st->st_esp.keymat_len=80 is encrypt_keymat_size=16 + integ_keymat_size=64 Aug 26 18:24:50.416237: | setting IPsec SA replay-window to 32 Aug 26 18:24:50.416241: | NIC esp-hw-offload not for connection 'north-eastnets/0x1' not available on interface eth1 Aug 26 18:24:50.416244: | netlink: enabling tunnel mode Aug 26 18:24:50.416247: | netlink: setting IPsec SA replay-window to 32 using old-style req Aug 26 18:24:50.416250: | netlink: esp-hw-offload not set for IPsec SA Aug 26 18:24:50.416370: | netlink response for Add SA esp.a3b4d477@192.1.2.23 included non-error error Aug 26 18:24:50.416401: | set up outgoing SA, ref=0/0 Aug 26 18:24:50.416404: | looking for alg with encrypt: AES_CBC keylen: 128 integ: HMAC_SHA2_512_256 Aug 26 18:24:50.416407: | encrypt AES_CBC keylen=128 transid=12, key_size=16, encryptalg=12 Aug 26 18:24:50.416410: | st->st_esp.keymat_len=80 is encrypt_keymat_size=16 + integ_keymat_size=64 Aug 26 18:24:50.416414: | setting IPsec SA replay-window to 32 Aug 26 18:24:50.416417: | NIC esp-hw-offload not for connection 'north-eastnets/0x1' not available on interface eth1 Aug 26 18:24:50.416420: | netlink: enabling tunnel mode Aug 26 18:24:50.416423: | netlink: setting IPsec SA replay-window to 32 using old-style req Aug 26 18:24:50.416425: | netlink: esp-hw-offload not set for IPsec SA Aug 26 18:24:50.416487: | netlink response for Add SA esp.780ff6c@192.1.3.33 included non-error error Aug 26 18:24:50.416507: | priority calculation of connection "north-eastnets/0x1" is 0xfe7e7 Aug 26 18:24:50.416515: | add inbound eroute 192.0.2.0/24:0 --0-> 192.0.3.0/24:0 => tun.10000@192.1.3.33 (raw_eroute) Aug 26 18:24:50.416518: | IPsec Sa SPD priority set to 1042407 Aug 26 18:24:50.416590: | raw_eroute result=success Aug 26 18:24:50.416595: | set up incoming SA, ref=0/0 Aug 26 18:24:50.416598: | sr for #3: unrouted Aug 26 18:24:50.416601: | route_and_eroute() for proto 0, and source port 0 dest port 0 Aug 26 18:24:50.416604: | FOR_EACH_CONNECTION_... in route_owner Aug 26 18:24:50.416607: | conn north-eastnets/0x1 mark 0/00000000, 0/00000000 vs Aug 26 18:24:50.416610: | conn north-eastnets/0x2 mark 0/00000000, 0/00000000 Aug 26 18:24:50.416613: | conn north-eastnets/0x1 mark 0/00000000, 0/00000000 vs Aug 26 18:24:50.416616: | conn north-eastnets/0x1 mark 0/00000000, 0/00000000 Aug 26 18:24:50.416619: | route owner of "north-eastnets/0x1" unrouted: NULL; eroute owner: NULL Aug 26 18:24:50.416623: | route_and_eroute with c: north-eastnets/0x1 (next: none) ero:null esr:{(nil)} ro:null rosr:{(nil)} and state: #3 Aug 26 18:24:50.416627: | priority calculation of connection "north-eastnets/0x1" is 0xfe7e7 Aug 26 18:24:50.416635: | eroute_connection add eroute 192.0.3.0/24:0 --0-> 192.0.2.0/24:0 => tun.0@192.1.2.23 (raw_eroute) Aug 26 18:24:50.416638: | IPsec Sa SPD priority set to 1042407 Aug 26 18:24:50.416672: | raw_eroute result=success Aug 26 18:24:50.416676: | running updown command "ipsec _updown" for verb up Aug 26 18:24:50.416679: | command executing up-client Aug 26 18:24:50.416729: | executing up-client: PLUTO_VERB='up-client' PLUTO_VERSION='2.0' PLUTO_CONNECTION='north-eastnets/0x1' PLUTO_INTERFACE='eth1' PLUTO_NEXT_HOP='192.1.2.23' PLUTO_ME='192.1.3.33' PLUTO_MY_ID='@north' PLUTO_MY_CLIENT='192.0.3.0/24' PLUTO_MY_CLIENT_NET='192.0.3.0' PLUTO_MY_CLIENT_MASK='255.255.255.0' PLUTO_MY_PORT='0' PLUTO_MY_PROTOCOL='0' PLUTO_SA_REQID='16388' PLUTO_SA_TYPE='ESP' PLUTO_PEER='192.1.2.23' PLUTO_PEER_ID='@east' PLUTO_PEER_CLIENT='192.0.2.0/24' PLUTO_PEER_CLIENT_NET='192.0.2.0' PLUTO_PEER_CLIENT_MASK='255.255.255.0' PLUTO_PEER_PORT='0' PLUTO_PEER_PROTOCOL='0' PLUTO_PEER_CA='' PLUTO_STACK='netkey' PLUTO_ADDTIME='0' PLUTO_CONN_POLICY='RSASIG+ENCRYPT+TUNNEL+PFS+UP+IKEV2_ALLOW+SAREF_TRACK+IKE_FRAG_ALLOW+ESN_NO' PLUTO_CONN_KIND='CK_PERMANENT' PLUTO_CONN_ADDRFAMILY='ipv4' XAUTH_FAILED=0 PLUTO_IS_PEER_CISCO='0' PLUTO_PEER_DNS_INFO='' PLUTO_PEER_DOMAIN_INFO='' PLUTO_PEER_BANNER='' PLUTO_CFG_SERVER='0' PLUTO_CFG_CLIENT='0' PLUTO_NM_CONFIGURED='0' VTI_IFACE='' VTI_ROUTING='no' VTI_SHARED='no' SPI_IN=0xa Aug 26 18:24:50.416736: | popen cmd is 1040 chars long Aug 26 18:24:50.416739: | cmd( 0):PLUTO_VERB='up-client' PLUTO_VERSION='2.0' PLUTO_CONNECTION='north-eastnets/0x1': Aug 26 18:24:50.416742: | cmd( 80): PLUTO_INTERFACE='eth1' PLUTO_NEXT_HOP='192.1.2.23' PLUTO_ME='192.1.3.33' PLUTO_: Aug 26 18:24:50.416745: | cmd( 160):MY_ID='@north' PLUTO_MY_CLIENT='192.0.3.0/24' PLUTO_MY_CLIENT_NET='192.0.3.0' PL: Aug 26 18:24:50.416747: | cmd( 240):UTO_MY_CLIENT_MASK='255.255.255.0' PLUTO_MY_PORT='0' PLUTO_MY_PROTOCOL='0' PLUTO: Aug 26 18:24:50.416750: | cmd( 320):_SA_REQID='16388' PLUTO_SA_TYPE='ESP' PLUTO_PEER='192.1.2.23' PLUTO_PEER_ID='@ea: Aug 26 18:24:50.416753: | cmd( 400):st' PLUTO_PEER_CLIENT='192.0.2.0/24' PLUTO_PEER_CLIENT_NET='192.0.2.0' PLUTO_PEE: Aug 26 18:24:50.416756: | cmd( 480):R_CLIENT_MASK='255.255.255.0' PLUTO_PEER_PORT='0' PLUTO_PEER_PROTOCOL='0' PLUTO_: Aug 26 18:24:50.416759: | cmd( 560):PEER_CA='' PLUTO_STACK='netkey' PLUTO_ADDTIME='0' PLUTO_CONN_POLICY='RSASIG+ENCR: Aug 26 18:24:50.416761: | cmd( 640):YPT+TUNNEL+PFS+UP+IKEV2_ALLOW+SAREF_TRACK+IKE_FRAG_ALLOW+ESN_NO' PLUTO_CONN_KIND: Aug 26 18:24:50.416764: | cmd( 720):='CK_PERMANENT' PLUTO_CONN_ADDRFAMILY='ipv4' XAUTH_FAILED=0 PLUTO_IS_PEER_CISCO=: Aug 26 18:24:50.416767: | cmd( 800):'0' PLUTO_PEER_DNS_INFO='' PLUTO_PEER_DOMAIN_INFO='' PLUTO_PEER_BANNER='' PLUTO_: Aug 26 18:24:50.416769: | cmd( 880):CFG_SERVER='0' PLUTO_CFG_CLIENT='0' PLUTO_NM_CONFIGURED='0' VTI_IFACE='' VTI_ROU: Aug 26 18:24:50.416772: | cmd( 960):TING='no' VTI_SHARED='no' SPI_IN=0xa3b4d477 SPI_OUT=0x780ff6c ipsec _updown 2>&1: Aug 26 18:24:50.426520: | route_and_eroute: firewall_notified: true Aug 26 18:24:50.426542: | running updown command "ipsec _updown" for verb prepare Aug 26 18:24:50.426547: | command executing prepare-client Aug 26 18:24:50.426582: | executing prepare-client: PLUTO_VERB='prepare-client' PLUTO_VERSION='2.0' PLUTO_CONNECTION='north-eastnets/0x1' PLUTO_INTERFACE='eth1' PLUTO_NEXT_HOP='192.1.2.23' PLUTO_ME='192.1.3.33' PLUTO_MY_ID='@north' PLUTO_MY_CLIENT='192.0.3.0/24' PLUTO_MY_CLIENT_NET='192.0.3.0' PLUTO_MY_CLIENT_MASK='255.255.255.0' PLUTO_MY_PORT='0' PLUTO_MY_PROTOCOL='0' PLUTO_SA_REQID='16388' PLUTO_SA_TYPE='ESP' PLUTO_PEER='192.1.2.23' PLUTO_PEER_ID='@east' PLUTO_PEER_CLIENT='192.0.2.0/24' PLUTO_PEER_CLIENT_NET='192.0.2.0' PLUTO_PEER_CLIENT_MASK='255.255.255.0' PLUTO_PEER_PORT='0' PLUTO_PEER_PROTOCOL='0' PLUTO_PEER_CA='' PLUTO_STACK='netkey' PLUTO_ADDTIME='0' PLUTO_CONN_POLICY='RSASIG+ENCRYPT+TUNNEL+PFS+UP+IKEV2_ALLOW+SAREF_TRACK+IKE_FRAG_ALLOW+ESN_NO' PLUTO_CONN_KIND='CK_PERMANENT' PLUTO_CONN_ADDRFAMILY='ipv4' XAUTH_FAILED=0 PLUTO_IS_PEER_CISCO='0' PLUTO_PEER_DNS_INFO='' PLUTO_PEER_DOMAIN_INFO='' PLUTO_PEER_BANNER='' PLUTO_CFG_SERVER='0' PLUTO_CFG_CLIENT='0' PLUTO_NM_CONFIGURED='0' VTI_IFACE='' VTI_ROUTING='no' VTI_SHARED='no' Aug 26 18:24:50.426588: | popen cmd is 1045 chars long Aug 26 18:24:50.426591: | cmd( 0):PLUTO_VERB='prepare-client' PLUTO_VERSION='2.0' PLUTO_CONNECTION='north-eastnets: Aug 26 18:24:50.426594: | cmd( 80):/0x1' PLUTO_INTERFACE='eth1' PLUTO_NEXT_HOP='192.1.2.23' PLUTO_ME='192.1.3.33' P: Aug 26 18:24:50.426597: | cmd( 160):LUTO_MY_ID='@north' PLUTO_MY_CLIENT='192.0.3.0/24' PLUTO_MY_CLIENT_NET='192.0.3.: Aug 26 18:24:50.426600: | cmd( 240):0' PLUTO_MY_CLIENT_MASK='255.255.255.0' PLUTO_MY_PORT='0' PLUTO_MY_PROTOCOL='0' : Aug 26 18:24:50.426603: | cmd( 320):PLUTO_SA_REQID='16388' PLUTO_SA_TYPE='ESP' PLUTO_PEER='192.1.2.23' PLUTO_PEER_ID: Aug 26 18:24:50.426606: | cmd( 400):='@east' PLUTO_PEER_CLIENT='192.0.2.0/24' PLUTO_PEER_CLIENT_NET='192.0.2.0' PLUT: Aug 26 18:24:50.426609: | cmd( 480):O_PEER_CLIENT_MASK='255.255.255.0' PLUTO_PEER_PORT='0' PLUTO_PEER_PROTOCOL='0' P: Aug 26 18:24:50.426611: | cmd( 560):LUTO_PEER_CA='' PLUTO_STACK='netkey' PLUTO_ADDTIME='0' PLUTO_CONN_POLICY='RSASIG: Aug 26 18:24:50.426618: | cmd( 640):+ENCRYPT+TUNNEL+PFS+UP+IKEV2_ALLOW+SAREF_TRACK+IKE_FRAG_ALLOW+ESN_NO' PLUTO_CONN: Aug 26 18:24:50.426622: | cmd( 720):_KIND='CK_PERMANENT' PLUTO_CONN_ADDRFAMILY='ipv4' XAUTH_FAILED=0 PLUTO_IS_PEER_C: Aug 26 18:24:50.426624: | cmd( 800):ISCO='0' PLUTO_PEER_DNS_INFO='' PLUTO_PEER_DOMAIN_INFO='' PLUTO_PEER_BANNER='' P: Aug 26 18:24:50.426627: | cmd( 880):LUTO_CFG_SERVER='0' PLUTO_CFG_CLIENT='0' PLUTO_NM_CONFIGURED='0' VTI_IFACE='' VT: Aug 26 18:24:50.426630: | cmd( 960):I_ROUTING='no' VTI_SHARED='no' SPI_IN=0xa3b4d477 SPI_OUT=0x780ff6c ipsec _updown: Aug 26 18:24:50.426633: | cmd(1040): 2>&1: Aug 26 18:24:50.448408: | running updown command "ipsec _updown" for verb route Aug 26 18:24:50.448424: | command executing route-client Aug 26 18:24:50.448485: | executing route-client: PLUTO_VERB='route-client' PLUTO_VERSION='2.0' PLUTO_CONNECTION='north-eastnets/0x1' PLUTO_INTERFACE='eth1' PLUTO_NEXT_HOP='192.1.2.23' PLUTO_ME='192.1.3.33' PLUTO_MY_ID='@north' PLUTO_MY_CLIENT='192.0.3.0/24' PLUTO_MY_CLIENT_NET='192.0.3.0' PLUTO_MY_CLIENT_MASK='255.255.255.0' PLUTO_MY_PORT='0' PLUTO_MY_PROTOCOL='0' PLUTO_SA_REQID='16388' PLUTO_SA_TYPE='ESP' PLUTO_PEER='192.1.2.23' PLUTO_PEER_ID='@east' PLUTO_PEER_CLIENT='192.0.2.0/24' PLUTO_PEER_CLIENT_NET='192.0.2.0' PLUTO_PEER_CLIENT_MASK='255.255.255.0' PLUTO_PEER_PORT='0' PLUTO_PEER_PROTOCOL='0' PLUTO_PEER_CA='' PLUTO_STACK='netkey' PLUTO_ADDTIME='0' PLUTO_CONN_POLICY='RSASIG+ENCRYPT+TUNNEL+PFS+UP+IKEV2_ALLOW+SAREF_TRACK+IKE_FRAG_ALLOW+ESN_NO' PLUTO_CONN_KIND='CK_PERMANENT' PLUTO_CONN_ADDRFAMILY='ipv4' XAUTH_FAILED=0 PLUTO_IS_PEER_CISCO='0' PLUTO_PEER_DNS_INFO='' PLUTO_PEER_DOMAIN_INFO='' PLUTO_PEER_BANNER='' PLUTO_CFG_SERVER='0' PLUTO_CFG_CLIENT='0' PLUTO_NM_CONFIGURED='0' VTI_IFACE='' VTI_ROUTING='no' VTI_SHARED='no' SPI_ Aug 26 18:24:50.448492: | popen cmd is 1043 chars long Aug 26 18:24:50.448496: | cmd( 0):PLUTO_VERB='route-client' PLUTO_VERSION='2.0' PLUTO_CONNECTION='north-eastnets/0: Aug 26 18:24:50.448499: | cmd( 80):x1' PLUTO_INTERFACE='eth1' PLUTO_NEXT_HOP='192.1.2.23' PLUTO_ME='192.1.3.33' PLU: Aug 26 18:24:50.448503: | cmd( 160):TO_MY_ID='@north' PLUTO_MY_CLIENT='192.0.3.0/24' PLUTO_MY_CLIENT_NET='192.0.3.0': Aug 26 18:24:50.448506: | cmd( 240): PLUTO_MY_CLIENT_MASK='255.255.255.0' PLUTO_MY_PORT='0' PLUTO_MY_PROTOCOL='0' PL: Aug 26 18:24:50.448509: | cmd( 320):UTO_SA_REQID='16388' PLUTO_SA_TYPE='ESP' PLUTO_PEER='192.1.2.23' PLUTO_PEER_ID=': Aug 26 18:24:50.448513: | cmd( 400):@east' PLUTO_PEER_CLIENT='192.0.2.0/24' PLUTO_PEER_CLIENT_NET='192.0.2.0' PLUTO_: Aug 26 18:24:50.448516: | cmd( 480):PEER_CLIENT_MASK='255.255.255.0' PLUTO_PEER_PORT='0' PLUTO_PEER_PROTOCOL='0' PLU: Aug 26 18:24:50.448519: | cmd( 560):TO_PEER_CA='' PLUTO_STACK='netkey' PLUTO_ADDTIME='0' PLUTO_CONN_POLICY='RSASIG+E: Aug 26 18:24:50.448522: | cmd( 640):NCRYPT+TUNNEL+PFS+UP+IKEV2_ALLOW+SAREF_TRACK+IKE_FRAG_ALLOW+ESN_NO' PLUTO_CONN_K: Aug 26 18:24:50.448526: | cmd( 720):IND='CK_PERMANENT' PLUTO_CONN_ADDRFAMILY='ipv4' XAUTH_FAILED=0 PLUTO_IS_PEER_CIS: Aug 26 18:24:50.448529: | cmd( 800):CO='0' PLUTO_PEER_DNS_INFO='' PLUTO_PEER_DOMAIN_INFO='' PLUTO_PEER_BANNER='' PLU: Aug 26 18:24:50.448532: | cmd( 880):TO_CFG_SERVER='0' PLUTO_CFG_CLIENT='0' PLUTO_NM_CONFIGURED='0' VTI_IFACE='' VTI_: Aug 26 18:24:50.448536: | cmd( 960):ROUTING='no' VTI_SHARED='no' SPI_IN=0xa3b4d477 SPI_OUT=0x780ff6c ipsec _updown 2: Aug 26 18:24:50.448539: | cmd(1040):>&1: Aug 26 18:24:50.466250: | route_and_eroute: instance "north-eastnets/0x1", setting eroute_owner {spd=0x55ce53a71940,sr=0x55ce53a71940} to #3 (was #0) (newest_ipsec_sa=#0) Aug 26 18:24:50.466985: | #1 spent 2.17 milliseconds in install_ipsec_sa() Aug 26 18:24:50.467001: | inR2: instance north-eastnets/0x1[0], setting IKEv2 newest_ipsec_sa to #3 (was #0) (spd.eroute=#3) cloned from #1 Aug 26 18:24:50.467006: | state #3 requesting EVENT_RETRANSMIT to be deleted Aug 26 18:24:50.467010: | #3 STATE_PARENT_I2: retransmits: cleared Aug 26 18:24:50.467024: | libevent_free: release ptr-libevent@0x7ffa9c006900 Aug 26 18:24:50.467031: | free_event_entry: release EVENT_RETRANSMIT-pe@0x55ce53a77910 Aug 26 18:24:50.467037: | #3 spent 3.16 milliseconds in processing: Initiator: process IKE_AUTH response in ikev2_process_state_packet() Aug 26 18:24:50.467047: | [RE]START processing: state #3 connection "north-eastnets/0x1" from 192.1.2.23 (in complete_v2_state_transition() at ikev2.c:3379) Aug 26 18:24:50.467051: | #3 complete_v2_state_transition() PARENT_I2->V2_IPSEC_I with status STF_OK Aug 26 18:24:50.467054: | IKEv2: transition from state STATE_PARENT_I2 to state STATE_V2_IPSEC_I Aug 26 18:24:50.467058: | child state #3: PARENT_I2(open IKE SA) => V2_IPSEC_I(established CHILD SA) Aug 26 18:24:50.467061: | Message ID: updating counters for #3 to 1 after switching state Aug 26 18:24:50.467067: | Message ID: recv #1.#3 response 1; ike: initiator.sent=1 initiator.recv=0->1 responder.sent=-1 responder.recv=-1; child: wip.initiator=1->-1 wip.responder=-1 Aug 26 18:24:50.467072: | Message ID: #1.#3 skipping update_send as nothing to send; initiator.sent=1 initiator.recv=1 responder.sent=-1 responder.recv=-1 wip.initiator=-1 wip.responder=-1 Aug 26 18:24:50.467076: | pstats #3 ikev2.child established Aug 26 18:24:50.467086: "north-eastnets/0x1" #3: negotiated connection [192.0.3.0-192.0.3.255:0-65535 0] -> [192.0.2.0-192.0.2.255:0-65535 0] Aug 26 18:24:50.467100: | NAT-T: encaps is 'auto' Aug 26 18:24:50.467105: "north-eastnets/0x1" #3: STATE_V2_IPSEC_I: IPsec SA established tunnel mode {ESP=>0xa3b4d477 <0x0780ff6c xfrm=AES_CBC_128-HMAC_SHA2_512_256 NATOA=none NATD=none DPD=passive} Aug 26 18:24:50.467111: | releasing whack for #3 (sock=fd@26) Aug 26 18:24:50.467116: | close_any(fd@26) (in release_whack() at state.c:654) Aug 26 18:24:50.467118: | releasing whack and unpending for parent #1 Aug 26 18:24:50.467121: | unpending state #1 connection "north-eastnets/0x1" Aug 26 18:24:50.467128: | delete from pending Child SA with 192.1.2.23 "north-eastnets/0x1" Aug 26 18:24:50.467132: | removing pending policy for no connection {0x55ce539cfcb0} Aug 26 18:24:50.467137: | FOR_EACH_STATE_... in find_pending_phase2 Aug 26 18:24:50.467144: | creating state object #4 at 0x55ce53a79100 Aug 26 18:24:50.467148: | State DB: adding IKEv2 state #4 in UNDEFINED Aug 26 18:24:50.467157: | pstats #4 ikev2.child started Aug 26 18:24:50.467160: | duplicating state object #1 "north-eastnets/0x2" as #4 for IPSEC SA Aug 26 18:24:50.467168: | #4 setting local endpoint to 192.1.3.33:500 from #1.st_localport (in duplicate_state() at state.c:1484) Aug 26 18:24:50.467181: | Message ID: init_child #1.#4; ike: initiator.sent=1 initiator.recv=1 responder.sent=-1 responder.recv=-1; child: wip.initiator=0->-1 wip.responder=0->-1 Aug 26 18:24:50.467187: | suspend processing: state #3 connection "north-eastnets/0x1" from 192.1.2.23 (in ikev2_initiate_child_sa() at ikev2_parent.c:5637) Aug 26 18:24:50.467192: | start processing: state #4 connection "north-eastnets/0x2" from 192.1.2.23 (in ikev2_initiate_child_sa() at ikev2_parent.c:5637) Aug 26 18:24:50.467196: | child state #4: UNDEFINED(ignore) => V2_CREATE_I0(established IKE SA) Aug 26 18:24:50.467200: | create child proposal's DH changed from no-PFS to MODP2048, flushing Aug 26 18:24:50.467204: | constructing ESP/AH proposals with default DH MODP2048 for north-eastnets/0x2 (ESP/AH initiator emitting proposals) Aug 26 18:24:50.467210: | converting proposal AES_CBC_128-HMAC_SHA2_512_256-MODP3072 to ikev2 ... Aug 26 18:24:50.467215: | ... ikev2_proposal: 1:ESP:ENCR=AES_CBC_128;INTEG=HMAC_SHA2_512_256;DH=MODP3072;ESN=DISABLED Aug 26 18:24:50.467217: "north-eastnets/0x2": constructed local ESP/AH proposals for north-eastnets/0x2 (ESP/AH initiator emitting proposals): 1:ESP:ENCR=AES_CBC_128;INTEG=HMAC_SHA2_512_256;DH=MODP3072;ESN=DISABLED Aug 26 18:24:50.467224: | #4 schedule initiate IPsec SA RSASIG+ENCRYPT+TUNNEL+PFS+UP+IKEV2_ALLOW+SAREF_TRACK+IKE_FRAG_ALLOW+ESN_NO using IKE# 1 pfs=MODP3072 Aug 26 18:24:50.467226: | event_schedule: new EVENT_v2_INITIATE_CHILD-pe@0x55ce53a77910 Aug 26 18:24:50.467229: | inserting event EVENT_v2_INITIATE_CHILD, timeout in 0 seconds for #4 Aug 26 18:24:50.467233: | libevent_malloc: new ptr-libevent@0x7ffa9c006900 size 128 Aug 26 18:24:50.467237: | RESET processing: state #4 connection "north-eastnets/0x2" from 192.1.2.23 (in ikev2_initiate_child_sa() at ikev2_parent.c:5737) Aug 26 18:24:50.467240: | RESET processing: from 192.1.2.23:500 (in ikev2_initiate_child_sa() at ikev2_parent.c:5737) Aug 26 18:24:50.467242: | delete from pending Child SA with 192.1.2.23 "north-eastnets/0x2" Aug 26 18:24:50.467244: | removing pending policy for no connection {0x55ce539fa290} Aug 26 18:24:50.467247: | close_any(fd@24) (in release_whack() at state.c:654) Aug 26 18:24:50.467250: | #3 will start re-keying in 28048 seconds with margin of 752 seconds (attempting re-key) Aug 26 18:24:50.467252: | event_schedule: new EVENT_SA_REKEY-pe@0x55ce53a77350 Aug 26 18:24:50.467254: | inserting event EVENT_SA_REKEY, timeout in 28048 seconds for #3 Aug 26 18:24:50.467256: | libevent_malloc: new ptr-libevent@0x55ce53a7fa60 size 128 Aug 26 18:24:50.467258: | libevent_realloc: release ptr-libevent@0x55ce53a54660 Aug 26 18:24:50.467260: | libevent_realloc: new ptr-libevent@0x55ce539fa020 size 128 Aug 26 18:24:50.467262: | processing: STOP state #0 (in ikev2_process_packet() at ikev2.c:2018) Aug 26 18:24:50.467266: | #1 spent 3.83 milliseconds in ikev2_process_packet() Aug 26 18:24:50.467270: | processing: STOP state #0 (in process_md() at demux.c:382) Aug 26 18:24:50.467272: | processing: STOP connection NULL (in process_md() at demux.c:383) Aug 26 18:24:50.467274: | spent 3.84 milliseconds in comm_handle_cb() reading and processing packet Aug 26 18:24:50.467287: | timer_event_cb: processing event@0x55ce53a77910 Aug 26 18:24:50.467302: | handling event EVENT_v2_INITIATE_CHILD for child state #4 Aug 26 18:24:50.467307: | start processing: state #4 connection "north-eastnets/0x2" from 192.1.2.23 (in timer_event_cb() at timer.c:250) Aug 26 18:24:50.467312: | adding Child Initiator KE and nonce ni work-order 5 for state #4 Aug 26 18:24:50.467316: | event_schedule: new EVENT_CRYPTO_TIMEOUT-pe@0x55ce53a801d0 Aug 26 18:24:50.467319: | inserting event EVENT_CRYPTO_TIMEOUT, timeout in 60 seconds for #4 Aug 26 18:24:50.467322: | libevent_malloc: new ptr-libevent@0x55ce53a80010 size 128 Aug 26 18:24:50.467330: | libevent_free: release ptr-libevent@0x7ffa9c006900 Aug 26 18:24:50.467333: | free_event_entry: release EVENT_v2_INITIATE_CHILD-pe@0x55ce53a77910 Aug 26 18:24:50.467338: | #4 spent 0.0422 milliseconds in timer_event_cb() EVENT_v2_INITIATE_CHILD Aug 26 18:24:50.467343: | stop processing: state #4 connection "north-eastnets/0x2" from 192.1.2.23 (in timer_event_cb() at timer.c:557) Aug 26 18:24:50.467347: | processing signal PLUTO_SIGCHLD Aug 26 18:24:50.467353: | waitpid returned ECHILD (no child processes left) Aug 26 18:24:50.467357: | spent 0.00577 milliseconds in signal handler PLUTO_SIGCHLD Aug 26 18:24:50.467360: | processing signal PLUTO_SIGCHLD Aug 26 18:24:50.467364: | waitpid returned ECHILD (no child processes left) Aug 26 18:24:50.467368: | spent 0.0037 milliseconds in signal handler PLUTO_SIGCHLD Aug 26 18:24:50.467371: | processing signal PLUTO_SIGCHLD Aug 26 18:24:50.467374: | waitpid returned ECHILD (no child processes left) Aug 26 18:24:50.467379: | spent 0.00439 milliseconds in signal handler PLUTO_SIGCHLD Aug 26 18:24:50.467390: | crypto helper 5 resuming Aug 26 18:24:50.467397: | crypto helper 5 starting work-order 5 for state #4 Aug 26 18:24:50.467402: | crypto helper 5 doing build KE and nonce (Child Initiator KE and nonce ni); request ID 5 Aug 26 18:24:50.467404: | crypto helper is pausing for 1 seconds Aug 26 18:24:50.543460: | calculating skeyseed using prf=sha2_256 integ=sha2_256 cipherkey-size=32 salt-size=0 Aug 26 18:24:50.544028: | crypto helper 3 finished compute dh (V2) (ikev2_inI2outR2 KE); request ID 4 time elapsed 1.001578 seconds Aug 26 18:24:50.544041: | (#2) spent 1.52 milliseconds in crypto helper computing work-order 4: ikev2_inI2outR2 KE (pcr) Aug 26 18:24:50.544045: | crypto helper 3 sending results from work-order 4 for state #2 to event queue Aug 26 18:24:50.544054: | scheduling resume sending helper answer for #2 Aug 26 18:24:50.544059: | libevent_malloc: new ptr-libevent@0x7ffa94003060 size 128 Aug 26 18:24:50.544072: | crypto helper 3 waiting (nothing to do) Aug 26 18:24:50.544087: | processing resume sending helper answer for #2 Aug 26 18:24:50.544097: | start processing: state #2 connection "north-eastnets/0x2" from 192.1.2.23:500 (in resume_handler() at server.c:797) Aug 26 18:24:50.544103: | crypto helper 3 replies to request ID 4 Aug 26 18:24:50.544106: | calling continuation function 0x55ce534e2b50 Aug 26 18:24:50.544109: | ikev2_parent_inI2outR2_continue for #2: calculating g^{xy}, sending R2 Aug 26 18:24:50.544113: | #2 in state PARENT_R1: received v2I1, sent v2R1 Aug 26 18:24:50.544136: | data for hmac: df 94 67 26 a0 0a d8 6e 82 6d 3e 8a e9 b9 76 8e Aug 26 18:24:50.544141: | data for hmac: 2e 20 23 08 00 00 00 01 00 00 01 d0 23 00 01 b4 Aug 26 18:24:50.544144: | data for hmac: ad d9 e8 3f 4a bf 60 81 cb e2 2a ba 70 ac 1e b2 Aug 26 18:24:50.544146: | data for hmac: 26 59 16 50 3e 8a 65 49 b9 61 10 62 f4 28 66 7a Aug 26 18:24:50.544149: | data for hmac: 65 17 e5 81 f0 68 32 65 b2 50 6e ac 2c f8 bd fb Aug 26 18:24:50.544151: | data for hmac: a2 ba 55 d6 c9 62 d9 93 3b 91 88 de 90 cb 73 c9 Aug 26 18:24:50.544154: | data for hmac: a4 e6 a2 56 f4 15 dc 13 b5 39 ab 5e 2f 16 f9 24 Aug 26 18:24:50.544156: | data for hmac: 94 73 45 8c 55 0d 47 71 59 3f 08 a0 26 21 84 8f Aug 26 18:24:50.544159: | data for hmac: 0b 94 f8 9b 20 a6 54 3e 02 5e 90 1a ec 96 cc 98 Aug 26 18:24:50.544161: | data for hmac: 63 94 09 27 4e 0b db 7e 71 de f1 9c 81 ab dd 3d Aug 26 18:24:50.544164: | data for hmac: ed cc d9 82 13 57 0f 22 df 19 1d 4e 25 15 e7 28 Aug 26 18:24:50.544167: | data for hmac: 49 34 1f 51 53 b4 95 22 e0 6f f7 fa 3e cc 1f 24 Aug 26 18:24:50.544170: | data for hmac: b3 48 59 b6 a1 bd 71 a5 ec 4c 24 36 d2 cf 6e dc Aug 26 18:24:50.544172: | data for hmac: e6 7d 82 69 7a e3 38 0e c0 cc 26 7c e8 0d 44 4c Aug 26 18:24:50.544175: | data for hmac: 98 86 ac ed f4 56 20 6a 16 80 2e a0 84 fa 3e 7a Aug 26 18:24:50.544177: | data for hmac: 04 a1 16 da 10 73 36 4f 91 10 9f db 39 74 56 be Aug 26 18:24:50.544180: | data for hmac: 88 ea a9 77 56 19 a3 b1 e1 1c f1 ad 67 52 8b 10 Aug 26 18:24:50.544183: | data for hmac: bb c8 fa c7 34 10 11 9c 31 18 a3 05 89 b5 93 81 Aug 26 18:24:50.544185: | data for hmac: 82 7d 2f 4b e3 d2 d8 df 7b 1a e9 38 38 30 e5 99 Aug 26 18:24:50.544188: | data for hmac: c8 08 30 93 49 8d 5e a9 3b f1 2e 55 ef 0c 7b 94 Aug 26 18:24:50.544190: | data for hmac: 37 c0 a9 5c be af 6d fe 70 b1 2a e9 3d 4a 05 7d Aug 26 18:24:50.544193: | data for hmac: b7 0b 90 08 9c a8 64 c2 7f 62 9d 02 8f 46 de 54 Aug 26 18:24:50.544196: | data for hmac: 9d cc 58 68 8d 51 23 a9 74 4a 57 e5 0f 2e a5 e7 Aug 26 18:24:50.544198: | data for hmac: a3 48 86 ed 7c 7d 06 f9 f2 78 46 05 e1 ad 4d 9c Aug 26 18:24:50.544201: | data for hmac: e7 ab 84 56 ab bf 17 07 98 f0 e6 40 b7 0a ec 29 Aug 26 18:24:50.544204: | data for hmac: 5a 8c 01 34 d2 fc 92 dc a8 83 e4 b7 ce 18 5b e8 Aug 26 18:24:50.544206: | data for hmac: 03 ae bd 89 4e 2d 35 a8 88 90 f3 18 32 85 d8 17 Aug 26 18:24:50.544209: | data for hmac: 79 f0 fc 25 f5 54 ef b7 44 b8 8c cb 3a 99 16 bf Aug 26 18:24:50.544212: | calculated auth: 51 20 b7 7f b0 70 79 c2 78 b7 77 05 10 c0 35 d6 Aug 26 18:24:50.544215: | provided auth: 51 20 b7 7f b0 70 79 c2 78 b7 77 05 10 c0 35 d6 Aug 26 18:24:50.544217: | authenticator matched Aug 26 18:24:50.544226: | #2 ikev2 ISAKMP_v2_IKE_AUTH decrypt success Aug 26 18:24:50.544231: | Now let's proceed with payload (ISAKMP_NEXT_v2IDi) Aug 26 18:24:50.544235: | **parse IKEv2 Identification - Initiator - Payload: Aug 26 18:24:50.544239: | next payload type: ISAKMP_NEXT_v2IDr (0x24) Aug 26 18:24:50.544243: | flags: none (0x0) Aug 26 18:24:50.544246: | length: 12 (0xc) Aug 26 18:24:50.544249: | ID type: ID_FQDN (0x2) Aug 26 18:24:50.544252: | processing payload: ISAKMP_NEXT_v2IDi (len=4) Aug 26 18:24:50.544257: | Now let's proceed with payload (ISAKMP_NEXT_v2IDr) Aug 26 18:24:50.544261: | **parse IKEv2 Identification - Responder - Payload: Aug 26 18:24:50.544263: | next payload type: ISAKMP_NEXT_v2AUTH (0x27) Aug 26 18:24:50.544266: | flags: none (0x0) Aug 26 18:24:50.544269: | length: 13 (0xd) Aug 26 18:24:50.544271: | ID type: ID_FQDN (0x2) Aug 26 18:24:50.544274: | processing payload: ISAKMP_NEXT_v2IDr (len=5) Aug 26 18:24:50.544277: | Now let's proceed with payload (ISAKMP_NEXT_v2AUTH) Aug 26 18:24:50.544280: | **parse IKEv2 Authentication Payload: Aug 26 18:24:50.544282: | next payload type: ISAKMP_NEXT_v2SA (0x21) Aug 26 18:24:50.544285: | flags: none (0x0) Aug 26 18:24:50.544291: | length: 282 (0x11a) Aug 26 18:24:50.544297: | auth method: IKEv2_AUTH_RSA (0x1) Aug 26 18:24:50.544300: | processing payload: ISAKMP_NEXT_v2AUTH (len=274) Aug 26 18:24:50.544303: | Now let's proceed with payload (ISAKMP_NEXT_v2SA) Aug 26 18:24:50.544306: | **parse IKEv2 Security Association Payload: Aug 26 18:24:50.544308: | next payload type: ISAKMP_NEXT_v2TSi (0x2c) Aug 26 18:24:50.544311: | flags: none (0x0) Aug 26 18:24:50.544313: | length: 44 (0x2c) Aug 26 18:24:50.544316: | processing payload: ISAKMP_NEXT_v2SA (len=40) Aug 26 18:24:50.544319: | Now let's proceed with payload (ISAKMP_NEXT_v2TSi) Aug 26 18:24:50.544322: | **parse IKEv2 Traffic Selector - Initiator - Payload: Aug 26 18:24:50.544325: | next payload type: ISAKMP_NEXT_v2TSr (0x2d) Aug 26 18:24:50.544327: | flags: none (0x0) Aug 26 18:24:50.544330: | length: 24 (0x18) Aug 26 18:24:50.544332: | number of TS: 1 (0x1) Aug 26 18:24:50.544335: | processing payload: ISAKMP_NEXT_v2TSi (len=16) Aug 26 18:24:50.544338: | Now let's proceed with payload (ISAKMP_NEXT_v2TSr) Aug 26 18:24:50.544340: | **parse IKEv2 Traffic Selector - Responder - Payload: Aug 26 18:24:50.544343: | next payload type: ISAKMP_NEXT_v2NONE (0x0) Aug 26 18:24:50.544346: | flags: none (0x0) Aug 26 18:24:50.544348: | length: 24 (0x18) Aug 26 18:24:50.544351: | number of TS: 1 (0x1) Aug 26 18:24:50.544354: | processing payload: ISAKMP_NEXT_v2TSr (len=16) Aug 26 18:24:50.544356: | selected state microcode Responder: process IKE_AUTH request Aug 26 18:24:50.544359: | Now let's proceed with state specific processing Aug 26 18:24:50.544362: | calling processor Responder: process IKE_AUTH request Aug 26 18:24:50.544368: "north-eastnets/0x2" #2: processing decrypted IKE_AUTH request: SK{IDi,IDr,AUTH,SA,TSi,TSr} Aug 26 18:24:50.544375: | #2 updating local interface from 192.1.3.33:500 to 192.1.3.33:500 using md->iface (in update_ike_endpoints() at state.c:2669) Aug 26 18:24:50.544379: | received IDr payload - extracting our alleged ID Aug 26 18:24:50.544383: | refine_host_connection for IKEv2: starting with "north-eastnets/0x2" Aug 26 18:24:50.544388: | match_id a=@east Aug 26 18:24:50.544391: | b=@east Aug 26 18:24:50.544393: | results matched Aug 26 18:24:50.544398: | refine_host_connection: checking "north-eastnets/0x2" against "north-eastnets/0x2", best=(none) with match=1(id=1(0)/ca=1(0)/reqca=1(0)) Aug 26 18:24:50.544401: | Warning: not switching back to template of current instance Aug 26 18:24:50.544404: | Peer expects us to be @north (ID_FQDN) according to its IDr payload Aug 26 18:24:50.544407: | This connection's local id is @north (ID_FQDN) Aug 26 18:24:50.544410: | refine_host_connection: checked north-eastnets/0x2 against north-eastnets/0x2, now for see if best Aug 26 18:24:50.544414: | started looking for secret for @north->@east of kind PKK_RSA Aug 26 18:24:50.544418: | actually looking for secret for @north->@east of kind PKK_RSA Aug 26 18:24:50.544421: | line 1: key type PKK_RSA(@north) to type PKK_RSA Aug 26 18:24:50.544426: | 1: compared key (none) to @north / @east -> 002 Aug 26 18:24:50.544429: | 2: compared key (none) to @north / @east -> 002 Aug 26 18:24:50.544431: | line 1: match=002 Aug 26 18:24:50.544434: | match 002 beats previous best_match 000 match=0x55ce53a66000 (line=1) Aug 26 18:24:50.544440: | concluding with best_match=002 best=0x55ce53a66000 (lineno=1) Aug 26 18:24:50.544443: | returning because exact peer id match Aug 26 18:24:50.544446: | offered CA: '%none' Aug 26 18:24:50.544449: "north-eastnets/0x2" #2: IKEv2 mode peer ID is ID_FQDN: '@east' Aug 26 18:24:50.544467: | verifying AUTH payload Aug 26 18:24:50.544485: | required RSA CA is '%any' Aug 26 18:24:50.544490: | checking RSA keyid '@east' for match with '@east' Aug 26 18:24:50.544493: | key issuer CA is '%any' Aug 26 18:24:50.544565: | an RSA Sig check passed with *AQO9bJbr3 [preloaded key] Aug 26 18:24:50.544574: | #2 spent 0.0747 milliseconds in try_all_RSA_keys() trying a pubkey Aug 26 18:24:50.544578: "north-eastnets/0x2" #2: Authenticated using RSA Aug 26 18:24:50.544582: | #2 spent 0.109 milliseconds in ikev2_verify_rsa_hash() Aug 26 18:24:50.544587: | parent state #2: PARENT_R1(half-open IKE SA) => PARENT_R2(established IKE SA) Aug 26 18:24:50.544592: | #2 will start re-keying in 3330 seconds with margin of 270 seconds (attempting re-key) Aug 26 18:24:50.544596: | state #2 requesting EVENT_CRYPTO_TIMEOUT to be deleted Aug 26 18:24:50.544600: | libevent_free: release ptr-libevent@0x55ce53a77790 Aug 26 18:24:50.544605: | free_event_entry: release EVENT_CRYPTO_TIMEOUT-pe@0x7ffaa4002b20 Aug 26 18:24:50.544608: | event_schedule: new EVENT_SA_REKEY-pe@0x7ffaa4002b20 Aug 26 18:24:50.544612: | inserting event EVENT_SA_REKEY, timeout in 3330 seconds for #2 Aug 26 18:24:50.544615: | libevent_malloc: new ptr-libevent@0x55ce53a77790 size 128 Aug 26 18:24:50.545104: | pstats #2 ikev2.ike established Aug 26 18:24:50.545133: | **emit ISAKMP Message: Aug 26 18:24:50.545137: | initiator cookie: Aug 26 18:24:50.545140: | df 94 67 26 a0 0a d8 6e Aug 26 18:24:50.545143: | responder cookie: Aug 26 18:24:50.545145: | 82 6d 3e 8a e9 b9 76 8e Aug 26 18:24:50.545148: | next payload type: ISAKMP_NEXT_NONE (0x0) Aug 26 18:24:50.545152: | ISAKMP version: IKEv2 version 2.0 (rfc4306/rfc5996) (0x20) Aug 26 18:24:50.545154: | exchange type: ISAKMP_v2_IKE_AUTH (0x23) Aug 26 18:24:50.545158: | flags: ISAKMP_FLAG_v2_MSG_RESPONSE (0x20) Aug 26 18:24:50.545160: | Message ID: 1 (0x1) Aug 26 18:24:50.545164: | next payload chain: saving message location 'ISAKMP Message'.'next payload type' Aug 26 18:24:50.545167: | IKEv2 CERT: send a certificate? Aug 26 18:24:50.545170: | IKEv2 CERT: no certificate to send Aug 26 18:24:50.545173: | ***emit IKEv2 Encryption Payload: Aug 26 18:24:50.545176: | next payload type: ISAKMP_NEXT_v2NONE (0x0) Aug 26 18:24:50.545179: | flags: none (0x0) Aug 26 18:24:50.545182: | next payload chain: setting previous 'ISAKMP Message'.'next payload type' to current IKEv2 Encryption Payload (46:ISAKMP_NEXT_v2SK) Aug 26 18:24:50.545186: | next payload chain: saving location 'IKEv2 Encryption Payload'.'next payload type' in 'reply packet' Aug 26 18:24:50.545189: | emitting 16 zero bytes of IV into IKEv2 Encryption Payload Aug 26 18:24:50.545203: | Initiator child policy is compress=no, NOT sending v2N_IPCOMP_SUPPORTED Aug 26 18:24:50.545219: | ****emit IKEv2 Identification - Responder - Payload: Aug 26 18:24:50.545224: | next payload type: ISAKMP_NEXT_v2NONE (0x0) Aug 26 18:24:50.545226: | flags: none (0x0) Aug 26 18:24:50.545229: | ID type: ID_FQDN (0x2) Aug 26 18:24:50.545232: | next payload chain: setting previous 'IKEv2 Encryption Payload'.'next payload type' to current IKEv2 Identification - Responder - Payload (36:ISAKMP_NEXT_v2IDr) Aug 26 18:24:50.545236: | next payload chain: saving location 'IKEv2 Identification - Responder - Payload'.'next payload type' in 'reply packet' Aug 26 18:24:50.545239: | emitting 5 raw bytes of my identity into IKEv2 Identification - Responder - Payload Aug 26 18:24:50.545242: | my identity 6e 6f 72 74 68 Aug 26 18:24:50.545245: | emitting length of IKEv2 Identification - Responder - Payload: 13 Aug 26 18:24:50.545254: | assembled IDr payload Aug 26 18:24:50.545257: | CHILD SA proposals received Aug 26 18:24:50.545260: | going to assemble AUTH payload Aug 26 18:24:50.545265: | ****emit IKEv2 Authentication Payload: Aug 26 18:24:50.545268: | next payload type: ISAKMP_NEXT_v2SA (0x21) Aug 26 18:24:50.545271: | flags: none (0x0) Aug 26 18:24:50.545274: | auth method: IKEv2_AUTH_RSA (0x1) Aug 26 18:24:50.545277: | next payload chain: ignoring supplied 'IKEv2 Authentication Payload'.'next payload type' value 33:ISAKMP_NEXT_v2SA Aug 26 18:24:50.545281: | next payload chain: setting previous 'IKEv2 Identification - Responder - Payload'.'next payload type' to current IKEv2 Authentication Payload (39:ISAKMP_NEXT_v2AUTH) Aug 26 18:24:50.545284: | next payload chain: saving location 'IKEv2 Authentication Payload'.'next payload type' in 'reply packet' Aug 26 18:24:50.545293: | started looking for secret for @north->@east of kind PKK_RSA Aug 26 18:24:50.545300: | actually looking for secret for @north->@east of kind PKK_RSA Aug 26 18:24:50.545304: | line 1: key type PKK_RSA(@north) to type PKK_RSA Aug 26 18:24:50.545307: | 1: compared key (none) to @north / @east -> 002 Aug 26 18:24:50.545310: | 2: compared key (none) to @north / @east -> 002 Aug 26 18:24:50.545313: | line 1: match=002 Aug 26 18:24:50.545316: | match 002 beats previous best_match 000 match=0x55ce53a66000 (line=1) Aug 26 18:24:50.545319: | concluding with best_match=002 best=0x55ce53a66000 (lineno=1) Aug 26 18:24:50.549823: | #2 spent 4.48 milliseconds in ikev2_calculate_rsa_hash() calling sign_hash_RSA() Aug 26 18:24:50.549838: | emitting 274 raw bytes of rsa signature into IKEv2 Authentication Payload Aug 26 18:24:50.549843: | rsa signature b4 38 ff fe 6a 50 b7 14 1d 5f 90 cd 32 43 e6 23 Aug 26 18:24:50.549846: | rsa signature fd 92 99 1c 7e b3 05 9d 74 d2 46 39 3b b5 8a 55 Aug 26 18:24:50.549848: | rsa signature 5a d0 e8 76 02 61 06 f6 9d 83 af f4 7b bf 88 e8 Aug 26 18:24:50.549851: | rsa signature 37 9a b8 b2 d4 1d ea 8d 3e cd ff 36 18 62 be 6c Aug 26 18:24:50.549853: | rsa signature 0f 67 36 42 d1 f8 2d d2 01 d5 0b 00 84 44 c2 a8 Aug 26 18:24:50.549856: | rsa signature aa 28 48 ac 1f 17 8c b3 0d 26 7b 7e 66 d9 55 4f Aug 26 18:24:50.549859: | rsa signature 7b c0 da 4d d0 02 ef b3 0a 13 7d 07 a1 4a 27 d9 Aug 26 18:24:50.549861: | rsa signature aa 84 f2 db 85 57 07 52 35 2f b4 9c cd ea e6 23 Aug 26 18:24:50.549864: | rsa signature c0 95 c1 5f 8e 37 2d ea 1c 93 d9 70 94 ef 72 17 Aug 26 18:24:50.549867: | rsa signature e0 51 27 1b d4 24 d8 ba 43 5b 3d cc 54 76 9e 98 Aug 26 18:24:50.549869: | rsa signature f6 bd 10 7e 21 d5 cb 5a 9e 60 6c ef 61 b8 e7 f1 Aug 26 18:24:50.549872: | rsa signature e0 c7 7b 0a 7a 1d a1 c9 d7 d4 f5 a4 ee f8 99 64 Aug 26 18:24:50.549874: | rsa signature 03 55 94 1e 3e 60 7a d2 95 bc f8 b4 01 4a b4 34 Aug 26 18:24:50.549877: | rsa signature 12 66 99 bb e2 8f 71 d0 3d 33 8f d5 cb 19 d9 dc Aug 26 18:24:50.549880: | rsa signature 31 8e 8b 2d 9c 62 f1 0f df 91 94 75 22 2e bf 8c Aug 26 18:24:50.549882: | rsa signature b5 f8 36 20 54 2b fe dd 9f 4e 24 33 92 35 c6 5f Aug 26 18:24:50.549885: | rsa signature 1e 89 7e 29 96 8f 6f 2c 48 5a bc 4b dc 66 aa 85 Aug 26 18:24:50.549887: | rsa signature 05 b8 Aug 26 18:24:50.549893: | #2 spent 4.59 milliseconds in ikev2_calculate_rsa_hash() Aug 26 18:24:50.549896: | emitting length of IKEv2 Authentication Payload: 282 Aug 26 18:24:50.549903: | creating state object #5 at 0x55ce53a87540 Aug 26 18:24:50.549907: | State DB: adding IKEv2 state #5 in UNDEFINED Aug 26 18:24:50.549915: | pstats #5 ikev2.child started Aug 26 18:24:50.549919: | duplicating state object #2 "north-eastnets/0x2" as #5 for IPSEC SA Aug 26 18:24:50.549926: | #5 setting local endpoint to 192.1.3.33:500 from #2.st_localport (in duplicate_state() at state.c:1484) Aug 26 18:24:50.549934: | Message ID: init_child #2.#5; ike: initiator.sent=-1 initiator.recv=-1 responder.sent=0 responder.recv=0; child: wip.initiator=0->-1 wip.responder=0->-1 Aug 26 18:24:50.549940: | Message ID: switch-from #2 request 1; ike: initiator.sent=-1 initiator.recv=-1 responder.sent=0 responder.recv=0 wip.initiator=-1 wip.responder=1->-1 Aug 26 18:24:50.549949: | Message ID: switch-to #2.#5 request 1; ike: initiator.sent=-1 initiator.recv=-1 responder.sent=0 responder.recv=0; child: wip.initiator=-1 wip.responder=-1->1 Aug 26 18:24:50.549952: | Child SA TS Request has ike->sa == md->st; so using parent connection Aug 26 18:24:50.549956: | TSi: parsing 1 traffic selectors Aug 26 18:24:50.549960: | ***parse IKEv2 Traffic Selector: Aug 26 18:24:50.549963: | TS type: IKEv2_TS_IPV4_ADDR_RANGE (0x7) Aug 26 18:24:50.549966: | IP Protocol ID: 0 (0x0) Aug 26 18:24:50.549969: | length: 16 (0x10) Aug 26 18:24:50.549972: | start port: 0 (0x0) Aug 26 18:24:50.549974: | end port: 65535 (0xffff) Aug 26 18:24:50.549978: | parsing 4 raw bytes of IKEv2 Traffic Selector into TS low Aug 26 18:24:50.549980: | TS low c0 00 16 00 Aug 26 18:24:50.549983: | parsing 4 raw bytes of IKEv2 Traffic Selector into TS high Aug 26 18:24:50.549986: | TS high c0 00 16 ff Aug 26 18:24:50.549988: | TSi: parsed 1 traffic selectors Aug 26 18:24:50.549991: | TSr: parsing 1 traffic selectors Aug 26 18:24:50.549994: | ***parse IKEv2 Traffic Selector: Aug 26 18:24:50.549997: | TS type: IKEv2_TS_IPV4_ADDR_RANGE (0x7) Aug 26 18:24:50.549999: | IP Protocol ID: 0 (0x0) Aug 26 18:24:50.550002: | length: 16 (0x10) Aug 26 18:24:50.550005: | start port: 0 (0x0) Aug 26 18:24:50.550007: | end port: 65535 (0xffff) Aug 26 18:24:50.550010: | parsing 4 raw bytes of IKEv2 Traffic Selector into TS low Aug 26 18:24:50.550013: | TS low c0 00 03 00 Aug 26 18:24:50.550015: | parsing 4 raw bytes of IKEv2 Traffic Selector into TS high Aug 26 18:24:50.550018: | TS high c0 00 03 ff Aug 26 18:24:50.550021: | TSr: parsed 1 traffic selectors Aug 26 18:24:50.550023: | looking for best SPD in current connection Aug 26 18:24:50.550030: | evaluating our conn="north-eastnets/0x2" I=192.0.22.0/24:0/0 R=192.0.3.0/24:0/0 to their: Aug 26 18:24:50.550035: | TSi[0] .net=192.0.22.0-192.0.22.255 .iporotoid=0 .{start,end}port=0..65535 Aug 26 18:24:50.550043: | match address end->client=192.0.22.0/24 == TSi[0]net=192.0.22.0-192.0.22.255: YES fitness 32 Aug 26 18:24:50.550047: | narrow port end=0..65535 == TSi[0]=0..65535: 0 Aug 26 18:24:50.550050: | TSi[0] port match: YES fitness 65536 Aug 26 18:24:50.550053: | narrow protocol end=*0 == TSi[0]=*0: 0 Aug 26 18:24:50.550056: | match end->protocol=*0 == TSi[0].ipprotoid=*0: YES fitness 255 Aug 26 18:24:50.550061: | TSr[0] .net=192.0.3.0-192.0.3.255 .iporotoid=0 .{start,end}port=0..65535 Aug 26 18:24:50.550067: | match address end->client=192.0.3.0/24 == TSr[0]net=192.0.3.0-192.0.3.255: YES fitness 32 Aug 26 18:24:50.550071: | narrow port end=0..65535 == TSr[0]=0..65535: 0 Aug 26 18:24:50.550073: | TSr[0] port match: YES fitness 65536 Aug 26 18:24:50.550076: | narrow protocol end=*0 == TSr[0]=*0: 0 Aug 26 18:24:50.550080: | match end->protocol=*0 == TSr[0].ipprotoid=*0: YES fitness 255 Aug 26 18:24:50.550082: | best fit so far: TSi[0] TSr[0] Aug 26 18:24:50.550085: | found better spd route for TSi[0],TSr[0] Aug 26 18:24:50.550088: | looking for better host pair Aug 26 18:24:50.550093: | find_host_pair: comparing 192.1.3.33:500 to 192.1.2.23:500 but ignoring ports Aug 26 18:24:50.550099: | checking hostpair 192.0.3.0/24 -> 192.0.22.0/24 is found Aug 26 18:24:50.550102: | investigating connection "north-eastnets/0x2" as a better match Aug 26 18:24:50.550106: | match_id a=@east Aug 26 18:24:50.550109: | b=@east Aug 26 18:24:50.550111: | results matched Aug 26 18:24:50.550117: | evaluating our conn="north-eastnets/0x2" I=192.0.22.0/24:0/0 R=192.0.3.0/24:0/0 to their: Aug 26 18:24:50.550122: | TSi[0] .net=192.0.22.0-192.0.22.255 .iporotoid=0 .{start,end}port=0..65535 Aug 26 18:24:50.550128: | match address end->client=192.0.22.0/24 == TSi[0]net=192.0.22.0-192.0.22.255: YES fitness 32 Aug 26 18:24:50.550131: | narrow port end=0..65535 == TSi[0]=0..65535: 0 Aug 26 18:24:50.550134: | TSi[0] port match: YES fitness 65536 Aug 26 18:24:50.550139: | narrow protocol end=*0 == TSi[0]=*0: 0 Aug 26 18:24:50.550143: | match end->protocol=*0 == TSi[0].ipprotoid=*0: YES fitness 255 Aug 26 18:24:50.550147: | TSr[0] .net=192.0.3.0-192.0.3.255 .iporotoid=0 .{start,end}port=0..65535 Aug 26 18:24:50.550154: | match address end->client=192.0.3.0/24 == TSr[0]net=192.0.3.0-192.0.3.255: YES fitness 32 Aug 26 18:24:50.550157: | narrow port end=0..65535 == TSr[0]=0..65535: 0 Aug 26 18:24:50.550160: | TSr[0] port match: YES fitness 65536 Aug 26 18:24:50.550163: | narrow protocol end=*0 == TSr[0]=*0: 0 Aug 26 18:24:50.550166: | match end->protocol=*0 == TSr[0].ipprotoid=*0: YES fitness 255 Aug 26 18:24:50.550168: | best fit so far: TSi[0] TSr[0] Aug 26 18:24:50.550171: | investigating connection "north-eastnets/0x1" as a better match Aug 26 18:24:50.550174: | match_id a=@east Aug 26 18:24:50.550177: | b=@east Aug 26 18:24:50.550179: | results matched Aug 26 18:24:50.550185: | evaluating our conn="north-eastnets/0x1" I=192.0.2.0/24:0/0 R=192.0.3.0/24:0/0 to their: Aug 26 18:24:50.550189: | TSi[0] .net=192.0.22.0-192.0.22.255 .iporotoid=0 .{start,end}port=0..65535 Aug 26 18:24:50.550196: | match address end->client=192.0.2.0/24 == TSi[0]net=192.0.22.0-192.0.22.255: NO Aug 26 18:24:50.550199: | did not find a better connection using host pair Aug 26 18:24:50.550201: | printing contents struct traffic_selector Aug 26 18:24:50.550204: | ts_type: IKEv2_TS_IPV4_ADDR_RANGE Aug 26 18:24:50.550206: | ipprotoid: 0 Aug 26 18:24:50.550209: | port range: 0-65535 Aug 26 18:24:50.550213: | ip range: 192.0.3.0-192.0.3.255 Aug 26 18:24:50.550216: | printing contents struct traffic_selector Aug 26 18:24:50.550218: | ts_type: IKEv2_TS_IPV4_ADDR_RANGE Aug 26 18:24:50.550221: | ipprotoid: 0 Aug 26 18:24:50.550223: | port range: 0-65535 Aug 26 18:24:50.550227: | ip range: 192.0.22.0-192.0.22.255 Aug 26 18:24:50.550232: | constructing ESP/AH proposals with all DH removed for north-eastnets/0x2 (IKE_AUTH responder matching remote ESP/AH proposals) Aug 26 18:24:50.550238: | converting proposal AES_CBC_128-HMAC_SHA2_512_256-MODP3072 to ikev2 ... Aug 26 18:24:50.550245: | ... ikev2_proposal: 1:ESP:ENCR=AES_CBC_128;INTEG=HMAC_SHA2_512_256;DH=NONE;ESN=DISABLED Aug 26 18:24:50.550250: "north-eastnets/0x2": constructed local ESP/AH proposals for north-eastnets/0x2 (IKE_AUTH responder matching remote ESP/AH proposals): 1:ESP:ENCR=AES_CBC_128;INTEG=HMAC_SHA2_512_256;DH=NONE;ESN=DISABLED Aug 26 18:24:50.550254: | Comparing remote proposals against IKE_AUTH responder matching remote ESP/AH proposals 1 local proposals Aug 26 18:24:50.550258: | local proposal 1 type ENCR has 1 transforms Aug 26 18:24:50.550261: | local proposal 1 type PRF has 0 transforms Aug 26 18:24:50.550264: | local proposal 1 type INTEG has 1 transforms Aug 26 18:24:50.550266: | local proposal 1 type DH has 1 transforms Aug 26 18:24:50.550269: | local proposal 1 type ESN has 1 transforms Aug 26 18:24:50.550272: | local proposal 1 transforms: required: ENCR+INTEG+ESN; optional: DH Aug 26 18:24:50.550276: | ***parse IKEv2 Proposal Substructure Payload: Aug 26 18:24:50.550279: | last proposal: v2_PROPOSAL_LAST (0x0) Aug 26 18:24:50.550282: | length: 40 (0x28) Aug 26 18:24:50.550285: | prop #: 1 (0x1) Aug 26 18:24:50.550292: | proto ID: IKEv2_SEC_PROTO_ESP (0x3) Aug 26 18:24:50.550297: | spi size: 4 (0x4) Aug 26 18:24:50.550300: | # transforms: 3 (0x3) Aug 26 18:24:50.550303: | parsing 4 raw bytes of IKEv2 Proposal Substructure Payload into remote SPI Aug 26 18:24:50.550306: | remote SPI 80 27 c3 26 Aug 26 18:24:50.550310: | Comparing remote proposal 1 containing 3 transforms against local proposal [1..1] of 1 local proposals Aug 26 18:24:50.550313: | ****parse IKEv2 Transform Substructure Payload: Aug 26 18:24:50.550316: | last transform: v2_TRANSFORM_NON_LAST (0x3) Aug 26 18:24:50.550318: | length: 12 (0xc) Aug 26 18:24:50.550321: | IKEv2 transform type: TRANS_TYPE_ENCR (0x1) Aug 26 18:24:50.550326: | IKEv2 transform ID: AES_CBC (0xc) Aug 26 18:24:50.550329: | *****parse IKEv2 Attribute Substructure Payload: Aug 26 18:24:50.550332: | af+type: AF+IKEv2_KEY_LENGTH (0x800e) Aug 26 18:24:50.550335: | length/value: 128 (0x80) Aug 26 18:24:50.550340: | remote proposal 1 transform 0 (ENCR=AES_CBC_128) matches local proposal 1 type 1 (ENCR) transform 0 Aug 26 18:24:50.550343: | ****parse IKEv2 Transform Substructure Payload: Aug 26 18:24:50.550346: | last transform: v2_TRANSFORM_NON_LAST (0x3) Aug 26 18:24:50.550348: | length: 8 (0x8) Aug 26 18:24:50.550351: | IKEv2 transform type: TRANS_TYPE_INTEG (0x3) Aug 26 18:24:50.550354: | IKEv2 transform ID: AUTH_HMAC_SHA2_512_256 (0xe) Aug 26 18:24:50.550358: | remote proposal 1 transform 1 (INTEG=HMAC_SHA2_512_256) matches local proposal 1 type 3 (INTEG) transform 0 Aug 26 18:24:50.550361: | ****parse IKEv2 Transform Substructure Payload: Aug 26 18:24:50.550363: | last transform: v2_TRANSFORM_LAST (0x0) Aug 26 18:24:50.550366: | length: 8 (0x8) Aug 26 18:24:50.550369: | IKEv2 transform type: TRANS_TYPE_ESN (0x5) Aug 26 18:24:50.550371: | IKEv2 transform ID: ESN_DISABLED (0x0) Aug 26 18:24:50.550375: | remote proposal 1 transform 2 (ESN=DISABLED) matches local proposal 1 type 5 (ESN) transform 0 Aug 26 18:24:50.550379: | remote proposal 1 proposed transforms: ENCR+INTEG+ESN; matched: ENCR+INTEG+ESN; unmatched: none Aug 26 18:24:50.550384: | comparing remote proposal 1 containing ENCR+INTEG+ESN transforms to local proposal 1; required: ENCR+INTEG+ESN; optional: DH; matched: ENCR+INTEG+ESN Aug 26 18:24:50.550387: | remote proposal 1 matches local proposal 1 Aug 26 18:24:50.550393: "north-eastnets/0x2" #2: proposal 1:ESP:SPI=8027c326;ENCR=AES_CBC_128;INTEG=HMAC_SHA2_512_256;ESN=DISABLED chosen from remote proposals 1:ESP:ENCR=AES_CBC_128;INTEG=HMAC_SHA2_512_256;ESN=DISABLED[first-match] Aug 26 18:24:50.550399: | IKE_AUTH responder matching remote ESP/AH proposals ikev2_proposal: 1:ESP:SPI=8027c326;ENCR=AES_CBC_128;INTEG=HMAC_SHA2_512_256;ESN=DISABLED Aug 26 18:24:50.550402: | converting proposal to internal trans attrs Aug 26 18:24:50.550838: | netlink_get_spi: allocated 0x1b07e789 for esp.0@192.1.3.33 Aug 26 18:24:50.550844: | Emitting ikev2_proposal ... Aug 26 18:24:50.550848: | ****emit IKEv2 Security Association Payload: Aug 26 18:24:50.550851: | next payload type: ISAKMP_NEXT_v2NONE (0x0) Aug 26 18:24:50.550854: | flags: none (0x0) Aug 26 18:24:50.550858: | next payload chain: setting previous 'IKEv2 Authentication Payload'.'next payload type' to current IKEv2 Security Association Payload (33:ISAKMP_NEXT_v2SA) Aug 26 18:24:50.550861: | next payload chain: saving location 'IKEv2 Security Association Payload'.'next payload type' in 'reply packet' Aug 26 18:24:50.550865: | *****emit IKEv2 Proposal Substructure Payload: Aug 26 18:24:50.550868: | last proposal: v2_PROPOSAL_LAST (0x0) Aug 26 18:24:50.550871: | prop #: 1 (0x1) Aug 26 18:24:50.550874: | proto ID: IKEv2_SEC_PROTO_ESP (0x3) Aug 26 18:24:50.550876: | spi size: 4 (0x4) Aug 26 18:24:50.550879: | # transforms: 3 (0x3) Aug 26 18:24:50.550882: | last substructure: saving location 'IKEv2 Security Association Payload'.'IKEv2 Proposal Substructure Payload'.'last proposal' Aug 26 18:24:50.550886: | emitting 4 raw bytes of our spi into IKEv2 Proposal Substructure Payload Aug 26 18:24:50.550888: | our spi 1b 07 e7 89 Aug 26 18:24:50.550891: | ******emit IKEv2 Transform Substructure Payload: Aug 26 18:24:50.550894: | last transform: v2_TRANSFORM_NON_LAST (0x3) Aug 26 18:24:50.550897: | IKEv2 transform type: TRANS_TYPE_ENCR (0x1) Aug 26 18:24:50.550899: | IKEv2 transform ID: AES_CBC (0xc) Aug 26 18:24:50.550903: | last substructure: saving location 'IKEv2 Proposal Substructure Payload'.'IKEv2 Transform Substructure Payload'.'last transform' Aug 26 18:24:50.550906: | *******emit IKEv2 Attribute Substructure Payload: Aug 26 18:24:50.550909: | af+type: AF+IKEv2_KEY_LENGTH (0x800e) Aug 26 18:24:50.550911: | length/value: 128 (0x80) Aug 26 18:24:50.550917: | emitting length of IKEv2 Transform Substructure Payload: 12 Aug 26 18:24:50.550920: | ******emit IKEv2 Transform Substructure Payload: Aug 26 18:24:50.550923: | last transform: v2_TRANSFORM_NON_LAST (0x3) Aug 26 18:24:50.550926: | IKEv2 transform type: TRANS_TYPE_INTEG (0x3) Aug 26 18:24:50.550928: | IKEv2 transform ID: AUTH_HMAC_SHA2_512_256 (0xe) Aug 26 18:24:50.550932: | last substructure: checking 'IKEv2 Proposal Substructure Payload'.'IKEv2 Transform Substructure Payload'.'last transform' is v2_TRANSFORM_NON_LAST (0x3) Aug 26 18:24:50.550935: | last substructure: saving location 'IKEv2 Proposal Substructure Payload'.'IKEv2 Transform Substructure Payload'.'last transform' Aug 26 18:24:50.550938: | emitting length of IKEv2 Transform Substructure Payload: 8 Aug 26 18:24:50.550941: | ******emit IKEv2 Transform Substructure Payload: Aug 26 18:24:50.550944: | last transform: v2_TRANSFORM_LAST (0x0) Aug 26 18:24:50.550946: | IKEv2 transform type: TRANS_TYPE_ESN (0x5) Aug 26 18:24:50.550949: | IKEv2 transform ID: ESN_DISABLED (0x0) Aug 26 18:24:50.550952: | last substructure: checking 'IKEv2 Proposal Substructure Payload'.'IKEv2 Transform Substructure Payload'.'last transform' is v2_TRANSFORM_NON_LAST (0x3) Aug 26 18:24:50.550955: | last substructure: saving location 'IKEv2 Proposal Substructure Payload'.'IKEv2 Transform Substructure Payload'.'last transform' Aug 26 18:24:50.550958: | emitting length of IKEv2 Transform Substructure Payload: 8 Aug 26 18:24:50.550961: | emitting length of IKEv2 Proposal Substructure Payload: 40 Aug 26 18:24:50.550964: | last substructure: checking 'IKEv2 Proposal Substructure Payload'.'IKEv2 Transform Substructure Payload'.'last transform' is 0 Aug 26 18:24:50.550967: | emitting length of IKEv2 Security Association Payload: 44 Aug 26 18:24:50.550970: | last substructure: checking 'IKEv2 Security Association Payload'.'IKEv2 Proposal Substructure Payload'.'last proposal' is 0 Aug 26 18:24:50.550973: | ****emit IKEv2 Traffic Selector - Initiator - Payload: Aug 26 18:24:50.550977: | next payload type: ISAKMP_NEXT_v2NONE (0x0) Aug 26 18:24:50.550979: | flags: none (0x0) Aug 26 18:24:50.550982: | number of TS: 1 (0x1) Aug 26 18:24:50.550985: | next payload chain: setting previous 'IKEv2 Security Association Payload'.'next payload type' to current IKEv2 Traffic Selector - Initiator - Payload (44:ISAKMP_NEXT_v2TSi) Aug 26 18:24:50.550989: | next payload chain: saving location 'IKEv2 Traffic Selector - Initiator - Payload'.'next payload type' in 'reply packet' Aug 26 18:24:50.550992: | *****emit IKEv2 Traffic Selector: Aug 26 18:24:50.550995: | TS type: IKEv2_TS_IPV4_ADDR_RANGE (0x7) Aug 26 18:24:50.550997: | IP Protocol ID: 0 (0x0) Aug 26 18:24:50.551000: | start port: 0 (0x0) Aug 26 18:24:50.551003: | end port: 65535 (0xffff) Aug 26 18:24:50.551006: | emitting 4 raw bytes of ipv4 start into IKEv2 Traffic Selector Aug 26 18:24:50.551009: | ipv4 start c0 00 16 00 Aug 26 18:24:50.551012: | emitting 4 raw bytes of ipv4 end into IKEv2 Traffic Selector Aug 26 18:24:50.551014: | ipv4 end c0 00 16 ff Aug 26 18:24:50.551017: | emitting length of IKEv2 Traffic Selector: 16 Aug 26 18:24:50.551020: | emitting length of IKEv2 Traffic Selector - Initiator - Payload: 24 Aug 26 18:24:50.551023: | ****emit IKEv2 Traffic Selector - Responder - Payload: Aug 26 18:24:50.551025: | next payload type: ISAKMP_NEXT_v2NONE (0x0) Aug 26 18:24:50.551028: | flags: none (0x0) Aug 26 18:24:50.551031: | number of TS: 1 (0x1) Aug 26 18:24:50.551034: | next payload chain: setting previous 'IKEv2 Traffic Selector - Initiator - Payload'.'next payload type' to current IKEv2 Traffic Selector - Responder - Payload (45:ISAKMP_NEXT_v2TSr) Aug 26 18:24:50.551037: | next payload chain: saving location 'IKEv2 Traffic Selector - Responder - Payload'.'next payload type' in 'reply packet' Aug 26 18:24:50.551040: | *****emit IKEv2 Traffic Selector: Aug 26 18:24:50.551043: | TS type: IKEv2_TS_IPV4_ADDR_RANGE (0x7) Aug 26 18:24:50.551045: | IP Protocol ID: 0 (0x0) Aug 26 18:24:50.551050: | start port: 0 (0x0) Aug 26 18:24:50.551053: | end port: 65535 (0xffff) Aug 26 18:24:50.551056: | emitting 4 raw bytes of ipv4 start into IKEv2 Traffic Selector Aug 26 18:24:50.551058: | ipv4 start c0 00 03 00 Aug 26 18:24:50.551061: | emitting 4 raw bytes of ipv4 end into IKEv2 Traffic Selector Aug 26 18:24:50.551064: | ipv4 end c0 00 03 ff Aug 26 18:24:50.551066: | emitting length of IKEv2 Traffic Selector: 16 Aug 26 18:24:50.551069: | emitting length of IKEv2 Traffic Selector - Responder - Payload: 24 Aug 26 18:24:50.551072: | Initiator child policy is compress=no, NOT sending v2N_IPCOMP_SUPPORTED Aug 26 18:24:50.551076: | integ=sha2_512: .key_size=64 encrypt=aes: .key_size=16 .salt_size=0 keymat_len=80 Aug 26 18:24:50.551857: | FOR_EACH_CONNECTION_... in ISAKMP_SA_established Aug 26 18:24:50.551878: | #2 spent 1.56 milliseconds Aug 26 18:24:50.551882: | install_ipsec_sa() for #5: inbound and outbound Aug 26 18:24:50.551886: | could_route called for north-eastnets/0x2 (kind=CK_PERMANENT) Aug 26 18:24:50.551889: | FOR_EACH_CONNECTION_... in route_owner Aug 26 18:24:50.551893: | conn north-eastnets/0x2 mark 0/00000000, 0/00000000 vs Aug 26 18:24:50.551896: | conn north-eastnets/0x2 mark 0/00000000, 0/00000000 Aug 26 18:24:50.551899: | conn north-eastnets/0x2 mark 0/00000000, 0/00000000 vs Aug 26 18:24:50.551901: | conn north-eastnets/0x1 mark 0/00000000, 0/00000000 Aug 26 18:24:50.551908: | route owner of "north-eastnets/0x2" unrouted: NULL; eroute owner: NULL Aug 26 18:24:50.551912: | looking for alg with encrypt: AES_CBC keylen: 128 integ: HMAC_SHA2_512_256 Aug 26 18:24:50.551916: | encrypt AES_CBC keylen=128 transid=12, key_size=16, encryptalg=12 Aug 26 18:24:50.551920: | st->st_esp.keymat_len=80 is encrypt_keymat_size=16 + integ_keymat_size=64 Aug 26 18:24:50.551925: | setting IPsec SA replay-window to 32 Aug 26 18:24:50.551928: | NIC esp-hw-offload not for connection 'north-eastnets/0x2' not available on interface eth1 Aug 26 18:24:50.551932: | netlink: enabling tunnel mode Aug 26 18:24:50.551935: | netlink: setting IPsec SA replay-window to 32 using old-style req Aug 26 18:24:50.551939: | netlink: esp-hw-offload not set for IPsec SA Aug 26 18:24:50.552031: | netlink response for Add SA esp.8027c326@192.1.2.23 included non-error error Aug 26 18:24:50.552037: | set up outgoing SA, ref=0/0 Aug 26 18:24:50.552040: | looking for alg with encrypt: AES_CBC keylen: 128 integ: HMAC_SHA2_512_256 Aug 26 18:24:50.552044: | encrypt AES_CBC keylen=128 transid=12, key_size=16, encryptalg=12 Aug 26 18:24:50.552047: | st->st_esp.keymat_len=80 is encrypt_keymat_size=16 + integ_keymat_size=64 Aug 26 18:24:50.552051: | setting IPsec SA replay-window to 32 Aug 26 18:24:50.552055: | NIC esp-hw-offload not for connection 'north-eastnets/0x2' not available on interface eth1 Aug 26 18:24:50.552058: | netlink: enabling tunnel mode Aug 26 18:24:50.552061: | netlink: setting IPsec SA replay-window to 32 using old-style req Aug 26 18:24:50.552064: | netlink: esp-hw-offload not set for IPsec SA Aug 26 18:24:50.552116: | netlink response for Add SA esp.1b07e789@192.1.3.33 included non-error error Aug 26 18:24:50.552122: | priority calculation of connection "north-eastnets/0x2" is 0xfe7e7 Aug 26 18:24:50.552130: | add inbound eroute 192.0.22.0/24:0 --0-> 192.0.3.0/24:0 => tun.10000@192.1.3.33 (raw_eroute) Aug 26 18:24:50.552134: | IPsec Sa SPD priority set to 1042407 Aug 26 18:24:50.552179: | raw_eroute result=success Aug 26 18:24:50.552184: | set up incoming SA, ref=0/0 Aug 26 18:24:50.552187: | sr for #5: unrouted Aug 26 18:24:50.552190: | route_and_eroute() for proto 0, and source port 0 dest port 0 Aug 26 18:24:50.552193: | FOR_EACH_CONNECTION_... in route_owner Aug 26 18:24:50.552196: | conn north-eastnets/0x2 mark 0/00000000, 0/00000000 vs Aug 26 18:24:50.552199: | conn north-eastnets/0x2 mark 0/00000000, 0/00000000 Aug 26 18:24:50.552202: | conn north-eastnets/0x2 mark 0/00000000, 0/00000000 vs Aug 26 18:24:50.552205: | conn north-eastnets/0x1 mark 0/00000000, 0/00000000 Aug 26 18:24:50.552209: | route owner of "north-eastnets/0x2" unrouted: NULL; eroute owner: NULL Aug 26 18:24:50.552216: | route_and_eroute with c: north-eastnets/0x2 (next: none) ero:null esr:{(nil)} ro:null rosr:{(nil)} and state: #5 Aug 26 18:24:50.552220: | priority calculation of connection "north-eastnets/0x2" is 0xfe7e7 Aug 26 18:24:50.552228: | eroute_connection add eroute 192.0.3.0/24:0 --0-> 192.0.22.0/24:0 => tun.0@192.1.2.23 (raw_eroute) Aug 26 18:24:50.552231: | IPsec Sa SPD priority set to 1042407 Aug 26 18:24:50.552254: | raw_eroute result=success Aug 26 18:24:50.552259: | running updown command "ipsec _updown" for verb up Aug 26 18:24:50.552263: | command executing up-client Aug 26 18:24:50.552296: | executing up-client: PLUTO_VERB='up-client' PLUTO_VERSION='2.0' PLUTO_CONNECTION='north-eastnets/0x2' PLUTO_INTERFACE='eth1' PLUTO_NEXT_HOP='192.1.2.23' PLUTO_ME='192.1.3.33' PLUTO_MY_ID='@north' PLUTO_MY_CLIENT='192.0.3.0/24' PLUTO_MY_CLIENT_NET='192.0.3.0' PLUTO_MY_CLIENT_MASK='255.255.255.0' PLUTO_MY_PORT='0' PLUTO_MY_PROTOCOL='0' PLUTO_SA_REQID='16392' PLUTO_SA_TYPE='ESP' PLUTO_PEER='192.1.2.23' PLUTO_PEER_ID='@east' PLUTO_PEER_CLIENT='192.0.22.0/24' PLUTO_PEER_CLIENT_NET='192.0.22.0' PLUTO_PEER_CLIENT_MASK='255.255.255.0' PLUTO_PEER_PORT='0' PLUTO_PEER_PROTOCOL='0' PLUTO_PEER_CA='' PLUTO_STACK='netkey' PLUTO_ADDTIME='0' PLUTO_CONN_POLICY='RSASIG+ENCRYPT+TUNNEL+PFS+UP+IKEV2_ALLOW+SAREF_TRACK+IKE_FRAG_ALLOW+ESN_NO' PLUTO_CONN_KIND='CK_PERMANENT' PLUTO_CONN_ADDRFAMILY='ipv4' XAUTH_FAILED=0 PLUTO_IS_PEER_CISCO='0' PLUTO_PEER_DNS_INFO='' PLUTO_PEER_DOMAIN_INFO='' PLUTO_PEER_BANNER='' PLUTO_CFG_SERVER='0' PLUTO_CFG_CLIENT='0' PLUTO_NM_CONFIGURED='0' VTI_IFACE='' VTI_ROUTING='no' VTI_SHARED='no' SPI_IN=0 Aug 26 18:24:50.552304: | popen cmd is 1043 chars long Aug 26 18:24:50.552307: | cmd( 0):PLUTO_VERB='up-client' PLUTO_VERSION='2.0' PLUTO_CONNECTION='north-eastnets/0x2': Aug 26 18:24:50.552310: | cmd( 80): PLUTO_INTERFACE='eth1' PLUTO_NEXT_HOP='192.1.2.23' PLUTO_ME='192.1.3.33' PLUTO_: Aug 26 18:24:50.552313: | cmd( 160):MY_ID='@north' PLUTO_MY_CLIENT='192.0.3.0/24' PLUTO_MY_CLIENT_NET='192.0.3.0' PL: Aug 26 18:24:50.552315: | cmd( 240):UTO_MY_CLIENT_MASK='255.255.255.0' PLUTO_MY_PORT='0' PLUTO_MY_PROTOCOL='0' PLUTO: Aug 26 18:24:50.552318: | cmd( 320):_SA_REQID='16392' PLUTO_SA_TYPE='ESP' PLUTO_PEER='192.1.2.23' PLUTO_PEER_ID='@ea: Aug 26 18:24:50.552320: | cmd( 400):st' PLUTO_PEER_CLIENT='192.0.22.0/24' PLUTO_PEER_CLIENT_NET='192.0.22.0' PLUTO_P: Aug 26 18:24:50.552322: | cmd( 480):EER_CLIENT_MASK='255.255.255.0' PLUTO_PEER_PORT='0' PLUTO_PEER_PROTOCOL='0' PLUT: Aug 26 18:24:50.552325: | cmd( 560):O_PEER_CA='' PLUTO_STACK='netkey' PLUTO_ADDTIME='0' PLUTO_CONN_POLICY='RSASIG+EN: Aug 26 18:24:50.552327: | cmd( 640):CRYPT+TUNNEL+PFS+UP+IKEV2_ALLOW+SAREF_TRACK+IKE_FRAG_ALLOW+ESN_NO' PLUTO_CONN_KI: Aug 26 18:24:50.552330: | cmd( 720):ND='CK_PERMANENT' PLUTO_CONN_ADDRFAMILY='ipv4' XAUTH_FAILED=0 PLUTO_IS_PEER_CISC: Aug 26 18:24:50.552333: | cmd( 800):O='0' PLUTO_PEER_DNS_INFO='' PLUTO_PEER_DOMAIN_INFO='' PLUTO_PEER_BANNER='' PLUT: Aug 26 18:24:50.552335: | cmd( 880):O_CFG_SERVER='0' PLUTO_CFG_CLIENT='0' PLUTO_NM_CONFIGURED='0' VTI_IFACE='' VTI_R: Aug 26 18:24:50.552338: | cmd( 960):OUTING='no' VTI_SHARED='no' SPI_IN=0x8027c326 SPI_OUT=0x1b07e789 ipsec _updown 2: Aug 26 18:24:50.552340: | cmd(1040):>&1: Aug 26 18:24:50.563898: | route_and_eroute: firewall_notified: true Aug 26 18:24:50.563916: | running updown command "ipsec _updown" for verb prepare Aug 26 18:24:50.563921: | command executing prepare-client Aug 26 18:24:50.563955: | executing prepare-client: PLUTO_VERB='prepare-client' PLUTO_VERSION='2.0' PLUTO_CONNECTION='north-eastnets/0x2' PLUTO_INTERFACE='eth1' PLUTO_NEXT_HOP='192.1.2.23' PLUTO_ME='192.1.3.33' PLUTO_MY_ID='@north' PLUTO_MY_CLIENT='192.0.3.0/24' PLUTO_MY_CLIENT_NET='192.0.3.0' PLUTO_MY_CLIENT_MASK='255.255.255.0' PLUTO_MY_PORT='0' PLUTO_MY_PROTOCOL='0' PLUTO_SA_REQID='16392' PLUTO_SA_TYPE='ESP' PLUTO_PEER='192.1.2.23' PLUTO_PEER_ID='@east' PLUTO_PEER_CLIENT='192.0.22.0/24' PLUTO_PEER_CLIENT_NET='192.0.22.0' PLUTO_PEER_CLIENT_MASK='255.255.255.0' PLUTO_PEER_PORT='0' PLUTO_PEER_PROTOCOL='0' PLUTO_PEER_CA='' PLUTO_STACK='netkey' PLUTO_ADDTIME='0' PLUTO_CONN_POLICY='RSASIG+ENCRYPT+TUNNEL+PFS+UP+IKEV2_ALLOW+SAREF_TRACK+IKE_FRAG_ALLOW+ESN_NO' PLUTO_CONN_KIND='CK_PERMANENT' PLUTO_CONN_ADDRFAMILY='ipv4' XAUTH_FAILED=0 PLUTO_IS_PEER_CISCO='0' PLUTO_PEER_DNS_INFO='' PLUTO_PEER_DOMAIN_INFO='' PLUTO_PEER_BANNER='' PLUTO_CFG_SERVER='0' PLUTO_CFG_CLIENT='0' PLUTO_NM_CONFIGURED='0' VTI_IFACE='' VTI_ROUTING='no' VTI_SHARED='no Aug 26 18:24:50.563964: | popen cmd is 1048 chars long Aug 26 18:24:50.563968: | cmd( 0):PLUTO_VERB='prepare-client' PLUTO_VERSION='2.0' PLUTO_CONNECTION='north-eastnets: Aug 26 18:24:50.563971: | cmd( 80):/0x2' PLUTO_INTERFACE='eth1' PLUTO_NEXT_HOP='192.1.2.23' PLUTO_ME='192.1.3.33' P: Aug 26 18:24:50.563974: | cmd( 160):LUTO_MY_ID='@north' PLUTO_MY_CLIENT='192.0.3.0/24' PLUTO_MY_CLIENT_NET='192.0.3.: Aug 26 18:24:50.563977: | cmd( 240):0' PLUTO_MY_CLIENT_MASK='255.255.255.0' PLUTO_MY_PORT='0' PLUTO_MY_PROTOCOL='0' : Aug 26 18:24:50.563980: | cmd( 320):PLUTO_SA_REQID='16392' PLUTO_SA_TYPE='ESP' PLUTO_PEER='192.1.2.23' PLUTO_PEER_ID: Aug 26 18:24:50.563983: | cmd( 400):='@east' PLUTO_PEER_CLIENT='192.0.22.0/24' PLUTO_PEER_CLIENT_NET='192.0.22.0' PL: Aug 26 18:24:50.563986: | cmd( 480):UTO_PEER_CLIENT_MASK='255.255.255.0' PLUTO_PEER_PORT='0' PLUTO_PEER_PROTOCOL='0': Aug 26 18:24:50.563989: | cmd( 560): PLUTO_PEER_CA='' PLUTO_STACK='netkey' PLUTO_ADDTIME='0' PLUTO_CONN_POLICY='RSAS: Aug 26 18:24:50.563991: | cmd( 640):IG+ENCRYPT+TUNNEL+PFS+UP+IKEV2_ALLOW+SAREF_TRACK+IKE_FRAG_ALLOW+ESN_NO' PLUTO_CO: Aug 26 18:24:50.563994: | cmd( 720):NN_KIND='CK_PERMANENT' PLUTO_CONN_ADDRFAMILY='ipv4' XAUTH_FAILED=0 PLUTO_IS_PEER: Aug 26 18:24:50.563997: | cmd( 800):_CISCO='0' PLUTO_PEER_DNS_INFO='' PLUTO_PEER_DOMAIN_INFO='' PLUTO_PEER_BANNER='': Aug 26 18:24:50.564000: | cmd( 880): PLUTO_CFG_SERVER='0' PLUTO_CFG_CLIENT='0' PLUTO_NM_CONFIGURED='0' VTI_IFACE='' : Aug 26 18:24:50.564003: | cmd( 960):VTI_ROUTING='no' VTI_SHARED='no' SPI_IN=0x8027c326 SPI_OUT=0x1b07e789 ipsec _upd: Aug 26 18:24:50.564005: | cmd(1040):own 2>&1: Aug 26 18:24:50.583405: | running updown command "ipsec _updown" for verb route Aug 26 18:24:50.583420: | command executing route-client Aug 26 18:24:50.583456: | executing route-client: PLUTO_VERB='route-client' PLUTO_VERSION='2.0' PLUTO_CONNECTION='north-eastnets/0x2' PLUTO_INTERFACE='eth1' PLUTO_NEXT_HOP='192.1.2.23' PLUTO_ME='192.1.3.33' PLUTO_MY_ID='@north' PLUTO_MY_CLIENT='192.0.3.0/24' PLUTO_MY_CLIENT_NET='192.0.3.0' PLUTO_MY_CLIENT_MASK='255.255.255.0' PLUTO_MY_PORT='0' PLUTO_MY_PROTOCOL='0' PLUTO_SA_REQID='16392' PLUTO_SA_TYPE='ESP' PLUTO_PEER='192.1.2.23' PLUTO_PEER_ID='@east' PLUTO_PEER_CLIENT='192.0.22.0/24' PLUTO_PEER_CLIENT_NET='192.0.22.0' PLUTO_PEER_CLIENT_MASK='255.255.255.0' PLUTO_PEER_PORT='0' PLUTO_PEER_PROTOCOL='0' PLUTO_PEER_CA='' PLUTO_STACK='netkey' PLUTO_ADDTIME='0' PLUTO_CONN_POLICY='RSASIG+ENCRYPT+TUNNEL+PFS+UP+IKEV2_ALLOW+SAREF_TRACK+IKE_FRAG_ALLOW+ESN_NO' PLUTO_CONN_KIND='CK_PERMANENT' PLUTO_CONN_ADDRFAMILY='ipv4' XAUTH_FAILED=0 PLUTO_IS_PEER_CISCO='0' PLUTO_PEER_DNS_INFO='' PLUTO_PEER_DOMAIN_INFO='' PLUTO_PEER_BANNER='' PLUTO_CFG_SERVER='0' PLUTO_CFG_CLIENT='0' PLUTO_NM_CONFIGURED='0' VTI_IFACE='' VTI_ROUTING='no' VTI_SHARED='no' SP Aug 26 18:24:50.583462: | popen cmd is 1046 chars long Aug 26 18:24:50.583465: | cmd( 0):PLUTO_VERB='route-client' PLUTO_VERSION='2.0' PLUTO_CONNECTION='north-eastnets/0: Aug 26 18:24:50.583468: | cmd( 80):x2' PLUTO_INTERFACE='eth1' PLUTO_NEXT_HOP='192.1.2.23' PLUTO_ME='192.1.3.33' PLU: Aug 26 18:24:50.583471: | cmd( 160):TO_MY_ID='@north' PLUTO_MY_CLIENT='192.0.3.0/24' PLUTO_MY_CLIENT_NET='192.0.3.0': Aug 26 18:24:50.583474: | cmd( 240): PLUTO_MY_CLIENT_MASK='255.255.255.0' PLUTO_MY_PORT='0' PLUTO_MY_PROTOCOL='0' PL: Aug 26 18:24:50.583477: | cmd( 320):UTO_SA_REQID='16392' PLUTO_SA_TYPE='ESP' PLUTO_PEER='192.1.2.23' PLUTO_PEER_ID=': Aug 26 18:24:50.583480: | cmd( 400):@east' PLUTO_PEER_CLIENT='192.0.22.0/24' PLUTO_PEER_CLIENT_NET='192.0.22.0' PLUT: Aug 26 18:24:50.583488: | cmd( 480):O_PEER_CLIENT_MASK='255.255.255.0' PLUTO_PEER_PORT='0' PLUTO_PEER_PROTOCOL='0' P: Aug 26 18:24:50.583491: | cmd( 560):LUTO_PEER_CA='' PLUTO_STACK='netkey' PLUTO_ADDTIME='0' PLUTO_CONN_POLICY='RSASIG: Aug 26 18:24:50.583494: | cmd( 640):+ENCRYPT+TUNNEL+PFS+UP+IKEV2_ALLOW+SAREF_TRACK+IKE_FRAG_ALLOW+ESN_NO' PLUTO_CONN: Aug 26 18:24:50.583497: | cmd( 720):_KIND='CK_PERMANENT' PLUTO_CONN_ADDRFAMILY='ipv4' XAUTH_FAILED=0 PLUTO_IS_PEER_C: Aug 26 18:24:50.583500: | cmd( 800):ISCO='0' PLUTO_PEER_DNS_INFO='' PLUTO_PEER_DOMAIN_INFO='' PLUTO_PEER_BANNER='' P: Aug 26 18:24:50.583503: | cmd( 880):LUTO_CFG_SERVER='0' PLUTO_CFG_CLIENT='0' PLUTO_NM_CONFIGURED='0' VTI_IFACE='' VT: Aug 26 18:24:50.583506: | cmd( 960):I_ROUTING='no' VTI_SHARED='no' SPI_IN=0x8027c326 SPI_OUT=0x1b07e789 ipsec _updow: Aug 26 18:24:50.583508: | cmd(1040):n 2>&1: Aug 26 18:24:50.611068: | route_and_eroute: instance "north-eastnets/0x2", setting eroute_owner {spd=0x55ce53a723a0,sr=0x55ce53a723a0} to #5 (was #0) (newest_ipsec_sa=#0) Aug 26 18:24:50.613345: | #2 spent 2.01 milliseconds in install_ipsec_sa() Aug 26 18:24:50.613367: | ISAKMP_v2_IKE_AUTH: instance north-eastnets/0x2[0], setting IKEv2 newest_ipsec_sa to #5 (was #0) (spd.eroute=#5) cloned from #2 Aug 26 18:24:50.613373: | adding 13 bytes of padding (including 1 byte padding-length) Aug 26 18:24:50.613378: | emitting 1 0x00 repeated bytes of padding and length into IKEv2 Encryption Payload Aug 26 18:24:50.613383: | emitting 1 0x01 repeated bytes of padding and length into IKEv2 Encryption Payload Aug 26 18:24:50.613387: | emitting 1 0x02 repeated bytes of padding and length into IKEv2 Encryption Payload Aug 26 18:24:50.613391: | emitting 1 0x03 repeated bytes of padding and length into IKEv2 Encryption Payload Aug 26 18:24:50.613395: | emitting 1 0x04 repeated bytes of padding and length into IKEv2 Encryption Payload Aug 26 18:24:50.613398: | emitting 1 0x05 repeated bytes of padding and length into IKEv2 Encryption Payload Aug 26 18:24:50.613401: | emitting 1 0x06 repeated bytes of padding and length into IKEv2 Encryption Payload Aug 26 18:24:50.613405: | emitting 1 0x07 repeated bytes of padding and length into IKEv2 Encryption Payload Aug 26 18:24:50.613409: | emitting 1 0x08 repeated bytes of padding and length into IKEv2 Encryption Payload Aug 26 18:24:50.613412: | emitting 1 0x09 repeated bytes of padding and length into IKEv2 Encryption Payload Aug 26 18:24:50.613415: | emitting 1 0x0a repeated bytes of padding and length into IKEv2 Encryption Payload Aug 26 18:24:50.613419: | emitting 1 0x0b repeated bytes of padding and length into IKEv2 Encryption Payload Aug 26 18:24:50.613422: | emitting 1 0x0c repeated bytes of padding and length into IKEv2 Encryption Payload Aug 26 18:24:50.613427: | emitting 16 zero bytes of length of truncated HMAC/KEY into IKEv2 Encryption Payload Aug 26 18:24:50.613431: | emitting length of IKEv2 Encryption Payload: 436 Aug 26 18:24:50.613434: | emitting length of ISAKMP Message: 464 Aug 26 18:24:50.613505: | data being hmac: df 94 67 26 a0 0a d8 6e 82 6d 3e 8a e9 b9 76 8e Aug 26 18:24:50.613509: | data being hmac: 2e 20 23 20 00 00 00 01 00 00 01 d0 24 00 01 b4 Aug 26 18:24:50.613510: | data being hmac: fb 02 24 ac 61 6e d9 4c 92 7d 00 af e8 fa fd 91 Aug 26 18:24:50.613512: | data being hmac: eb 89 60 37 2c 56 ce 9c 82 9b 88 cc e9 9a dd 5c Aug 26 18:24:50.613513: | data being hmac: 2e ce 8a 66 2f a0 c1 0e c0 a2 3d cb 68 fb 7f 71 Aug 26 18:24:50.613515: | data being hmac: 92 1f dc b3 cc 8f 93 ef a5 f3 e0 b6 a1 5b 56 4a Aug 26 18:24:50.613516: | data being hmac: 4b 0e ee 64 40 f6 a4 22 0e 2d 78 38 ff ac 4a 72 Aug 26 18:24:50.613518: | data being hmac: 97 22 35 1a 46 c1 a7 fc 5f a8 4e d0 ca 95 45 f5 Aug 26 18:24:50.613520: | data being hmac: 88 ef 3c 5c b8 8b 8b be 42 69 be de 5d 8c 6b c3 Aug 26 18:24:50.613521: | data being hmac: 42 88 91 a6 6f 0e 73 80 23 33 98 0c 3c 30 fc eb Aug 26 18:24:50.613523: | data being hmac: 60 c6 f1 52 a6 78 47 25 d8 40 b5 0b 09 05 cc f3 Aug 26 18:24:50.613524: | data being hmac: 08 59 f7 1d 62 32 f7 f2 45 4e 43 22 9f 0f 25 e3 Aug 26 18:24:50.613529: | data being hmac: 94 13 16 98 c1 80 3c 0a 50 5d 4c 1a 3c dd 8f 8d Aug 26 18:24:50.613531: | data being hmac: 26 95 79 dd 80 9f 8a 62 aa 36 a7 38 12 90 48 f7 Aug 26 18:24:50.613532: | data being hmac: f1 ab 1c ce 38 4a 9c 85 ff a4 5d 89 d6 23 5a 96 Aug 26 18:24:50.613534: | data being hmac: f3 2d 78 47 8e 19 61 70 ec f2 41 95 a1 79 bb e3 Aug 26 18:24:50.613535: | data being hmac: 7c af 5d 5d 95 45 7f 7e 60 3b 19 dd ad 72 72 97 Aug 26 18:24:50.613537: | data being hmac: bc 6d 5b 71 fd 79 eb bb 03 67 57 a6 0d 36 01 e1 Aug 26 18:24:50.613538: | data being hmac: 9d 0a b5 a7 d2 23 59 a5 be 23 30 cb b4 1e 71 ba Aug 26 18:24:50.613540: | data being hmac: f0 ea 09 a3 7a 71 f2 d6 e3 9b 48 49 24 3e 3e 59 Aug 26 18:24:50.613541: | data being hmac: c8 33 e0 37 8b bb da 26 c4 b7 b3 52 c6 ff e6 ee Aug 26 18:24:50.613543: | data being hmac: 63 e3 a8 07 f1 ac 12 c5 34 88 18 55 b0 5b 34 ee Aug 26 18:24:50.613545: | data being hmac: f9 ee cd ae 22 f0 85 1c 40 b0 42 28 44 40 13 45 Aug 26 18:24:50.613546: | data being hmac: ce 95 a8 aa df bb 7b da 62 64 17 22 19 f6 f0 7d Aug 26 18:24:50.613548: | data being hmac: 2f 18 ed ec c9 87 11 ff 34 39 cf 15 89 d8 a3 7d Aug 26 18:24:50.613549: | data being hmac: 68 20 f8 07 77 f5 8f 0c c8 83 5e 11 72 aa 0a 19 Aug 26 18:24:50.613551: | data being hmac: 53 5b cc aa f3 af a5 db 27 d2 79 f1 dd b1 6f ed Aug 26 18:24:50.613552: | data being hmac: 35 2d 5e ab cc 07 ca 82 dc e3 1a 0a 70 94 db 8c Aug 26 18:24:50.613554: | out calculated auth: Aug 26 18:24:50.613555: | fc bf 7f 5d 71 66 3a 21 ff 75 69 3b 66 a5 4e c7 Aug 26 18:24:50.613563: | ikev2_parent_inI2outR2_continue_tail returned STF_OK Aug 26 18:24:50.613567: | #2 spent 9.31 milliseconds in processing: Responder: process IKE_AUTH request in ikev2_process_state_packet() Aug 26 18:24:50.613573: | suspend processing: state #2 connection "north-eastnets/0x2" from 192.1.2.23:500 (in complete_v2_state_transition() at ikev2.c:3379) Aug 26 18:24:50.613578: | start processing: state #5 connection "north-eastnets/0x2" from 192.1.2.23:500 (in complete_v2_state_transition() at ikev2.c:3379) Aug 26 18:24:50.613581: | #5 complete_v2_state_transition() md.from_state=PARENT_R1 md.svm.state[from]=PARENT_R1 UNDEFINED->V2_IPSEC_R with status STF_OK Aug 26 18:24:50.613583: | IKEv2: transition from state STATE_PARENT_R1 to state STATE_V2_IPSEC_R Aug 26 18:24:50.613585: | child state #5: UNDEFINED(ignore) => V2_IPSEC_R(established CHILD SA) Aug 26 18:24:50.613589: | Message ID: updating counters for #5 to 1 after switching state Aug 26 18:24:50.613592: | Message ID: recv #2.#5 request 1; ike: initiator.sent=-1 initiator.recv=-1 responder.sent=0 responder.recv=0->1; child: wip.initiator=-1 wip.responder=1->-1 Aug 26 18:24:50.613596: | Message ID: sent #2.#5 response 1; ike: initiator.sent=-1 initiator.recv=-1 responder.sent=0->1 responder.recv=1; child: wip.initiator=-1 wip.responder=-1 Aug 26 18:24:50.613598: | pstats #5 ikev2.child established Aug 26 18:24:50.613603: "north-eastnets/0x2" #5: negotiated connection [192.0.3.0-192.0.3.255:0-65535 0] -> [192.0.22.0-192.0.22.255:0-65535 0] Aug 26 18:24:50.613606: | NAT-T: encaps is 'auto' Aug 26 18:24:50.613610: "north-eastnets/0x2" #5: STATE_V2_IPSEC_R: IPsec SA established tunnel mode {ESP=>0x8027c326 <0x1b07e789 xfrm=AES_CBC_128-HMAC_SHA2_512_256 NATOA=none NATD=none DPD=passive} Aug 26 18:24:50.613613: | sending V2 new request packet to 192.1.2.23:500 (from 192.1.3.33:500) Aug 26 18:24:50.613618: | sending 464 bytes for STATE_PARENT_R1 through eth1 from 192.1.3.33:500 to 192.1.2.23:500 (using #2) Aug 26 18:24:50.613621: | df 94 67 26 a0 0a d8 6e 82 6d 3e 8a e9 b9 76 8e Aug 26 18:24:50.613623: | 2e 20 23 20 00 00 00 01 00 00 01 d0 24 00 01 b4 Aug 26 18:24:50.613624: | fb 02 24 ac 61 6e d9 4c 92 7d 00 af e8 fa fd 91 Aug 26 18:24:50.613626: | eb 89 60 37 2c 56 ce 9c 82 9b 88 cc e9 9a dd 5c Aug 26 18:24:50.613627: | 2e ce 8a 66 2f a0 c1 0e c0 a2 3d cb 68 fb 7f 71 Aug 26 18:24:50.613630: | 92 1f dc b3 cc 8f 93 ef a5 f3 e0 b6 a1 5b 56 4a Aug 26 18:24:50.613632: | 4b 0e ee 64 40 f6 a4 22 0e 2d 78 38 ff ac 4a 72 Aug 26 18:24:50.613633: | 97 22 35 1a 46 c1 a7 fc 5f a8 4e d0 ca 95 45 f5 Aug 26 18:24:50.613635: | 88 ef 3c 5c b8 8b 8b be 42 69 be de 5d 8c 6b c3 Aug 26 18:24:50.613636: | 42 88 91 a6 6f 0e 73 80 23 33 98 0c 3c 30 fc eb Aug 26 18:24:50.613638: | 60 c6 f1 52 a6 78 47 25 d8 40 b5 0b 09 05 cc f3 Aug 26 18:24:50.613639: | 08 59 f7 1d 62 32 f7 f2 45 4e 43 22 9f 0f 25 e3 Aug 26 18:24:50.613641: | 94 13 16 98 c1 80 3c 0a 50 5d 4c 1a 3c dd 8f 8d Aug 26 18:24:50.613642: | 26 95 79 dd 80 9f 8a 62 aa 36 a7 38 12 90 48 f7 Aug 26 18:24:50.613644: | f1 ab 1c ce 38 4a 9c 85 ff a4 5d 89 d6 23 5a 96 Aug 26 18:24:50.613645: | f3 2d 78 47 8e 19 61 70 ec f2 41 95 a1 79 bb e3 Aug 26 18:24:50.613647: | 7c af 5d 5d 95 45 7f 7e 60 3b 19 dd ad 72 72 97 Aug 26 18:24:50.613648: | bc 6d 5b 71 fd 79 eb bb 03 67 57 a6 0d 36 01 e1 Aug 26 18:24:50.613650: | 9d 0a b5 a7 d2 23 59 a5 be 23 30 cb b4 1e 71 ba Aug 26 18:24:50.613651: | f0 ea 09 a3 7a 71 f2 d6 e3 9b 48 49 24 3e 3e 59 Aug 26 18:24:50.613653: | c8 33 e0 37 8b bb da 26 c4 b7 b3 52 c6 ff e6 ee Aug 26 18:24:50.613654: | 63 e3 a8 07 f1 ac 12 c5 34 88 18 55 b0 5b 34 ee Aug 26 18:24:50.613656: | f9 ee cd ae 22 f0 85 1c 40 b0 42 28 44 40 13 45 Aug 26 18:24:50.613657: | ce 95 a8 aa df bb 7b da 62 64 17 22 19 f6 f0 7d Aug 26 18:24:50.613659: | 2f 18 ed ec c9 87 11 ff 34 39 cf 15 89 d8 a3 7d Aug 26 18:24:50.613660: | 68 20 f8 07 77 f5 8f 0c c8 83 5e 11 72 aa 0a 19 Aug 26 18:24:50.613662: | 53 5b cc aa f3 af a5 db 27 d2 79 f1 dd b1 6f ed Aug 26 18:24:50.613663: | 35 2d 5e ab cc 07 ca 82 dc e3 1a 0a 70 94 db 8c Aug 26 18:24:50.613665: | fc bf 7f 5d 71 66 3a 21 ff 75 69 3b 66 a5 4e c7 Aug 26 18:24:50.613688: | releasing whack for #5 (sock=fd@-1) Aug 26 18:24:50.613692: | releasing whack and unpending for parent #2 Aug 26 18:24:50.613695: | unpending state #2 connection "north-eastnets/0x2" Aug 26 18:24:50.613699: | #5 will start re-keying in 28530 seconds with margin of 270 seconds (attempting re-key) Aug 26 18:24:50.613703: | event_schedule: new EVENT_SA_REKEY-pe@0x55ce53a82320 Aug 26 18:24:50.613707: | inserting event EVENT_SA_REKEY, timeout in 28530 seconds for #5 Aug 26 18:24:50.613711: | libevent_malloc: new ptr-libevent@0x55ce53a895d0 size 128 Aug 26 18:24:50.613722: | resume sending helper answer for #2 suppresed complete_v2_state_transition() Aug 26 18:24:50.613727: | #2 spent 9.72 milliseconds in resume sending helper answer Aug 26 18:24:50.613733: | stop processing: state #5 connection "north-eastnets/0x2" from 192.1.2.23:500 (in resume_handler() at server.c:833) Aug 26 18:24:50.613738: | libevent_free: release ptr-libevent@0x7ffa94003060 Aug 26 18:24:50.613757: | processing signal PLUTO_SIGCHLD Aug 26 18:24:50.613762: | waitpid returned ECHILD (no child processes left) Aug 26 18:24:50.613767: | spent 0.00534 milliseconds in signal handler PLUTO_SIGCHLD Aug 26 18:24:50.613770: | processing signal PLUTO_SIGCHLD Aug 26 18:24:50.613774: | waitpid returned ECHILD (no child processes left) Aug 26 18:24:50.613778: | spent 0.00366 milliseconds in signal handler PLUTO_SIGCHLD Aug 26 18:24:50.613780: | processing signal PLUTO_SIGCHLD Aug 26 18:24:50.613784: | waitpid returned ECHILD (no child processes left) Aug 26 18:24:50.613788: | spent 0.00411 milliseconds in signal handler PLUTO_SIGCHLD Aug 26 18:24:50.643183: | spent 0.00273 milliseconds in comm_handle_cb() calling check_incoming_msg_errqueue() Aug 26 18:24:50.643208: | *received 608 bytes from 192.1.2.23:500 on eth1 (192.1.3.33:500) Aug 26 18:24:50.643213: | df 94 67 26 a0 0a d8 6e 82 6d 3e 8a e9 b9 76 8e Aug 26 18:24:50.643216: | 2e 20 24 08 00 00 00 02 00 00 02 60 21 00 02 44 Aug 26 18:24:50.643219: | 10 56 e6 68 73 ec b1 4c 77 ef 6c 0c bd b1 0b 63 Aug 26 18:24:50.643221: | 11 bd 0c 32 b9 87 1e c4 da 4f 2e 37 d8 36 b5 b9 Aug 26 18:24:50.643226: | 3d fe e7 6b 30 ad 7b 08 3a 37 8f 43 26 66 07 ea Aug 26 18:24:50.643228: | 77 5d b7 ce 0d ee 1e eb fa dd 63 ac db a8 54 62 Aug 26 18:24:50.643231: | 2b 7f 1d fe 7a 9e 55 3d 4c 43 2a bd d0 6b 1e b6 Aug 26 18:24:50.643234: | 0d e4 20 c7 73 51 7c 5d d9 c0 32 63 26 69 1e aa Aug 26 18:24:50.643236: | 53 fc 55 86 a0 3d ca 97 e4 33 0c dc 50 4b ad 64 Aug 26 18:24:50.643238: | 7b 8b 9a 44 f3 b9 28 03 26 c2 8a f0 34 b6 48 b0 Aug 26 18:24:50.643241: | 5f 0e 42 9b fb 84 61 df 28 84 ad 05 cc cd 25 d1 Aug 26 18:24:50.643243: | 27 fe b1 dd b8 a4 95 d1 21 9f cd 90 0b 0d 40 a2 Aug 26 18:24:50.643246: | f8 f2 0a 9a 97 5c ab c7 f9 86 b4 08 5c 78 e2 2d Aug 26 18:24:50.643248: | f0 96 45 7f 61 15 6e ef f7 16 80 32 b4 f3 8d 03 Aug 26 18:24:50.643251: | 8d 4c 23 90 e8 1e 8d 81 c6 90 02 cc a7 bf 8c af Aug 26 18:24:50.643253: | f5 49 56 17 92 21 f4 27 21 5a 03 42 d0 45 f7 57 Aug 26 18:24:50.643256: | ab ed d3 22 d9 3e fc e2 4b 39 54 d2 0c 9d 43 a3 Aug 26 18:24:50.643259: | 22 33 ee 6c 04 5e ed d6 bb 33 f9 08 16 05 1a 7b Aug 26 18:24:50.643261: | e9 0b a0 ec f5 9e bf 15 c6 68 62 df a6 c2 2c 3e Aug 26 18:24:50.643264: | a8 01 0e cf 51 05 89 8a cb 62 e6 c9 21 29 f4 97 Aug 26 18:24:50.643266: | 30 f6 5d e5 e2 ce 44 15 97 e4 7b e7 bb 00 1c ea Aug 26 18:24:50.643269: | 03 7a f4 f6 6f 7b 59 2f cc 68 c2 68 f5 69 ba a6 Aug 26 18:24:50.643271: | 81 64 d6 1c b6 c2 a4 d0 dd 6f a4 36 2f da 5d ae Aug 26 18:24:50.643273: | 18 38 1d 9c 04 be 73 c0 20 ab ff 39 1f 5d ef 38 Aug 26 18:24:50.643276: | 25 72 a3 7e bc a6 44 72 e3 b5 1d 8a a6 be fe a6 Aug 26 18:24:50.643279: | b4 c1 22 4b a4 44 59 c7 19 c7 28 47 70 43 84 e7 Aug 26 18:24:50.643281: | 96 d2 49 3e 8f bc ea 2b 1b b2 c1 15 f6 5f 81 cb Aug 26 18:24:50.643284: | 3d 11 0f f6 f2 79 12 40 ca a8 09 5b 0f ec f3 a2 Aug 26 18:24:50.643286: | fc 65 bc 59 5e 9b 4f ff 12 fd 17 98 5e 67 9b 97 Aug 26 18:24:50.643295: | 4b c8 60 19 19 e3 69 6b 98 30 5a 7f a7 5d 31 bd Aug 26 18:24:50.643300: | e9 36 cb 53 7f fd 95 a9 c3 32 78 3d e4 b0 08 58 Aug 26 18:24:50.643302: | 98 2f 7d f7 71 d6 25 b5 32 81 c3 63 03 ac a5 fc Aug 26 18:24:50.643305: | 54 86 4f 18 35 df 24 00 6f 18 8b 59 7c cc ff 72 Aug 26 18:24:50.643308: | 85 7c 85 6a 7d 8f 06 85 50 87 fe e2 86 a0 ae b6 Aug 26 18:24:50.643310: | a6 a6 0f be 3c 5d 22 51 9a 26 3a 73 14 7d e3 c1 Aug 26 18:24:50.643312: | f2 56 20 f3 7a 3a 7b 14 21 34 d4 86 8f c9 2f d8 Aug 26 18:24:50.643315: | ed 60 92 92 42 a2 46 b6 d6 52 a3 bf a7 b2 8b c4 Aug 26 18:24:50.643317: | d1 a5 12 04 50 8e 87 23 f9 69 42 4c 90 68 58 87 Aug 26 18:24:50.643323: | start processing: from 192.1.2.23:500 (in process_md() at demux.c:378) Aug 26 18:24:50.643327: | **parse ISAKMP Message: Aug 26 18:24:50.643330: | initiator cookie: Aug 26 18:24:50.643333: | df 94 67 26 a0 0a d8 6e Aug 26 18:24:50.643335: | responder cookie: Aug 26 18:24:50.643338: | 82 6d 3e 8a e9 b9 76 8e Aug 26 18:24:50.643341: | next payload type: ISAKMP_NEXT_v2SK (0x2e) Aug 26 18:24:50.643344: | ISAKMP version: IKEv2 version 2.0 (rfc4306/rfc5996) (0x20) Aug 26 18:24:50.643347: | exchange type: ISAKMP_v2_CREATE_CHILD_SA (0x24) Aug 26 18:24:50.643353: | flags: ISAKMP_FLAG_v2_IKE_INIT (0x8) Aug 26 18:24:50.643356: | Message ID: 2 (0x2) Aug 26 18:24:50.643358: | length: 608 (0x260) Aug 26 18:24:50.643362: | processing version=2.0 packet with exchange type=ISAKMP_v2_CREATE_CHILD_SA (36) Aug 26 18:24:50.643365: | I am the IKE SA Original Responder receiving an IKEv2 CREATE_CHILD_SA request Aug 26 18:24:50.643370: | State DB: found IKEv2 state #2 in PARENT_R2 (find_v2_ike_sa) Aug 26 18:24:50.643377: | start processing: state #2 connection "north-eastnets/0x2" from 192.1.2.23:500 (in ikev2_process_packet() at ikev2.c:2016) Aug 26 18:24:50.643381: | State DB: IKEv2 state not found (find_v2_sa_by_responder_wip) Aug 26 18:24:50.643386: | [RE]START processing: state #2 connection "north-eastnets/0x2" from 192.1.2.23:500 (in ike_process_packet() at ikev2.c:2064) Aug 26 18:24:50.643391: | #2 st.st_msgid_lastrecv 1 md.hdr.isa_msgid 00000002 Aug 26 18:24:50.643396: | Message ID: #2 not a duplicate - message is new; initiator.sent=-1 initiator.recv=-1 responder.sent=1 responder.recv=1 Aug 26 18:24:50.643399: | unpacking clear payload Aug 26 18:24:50.643402: | Now let's proceed with payload (ISAKMP_NEXT_v2SK) Aug 26 18:24:50.643405: | ***parse IKEv2 Encryption Payload: Aug 26 18:24:50.643408: | next payload type: ISAKMP_NEXT_v2SA (0x21) Aug 26 18:24:50.643411: | flags: none (0x0) Aug 26 18:24:50.643413: | length: 580 (0x244) Aug 26 18:24:50.643416: | processing payload: ISAKMP_NEXT_v2SK (len=576) Aug 26 18:24:50.643421: | Message ID: start-responder #2 request 2; ike: initiator.sent=-1 initiator.recv=-1 responder.sent=1 responder.recv=1 wip.initiator=-1 wip.responder=-1->2 Aug 26 18:24:50.643425: | #2 in state PARENT_R2: received v2I2, PARENT SA established Aug 26 18:24:50.643458: | data for hmac: df 94 67 26 a0 0a d8 6e 82 6d 3e 8a e9 b9 76 8e Aug 26 18:24:50.643463: | data for hmac: 2e 20 24 08 00 00 00 02 00 00 02 60 21 00 02 44 Aug 26 18:24:50.643466: | data for hmac: 10 56 e6 68 73 ec b1 4c 77 ef 6c 0c bd b1 0b 63 Aug 26 18:24:50.643468: | data for hmac: 11 bd 0c 32 b9 87 1e c4 da 4f 2e 37 d8 36 b5 b9 Aug 26 18:24:50.643471: | data for hmac: 3d fe e7 6b 30 ad 7b 08 3a 37 8f 43 26 66 07 ea Aug 26 18:24:50.643473: | data for hmac: 77 5d b7 ce 0d ee 1e eb fa dd 63 ac db a8 54 62 Aug 26 18:24:50.643476: | data for hmac: 2b 7f 1d fe 7a 9e 55 3d 4c 43 2a bd d0 6b 1e b6 Aug 26 18:24:50.643479: | data for hmac: 0d e4 20 c7 73 51 7c 5d d9 c0 32 63 26 69 1e aa Aug 26 18:24:50.643481: | data for hmac: 53 fc 55 86 a0 3d ca 97 e4 33 0c dc 50 4b ad 64 Aug 26 18:24:50.643484: | data for hmac: 7b 8b 9a 44 f3 b9 28 03 26 c2 8a f0 34 b6 48 b0 Aug 26 18:24:50.643486: | data for hmac: 5f 0e 42 9b fb 84 61 df 28 84 ad 05 cc cd 25 d1 Aug 26 18:24:50.643489: | data for hmac: 27 fe b1 dd b8 a4 95 d1 21 9f cd 90 0b 0d 40 a2 Aug 26 18:24:50.643492: | data for hmac: f8 f2 0a 9a 97 5c ab c7 f9 86 b4 08 5c 78 e2 2d Aug 26 18:24:50.643494: | data for hmac: f0 96 45 7f 61 15 6e ef f7 16 80 32 b4 f3 8d 03 Aug 26 18:24:50.643497: | data for hmac: 8d 4c 23 90 e8 1e 8d 81 c6 90 02 cc a7 bf 8c af Aug 26 18:24:50.643500: | data for hmac: f5 49 56 17 92 21 f4 27 21 5a 03 42 d0 45 f7 57 Aug 26 18:24:50.643502: | data for hmac: ab ed d3 22 d9 3e fc e2 4b 39 54 d2 0c 9d 43 a3 Aug 26 18:24:50.643505: | data for hmac: 22 33 ee 6c 04 5e ed d6 bb 33 f9 08 16 05 1a 7b Aug 26 18:24:50.643507: | data for hmac: e9 0b a0 ec f5 9e bf 15 c6 68 62 df a6 c2 2c 3e Aug 26 18:24:50.643510: | data for hmac: a8 01 0e cf 51 05 89 8a cb 62 e6 c9 21 29 f4 97 Aug 26 18:24:50.643513: | data for hmac: 30 f6 5d e5 e2 ce 44 15 97 e4 7b e7 bb 00 1c ea Aug 26 18:24:50.643516: | data for hmac: 03 7a f4 f6 6f 7b 59 2f cc 68 c2 68 f5 69 ba a6 Aug 26 18:24:50.643518: | data for hmac: 81 64 d6 1c b6 c2 a4 d0 dd 6f a4 36 2f da 5d ae Aug 26 18:24:50.643521: | data for hmac: 18 38 1d 9c 04 be 73 c0 20 ab ff 39 1f 5d ef 38 Aug 26 18:24:50.643523: | data for hmac: 25 72 a3 7e bc a6 44 72 e3 b5 1d 8a a6 be fe a6 Aug 26 18:24:50.643526: | data for hmac: b4 c1 22 4b a4 44 59 c7 19 c7 28 47 70 43 84 e7 Aug 26 18:24:50.643529: | data for hmac: 96 d2 49 3e 8f bc ea 2b 1b b2 c1 15 f6 5f 81 cb Aug 26 18:24:50.643531: | data for hmac: 3d 11 0f f6 f2 79 12 40 ca a8 09 5b 0f ec f3 a2 Aug 26 18:24:50.643534: | data for hmac: fc 65 bc 59 5e 9b 4f ff 12 fd 17 98 5e 67 9b 97 Aug 26 18:24:50.643537: | data for hmac: 4b c8 60 19 19 e3 69 6b 98 30 5a 7f a7 5d 31 bd Aug 26 18:24:50.643539: | data for hmac: e9 36 cb 53 7f fd 95 a9 c3 32 78 3d e4 b0 08 58 Aug 26 18:24:50.643542: | data for hmac: 98 2f 7d f7 71 d6 25 b5 32 81 c3 63 03 ac a5 fc Aug 26 18:24:50.643545: | data for hmac: 54 86 4f 18 35 df 24 00 6f 18 8b 59 7c cc ff 72 Aug 26 18:24:50.643547: | data for hmac: 85 7c 85 6a 7d 8f 06 85 50 87 fe e2 86 a0 ae b6 Aug 26 18:24:50.643552: | data for hmac: a6 a6 0f be 3c 5d 22 51 9a 26 3a 73 14 7d e3 c1 Aug 26 18:24:50.643555: | data for hmac: f2 56 20 f3 7a 3a 7b 14 21 34 d4 86 8f c9 2f d8 Aug 26 18:24:50.643557: | data for hmac: ed 60 92 92 42 a2 46 b6 d6 52 a3 bf a7 b2 8b c4 Aug 26 18:24:50.643560: | calculated auth: d1 a5 12 04 50 8e 87 23 f9 69 42 4c 90 68 58 87 Aug 26 18:24:50.643563: | provided auth: d1 a5 12 04 50 8e 87 23 f9 69 42 4c 90 68 58 87 Aug 26 18:24:50.643566: | authenticator matched Aug 26 18:24:50.643579: | #2 ikev2 ISAKMP_v2_CREATE_CHILD_SA decrypt success Aug 26 18:24:50.643583: | Now let's proceed with payload (ISAKMP_NEXT_v2SA) Aug 26 18:24:50.643587: | **parse IKEv2 Security Association Payload: Aug 26 18:24:50.643590: | next payload type: ISAKMP_NEXT_v2Ni (0x28) Aug 26 18:24:50.643592: | flags: none (0x0) Aug 26 18:24:50.643595: | length: 52 (0x34) Aug 26 18:24:50.643598: | processing payload: ISAKMP_NEXT_v2SA (len=48) Aug 26 18:24:50.643600: | Now let's proceed with payload (ISAKMP_NEXT_v2Ni) Aug 26 18:24:50.643603: | **parse IKEv2 Nonce Payload: Aug 26 18:24:50.643606: | next payload type: ISAKMP_NEXT_v2KE (0x22) Aug 26 18:24:50.643608: | flags: none (0x0) Aug 26 18:24:50.643611: | length: 36 (0x24) Aug 26 18:24:50.643614: | processing payload: ISAKMP_NEXT_v2Ni (len=32) Aug 26 18:24:50.643616: | Now let's proceed with payload (ISAKMP_NEXT_v2KE) Aug 26 18:24:50.643619: | **parse IKEv2 Key Exchange Payload: Aug 26 18:24:50.643622: | next payload type: ISAKMP_NEXT_v2TSi (0x2c) Aug 26 18:24:50.643625: | flags: none (0x0) Aug 26 18:24:50.643627: | length: 392 (0x188) Aug 26 18:24:50.643630: | DH group: OAKLEY_GROUP_MODP3072 (0xf) Aug 26 18:24:50.643633: | processing payload: ISAKMP_NEXT_v2KE (len=384) Aug 26 18:24:50.643635: | Now let's proceed with payload (ISAKMP_NEXT_v2TSi) Aug 26 18:24:50.643638: | **parse IKEv2 Traffic Selector - Initiator - Payload: Aug 26 18:24:50.643641: | next payload type: ISAKMP_NEXT_v2TSr (0x2d) Aug 26 18:24:50.643644: | flags: none (0x0) Aug 26 18:24:50.643646: | length: 24 (0x18) Aug 26 18:24:50.643649: | number of TS: 1 (0x1) Aug 26 18:24:50.643652: | processing payload: ISAKMP_NEXT_v2TSi (len=16) Aug 26 18:24:50.643654: | Now let's proceed with payload (ISAKMP_NEXT_v2TSr) Aug 26 18:24:50.643657: | **parse IKEv2 Traffic Selector - Responder - Payload: Aug 26 18:24:50.643660: | next payload type: ISAKMP_NEXT_v2NONE (0x0) Aug 26 18:24:50.643663: | flags: none (0x0) Aug 26 18:24:50.643665: | length: 24 (0x18) Aug 26 18:24:50.643668: | number of TS: 1 (0x1) Aug 26 18:24:50.643671: | processing payload: ISAKMP_NEXT_v2TSr (len=16) Aug 26 18:24:50.643674: | state #2 forced to match CREATE_CHILD_SA from V2_CREATE_R->V2_IPSEC_R by ignoring from state Aug 26 18:24:50.643677: | selected state microcode Respond to CREATE_CHILD_SA IPsec SA Request Aug 26 18:24:50.643683: | #2 updating local interface from 192.1.3.33:500 to 192.1.3.33:500 using md->iface (in update_ike_endpoints() at state.c:2669) Aug 26 18:24:50.643688: | creating state object #6 at 0x55ce53a8d510 Aug 26 18:24:50.643692: | State DB: adding IKEv2 state #6 in UNDEFINED Aug 26 18:24:50.643702: | pstats #6 ikev2.child started Aug 26 18:24:50.643706: | duplicating state object #2 "north-eastnets/0x2" as #6 for IPSEC SA Aug 26 18:24:50.643712: | #6 setting local endpoint to 192.1.3.33:500 from #2.st_localport (in duplicate_state() at state.c:1484) Aug 26 18:24:50.643722: | Message ID: init_child #2.#6; ike: initiator.sent=-1 initiator.recv=-1 responder.sent=1 responder.recv=1; child: wip.initiator=0->-1 wip.responder=0->-1 Aug 26 18:24:50.643727: | child state #6: UNDEFINED(ignore) => V2_CREATE_R(established IKE SA) Aug 26 18:24:50.643732: | "north-eastnets/0x2" #2 received Child SA Request CREATE_CHILD_SA from 192.1.2.23:500 Child "north-eastnets/0x2" #6 in STATE_V2_CREATE_R will process it further Aug 26 18:24:50.643737: | Message ID: switch-from #2 request 2; ike: initiator.sent=-1 initiator.recv=-1 responder.sent=1 responder.recv=1 wip.initiator=-1 wip.responder=2->-1 Aug 26 18:24:50.643744: | Message ID: switch-to #2.#6 request 2; ike: initiator.sent=-1 initiator.recv=-1 responder.sent=1 responder.recv=1; child: wip.initiator=-1 wip.responder=-1->2 Aug 26 18:24:50.643747: | forcing ST #2 to CHILD #2.#6 in FSM processor Aug 26 18:24:50.643750: | Now let's proceed with state specific processing Aug 26 18:24:50.643753: | calling processor Respond to CREATE_CHILD_SA IPsec SA Request Aug 26 18:24:50.643761: | using existing local ESP/AH proposals for north-eastnets/0x2 (CREATE_CHILD_SA responder matching remote ESP/AH proposals): 1:ESP:ENCR=AES_CBC_128;INTEG=HMAC_SHA2_512_256;DH=MODP3072;ESN=DISABLED Aug 26 18:24:50.643766: | Comparing remote proposals against CREATE_CHILD_SA responder matching remote ESP/AH proposals 1 local proposals Aug 26 18:24:50.643769: | local proposal 1 type ENCR has 1 transforms Aug 26 18:24:50.643772: | local proposal 1 type PRF has 0 transforms Aug 26 18:24:50.643775: | local proposal 1 type INTEG has 1 transforms Aug 26 18:24:50.643778: | local proposal 1 type DH has 1 transforms Aug 26 18:24:50.643780: | local proposal 1 type ESN has 1 transforms Aug 26 18:24:50.643784: | local proposal 1 transforms: required: ENCR+INTEG+DH+ESN; optional: none Aug 26 18:24:50.643787: | ***parse IKEv2 Proposal Substructure Payload: Aug 26 18:24:50.643790: | last proposal: v2_PROPOSAL_LAST (0x0) Aug 26 18:24:50.643793: | length: 48 (0x30) Aug 26 18:24:50.643795: | prop #: 1 (0x1) Aug 26 18:24:50.643798: | proto ID: IKEv2_SEC_PROTO_ESP (0x3) Aug 26 18:24:50.643800: | spi size: 4 (0x4) Aug 26 18:24:50.643803: | # transforms: 4 (0x4) Aug 26 18:24:50.643807: | parsing 4 raw bytes of IKEv2 Proposal Substructure Payload into remote SPI Aug 26 18:24:50.643810: | remote SPI 1c fe 18 1f Aug 26 18:24:50.643813: | Comparing remote proposal 1 containing 4 transforms against local proposal [1..1] of 1 local proposals Aug 26 18:24:50.643816: | ****parse IKEv2 Transform Substructure Payload: Aug 26 18:24:50.643819: | last transform: v2_TRANSFORM_NON_LAST (0x3) Aug 26 18:24:50.643821: | length: 12 (0xc) Aug 26 18:24:50.643824: | IKEv2 transform type: TRANS_TYPE_ENCR (0x1) Aug 26 18:24:50.643827: | IKEv2 transform ID: AES_CBC (0xc) Aug 26 18:24:50.643830: | *****parse IKEv2 Attribute Substructure Payload: Aug 26 18:24:50.643833: | af+type: AF+IKEv2_KEY_LENGTH (0x800e) Aug 26 18:24:50.643835: | length/value: 128 (0x80) Aug 26 18:24:50.643840: | remote proposal 1 transform 0 (ENCR=AES_CBC_128) matches local proposal 1 type 1 (ENCR) transform 0 Aug 26 18:24:50.643844: | ****parse IKEv2 Transform Substructure Payload: Aug 26 18:24:50.643846: | last transform: v2_TRANSFORM_NON_LAST (0x3) Aug 26 18:24:50.643849: | length: 8 (0x8) Aug 26 18:24:50.643852: | IKEv2 transform type: TRANS_TYPE_INTEG (0x3) Aug 26 18:24:50.643854: | IKEv2 transform ID: AUTH_HMAC_SHA2_512_256 (0xe) Aug 26 18:24:50.643858: | remote proposal 1 transform 1 (INTEG=HMAC_SHA2_512_256) matches local proposal 1 type 3 (INTEG) transform 0 Aug 26 18:24:50.643861: | ****parse IKEv2 Transform Substructure Payload: Aug 26 18:24:50.643864: | last transform: v2_TRANSFORM_NON_LAST (0x3) Aug 26 18:24:50.643866: | length: 8 (0x8) Aug 26 18:24:50.643869: | IKEv2 transform type: TRANS_TYPE_DH (0x4) Aug 26 18:24:50.643872: | IKEv2 transform ID: OAKLEY_GROUP_MODP3072 (0xf) Aug 26 18:24:50.643876: | remote proposal 1 transform 2 (DH=MODP3072) matches local proposal 1 type 4 (DH) transform 0 Aug 26 18:24:50.643879: | ****parse IKEv2 Transform Substructure Payload: Aug 26 18:24:50.643881: | last transform: v2_TRANSFORM_LAST (0x0) Aug 26 18:24:50.643884: | length: 8 (0x8) Aug 26 18:24:50.643887: | IKEv2 transform type: TRANS_TYPE_ESN (0x5) Aug 26 18:24:50.643889: | IKEv2 transform ID: ESN_DISABLED (0x0) Aug 26 18:24:50.643893: | remote proposal 1 transform 3 (ESN=DISABLED) matches local proposal 1 type 5 (ESN) transform 0 Aug 26 18:24:50.643897: | remote proposal 1 proposed transforms: ENCR+INTEG+DH+ESN; matched: ENCR+INTEG+DH+ESN; unmatched: none Aug 26 18:24:50.643902: | comparing remote proposal 1 containing ENCR+INTEG+DH+ESN transforms to local proposal 1; required: ENCR+INTEG+DH+ESN; optional: none; matched: ENCR+INTEG+DH+ESN Aug 26 18:24:50.643907: | remote proposal 1 matches local proposal 1 Aug 26 18:24:50.643913: "north-eastnets/0x2" #2: proposal 1:ESP:SPI=1cfe181f;ENCR=AES_CBC_128;INTEG=HMAC_SHA2_512_256;DH=MODP3072;ESN=DISABLED chosen from remote proposals 1:ESP:ENCR=AES_CBC_128;INTEG=HMAC_SHA2_512_256;DH=MODP3072;ESN=DISABLED[first-match] Aug 26 18:24:50.643919: | CREATE_CHILD_SA responder matching remote ESP/AH proposals ikev2_proposal: 1:ESP:SPI=1cfe181f;ENCR=AES_CBC_128;INTEG=HMAC_SHA2_512_256;DH=MODP3072;ESN=DISABLED Aug 26 18:24:50.643922: | converting proposal to internal trans attrs Aug 26 18:24:50.643928: | updating #6's .st_oakley with preserved PRF, but why update? Aug 26 18:24:50.643934: | Child SA TS Request has child->sa == md->st; so using child connection Aug 26 18:24:50.643937: | TSi: parsing 1 traffic selectors Aug 26 18:24:50.643940: | ***parse IKEv2 Traffic Selector: Aug 26 18:24:50.643943: | TS type: IKEv2_TS_IPV4_ADDR_RANGE (0x7) Aug 26 18:24:50.643946: | IP Protocol ID: 0 (0x0) Aug 26 18:24:50.643949: | length: 16 (0x10) Aug 26 18:24:50.643951: | start port: 0 (0x0) Aug 26 18:24:50.643954: | end port: 65535 (0xffff) Aug 26 18:24:50.643957: | parsing 4 raw bytes of IKEv2 Traffic Selector into TS low Aug 26 18:24:50.643959: | TS low c0 00 02 00 Aug 26 18:24:50.643962: | parsing 4 raw bytes of IKEv2 Traffic Selector into TS high Aug 26 18:24:50.643965: | TS high c0 00 02 ff Aug 26 18:24:50.643967: | TSi: parsed 1 traffic selectors Aug 26 18:24:50.643970: | TSr: parsing 1 traffic selectors Aug 26 18:24:50.643973: | ***parse IKEv2 Traffic Selector: Aug 26 18:24:50.643975: | TS type: IKEv2_TS_IPV4_ADDR_RANGE (0x7) Aug 26 18:24:50.643978: | IP Protocol ID: 0 (0x0) Aug 26 18:24:50.643980: | length: 16 (0x10) Aug 26 18:24:50.643983: | start port: 0 (0x0) Aug 26 18:24:50.643985: | end port: 65535 (0xffff) Aug 26 18:24:50.643988: | parsing 4 raw bytes of IKEv2 Traffic Selector into TS low Aug 26 18:24:50.643991: | TS low c0 00 03 00 Aug 26 18:24:50.643994: | parsing 4 raw bytes of IKEv2 Traffic Selector into TS high Aug 26 18:24:50.643996: | TS high c0 00 03 ff Aug 26 18:24:50.643999: | TSr: parsed 1 traffic selectors Aug 26 18:24:50.644001: | looking for best SPD in current connection Aug 26 18:24:50.644007: | evaluating our conn="north-eastnets/0x2" I=192.0.22.0/24:0/0 R=192.0.3.0/24:0/0 to their: Aug 26 18:24:50.644013: | TSi[0] .net=192.0.2.0-192.0.2.255 .iporotoid=0 .{start,end}port=0..65535 Aug 26 18:24:50.644020: | match address end->client=192.0.22.0/24 == TSi[0]net=192.0.2.0-192.0.2.255: NO Aug 26 18:24:50.644023: | looking for better host pair Aug 26 18:24:50.644029: | find_host_pair: comparing 192.1.3.33:500 to 192.1.2.23:500 but ignoring ports Aug 26 18:24:50.644034: | checking hostpair 192.0.3.0/24 -> 192.0.22.0/24 is found Aug 26 18:24:50.644037: | investigating connection "north-eastnets/0x2" as a better match Aug 26 18:24:50.644040: | match_id a=@east Aug 26 18:24:50.644043: | b=@east Aug 26 18:24:50.644046: | results matched Aug 26 18:24:50.644051: | evaluating our conn="north-eastnets/0x2" I=192.0.22.0/24:0/0 R=192.0.3.0/24:0/0 to their: Aug 26 18:24:50.644056: | TSi[0] .net=192.0.2.0-192.0.2.255 .iporotoid=0 .{start,end}port=0..65535 Aug 26 18:24:50.644062: | match address end->client=192.0.22.0/24 == TSi[0]net=192.0.2.0-192.0.2.255: NO Aug 26 18:24:50.644065: | investigating connection "north-eastnets/0x1" as a better match Aug 26 18:24:50.644069: | match_id a=@east Aug 26 18:24:50.644071: | b=@east Aug 26 18:24:50.644073: | results matched Aug 26 18:24:50.644078: | evaluating our conn="north-eastnets/0x1" I=192.0.2.0/24:0/0 R=192.0.3.0/24:0/0 to their: Aug 26 18:24:50.644083: | TSi[0] .net=192.0.2.0-192.0.2.255 .iporotoid=0 .{start,end}port=0..65535 Aug 26 18:24:50.644089: | match address end->client=192.0.2.0/24 == TSi[0]net=192.0.2.0-192.0.2.255: YES fitness 32 Aug 26 18:24:50.644095: | narrow port end=0..65535 == TSi[0]=0..65535: 0 Aug 26 18:24:50.644099: | TSi[0] port match: YES fitness 65536 Aug 26 18:24:50.644102: | narrow protocol end=*0 == TSi[0]=*0: 0 Aug 26 18:24:50.644105: | match end->protocol=*0 == TSi[0].ipprotoid=*0: YES fitness 255 Aug 26 18:24:50.644110: | TSr[0] .net=192.0.3.0-192.0.3.255 .iporotoid=0 .{start,end}port=0..65535 Aug 26 18:24:50.644450: | match address end->client=192.0.3.0/24 == TSr[0]net=192.0.3.0-192.0.3.255: YES fitness 32 Aug 26 18:24:50.644460: | narrow port end=0..65535 == TSr[0]=0..65535: 0 Aug 26 18:24:50.644463: | TSr[0] port match: YES fitness 65536 Aug 26 18:24:50.644466: | narrow protocol end=*0 == TSr[0]=*0: 0 Aug 26 18:24:50.644469: | match end->protocol=*0 == TSr[0].ipprotoid=*0: YES fitness 255 Aug 26 18:24:50.644471: | best fit so far: TSi[0] TSr[0] Aug 26 18:24:50.644474: | protocol fitness found better match d north-eastnets/0x1, TSi[0],TSr[0] Aug 26 18:24:50.644480: | in connection_discard for connection north-eastnets/0x2 Aug 26 18:24:50.644483: | printing contents struct traffic_selector Aug 26 18:24:50.644485: | ts_type: IKEv2_TS_IPV4_ADDR_RANGE Aug 26 18:24:50.644487: | ipprotoid: 0 Aug 26 18:24:50.644490: | port range: 0-65535 Aug 26 18:24:50.644493: | ip range: 192.0.3.0-192.0.3.255 Aug 26 18:24:50.644496: | printing contents struct traffic_selector Aug 26 18:24:50.644498: | ts_type: IKEv2_TS_IPV4_ADDR_RANGE Aug 26 18:24:50.644500: | ipprotoid: 0 Aug 26 18:24:50.644502: | port range: 0-65535 Aug 26 18:24:50.644506: | ip range: 192.0.2.0-192.0.2.255 Aug 26 18:24:50.644510: | adding Child Responder KE and nonce nr work-order 6 for state #6 Aug 26 18:24:50.644514: | event_schedule: new EVENT_CRYPTO_TIMEOUT-pe@0x55ce53a79c70 Aug 26 18:24:50.644517: | inserting event EVENT_CRYPTO_TIMEOUT, timeout in 60 seconds for #6 Aug 26 18:24:50.644521: | libevent_malloc: new ptr-libevent@0x7ffa94003060 size 128 Aug 26 18:24:50.644533: | #6 spent 0.445 milliseconds in processing: Respond to CREATE_CHILD_SA IPsec SA Request in ikev2_process_state_packet() Aug 26 18:24:50.644539: | suspend processing: state #2 connection "north-eastnets/0x2" from 192.1.2.23:500 (in complete_v2_state_transition() at ikev2.c:3379) Aug 26 18:24:50.644544: | start processing: state #6 connection "north-eastnets/0x1" from 192.1.2.23:500 (in complete_v2_state_transition() at ikev2.c:3379) Aug 26 18:24:50.644547: | #6 complete_v2_state_transition() V2_CREATE_R->V2_IPSEC_R with status STF_SUSPEND Aug 26 18:24:50.644550: | suspending state #6 and saving MD Aug 26 18:24:50.644553: | #6 is busy; has a suspended MD Aug 26 18:24:50.644557: | [RE]START processing: state #6 connection "north-eastnets/0x1" from 192.1.2.23:500 (in log_stf_suspend() at ikev2.c:3269) Aug 26 18:24:50.644561: | "north-eastnets/0x1" #6 complete v2 state STATE_V2_CREATE_R transition with STF_SUSPEND suspended from complete_v2_state_transition:3451 Aug 26 18:24:50.644566: | stop processing: state #6 connection "north-eastnets/0x1" from 192.1.2.23:500 (in ikev2_process_packet() at ikev2.c:2018) Aug 26 18:24:50.644572: | #2 spent 1.04 milliseconds in ikev2_process_packet() Aug 26 18:24:50.644576: | stop processing: from 192.1.2.23:500 (in process_md() at demux.c:380) Aug 26 18:24:50.644579: | processing: STOP state #0 (in process_md() at demux.c:382) Aug 26 18:24:50.644583: | processing: STOP connection NULL (in process_md() at demux.c:383) Aug 26 18:24:50.644587: | spent 1.06 milliseconds in comm_handle_cb() reading and processing packet Aug 26 18:24:50.644660: | crypto helper 4 resuming Aug 26 18:24:50.644672: | crypto helper 4 starting work-order 6 for state #6 Aug 26 18:24:50.644678: | crypto helper 4 doing build KE and nonce (Child Responder KE and nonce nr); request ID 6 Aug 26 18:24:50.644681: | crypto helper is pausing for 1 seconds Aug 26 18:24:50.708313: | spent 0.00329 milliseconds in comm_handle_cb() calling check_incoming_msg_errqueue() Aug 26 18:24:50.708341: | *received 608 bytes from 192.1.2.23:500 on eth1 (192.1.3.33:500) Aug 26 18:24:50.708349: | df 94 67 26 a0 0a d8 6e 82 6d 3e 8a e9 b9 76 8e Aug 26 18:24:50.708353: | 2e 20 24 08 00 00 00 02 00 00 02 60 21 00 02 44 Aug 26 18:24:50.708355: | 10 56 e6 68 73 ec b1 4c 77 ef 6c 0c bd b1 0b 63 Aug 26 18:24:50.708358: | 11 bd 0c 32 b9 87 1e c4 da 4f 2e 37 d8 36 b5 b9 Aug 26 18:24:50.708360: | 3d fe e7 6b 30 ad 7b 08 3a 37 8f 43 26 66 07 ea Aug 26 18:24:50.708363: | 77 5d b7 ce 0d ee 1e eb fa dd 63 ac db a8 54 62 Aug 26 18:24:50.708365: | 2b 7f 1d fe 7a 9e 55 3d 4c 43 2a bd d0 6b 1e b6 Aug 26 18:24:50.708368: | 0d e4 20 c7 73 51 7c 5d d9 c0 32 63 26 69 1e aa Aug 26 18:24:50.708370: | 53 fc 55 86 a0 3d ca 97 e4 33 0c dc 50 4b ad 64 Aug 26 18:24:50.708373: | 7b 8b 9a 44 f3 b9 28 03 26 c2 8a f0 34 b6 48 b0 Aug 26 18:24:50.708375: | 5f 0e 42 9b fb 84 61 df 28 84 ad 05 cc cd 25 d1 Aug 26 18:24:50.708378: | 27 fe b1 dd b8 a4 95 d1 21 9f cd 90 0b 0d 40 a2 Aug 26 18:24:50.708380: | f8 f2 0a 9a 97 5c ab c7 f9 86 b4 08 5c 78 e2 2d Aug 26 18:24:50.708383: | f0 96 45 7f 61 15 6e ef f7 16 80 32 b4 f3 8d 03 Aug 26 18:24:50.708386: | 8d 4c 23 90 e8 1e 8d 81 c6 90 02 cc a7 bf 8c af Aug 26 18:24:50.708388: | f5 49 56 17 92 21 f4 27 21 5a 03 42 d0 45 f7 57 Aug 26 18:24:50.708391: | ab ed d3 22 d9 3e fc e2 4b 39 54 d2 0c 9d 43 a3 Aug 26 18:24:50.708393: | 22 33 ee 6c 04 5e ed d6 bb 33 f9 08 16 05 1a 7b Aug 26 18:24:50.708396: | e9 0b a0 ec f5 9e bf 15 c6 68 62 df a6 c2 2c 3e Aug 26 18:24:50.708398: | a8 01 0e cf 51 05 89 8a cb 62 e6 c9 21 29 f4 97 Aug 26 18:24:50.708401: | 30 f6 5d e5 e2 ce 44 15 97 e4 7b e7 bb 00 1c ea Aug 26 18:24:50.708403: | 03 7a f4 f6 6f 7b 59 2f cc 68 c2 68 f5 69 ba a6 Aug 26 18:24:50.708406: | 81 64 d6 1c b6 c2 a4 d0 dd 6f a4 36 2f da 5d ae Aug 26 18:24:50.708408: | 18 38 1d 9c 04 be 73 c0 20 ab ff 39 1f 5d ef 38 Aug 26 18:24:50.708411: | 25 72 a3 7e bc a6 44 72 e3 b5 1d 8a a6 be fe a6 Aug 26 18:24:50.708413: | b4 c1 22 4b a4 44 59 c7 19 c7 28 47 70 43 84 e7 Aug 26 18:24:50.708416: | 96 d2 49 3e 8f bc ea 2b 1b b2 c1 15 f6 5f 81 cb Aug 26 18:24:50.708418: | 3d 11 0f f6 f2 79 12 40 ca a8 09 5b 0f ec f3 a2 Aug 26 18:24:50.708421: | fc 65 bc 59 5e 9b 4f ff 12 fd 17 98 5e 67 9b 97 Aug 26 18:24:50.708424: | 4b c8 60 19 19 e3 69 6b 98 30 5a 7f a7 5d 31 bd Aug 26 18:24:50.708426: | e9 36 cb 53 7f fd 95 a9 c3 32 78 3d e4 b0 08 58 Aug 26 18:24:50.708429: | 98 2f 7d f7 71 d6 25 b5 32 81 c3 63 03 ac a5 fc Aug 26 18:24:50.708431: | 54 86 4f 18 35 df 24 00 6f 18 8b 59 7c cc ff 72 Aug 26 18:24:50.708434: | 85 7c 85 6a 7d 8f 06 85 50 87 fe e2 86 a0 ae b6 Aug 26 18:24:50.708436: | a6 a6 0f be 3c 5d 22 51 9a 26 3a 73 14 7d e3 c1 Aug 26 18:24:50.708439: | f2 56 20 f3 7a 3a 7b 14 21 34 d4 86 8f c9 2f d8 Aug 26 18:24:50.708441: | ed 60 92 92 42 a2 46 b6 d6 52 a3 bf a7 b2 8b c4 Aug 26 18:24:50.708444: | d1 a5 12 04 50 8e 87 23 f9 69 42 4c 90 68 58 87 Aug 26 18:24:50.708449: | start processing: from 192.1.2.23:500 (in process_md() at demux.c:378) Aug 26 18:24:50.708454: | **parse ISAKMP Message: Aug 26 18:24:50.708457: | initiator cookie: Aug 26 18:24:50.708460: | df 94 67 26 a0 0a d8 6e Aug 26 18:24:50.708463: | responder cookie: Aug 26 18:24:50.708465: | 82 6d 3e 8a e9 b9 76 8e Aug 26 18:24:50.708468: | next payload type: ISAKMP_NEXT_v2SK (0x2e) Aug 26 18:24:50.708471: | ISAKMP version: IKEv2 version 2.0 (rfc4306/rfc5996) (0x20) Aug 26 18:24:50.708474: | exchange type: ISAKMP_v2_CREATE_CHILD_SA (0x24) Aug 26 18:24:50.708477: | flags: ISAKMP_FLAG_v2_IKE_INIT (0x8) Aug 26 18:24:50.708480: | Message ID: 2 (0x2) Aug 26 18:24:50.708483: | length: 608 (0x260) Aug 26 18:24:50.708486: | processing version=2.0 packet with exchange type=ISAKMP_v2_CREATE_CHILD_SA (36) Aug 26 18:24:50.708490: | I am the IKE SA Original Responder receiving an IKEv2 CREATE_CHILD_SA request Aug 26 18:24:50.708495: | State DB: found IKEv2 state #2 in PARENT_R2 (find_v2_ike_sa) Aug 26 18:24:50.708504: | start processing: state #2 connection "north-eastnets/0x2" from 192.1.2.23:500 (in ikev2_process_packet() at ikev2.c:2016) Aug 26 18:24:50.708509: | State DB: found IKEv2 state #6 in V2_CREATE_R (find_v2_sa_by_responder_wip) Aug 26 18:24:50.708514: | suspend processing: state #2 connection "north-eastnets/0x2" from 192.1.2.23:500 (in ike_process_packet() at ikev2.c:2062) Aug 26 18:24:50.708519: | start processing: state #6 connection "north-eastnets/0x1" from 192.1.2.23:500 (in ike_process_packet() at ikev2.c:2062) Aug 26 18:24:50.708522: | #2 st.st_msgid_lastrecv 1 md.hdr.isa_msgid 00000002 Aug 26 18:24:50.708526: "north-eastnets/0x1" #6: discarding packet received during asynchronous work (DNS or crypto) in STATE_V2_CREATE_R Aug 26 18:24:50.708532: | stop processing: state #6 connection "north-eastnets/0x1" from 192.1.2.23:500 (in ikev2_process_packet() at ikev2.c:2018) Aug 26 18:24:50.708537: | #2 spent 0.21 milliseconds in ikev2_process_packet() Aug 26 18:24:50.708542: | stop processing: from 192.1.2.23:500 (in process_md() at demux.c:380) Aug 26 18:24:50.708546: | processing: STOP state #0 (in process_md() at demux.c:382) Aug 26 18:24:50.708549: | processing: STOP connection NULL (in process_md() at demux.c:383) Aug 26 18:24:50.708553: | spent 0.226 milliseconds in comm_handle_cb() reading and processing packet Aug 26 18:24:50.755197: | spent 0.00301 milliseconds in comm_handle_cb() calling check_incoming_msg_errqueue() Aug 26 18:24:50.755221: | *received 608 bytes from 192.1.2.23:500 on eth1 (192.1.3.33:500) Aug 26 18:24:50.755227: | df 94 67 26 a0 0a d8 6e 82 6d 3e 8a e9 b9 76 8e Aug 26 18:24:50.755230: | 2e 20 24 08 00 00 00 02 00 00 02 60 21 00 02 44 Aug 26 18:24:50.755233: | 10 56 e6 68 73 ec b1 4c 77 ef 6c 0c bd b1 0b 63 Aug 26 18:24:50.755236: | 11 bd 0c 32 b9 87 1e c4 da 4f 2e 37 d8 36 b5 b9 Aug 26 18:24:50.755239: | 3d fe e7 6b 30 ad 7b 08 3a 37 8f 43 26 66 07 ea Aug 26 18:24:50.755241: | 77 5d b7 ce 0d ee 1e eb fa dd 63 ac db a8 54 62 Aug 26 18:24:50.755244: | 2b 7f 1d fe 7a 9e 55 3d 4c 43 2a bd d0 6b 1e b6 Aug 26 18:24:50.755247: | 0d e4 20 c7 73 51 7c 5d d9 c0 32 63 26 69 1e aa Aug 26 18:24:50.755249: | 53 fc 55 86 a0 3d ca 97 e4 33 0c dc 50 4b ad 64 Aug 26 18:24:50.755252: | 7b 8b 9a 44 f3 b9 28 03 26 c2 8a f0 34 b6 48 b0 Aug 26 18:24:50.755254: | 5f 0e 42 9b fb 84 61 df 28 84 ad 05 cc cd 25 d1 Aug 26 18:24:50.755257: | 27 fe b1 dd b8 a4 95 d1 21 9f cd 90 0b 0d 40 a2 Aug 26 18:24:50.755260: | f8 f2 0a 9a 97 5c ab c7 f9 86 b4 08 5c 78 e2 2d Aug 26 18:24:50.755262: | f0 96 45 7f 61 15 6e ef f7 16 80 32 b4 f3 8d 03 Aug 26 18:24:50.755265: | 8d 4c 23 90 e8 1e 8d 81 c6 90 02 cc a7 bf 8c af Aug 26 18:24:50.755268: | f5 49 56 17 92 21 f4 27 21 5a 03 42 d0 45 f7 57 Aug 26 18:24:50.755271: | ab ed d3 22 d9 3e fc e2 4b 39 54 d2 0c 9d 43 a3 Aug 26 18:24:50.755273: | 22 33 ee 6c 04 5e ed d6 bb 33 f9 08 16 05 1a 7b Aug 26 18:24:50.755276: | e9 0b a0 ec f5 9e bf 15 c6 68 62 df a6 c2 2c 3e Aug 26 18:24:50.755279: | a8 01 0e cf 51 05 89 8a cb 62 e6 c9 21 29 f4 97 Aug 26 18:24:50.755281: | 30 f6 5d e5 e2 ce 44 15 97 e4 7b e7 bb 00 1c ea Aug 26 18:24:50.755284: | 03 7a f4 f6 6f 7b 59 2f cc 68 c2 68 f5 69 ba a6 Aug 26 18:24:50.755287: | 81 64 d6 1c b6 c2 a4 d0 dd 6f a4 36 2f da 5d ae Aug 26 18:24:50.755295: | 18 38 1d 9c 04 be 73 c0 20 ab ff 39 1f 5d ef 38 Aug 26 18:24:50.755298: | 25 72 a3 7e bc a6 44 72 e3 b5 1d 8a a6 be fe a6 Aug 26 18:24:50.755300: | b4 c1 22 4b a4 44 59 c7 19 c7 28 47 70 43 84 e7 Aug 26 18:24:50.755302: | 96 d2 49 3e 8f bc ea 2b 1b b2 c1 15 f6 5f 81 cb Aug 26 18:24:50.755304: | 3d 11 0f f6 f2 79 12 40 ca a8 09 5b 0f ec f3 a2 Aug 26 18:24:50.755306: | fc 65 bc 59 5e 9b 4f ff 12 fd 17 98 5e 67 9b 97 Aug 26 18:24:50.755309: | 4b c8 60 19 19 e3 69 6b 98 30 5a 7f a7 5d 31 bd Aug 26 18:24:50.755312: | e9 36 cb 53 7f fd 95 a9 c3 32 78 3d e4 b0 08 58 Aug 26 18:24:50.755314: | 98 2f 7d f7 71 d6 25 b5 32 81 c3 63 03 ac a5 fc Aug 26 18:24:50.755319: | 54 86 4f 18 35 df 24 00 6f 18 8b 59 7c cc ff 72 Aug 26 18:24:50.755322: | 85 7c 85 6a 7d 8f 06 85 50 87 fe e2 86 a0 ae b6 Aug 26 18:24:50.755325: | a6 a6 0f be 3c 5d 22 51 9a 26 3a 73 14 7d e3 c1 Aug 26 18:24:50.755328: | f2 56 20 f3 7a 3a 7b 14 21 34 d4 86 8f c9 2f d8 Aug 26 18:24:50.755330: | ed 60 92 92 42 a2 46 b6 d6 52 a3 bf a7 b2 8b c4 Aug 26 18:24:50.755333: | d1 a5 12 04 50 8e 87 23 f9 69 42 4c 90 68 58 87 Aug 26 18:24:50.755339: | start processing: from 192.1.2.23:500 (in process_md() at demux.c:378) Aug 26 18:24:50.755344: | **parse ISAKMP Message: Aug 26 18:24:50.755347: | initiator cookie: Aug 26 18:24:50.755350: | df 94 67 26 a0 0a d8 6e Aug 26 18:24:50.755352: | responder cookie: Aug 26 18:24:50.755355: | 82 6d 3e 8a e9 b9 76 8e Aug 26 18:24:50.755358: | next payload type: ISAKMP_NEXT_v2SK (0x2e) Aug 26 18:24:50.755361: | ISAKMP version: IKEv2 version 2.0 (rfc4306/rfc5996) (0x20) Aug 26 18:24:50.755364: | exchange type: ISAKMP_v2_CREATE_CHILD_SA (0x24) Aug 26 18:24:50.755368: | flags: ISAKMP_FLAG_v2_IKE_INIT (0x8) Aug 26 18:24:50.755371: | Message ID: 2 (0x2) Aug 26 18:24:50.755373: | length: 608 (0x260) Aug 26 18:24:50.755377: | processing version=2.0 packet with exchange type=ISAKMP_v2_CREATE_CHILD_SA (36) Aug 26 18:24:50.755381: | I am the IKE SA Original Responder receiving an IKEv2 CREATE_CHILD_SA request Aug 26 18:24:50.755386: | State DB: found IKEv2 state #2 in PARENT_R2 (find_v2_ike_sa) Aug 26 18:24:50.755394: | start processing: state #2 connection "north-eastnets/0x2" from 192.1.2.23:500 (in ikev2_process_packet() at ikev2.c:2016) Aug 26 18:24:50.755398: | State DB: found IKEv2 state #6 in V2_CREATE_R (find_v2_sa_by_responder_wip) Aug 26 18:24:50.755404: | suspend processing: state #2 connection "north-eastnets/0x2" from 192.1.2.23:500 (in ike_process_packet() at ikev2.c:2062) Aug 26 18:24:50.755410: | start processing: state #6 connection "north-eastnets/0x1" from 192.1.2.23:500 (in ike_process_packet() at ikev2.c:2062) Aug 26 18:24:50.755413: | #2 st.st_msgid_lastrecv 1 md.hdr.isa_msgid 00000002 Aug 26 18:24:50.755417: "north-eastnets/0x1" #6: discarding packet received during asynchronous work (DNS or crypto) in STATE_V2_CREATE_R Aug 26 18:24:50.755423: | stop processing: state #6 connection "north-eastnets/0x1" from 192.1.2.23:500 (in ikev2_process_packet() at ikev2.c:2018) Aug 26 18:24:50.755429: | #2 spent 0.214 milliseconds in ikev2_process_packet() Aug 26 18:24:50.755434: | stop processing: from 192.1.2.23:500 (in process_md() at demux.c:380) Aug 26 18:24:50.755437: | processing: STOP state #0 (in process_md() at demux.c:382) Aug 26 18:24:50.755441: | processing: STOP connection NULL (in process_md() at demux.c:383) Aug 26 18:24:50.755445: | spent 0.231 milliseconds in comm_handle_cb() reading and processing packet Aug 26 18:24:50.856544: | spent 0.00311 milliseconds in comm_handle_cb() calling check_incoming_msg_errqueue() Aug 26 18:24:50.856566: | *received 608 bytes from 192.1.2.23:500 on eth1 (192.1.3.33:500) Aug 26 18:24:50.856571: | df 94 67 26 a0 0a d8 6e 82 6d 3e 8a e9 b9 76 8e Aug 26 18:24:50.856574: | 2e 20 24 08 00 00 00 02 00 00 02 60 21 00 02 44 Aug 26 18:24:50.856577: | 10 56 e6 68 73 ec b1 4c 77 ef 6c 0c bd b1 0b 63 Aug 26 18:24:50.856579: | 11 bd 0c 32 b9 87 1e c4 da 4f 2e 37 d8 36 b5 b9 Aug 26 18:24:50.856582: | 3d fe e7 6b 30 ad 7b 08 3a 37 8f 43 26 66 07 ea Aug 26 18:24:50.856585: | 77 5d b7 ce 0d ee 1e eb fa dd 63 ac db a8 54 62 Aug 26 18:24:50.856587: | 2b 7f 1d fe 7a 9e 55 3d 4c 43 2a bd d0 6b 1e b6 Aug 26 18:24:50.856589: | 0d e4 20 c7 73 51 7c 5d d9 c0 32 63 26 69 1e aa Aug 26 18:24:50.856592: | 53 fc 55 86 a0 3d ca 97 e4 33 0c dc 50 4b ad 64 Aug 26 18:24:50.856595: | 7b 8b 9a 44 f3 b9 28 03 26 c2 8a f0 34 b6 48 b0 Aug 26 18:24:50.856598: | 5f 0e 42 9b fb 84 61 df 28 84 ad 05 cc cd 25 d1 Aug 26 18:24:50.856600: | 27 fe b1 dd b8 a4 95 d1 21 9f cd 90 0b 0d 40 a2 Aug 26 18:24:50.856603: | f8 f2 0a 9a 97 5c ab c7 f9 86 b4 08 5c 78 e2 2d Aug 26 18:24:50.856608: | f0 96 45 7f 61 15 6e ef f7 16 80 32 b4 f3 8d 03 Aug 26 18:24:50.856611: | 8d 4c 23 90 e8 1e 8d 81 c6 90 02 cc a7 bf 8c af Aug 26 18:24:50.856613: | f5 49 56 17 92 21 f4 27 21 5a 03 42 d0 45 f7 57 Aug 26 18:24:50.856616: | ab ed d3 22 d9 3e fc e2 4b 39 54 d2 0c 9d 43 a3 Aug 26 18:24:50.856618: | 22 33 ee 6c 04 5e ed d6 bb 33 f9 08 16 05 1a 7b Aug 26 18:24:50.856621: | e9 0b a0 ec f5 9e bf 15 c6 68 62 df a6 c2 2c 3e Aug 26 18:24:50.856623: | a8 01 0e cf 51 05 89 8a cb 62 e6 c9 21 29 f4 97 Aug 26 18:24:50.856625: | 30 f6 5d e5 e2 ce 44 15 97 e4 7b e7 bb 00 1c ea Aug 26 18:24:50.856628: | 03 7a f4 f6 6f 7b 59 2f cc 68 c2 68 f5 69 ba a6 Aug 26 18:24:50.856631: | 81 64 d6 1c b6 c2 a4 d0 dd 6f a4 36 2f da 5d ae Aug 26 18:24:50.856633: | 18 38 1d 9c 04 be 73 c0 20 ab ff 39 1f 5d ef 38 Aug 26 18:24:50.856636: | 25 72 a3 7e bc a6 44 72 e3 b5 1d 8a a6 be fe a6 Aug 26 18:24:50.856638: | b4 c1 22 4b a4 44 59 c7 19 c7 28 47 70 43 84 e7 Aug 26 18:24:50.856640: | 96 d2 49 3e 8f bc ea 2b 1b b2 c1 15 f6 5f 81 cb Aug 26 18:24:50.856643: | 3d 11 0f f6 f2 79 12 40 ca a8 09 5b 0f ec f3 a2 Aug 26 18:24:50.856646: | fc 65 bc 59 5e 9b 4f ff 12 fd 17 98 5e 67 9b 97 Aug 26 18:24:50.856648: | 4b c8 60 19 19 e3 69 6b 98 30 5a 7f a7 5d 31 bd Aug 26 18:24:50.856651: | e9 36 cb 53 7f fd 95 a9 c3 32 78 3d e4 b0 08 58 Aug 26 18:24:50.856654: | 98 2f 7d f7 71 d6 25 b5 32 81 c3 63 03 ac a5 fc Aug 26 18:24:50.856656: | 54 86 4f 18 35 df 24 00 6f 18 8b 59 7c cc ff 72 Aug 26 18:24:50.856659: | 85 7c 85 6a 7d 8f 06 85 50 87 fe e2 86 a0 ae b6 Aug 26 18:24:50.856661: | a6 a6 0f be 3c 5d 22 51 9a 26 3a 73 14 7d e3 c1 Aug 26 18:24:50.856664: | f2 56 20 f3 7a 3a 7b 14 21 34 d4 86 8f c9 2f d8 Aug 26 18:24:50.856667: | ed 60 92 92 42 a2 46 b6 d6 52 a3 bf a7 b2 8b c4 Aug 26 18:24:50.856669: | d1 a5 12 04 50 8e 87 23 f9 69 42 4c 90 68 58 87 Aug 26 18:24:50.856675: | start processing: from 192.1.2.23:500 (in process_md() at demux.c:378) Aug 26 18:24:50.856680: | **parse ISAKMP Message: Aug 26 18:24:50.856684: | initiator cookie: Aug 26 18:24:50.856687: | df 94 67 26 a0 0a d8 6e Aug 26 18:24:50.856690: | responder cookie: Aug 26 18:24:50.856692: | 82 6d 3e 8a e9 b9 76 8e Aug 26 18:24:50.856696: | next payload type: ISAKMP_NEXT_v2SK (0x2e) Aug 26 18:24:50.856700: | ISAKMP version: IKEv2 version 2.0 (rfc4306/rfc5996) (0x20) Aug 26 18:24:50.856703: | exchange type: ISAKMP_v2_CREATE_CHILD_SA (0x24) Aug 26 18:24:50.856706: | flags: ISAKMP_FLAG_v2_IKE_INIT (0x8) Aug 26 18:24:50.856708: | Message ID: 2 (0x2) Aug 26 18:24:50.856711: | length: 608 (0x260) Aug 26 18:24:50.856714: | processing version=2.0 packet with exchange type=ISAKMP_v2_CREATE_CHILD_SA (36) Aug 26 18:24:50.856718: | I am the IKE SA Original Responder receiving an IKEv2 CREATE_CHILD_SA request Aug 26 18:24:50.856723: | State DB: found IKEv2 state #2 in PARENT_R2 (find_v2_ike_sa) Aug 26 18:24:50.856730: | start processing: state #2 connection "north-eastnets/0x2" from 192.1.2.23:500 (in ikev2_process_packet() at ikev2.c:2016) Aug 26 18:24:50.856734: | State DB: found IKEv2 state #6 in V2_CREATE_R (find_v2_sa_by_responder_wip) Aug 26 18:24:50.856739: | suspend processing: state #2 connection "north-eastnets/0x2" from 192.1.2.23:500 (in ike_process_packet() at ikev2.c:2062) Aug 26 18:24:50.856744: | start processing: state #6 connection "north-eastnets/0x1" from 192.1.2.23:500 (in ike_process_packet() at ikev2.c:2062) Aug 26 18:24:50.856747: | #2 st.st_msgid_lastrecv 1 md.hdr.isa_msgid 00000002 Aug 26 18:24:50.856751: "north-eastnets/0x1" #6: discarding packet received during asynchronous work (DNS or crypto) in STATE_V2_CREATE_R Aug 26 18:24:50.856756: | stop processing: state #6 connection "north-eastnets/0x1" from 192.1.2.23:500 (in ikev2_process_packet() at ikev2.c:2018) Aug 26 18:24:50.856761: | #2 spent 0.204 milliseconds in ikev2_process_packet() Aug 26 18:24:50.856765: | stop processing: from 192.1.2.23:500 (in process_md() at demux.c:380) Aug 26 18:24:50.856771: | processing: STOP state #0 (in process_md() at demux.c:382) Aug 26 18:24:50.856774: | processing: STOP connection NULL (in process_md() at demux.c:383) Aug 26 18:24:50.856779: | spent 0.222 milliseconds in comm_handle_cb() reading and processing packet Aug 26 18:24:51.057799: | spent 0.00278 milliseconds in comm_handle_cb() calling check_incoming_msg_errqueue() Aug 26 18:24:51.057821: | *received 608 bytes from 192.1.2.23:500 on eth1 (192.1.3.33:500) Aug 26 18:24:51.057826: | df 94 67 26 a0 0a d8 6e 82 6d 3e 8a e9 b9 76 8e Aug 26 18:24:51.057829: | 2e 20 24 08 00 00 00 02 00 00 02 60 21 00 02 44 Aug 26 18:24:51.057833: | 10 56 e6 68 73 ec b1 4c 77 ef 6c 0c bd b1 0b 63 Aug 26 18:24:51.057836: | 11 bd 0c 32 b9 87 1e c4 da 4f 2e 37 d8 36 b5 b9 Aug 26 18:24:51.057839: | 3d fe e7 6b 30 ad 7b 08 3a 37 8f 43 26 66 07 ea Aug 26 18:24:51.057842: | 77 5d b7 ce 0d ee 1e eb fa dd 63 ac db a8 54 62 Aug 26 18:24:51.057846: | 2b 7f 1d fe 7a 9e 55 3d 4c 43 2a bd d0 6b 1e b6 Aug 26 18:24:51.057849: | 0d e4 20 c7 73 51 7c 5d d9 c0 32 63 26 69 1e aa Aug 26 18:24:51.057852: | 53 fc 55 86 a0 3d ca 97 e4 33 0c dc 50 4b ad 64 Aug 26 18:24:51.057855: | 7b 8b 9a 44 f3 b9 28 03 26 c2 8a f0 34 b6 48 b0 Aug 26 18:24:51.057859: | 5f 0e 42 9b fb 84 61 df 28 84 ad 05 cc cd 25 d1 Aug 26 18:24:51.057862: | 27 fe b1 dd b8 a4 95 d1 21 9f cd 90 0b 0d 40 a2 Aug 26 18:24:51.057865: | f8 f2 0a 9a 97 5c ab c7 f9 86 b4 08 5c 78 e2 2d Aug 26 18:24:51.057868: | f0 96 45 7f 61 15 6e ef f7 16 80 32 b4 f3 8d 03 Aug 26 18:24:51.057872: | 8d 4c 23 90 e8 1e 8d 81 c6 90 02 cc a7 bf 8c af Aug 26 18:24:51.057875: | f5 49 56 17 92 21 f4 27 21 5a 03 42 d0 45 f7 57 Aug 26 18:24:51.057878: | ab ed d3 22 d9 3e fc e2 4b 39 54 d2 0c 9d 43 a3 Aug 26 18:24:51.057881: | 22 33 ee 6c 04 5e ed d6 bb 33 f9 08 16 05 1a 7b Aug 26 18:24:51.057885: | e9 0b a0 ec f5 9e bf 15 c6 68 62 df a6 c2 2c 3e Aug 26 18:24:51.057888: | a8 01 0e cf 51 05 89 8a cb 62 e6 c9 21 29 f4 97 Aug 26 18:24:51.057890: | 30 f6 5d e5 e2 ce 44 15 97 e4 7b e7 bb 00 1c ea Aug 26 18:24:51.057893: | 03 7a f4 f6 6f 7b 59 2f cc 68 c2 68 f5 69 ba a6 Aug 26 18:24:51.057897: | 81 64 d6 1c b6 c2 a4 d0 dd 6f a4 36 2f da 5d ae Aug 26 18:24:51.057900: | 18 38 1d 9c 04 be 73 c0 20 ab ff 39 1f 5d ef 38 Aug 26 18:24:51.057903: | 25 72 a3 7e bc a6 44 72 e3 b5 1d 8a a6 be fe a6 Aug 26 18:24:51.057906: | b4 c1 22 4b a4 44 59 c7 19 c7 28 47 70 43 84 e7 Aug 26 18:24:51.057910: | 96 d2 49 3e 8f bc ea 2b 1b b2 c1 15 f6 5f 81 cb Aug 26 18:24:51.057913: | 3d 11 0f f6 f2 79 12 40 ca a8 09 5b 0f ec f3 a2 Aug 26 18:24:51.057916: | fc 65 bc 59 5e 9b 4f ff 12 fd 17 98 5e 67 9b 97 Aug 26 18:24:51.057919: | 4b c8 60 19 19 e3 69 6b 98 30 5a 7f a7 5d 31 bd Aug 26 18:24:51.057923: | e9 36 cb 53 7f fd 95 a9 c3 32 78 3d e4 b0 08 58 Aug 26 18:24:51.057926: | 98 2f 7d f7 71 d6 25 b5 32 81 c3 63 03 ac a5 fc Aug 26 18:24:51.057929: | 54 86 4f 18 35 df 24 00 6f 18 8b 59 7c cc ff 72 Aug 26 18:24:51.057933: | 85 7c 85 6a 7d 8f 06 85 50 87 fe e2 86 a0 ae b6 Aug 26 18:24:51.057936: | a6 a6 0f be 3c 5d 22 51 9a 26 3a 73 14 7d e3 c1 Aug 26 18:24:51.057939: | f2 56 20 f3 7a 3a 7b 14 21 34 d4 86 8f c9 2f d8 Aug 26 18:24:51.057942: | ed 60 92 92 42 a2 46 b6 d6 52 a3 bf a7 b2 8b c4 Aug 26 18:24:51.057946: | d1 a5 12 04 50 8e 87 23 f9 69 42 4c 90 68 58 87 Aug 26 18:24:51.057952: | start processing: from 192.1.2.23:500 (in process_md() at demux.c:378) Aug 26 18:24:51.057957: | **parse ISAKMP Message: Aug 26 18:24:51.057961: | initiator cookie: Aug 26 18:24:51.057964: | df 94 67 26 a0 0a d8 6e Aug 26 18:24:51.057967: | responder cookie: Aug 26 18:24:51.057970: | 82 6d 3e 8a e9 b9 76 8e Aug 26 18:24:51.057974: | next payload type: ISAKMP_NEXT_v2SK (0x2e) Aug 26 18:24:51.057978: | ISAKMP version: IKEv2 version 2.0 (rfc4306/rfc5996) (0x20) Aug 26 18:24:51.057982: | exchange type: ISAKMP_v2_CREATE_CHILD_SA (0x24) Aug 26 18:24:51.057988: | flags: ISAKMP_FLAG_v2_IKE_INIT (0x8) Aug 26 18:24:51.057991: | Message ID: 2 (0x2) Aug 26 18:24:51.057995: | length: 608 (0x260) Aug 26 18:24:51.058000: | processing version=2.0 packet with exchange type=ISAKMP_v2_CREATE_CHILD_SA (36) Aug 26 18:24:51.058005: | I am the IKE SA Original Responder receiving an IKEv2 CREATE_CHILD_SA request Aug 26 18:24:51.058010: | State DB: found IKEv2 state #2 in PARENT_R2 (find_v2_ike_sa) Aug 26 18:24:51.058019: | start processing: state #2 connection "north-eastnets/0x2" from 192.1.2.23:500 (in ikev2_process_packet() at ikev2.c:2016) Aug 26 18:24:51.058024: | State DB: found IKEv2 state #6 in V2_CREATE_R (find_v2_sa_by_responder_wip) Aug 26 18:24:51.058031: | suspend processing: state #2 connection "north-eastnets/0x2" from 192.1.2.23:500 (in ike_process_packet() at ikev2.c:2062) Aug 26 18:24:51.058037: | start processing: state #6 connection "north-eastnets/0x1" from 192.1.2.23:500 (in ike_process_packet() at ikev2.c:2062) Aug 26 18:24:51.058042: | #2 st.st_msgid_lastrecv 1 md.hdr.isa_msgid 00000002 Aug 26 18:24:51.058045: "north-eastnets/0x1" #6: discarding packet received during asynchronous work (DNS or crypto) in STATE_V2_CREATE_R Aug 26 18:24:51.058052: | stop processing: state #6 connection "north-eastnets/0x1" from 192.1.2.23:500 (in ikev2_process_packet() at ikev2.c:2018) Aug 26 18:24:51.058058: | #2 spent 0.246 milliseconds in ikev2_process_packet() Aug 26 18:24:51.058064: | stop processing: from 192.1.2.23:500 (in process_md() at demux.c:380) Aug 26 18:24:51.058069: | processing: STOP state #0 (in process_md() at demux.c:382) Aug 26 18:24:51.058073: | processing: STOP connection NULL (in process_md() at demux.c:383) Aug 26 18:24:51.058078: | spent 0.266 milliseconds in comm_handle_cb() reading and processing packet Aug 26 18:24:51.458542: | spent 0.00288 milliseconds in comm_handle_cb() calling check_incoming_msg_errqueue() Aug 26 18:24:51.458565: | *received 608 bytes from 192.1.2.23:500 on eth1 (192.1.3.33:500) Aug 26 18:24:51.458568: | df 94 67 26 a0 0a d8 6e 82 6d 3e 8a e9 b9 76 8e Aug 26 18:24:51.458571: | 2e 20 24 08 00 00 00 02 00 00 02 60 21 00 02 44 Aug 26 18:24:51.458573: | 10 56 e6 68 73 ec b1 4c 77 ef 6c 0c bd b1 0b 63 Aug 26 18:24:51.458575: | 11 bd 0c 32 b9 87 1e c4 da 4f 2e 37 d8 36 b5 b9 Aug 26 18:24:51.458577: | 3d fe e7 6b 30 ad 7b 08 3a 37 8f 43 26 66 07 ea Aug 26 18:24:51.458580: | 77 5d b7 ce 0d ee 1e eb fa dd 63 ac db a8 54 62 Aug 26 18:24:51.458582: | 2b 7f 1d fe 7a 9e 55 3d 4c 43 2a bd d0 6b 1e b6 Aug 26 18:24:51.458584: | 0d e4 20 c7 73 51 7c 5d d9 c0 32 63 26 69 1e aa Aug 26 18:24:51.458586: | 53 fc 55 86 a0 3d ca 97 e4 33 0c dc 50 4b ad 64 Aug 26 18:24:51.458588: | 7b 8b 9a 44 f3 b9 28 03 26 c2 8a f0 34 b6 48 b0 Aug 26 18:24:51.458591: | 5f 0e 42 9b fb 84 61 df 28 84 ad 05 cc cd 25 d1 Aug 26 18:24:51.458593: | 27 fe b1 dd b8 a4 95 d1 21 9f cd 90 0b 0d 40 a2 Aug 26 18:24:51.458595: | f8 f2 0a 9a 97 5c ab c7 f9 86 b4 08 5c 78 e2 2d Aug 26 18:24:51.458597: | f0 96 45 7f 61 15 6e ef f7 16 80 32 b4 f3 8d 03 Aug 26 18:24:51.458600: | 8d 4c 23 90 e8 1e 8d 81 c6 90 02 cc a7 bf 8c af Aug 26 18:24:51.458602: | f5 49 56 17 92 21 f4 27 21 5a 03 42 d0 45 f7 57 Aug 26 18:24:51.458604: | ab ed d3 22 d9 3e fc e2 4b 39 54 d2 0c 9d 43 a3 Aug 26 18:24:51.458606: | 22 33 ee 6c 04 5e ed d6 bb 33 f9 08 16 05 1a 7b Aug 26 18:24:51.458608: | e9 0b a0 ec f5 9e bf 15 c6 68 62 df a6 c2 2c 3e Aug 26 18:24:51.458611: | a8 01 0e cf 51 05 89 8a cb 62 e6 c9 21 29 f4 97 Aug 26 18:24:51.458613: | 30 f6 5d e5 e2 ce 44 15 97 e4 7b e7 bb 00 1c ea Aug 26 18:24:51.458615: | 03 7a f4 f6 6f 7b 59 2f cc 68 c2 68 f5 69 ba a6 Aug 26 18:24:51.458617: | 81 64 d6 1c b6 c2 a4 d0 dd 6f a4 36 2f da 5d ae Aug 26 18:24:51.458620: | 18 38 1d 9c 04 be 73 c0 20 ab ff 39 1f 5d ef 38 Aug 26 18:24:51.458622: | 25 72 a3 7e bc a6 44 72 e3 b5 1d 8a a6 be fe a6 Aug 26 18:24:51.458624: | b4 c1 22 4b a4 44 59 c7 19 c7 28 47 70 43 84 e7 Aug 26 18:24:51.458628: | 96 d2 49 3e 8f bc ea 2b 1b b2 c1 15 f6 5f 81 cb Aug 26 18:24:51.458631: | 3d 11 0f f6 f2 79 12 40 ca a8 09 5b 0f ec f3 a2 Aug 26 18:24:51.458633: | fc 65 bc 59 5e 9b 4f ff 12 fd 17 98 5e 67 9b 97 Aug 26 18:24:51.458635: | 4b c8 60 19 19 e3 69 6b 98 30 5a 7f a7 5d 31 bd Aug 26 18:24:51.458638: | e9 36 cb 53 7f fd 95 a9 c3 32 78 3d e4 b0 08 58 Aug 26 18:24:51.458640: | 98 2f 7d f7 71 d6 25 b5 32 81 c3 63 03 ac a5 fc Aug 26 18:24:51.458642: | 54 86 4f 18 35 df 24 00 6f 18 8b 59 7c cc ff 72 Aug 26 18:24:51.458645: | 85 7c 85 6a 7d 8f 06 85 50 87 fe e2 86 a0 ae b6 Aug 26 18:24:51.458647: | a6 a6 0f be 3c 5d 22 51 9a 26 3a 73 14 7d e3 c1 Aug 26 18:24:51.458649: | f2 56 20 f3 7a 3a 7b 14 21 34 d4 86 8f c9 2f d8 Aug 26 18:24:51.458651: | ed 60 92 92 42 a2 46 b6 d6 52 a3 bf a7 b2 8b c4 Aug 26 18:24:51.458653: | d1 a5 12 04 50 8e 87 23 f9 69 42 4c 90 68 58 87 Aug 26 18:24:51.458658: | start processing: from 192.1.2.23:500 (in process_md() at demux.c:378) Aug 26 18:24:51.458663: | **parse ISAKMP Message: Aug 26 18:24:51.458666: | initiator cookie: Aug 26 18:24:51.458668: | df 94 67 26 a0 0a d8 6e Aug 26 18:24:51.458670: | responder cookie: Aug 26 18:24:51.458672: | 82 6d 3e 8a e9 b9 76 8e Aug 26 18:24:51.458676: | next payload type: ISAKMP_NEXT_v2SK (0x2e) Aug 26 18:24:51.458678: | ISAKMP version: IKEv2 version 2.0 (rfc4306/rfc5996) (0x20) Aug 26 18:24:51.458681: | exchange type: ISAKMP_v2_CREATE_CHILD_SA (0x24) Aug 26 18:24:51.458684: | flags: ISAKMP_FLAG_v2_IKE_INIT (0x8) Aug 26 18:24:51.458686: | Message ID: 2 (0x2) Aug 26 18:24:51.458689: | length: 608 (0x260) Aug 26 18:24:51.458692: | processing version=2.0 packet with exchange type=ISAKMP_v2_CREATE_CHILD_SA (36) Aug 26 18:24:51.458696: | I am the IKE SA Original Responder receiving an IKEv2 CREATE_CHILD_SA request Aug 26 18:24:51.458701: | State DB: found IKEv2 state #2 in PARENT_R2 (find_v2_ike_sa) Aug 26 18:24:51.458707: | start processing: state #2 connection "north-eastnets/0x2" from 192.1.2.23:500 (in ikev2_process_packet() at ikev2.c:2016) Aug 26 18:24:51.458711: | State DB: found IKEv2 state #6 in V2_CREATE_R (find_v2_sa_by_responder_wip) Aug 26 18:24:51.458715: | suspend processing: state #2 connection "north-eastnets/0x2" from 192.1.2.23:500 (in ike_process_packet() at ikev2.c:2062) Aug 26 18:24:51.458720: | start processing: state #6 connection "north-eastnets/0x1" from 192.1.2.23:500 (in ike_process_packet() at ikev2.c:2062) Aug 26 18:24:51.458723: | #2 st.st_msgid_lastrecv 1 md.hdr.isa_msgid 00000002 Aug 26 18:24:51.458726: "north-eastnets/0x1" #6: discarding packet received during asynchronous work (DNS or crypto) in STATE_V2_CREATE_R Aug 26 18:24:51.458730: | stop processing: state #6 connection "north-eastnets/0x1" from 192.1.2.23:500 (in ikev2_process_packet() at ikev2.c:2018) Aug 26 18:24:51.458735: | #2 spent 0.181 milliseconds in ikev2_process_packet() Aug 26 18:24:51.458740: | stop processing: from 192.1.2.23:500 (in process_md() at demux.c:380) Aug 26 18:24:51.458743: | processing: STOP state #0 (in process_md() at demux.c:382) Aug 26 18:24:51.458746: | processing: STOP connection NULL (in process_md() at demux.c:383) Aug 26 18:24:51.458750: | spent 0.196 milliseconds in comm_handle_cb() reading and processing packet Aug 26 18:24:51.469766: | crypto helper 5 finished build KE and nonce (Child Initiator KE and nonce ni); request ID 5 time elapsed 1.00236 seconds Aug 26 18:24:51.469785: | (#4) spent 2.32 milliseconds in crypto helper computing work-order 5: Child Initiator KE and nonce ni (pcr) Aug 26 18:24:51.469791: | crypto helper 5 sending results from work-order 5 for state #4 to event queue Aug 26 18:24:51.469794: | scheduling resume sending helper answer for #4 Aug 26 18:24:51.469799: | libevent_malloc: new ptr-libevent@0x7ffa98005780 size 128 Aug 26 18:24:51.469811: | crypto helper 5 waiting (nothing to do) Aug 26 18:24:51.469827: | processing resume sending helper answer for #4 Aug 26 18:24:51.469837: | start processing: state #4 connection "north-eastnets/0x2" from 192.1.2.23 (in resume_handler() at server.c:797) Aug 26 18:24:51.469844: | crypto helper 5 replies to request ID 5 Aug 26 18:24:51.469847: | calling continuation function 0x55ce534e2b50 Aug 26 18:24:51.469852: | ikev2_child_outI_continue for #4 STATE_V2_CREATE_I0 Aug 26 18:24:51.469856: | state #4 requesting EVENT_CRYPTO_TIMEOUT to be deleted Aug 26 18:24:51.469860: | libevent_free: release ptr-libevent@0x55ce53a80010 Aug 26 18:24:51.469864: | free_event_entry: release EVENT_CRYPTO_TIMEOUT-pe@0x55ce53a801d0 Aug 26 18:24:51.469867: | event_schedule: new EVENT_SA_REPLACE-pe@0x55ce53a801d0 Aug 26 18:24:51.469872: | inserting event EVENT_SA_REPLACE, timeout in 200 seconds for #4 Aug 26 18:24:51.469875: | libevent_malloc: new ptr-libevent@0x55ce53a80010 size 128 Aug 26 18:24:51.469881: | Message ID: #1 wakeing IKE SA (unack 0); initiator.sent=1 initiator.recv=1 responder.sent=-1 responder.recv=-1 wip.initiator=-1 wip.responder=-1 Aug 26 18:24:51.469884: | scheduling callback v2_msgid_schedule_next_initiator (#1) Aug 26 18:24:51.469887: | libevent_malloc: new ptr-libevent@0x55ce53a89860 size 128 Aug 26 18:24:51.469894: | [RE]START processing: state #4 connection "north-eastnets/0x2" from 192.1.2.23 (in complete_v2_state_transition() at ikev2.c:3379) Aug 26 18:24:51.469899: | #4 complete_v2_state_transition() V2_CREATE_I0->V2_CREATE_I with status STF_SUSPEND Aug 26 18:24:51.469902: | suspending state #4 and saving MD Aug 26 18:24:51.469905: | #4 is busy; has a suspended MD Aug 26 18:24:51.469909: | [RE]START processing: state #4 connection "north-eastnets/0x2" from 192.1.2.23 (in log_stf_suspend() at ikev2.c:3269) Aug 26 18:24:51.469913: | "north-eastnets/0x2" #4 complete v2 state STATE_V2_CREATE_I0 transition with STF_SUSPEND suspended from complete_v2_state_transition:3451 Aug 26 18:24:51.469917: | resume sending helper answer for #4 suppresed complete_v2_state_transition() Aug 26 18:24:51.469923: | #4 spent 0.0776 milliseconds in resume sending helper answer Aug 26 18:24:51.469928: | stop processing: state #4 connection "north-eastnets/0x2" from 192.1.2.23 (in resume_handler() at server.c:833) Aug 26 18:24:51.469932: | libevent_free: release ptr-libevent@0x7ffa98005780 Aug 26 18:24:51.469938: | processing callback v2_msgid_schedule_next_initiator for #1 Aug 26 18:24:51.469943: | start processing: state #1 connection "north-eastnets/0x2" from 192.1.2.23 (in callback_handler() at server.c:904) Aug 26 18:24:51.469949: | Message ID: #1.#4 resuming SA using IKE SA (unack 0); initiator.sent=1 initiator.recv=1 responder.sent=-1 responder.recv=-1 wip.initiator=-1 wip.responder=-1 Aug 26 18:24:51.469954: | suspend processing: state #1 connection "north-eastnets/0x2" from 192.1.2.23 (in initiate_next() at ikev2_msgid.c:553) Aug 26 18:24:51.469959: | start processing: state #4 connection "north-eastnets/0x2" from 192.1.2.23 (in initiate_next() at ikev2_msgid.c:553) Aug 26 18:24:51.469983: | **emit ISAKMP Message: Aug 26 18:24:51.469988: | initiator cookie: Aug 26 18:24:51.469991: | ff 40 95 92 e6 85 07 d9 Aug 26 18:24:51.469994: | responder cookie: Aug 26 18:24:51.469996: | fd 1d f4 22 0d b8 c9 16 Aug 26 18:24:51.470000: | next payload type: ISAKMP_NEXT_NONE (0x0) Aug 26 18:24:51.470003: | ISAKMP version: IKEv2 version 2.0 (rfc4306/rfc5996) (0x20) Aug 26 18:24:51.470006: | exchange type: ISAKMP_v2_CREATE_CHILD_SA (0x24) Aug 26 18:24:51.470010: | flags: ISAKMP_FLAG_v2_IKE_INIT (0x8) Aug 26 18:24:51.470012: | Message ID: 2 (0x2) Aug 26 18:24:51.470015: | next payload chain: saving message location 'ISAKMP Message'.'next payload type' Aug 26 18:24:51.470019: | ***emit IKEv2 Encryption Payload: Aug 26 18:24:51.470022: | next payload type: ISAKMP_NEXT_v2NONE (0x0) Aug 26 18:24:51.470025: | flags: none (0x0) Aug 26 18:24:51.470029: | next payload chain: setting previous 'ISAKMP Message'.'next payload type' to current IKEv2 Encryption Payload (46:ISAKMP_NEXT_v2SK) Aug 26 18:24:51.470032: | next payload chain: saving location 'IKEv2 Encryption Payload'.'next payload type' in 'reply packet' Aug 26 18:24:51.470039: | emitting 16 zero bytes of IV into IKEv2 Encryption Payload Aug 26 18:24:51.470063: | netlink_get_spi: allocated 0xf8da28ce for esp.0@192.1.3.33 Aug 26 18:24:51.470068: | Emitting ikev2_proposals ... Aug 26 18:24:51.470071: | ****emit IKEv2 Security Association Payload: Aug 26 18:24:51.470074: | next payload type: ISAKMP_NEXT_v2NONE (0x0) Aug 26 18:24:51.470076: | flags: none (0x0) Aug 26 18:24:51.470080: | next payload chain: setting previous 'IKEv2 Encryption Payload'.'next payload type' to current IKEv2 Security Association Payload (33:ISAKMP_NEXT_v2SA) Aug 26 18:24:51.470083: | next payload chain: saving location 'IKEv2 Security Association Payload'.'next payload type' in 'reply packet' Aug 26 18:24:51.470086: | *****emit IKEv2 Proposal Substructure Payload: Aug 26 18:24:51.470089: | last proposal: v2_PROPOSAL_LAST (0x0) Aug 26 18:24:51.470092: | prop #: 1 (0x1) Aug 26 18:24:51.470095: | proto ID: IKEv2_SEC_PROTO_ESP (0x3) Aug 26 18:24:51.470098: | spi size: 4 (0x4) Aug 26 18:24:51.470101: | # transforms: 4 (0x4) Aug 26 18:24:51.470104: | last substructure: saving location 'IKEv2 Security Association Payload'.'IKEv2 Proposal Substructure Payload'.'last proposal' Aug 26 18:24:51.470108: | emitting 4 raw bytes of our spi into IKEv2 Proposal Substructure Payload Aug 26 18:24:51.470110: | our spi f8 da 28 ce Aug 26 18:24:51.470113: | ******emit IKEv2 Transform Substructure Payload: Aug 26 18:24:51.470116: | last transform: v2_TRANSFORM_NON_LAST (0x3) Aug 26 18:24:51.470119: | IKEv2 transform type: TRANS_TYPE_ENCR (0x1) Aug 26 18:24:51.470122: | IKEv2 transform ID: AES_CBC (0xc) Aug 26 18:24:51.470125: | last substructure: saving location 'IKEv2 Proposal Substructure Payload'.'IKEv2 Transform Substructure Payload'.'last transform' Aug 26 18:24:51.470129: | *******emit IKEv2 Attribute Substructure Payload: Aug 26 18:24:51.470132: | af+type: AF+IKEv2_KEY_LENGTH (0x800e) Aug 26 18:24:51.470135: | length/value: 128 (0x80) Aug 26 18:24:51.470138: | emitting length of IKEv2 Transform Substructure Payload: 12 Aug 26 18:24:51.470141: | ******emit IKEv2 Transform Substructure Payload: Aug 26 18:24:51.470144: | last transform: v2_TRANSFORM_NON_LAST (0x3) Aug 26 18:24:51.470146: | IKEv2 transform type: TRANS_TYPE_INTEG (0x3) Aug 26 18:24:51.470149: | IKEv2 transform ID: AUTH_HMAC_SHA2_512_256 (0xe) Aug 26 18:24:51.470152: | last substructure: checking 'IKEv2 Proposal Substructure Payload'.'IKEv2 Transform Substructure Payload'.'last transform' is v2_TRANSFORM_NON_LAST (0x3) Aug 26 18:24:51.470156: | last substructure: saving location 'IKEv2 Proposal Substructure Payload'.'IKEv2 Transform Substructure Payload'.'last transform' Aug 26 18:24:51.470159: | emitting length of IKEv2 Transform Substructure Payload: 8 Aug 26 18:24:51.470162: | ******emit IKEv2 Transform Substructure Payload: Aug 26 18:24:51.470164: | last transform: v2_TRANSFORM_NON_LAST (0x3) Aug 26 18:24:51.470167: | IKEv2 transform type: TRANS_TYPE_DH (0x4) Aug 26 18:24:51.470170: | IKEv2 transform ID: OAKLEY_GROUP_MODP3072 (0xf) Aug 26 18:24:51.470174: | last substructure: checking 'IKEv2 Proposal Substructure Payload'.'IKEv2 Transform Substructure Payload'.'last transform' is v2_TRANSFORM_NON_LAST (0x3) Aug 26 18:24:51.470177: | last substructure: saving location 'IKEv2 Proposal Substructure Payload'.'IKEv2 Transform Substructure Payload'.'last transform' Aug 26 18:24:51.470180: | emitting length of IKEv2 Transform Substructure Payload: 8 Aug 26 18:24:51.470182: | ******emit IKEv2 Transform Substructure Payload: Aug 26 18:24:51.470185: | last transform: v2_TRANSFORM_LAST (0x0) Aug 26 18:24:51.470188: | IKEv2 transform type: TRANS_TYPE_ESN (0x5) Aug 26 18:24:51.470190: | IKEv2 transform ID: ESN_DISABLED (0x0) Aug 26 18:24:51.470194: | last substructure: checking 'IKEv2 Proposal Substructure Payload'.'IKEv2 Transform Substructure Payload'.'last transform' is v2_TRANSFORM_NON_LAST (0x3) Aug 26 18:24:51.470197: | last substructure: saving location 'IKEv2 Proposal Substructure Payload'.'IKEv2 Transform Substructure Payload'.'last transform' Aug 26 18:24:51.470202: | emitting length of IKEv2 Transform Substructure Payload: 8 Aug 26 18:24:51.470205: | emitting length of IKEv2 Proposal Substructure Payload: 48 Aug 26 18:24:51.470208: | last substructure: checking 'IKEv2 Proposal Substructure Payload'.'IKEv2 Transform Substructure Payload'.'last transform' is 0 Aug 26 18:24:51.470211: | emitting length of IKEv2 Security Association Payload: 52 Aug 26 18:24:51.470214: | last substructure: checking 'IKEv2 Security Association Payload'.'IKEv2 Proposal Substructure Payload'.'last proposal' is 0 Aug 26 18:24:51.470217: | ****emit IKEv2 Nonce Payload: Aug 26 18:24:51.470220: | next payload type: ISAKMP_NEXT_v2NONE (0x0) Aug 26 18:24:51.470222: | flags: none (0x0) Aug 26 18:24:51.470226: | next payload chain: setting previous 'IKEv2 Security Association Payload'.'next payload type' to current IKEv2 Nonce Payload (40:ISAKMP_NEXT_v2Ni) Aug 26 18:24:51.470229: | next payload chain: saving location 'IKEv2 Nonce Payload'.'next payload type' in 'reply packet' Aug 26 18:24:51.470232: | emitting 32 raw bytes of IKEv2 nonce into IKEv2 Nonce Payload Aug 26 18:24:51.470236: | IKEv2 nonce 2c 53 d0 18 77 31 0c 57 fd b3 4f 69 76 19 16 3a Aug 26 18:24:51.470238: | IKEv2 nonce 6c 89 3f 3d 43 42 61 2d 60 2c 0d d7 8c e7 13 3d Aug 26 18:24:51.470241: | emitting length of IKEv2 Nonce Payload: 36 Aug 26 18:24:51.470244: | ****emit IKEv2 Key Exchange Payload: Aug 26 18:24:51.470247: | next payload type: ISAKMP_NEXT_v2NONE (0x0) Aug 26 18:24:51.470249: | flags: none (0x0) Aug 26 18:24:51.470252: | DH group: OAKLEY_GROUP_MODP3072 (0xf) Aug 26 18:24:51.470255: | next payload chain: setting previous 'IKEv2 Nonce Payload'.'next payload type' to current IKEv2 Key Exchange Payload (34:ISAKMP_NEXT_v2KE) Aug 26 18:24:51.470258: | next payload chain: saving location 'IKEv2 Key Exchange Payload'.'next payload type' in 'reply packet' Aug 26 18:24:51.470262: | emitting 384 raw bytes of ikev2 g^x into IKEv2 Key Exchange Payload Aug 26 18:24:51.470265: | ikev2 g^x 58 45 ac 1f 0b 5f ec 7c ab 79 0e 82 82 13 26 fb Aug 26 18:24:51.470267: | ikev2 g^x c8 c0 66 db 3b f6 07 eb ad a6 65 55 98 25 68 33 Aug 26 18:24:51.470270: | ikev2 g^x bc 52 1b 2a c7 43 69 4e 0d 44 ca 82 6a fe 25 3d Aug 26 18:24:51.470273: | ikev2 g^x cb 80 23 3d 14 20 cc 79 de c2 76 08 f5 80 07 8c Aug 26 18:24:51.470275: | ikev2 g^x db dd 4e a8 38 31 7c 07 2a ae b4 cb a9 b0 74 5f Aug 26 18:24:51.470278: | ikev2 g^x db 5d b4 a2 21 51 c7 a9 b6 9f 4f e0 6f a7 3f 53 Aug 26 18:24:51.470280: | ikev2 g^x 73 b1 0b de 19 12 70 f5 72 5a 2d 28 fe b2 67 9c Aug 26 18:24:51.470283: | ikev2 g^x e0 fb de 1f d3 de 29 8c c1 f0 27 71 6d 5d e1 fc Aug 26 18:24:51.470285: | ikev2 g^x 35 e6 ac 6a bc b5 74 96 26 0f 91 c2 0f 44 27 10 Aug 26 18:24:51.470291: | ikev2 g^x e4 e8 0c 88 8e 26 dd d5 cc 5d dc 19 65 a3 00 78 Aug 26 18:24:51.470296: | ikev2 g^x af b4 1e 73 7b 3d 1f 5e f8 02 59 48 57 29 1c 8f Aug 26 18:24:51.470299: | ikev2 g^x 02 a3 7e f2 0f e8 26 32 10 20 9e d0 98 9b c9 12 Aug 26 18:24:51.470302: | ikev2 g^x 48 32 92 67 41 f6 51 fe 18 43 0b 09 2a 2c 50 17 Aug 26 18:24:51.470304: | ikev2 g^x 19 95 93 e0 6d 0c 03 ab 48 34 fd 26 83 c8 fa 34 Aug 26 18:24:51.470306: | ikev2 g^x ae f7 4b ee c4 8f 92 6a 16 9b b6 61 19 01 1b 29 Aug 26 18:24:51.470309: | ikev2 g^x b2 6d ff 44 53 6e dd dd fd f4 a4 d8 21 51 13 e4 Aug 26 18:24:51.470311: | ikev2 g^x be a7 8a dc 47 7d 1c f8 60 b3 c6 ba 0c 41 67 5f Aug 26 18:24:51.470314: | ikev2 g^x b7 96 8d 5f 32 4b d1 16 b6 1c 17 a6 eb b3 51 1f Aug 26 18:24:51.470316: | ikev2 g^x 3a c9 d7 fe 51 08 24 f2 48 dc 97 c4 70 5f 63 2d Aug 26 18:24:51.470318: | ikev2 g^x d6 4a c9 6e 52 25 63 c6 d2 fa c7 9f 04 50 40 e6 Aug 26 18:24:51.470321: | ikev2 g^x 36 eb 3a db fa 4d a3 95 e5 56 9f a8 cc 22 0c 18 Aug 26 18:24:51.470323: | ikev2 g^x cf 63 48 29 8f b1 fe 07 65 27 40 68 d1 3d 44 5a Aug 26 18:24:51.470325: | ikev2 g^x 8a 3a 51 bd 11 30 1d 5c f7 5a 18 2b ff d8 bb 2a Aug 26 18:24:51.470332: | ikev2 g^x 9e 4d 60 5e f5 c1 44 49 58 00 c8 1f 66 50 68 fc Aug 26 18:24:51.470335: | emitting length of IKEv2 Key Exchange Payload: 392 Aug 26 18:24:51.470339: | ****emit IKEv2 Traffic Selector - Initiator - Payload: Aug 26 18:24:51.470341: | next payload type: ISAKMP_NEXT_v2NONE (0x0) Aug 26 18:24:51.470344: | flags: none (0x0) Aug 26 18:24:51.470346: | number of TS: 1 (0x1) Aug 26 18:24:51.470349: | next payload chain: setting previous 'IKEv2 Key Exchange Payload'.'next payload type' to current IKEv2 Traffic Selector - Initiator - Payload (44:ISAKMP_NEXT_v2TSi) Aug 26 18:24:51.470352: | next payload chain: saving location 'IKEv2 Traffic Selector - Initiator - Payload'.'next payload type' in 'reply packet' Aug 26 18:24:51.470355: | *****emit IKEv2 Traffic Selector: Aug 26 18:24:51.470357: | TS type: IKEv2_TS_IPV4_ADDR_RANGE (0x7) Aug 26 18:24:51.470360: | IP Protocol ID: 0 (0x0) Aug 26 18:24:51.470362: | start port: 0 (0x0) Aug 26 18:24:51.470364: | end port: 65535 (0xffff) Aug 26 18:24:51.470368: | emitting 4 raw bytes of ipv4 start into IKEv2 Traffic Selector Aug 26 18:24:51.470370: | ipv4 start c0 00 03 00 Aug 26 18:24:51.470373: | emitting 4 raw bytes of ipv4 end into IKEv2 Traffic Selector Aug 26 18:24:51.470375: | ipv4 end c0 00 03 ff Aug 26 18:24:51.470377: | emitting length of IKEv2 Traffic Selector: 16 Aug 26 18:24:51.470380: | emitting length of IKEv2 Traffic Selector - Initiator - Payload: 24 Aug 26 18:24:51.470382: | ****emit IKEv2 Traffic Selector - Responder - Payload: Aug 26 18:24:51.470385: | next payload type: ISAKMP_NEXT_v2NONE (0x0) Aug 26 18:24:51.470387: | flags: none (0x0) Aug 26 18:24:51.470389: | number of TS: 1 (0x1) Aug 26 18:24:51.470392: | next payload chain: setting previous 'IKEv2 Traffic Selector - Initiator - Payload'.'next payload type' to current IKEv2 Traffic Selector - Responder - Payload (45:ISAKMP_NEXT_v2TSr) Aug 26 18:24:51.470395: | next payload chain: saving location 'IKEv2 Traffic Selector - Responder - Payload'.'next payload type' in 'reply packet' Aug 26 18:24:51.470397: | *****emit IKEv2 Traffic Selector: Aug 26 18:24:51.470399: | TS type: IKEv2_TS_IPV4_ADDR_RANGE (0x7) Aug 26 18:24:51.470401: | IP Protocol ID: 0 (0x0) Aug 26 18:24:51.470403: | start port: 0 (0x0) Aug 26 18:24:51.470405: | end port: 65535 (0xffff) Aug 26 18:24:51.470407: | emitting 4 raw bytes of ipv4 start into IKEv2 Traffic Selector Aug 26 18:24:51.470409: | ipv4 start c0 00 16 00 Aug 26 18:24:51.470412: | emitting 4 raw bytes of ipv4 end into IKEv2 Traffic Selector Aug 26 18:24:51.470414: | ipv4 end c0 00 16 ff Aug 26 18:24:51.470416: | emitting length of IKEv2 Traffic Selector: 16 Aug 26 18:24:51.470418: | emitting length of IKEv2 Traffic Selector - Responder - Payload: 24 Aug 26 18:24:51.470421: | Initiator child policy is tunnel mode, NOT sending v2N_USE_TRANSPORT_MODE Aug 26 18:24:51.470423: | adding 16 bytes of padding (including 1 byte padding-length) Aug 26 18:24:51.470426: | emitting 1 0x00 repeated bytes of padding and length into IKEv2 Encryption Payload Aug 26 18:24:51.470429: | emitting 1 0x01 repeated bytes of padding and length into IKEv2 Encryption Payload Aug 26 18:24:51.470432: | emitting 1 0x02 repeated bytes of padding and length into IKEv2 Encryption Payload Aug 26 18:24:51.470435: | emitting 1 0x03 repeated bytes of padding and length into IKEv2 Encryption Payload Aug 26 18:24:51.470437: | emitting 1 0x04 repeated bytes of padding and length into IKEv2 Encryption Payload Aug 26 18:24:51.470440: | emitting 1 0x05 repeated bytes of padding and length into IKEv2 Encryption Payload Aug 26 18:24:51.470442: | emitting 1 0x06 repeated bytes of padding and length into IKEv2 Encryption Payload Aug 26 18:24:51.470445: | emitting 1 0x07 repeated bytes of padding and length into IKEv2 Encryption Payload Aug 26 18:24:51.470447: | emitting 1 0x08 repeated bytes of padding and length into IKEv2 Encryption Payload Aug 26 18:24:51.470450: | emitting 1 0x09 repeated bytes of padding and length into IKEv2 Encryption Payload Aug 26 18:24:51.470454: | emitting 1 0x0a repeated bytes of padding and length into IKEv2 Encryption Payload Aug 26 18:24:51.470457: | emitting 1 0x0b repeated bytes of padding and length into IKEv2 Encryption Payload Aug 26 18:24:51.470459: | emitting 1 0x0c repeated bytes of padding and length into IKEv2 Encryption Payload Aug 26 18:24:51.470462: | emitting 1 0x0d repeated bytes of padding and length into IKEv2 Encryption Payload Aug 26 18:24:51.470464: | emitting 1 0x0e repeated bytes of padding and length into IKEv2 Encryption Payload Aug 26 18:24:51.470467: | emitting 1 0x0f repeated bytes of padding and length into IKEv2 Encryption Payload Aug 26 18:24:51.470469: | emitting 16 zero bytes of length of truncated HMAC/KEY into IKEv2 Encryption Payload Aug 26 18:24:51.470472: | emitting length of IKEv2 Encryption Payload: 580 Aug 26 18:24:51.470474: | emitting length of ISAKMP Message: 608 Aug 26 18:24:51.470514: | data being hmac: ff 40 95 92 e6 85 07 d9 fd 1d f4 22 0d b8 c9 16 Aug 26 18:24:51.470518: | data being hmac: 2e 20 24 08 00 00 00 02 00 00 02 60 21 00 02 44 Aug 26 18:24:51.470521: | data being hmac: 2d 41 3e 33 90 c7 3e 9e 9b 06 df 66 99 66 62 f8 Aug 26 18:24:51.470523: | data being hmac: e3 2e 73 3b 1b 58 f6 49 28 fd 3e 5c 1a 1a e8 18 Aug 26 18:24:51.470525: | data being hmac: 9a 15 28 b7 21 19 7f 6c 68 1a b1 7d f1 9f 6b ed Aug 26 18:24:51.470528: | data being hmac: 97 36 e0 61 e9 8e f5 83 b9 e1 20 c2 2f 4e 8e 87 Aug 26 18:24:51.470530: | data being hmac: b9 74 d2 4c 80 02 02 6a 2e c1 18 48 fa 94 42 ab Aug 26 18:24:51.470532: | data being hmac: ef 97 2c 0b eb c4 c9 05 1d e5 90 33 f3 ef b7 37 Aug 26 18:24:51.470535: | data being hmac: 06 f5 b9 34 98 78 42 8e e6 30 5d c2 46 27 7f e8 Aug 26 18:24:51.470537: | data being hmac: a9 7c 00 75 51 56 44 69 7d 49 ee 4b 0b 0e db 86 Aug 26 18:24:51.470539: | data being hmac: b6 3e fc 57 f4 27 0b bf a7 cd fd 7f cc 6f 49 e2 Aug 26 18:24:51.470541: | data being hmac: d3 28 c7 aa 61 4b 6b 7a 90 60 b1 63 f8 0d aa 04 Aug 26 18:24:51.470543: | data being hmac: 60 c0 6a 9f c4 7b 1d 76 31 f1 3e 54 73 e8 3d 8b Aug 26 18:24:51.470546: | data being hmac: 29 c9 3f 59 80 21 ce 50 ca 2b 12 43 50 31 2b 2c Aug 26 18:24:51.470548: | data being hmac: 3e b9 55 99 d1 a9 df 01 23 00 11 12 3f 3b ef 4d Aug 26 18:24:51.470550: | data being hmac: 74 03 3e af 6c 32 47 d4 94 c1 39 fa 76 0a bf b3 Aug 26 18:24:51.470552: | data being hmac: bd 56 40 c1 2d 52 50 37 90 26 d6 a7 1c 1a 6c 94 Aug 26 18:24:51.470555: | data being hmac: 5a 75 3c 6e f7 ce ec 16 2f 80 3f 2d 62 95 36 a0 Aug 26 18:24:51.470557: | data being hmac: 2f 1e 8f c1 1b 48 72 91 ac 7e 0e 84 25 0e 46 39 Aug 26 18:24:51.470560: | data being hmac: f8 1a 11 2e 8e 67 a3 70 d4 b9 04 1f 1f 93 f9 61 Aug 26 18:24:51.470562: | data being hmac: 4e 61 18 97 cf 9d cd ef 33 84 95 e1 5d b8 53 13 Aug 26 18:24:51.470564: | data being hmac: cf 06 7b 52 a0 80 f2 8d 15 24 22 b8 14 cb b7 82 Aug 26 18:24:51.470566: | data being hmac: 95 4d cd 79 07 c8 33 71 bb 1b 13 a1 e0 76 34 54 Aug 26 18:24:51.470569: | data being hmac: 8c cf 91 bc f7 57 de 0a 9a e7 63 c6 9c e2 b7 08 Aug 26 18:24:51.470571: | data being hmac: 35 1d e5 3d 8d ee eb 13 f2 2f 23 04 8c 46 1f bf Aug 26 18:24:51.470573: | data being hmac: 6a 6f 14 df 7f e8 38 27 ca 43 79 e0 e9 d4 d2 52 Aug 26 18:24:51.470576: | data being hmac: d9 23 3e 29 a3 ea 44 a0 47 b1 dd 36 33 c1 44 f8 Aug 26 18:24:51.470578: | data being hmac: d2 cb bb 3b 2c ca 68 76 20 09 0c 3a b3 29 03 e5 Aug 26 18:24:51.470581: | data being hmac: f0 66 83 cd a4 a6 70 c0 32 27 3e 3b 46 32 ce e2 Aug 26 18:24:51.470583: | data being hmac: 07 fa c2 c9 c9 2f 37 98 ec 48 e0 ca d8 0e 80 48 Aug 26 18:24:51.470585: | data being hmac: 63 68 18 e7 de b5 39 29 24 9d 06 be 96 5e 19 49 Aug 26 18:24:51.470588: | data being hmac: 4f 7e b1 75 e3 b3 a8 2f 53 46 12 00 16 a5 80 11 Aug 26 18:24:51.470590: | data being hmac: db f7 4a c0 91 14 fc 36 fb de c2 22 9d 52 e2 a8 Aug 26 18:24:51.470592: | data being hmac: a2 24 2d f8 88 15 3f ea 64 67 67 76 14 39 88 3a Aug 26 18:24:51.470597: | data being hmac: 49 1a 3d e9 89 69 7a b2 4c 0b 02 74 06 e1 16 9d Aug 26 18:24:51.470599: | data being hmac: cc f8 ec 6f 35 0d cd 40 4f 8a 52 76 55 dd 6c 30 Aug 26 18:24:51.470601: | data being hmac: a8 78 9d 1c e7 87 64 3e c2 e3 eb 05 3f f5 51 c7 Aug 26 18:24:51.470604: | out calculated auth: Aug 26 18:24:51.470606: | 3a 3f 34 ec 7a 3d fb a0 06 fb 25 1c c4 81 0a bc Aug 26 18:24:51.470614: | [RE]START processing: state #4 connection "north-eastnets/0x2" from 192.1.2.23 (in complete_v2_state_transition() at ikev2.c:3379) Aug 26 18:24:51.470618: | #4 complete_v2_state_transition() V2_CREATE_I0->V2_CREATE_I with status STF_OK Aug 26 18:24:51.470621: | IKEv2: transition from state STATE_V2_CREATE_I0 to state STATE_V2_CREATE_I Aug 26 18:24:51.470625: | child state #4: V2_CREATE_I0(established IKE SA) => V2_CREATE_I(established IKE SA) Aug 26 18:24:51.470628: | Message ID: updating counters for #4 to 4294967295 after switching state Aug 26 18:24:51.470631: | Message ID: IKE #1 skipping update_recv as MD is fake Aug 26 18:24:51.470636: | Message ID: sent #1.#4 request 2; ike: initiator.sent=1->2 initiator.recv=1 responder.sent=-1 responder.recv=-1; child: wip.initiator=-1->2 wip.responder=-1 Aug 26 18:24:51.470640: "north-eastnets/0x2" #4: STATE_V2_CREATE_I: sent IPsec Child req wait response Aug 26 18:24:51.470654: | sending V2 reply packet to 192.1.2.23:500 (from 192.1.3.33:500) Aug 26 18:24:51.470661: | sending 608 bytes for STATE_V2_CREATE_I0 through eth1 from 192.1.3.33:500 to 192.1.2.23:500 (using #1) Aug 26 18:24:51.470665: | ff 40 95 92 e6 85 07 d9 fd 1d f4 22 0d b8 c9 16 Aug 26 18:24:51.470667: | 2e 20 24 08 00 00 00 02 00 00 02 60 21 00 02 44 Aug 26 18:24:51.470670: | 2d 41 3e 33 90 c7 3e 9e 9b 06 df 66 99 66 62 f8 Aug 26 18:24:51.470672: | e3 2e 73 3b 1b 58 f6 49 28 fd 3e 5c 1a 1a e8 18 Aug 26 18:24:51.470674: | 9a 15 28 b7 21 19 7f 6c 68 1a b1 7d f1 9f 6b ed Aug 26 18:24:51.470677: | 97 36 e0 61 e9 8e f5 83 b9 e1 20 c2 2f 4e 8e 87 Aug 26 18:24:51.470679: | b9 74 d2 4c 80 02 02 6a 2e c1 18 48 fa 94 42 ab Aug 26 18:24:51.470682: | ef 97 2c 0b eb c4 c9 05 1d e5 90 33 f3 ef b7 37 Aug 26 18:24:51.470685: | 06 f5 b9 34 98 78 42 8e e6 30 5d c2 46 27 7f e8 Aug 26 18:24:51.470687: | a9 7c 00 75 51 56 44 69 7d 49 ee 4b 0b 0e db 86 Aug 26 18:24:51.470690: | b6 3e fc 57 f4 27 0b bf a7 cd fd 7f cc 6f 49 e2 Aug 26 18:24:51.470692: | d3 28 c7 aa 61 4b 6b 7a 90 60 b1 63 f8 0d aa 04 Aug 26 18:24:51.470695: | 60 c0 6a 9f c4 7b 1d 76 31 f1 3e 54 73 e8 3d 8b Aug 26 18:24:51.470697: | 29 c9 3f 59 80 21 ce 50 ca 2b 12 43 50 31 2b 2c Aug 26 18:24:51.470699: | 3e b9 55 99 d1 a9 df 01 23 00 11 12 3f 3b ef 4d Aug 26 18:24:51.470702: | 74 03 3e af 6c 32 47 d4 94 c1 39 fa 76 0a bf b3 Aug 26 18:24:51.470704: | bd 56 40 c1 2d 52 50 37 90 26 d6 a7 1c 1a 6c 94 Aug 26 18:24:51.470707: | 5a 75 3c 6e f7 ce ec 16 2f 80 3f 2d 62 95 36 a0 Aug 26 18:24:51.470709: | 2f 1e 8f c1 1b 48 72 91 ac 7e 0e 84 25 0e 46 39 Aug 26 18:24:51.470711: | f8 1a 11 2e 8e 67 a3 70 d4 b9 04 1f 1f 93 f9 61 Aug 26 18:24:51.470714: | 4e 61 18 97 cf 9d cd ef 33 84 95 e1 5d b8 53 13 Aug 26 18:24:51.470716: | cf 06 7b 52 a0 80 f2 8d 15 24 22 b8 14 cb b7 82 Aug 26 18:24:51.470719: | 95 4d cd 79 07 c8 33 71 bb 1b 13 a1 e0 76 34 54 Aug 26 18:24:51.470721: | 8c cf 91 bc f7 57 de 0a 9a e7 63 c6 9c e2 b7 08 Aug 26 18:24:51.470724: | 35 1d e5 3d 8d ee eb 13 f2 2f 23 04 8c 46 1f bf Aug 26 18:24:51.470726: | 6a 6f 14 df 7f e8 38 27 ca 43 79 e0 e9 d4 d2 52 Aug 26 18:24:51.470729: | d9 23 3e 29 a3 ea 44 a0 47 b1 dd 36 33 c1 44 f8 Aug 26 18:24:51.470731: | d2 cb bb 3b 2c ca 68 76 20 09 0c 3a b3 29 03 e5 Aug 26 18:24:51.470734: | f0 66 83 cd a4 a6 70 c0 32 27 3e 3b 46 32 ce e2 Aug 26 18:24:51.470737: | 07 fa c2 c9 c9 2f 37 98 ec 48 e0 ca d8 0e 80 48 Aug 26 18:24:51.470739: | 63 68 18 e7 de b5 39 29 24 9d 06 be 96 5e 19 49 Aug 26 18:24:51.470742: | 4f 7e b1 75 e3 b3 a8 2f 53 46 12 00 16 a5 80 11 Aug 26 18:24:51.470746: | db f7 4a c0 91 14 fc 36 fb de c2 22 9d 52 e2 a8 Aug 26 18:24:51.470749: | a2 24 2d f8 88 15 3f ea 64 67 67 76 14 39 88 3a Aug 26 18:24:51.470751: | 49 1a 3d e9 89 69 7a b2 4c 0b 02 74 06 e1 16 9d Aug 26 18:24:51.470754: | cc f8 ec 6f 35 0d cd 40 4f 8a 52 76 55 dd 6c 30 Aug 26 18:24:51.470756: | a8 78 9d 1c e7 87 64 3e c2 e3 eb 05 3f f5 51 c7 Aug 26 18:24:51.470759: | 3a 3f 34 ec 7a 3d fb a0 06 fb 25 1c c4 81 0a bc Aug 26 18:24:51.470789: | state #4 requesting EVENT_SA_REPLACE to be deleted Aug 26 18:24:51.470794: | libevent_free: release ptr-libevent@0x55ce53a80010 Aug 26 18:24:51.470798: | free_event_entry: release EVENT_SA_REPLACE-pe@0x55ce53a801d0 Aug 26 18:24:51.470801: | success_v2_state_transition scheduling EVENT_RETRANSMIT of c->r_interval=50ms Aug 26 18:24:51.470806: | event_schedule: new EVENT_RETRANSMIT-pe@0x55ce53a801d0 Aug 26 18:24:51.470810: | inserting event EVENT_RETRANSMIT, timeout in 0.05 seconds for #4 Aug 26 18:24:51.470813: | libevent_malloc: new ptr-libevent@0x55ce53a80010 size 128 Aug 26 18:24:51.470819: | #4 STATE_V2_CREATE_I: retransmits: first event in 0.05 seconds; timeout in 60 seconds; limit of 12 retransmits; current time is 29177.213271 Aug 26 18:24:51.470825: | stop processing: state #4 connection "north-eastnets/0x2" from 192.1.2.23 (in initiate_next() at ikev2_msgid.c:557) Aug 26 18:24:51.470830: | resume processing: state #1 connection "north-eastnets/0x2" from 192.1.2.23 (in initiate_next() at ikev2_msgid.c:557) Aug 26 18:24:51.470836: | #1 spent 0.87 milliseconds in callback v2_msgid_schedule_next_initiator Aug 26 18:24:51.470841: | stop processing: state #1 connection "north-eastnets/0x2" from 192.1.2.23 (in callback_handler() at server.c:908) Aug 26 18:24:51.470845: | libevent_free: release ptr-libevent@0x55ce53a89860 Aug 26 18:24:51.480266: | spent 0.0031 milliseconds in comm_handle_cb() calling check_incoming_msg_errqueue() Aug 26 18:24:51.480301: | *received 608 bytes from 192.1.2.23:500 on eth1 (192.1.3.33:500) Aug 26 18:24:51.480307: | ff 40 95 92 e6 85 07 d9 fd 1d f4 22 0d b8 c9 16 Aug 26 18:24:51.480310: | 2e 20 24 20 00 00 00 02 00 00 02 60 21 00 02 44 Aug 26 18:24:51.480312: | 35 b7 15 9d d6 38 2e 8d 08 8f c9 1f fe b8 9e 0d Aug 26 18:24:51.480314: | a7 1d d4 56 44 d3 b0 84 02 67 a5 78 ea b1 32 b2 Aug 26 18:24:51.480317: | f2 db 3c 21 18 f7 0d 7a 80 5f ab e8 6b fe 9f 9b Aug 26 18:24:51.480320: | 00 6d a3 d0 53 3e a2 57 be 8e 17 09 6a f6 e8 08 Aug 26 18:24:51.480322: | 1c e8 48 3a b4 80 45 7a 44 7f c9 16 fb cd d1 3d Aug 26 18:24:51.480325: | 4d 75 72 90 22 f1 a9 61 61 e9 18 3c 78 79 28 c9 Aug 26 18:24:51.480327: | 5f b8 12 d7 9f 8c d8 b1 f2 ac 4f 7c a5 db 7c 0d Aug 26 18:24:51.480329: | dd e9 42 42 d6 d3 14 ed 45 e6 fb 52 4b 3f 71 39 Aug 26 18:24:51.480332: | 12 7e 13 c6 54 a0 1f 82 11 fa b0 ce 6d b7 3b b9 Aug 26 18:24:51.480334: | 47 ac 8d 8a 7f a1 18 28 ba 3b 7f 8e 34 a5 63 1f Aug 26 18:24:51.480337: | f5 24 a9 c9 b6 f9 92 62 97 e6 84 5f 65 b0 40 d7 Aug 26 18:24:51.480339: | 52 75 09 3c 58 a5 4c 80 47 1f e9 0a 4e 06 48 4c Aug 26 18:24:51.480342: | f4 29 33 a4 d1 3f 37 5d d6 73 8d 47 b3 b5 08 a4 Aug 26 18:24:51.480344: | 14 1f 15 8b a5 15 0c e6 b0 cd ef 91 53 1b 2f 18 Aug 26 18:24:51.480347: | ad 89 51 c9 79 03 fb 7b 1e 59 6c f3 01 67 3c 32 Aug 26 18:24:51.480349: | 75 da 76 99 6f 8e bf 56 83 f3 8d 61 9a 79 2d 5b Aug 26 18:24:51.480352: | 40 3f 98 84 df 0d 88 52 1b 25 d8 1a f3 3e c1 2d Aug 26 18:24:51.480354: | 3a 93 52 5a c5 75 82 48 df 19 2f 19 6b f3 ee a9 Aug 26 18:24:51.480357: | 06 bb d1 04 d3 85 34 00 bb c6 28 19 40 da 6d f3 Aug 26 18:24:51.480359: | 21 c4 33 5f 2b 16 92 ee 6e d5 37 2a b2 fb bb 77 Aug 26 18:24:51.480362: | e6 0a 34 87 af b5 fc cd 65 15 72 a0 d0 46 5e 75 Aug 26 18:24:51.480367: | d7 4e 29 b4 41 2e 74 7d 87 e9 c6 74 78 3a 23 1f Aug 26 18:24:51.480371: | 13 26 40 1a 66 40 c1 bc cc ac 3a 06 08 90 a0 fc Aug 26 18:24:51.480374: | e3 94 6a a8 47 ea 19 62 fd 6e 50 97 97 59 c3 8a Aug 26 18:24:51.480379: | f4 09 18 fb 27 3b 9e 50 9f 67 a3 c8 95 3a e4 db Aug 26 18:24:51.480382: | 4d db 43 35 80 15 f9 1e 32 bd f7 00 27 cf c3 c1 Aug 26 18:24:51.480385: | 07 b6 db 00 08 db 64 57 65 2e 42 e6 1e c6 51 29 Aug 26 18:24:51.480387: | 3e 9a b6 98 6a 03 39 93 15 bc 67 28 25 c4 d5 3e Aug 26 18:24:51.480389: | 0d dc 68 47 6f 7e 50 17 e3 8c 74 c6 21 84 c1 08 Aug 26 18:24:51.480392: | 8e 12 c8 80 9f f9 47 a2 f9 ed b4 87 fe 3e 87 5a Aug 26 18:24:51.480394: | 93 2e af c0 c8 f7 32 16 48 b2 3f da 59 35 b3 0c Aug 26 18:24:51.480397: | 5a 69 1a 8b 3f 0f a3 ed 70 d2 c3 ee 3e 29 4a 59 Aug 26 18:24:51.480399: | 8f b0 ff 5e 15 af fe 81 65 8d 1f 9f ce a7 5a b8 Aug 26 18:24:51.480402: | 0b 6a c3 94 d2 40 2d 3e e5 51 2c 46 e0 60 50 f7 Aug 26 18:24:51.480404: | b4 7b ea 1d 6f 68 03 5b 5b 5a aa bc 07 e2 91 9f Aug 26 18:24:51.480407: | 86 63 8b c4 41 2c 4b 6d 68 d6 16 b7 84 ee d2 fc Aug 26 18:24:51.480412: | start processing: from 192.1.2.23:500 (in process_md() at demux.c:378) Aug 26 18:24:51.480417: | **parse ISAKMP Message: Aug 26 18:24:51.480420: | initiator cookie: Aug 26 18:24:51.480423: | ff 40 95 92 e6 85 07 d9 Aug 26 18:24:51.480426: | responder cookie: Aug 26 18:24:51.480428: | fd 1d f4 22 0d b8 c9 16 Aug 26 18:24:51.480431: | next payload type: ISAKMP_NEXT_v2SK (0x2e) Aug 26 18:24:51.480434: | ISAKMP version: IKEv2 version 2.0 (rfc4306/rfc5996) (0x20) Aug 26 18:24:51.480436: | exchange type: ISAKMP_v2_CREATE_CHILD_SA (0x24) Aug 26 18:24:51.480439: | flags: ISAKMP_FLAG_v2_MSG_RESPONSE (0x20) Aug 26 18:24:51.480442: | Message ID: 2 (0x2) Aug 26 18:24:51.480444: | length: 608 (0x260) Aug 26 18:24:51.480447: | processing version=2.0 packet with exchange type=ISAKMP_v2_CREATE_CHILD_SA (36) Aug 26 18:24:51.480451: | I am the IKE SA Original Initiator receiving an IKEv2 CREATE_CHILD_SA response Aug 26 18:24:51.480455: | State DB: found IKEv2 state #1 in PARENT_I3 (find_v2_ike_sa) Aug 26 18:24:51.480462: | start processing: state #1 connection "north-eastnets/0x2" from 192.1.2.23 (in ikev2_process_packet() at ikev2.c:2016) Aug 26 18:24:51.480466: | State DB: found IKEv2 state #4 in V2_CREATE_I (find_v2_sa_by_initiator_wip) Aug 26 18:24:51.480470: | suspend processing: state #1 connection "north-eastnets/0x2" from 192.1.2.23 (in ike_process_packet() at ikev2.c:2062) Aug 26 18:24:51.480475: | start processing: state #4 connection "north-eastnets/0x2" from 192.1.2.23 (in ike_process_packet() at ikev2.c:2062) Aug 26 18:24:51.480478: | #4 is idle Aug 26 18:24:51.480480: | #4 idle Aug 26 18:24:51.480482: | unpacking clear payload Aug 26 18:24:51.480485: | Now let's proceed with payload (ISAKMP_NEXT_v2SK) Aug 26 18:24:51.480488: | ***parse IKEv2 Encryption Payload: Aug 26 18:24:51.480491: | next payload type: ISAKMP_NEXT_v2SA (0x21) Aug 26 18:24:51.480494: | flags: none (0x0) Aug 26 18:24:51.480496: | length: 580 (0x244) Aug 26 18:24:51.480499: | processing payload: ISAKMP_NEXT_v2SK (len=576) Aug 26 18:24:51.480503: | #4 in state V2_CREATE_I: sent IPsec Child req wait response Aug 26 18:24:51.480546: | data for hmac: ff 40 95 92 e6 85 07 d9 fd 1d f4 22 0d b8 c9 16 Aug 26 18:24:51.480552: | data for hmac: 2e 20 24 20 00 00 00 02 00 00 02 60 21 00 02 44 Aug 26 18:24:51.480553: | data for hmac: 35 b7 15 9d d6 38 2e 8d 08 8f c9 1f fe b8 9e 0d Aug 26 18:24:51.480555: | data for hmac: a7 1d d4 56 44 d3 b0 84 02 67 a5 78 ea b1 32 b2 Aug 26 18:24:51.480557: | data for hmac: f2 db 3c 21 18 f7 0d 7a 80 5f ab e8 6b fe 9f 9b Aug 26 18:24:51.480558: | data for hmac: 00 6d a3 d0 53 3e a2 57 be 8e 17 09 6a f6 e8 08 Aug 26 18:24:51.480560: | data for hmac: 1c e8 48 3a b4 80 45 7a 44 7f c9 16 fb cd d1 3d Aug 26 18:24:51.480561: | data for hmac: 4d 75 72 90 22 f1 a9 61 61 e9 18 3c 78 79 28 c9 Aug 26 18:24:51.480563: | data for hmac: 5f b8 12 d7 9f 8c d8 b1 f2 ac 4f 7c a5 db 7c 0d Aug 26 18:24:51.480564: | data for hmac: dd e9 42 42 d6 d3 14 ed 45 e6 fb 52 4b 3f 71 39 Aug 26 18:24:51.480568: | data for hmac: 12 7e 13 c6 54 a0 1f 82 11 fa b0 ce 6d b7 3b b9 Aug 26 18:24:51.480570: | data for hmac: 47 ac 8d 8a 7f a1 18 28 ba 3b 7f 8e 34 a5 63 1f Aug 26 18:24:51.480571: | data for hmac: f5 24 a9 c9 b6 f9 92 62 97 e6 84 5f 65 b0 40 d7 Aug 26 18:24:51.480573: | data for hmac: 52 75 09 3c 58 a5 4c 80 47 1f e9 0a 4e 06 48 4c Aug 26 18:24:51.480574: | data for hmac: f4 29 33 a4 d1 3f 37 5d d6 73 8d 47 b3 b5 08 a4 Aug 26 18:24:51.480576: | data for hmac: 14 1f 15 8b a5 15 0c e6 b0 cd ef 91 53 1b 2f 18 Aug 26 18:24:51.480578: | data for hmac: ad 89 51 c9 79 03 fb 7b 1e 59 6c f3 01 67 3c 32 Aug 26 18:24:51.480579: | data for hmac: 75 da 76 99 6f 8e bf 56 83 f3 8d 61 9a 79 2d 5b Aug 26 18:24:51.480581: | data for hmac: 40 3f 98 84 df 0d 88 52 1b 25 d8 1a f3 3e c1 2d Aug 26 18:24:51.480582: | data for hmac: 3a 93 52 5a c5 75 82 48 df 19 2f 19 6b f3 ee a9 Aug 26 18:24:51.480584: | data for hmac: 06 bb d1 04 d3 85 34 00 bb c6 28 19 40 da 6d f3 Aug 26 18:24:51.480586: | data for hmac: 21 c4 33 5f 2b 16 92 ee 6e d5 37 2a b2 fb bb 77 Aug 26 18:24:51.480587: | data for hmac: e6 0a 34 87 af b5 fc cd 65 15 72 a0 d0 46 5e 75 Aug 26 18:24:51.480589: | data for hmac: d7 4e 29 b4 41 2e 74 7d 87 e9 c6 74 78 3a 23 1f Aug 26 18:24:51.480590: | data for hmac: 13 26 40 1a 66 40 c1 bc cc ac 3a 06 08 90 a0 fc Aug 26 18:24:51.480592: | data for hmac: e3 94 6a a8 47 ea 19 62 fd 6e 50 97 97 59 c3 8a Aug 26 18:24:51.480594: | data for hmac: f4 09 18 fb 27 3b 9e 50 9f 67 a3 c8 95 3a e4 db Aug 26 18:24:51.480595: | data for hmac: 4d db 43 35 80 15 f9 1e 32 bd f7 00 27 cf c3 c1 Aug 26 18:24:51.480597: | data for hmac: 07 b6 db 00 08 db 64 57 65 2e 42 e6 1e c6 51 29 Aug 26 18:24:51.480598: | data for hmac: 3e 9a b6 98 6a 03 39 93 15 bc 67 28 25 c4 d5 3e Aug 26 18:24:51.480600: | data for hmac: 0d dc 68 47 6f 7e 50 17 e3 8c 74 c6 21 84 c1 08 Aug 26 18:24:51.480601: | data for hmac: 8e 12 c8 80 9f f9 47 a2 f9 ed b4 87 fe 3e 87 5a Aug 26 18:24:51.480603: | data for hmac: 93 2e af c0 c8 f7 32 16 48 b2 3f da 59 35 b3 0c Aug 26 18:24:51.480605: | data for hmac: 5a 69 1a 8b 3f 0f a3 ed 70 d2 c3 ee 3e 29 4a 59 Aug 26 18:24:51.480606: | data for hmac: 8f b0 ff 5e 15 af fe 81 65 8d 1f 9f ce a7 5a b8 Aug 26 18:24:51.480608: | data for hmac: 0b 6a c3 94 d2 40 2d 3e e5 51 2c 46 e0 60 50 f7 Aug 26 18:24:51.480609: | data for hmac: b4 7b ea 1d 6f 68 03 5b 5b 5a aa bc 07 e2 91 9f Aug 26 18:24:51.480611: | calculated auth: 86 63 8b c4 41 2c 4b 6d 68 d6 16 b7 84 ee d2 fc Aug 26 18:24:51.480613: | provided auth: 86 63 8b c4 41 2c 4b 6d 68 d6 16 b7 84 ee d2 fc Aug 26 18:24:51.480614: | authenticator matched Aug 26 18:24:51.480627: | #4 ikev2 ISAKMP_v2_CREATE_CHILD_SA decrypt success Aug 26 18:24:51.480629: | Now let's proceed with payload (ISAKMP_NEXT_v2SA) Aug 26 18:24:51.480632: | **parse IKEv2 Security Association Payload: Aug 26 18:24:51.480633: | next payload type: ISAKMP_NEXT_v2Ni (0x28) Aug 26 18:24:51.480635: | flags: none (0x0) Aug 26 18:24:51.480637: | length: 52 (0x34) Aug 26 18:24:51.480639: | processing payload: ISAKMP_NEXT_v2SA (len=48) Aug 26 18:24:51.480640: | Now let's proceed with payload (ISAKMP_NEXT_v2Ni) Aug 26 18:24:51.480642: | **parse IKEv2 Nonce Payload: Aug 26 18:24:51.480644: | next payload type: ISAKMP_NEXT_v2KE (0x22) Aug 26 18:24:51.480645: | flags: none (0x0) Aug 26 18:24:51.480647: | length: 36 (0x24) Aug 26 18:24:51.480649: | processing payload: ISAKMP_NEXT_v2Ni (len=32) Aug 26 18:24:51.480650: | Now let's proceed with payload (ISAKMP_NEXT_v2KE) Aug 26 18:24:51.480652: | **parse IKEv2 Key Exchange Payload: Aug 26 18:24:51.480654: | next payload type: ISAKMP_NEXT_v2TSi (0x2c) Aug 26 18:24:51.480655: | flags: none (0x0) Aug 26 18:24:51.480657: | length: 392 (0x188) Aug 26 18:24:51.480659: | DH group: OAKLEY_GROUP_MODP3072 (0xf) Aug 26 18:24:51.480660: | processing payload: ISAKMP_NEXT_v2KE (len=384) Aug 26 18:24:51.480662: | Now let's proceed with payload (ISAKMP_NEXT_v2TSi) Aug 26 18:24:51.480665: | **parse IKEv2 Traffic Selector - Initiator - Payload: Aug 26 18:24:51.480667: | next payload type: ISAKMP_NEXT_v2TSr (0x2d) Aug 26 18:24:51.480669: | flags: none (0x0) Aug 26 18:24:51.480670: | length: 24 (0x18) Aug 26 18:24:51.480672: | number of TS: 1 (0x1) Aug 26 18:24:51.480673: | processing payload: ISAKMP_NEXT_v2TSi (len=16) Aug 26 18:24:51.480675: | Now let's proceed with payload (ISAKMP_NEXT_v2TSr) Aug 26 18:24:51.480677: | **parse IKEv2 Traffic Selector - Responder - Payload: Aug 26 18:24:51.480678: | next payload type: ISAKMP_NEXT_v2NONE (0x0) Aug 26 18:24:51.480680: | flags: none (0x0) Aug 26 18:24:51.480682: | length: 24 (0x18) Aug 26 18:24:51.480683: | number of TS: 1 (0x1) Aug 26 18:24:51.480685: | processing payload: ISAKMP_NEXT_v2TSr (len=16) Aug 26 18:24:51.480687: | selected state microcode Process CREATE_CHILD_SA IPsec SA Response Aug 26 18:24:51.480691: | #1 updating local interface from 192.1.3.33:500 to 192.1.3.33:500 using md->iface (in update_ike_endpoints() at state.c:2669) Aug 26 18:24:51.480693: | forcing ST #4 to CHILD #1.#4 in FSM processor Aug 26 18:24:51.480694: | Now let's proceed with state specific processing Aug 26 18:24:51.480696: | calling processor Process CREATE_CHILD_SA IPsec SA Response Aug 26 18:24:51.480703: | using existing local ESP/AH proposals for north-eastnets/0x2 (CREATE_CHILD_SA initiator accepting remote ESP/AH proposal): 1:ESP:ENCR=AES_CBC_128;INTEG=HMAC_SHA2_512_256;DH=MODP3072;ESN=DISABLED Aug 26 18:24:51.480706: | Comparing remote proposals against CREATE_CHILD_SA initiator accepting remote ESP/AH proposal 1 local proposals Aug 26 18:24:51.480708: | local proposal 1 type ENCR has 1 transforms Aug 26 18:24:51.480710: | local proposal 1 type PRF has 0 transforms Aug 26 18:24:51.480712: | local proposal 1 type INTEG has 1 transforms Aug 26 18:24:51.480713: | local proposal 1 type DH has 1 transforms Aug 26 18:24:51.480715: | local proposal 1 type ESN has 1 transforms Aug 26 18:24:51.480717: | local proposal 1 transforms: required: ENCR+INTEG+DH+ESN; optional: none Aug 26 18:24:51.480719: | ***parse IKEv2 Proposal Substructure Payload: Aug 26 18:24:51.480721: | last proposal: v2_PROPOSAL_LAST (0x0) Aug 26 18:24:51.480722: | length: 48 (0x30) Aug 26 18:24:51.480724: | prop #: 1 (0x1) Aug 26 18:24:51.480726: | proto ID: IKEv2_SEC_PROTO_ESP (0x3) Aug 26 18:24:51.480727: | spi size: 4 (0x4) Aug 26 18:24:51.480729: | # transforms: 4 (0x4) Aug 26 18:24:51.480731: | parsing 4 raw bytes of IKEv2 Proposal Substructure Payload into remote SPI Aug 26 18:24:51.480733: | remote SPI 78 6b 96 b7 Aug 26 18:24:51.480735: | Comparing remote proposal 1 containing 4 transforms against local proposal [1..1] of 1 local proposals Aug 26 18:24:51.480737: | ****parse IKEv2 Transform Substructure Payload: Aug 26 18:24:51.480738: | last transform: v2_TRANSFORM_NON_LAST (0x3) Aug 26 18:24:51.480740: | length: 12 (0xc) Aug 26 18:24:51.480742: | IKEv2 transform type: TRANS_TYPE_ENCR (0x1) Aug 26 18:24:51.480743: | IKEv2 transform ID: AES_CBC (0xc) Aug 26 18:24:51.480745: | *****parse IKEv2 Attribute Substructure Payload: Aug 26 18:24:51.480747: | af+type: AF+IKEv2_KEY_LENGTH (0x800e) Aug 26 18:24:51.480748: | length/value: 128 (0x80) Aug 26 18:24:51.480751: | remote proposal 1 transform 0 (ENCR=AES_CBC_128) matches local proposal 1 type 1 (ENCR) transform 0 Aug 26 18:24:51.480753: | ****parse IKEv2 Transform Substructure Payload: Aug 26 18:24:51.480755: | last transform: v2_TRANSFORM_NON_LAST (0x3) Aug 26 18:24:51.480756: | length: 8 (0x8) Aug 26 18:24:51.480758: | IKEv2 transform type: TRANS_TYPE_INTEG (0x3) Aug 26 18:24:51.480760: | IKEv2 transform ID: AUTH_HMAC_SHA2_512_256 (0xe) Aug 26 18:24:51.480762: | remote proposal 1 transform 1 (INTEG=HMAC_SHA2_512_256) matches local proposal 1 type 3 (INTEG) transform 0 Aug 26 18:24:51.480764: | ****parse IKEv2 Transform Substructure Payload: Aug 26 18:24:51.480765: | last transform: v2_TRANSFORM_NON_LAST (0x3) Aug 26 18:24:51.480767: | length: 8 (0x8) Aug 26 18:24:51.480770: | IKEv2 transform type: TRANS_TYPE_DH (0x4) Aug 26 18:24:51.480771: | IKEv2 transform ID: OAKLEY_GROUP_MODP3072 (0xf) Aug 26 18:24:51.480774: | remote proposal 1 transform 2 (DH=MODP3072) matches local proposal 1 type 4 (DH) transform 0 Aug 26 18:24:51.480775: | ****parse IKEv2 Transform Substructure Payload: Aug 26 18:24:51.480777: | last transform: v2_TRANSFORM_LAST (0x0) Aug 26 18:24:51.480778: | length: 8 (0x8) Aug 26 18:24:51.480780: | IKEv2 transform type: TRANS_TYPE_ESN (0x5) Aug 26 18:24:51.480782: | IKEv2 transform ID: ESN_DISABLED (0x0) Aug 26 18:24:51.480784: | remote proposal 1 transform 3 (ESN=DISABLED) matches local proposal 1 type 5 (ESN) transform 0 Aug 26 18:24:51.480787: | remote proposal 1 proposed transforms: ENCR+INTEG+DH+ESN; matched: ENCR+INTEG+DH+ESN; unmatched: none Aug 26 18:24:51.480790: | comparing remote proposal 1 containing ENCR+INTEG+DH+ESN transforms to local proposal 1; required: ENCR+INTEG+DH+ESN; optional: none; matched: ENCR+INTEG+DH+ESN Aug 26 18:24:51.480791: | remote proposal 1 matches local proposal 1 Aug 26 18:24:51.480793: | remote accepted the proposal 1:ESP:ENCR=AES_CBC_128;INTEG=HMAC_SHA2_512_256;DH=MODP3072;ESN=DISABLED[first-match] Aug 26 18:24:51.480797: | CREATE_CHILD_SA initiator accepting remote ESP/AH proposal ikev2_proposal: 1:ESP:SPI=786b96b7;ENCR=AES_CBC_128;INTEG=HMAC_SHA2_512_256;DH=MODP3072;ESN=DISABLED Aug 26 18:24:51.480799: | converting proposal to internal trans attrs Aug 26 18:24:51.480802: | updating #4's .st_oakley with preserved PRF, but why update? Aug 26 18:24:51.480808: | adding ikev2 Child SA initiator pfs=yes work-order 7 for state #4 Aug 26 18:24:51.480810: | state #4 requesting EVENT_RETRANSMIT to be deleted Aug 26 18:24:51.480812: | #4 STATE_V2_CREATE_I: retransmits: cleared Aug 26 18:24:51.480816: | libevent_free: release ptr-libevent@0x55ce53a80010 Aug 26 18:24:51.480819: | free_event_entry: release EVENT_RETRANSMIT-pe@0x55ce53a801d0 Aug 26 18:24:51.480822: | event_schedule: new EVENT_CRYPTO_TIMEOUT-pe@0x55ce53a801d0 Aug 26 18:24:51.480826: | inserting event EVENT_CRYPTO_TIMEOUT, timeout in 60 seconds for #4 Aug 26 18:24:51.480829: | libevent_malloc: new ptr-libevent@0x55ce53a80010 size 128 Aug 26 18:24:51.480841: | #4 spent 0.14 milliseconds in processing: Process CREATE_CHILD_SA IPsec SA Response in ikev2_process_state_packet() Aug 26 18:24:51.480847: | [RE]START processing: state #4 connection "north-eastnets/0x2" from 192.1.2.23 (in complete_v2_state_transition() at ikev2.c:3379) Aug 26 18:24:51.480851: | #4 complete_v2_state_transition() V2_CREATE_I->V2_IPSEC_I with status STF_SUSPEND Aug 26 18:24:51.480854: | suspending state #4 and saving MD Aug 26 18:24:51.480857: | #4 is busy; has a suspended MD Aug 26 18:24:51.480862: | [RE]START processing: state #4 connection "north-eastnets/0x2" from 192.1.2.23 (in log_stf_suspend() at ikev2.c:3269) Aug 26 18:24:51.480865: | "north-eastnets/0x2" #4 complete v2 state STATE_V2_CREATE_I transition with STF_SUSPEND suspended from complete_v2_state_transition:3451 Aug 26 18:24:51.480870: | stop processing: state #4 connection "north-eastnets/0x2" from 192.1.2.23 (in ikev2_process_packet() at ikev2.c:2018) Aug 26 18:24:51.480875: | #1 spent 0.58 milliseconds in ikev2_process_packet() Aug 26 18:24:51.480879: | stop processing: from 192.1.2.23:500 (in process_md() at demux.c:380) Aug 26 18:24:51.480883: | processing: STOP state #0 (in process_md() at demux.c:382) Aug 26 18:24:51.480886: | processing: STOP connection NULL (in process_md() at demux.c:383) Aug 26 18:24:51.480891: | spent 0.596 milliseconds in comm_handle_cb() reading and processing packet Aug 26 18:24:51.480904: | crypto helper 6 resuming Aug 26 18:24:51.480910: | crypto helper 6 starting work-order 7 for state #4 Aug 26 18:24:51.480915: | crypto helper 6 doing crypto (ikev2 Child SA initiator pfs=yes); request ID 7 Aug 26 18:24:51.480918: | crypto helper is pausing for 1 seconds Aug 26 18:24:51.648449: | crypto helper 4 finished build KE and nonce (Child Responder KE and nonce nr); request ID 6 time elapsed 1.003769 seconds Aug 26 18:24:51.648472: | (#6) spent 2.3 milliseconds in crypto helper computing work-order 6: Child Responder KE and nonce nr (pcr) Aug 26 18:24:51.648477: | crypto helper 4 sending results from work-order 6 for state #6 to event queue Aug 26 18:24:51.648481: | scheduling resume sending helper answer for #6 Aug 26 18:24:51.648485: | libevent_malloc: new ptr-libevent@0x7ffa8c005780 size 128 Aug 26 18:24:51.648497: | crypto helper 4 waiting (nothing to do) Aug 26 18:24:51.648510: | processing resume sending helper answer for #6 Aug 26 18:24:51.648524: | start processing: state #6 connection "north-eastnets/0x1" from 192.1.2.23:500 (in resume_handler() at server.c:797) Aug 26 18:24:51.648530: | crypto helper 4 replies to request ID 6 Aug 26 18:24:51.648533: | calling continuation function 0x55ce534e2b50 Aug 26 18:24:51.648537: | ikev2_child_inIoutR_continue for #6 STATE_V2_CREATE_R Aug 26 18:24:51.648548: | adding DHv2 for child sa work-order 8 for state #6 Aug 26 18:24:51.648552: | state #6 requesting EVENT_CRYPTO_TIMEOUT to be deleted Aug 26 18:24:51.648556: | libevent_free: release ptr-libevent@0x7ffa94003060 Aug 26 18:24:51.648560: | free_event_entry: release EVENT_CRYPTO_TIMEOUT-pe@0x55ce53a79c70 Aug 26 18:24:51.648563: | event_schedule: new EVENT_CRYPTO_TIMEOUT-pe@0x55ce53a79c70 Aug 26 18:24:51.648567: | inserting event EVENT_CRYPTO_TIMEOUT, timeout in 60 seconds for #6 Aug 26 18:24:51.648571: | libevent_malloc: new ptr-libevent@0x7ffa94003060 size 128 Aug 26 18:24:51.648583: | [RE]START processing: state #6 connection "north-eastnets/0x1" from 192.1.2.23:500 (in complete_v2_state_transition() at ikev2.c:3379) Aug 26 18:24:51.648588: | #6 complete_v2_state_transition() V2_CREATE_R->V2_IPSEC_R with status STF_SUSPEND Aug 26 18:24:51.648589: | crypto helper 0 resuming Aug 26 18:24:51.648603: | crypto helper 0 starting work-order 8 for state #6 Aug 26 18:24:51.648608: | crypto helper 0 doing crypto (DHv2 for child sa); request ID 8 Aug 26 18:24:51.648611: | crypto helper is pausing for 1 seconds Aug 26 18:24:51.648592: | suspending state #6 and saving MD Aug 26 18:24:51.648619: | #6 is busy; has a suspended MD Aug 26 18:24:51.648625: | [RE]START processing: state #6 connection "north-eastnets/0x1" from 192.1.2.23:500 (in log_stf_suspend() at ikev2.c:3269) Aug 26 18:24:51.648629: | "north-eastnets/0x1" #6 complete v2 state STATE_V2_CREATE_R transition with STF_SUSPEND suspended from complete_v2_state_transition:3451 Aug 26 18:24:51.648633: | resume sending helper answer for #6 suppresed complete_v2_state_transition() and stole MD Aug 26 18:24:51.648638: | #6 spent 0.087 milliseconds in resume sending helper answer Aug 26 18:24:51.648643: | stop processing: state #6 connection "north-eastnets/0x1" from 192.1.2.23:500 (in resume_handler() at server.c:833) Aug 26 18:24:51.648647: | libevent_free: release ptr-libevent@0x7ffa8c005780 Aug 26 18:24:52.263391: | spent 0.00269 milliseconds in comm_handle_cb() calling check_incoming_msg_errqueue() Aug 26 18:24:52.263697: | *received 608 bytes from 192.1.2.23:500 on eth1 (192.1.3.33:500) Aug 26 18:24:52.263704: | df 94 67 26 a0 0a d8 6e 82 6d 3e 8a e9 b9 76 8e Aug 26 18:24:52.263707: | 2e 20 24 08 00 00 00 02 00 00 02 60 21 00 02 44 Aug 26 18:24:52.263710: | 10 56 e6 68 73 ec b1 4c 77 ef 6c 0c bd b1 0b 63 Aug 26 18:24:52.263712: | 11 bd 0c 32 b9 87 1e c4 da 4f 2e 37 d8 36 b5 b9 Aug 26 18:24:52.263715: | 3d fe e7 6b 30 ad 7b 08 3a 37 8f 43 26 66 07 ea Aug 26 18:24:52.263718: | 77 5d b7 ce 0d ee 1e eb fa dd 63 ac db a8 54 62 Aug 26 18:24:52.263720: | 2b 7f 1d fe 7a 9e 55 3d 4c 43 2a bd d0 6b 1e b6 Aug 26 18:24:52.263723: | 0d e4 20 c7 73 51 7c 5d d9 c0 32 63 26 69 1e aa Aug 26 18:24:52.263725: | 53 fc 55 86 a0 3d ca 97 e4 33 0c dc 50 4b ad 64 Aug 26 18:24:52.263728: | 7b 8b 9a 44 f3 b9 28 03 26 c2 8a f0 34 b6 48 b0 Aug 26 18:24:52.263731: | 5f 0e 42 9b fb 84 61 df 28 84 ad 05 cc cd 25 d1 Aug 26 18:24:52.263733: | 27 fe b1 dd b8 a4 95 d1 21 9f cd 90 0b 0d 40 a2 Aug 26 18:24:52.263736: | f8 f2 0a 9a 97 5c ab c7 f9 86 b4 08 5c 78 e2 2d Aug 26 18:24:52.263741: | f0 96 45 7f 61 15 6e ef f7 16 80 32 b4 f3 8d 03 Aug 26 18:24:52.263744: | 8d 4c 23 90 e8 1e 8d 81 c6 90 02 cc a7 bf 8c af Aug 26 18:24:52.263747: | f5 49 56 17 92 21 f4 27 21 5a 03 42 d0 45 f7 57 Aug 26 18:24:52.263749: | ab ed d3 22 d9 3e fc e2 4b 39 54 d2 0c 9d 43 a3 Aug 26 18:24:52.263752: | 22 33 ee 6c 04 5e ed d6 bb 33 f9 08 16 05 1a 7b Aug 26 18:24:52.263755: | e9 0b a0 ec f5 9e bf 15 c6 68 62 df a6 c2 2c 3e Aug 26 18:24:52.263757: | a8 01 0e cf 51 05 89 8a cb 62 e6 c9 21 29 f4 97 Aug 26 18:24:52.263760: | 30 f6 5d e5 e2 ce 44 15 97 e4 7b e7 bb 00 1c ea Aug 26 18:24:52.263762: | 03 7a f4 f6 6f 7b 59 2f cc 68 c2 68 f5 69 ba a6 Aug 26 18:24:52.263765: | 81 64 d6 1c b6 c2 a4 d0 dd 6f a4 36 2f da 5d ae Aug 26 18:24:52.263768: | 18 38 1d 9c 04 be 73 c0 20 ab ff 39 1f 5d ef 38 Aug 26 18:24:52.263770: | 25 72 a3 7e bc a6 44 72 e3 b5 1d 8a a6 be fe a6 Aug 26 18:24:52.263772: | b4 c1 22 4b a4 44 59 c7 19 c7 28 47 70 43 84 e7 Aug 26 18:24:52.263775: | 96 d2 49 3e 8f bc ea 2b 1b b2 c1 15 f6 5f 81 cb Aug 26 18:24:52.263778: | 3d 11 0f f6 f2 79 12 40 ca a8 09 5b 0f ec f3 a2 Aug 26 18:24:52.263780: | fc 65 bc 59 5e 9b 4f ff 12 fd 17 98 5e 67 9b 97 Aug 26 18:24:52.263783: | 4b c8 60 19 19 e3 69 6b 98 30 5a 7f a7 5d 31 bd Aug 26 18:24:52.263785: | e9 36 cb 53 7f fd 95 a9 c3 32 78 3d e4 b0 08 58 Aug 26 18:24:52.263788: | 98 2f 7d f7 71 d6 25 b5 32 81 c3 63 03 ac a5 fc Aug 26 18:24:52.263791: | 54 86 4f 18 35 df 24 00 6f 18 8b 59 7c cc ff 72 Aug 26 18:24:52.263793: | 85 7c 85 6a 7d 8f 06 85 50 87 fe e2 86 a0 ae b6 Aug 26 18:24:52.263796: | a6 a6 0f be 3c 5d 22 51 9a 26 3a 73 14 7d e3 c1 Aug 26 18:24:52.263798: | f2 56 20 f3 7a 3a 7b 14 21 34 d4 86 8f c9 2f d8 Aug 26 18:24:52.263801: | ed 60 92 92 42 a2 46 b6 d6 52 a3 bf a7 b2 8b c4 Aug 26 18:24:52.263804: | d1 a5 12 04 50 8e 87 23 f9 69 42 4c 90 68 58 87 Aug 26 18:24:52.263809: | start processing: from 192.1.2.23:500 (in process_md() at demux.c:378) Aug 26 18:24:52.263814: | **parse ISAKMP Message: Aug 26 18:24:52.263817: | initiator cookie: Aug 26 18:24:52.263819: | df 94 67 26 a0 0a d8 6e Aug 26 18:24:52.263822: | responder cookie: Aug 26 18:24:52.263825: | 82 6d 3e 8a e9 b9 76 8e Aug 26 18:24:52.263828: | next payload type: ISAKMP_NEXT_v2SK (0x2e) Aug 26 18:24:52.263831: | ISAKMP version: IKEv2 version 2.0 (rfc4306/rfc5996) (0x20) Aug 26 18:24:52.263834: | exchange type: ISAKMP_v2_CREATE_CHILD_SA (0x24) Aug 26 18:24:52.263837: | flags: ISAKMP_FLAG_v2_IKE_INIT (0x8) Aug 26 18:24:52.263840: | Message ID: 2 (0x2) Aug 26 18:24:52.263843: | length: 608 (0x260) Aug 26 18:24:52.263847: | processing version=2.0 packet with exchange type=ISAKMP_v2_CREATE_CHILD_SA (36) Aug 26 18:24:52.263851: | I am the IKE SA Original Responder receiving an IKEv2 CREATE_CHILD_SA request Aug 26 18:24:52.263856: | State DB: found IKEv2 state #2 in PARENT_R2 (find_v2_ike_sa) Aug 26 18:24:52.263863: | start processing: state #2 connection "north-eastnets/0x2" from 192.1.2.23:500 (in ikev2_process_packet() at ikev2.c:2016) Aug 26 18:24:52.263867: | State DB: found IKEv2 state #6 in V2_CREATE_R (find_v2_sa_by_responder_wip) Aug 26 18:24:52.263872: | suspend processing: state #2 connection "north-eastnets/0x2" from 192.1.2.23:500 (in ike_process_packet() at ikev2.c:2062) Aug 26 18:24:52.263877: | start processing: state #6 connection "north-eastnets/0x1" from 192.1.2.23:500 (in ike_process_packet() at ikev2.c:2062) Aug 26 18:24:52.263881: | #2 st.st_msgid_lastrecv 1 md.hdr.isa_msgid 00000002 Aug 26 18:24:52.263884: "north-eastnets/0x1" #6: discarding packet received during asynchronous work (DNS or crypto) in STATE_V2_CREATE_R Aug 26 18:24:52.263889: | stop processing: state #6 connection "north-eastnets/0x1" from 192.1.2.23:500 (in ikev2_process_packet() at ikev2.c:2018) Aug 26 18:24:52.263896: | #2 spent 0.492 milliseconds in ikev2_process_packet() Aug 26 18:24:52.263900: | stop processing: from 192.1.2.23:500 (in process_md() at demux.c:380) Aug 26 18:24:52.263907: | processing: STOP state #0 (in process_md() at demux.c:382) Aug 26 18:24:52.263910: | processing: STOP connection NULL (in process_md() at demux.c:383) Aug 26 18:24:52.263915: | spent 0.512 milliseconds in comm_handle_cb() reading and processing packet Aug 26 18:24:52.484308: | crypto helper 6 finished crypto (ikev2 Child SA initiator pfs=yes); request ID 7 time elapsed 1.003389 seconds Aug 26 18:24:52.484329: | (#4) spent 2.47 milliseconds in crypto helper computing work-order 7: ikev2 Child SA initiator pfs=yes (dh) Aug 26 18:24:52.484334: | crypto helper 6 sending results from work-order 7 for state #4 to event queue Aug 26 18:24:52.484337: | scheduling resume sending helper answer for #4 Aug 26 18:24:52.484342: | libevent_malloc: new ptr-libevent@0x7ffa90001100 size 128 Aug 26 18:24:52.484353: | crypto helper 6 waiting (nothing to do) Aug 26 18:24:52.484366: | processing resume sending helper answer for #4 Aug 26 18:24:52.484375: | start processing: state #4 connection "north-eastnets/0x2" from 192.1.2.23 (in resume_handler() at server.c:797) Aug 26 18:24:52.484379: | crypto helper 6 replies to request ID 7 Aug 26 18:24:52.484382: | calling continuation function 0x55ce534e39d0 Aug 26 18:24:52.484386: | ikev2_child_inR_continue for #4 STATE_V2_CREATE_I Aug 26 18:24:52.484389: | TSi: parsing 1 traffic selectors Aug 26 18:24:52.484393: | ***parse IKEv2 Traffic Selector: Aug 26 18:24:52.484397: | TS type: IKEv2_TS_IPV4_ADDR_RANGE (0x7) Aug 26 18:24:52.484399: | IP Protocol ID: 0 (0x0) Aug 26 18:24:52.484402: | length: 16 (0x10) Aug 26 18:24:52.484405: | start port: 0 (0x0) Aug 26 18:24:52.484407: | end port: 65535 (0xffff) Aug 26 18:24:52.484410: | parsing 4 raw bytes of IKEv2 Traffic Selector into TS low Aug 26 18:24:52.484413: | TS low c0 00 03 00 Aug 26 18:24:52.484416: | parsing 4 raw bytes of IKEv2 Traffic Selector into TS high Aug 26 18:24:52.484419: | TS high c0 00 03 ff Aug 26 18:24:52.484422: | TSi: parsed 1 traffic selectors Aug 26 18:24:52.484424: | TSr: parsing 1 traffic selectors Aug 26 18:24:52.484427: | ***parse IKEv2 Traffic Selector: Aug 26 18:24:52.484430: | TS type: IKEv2_TS_IPV4_ADDR_RANGE (0x7) Aug 26 18:24:52.484432: | IP Protocol ID: 0 (0x0) Aug 26 18:24:52.484435: | length: 16 (0x10) Aug 26 18:24:52.484437: | start port: 0 (0x0) Aug 26 18:24:52.484440: | end port: 65535 (0xffff) Aug 26 18:24:52.484443: | parsing 4 raw bytes of IKEv2 Traffic Selector into TS low Aug 26 18:24:52.484445: | TS low c0 00 16 00 Aug 26 18:24:52.484448: | parsing 4 raw bytes of IKEv2 Traffic Selector into TS high Aug 26 18:24:52.484450: | TS high c0 00 16 ff Aug 26 18:24:52.484453: | TSr: parsed 1 traffic selectors Aug 26 18:24:52.484459: | evaluating our conn="north-eastnets/0x2" I=192.0.3.0/24:0/0 R=192.0.22.0/24:0/0 to their: Aug 26 18:24:52.484465: | TSi[0] .net=192.0.3.0-192.0.3.255 .iporotoid=0 .{start,end}port=0..65535 Aug 26 18:24:52.484472: | match address end->client=192.0.3.0/24 == TSi[0]net=192.0.3.0-192.0.3.255: YES fitness 32 Aug 26 18:24:52.484475: | narrow port end=0..65535 == TSi[0]=0..65535: 0 Aug 26 18:24:52.484478: | TSi[0] port match: YES fitness 65536 Aug 26 18:24:52.484481: | narrow protocol end=*0 == TSi[0]=*0: 0 Aug 26 18:24:52.484485: | match end->protocol=*0 == TSi[0].ipprotoid=*0: YES fitness 255 Aug 26 18:24:52.484490: | TSr[0] .net=192.0.22.0-192.0.22.255 .iporotoid=0 .{start,end}port=0..65535 Aug 26 18:24:52.484496: | match address end->client=192.0.22.0/24 == TSr[0]net=192.0.22.0-192.0.22.255: YES fitness 32 Aug 26 18:24:52.484499: | narrow port end=0..65535 == TSr[0]=0..65535: 0 Aug 26 18:24:52.484501: | TSr[0] port match: YES fitness 65536 Aug 26 18:24:52.484504: | narrow protocol end=*0 == TSr[0]=*0: 0 Aug 26 18:24:52.484507: | match end->protocol=*0 == TSr[0].ipprotoid=*0: YES fitness 255 Aug 26 18:24:52.484510: | best fit so far: TSi[0] TSr[0] Aug 26 18:24:52.484512: | found an acceptable TSi/TSr Traffic Selector Aug 26 18:24:52.484517: | printing contents struct traffic_selector Aug 26 18:24:52.484520: | ts_type: IKEv2_TS_IPV6_ADDR_RANGE Aug 26 18:24:52.484523: | ipprotoid: 0 Aug 26 18:24:52.484525: | port range: 0-65535 Aug 26 18:24:52.484529: | ip range: 192.0.3.0-192.0.3.255 Aug 26 18:24:52.484532: | printing contents struct traffic_selector Aug 26 18:24:52.484534: | ts_type: IKEv2_TS_IPV6_ADDR_RANGE Aug 26 18:24:52.484536: | ipprotoid: 0 Aug 26 18:24:52.484539: | port range: 0-65535 Aug 26 18:24:52.484543: | ip range: 192.0.22.0-192.0.22.255 Aug 26 18:24:52.484548: | integ=sha2_512: .key_size=64 encrypt=aes: .key_size=16 .salt_size=0 keymat_len=80 Aug 26 18:24:52.484891: | install_ipsec_sa() for #4: inbound and outbound Aug 26 18:24:52.484897: | could_route called for north-eastnets/0x2 (kind=CK_PERMANENT) Aug 26 18:24:52.484900: | FOR_EACH_CONNECTION_... in route_owner Aug 26 18:24:52.484904: | conn north-eastnets/0x2 mark 0/00000000, 0/00000000 vs Aug 26 18:24:52.484907: | conn north-eastnets/0x2 mark 0/00000000, 0/00000000 Aug 26 18:24:52.484910: | conn north-eastnets/0x2 mark 0/00000000, 0/00000000 vs Aug 26 18:24:52.484913: | conn north-eastnets/0x1 mark 0/00000000, 0/00000000 Aug 26 18:24:52.484918: | route owner of "north-eastnets/0x2" erouted: self; eroute owner: self Aug 26 18:24:52.484922: | looking for alg with encrypt: AES_CBC keylen: 128 integ: HMAC_SHA2_512_256 Aug 26 18:24:52.484926: | encrypt AES_CBC keylen=128 transid=12, key_size=16, encryptalg=12 Aug 26 18:24:52.484929: | st->st_esp.keymat_len=80 is encrypt_keymat_size=16 + integ_keymat_size=64 Aug 26 18:24:52.484934: | setting IPsec SA replay-window to 32 Aug 26 18:24:52.484937: | NIC esp-hw-offload not for connection 'north-eastnets/0x2' not available on interface eth1 Aug 26 18:24:52.484940: | netlink: enabling tunnel mode Aug 26 18:24:52.484943: | netlink: setting IPsec SA replay-window to 32 using old-style req Aug 26 18:24:52.484946: | netlink: esp-hw-offload not set for IPsec SA Aug 26 18:24:52.485035: | netlink response for Add SA esp.786b96b7@192.1.2.23 included non-error error Aug 26 18:24:52.485040: | set up outgoing SA, ref=0/0 Aug 26 18:24:52.485043: | looking for alg with encrypt: AES_CBC keylen: 128 integ: HMAC_SHA2_512_256 Aug 26 18:24:52.485046: | encrypt AES_CBC keylen=128 transid=12, key_size=16, encryptalg=12 Aug 26 18:24:52.485049: | st->st_esp.keymat_len=80 is encrypt_keymat_size=16 + integ_keymat_size=64 Aug 26 18:24:52.485052: | setting IPsec SA replay-window to 32 Aug 26 18:24:52.485055: | NIC esp-hw-offload not for connection 'north-eastnets/0x2' not available on interface eth1 Aug 26 18:24:52.485058: | netlink: enabling tunnel mode Aug 26 18:24:52.485061: | netlink: setting IPsec SA replay-window to 32 using old-style req Aug 26 18:24:52.485063: | netlink: esp-hw-offload not set for IPsec SA Aug 26 18:24:52.485109: | netlink response for Add SA esp.f8da28ce@192.1.3.33 included non-error error Aug 26 18:24:52.485113: | set up incoming SA, ref=0/0 Aug 26 18:24:52.485116: | sr for #4: erouted Aug 26 18:24:52.485119: | route_and_eroute() for proto 0, and source port 0 dest port 0 Aug 26 18:24:52.485122: | FOR_EACH_CONNECTION_... in route_owner Aug 26 18:24:52.485125: | conn north-eastnets/0x2 mark 0/00000000, 0/00000000 vs Aug 26 18:24:52.485127: | conn north-eastnets/0x2 mark 0/00000000, 0/00000000 Aug 26 18:24:52.485130: | conn north-eastnets/0x2 mark 0/00000000, 0/00000000 vs Aug 26 18:24:52.485133: | conn north-eastnets/0x1 mark 0/00000000, 0/00000000 Aug 26 18:24:52.485137: | route owner of "north-eastnets/0x2" erouted: self; eroute owner: self Aug 26 18:24:52.485141: | route_and_eroute with c: north-eastnets/0x2 (next: none) ero:north-eastnets/0x2 esr:{(nil)} ro:north-eastnets/0x2 rosr:{(nil)} and state: #4 Aug 26 18:24:52.485145: | priority calculation of connection "north-eastnets/0x2" is 0xfe7e7 Aug 26 18:24:52.485153: | eroute_connection replace eroute 192.0.3.0/24:0 --0-> 192.0.22.0/24:0 => tun.0@192.1.2.23>tun.0@192.1.2.23 (raw_eroute) Aug 26 18:24:52.485157: | IPsec Sa SPD priority set to 1042407 Aug 26 18:24:52.485183: | raw_eroute result=success Aug 26 18:24:52.485187: | route_and_eroute: firewall_notified: true Aug 26 18:24:52.485191: | route_and_eroute: instance "north-eastnets/0x2", setting eroute_owner {spd=0x55ce53a723a0,sr=0x55ce53a723a0} to #4 (was #5) (newest_ipsec_sa=#5) Aug 26 18:24:52.485249: | #1 spent 0.356 milliseconds in install_ipsec_sa() Aug 26 18:24:52.485254: | inR2: instance north-eastnets/0x2[0], setting IKEv2 newest_ipsec_sa to #4 (was #5) (spd.eroute=#4) cloned from #1 Aug 26 18:24:52.485257: | state #4 requesting EVENT_CRYPTO_TIMEOUT to be deleted Aug 26 18:24:52.485262: | libevent_free: release ptr-libevent@0x55ce53a80010 Aug 26 18:24:52.485265: | free_event_entry: release EVENT_CRYPTO_TIMEOUT-pe@0x55ce53a801d0 Aug 26 18:24:52.485271: | [RE]START processing: state #4 connection "north-eastnets/0x2" from 192.1.2.23 (in complete_v2_state_transition() at ikev2.c:3379) Aug 26 18:24:52.485275: | #4 complete_v2_state_transition() V2_CREATE_I->V2_IPSEC_I with status STF_OK Aug 26 18:24:52.485278: | IKEv2: transition from state STATE_V2_CREATE_I to state STATE_V2_IPSEC_I Aug 26 18:24:52.485282: | child state #4: V2_CREATE_I(established IKE SA) => V2_IPSEC_I(established CHILD SA) Aug 26 18:24:52.485285: | Message ID: updating counters for #4 to 2 after switching state Aug 26 18:24:52.485295: | Message ID: recv #1.#4 response 2; ike: initiator.sent=2 initiator.recv=1->2 responder.sent=-1 responder.recv=-1; child: wip.initiator=2->-1 wip.responder=-1 Aug 26 18:24:52.485303: | Message ID: #1.#4 skipping update_send as nothing to send; initiator.sent=2 initiator.recv=2 responder.sent=-1 responder.recv=-1 wip.initiator=-1 wip.responder=-1 Aug 26 18:24:52.485306: | pstats #4 ikev2.child established Aug 26 18:24:52.485314: "north-eastnets/0x2" #4: negotiated connection [192.0.3.0-192.0.3.255:0-65535 0] -> [192.0.22.0-192.0.22.255:0-65535 0] Aug 26 18:24:52.485327: | NAT-T: encaps is 'auto' Aug 26 18:24:52.485332: "north-eastnets/0x2" #4: STATE_V2_IPSEC_I: IPsec SA established tunnel mode {ESP=>0x786b96b7 <0xf8da28ce xfrm=AES_CBC_128-HMAC_SHA2_512_256-MODP3072 NATOA=none NATD=none DPD=passive} Aug 26 18:24:52.485337: | releasing whack for #4 (sock=fd@25) Aug 26 18:24:52.485343: | close_any(fd@25) (in release_whack() at state.c:654) Aug 26 18:24:52.485346: | releasing whack and unpending for parent #1 Aug 26 18:24:52.485350: | unpending state #1 connection "north-eastnets/0x2" Aug 26 18:24:52.485355: | #4 will start re-keying in 27838 seconds with margin of 962 seconds (attempting re-key) Aug 26 18:24:52.485358: | event_schedule: new EVENT_SA_REKEY-pe@0x55ce53a801d0 Aug 26 18:24:52.485362: | inserting event EVENT_SA_REKEY, timeout in 27838 seconds for #4 Aug 26 18:24:52.485365: | libevent_malloc: new ptr-libevent@0x55ce53a80010 size 128 Aug 26 18:24:52.485372: | #4 spent 0.99 milliseconds in resume sending helper answer Aug 26 18:24:52.485377: | stop processing: state #4 connection "north-eastnets/0x2" from 192.1.2.23 (in resume_handler() at server.c:833) Aug 26 18:24:52.485380: | libevent_free: release ptr-libevent@0x7ffa90001100 Aug 26 18:24:52.650919: | crypto helper 0 finished crypto (DHv2 for child sa); request ID 8 time elapsed 1.002308 seconds Aug 26 18:24:52.650937: | (#6) spent 2.27 milliseconds in crypto helper computing work-order 8: DHv2 for child sa (dh) Aug 26 18:24:52.650942: | crypto helper 0 sending results from work-order 8 for state #6 to event queue Aug 26 18:24:52.650946: | scheduling resume sending helper answer for #6 Aug 26 18:24:52.650950: | libevent_malloc: new ptr-libevent@0x7ffaa4006b50 size 128 Aug 26 18:24:52.650962: | crypto helper 0 waiting (nothing to do) Aug 26 18:24:52.650972: | processing resume sending helper answer for #6 Aug 26 18:24:52.650986: | start processing: state #6 connection "north-eastnets/0x1" from 192.1.2.23:500 (in resume_handler() at server.c:797) Aug 26 18:24:52.650991: | crypto helper 0 replies to request ID 8 Aug 26 18:24:52.650994: | calling continuation function 0x55ce534e39d0 Aug 26 18:24:52.650998: | ikev2_child_inIoutR_continue_continue for #6 STATE_V2_CREATE_R Aug 26 18:24:52.651007: | **emit ISAKMP Message: Aug 26 18:24:52.651011: | initiator cookie: Aug 26 18:24:52.651014: | df 94 67 26 a0 0a d8 6e Aug 26 18:24:52.651016: | responder cookie: Aug 26 18:24:52.651018: | 82 6d 3e 8a e9 b9 76 8e Aug 26 18:24:52.651022: | next payload type: ISAKMP_NEXT_NONE (0x0) Aug 26 18:24:52.651025: | ISAKMP version: IKEv2 version 2.0 (rfc4306/rfc5996) (0x20) Aug 26 18:24:52.651028: | exchange type: ISAKMP_v2_CREATE_CHILD_SA (0x24) Aug 26 18:24:52.651031: | flags: ISAKMP_FLAG_v2_MSG_RESPONSE (0x20) Aug 26 18:24:52.651034: | Message ID: 2 (0x2) Aug 26 18:24:52.651037: | next payload chain: saving message location 'ISAKMP Message'.'next payload type' Aug 26 18:24:52.651040: | ***emit IKEv2 Encryption Payload: Aug 26 18:24:52.651043: | next payload type: ISAKMP_NEXT_v2NONE (0x0) Aug 26 18:24:52.651046: | flags: none (0x0) Aug 26 18:24:52.651049: | next payload chain: setting previous 'ISAKMP Message'.'next payload type' to current IKEv2 Encryption Payload (46:ISAKMP_NEXT_v2SK) Aug 26 18:24:52.651053: | next payload chain: saving location 'IKEv2 Encryption Payload'.'next payload type' in 'reply packet' Aug 26 18:24:52.651056: | emitting 16 zero bytes of IV into IKEv2 Encryption Payload Aug 26 18:24:52.651081: | netlink_get_spi: allocated 0x2dacdcda for esp.0@192.1.3.33 Aug 26 18:24:52.651085: | Emitting ikev2_proposal ... Aug 26 18:24:52.651088: | ****emit IKEv2 Security Association Payload: Aug 26 18:24:52.651091: | next payload type: ISAKMP_NEXT_v2NONE (0x0) Aug 26 18:24:52.651093: | flags: none (0x0) Aug 26 18:24:52.651097: | next payload chain: setting previous 'IKEv2 Encryption Payload'.'next payload type' to current IKEv2 Security Association Payload (33:ISAKMP_NEXT_v2SA) Aug 26 18:24:52.651100: | next payload chain: saving location 'IKEv2 Security Association Payload'.'next payload type' in 'reply packet' Aug 26 18:24:52.651103: | *****emit IKEv2 Proposal Substructure Payload: Aug 26 18:24:52.651106: | last proposal: v2_PROPOSAL_LAST (0x0) Aug 26 18:24:52.651109: | prop #: 1 (0x1) Aug 26 18:24:52.651112: | proto ID: IKEv2_SEC_PROTO_ESP (0x3) Aug 26 18:24:52.651114: | spi size: 4 (0x4) Aug 26 18:24:52.651116: | # transforms: 4 (0x4) Aug 26 18:24:52.651119: | last substructure: saving location 'IKEv2 Security Association Payload'.'IKEv2 Proposal Substructure Payload'.'last proposal' Aug 26 18:24:52.651123: | emitting 4 raw bytes of our spi into IKEv2 Proposal Substructure Payload Aug 26 18:24:52.651126: | our spi 2d ac dc da Aug 26 18:24:52.651128: | ******emit IKEv2 Transform Substructure Payload: Aug 26 18:24:52.651131: | last transform: v2_TRANSFORM_NON_LAST (0x3) Aug 26 18:24:52.651134: | IKEv2 transform type: TRANS_TYPE_ENCR (0x1) Aug 26 18:24:52.651137: | IKEv2 transform ID: AES_CBC (0xc) Aug 26 18:24:52.651140: | last substructure: saving location 'IKEv2 Proposal Substructure Payload'.'IKEv2 Transform Substructure Payload'.'last transform' Aug 26 18:24:52.651143: | *******emit IKEv2 Attribute Substructure Payload: Aug 26 18:24:52.651147: | af+type: AF+IKEv2_KEY_LENGTH (0x800e) Aug 26 18:24:52.651149: | length/value: 128 (0x80) Aug 26 18:24:52.651152: | emitting length of IKEv2 Transform Substructure Payload: 12 Aug 26 18:24:52.651155: | ******emit IKEv2 Transform Substructure Payload: Aug 26 18:24:52.651158: | last transform: v2_TRANSFORM_NON_LAST (0x3) Aug 26 18:24:52.651160: | IKEv2 transform type: TRANS_TYPE_INTEG (0x3) Aug 26 18:24:52.651163: | IKEv2 transform ID: AUTH_HMAC_SHA2_512_256 (0xe) Aug 26 18:24:52.651167: | last substructure: checking 'IKEv2 Proposal Substructure Payload'.'IKEv2 Transform Substructure Payload'.'last transform' is v2_TRANSFORM_NON_LAST (0x3) Aug 26 18:24:52.651170: | last substructure: saving location 'IKEv2 Proposal Substructure Payload'.'IKEv2 Transform Substructure Payload'.'last transform' Aug 26 18:24:52.651173: | emitting length of IKEv2 Transform Substructure Payload: 8 Aug 26 18:24:52.651175: | ******emit IKEv2 Transform Substructure Payload: Aug 26 18:24:52.651182: | last transform: v2_TRANSFORM_NON_LAST (0x3) Aug 26 18:24:52.651185: | IKEv2 transform type: TRANS_TYPE_DH (0x4) Aug 26 18:24:52.651188: | IKEv2 transform ID: OAKLEY_GROUP_MODP3072 (0xf) Aug 26 18:24:52.651191: | last substructure: checking 'IKEv2 Proposal Substructure Payload'.'IKEv2 Transform Substructure Payload'.'last transform' is v2_TRANSFORM_NON_LAST (0x3) Aug 26 18:24:52.651194: | last substructure: saving location 'IKEv2 Proposal Substructure Payload'.'IKEv2 Transform Substructure Payload'.'last transform' Aug 26 18:24:52.651197: | emitting length of IKEv2 Transform Substructure Payload: 8 Aug 26 18:24:52.651200: | ******emit IKEv2 Transform Substructure Payload: Aug 26 18:24:52.651203: | last transform: v2_TRANSFORM_LAST (0x0) Aug 26 18:24:52.651205: | IKEv2 transform type: TRANS_TYPE_ESN (0x5) Aug 26 18:24:52.651208: | IKEv2 transform ID: ESN_DISABLED (0x0) Aug 26 18:24:52.651211: | last substructure: checking 'IKEv2 Proposal Substructure Payload'.'IKEv2 Transform Substructure Payload'.'last transform' is v2_TRANSFORM_NON_LAST (0x3) Aug 26 18:24:52.651214: | last substructure: saving location 'IKEv2 Proposal Substructure Payload'.'IKEv2 Transform Substructure Payload'.'last transform' Aug 26 18:24:52.651217: | emitting length of IKEv2 Transform Substructure Payload: 8 Aug 26 18:24:52.651219: | emitting length of IKEv2 Proposal Substructure Payload: 48 Aug 26 18:24:52.651222: | last substructure: checking 'IKEv2 Proposal Substructure Payload'.'IKEv2 Transform Substructure Payload'.'last transform' is 0 Aug 26 18:24:52.651225: | emitting length of IKEv2 Security Association Payload: 52 Aug 26 18:24:52.651228: | last substructure: checking 'IKEv2 Security Association Payload'.'IKEv2 Proposal Substructure Payload'.'last proposal' is 0 Aug 26 18:24:52.651231: | ****emit IKEv2 Nonce Payload: Aug 26 18:24:52.651234: | next payload type: ISAKMP_NEXT_v2NONE (0x0) Aug 26 18:24:52.651236: | flags: none (0x0) Aug 26 18:24:52.651240: | next payload chain: setting previous 'IKEv2 Security Association Payload'.'next payload type' to current IKEv2 Nonce Payload (40:ISAKMP_NEXT_v2Ni) Aug 26 18:24:52.651243: | next payload chain: saving location 'IKEv2 Nonce Payload'.'next payload type' in 'reply packet' Aug 26 18:24:52.651246: | emitting 32 raw bytes of IKEv2 nonce into IKEv2 Nonce Payload Aug 26 18:24:52.651250: | IKEv2 nonce 6f 08 89 0e e6 1d 22 11 bf cd 7c bd fe fa 73 b4 Aug 26 18:24:52.651252: | IKEv2 nonce 38 87 59 e3 57 7e 91 60 00 a5 16 20 45 8e 10 41 Aug 26 18:24:52.651255: | emitting length of IKEv2 Nonce Payload: 36 Aug 26 18:24:52.651258: | ****emit IKEv2 Key Exchange Payload: Aug 26 18:24:52.651261: | next payload type: ISAKMP_NEXT_v2NONE (0x0) Aug 26 18:24:52.651263: | flags: none (0x0) Aug 26 18:24:52.651266: | DH group: OAKLEY_GROUP_MODP3072 (0xf) Aug 26 18:24:52.651269: | next payload chain: setting previous 'IKEv2 Nonce Payload'.'next payload type' to current IKEv2 Key Exchange Payload (34:ISAKMP_NEXT_v2KE) Aug 26 18:24:52.651272: | next payload chain: saving location 'IKEv2 Key Exchange Payload'.'next payload type' in 'reply packet' Aug 26 18:24:52.651275: | emitting 384 raw bytes of ikev2 g^x into IKEv2 Key Exchange Payload Aug 26 18:24:52.651278: | ikev2 g^x 6c 96 02 b9 11 2c 25 05 58 94 9b d9 45 b1 31 f5 Aug 26 18:24:52.651281: | ikev2 g^x de 7a 22 17 5e c6 f6 57 22 5a ab d0 b1 d9 38 80 Aug 26 18:24:52.651283: | ikev2 g^x c8 c3 b1 2b 0c 8d 47 fd 49 19 14 19 e3 78 8d 4b Aug 26 18:24:52.651286: | ikev2 g^x 32 05 2f 48 89 b9 8e 5c 10 c6 ac 67 08 5f c9 d1 Aug 26 18:24:52.651291: | ikev2 g^x e3 5e 86 c7 2d ab 82 28 3a 4e 14 05 60 09 69 4f Aug 26 18:24:52.651297: | ikev2 g^x 2d 32 ae d4 f7 04 96 f8 3c fa 1c d0 c3 45 78 04 Aug 26 18:24:52.651299: | ikev2 g^x a3 92 65 b3 69 e1 5b 99 52 b6 ea 69 fe 5b ef 56 Aug 26 18:24:52.651302: | ikev2 g^x 96 19 86 e1 c1 08 25 83 08 60 7c ff b2 b0 47 76 Aug 26 18:24:52.651304: | ikev2 g^x 46 9a 95 97 84 c0 af db b3 60 5b 00 96 98 45 51 Aug 26 18:24:52.651308: | ikev2 g^x 1f b0 dd 22 ce 76 23 f8 3d 49 62 c7 4b 79 3b a1 Aug 26 18:24:52.651311: | ikev2 g^x 9e 93 7a 9f be f9 3f b3 7f 27 b6 f5 44 e3 47 94 Aug 26 18:24:52.651313: | ikev2 g^x ad dc 02 43 78 5c 83 df 18 93 65 7b 31 e0 46 2e Aug 26 18:24:52.651316: | ikev2 g^x bb df ef 0b a3 4d 1d 17 dc e6 c7 52 20 65 03 17 Aug 26 18:24:52.651318: | ikev2 g^x 6d ac ab 98 e0 32 e7 c6 31 b1 ca 9b 51 2b 47 e6 Aug 26 18:24:52.651321: | ikev2 g^x 22 40 d1 4e e0 a3 13 17 1d 6f b3 cc f8 d7 d4 3b Aug 26 18:24:52.651323: | ikev2 g^x f9 c6 93 f1 33 00 24 54 cc c1 12 76 ef 22 26 8f Aug 26 18:24:52.651326: | ikev2 g^x db 24 25 2e 96 48 c8 74 dc bb 00 1f d1 e8 9a 97 Aug 26 18:24:52.651328: | ikev2 g^x 4a 4c a1 ec 5c 9b 38 0a 99 de a3 82 53 aa c9 a3 Aug 26 18:24:52.651331: | ikev2 g^x fa b2 1f a3 f2 d4 6e 93 70 4d cf ae db 1a 92 99 Aug 26 18:24:52.651333: | ikev2 g^x b2 6c 29 8e 92 43 27 64 19 7c 19 57 d6 d9 67 1a Aug 26 18:24:52.651336: | ikev2 g^x b8 46 50 7e b1 d2 9c 4a bf ab 6c 8f aa 04 dc 50 Aug 26 18:24:52.651338: | ikev2 g^x 16 6a ed 5f f6 58 ed 12 00 16 78 d0 59 ac 53 a1 Aug 26 18:24:52.651340: | ikev2 g^x c7 91 0c dc 55 ec 45 b5 04 f8 93 00 61 e5 49 71 Aug 26 18:24:52.651343: | ikev2 g^x aa 04 31 5c 51 f3 4c be ad 43 4f d5 3b f8 00 30 Aug 26 18:24:52.651345: | emitting length of IKEv2 Key Exchange Payload: 392 Aug 26 18:24:52.651348: | ****emit IKEv2 Traffic Selector - Initiator - Payload: Aug 26 18:24:52.651351: | next payload type: ISAKMP_NEXT_v2NONE (0x0) Aug 26 18:24:52.651354: | flags: none (0x0) Aug 26 18:24:52.651356: | number of TS: 1 (0x1) Aug 26 18:24:52.651359: | next payload chain: setting previous 'IKEv2 Key Exchange Payload'.'next payload type' to current IKEv2 Traffic Selector - Initiator - Payload (44:ISAKMP_NEXT_v2TSi) Aug 26 18:24:52.651362: | next payload chain: saving location 'IKEv2 Traffic Selector - Initiator - Payload'.'next payload type' in 'reply packet' Aug 26 18:24:52.651365: | *****emit IKEv2 Traffic Selector: Aug 26 18:24:52.651368: | TS type: IKEv2_TS_IPV4_ADDR_RANGE (0x7) Aug 26 18:24:52.651370: | IP Protocol ID: 0 (0x0) Aug 26 18:24:52.651373: | start port: 0 (0x0) Aug 26 18:24:52.651376: | end port: 65535 (0xffff) Aug 26 18:24:52.651379: | emitting 4 raw bytes of ipv4 start into IKEv2 Traffic Selector Aug 26 18:24:52.651381: | ipv4 start c0 00 02 00 Aug 26 18:24:52.651384: | emitting 4 raw bytes of ipv4 end into IKEv2 Traffic Selector Aug 26 18:24:52.651386: | ipv4 end c0 00 02 ff Aug 26 18:24:52.651389: | emitting length of IKEv2 Traffic Selector: 16 Aug 26 18:24:52.651392: | emitting length of IKEv2 Traffic Selector - Initiator - Payload: 24 Aug 26 18:24:52.651395: | ****emit IKEv2 Traffic Selector - Responder - Payload: Aug 26 18:24:52.651397: | next payload type: ISAKMP_NEXT_v2NONE (0x0) Aug 26 18:24:52.651400: | flags: none (0x0) Aug 26 18:24:52.651403: | number of TS: 1 (0x1) Aug 26 18:24:52.651406: | next payload chain: setting previous 'IKEv2 Traffic Selector - Initiator - Payload'.'next payload type' to current IKEv2 Traffic Selector - Responder - Payload (45:ISAKMP_NEXT_v2TSr) Aug 26 18:24:52.651409: | next payload chain: saving location 'IKEv2 Traffic Selector - Responder - Payload'.'next payload type' in 'reply packet' Aug 26 18:24:52.651411: | *****emit IKEv2 Traffic Selector: Aug 26 18:24:52.651414: | TS type: IKEv2_TS_IPV4_ADDR_RANGE (0x7) Aug 26 18:24:52.651416: | IP Protocol ID: 0 (0x0) Aug 26 18:24:52.651419: | start port: 0 (0x0) Aug 26 18:24:52.651421: | end port: 65535 (0xffff) Aug 26 18:24:52.651424: | emitting 4 raw bytes of ipv4 start into IKEv2 Traffic Selector Aug 26 18:24:52.651427: | ipv4 start c0 00 03 00 Aug 26 18:24:52.651429: | emitting 4 raw bytes of ipv4 end into IKEv2 Traffic Selector Aug 26 18:24:52.651432: | ipv4 end c0 00 03 ff Aug 26 18:24:52.651434: | emitting length of IKEv2 Traffic Selector: 16 Aug 26 18:24:52.651437: | emitting length of IKEv2 Traffic Selector - Responder - Payload: 24 Aug 26 18:24:52.651440: | Initiator child policy is compress=no, NOT sending v2N_IPCOMP_SUPPORTED Aug 26 18:24:52.651446: | integ=sha2_512: .key_size=64 encrypt=aes: .key_size=16 .salt_size=0 keymat_len=80 Aug 26 18:24:52.651788: | install_ipsec_sa() for #6: inbound and outbound Aug 26 18:24:52.651795: | could_route called for north-eastnets/0x1 (kind=CK_PERMANENT) Aug 26 18:24:52.651798: | FOR_EACH_CONNECTION_... in route_owner Aug 26 18:24:52.651801: | conn north-eastnets/0x1 mark 0/00000000, 0/00000000 vs Aug 26 18:24:52.651804: | conn north-eastnets/0x2 mark 0/00000000, 0/00000000 Aug 26 18:24:52.651808: | conn north-eastnets/0x1 mark 0/00000000, 0/00000000 vs Aug 26 18:24:52.651811: | conn north-eastnets/0x1 mark 0/00000000, 0/00000000 Aug 26 18:24:52.651815: | route owner of "north-eastnets/0x1" erouted: self; eroute owner: self Aug 26 18:24:52.651820: | looking for alg with encrypt: AES_CBC keylen: 128 integ: HMAC_SHA2_512_256 Aug 26 18:24:52.651823: | encrypt AES_CBC keylen=128 transid=12, key_size=16, encryptalg=12 Aug 26 18:24:52.651826: | st->st_esp.keymat_len=80 is encrypt_keymat_size=16 + integ_keymat_size=64 Aug 26 18:24:52.651831: | setting IPsec SA replay-window to 32 Aug 26 18:24:52.651835: | NIC esp-hw-offload not for connection 'north-eastnets/0x1' not available on interface eth1 Aug 26 18:24:52.651838: | netlink: enabling tunnel mode Aug 26 18:24:52.651841: | netlink: setting IPsec SA replay-window to 32 using old-style req Aug 26 18:24:52.651844: | netlink: esp-hw-offload not set for IPsec SA Aug 26 18:24:52.651934: | netlink response for Add SA esp.1cfe181f@192.1.2.23 included non-error error Aug 26 18:24:52.651940: | set up outgoing SA, ref=0/0 Aug 26 18:24:52.651943: | looking for alg with encrypt: AES_CBC keylen: 128 integ: HMAC_SHA2_512_256 Aug 26 18:24:52.651947: | encrypt AES_CBC keylen=128 transid=12, key_size=16, encryptalg=12 Aug 26 18:24:52.651950: | st->st_esp.keymat_len=80 is encrypt_keymat_size=16 + integ_keymat_size=64 Aug 26 18:24:52.651955: | setting IPsec SA replay-window to 32 Aug 26 18:24:52.651958: | NIC esp-hw-offload not for connection 'north-eastnets/0x1' not available on interface eth1 Aug 26 18:24:52.651961: | netlink: enabling tunnel mode Aug 26 18:24:52.651964: | netlink: setting IPsec SA replay-window to 32 using old-style req Aug 26 18:24:52.651967: | netlink: esp-hw-offload not set for IPsec SA Aug 26 18:24:52.652020: | netlink response for Add SA esp.2dacdcda@192.1.3.33 included non-error error Aug 26 18:24:52.652025: | set up incoming SA, ref=0/0 Aug 26 18:24:52.652028: | sr for #6: erouted Aug 26 18:24:52.652032: | route_and_eroute() for proto 0, and source port 0 dest port 0 Aug 26 18:24:52.652035: | FOR_EACH_CONNECTION_... in route_owner Aug 26 18:24:52.652038: | conn north-eastnets/0x1 mark 0/00000000, 0/00000000 vs Aug 26 18:24:52.652041: | conn north-eastnets/0x2 mark 0/00000000, 0/00000000 Aug 26 18:24:52.652044: | conn north-eastnets/0x1 mark 0/00000000, 0/00000000 vs Aug 26 18:24:52.652048: | conn north-eastnets/0x1 mark 0/00000000, 0/00000000 Aug 26 18:24:52.652052: | route owner of "north-eastnets/0x1" erouted: self; eroute owner: self Aug 26 18:24:52.652056: | route_and_eroute with c: north-eastnets/0x1 (next: none) ero:north-eastnets/0x1 esr:{(nil)} ro:north-eastnets/0x1 rosr:{(nil)} and state: #6 Aug 26 18:24:52.652060: | priority calculation of connection "north-eastnets/0x1" is 0xfe7e7 Aug 26 18:24:52.652069: | eroute_connection replace eroute 192.0.3.0/24:0 --0-> 192.0.2.0/24:0 => tun.0@192.1.2.23>tun.0@192.1.2.23 (raw_eroute) Aug 26 18:24:52.652074: | IPsec Sa SPD priority set to 1042407 Aug 26 18:24:52.652105: | raw_eroute result=success Aug 26 18:24:52.652110: | route_and_eroute: firewall_notified: true Aug 26 18:24:52.652114: | route_and_eroute: instance "north-eastnets/0x1", setting eroute_owner {spd=0x55ce53a71940,sr=0x55ce53a71940} to #6 (was #3) (newest_ipsec_sa=#3) Aug 26 18:24:52.652176: | #2 spent 0.387 milliseconds in install_ipsec_sa() Aug 26 18:24:52.652183: | ISAKMP_v2_CREATE_CHILD_SA: instance north-eastnets/0x1[0], setting IKEv2 newest_ipsec_sa to #6 (was #3) (spd.eroute=#6) cloned from #2 Aug 26 18:24:52.652188: | adding 16 bytes of padding (including 1 byte padding-length) Aug 26 18:24:52.652192: | emitting 1 0x00 repeated bytes of padding and length into IKEv2 Encryption Payload Aug 26 18:24:52.652196: | emitting 1 0x01 repeated bytes of padding and length into IKEv2 Encryption Payload Aug 26 18:24:52.652199: | emitting 1 0x02 repeated bytes of padding and length into IKEv2 Encryption Payload Aug 26 18:24:52.652202: | emitting 1 0x03 repeated bytes of padding and length into IKEv2 Encryption Payload Aug 26 18:24:52.652205: | emitting 1 0x04 repeated bytes of padding and length into IKEv2 Encryption Payload Aug 26 18:24:52.652208: | emitting 1 0x05 repeated bytes of padding and length into IKEv2 Encryption Payload Aug 26 18:24:52.652211: | emitting 1 0x06 repeated bytes of padding and length into IKEv2 Encryption Payload Aug 26 18:24:52.652214: | emitting 1 0x07 repeated bytes of padding and length into IKEv2 Encryption Payload Aug 26 18:24:52.652217: | emitting 1 0x08 repeated bytes of padding and length into IKEv2 Encryption Payload Aug 26 18:24:52.652220: | emitting 1 0x09 repeated bytes of padding and length into IKEv2 Encryption Payload Aug 26 18:24:52.652223: | emitting 1 0x0a repeated bytes of padding and length into IKEv2 Encryption Payload Aug 26 18:24:52.652226: | emitting 1 0x0b repeated bytes of padding and length into IKEv2 Encryption Payload Aug 26 18:24:52.652229: | emitting 1 0x0c repeated bytes of padding and length into IKEv2 Encryption Payload Aug 26 18:24:52.652232: | emitting 1 0x0d repeated bytes of padding and length into IKEv2 Encryption Payload Aug 26 18:24:52.652235: | emitting 1 0x0e repeated bytes of padding and length into IKEv2 Encryption Payload Aug 26 18:24:52.652238: | emitting 1 0x0f repeated bytes of padding and length into IKEv2 Encryption Payload Aug 26 18:24:52.652241: | emitting 16 zero bytes of length of truncated HMAC/KEY into IKEv2 Encryption Payload Aug 26 18:24:52.652244: | emitting length of IKEv2 Encryption Payload: 580 Aug 26 18:24:52.652247: | emitting length of ISAKMP Message: 608 Aug 26 18:24:52.652276: | data being hmac: df 94 67 26 a0 0a d8 6e 82 6d 3e 8a e9 b9 76 8e Aug 26 18:24:52.652280: | data being hmac: 2e 20 24 20 00 00 00 02 00 00 02 60 21 00 02 44 Aug 26 18:24:52.652283: | data being hmac: f9 b8 6b bd 0b c8 4a df e1 ee a7 3c 78 79 6e d3 Aug 26 18:24:52.652286: | data being hmac: 7d a1 04 0b c8 31 ef d3 82 38 8a 3c 55 dc 13 74 Aug 26 18:24:52.652320: | data being hmac: 08 0d b4 a0 63 e3 a1 b4 b9 da 7c c3 58 a0 b0 b8 Aug 26 18:24:52.652327: | data being hmac: b9 04 cc da ac 6a 6f c8 2d 10 d3 05 72 c5 2b c4 Aug 26 18:24:52.652331: | data being hmac: 55 f8 d4 3a 61 b0 41 65 5f 89 b4 ea e9 0e 07 70 Aug 26 18:24:52.652333: | data being hmac: 02 15 17 df b0 08 f9 3b 99 dd 2a c6 96 ca 80 8c Aug 26 18:24:52.652336: | data being hmac: 7f 9a 4f fc a8 79 08 11 a6 15 61 25 17 96 64 4d Aug 26 18:24:52.652338: | data being hmac: 39 5a 92 55 ac b5 07 73 29 dc 22 be 60 7c b7 8f Aug 26 18:24:52.652341: | data being hmac: a4 af e7 17 08 5f ca 4e d2 61 e6 6b 37 cf f2 d3 Aug 26 18:24:52.652344: | data being hmac: df c4 78 9f d5 d6 53 d9 7e 97 f1 cd d4 8f f0 93 Aug 26 18:24:52.652346: | data being hmac: e0 6e 67 69 7f ee a7 30 43 17 46 fc 63 2a 71 74 Aug 26 18:24:52.652349: | data being hmac: 86 a2 db f8 c7 51 43 e7 d7 6f 22 6d ea 35 77 a3 Aug 26 18:24:52.652351: | data being hmac: df c0 b5 1b ed 6b 7e 31 cf 31 22 83 62 ed b6 d4 Aug 26 18:24:52.652354: | data being hmac: 1c 02 cb e9 bf 72 f2 1c 60 a4 93 35 bb 0f 09 08 Aug 26 18:24:52.652356: | data being hmac: 64 a9 34 08 45 5d 24 b1 e1 45 7a fb 7f 44 3e e4 Aug 26 18:24:52.652359: | data being hmac: 88 fb 4d 07 2e 49 47 94 48 de 83 68 3d fc 32 70 Aug 26 18:24:52.652362: | data being hmac: 5d 0a 35 5c 31 f5 da 01 26 3e 8b fe 8a ca a8 cb Aug 26 18:24:52.652364: | data being hmac: 0f 2c d2 04 b4 97 a3 99 91 f0 18 13 3e 27 64 76 Aug 26 18:24:52.652367: | data being hmac: d4 61 d7 91 a9 ec 62 84 08 0c b5 5e 55 fc 13 0a Aug 26 18:24:52.652369: | data being hmac: 57 03 0f fe 03 8e 63 48 58 b4 51 6e 60 ca b7 c4 Aug 26 18:24:52.652374: | data being hmac: 47 12 8c e9 29 29 8a ce ff 75 47 d0 94 86 96 86 Aug 26 18:24:52.652376: | data being hmac: 3c 25 8e a1 09 80 ec c3 37 fb c3 e7 7a 7c 77 58 Aug 26 18:24:52.652379: | data being hmac: 5b d4 43 4a c4 ef c9 f2 c5 12 1b b9 c5 4e 85 ed Aug 26 18:24:52.652381: | data being hmac: ae e7 ac 07 b9 c3 1f 59 14 dc 4c 91 5b 59 de 40 Aug 26 18:24:52.652384: | data being hmac: ff 5b 4a c1 a0 a0 fb 91 db 4f 3a 42 5d 62 7a 38 Aug 26 18:24:52.652386: | data being hmac: c9 ce 1c 9e b5 f3 2b ae 8a bd cc 0f e9 eb b5 12 Aug 26 18:24:52.652389: | data being hmac: 3a df 03 10 3d a8 4d a0 26 79 24 2a 61 1f b5 11 Aug 26 18:24:52.652391: | data being hmac: 1c 84 94 3a 70 b5 50 7a 0d ff e9 fd db 1b 02 9a Aug 26 18:24:52.652394: | data being hmac: 4d 02 9f 73 16 40 0f 69 36 15 62 1b 62 37 a7 e8 Aug 26 18:24:52.652396: | data being hmac: b1 3f bc bc ed 7a e7 72 07 95 18 bd e1 0f 46 fc Aug 26 18:24:52.652399: | data being hmac: e3 10 bc 12 b4 c7 e6 98 e8 79 5d 42 47 9e 54 8a Aug 26 18:24:52.652401: | data being hmac: d9 21 04 e0 34 1d ba 1d 81 9b 23 fe a2 4a a6 cd Aug 26 18:24:52.652404: | data being hmac: 70 c0 fa c6 ad 41 bc 9a 3b 6e 80 5e 87 3c 07 4d Aug 26 18:24:52.652406: | data being hmac: 3d 4c 88 a8 e2 ce ca 39 28 01 8c f0 70 27 41 a6 Aug 26 18:24:52.652409: | data being hmac: 75 52 da ba 04 7d 5e 69 4d c9 d4 1e 25 d6 6f 31 Aug 26 18:24:52.652411: | out calculated auth: Aug 26 18:24:52.652414: | 68 7c 33 89 29 ba 13 96 98 0a 3c e9 91 7d 60 a6 Aug 26 18:24:52.652423: "north-eastnets/0x1" #6: negotiated new IPsec SA [192.0.3.0-192.0.3.255:0-65535 0] -> [192.0.2.0-192.0.2.255:0-65535 0] Aug 26 18:24:52.652431: | [RE]START processing: state #6 connection "north-eastnets/0x1" from 192.1.2.23:500 (in complete_v2_state_transition() at ikev2.c:3379) Aug 26 18:24:52.652435: | #6 complete_v2_state_transition() V2_CREATE_R->V2_IPSEC_R with status STF_OK Aug 26 18:24:52.652439: | IKEv2: transition from state STATE_V2_CREATE_R to state STATE_V2_IPSEC_R Aug 26 18:24:52.652443: | child state #6: V2_CREATE_R(established IKE SA) => V2_IPSEC_R(established CHILD SA) Aug 26 18:24:52.652446: | Message ID: updating counters for #6 to 2 after switching state Aug 26 18:24:52.652452: | Message ID: recv #2.#6 request 2; ike: initiator.sent=-1 initiator.recv=-1 responder.sent=1 responder.recv=1->2; child: wip.initiator=-1 wip.responder=2->-1 Aug 26 18:24:52.652457: | Message ID: sent #2.#6 response 2; ike: initiator.sent=-1 initiator.recv=-1 responder.sent=1->2 responder.recv=2; child: wip.initiator=-1 wip.responder=-1 Aug 26 18:24:52.652460: | pstats #6 ikev2.child established Aug 26 18:24:52.652467: "north-eastnets/0x1" #6: negotiated connection [192.0.3.0-192.0.3.255:0-65535 0] -> [192.0.2.0-192.0.2.255:0-65535 0] Aug 26 18:24:52.652471: | NAT-T: encaps is 'auto' Aug 26 18:24:52.652475: "north-eastnets/0x1" #6: STATE_V2_IPSEC_R: IPsec SA established tunnel mode {ESP=>0x1cfe181f <0x2dacdcda xfrm=AES_CBC_128-HMAC_SHA2_512_256-MODP3072 NATOA=none NATD=none DPD=passive} Aug 26 18:24:52.652481: | sending V2 new request packet to 192.1.2.23:500 (from 192.1.3.33:500) Aug 26 18:24:52.652487: | sending 608 bytes for STATE_V2_CREATE_R through eth1 from 192.1.3.33:500 to 192.1.2.23:500 (using #2) Aug 26 18:24:52.652489: | df 94 67 26 a0 0a d8 6e 82 6d 3e 8a e9 b9 76 8e Aug 26 18:24:52.652492: | 2e 20 24 20 00 00 00 02 00 00 02 60 21 00 02 44 Aug 26 18:24:52.652494: | f9 b8 6b bd 0b c8 4a df e1 ee a7 3c 78 79 6e d3 Aug 26 18:24:52.652497: | 7d a1 04 0b c8 31 ef d3 82 38 8a 3c 55 dc 13 74 Aug 26 18:24:52.652499: | 08 0d b4 a0 63 e3 a1 b4 b9 da 7c c3 58 a0 b0 b8 Aug 26 18:24:52.652502: | b9 04 cc da ac 6a 6f c8 2d 10 d3 05 72 c5 2b c4 Aug 26 18:24:52.652504: | 55 f8 d4 3a 61 b0 41 65 5f 89 b4 ea e9 0e 07 70 Aug 26 18:24:52.652507: | 02 15 17 df b0 08 f9 3b 99 dd 2a c6 96 ca 80 8c Aug 26 18:24:52.652510: | 7f 9a 4f fc a8 79 08 11 a6 15 61 25 17 96 64 4d Aug 26 18:24:52.652513: | 39 5a 92 55 ac b5 07 73 29 dc 22 be 60 7c b7 8f Aug 26 18:24:52.652516: | a4 af e7 17 08 5f ca 4e d2 61 e6 6b 37 cf f2 d3 Aug 26 18:24:52.652519: | df c4 78 9f d5 d6 53 d9 7e 97 f1 cd d4 8f f0 93 Aug 26 18:24:52.652521: | e0 6e 67 69 7f ee a7 30 43 17 46 fc 63 2a 71 74 Aug 26 18:24:52.652524: | 86 a2 db f8 c7 51 43 e7 d7 6f 22 6d ea 35 77 a3 Aug 26 18:24:52.652526: | df c0 b5 1b ed 6b 7e 31 cf 31 22 83 62 ed b6 d4 Aug 26 18:24:52.652529: | 1c 02 cb e9 bf 72 f2 1c 60 a4 93 35 bb 0f 09 08 Aug 26 18:24:52.652531: | 64 a9 34 08 45 5d 24 b1 e1 45 7a fb 7f 44 3e e4 Aug 26 18:24:52.652534: | 88 fb 4d 07 2e 49 47 94 48 de 83 68 3d fc 32 70 Aug 26 18:24:52.652536: | 5d 0a 35 5c 31 f5 da 01 26 3e 8b fe 8a ca a8 cb Aug 26 18:24:52.652539: | 0f 2c d2 04 b4 97 a3 99 91 f0 18 13 3e 27 64 76 Aug 26 18:24:52.652541: | d4 61 d7 91 a9 ec 62 84 08 0c b5 5e 55 fc 13 0a Aug 26 18:24:52.652544: | 57 03 0f fe 03 8e 63 48 58 b4 51 6e 60 ca b7 c4 Aug 26 18:24:52.652546: | 47 12 8c e9 29 29 8a ce ff 75 47 d0 94 86 96 86 Aug 26 18:24:52.652549: | 3c 25 8e a1 09 80 ec c3 37 fb c3 e7 7a 7c 77 58 Aug 26 18:24:52.652551: | 5b d4 43 4a c4 ef c9 f2 c5 12 1b b9 c5 4e 85 ed Aug 26 18:24:52.652554: | ae e7 ac 07 b9 c3 1f 59 14 dc 4c 91 5b 59 de 40 Aug 26 18:24:52.652556: | ff 5b 4a c1 a0 a0 fb 91 db 4f 3a 42 5d 62 7a 38 Aug 26 18:24:52.652559: | c9 ce 1c 9e b5 f3 2b ae 8a bd cc 0f e9 eb b5 12 Aug 26 18:24:52.652561: | 3a df 03 10 3d a8 4d a0 26 79 24 2a 61 1f b5 11 Aug 26 18:24:52.652563: | 1c 84 94 3a 70 b5 50 7a 0d ff e9 fd db 1b 02 9a Aug 26 18:24:52.652566: | 4d 02 9f 73 16 40 0f 69 36 15 62 1b 62 37 a7 e8 Aug 26 18:24:52.652568: | b1 3f bc bc ed 7a e7 72 07 95 18 bd e1 0f 46 fc Aug 26 18:24:52.652571: | e3 10 bc 12 b4 c7 e6 98 e8 79 5d 42 47 9e 54 8a Aug 26 18:24:52.652574: | d9 21 04 e0 34 1d ba 1d 81 9b 23 fe a2 4a a6 cd Aug 26 18:24:52.652576: | 70 c0 fa c6 ad 41 bc 9a 3b 6e 80 5e 87 3c 07 4d Aug 26 18:24:52.652579: | 3d 4c 88 a8 e2 ce ca 39 28 01 8c f0 70 27 41 a6 Aug 26 18:24:52.652582: | 75 52 da ba 04 7d 5e 69 4d c9 d4 1e 25 d6 6f 31 Aug 26 18:24:52.652584: | 68 7c 33 89 29 ba 13 96 98 0a 3c e9 91 7d 60 a6 Aug 26 18:24:52.652983: | releasing whack for #6 (sock=fd@-1) Aug 26 18:24:52.652990: | releasing whack and unpending for parent #2 Aug 26 18:24:52.652993: | unpending state #2 connection "north-eastnets/0x1" Aug 26 18:24:52.652998: | #6 will start re-keying in 28530 seconds with margin of 270 seconds (attempting re-key) Aug 26 18:24:52.653001: | state #6 requesting EVENT_CRYPTO_TIMEOUT to be deleted Aug 26 18:24:52.653006: | libevent_free: release ptr-libevent@0x7ffa94003060 Aug 26 18:24:52.653009: | free_event_entry: release EVENT_CRYPTO_TIMEOUT-pe@0x55ce53a79c70 Aug 26 18:24:52.653013: | event_schedule: new EVENT_SA_REKEY-pe@0x55ce53a79c70 Aug 26 18:24:52.653016: | inserting event EVENT_SA_REKEY, timeout in 28530 seconds for #6 Aug 26 18:24:52.653020: | libevent_malloc: new ptr-libevent@0x7ffa94003060 size 128 Aug 26 18:24:52.653027: | #6 spent 2 milliseconds in resume sending helper answer Aug 26 18:24:52.653033: | stop processing: state #6 connection "north-eastnets/0x1" from 192.1.2.23:500 (in resume_handler() at server.c:833) Aug 26 18:24:52.653036: | libevent_free: release ptr-libevent@0x7ffaa4006b50 Aug 26 18:25:08.000337: | processing global timer EVENT_SHUNT_SCAN Aug 26 18:25:08.000357: | expiring aged bare shunts from shunt table Aug 26 18:25:08.000363: | spent 0.00402 milliseconds in global timer EVENT_SHUNT_SCAN