FIPS Product: YES
FIPS Kernel: NO
FIPS Mode: NO
NSS DB directory: sql:/etc/ipsec.d
Initializing NSS
Opening NSS database "sql:/etc/ipsec.d" read-only
NSS initialized
NSS crypto library initialized
FIPS HMAC integrity support [enabled]
FIPS mode disabled for pluto daemon
FIPS HMAC integrity verification self-test FAILED
libcap-ng support [enabled]
Linux audit support [enabled]
Linux audit activated
Starting Pluto (Libreswan Version v3.28-685-gbfd5aef521-master-s2 XFRM(netkey) esp-hw-offload FORK PTHREAD_SETSCHEDPRIO NSS (IPsec profile) DNSSEC FIPS_CHECK LABELED_IPSEC SECCOMP LIBCAP_NG LINUX_AUDIT XAUTH_PAM NETWORKMANAGER CURL(non-NSS)) pid:26311
core dump dir: /tmp
secrets file: /etc/ipsec.secrets
leak-detective enabled
NSS crypto [enabled]
XAUTH PAM support [enabled]
| libevent is using pluto's memory allocator
Initializing libevent in pthreads mode: headers: 2.1.8-stable (2010800); library: 2.1.8-stable (2010800)
| libevent_malloc: new ptr-libevent@0x55ef3f7ecaa8 size 40
| libevent_malloc: new ptr-libevent@0x55ef3f7eca28 size 40
| libevent_malloc: new ptr-libevent@0x55ef3f7ec9a8 size 40
| creating event base
| libevent_malloc: new ptr-libevent@0x55ef3f7f0328 size 56
| libevent_malloc: new ptr-libevent@0x55ef3f776178 size 664
| libevent_malloc: new ptr-libevent@0x55ef3f81e0d8 size 24
| libevent_malloc: new ptr-libevent@0x55ef3f81e128 size 384
| libevent_malloc: new ptr-libevent@0x55ef3f81e098 size 16
| libevent_malloc: new ptr-libevent@0x55ef3f7ec928 size 40
| libevent_malloc: new ptr-libevent@0x55ef3f7ec8a8 size 48
| libevent_realloc: new ptr-libevent@0x55ef3f775e08 size 256
| libevent_malloc: new ptr-libevent@0x55ef3f81e2d8 size 16
| libevent_free: release ptr-libevent@0x55ef3f7f0328
| libevent initialized
| libevent_realloc: new ptr-libevent@0x55ef3f7f0328 size 64
| global periodic timer EVENT_RESET_LOG_RATE_LIMIT enabled with interval of 3600 seconds
| init_nat_traversal() initialized with keep_alive=0s
NAT-Traversal support  [enabled]
| global one-shot timer EVENT_NAT_T_KEEPALIVE initialized
| global one-shot timer EVENT_FREE_ROOT_CERTS initialized
| global periodic timer EVENT_REINIT_SECRET enabled with interval of 3600 seconds
| global one-shot timer EVENT_REVIVE_CONNS initialized
| global periodic timer EVENT_PENDING_DDNS enabled with interval of 60 seconds
| global periodic timer EVENT_PENDING_PHASE2 enabled with interval of 120 seconds
Encryption algorithms:
  AES_CCM_16              IKEv1:     ESP     IKEv2:     ESP     FIPS  {256,192,*128}  aes_ccm, aes_ccm_c
  AES_CCM_12              IKEv1:     ESP     IKEv2:     ESP     FIPS  {256,192,*128}  aes_ccm_b
  AES_CCM_8               IKEv1:     ESP     IKEv2:     ESP     FIPS  {256,192,*128}  aes_ccm_a
  3DES_CBC                IKEv1: IKE ESP     IKEv2: IKE ESP     FIPS  [*192]  3des
  CAMELLIA_CTR            IKEv1:     ESP     IKEv2:     ESP           {256,192,*128}
  CAMELLIA_CBC            IKEv1: IKE ESP     IKEv2: IKE ESP           {256,192,*128}  camellia
  AES_GCM_16              IKEv1:     ESP     IKEv2: IKE ESP     FIPS  {256,192,*128}  aes_gcm, aes_gcm_c
  AES_GCM_12              IKEv1:     ESP     IKEv2: IKE ESP     FIPS  {256,192,*128}  aes_gcm_b
  AES_GCM_8               IKEv1:     ESP     IKEv2: IKE ESP     FIPS  {256,192,*128}  aes_gcm_a
  AES_CTR                 IKEv1: IKE ESP     IKEv2: IKE ESP     FIPS  {256,192,*128}  aesctr
  AES_CBC                 IKEv1: IKE ESP     IKEv2: IKE ESP     FIPS  {256,192,*128}  aes
  SERPENT_CBC             IKEv1: IKE ESP     IKEv2: IKE ESP           {256,192,*128}  serpent
  TWOFISH_CBC             IKEv1: IKE ESP     IKEv2: IKE ESP           {256,192,*128}  twofish
  TWOFISH_SSH             IKEv1: IKE         IKEv2: IKE ESP           {256,192,*128}  twofish_cbc_ssh
  NULL_AUTH_AES_GMAC      IKEv1:     ESP     IKEv2:     ESP     FIPS  {256,192,*128}  aes_gmac
  NULL                    IKEv1:     ESP     IKEv2:     ESP           []
  CHACHA20_POLY1305       IKEv1:             IKEv2: IKE ESP           [*256]  chacha20poly1305
Hash algorithms:
  MD5                     IKEv1: IKE         IKEv2:                 
  SHA1                    IKEv1: IKE         IKEv2:             FIPS  sha
  SHA2_256                IKEv1: IKE         IKEv2:             FIPS  sha2, sha256
  SHA2_384                IKEv1: IKE         IKEv2:             FIPS  sha384
  SHA2_512                IKEv1: IKE         IKEv2:             FIPS  sha512
PRF algorithms:
  HMAC_MD5                IKEv1: IKE         IKEv2: IKE               md5
  HMAC_SHA1               IKEv1: IKE         IKEv2: IKE         FIPS  sha, sha1
  HMAC_SHA2_256           IKEv1: IKE         IKEv2: IKE         FIPS  sha2, sha256, sha2_256
  HMAC_SHA2_384           IKEv1: IKE         IKEv2: IKE         FIPS  sha384, sha2_384
  HMAC_SHA2_512           IKEv1: IKE         IKEv2: IKE         FIPS  sha512, sha2_512
  AES_XCBC                IKEv1:             IKEv2: IKE               aes128_xcbc
Integrity algorithms:
  HMAC_MD5_96             IKEv1: IKE ESP AH  IKEv2: IKE ESP AH        md5, hmac_md5
  HMAC_SHA1_96            IKEv1: IKE ESP AH  IKEv2: IKE ESP AH  FIPS  sha, sha1, sha1_96, hmac_sha1
  HMAC_SHA2_512_256       IKEv1: IKE ESP AH  IKEv2: IKE ESP AH  FIPS  sha512, sha2_512, sha2_512_256, hmac_sha2_512
  HMAC_SHA2_384_192       IKEv1: IKE ESP AH  IKEv2: IKE ESP AH  FIPS  sha384, sha2_384, sha2_384_192, hmac_sha2_384
  HMAC_SHA2_256_128       IKEv1: IKE ESP AH  IKEv2: IKE ESP AH  FIPS  sha2, sha256, sha2_256, sha2_256_128, hmac_sha2_256
  HMAC_SHA2_256_TRUNCBUG  IKEv1:     ESP AH  IKEv2:         AH      
  AES_XCBC_96             IKEv1:     ESP AH  IKEv2: IKE ESP AH        aes_xcbc, aes128_xcbc, aes128_xcbc_96
  AES_CMAC_96             IKEv1:     ESP AH  IKEv2:     ESP AH  FIPS  aes_cmac
  NONE                    IKEv1:     ESP     IKEv2: IKE ESP     FIPS  null
DH algorithms:
  NONE                    IKEv1:             IKEv2: IKE ESP AH  FIPS  null, dh0
  MODP1536                IKEv1: IKE ESP AH  IKEv2: IKE ESP AH        dh5
  MODP2048                IKEv1: IKE ESP AH  IKEv2: IKE ESP AH  FIPS  dh14
  MODP3072                IKEv1: IKE ESP AH  IKEv2: IKE ESP AH  FIPS  dh15
  MODP4096                IKEv1: IKE ESP AH  IKEv2: IKE ESP AH  FIPS  dh16
  MODP6144                IKEv1: IKE ESP AH  IKEv2: IKE ESP AH  FIPS  dh17
  MODP8192                IKEv1: IKE ESP AH  IKEv2: IKE ESP AH  FIPS  dh18
  DH19                    IKEv1: IKE         IKEv2: IKE ESP AH  FIPS  ecp_256, ecp256
  DH20                    IKEv1: IKE         IKEv2: IKE ESP AH  FIPS  ecp_384, ecp384
  DH21                    IKEv1: IKE         IKEv2: IKE ESP AH  FIPS  ecp_521, ecp521
  DH31                    IKEv1: IKE         IKEv2: IKE ESP AH        curve25519
testing CAMELLIA_CBC:
  Camellia: 16 bytes with 128-bit key
  Camellia: 16 bytes with 128-bit key
  Camellia: 16 bytes with 256-bit key
  Camellia: 16 bytes with 256-bit key
testing AES_GCM_16:
  empty string
  one block
  two blocks
  two blocks with associated data
testing AES_CTR:
  Encrypting 16 octets using AES-CTR with 128-bit key
  Encrypting 32 octets using AES-CTR with 128-bit key
  Encrypting 36 octets using AES-CTR with 128-bit key
  Encrypting 16 octets using AES-CTR with 192-bit key
  Encrypting 32 octets using AES-CTR with 192-bit key
  Encrypting 36 octets using AES-CTR with 192-bit key
  Encrypting 16 octets using AES-CTR with 256-bit key
  Encrypting 32 octets using AES-CTR with 256-bit key
  Encrypting 36 octets using AES-CTR with 256-bit key
testing AES_CBC:
  Encrypting 16 bytes (1 block) using AES-CBC with 128-bit key
  Encrypting 32 bytes (2 blocks) using AES-CBC with 128-bit key
  Encrypting 48 bytes (3 blocks) using AES-CBC with 128-bit key
  Encrypting 64 bytes (4 blocks) using AES-CBC with 128-bit key
testing AES_XCBC:
  RFC 3566 Test Case #1: AES-XCBC-MAC-96 with 0-byte input
  RFC 3566 Test Case #2: AES-XCBC-MAC-96 with 3-byte input
  RFC 3566 Test Case #3: AES-XCBC-MAC-96 with 16-byte input
  RFC 3566 Test Case #4: AES-XCBC-MAC-96 with 20-byte input
  RFC 3566 Test Case #5: AES-XCBC-MAC-96 with 32-byte input
  RFC 3566 Test Case #6: AES-XCBC-MAC-96 with 34-byte input
  RFC 3566 Test Case #7: AES-XCBC-MAC-96 with 1000-byte input
  RFC 4434 Test Case AES-XCBC-PRF-128 with 20-byte input (key length 16)
  RFC 4434 Test Case AES-XCBC-PRF-128 with 20-byte input (key length 10)
  RFC 4434 Test Case AES-XCBC-PRF-128 with 20-byte input (key length 18)
testing HMAC_MD5:
  RFC 2104: MD5_HMAC test 1
  RFC 2104: MD5_HMAC test 2
  RFC 2104: MD5_HMAC test 3
8 CPU cores online
starting up 7 crypto helpers
started thread for crypto helper 0
| starting up helper thread 0
| status value returned by setting the priority of this thread (crypto helper 0) 22
| crypto helper 0 waiting (nothing to do)
started thread for crypto helper 1
started thread for crypto helper 2
started thread for crypto helper 3
| starting up helper thread 3
| status value returned by setting the priority of this thread (crypto helper 3) 22
| crypto helper 3 waiting (nothing to do)
started thread for crypto helper 4
| starting up helper thread 4
| status value returned by setting the priority of this thread (crypto helper 4) 22
| crypto helper 4 waiting (nothing to do)
started thread for crypto helper 5
| starting up helper thread 5
| status value returned by setting the priority of this thread (crypto helper 5) 22
| crypto helper 5 waiting (nothing to do)
started thread for crypto helper 6
| starting up helper thread 6
| status value returned by setting the priority of this thread (crypto helper 6) 22
| crypto helper 6 waiting (nothing to do)
| checking IKEv1 state table
|   MAIN_R0: category: half-open IKE SA flags: 0:
|     -> MAIN_R1 EVENT_SO_DISCARD
|   MAIN_I1: category: half-open IKE SA flags: 0:
|     -> MAIN_I2 EVENT_RETRANSMIT
|   MAIN_R1: category: open IKE SA flags: 200:
|     -> MAIN_R2 EVENT_RETRANSMIT
|     -> UNDEFINED EVENT_RETRANSMIT
|     -> UNDEFINED EVENT_RETRANSMIT
|   MAIN_I2: category: open IKE SA flags: 0:
|     -> MAIN_I3 EVENT_RETRANSMIT
|     -> UNDEFINED EVENT_RETRANSMIT
|     -> UNDEFINED EVENT_RETRANSMIT
|   MAIN_R2: category: open IKE SA flags: 0:
|     -> MAIN_R3 EVENT_SA_REPLACE
|     -> MAIN_R3 EVENT_SA_REPLACE
|     -> UNDEFINED EVENT_SA_REPLACE
|   MAIN_I3: category: open IKE SA flags: 0:
|     -> MAIN_I4 EVENT_SA_REPLACE
|     -> MAIN_I4 EVENT_SA_REPLACE
|     -> UNDEFINED EVENT_SA_REPLACE
|   MAIN_R3: category: established IKE SA flags: 200:
|     -> UNDEFINED EVENT_NULL
|   MAIN_I4: category: established IKE SA flags: 0:
|     -> UNDEFINED EVENT_NULL
|   AGGR_R0: category: half-open IKE SA flags: 0:
|     -> AGGR_R1 EVENT_SO_DISCARD
|   AGGR_I1: category: half-open IKE SA flags: 0:
|     -> AGGR_I2 EVENT_SA_REPLACE
|     -> AGGR_I2 EVENT_SA_REPLACE
|   AGGR_R1: category: open IKE SA flags: 200:
|     -> AGGR_R2 EVENT_SA_REPLACE
|     -> AGGR_R2 EVENT_SA_REPLACE
|   AGGR_I2: category: established IKE SA flags: 200:
|     -> UNDEFINED EVENT_NULL
|   AGGR_R2: category: established IKE SA flags: 0:
|     -> UNDEFINED EVENT_NULL
|   QUICK_R0: category: established CHILD SA flags: 0:
|     -> QUICK_R1 EVENT_RETRANSMIT
|   QUICK_I1: category: established CHILD SA flags: 0:
|     -> QUICK_I2 EVENT_SA_REPLACE
|   QUICK_R1: category: established CHILD SA flags: 0:
|     -> QUICK_R2 EVENT_SA_REPLACE
|   QUICK_I2: category: established CHILD SA flags: 200:
|     -> UNDEFINED EVENT_NULL
|   QUICK_R2: category: established CHILD SA flags: 0:
|     -> UNDEFINED EVENT_NULL
|   INFO: category: informational flags: 0:
|     -> UNDEFINED EVENT_NULL
|   INFO_PROTECTED: category: informational flags: 0:
|     -> UNDEFINED EVENT_NULL
|   XAUTH_R0: category: established IKE SA flags: 0:
|     -> XAUTH_R1 EVENT_NULL
|   XAUTH_R1: category: established IKE SA flags: 0:
|     -> MAIN_R3 EVENT_SA_REPLACE
|   MODE_CFG_R0: category: informational flags: 0:
|     -> MODE_CFG_R1 EVENT_SA_REPLACE
|   MODE_CFG_R1: category: established IKE SA flags: 0:
|     -> MODE_CFG_R2 EVENT_SA_REPLACE
|   MODE_CFG_R2: category: established IKE SA flags: 0:
|     -> UNDEFINED EVENT_NULL
|   MODE_CFG_I1: category: established IKE SA flags: 0:
|     -> MAIN_I4 EVENT_SA_REPLACE
|   XAUTH_I0: category: established IKE SA flags: 0:
|     -> XAUTH_I1 EVENT_RETRANSMIT
|   XAUTH_I1: category: established IKE SA flags: 0:
|     -> MAIN_I4 EVENT_RETRANSMIT
| checking IKEv2 state table
|   PARENT_I0: category: ignore flags: 0:
|     -> PARENT_I1 EVENT_RETRANSMIT send-request (initiate IKE_SA_INIT)
|   PARENT_I1: category: half-open IKE SA flags: 0:
|     -> PARENT_I1 EVENT_RETAIN send-request (Initiator: process SA_INIT reply notification)
|     -> PARENT_I2 EVENT_RETRANSMIT send-request (Initiator: process IKE_SA_INIT reply, initiate IKE_AUTH)
|   PARENT_I2: category: open IKE SA flags: 0:
|     -> PARENT_I2 EVENT_NULL (Initiator: process INVALID_SYNTAX AUTH notification)
|     -> PARENT_I2 EVENT_NULL (Initiator: process AUTHENTICATION_FAILED AUTH notification)
|     -> PARENT_I2 EVENT_NULL (Initiator: process UNSUPPORTED_CRITICAL_PAYLOAD AUTH notification)
|     -> V2_IPSEC_I EVENT_SA_REPLACE (Initiator: process IKE_AUTH response)
|     -> PARENT_I2 EVENT_NULL (IKE SA: process IKE_AUTH response containing unknown notification)
|   PARENT_I3: category: established IKE SA flags: 0:
|     -> PARENT_I3 EVENT_RETAIN (I3: Informational Request)
|     -> PARENT_I3 EVENT_RETAIN (I3: Informational Response)
|     -> PARENT_I3 EVENT_RETAIN (I3: INFORMATIONAL Request)
|     -> PARENT_I3 EVENT_RETAIN (I3: INFORMATIONAL Response)
|   PARENT_R0: category: half-open IKE SA flags: 0:
|     -> PARENT_R1 EVENT_SO_DISCARD send-request (Respond to IKE_SA_INIT)
|   PARENT_R1: category: half-open IKE SA flags: 0:
|     -> PARENT_R1 EVENT_SA_REPLACE send-request (Responder: process IKE_AUTH request (no SKEYSEED))
|     -> V2_IPSEC_R EVENT_SA_REPLACE send-request (Responder: process IKE_AUTH request)
|   PARENT_R2: category: established IKE SA flags: 0:
|     -> PARENT_R2 EVENT_RETAIN (R2: process Informational Request)
|     -> PARENT_R2 EVENT_RETAIN (R2: process Informational Response)
|     -> PARENT_R2 EVENT_RETAIN (R2: process INFORMATIONAL Request)
|     -> PARENT_R2 EVENT_RETAIN (R2: process INFORMATIONAL Response)
|   V2_CREATE_I0: category: established IKE SA flags: 0:
|     -> V2_CREATE_I EVENT_RETRANSMIT send-request (Initiate CREATE_CHILD_SA IPsec SA)
|   V2_CREATE_I: category: established IKE SA flags: 0:
| starting up helper thread 2
| status value returned by setting the priority of this thread (crypto helper 2) 22
| crypto helper 2 waiting (nothing to do)
|     -> V2_IPSEC_I EVENT_SA_REPLACE (Process CREATE_CHILD_SA IPsec SA Response)
|   V2_REKEY_IKE_I0: category: established IKE SA flags: 0:
|     -> V2_REKEY_IKE_I EVENT_RETRANSMIT send-request (Initiate CREATE_CHILD_SA IKE Rekey)
|   V2_REKEY_IKE_I: category: established IKE SA flags: 0:
|     -> PARENT_I3 EVENT_SA_REPLACE (Process CREATE_CHILD_SA IKE Rekey Response)
|   V2_REKEY_CHILD_I0: category: established IKE SA flags: 0:
|     -> V2_REKEY_CHILD_I EVENT_RETRANSMIT send-request (Initiate CREATE_CHILD_SA IPsec Rekey SA)
|   V2_REKEY_CHILD_I: category: established IKE SA flags: 0: <none>
|   V2_CREATE_R: category: established IKE SA flags: 0:
|     -> V2_IPSEC_R EVENT_SA_REPLACE send-request (Respond to CREATE_CHILD_SA IPsec SA Request)
|   V2_REKEY_IKE_R: category: established IKE SA flags: 0:
|     -> PARENT_R2 EVENT_SA_REPLACE send-request (Respond to CREATE_CHILD_SA IKE Rekey)
|   V2_REKEY_CHILD_R: category: established IKE SA flags: 0: <none>
|   V2_IPSEC_I: category: established CHILD SA flags: 0: <none>
|   V2_IPSEC_R: category: established CHILD SA flags: 0: <none>
|   IKESA_DEL: category: established IKE SA flags: 0:
|     -> IKESA_DEL EVENT_RETAIN (IKE_SA_DEL: process INFORMATIONAL)
|   CHILDSA_DEL: category: informational flags: 0: <none>
Using Linux XFRM/NETKEY IPsec interface code on 5.1.18-200.fc29.x86_64
| starting up helper thread 1
| status value returned by setting the priority of this thread (crypto helper 1) 22
| crypto helper 1 waiting (nothing to do)
| Hard-wiring algorithms
| adding AES_CCM_16 to kernel algorithm db
| adding AES_CCM_12 to kernel algorithm db
| adding AES_CCM_8 to kernel algorithm db
| adding 3DES_CBC to kernel algorithm db
| adding CAMELLIA_CBC to kernel algorithm db
| adding AES_GCM_16 to kernel algorithm db
| adding AES_GCM_12 to kernel algorithm db
| adding AES_GCM_8 to kernel algorithm db
| adding AES_CTR to kernel algorithm db
| adding AES_CBC to kernel algorithm db
| adding SERPENT_CBC to kernel algorithm db
| adding TWOFISH_CBC to kernel algorithm db
| adding NULL_AUTH_AES_GMAC to kernel algorithm db
| adding NULL to kernel algorithm db
| adding CHACHA20_POLY1305 to kernel algorithm db
| adding HMAC_MD5_96 to kernel algorithm db
| adding HMAC_SHA1_96 to kernel algorithm db
| adding HMAC_SHA2_512_256 to kernel algorithm db
| adding HMAC_SHA2_384_192 to kernel algorithm db
| adding HMAC_SHA2_256_128 to kernel algorithm db
| adding HMAC_SHA2_256_TRUNCBUG to kernel algorithm db
| adding AES_XCBC_96 to kernel algorithm db
| adding AES_CMAC_96 to kernel algorithm db
| adding NONE to kernel algorithm db
| net.ipv6.conf.all.disable_ipv6=1 ignore ipv6 holes
| global periodic timer EVENT_SHUNT_SCAN enabled with interval of 20 seconds
| setup kernel fd callback
| add_fd_read_event_handler: new KERNEL_XRM_FD-pe@0x55ef3f81ddf8
| libevent_malloc: new ptr-libevent@0x55ef3f81c418 size 128
| libevent_malloc: new ptr-libevent@0x55ef3f8234f8 size 16
| add_fd_read_event_handler: new KERNEL_ROUTE_FD-pe@0x55ef3f823868
| libevent_malloc: new ptr-libevent@0x55ef3f7f09c8 size 128
| libevent_malloc: new ptr-libevent@0x55ef3f823e18 size 16
| global one-shot timer EVENT_CHECK_CRLS initialized
selinux support is enabled.
| unbound context created - setting debug level to 5
| /etc/hosts lookups activated
| /etc/resolv.conf usage activated
| outgoing-port-avoid set 0-65535
| outgoing-port-permit set 32768-60999
| Loading dnssec root key from:/var/lib/unbound/root.key
| No additional dnssec trust anchors defined via dnssec-trusted= option
| Setting up events, loop start
| add_fd_read_event_handler: new PLUTO_CTL_FD-pe@0x55ef3f823d08
| libevent_malloc: new ptr-libevent@0x55ef3f82fb68 size 128
| libevent_malloc: new ptr-libevent@0x55ef3f83adb8 size 16
| libevent_realloc: new ptr-libevent@0x55ef3f83adf8 size 256
| libevent_malloc: new ptr-libevent@0x55ef3f83af28 size 8
| libevent_realloc: new ptr-libevent@0x55ef3f83af68 size 144
| libevent_malloc: new ptr-libevent@0x55ef3f777798 size 152
| libevent_malloc: new ptr-libevent@0x55ef3f83b028 size 16
| signal event handler PLUTO_SIGCHLD installed
| libevent_malloc: new ptr-libevent@0x55ef3f83b068 size 8
| libevent_malloc: new ptr-libevent@0x55ef3f77ff68 size 152
| signal event handler PLUTO_SIGTERM installed
| libevent_malloc: new ptr-libevent@0x55ef3f83b0a8 size 8
| libevent_malloc: new ptr-libevent@0x55ef3f83b0e8 size 152
| signal event handler PLUTO_SIGHUP installed
| libevent_malloc: new ptr-libevent@0x55ef3f83b1b8 size 8
| libevent_realloc: release ptr-libevent@0x55ef3f83af68
| libevent_realloc: new ptr-libevent@0x55ef3f83b1f8 size 256
| libevent_malloc: new ptr-libevent@0x55ef3f83b328 size 152
| signal event handler PLUTO_SIGSYS installed
| created addconn helper (pid:26424) using fork+execve
| forked child 26424
| accept(whackctlfd, (struct sockaddr *)&whackaddr, &whackaddrlen) -> fd@16 (in whack_handle() at rcv_whack.c:722)
listening for IKE messages
| Inspecting interface lo 
| found lo with address 127.0.0.1
| Inspecting interface eth0 
| found eth0 with address 192.1.3.209
Kernel supports NIC esp-hw-offload
adding interface eth0/eth0 (esp-hw-offload not supported by kernel) 192.1.3.209:500
| NAT-Traversal: Trying sockopt style NAT-T
| NAT-Traversal: ESPINUDP(2) setup succeeded for sockopt style NAT-T family IPv4
adding interface eth0/eth0 192.1.3.209:4500
adding interface lo/lo (esp-hw-offload not supported by kernel) 127.0.0.1:500
| NAT-Traversal: Trying sockopt style NAT-T
| NAT-Traversal: ESPINUDP(2) setup succeeded for sockopt style NAT-T family IPv4
adding interface lo/lo 127.0.0.1:4500
| no interfaces to sort
| FOR_EACH_UNORIENTED_CONNECTION_... in check_orientations
| add_fd_read_event_handler: new ethX-pe@0x55ef3f83b728
| libevent_malloc: new ptr-libevent@0x55ef3f82fab8 size 128
| libevent_malloc: new ptr-libevent@0x55ef3f83b798 size 16
| setup callback for interface lo 127.0.0.1:4500 fd 20
| add_fd_read_event_handler: new ethX-pe@0x55ef3f83b7d8
| libevent_malloc: new ptr-libevent@0x55ef3f7f0a78 size 128
| libevent_malloc: new ptr-libevent@0x55ef3f83b848 size 16
| setup callback for interface lo 127.0.0.1:500 fd 19
| add_fd_read_event_handler: new ethX-pe@0x55ef3f83b888
| libevent_malloc: new ptr-libevent@0x55ef3f7f0398 size 128
| libevent_malloc: new ptr-libevent@0x55ef3f83b8f8 size 16
| setup callback for interface eth0 192.1.3.209:4500 fd 18
| add_fd_read_event_handler: new ethX-pe@0x55ef3f83b938
| libevent_malloc: new ptr-libevent@0x55ef3f81db98 size 128
| libevent_malloc: new ptr-libevent@0x55ef3f83b9a8 size 16
| setup callback for interface eth0 192.1.3.209:500 fd 17
| certs and keys locked by 'free_preshared_secrets'
| certs and keys unlocked by 'free_preshared_secrets'
loading secrets from "/etc/ipsec.secrets"
| id type added to secret(0x55ef3f749c48) PKK_PSK: %any
| id type added to secret(0x55ef3f749c48) PKK_PSK: %any
| Processing PSK at line 10: passed
| certs and keys locked by 'process_secret'
| certs and keys unlocked by 'process_secret'
| id type added to secret(0x55ef3f83bb28) PKK_PSK: @west
| id type added to secret(0x55ef3f83bb28) PKK_PSK: @east
| Processing PSK at line 12: passed
| certs and keys locked by 'process_secret'
| certs and keys unlocked by 'process_secret'
| id type added to secret(0x55ef3f83d238) PKK_PSK: @roadrandom
| id type added to secret(0x55ef3f83d238) PKK_PSK: @east
| Processing PSK at line 13: passed
| certs and keys locked by 'process_secret'
| certs and keys unlocked by 'process_secret'
| close_any(fd@16) (in whack_process() at rcv_whack.c:700)
| spent 0.677 milliseconds in whack
| accept(whackctlfd, (struct sockaddr *)&whackaddr, &whackaddrlen) -> fd@16 (in whack_handle() at rcv_whack.c:722)
listening for IKE messages
| Inspecting interface lo 
| found lo with address 127.0.0.1
| Inspecting interface eth0 
| found eth0 with address 192.1.3.209
| no interfaces to sort
| libevent_free: release ptr-libevent@0x55ef3f82fab8
| free_event_entry: release EVENT_NULL-pe@0x55ef3f83b728
| add_fd_read_event_handler: new ethX-pe@0x55ef3f83b728
| libevent_malloc: new ptr-libevent@0x55ef3f82fab8 size 128
| setup callback for interface lo 127.0.0.1:4500 fd 20
| libevent_free: release ptr-libevent@0x55ef3f7f0a78
| free_event_entry: release EVENT_NULL-pe@0x55ef3f83b7d8
| add_fd_read_event_handler: new ethX-pe@0x55ef3f83b7d8
| libevent_malloc: new ptr-libevent@0x55ef3f7f0a78 size 128
| setup callback for interface lo 127.0.0.1:500 fd 19
| libevent_free: release ptr-libevent@0x55ef3f7f0398
| free_event_entry: release EVENT_NULL-pe@0x55ef3f83b888
| add_fd_read_event_handler: new ethX-pe@0x55ef3f83b888
| libevent_malloc: new ptr-libevent@0x55ef3f7f0398 size 128
| setup callback for interface eth0 192.1.3.209:4500 fd 18
| libevent_free: release ptr-libevent@0x55ef3f81db98
| free_event_entry: release EVENT_NULL-pe@0x55ef3f83b938
| add_fd_read_event_handler: new ethX-pe@0x55ef3f83b938
| libevent_malloc: new ptr-libevent@0x55ef3f81db98 size 128
| setup callback for interface eth0 192.1.3.209:500 fd 17
| certs and keys locked by 'free_preshared_secrets'
forgetting secrets
| certs and keys unlocked by 'free_preshared_secrets'
loading secrets from "/etc/ipsec.secrets"
| id type added to secret(0x55ef3f749c48) PKK_PSK: %any
| id type added to secret(0x55ef3f749c48) PKK_PSK: %any
| Processing PSK at line 10: passed
| certs and keys locked by 'process_secret'
| certs and keys unlocked by 'process_secret'
| id type added to secret(0x55ef3f83bb28) PKK_PSK: @west
| id type added to secret(0x55ef3f83bb28) PKK_PSK: @east
| Processing PSK at line 12: passed
| certs and keys locked by 'process_secret'
| certs and keys unlocked by 'process_secret'
| id type added to secret(0x55ef3f83d238) PKK_PSK: @roadrandom
| id type added to secret(0x55ef3f83d238) PKK_PSK: @east
| Processing PSK at line 13: passed
| certs and keys locked by 'process_secret'
| certs and keys unlocked by 'process_secret'
| close_any(fd@16) (in whack_process() at rcv_whack.c:700)
| spent 0.738 milliseconds in whack
| processing signal PLUTO_SIGCHLD
| waitpid returned pid 26424 (exited with status 0)
| reaped addconn helper child (status 0)
| waitpid returned ECHILD (no child processes left)
| spent 0.0218 milliseconds in signal handler PLUTO_SIGCHLD
| accept(whackctlfd, (struct sockaddr *)&whackaddr, &whackaddrlen) -> fd@16 (in whack_handle() at rcv_whack.c:722)
| FOR_EACH_CONNECTION_... in conn_by_name
| FOR_EACH_CONNECTION_... in foreach_connection_by_alias
| FOR_EACH_CONNECTION_... in conn_by_name
| FOR_EACH_CONNECTION_... in foreach_connection_by_alias
| FOR_EACH_CONNECTION_... in conn_by_name
| Added new connection road-east with policy PSK+ENCRYPT+TUNNEL+PFS+XAUTH+MODECFG_PULL+AGGRESSIVE+IKEV1_ALLOW+SAREF_TRACK+IKE_FRAG_ALLOW+ESN_NO
| counting wild cards for @roadrandom is 0
| counting wild cards for @east is 0
| connect_to_host_pair: 192.1.3.209:500 192.1.2.23:500 -> hp@(nil): none
| new hp@0x55ef3f83c988
added connection description "road-east"
| ike_life: 3600s; ipsec_life: 28800s; rekey_margin: 540s; rekey_fuzz: 100%; keyingtries: 1; replay_window: 32; policy: PSK+ENCRYPT+TUNNEL+PFS+XAUTH+MODECFG_PULL+AGGRESSIVE+IKEV1_ALLOW+SAREF_TRACK+IKE_FRAG_ALLOW+ESN_NO
| 192.1.3.209/32===192.1.3.209<192.1.3.209>[@roadrandom,+MC+XC+S=C]...192.1.2.23<192.1.2.23>[@east,MS+XS+S=C]===192.0.2.0/24
| close_any(fd@16) (in whack_process() at rcv_whack.c:700)
| spent 0.0943 milliseconds in whack
| accept(whackctlfd, (struct sockaddr *)&whackaddr, &whackaddrlen) -> fd@16 (in whack_handle() at rcv_whack.c:722)
| old debugging base+cpu-usage + none
| base debugging = base+cpu-usage
| old impairing none + drop-xauth-r0
| base impairing = drop-xauth-r0
| close_any(fd@16) (in whack_process() at rcv_whack.c:700)
| spent 0.0477 milliseconds in whack
| accept(whackctlfd, (struct sockaddr *)&whackaddr, &whackaddrlen) -> fd@16 (in whack_handle() at rcv_whack.c:722)
| dup_any(fd@16) -> fd@21 (in whack_process() at rcv_whack.c:590)
| FOR_EACH_CONNECTION_... in conn_by_name
| start processing: connection "road-east" (in initiate_a_connection() at initiate.c:186)
| empty esp_info, returning defaults for ENCRYPT
| connection 'road-east' +POLICY_UP
| dup_any(fd@21) -> fd@22 (in initiate_a_connection() at initiate.c:342)
| FOR_EACH_STATE_... in find_phase1_state
"road-east": IKEv1 Aggressive Mode with PSK is vulnerable to dictionary attacks and is cracked on large scale by TLA's
| creating state object #1 at 0x55ef3f83d488
| State DB: adding IKEv1 state #1 in UNDEFINED
| pstats #1 ikev1.isakmp started
| parent state #1: UNDEFINED(ignore) => AGGR_I1(half-open IKE SA)
| suspend processing: connection "road-east" (in aggr_outI1() at ikev1_aggr.c:1015)
| start processing: state #1 connection "road-east" from 192.1.2.23 (in aggr_outI1() at ikev1_aggr.c:1015)
| no specific IKE algorithms specified - using defaults
| oakley_alg_makedb() processing ealg=aes=7 halg=sha2_256=4 modp=MODP2048=14 eklen=0
| oakley_alg_makedb() processing ealg=aes=7 halg=sha2_512=6 modp=MODP2048=14 eklen=0
| oakley_alg_makedb() processing ealg=aes=7 halg=sha=2 modp=MODP2048=14 eklen=0
| oakley_alg_makedb() processing ealg=aes=7 halg=sha2_256=4 modp=MODP1536=5 eklen=0
"road-east" #1: multiple DH groups in aggressive mode can cause interop failure
"road-east" #1: Deleting previous proposal in the hopes of selecting DH 2 or DH 5
| oakley_alg_makedb() processing ealg=aes=7 halg=sha2_512=6 modp=MODP1536=5 eklen=0
| oakley_alg_makedb() processing ealg=aes=7 halg=sha=2 modp=MODP1536=5 eklen=0
| oakley_alg_makedb() processing ealg=3des_cbc=5 halg=sha2_256=4 modp=MODP2048=14 eklen=0
"road-east" #1: transform (OAKLEY_3DES_CBC,OAKLEY_SHA2_256,MODP2048 keylen 0) ignored.
| oakley_alg_makedb() processing ealg=3des_cbc=5 halg=sha2_512=6 modp=MODP2048=14 eklen=0
"road-east" #1: transform (OAKLEY_3DES_CBC,OAKLEY_SHA2_512,MODP2048 keylen 0) ignored.
| oakley_alg_makedb() processing ealg=3des_cbc=5 halg=sha=2 modp=MODP2048=14 eklen=0
"road-east" #1: transform (OAKLEY_3DES_CBC,OAKLEY_SHA1,MODP2048 keylen 0) ignored.
| oakley_alg_makedb() processing ealg=3des_cbc=5 halg=sha2_256=4 modp=MODP1536=5 eklen=0
| oakley_alg_makedb() processing ealg=3des_cbc=5 halg=sha2_512=6 modp=MODP1536=5 eklen=0
| oakley_alg_makedb() processing ealg=3des_cbc=5 halg=sha=2 modp=MODP1536=5 eklen=0
| oakley_alg_makedb() returning 0x55ef3f83ee68
| initiating aggressive mode with IKE=E=7-H=4-M=5
| dup_any(fd@22) -> fd@23 (in aggr_outI1() at ikev1_aggr.c:1031)
| Queuing pending IPsec SA negotiating with 192.1.2.23 "road-east" IKE SA #1 "road-east"
"road-east" #1: initiating Aggressive Mode
| adding aggr_outI1 KE + nonce work-order 1 for state #1
| event_schedule: new EVENT_CRYPTO_TIMEOUT-pe@0x55ef3f83eb48
| inserting event EVENT_CRYPTO_TIMEOUT, timeout in 60 seconds for #1
| libevent_malloc: new ptr-libevent@0x55ef3f81dc98 size 128
| #1 spent 0.169 milliseconds in aggr_outI1()
| crypto helper 0 resuming
| crypto helper 0 starting work-order 1 for state #1
| crypto helper 0 doing build KE and nonce (aggr_outI1 KE + nonce); request ID 1
| processing: RESET whack log_fd (was fd@16) (in aggr_outI1() at ikev1_aggr.c:1054)
| RESET processing: state #1 connection "road-east" from 192.1.2.23 (in aggr_outI1() at ikev1_aggr.c:1054)
| RESET processing: connection "road-east" (in aggr_outI1() at ikev1_aggr.c:1054)
| processing: STOP connection NULL (in initiate_a_connection() at initiate.c:349)
| close_any(fd@21) (in initiate_connection() at initiate.c:372)
| close_any(fd@16) (in whack_process() at rcv_whack.c:700)
| spent 0.235 milliseconds in whack
| crypto helper 0 finished build KE and nonce (aggr_outI1 KE + nonce); request ID 1 time elapsed 0.000367 seconds
| (#1) spent 0.371 milliseconds in crypto helper computing work-order 1: aggr_outI1 KE + nonce (pcr)
| crypto helper 0 sending results from work-order 1 for state #1 to event queue
| scheduling resume sending helper answer for #1
| libevent_malloc: new ptr-libevent@0x7f86a8001af8 size 128
| crypto helper 0 waiting (nothing to do)
| processing resume sending helper answer for #1
| start processing: state #1 connection "road-east" from 192.1.2.23 (in resume_handler() at server.c:797)
| crypto helper 0 replies to request ID 1
| calling continuation function 0x55ef3e64eb50
| aggr_outI1_continue for #1: calculated ke+nonce, sending I1
| aggr_outI1_tail for #1
| **emit ISAKMP Message:
|    initiator cookie:
|   b7 39 42 85  45 99 81 7d
|    responder cookie:
|   00 00 00 00  00 00 00 00
|    next payload type: ISAKMP_NEXT_SA (0x1)
|    ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10)
|    exchange type: ISAKMP_XCHG_AGGR (0x4)
|    flags: none (0x0)
|    Message ID: 0 (0x0)
| next payload chain: saving message location 'ISAKMP Message'.'next payload type'
| next payload chain: ignoring supplied 'ISAKMP Message'.'next payload type' value 1:ISAKMP_NEXT_SA
| no specific IKE algorithms specified - using defaults
| oakley_alg_makedb() processing ealg=aes=7 halg=sha2_256=4 modp=MODP2048=14 eklen=0
| oakley_alg_makedb() processing ealg=aes=7 halg=sha2_512=6 modp=MODP2048=14 eklen=0
| oakley_alg_makedb() processing ealg=aes=7 halg=sha=2 modp=MODP2048=14 eklen=0
| oakley_alg_makedb() processing ealg=aes=7 halg=sha2_256=4 modp=MODP1536=5 eklen=0
"road-east" #1: multiple DH groups in aggressive mode can cause interop failure
"road-east" #1: Deleting previous proposal in the hopes of selecting DH 2 or DH 5
| oakley_alg_makedb() processing ealg=aes=7 halg=sha2_512=6 modp=MODP1536=5 eklen=0
| oakley_alg_makedb() processing ealg=aes=7 halg=sha=2 modp=MODP1536=5 eklen=0
| oakley_alg_makedb() processing ealg=3des_cbc=5 halg=sha2_256=4 modp=MODP2048=14 eklen=0
"road-east" #1: transform (OAKLEY_3DES_CBC,OAKLEY_SHA2_256,MODP2048 keylen 0) ignored.
| oakley_alg_makedb() processing ealg=3des_cbc=5 halg=sha2_512=6 modp=MODP2048=14 eklen=0
"road-east" #1: transform (OAKLEY_3DES_CBC,OAKLEY_SHA2_512,MODP2048 keylen 0) ignored.
| oakley_alg_makedb() processing ealg=3des_cbc=5 halg=sha=2 modp=MODP2048=14 eklen=0
"road-east" #1: transform (OAKLEY_3DES_CBC,OAKLEY_SHA1,MODP2048 keylen 0) ignored.
| oakley_alg_makedb() processing ealg=3des_cbc=5 halg=sha2_256=4 modp=MODP1536=5 eklen=0
| oakley_alg_makedb() processing ealg=3des_cbc=5 halg=sha2_512=6 modp=MODP1536=5 eklen=0
| oakley_alg_makedb() processing ealg=3des_cbc=5 halg=sha=2 modp=MODP1536=5 eklen=0
| oakley_alg_makedb() returning 0x55ef3f840228
| ***emit ISAKMP Security Association Payload:
|    next payload type: ISAKMP_NEXT_KE (0x4)
|    DOI: ISAKMP_DOI_IPSEC (0x1)
| next payload chain: ignoring supplied 'ISAKMP Security Association Payload'.'next payload type' value 4:ISAKMP_NEXT_KE
| next payload chain: setting previous 'ISAKMP Message'.'next payload type' to current ISAKMP Security Association Payload (1:ISAKMP_NEXT_SA)
| next payload chain: saving location 'ISAKMP Security Association Payload'.'next payload type' in 'reply packet'
| ****emit IPsec DOI SIT:
|    IPsec DOI SIT: SIT_IDENTITY_ONLY (0x1)
| ikev1_out_sa pcn: 0 has 1 valid proposals
| ikev1_out_sa pcn: 0 pn: 0<1 valid_count: 1 trans_cnt: 9
| ****emit ISAKMP Proposal Payload:
|    next payload type: ISAKMP_NEXT_NONE (0x0)
|    proposal number: 0 (0x0)
|    protocol ID: PROTO_ISAKMP (0x1)
|    SPI size: 0 (0x0)
|    number of transforms: 9 (0x9)
| last substructure: saving location 'ISAKMP Security Association Payload'.'ISAKMP Proposal Payload'.'next payload type'
| *****emit ISAKMP Transform Payload (ISAKMP):
|    next payload type: ISAKMP_NEXT_T (0x3)
|    ISAKMP transform number: 0 (0x0)
|    ISAKMP transform ID: KEY_IKE (0x1)
| last substructure: saving location 'ISAKMP Proposal Payload'.'ISAKMP Transform Payload (ISAKMP)'.'next payload type'
| ******emit ISAKMP Oakley attribute:
|    af+type: AF+OAKLEY_LIFE_TYPE (0x800b)
|    length/value: 1 (0x1)
|     [1 is OAKLEY_LIFE_SECONDS]
| ******emit ISAKMP Oakley attribute:
|    af+type: AF+OAKLEY_LIFE_DURATION (variable length) (0x800c)
|    length/value: 3600 (0xe10)
| ******emit ISAKMP Oakley attribute:
|    af+type: AF+OAKLEY_ENCRYPTION_ALGORITHM (0x8001)
|    length/value: 7 (0x7)
|     [7 is OAKLEY_AES_CBC]
| ******emit ISAKMP Oakley attribute:
|    af+type: AF+OAKLEY_HASH_ALGORITHM (0x8002)
|    length/value: 4 (0x4)
|     [4 is OAKLEY_SHA2_256]
| ******emit ISAKMP Oakley attribute:
|    af+type: AF+OAKLEY_AUTHENTICATION_METHOD (0x8003)
|    length/value: 65001 (0xfde9)
|     [65001 is XAUTHInitPreShared]
| ******emit ISAKMP Oakley attribute:
|    af+type: AF+OAKLEY_GROUP_DESCRIPTION (0x8004)
|    length/value: 5 (0x5)
|     [5 is OAKLEY_GROUP_MODP1536]
| ******emit ISAKMP Oakley attribute:
|    af+type: AF+OAKLEY_KEY_LENGTH (0x800e)
|    length/value: 256 (0x100)
| emitting length of ISAKMP Transform Payload (ISAKMP): 36
| *****emit ISAKMP Transform Payload (ISAKMP):
|    next payload type: ISAKMP_NEXT_T (0x3)
|    ISAKMP transform number: 1 (0x1)
|    ISAKMP transform ID: KEY_IKE (0x1)
| last substructure: checking 'ISAKMP Proposal Payload'.'ISAKMP Transform Payload (ISAKMP)'.'next payload type' is ISAKMP_NEXT_T (0x3)
| last substructure: saving location 'ISAKMP Proposal Payload'.'ISAKMP Transform Payload (ISAKMP)'.'next payload type'
| ******emit ISAKMP Oakley attribute:
|    af+type: AF+OAKLEY_LIFE_TYPE (0x800b)
|    length/value: 1 (0x1)
|     [1 is OAKLEY_LIFE_SECONDS]
| ******emit ISAKMP Oakley attribute:
|    af+type: AF+OAKLEY_LIFE_DURATION (variable length) (0x800c)
|    length/value: 3600 (0xe10)
| ******emit ISAKMP Oakley attribute:
|    af+type: AF+OAKLEY_ENCRYPTION_ALGORITHM (0x8001)
|    length/value: 7 (0x7)
|     [7 is OAKLEY_AES_CBC]
| ******emit ISAKMP Oakley attribute:
|    af+type: AF+OAKLEY_HASH_ALGORITHM (0x8002)
|    length/value: 4 (0x4)
|     [4 is OAKLEY_SHA2_256]
| ******emit ISAKMP Oakley attribute:
|    af+type: AF+OAKLEY_AUTHENTICATION_METHOD (0x8003)
|    length/value: 65001 (0xfde9)
|     [65001 is XAUTHInitPreShared]
| ******emit ISAKMP Oakley attribute:
|    af+type: AF+OAKLEY_GROUP_DESCRIPTION (0x8004)
|    length/value: 5 (0x5)
|     [5 is OAKLEY_GROUP_MODP1536]
| ******emit ISAKMP Oakley attribute:
|    af+type: AF+OAKLEY_KEY_LENGTH (0x800e)
|    length/value: 128 (0x80)
| emitting length of ISAKMP Transform Payload (ISAKMP): 36
| *****emit ISAKMP Transform Payload (ISAKMP):
|    next payload type: ISAKMP_NEXT_T (0x3)
|    ISAKMP transform number: 2 (0x2)
|    ISAKMP transform ID: KEY_IKE (0x1)
| last substructure: checking 'ISAKMP Proposal Payload'.'ISAKMP Transform Payload (ISAKMP)'.'next payload type' is ISAKMP_NEXT_T (0x3)
| last substructure: saving location 'ISAKMP Proposal Payload'.'ISAKMP Transform Payload (ISAKMP)'.'next payload type'
| ******emit ISAKMP Oakley attribute:
|    af+type: AF+OAKLEY_LIFE_TYPE (0x800b)
|    length/value: 1 (0x1)
|     [1 is OAKLEY_LIFE_SECONDS]
| ******emit ISAKMP Oakley attribute:
|    af+type: AF+OAKLEY_LIFE_DURATION (variable length) (0x800c)
|    length/value: 3600 (0xe10)
| ******emit ISAKMP Oakley attribute:
|    af+type: AF+OAKLEY_ENCRYPTION_ALGORITHM (0x8001)
|    length/value: 7 (0x7)
|     [7 is OAKLEY_AES_CBC]
| ******emit ISAKMP Oakley attribute:
|    af+type: AF+OAKLEY_HASH_ALGORITHM (0x8002)
|    length/value: 6 (0x6)
|     [6 is OAKLEY_SHA2_512]
| ******emit ISAKMP Oakley attribute:
|    af+type: AF+OAKLEY_AUTHENTICATION_METHOD (0x8003)
|    length/value: 65001 (0xfde9)
|     [65001 is XAUTHInitPreShared]
| ******emit ISAKMP Oakley attribute:
|    af+type: AF+OAKLEY_GROUP_DESCRIPTION (0x8004)
|    length/value: 5 (0x5)
|     [5 is OAKLEY_GROUP_MODP1536]
| ******emit ISAKMP Oakley attribute:
|    af+type: AF+OAKLEY_KEY_LENGTH (0x800e)
|    length/value: 256 (0x100)
| emitting length of ISAKMP Transform Payload (ISAKMP): 36
| *****emit ISAKMP Transform Payload (ISAKMP):
|    next payload type: ISAKMP_NEXT_T (0x3)
|    ISAKMP transform number: 3 (0x3)
|    ISAKMP transform ID: KEY_IKE (0x1)
| last substructure: checking 'ISAKMP Proposal Payload'.'ISAKMP Transform Payload (ISAKMP)'.'next payload type' is ISAKMP_NEXT_T (0x3)
| last substructure: saving location 'ISAKMP Proposal Payload'.'ISAKMP Transform Payload (ISAKMP)'.'next payload type'
| ******emit ISAKMP Oakley attribute:
|    af+type: AF+OAKLEY_LIFE_TYPE (0x800b)
|    length/value: 1 (0x1)
|     [1 is OAKLEY_LIFE_SECONDS]
| ******emit ISAKMP Oakley attribute:
|    af+type: AF+OAKLEY_LIFE_DURATION (variable length) (0x800c)
|    length/value: 3600 (0xe10)
| ******emit ISAKMP Oakley attribute:
|    af+type: AF+OAKLEY_ENCRYPTION_ALGORITHM (0x8001)
|    length/value: 7 (0x7)
|     [7 is OAKLEY_AES_CBC]
| ******emit ISAKMP Oakley attribute:
|    af+type: AF+OAKLEY_HASH_ALGORITHM (0x8002)
|    length/value: 6 (0x6)
|     [6 is OAKLEY_SHA2_512]
| ******emit ISAKMP Oakley attribute:
|    af+type: AF+OAKLEY_AUTHENTICATION_METHOD (0x8003)
|    length/value: 65001 (0xfde9)
|     [65001 is XAUTHInitPreShared]
| ******emit ISAKMP Oakley attribute:
|    af+type: AF+OAKLEY_GROUP_DESCRIPTION (0x8004)
|    length/value: 5 (0x5)
|     [5 is OAKLEY_GROUP_MODP1536]
| ******emit ISAKMP Oakley attribute:
|    af+type: AF+OAKLEY_KEY_LENGTH (0x800e)
|    length/value: 128 (0x80)
| emitting length of ISAKMP Transform Payload (ISAKMP): 36
| *****emit ISAKMP Transform Payload (ISAKMP):
|    next payload type: ISAKMP_NEXT_T (0x3)
|    ISAKMP transform number: 4 (0x4)
|    ISAKMP transform ID: KEY_IKE (0x1)
| last substructure: checking 'ISAKMP Proposal Payload'.'ISAKMP Transform Payload (ISAKMP)'.'next payload type' is ISAKMP_NEXT_T (0x3)
| last substructure: saving location 'ISAKMP Proposal Payload'.'ISAKMP Transform Payload (ISAKMP)'.'next payload type'
| ******emit ISAKMP Oakley attribute:
|    af+type: AF+OAKLEY_LIFE_TYPE (0x800b)
|    length/value: 1 (0x1)
|     [1 is OAKLEY_LIFE_SECONDS]
| ******emit ISAKMP Oakley attribute:
|    af+type: AF+OAKLEY_LIFE_DURATION (variable length) (0x800c)
|    length/value: 3600 (0xe10)
| ******emit ISAKMP Oakley attribute:
|    af+type: AF+OAKLEY_ENCRYPTION_ALGORITHM (0x8001)
|    length/value: 7 (0x7)
|     [7 is OAKLEY_AES_CBC]
| ******emit ISAKMP Oakley attribute:
|    af+type: AF+OAKLEY_HASH_ALGORITHM (0x8002)
|    length/value: 2 (0x2)
|     [2 is OAKLEY_SHA1]
| ******emit ISAKMP Oakley attribute:
|    af+type: AF+OAKLEY_AUTHENTICATION_METHOD (0x8003)
|    length/value: 65001 (0xfde9)
|     [65001 is XAUTHInitPreShared]
| ******emit ISAKMP Oakley attribute:
|    af+type: AF+OAKLEY_GROUP_DESCRIPTION (0x8004)
|    length/value: 5 (0x5)
|     [5 is OAKLEY_GROUP_MODP1536]
| ******emit ISAKMP Oakley attribute:
|    af+type: AF+OAKLEY_KEY_LENGTH (0x800e)
|    length/value: 256 (0x100)
| emitting length of ISAKMP Transform Payload (ISAKMP): 36
| *****emit ISAKMP Transform Payload (ISAKMP):
|    next payload type: ISAKMP_NEXT_T (0x3)
|    ISAKMP transform number: 5 (0x5)
|    ISAKMP transform ID: KEY_IKE (0x1)
| last substructure: checking 'ISAKMP Proposal Payload'.'ISAKMP Transform Payload (ISAKMP)'.'next payload type' is ISAKMP_NEXT_T (0x3)
| last substructure: saving location 'ISAKMP Proposal Payload'.'ISAKMP Transform Payload (ISAKMP)'.'next payload type'
| ******emit ISAKMP Oakley attribute:
|    af+type: AF+OAKLEY_LIFE_TYPE (0x800b)
|    length/value: 1 (0x1)
|     [1 is OAKLEY_LIFE_SECONDS]
| ******emit ISAKMP Oakley attribute:
|    af+type: AF+OAKLEY_LIFE_DURATION (variable length) (0x800c)
|    length/value: 3600 (0xe10)
| ******emit ISAKMP Oakley attribute:
|    af+type: AF+OAKLEY_ENCRYPTION_ALGORITHM (0x8001)
|    length/value: 7 (0x7)
|     [7 is OAKLEY_AES_CBC]
| ******emit ISAKMP Oakley attribute:
|    af+type: AF+OAKLEY_HASH_ALGORITHM (0x8002)
|    length/value: 2 (0x2)
|     [2 is OAKLEY_SHA1]
| ******emit ISAKMP Oakley attribute:
|    af+type: AF+OAKLEY_AUTHENTICATION_METHOD (0x8003)
|    length/value: 65001 (0xfde9)
|     [65001 is XAUTHInitPreShared]
| ******emit ISAKMP Oakley attribute:
|    af+type: AF+OAKLEY_GROUP_DESCRIPTION (0x8004)
|    length/value: 5 (0x5)
|     [5 is OAKLEY_GROUP_MODP1536]
| ******emit ISAKMP Oakley attribute:
|    af+type: AF+OAKLEY_KEY_LENGTH (0x800e)
|    length/value: 128 (0x80)
| emitting length of ISAKMP Transform Payload (ISAKMP): 36
| *****emit ISAKMP Transform Payload (ISAKMP):
|    next payload type: ISAKMP_NEXT_T (0x3)
|    ISAKMP transform number: 6 (0x6)
|    ISAKMP transform ID: KEY_IKE (0x1)
| last substructure: checking 'ISAKMP Proposal Payload'.'ISAKMP Transform Payload (ISAKMP)'.'next payload type' is ISAKMP_NEXT_T (0x3)
| last substructure: saving location 'ISAKMP Proposal Payload'.'ISAKMP Transform Payload (ISAKMP)'.'next payload type'
| ******emit ISAKMP Oakley attribute:
|    af+type: AF+OAKLEY_LIFE_TYPE (0x800b)
|    length/value: 1 (0x1)
|     [1 is OAKLEY_LIFE_SECONDS]
| ******emit ISAKMP Oakley attribute:
|    af+type: AF+OAKLEY_LIFE_DURATION (variable length) (0x800c)
|    length/value: 3600 (0xe10)
| ******emit ISAKMP Oakley attribute:
|    af+type: AF+OAKLEY_ENCRYPTION_ALGORITHM (0x8001)
|    length/value: 5 (0x5)
|     [5 is OAKLEY_3DES_CBC]
| ******emit ISAKMP Oakley attribute:
|    af+type: AF+OAKLEY_HASH_ALGORITHM (0x8002)
|    length/value: 4 (0x4)
|     [4 is OAKLEY_SHA2_256]
| ******emit ISAKMP Oakley attribute:
|    af+type: AF+OAKLEY_AUTHENTICATION_METHOD (0x8003)
|    length/value: 65001 (0xfde9)
|     [65001 is XAUTHInitPreShared]
| ******emit ISAKMP Oakley attribute:
|    af+type: AF+OAKLEY_GROUP_DESCRIPTION (0x8004)
|    length/value: 5 (0x5)
|     [5 is OAKLEY_GROUP_MODP1536]
| emitting length of ISAKMP Transform Payload (ISAKMP): 32
| *****emit ISAKMP Transform Payload (ISAKMP):
|    next payload type: ISAKMP_NEXT_T (0x3)
|    ISAKMP transform number: 7 (0x7)
|    ISAKMP transform ID: KEY_IKE (0x1)
| last substructure: checking 'ISAKMP Proposal Payload'.'ISAKMP Transform Payload (ISAKMP)'.'next payload type' is ISAKMP_NEXT_T (0x3)
| last substructure: saving location 'ISAKMP Proposal Payload'.'ISAKMP Transform Payload (ISAKMP)'.'next payload type'
| ******emit ISAKMP Oakley attribute:
|    af+type: AF+OAKLEY_LIFE_TYPE (0x800b)
|    length/value: 1 (0x1)
|     [1 is OAKLEY_LIFE_SECONDS]
| ******emit ISAKMP Oakley attribute:
|    af+type: AF+OAKLEY_LIFE_DURATION (variable length) (0x800c)
|    length/value: 3600 (0xe10)
| ******emit ISAKMP Oakley attribute:
|    af+type: AF+OAKLEY_ENCRYPTION_ALGORITHM (0x8001)
|    length/value: 5 (0x5)
|     [5 is OAKLEY_3DES_CBC]
| ******emit ISAKMP Oakley attribute:
|    af+type: AF+OAKLEY_HASH_ALGORITHM (0x8002)
|    length/value: 6 (0x6)
|     [6 is OAKLEY_SHA2_512]
| ******emit ISAKMP Oakley attribute:
|    af+type: AF+OAKLEY_AUTHENTICATION_METHOD (0x8003)
|    length/value: 65001 (0xfde9)
|     [65001 is XAUTHInitPreShared]
| ******emit ISAKMP Oakley attribute:
|    af+type: AF+OAKLEY_GROUP_DESCRIPTION (0x8004)
|    length/value: 5 (0x5)
|     [5 is OAKLEY_GROUP_MODP1536]
| emitting length of ISAKMP Transform Payload (ISAKMP): 32
| *****emit ISAKMP Transform Payload (ISAKMP):
|    next payload type: ISAKMP_NEXT_NONE (0x0)
|    ISAKMP transform number: 8 (0x8)
|    ISAKMP transform ID: KEY_IKE (0x1)
| last substructure: checking 'ISAKMP Proposal Payload'.'ISAKMP Transform Payload (ISAKMP)'.'next payload type' is ISAKMP_NEXT_T (0x3)
| last substructure: saving location 'ISAKMP Proposal Payload'.'ISAKMP Transform Payload (ISAKMP)'.'next payload type'
| ******emit ISAKMP Oakley attribute:
|    af+type: AF+OAKLEY_LIFE_TYPE (0x800b)
|    length/value: 1 (0x1)
|     [1 is OAKLEY_LIFE_SECONDS]
| ******emit ISAKMP Oakley attribute:
|    af+type: AF+OAKLEY_LIFE_DURATION (variable length) (0x800c)
|    length/value: 3600 (0xe10)
| ******emit ISAKMP Oakley attribute:
|    af+type: AF+OAKLEY_ENCRYPTION_ALGORITHM (0x8001)
|    length/value: 5 (0x5)
|     [5 is OAKLEY_3DES_CBC]
| ******emit ISAKMP Oakley attribute:
|    af+type: AF+OAKLEY_HASH_ALGORITHM (0x8002)
|    length/value: 2 (0x2)
|     [2 is OAKLEY_SHA1]
| ******emit ISAKMP Oakley attribute:
|    af+type: AF+OAKLEY_AUTHENTICATION_METHOD (0x8003)
|    length/value: 65001 (0xfde9)
|     [65001 is XAUTHInitPreShared]
| ******emit ISAKMP Oakley attribute:
|    af+type: AF+OAKLEY_GROUP_DESCRIPTION (0x8004)
|    length/value: 5 (0x5)
|     [5 is OAKLEY_GROUP_MODP1536]
| emitting length of ISAKMP Transform Payload (ISAKMP): 32
| emitting length of ISAKMP Proposal Payload: 320
| last substructure: checking 'ISAKMP Proposal Payload'.'ISAKMP Transform Payload (ISAKMP)'.'next payload type' is 0
| emitting length of ISAKMP Security Association Payload: 332
| last substructure: checking 'ISAKMP Security Association Payload'.'ISAKMP Proposal Payload'.'next payload type' is 0
| ***emit ISAKMP Key Exchange Payload:
|    next payload type: ISAKMP_NEXT_NONCE (0xa)
| next payload chain: ignoring supplied 'ISAKMP Key Exchange Payload'.'next payload type' value 10:ISAKMP_NEXT_NONCE
| next payload chain: setting previous 'ISAKMP Security Association Payload'.'next payload type' to current ISAKMP Key Exchange Payload (4:ISAKMP_NEXT_KE)
| next payload chain: saving location 'ISAKMP Key Exchange Payload'.'next payload type' in 'reply packet'
| emitting 192 raw bytes of keyex value into ISAKMP Key Exchange Payload
| keyex value  7a de 1b 4a  c9 d8 2d f1  d5 ae 39 06  37 45 a0 69
| keyex value  2d 4c 09 4b  71 d3 3b 87  d0 b6 a4 8e  e4 47 a1 35
| keyex value  57 6b d1 fa  9b 0b b4 c5  a5 a0 10 48  fc e4 53 55
| keyex value  df b8 d8 cc  e9 e6 fe 74  bb 73 50 2e  64 78 ba a2
| keyex value  1a b7 92 3c  ed a5 b5 76  73 55 22 a8  5e ed df f0
| keyex value  8c ae cc d6  b5 86 78 dc  63 95 29 9b  97 23 46 fc
| keyex value  cf 56 a8 12  d2 73 f6 3f  71 6f 03 48  74 4a b1 d6
| keyex value  14 76 ba f4  f2 e4 cf fd  52 c4 51 c5  d9 f3 27 12
| keyex value  d6 6a 3c 17  01 cc ee ba  ba 68 6c 51  f5 2e 04 f9
| keyex value  90 44 aa df  1f 08 a4 cd  37 90 01 41  34 96 b6 bc
| keyex value  e0 21 7d 39  76 5f 81 a1  6d d1 1a 33  85 ad e2 65
| keyex value  8d f4 46 8a  6f c2 eb 2e  8f 57 28 e1  ac 6f 0a b3
| emitting length of ISAKMP Key Exchange Payload: 196
| ***emit ISAKMP Nonce Payload:
|    next payload type: ISAKMP_NEXT_ID (0x5)
| next payload chain: ignoring supplied 'ISAKMP Nonce Payload'.'next payload type' value 5:ISAKMP_NEXT_ID
| next payload chain: setting previous 'ISAKMP Key Exchange Payload'.'next payload type' to current ISAKMP Nonce Payload (10:ISAKMP_NEXT_NONCE)
| next payload chain: saving location 'ISAKMP Nonce Payload'.'next payload type' in 'reply packet'
| emitting 32 raw bytes of Ni into ISAKMP Nonce Payload
| Ni  14 5a 9e 56  cd 88 93 08  9f e9 09 99  cf d1 d8 66
| Ni  0f 53 d3 27  47 bf 40 b3  ec c5 b4 93  78 39 91 d2
| emitting length of ISAKMP Nonce Payload: 36
| ***emit ISAKMP Identification Payload (IPsec DOI):
|    next payload type: ISAKMP_NEXT_VID (0xd)
|    ID type: ID_FQDN (0x2)
|    Protocol ID: 0 (0x0)
|    port: 0 (0x0)
| next payload chain: ignoring supplied 'ISAKMP Identification Payload (IPsec DOI)'.'next payload type' value 13:ISAKMP_NEXT_VID
| next payload chain: setting previous 'ISAKMP Nonce Payload'.'next payload type' to current ISAKMP Identification Payload (IPsec DOI) (5:ISAKMP_NEXT_ID)
| next payload chain: saving location 'ISAKMP Identification Payload (IPsec DOI)'.'next payload type' in 'reply packet'
| emitting 10 raw bytes of my identity into ISAKMP Identification Payload (IPsec DOI)
| my identity  72 6f 61 64  72 61 6e 64  6f 6d
| emitting length of ISAKMP Identification Payload (IPsec DOI): 18
| out_vid(): sending [FRAGMENTATION]
| ***emit ISAKMP Vendor ID Payload:
|    next payload type: ISAKMP_NEXT_VID (0xd)
| next payload chain: ignoring supplied 'ISAKMP Vendor ID Payload'.'next payload type' value 13:ISAKMP_NEXT_VID
| next payload chain: setting previous 'ISAKMP Identification Payload (IPsec DOI)'.'next payload type' to current ISAKMP Vendor ID Payload (13:ISAKMP_NEXT_VID)
| next payload chain: saving location 'ISAKMP Vendor ID Payload'.'next payload type' in 'reply packet'
| emitting 16 raw bytes of V_ID into ISAKMP Vendor ID Payload
| V_ID  40 48 b7 d5  6e bc e8 85  25 e7 de 7f  00 d6 c2 d3
| emitting length of ISAKMP Vendor ID Payload: 20
| out_vid(): sending [XAUTH]
| ***emit ISAKMP Vendor ID Payload:
|    next payload type: ISAKMP_NEXT_VID (0xd)
| next payload chain: ignoring supplied 'ISAKMP Vendor ID Payload'.'next payload type' value 13:ISAKMP_NEXT_VID
| next payload chain: setting previous 'ISAKMP Vendor ID Payload'.'next payload type' to current ISAKMP Vendor ID Payload (13:ISAKMP_NEXT_VID)
| next payload chain: saving location 'ISAKMP Vendor ID Payload'.'next payload type' in 'reply packet'
| emitting 8 raw bytes of V_ID into ISAKMP Vendor ID Payload
| V_ID  09 00 26 89  df d6 b7 12
| emitting length of ISAKMP Vendor ID Payload: 12
| out_vid(): sending [Dead Peer Detection]
| ***emit ISAKMP Vendor ID Payload:
|    next payload type: ISAKMP_NEXT_NONE (0x0)
| next payload chain: setting previous 'ISAKMP Vendor ID Payload'.'next payload type' to current ISAKMP Vendor ID Payload (13:ISAKMP_NEXT_VID)
| next payload chain: saving location 'ISAKMP Vendor ID Payload'.'next payload type' in 'reply packet'
| emitting 16 raw bytes of V_ID into ISAKMP Vendor ID Payload
| V_ID  af ca d7 13  68 a1 f1 c9  6b 86 96 fc  77 57 01 00
| emitting length of ISAKMP Vendor ID Payload: 20
| nat add vid
| sending draft and RFC NATT VIDs
| out_vid(): sending [RFC 3947]
| ***emit ISAKMP Vendor ID Payload:
|    next payload type: ISAKMP_NEXT_VID (0xd)
| next payload chain: ignoring supplied 'ISAKMP Vendor ID Payload'.'next payload type' value 13:ISAKMP_NEXT_VID
| next payload chain: setting previous 'ISAKMP Vendor ID Payload'.'next payload type' to current ISAKMP Vendor ID Payload (13:ISAKMP_NEXT_VID)
| next payload chain: saving location 'ISAKMP Vendor ID Payload'.'next payload type' in 'reply packet'
| emitting 16 raw bytes of V_ID into ISAKMP Vendor ID Payload
| V_ID  4a 13 1c 81  07 03 58 45  5c 57 28 f2  0e 95 45 2f
| emitting length of ISAKMP Vendor ID Payload: 20
| skipping VID_NATT_RFC
| out_vid(): sending [draft-ietf-ipsec-nat-t-ike-03]
| ***emit ISAKMP Vendor ID Payload:
|    next payload type: ISAKMP_NEXT_VID (0xd)
| next payload chain: ignoring supplied 'ISAKMP Vendor ID Payload'.'next payload type' value 13:ISAKMP_NEXT_VID
| next payload chain: setting previous 'ISAKMP Vendor ID Payload'.'next payload type' to current ISAKMP Vendor ID Payload (13:ISAKMP_NEXT_VID)
| next payload chain: saving location 'ISAKMP Vendor ID Payload'.'next payload type' in 'reply packet'
| emitting 16 raw bytes of V_ID into ISAKMP Vendor ID Payload
| V_ID  7d 94 19 a6  53 10 ca 6f  2c 17 9d 92  15 52 9d 56
| emitting length of ISAKMP Vendor ID Payload: 20
| out_vid(): sending [draft-ietf-ipsec-nat-t-ike-02_n]
| ***emit ISAKMP Vendor ID Payload:
|    next payload type: ISAKMP_NEXT_VID (0xd)
| next payload chain: ignoring supplied 'ISAKMP Vendor ID Payload'.'next payload type' value 13:ISAKMP_NEXT_VID
| next payload chain: setting previous 'ISAKMP Vendor ID Payload'.'next payload type' to current ISAKMP Vendor ID Payload (13:ISAKMP_NEXT_VID)
| next payload chain: saving location 'ISAKMP Vendor ID Payload'.'next payload type' in 'reply packet'
| emitting 16 raw bytes of V_ID into ISAKMP Vendor ID Payload
| V_ID  90 cb 80 91  3e bb 69 6e  08 63 81 b5  ec 42 7b 1f
| emitting length of ISAKMP Vendor ID Payload: 20
| out_vid(): sending [draft-ietf-ipsec-nat-t-ike-02]
| ***emit ISAKMP Vendor ID Payload:
|    next payload type: ISAKMP_NEXT_NONE (0x0)
| next payload chain: setting previous 'ISAKMP Vendor ID Payload'.'next payload type' to current ISAKMP Vendor ID Payload (13:ISAKMP_NEXT_VID)
| next payload chain: saving location 'ISAKMP Vendor ID Payload'.'next payload type' in 'reply packet'
| emitting 16 raw bytes of V_ID into ISAKMP Vendor ID Payload
| V_ID  cd 60 46 43  35 df 21 f8  7c fd b2 fc  68 b6 a4 48
| emitting length of ISAKMP Vendor ID Payload: 20
| padding IKEv1 message with 2 bytes
| emitting 2 zero bytes of message padding into ISAKMP Message
| emitting length of ISAKMP Message: 744
| sending 744 bytes for aggr_outI1 through eth0 from 192.1.3.209:500 to 192.1.2.23:500 (using #1)
|   b7 39 42 85  45 99 81 7d  00 00 00 00  00 00 00 00
|   01 10 04 00  00 00 00 00  00 00 02 e8  04 00 01 4c
|   00 00 00 01  00 00 00 01  00 00 01 40  00 01 00 09
|   03 00 00 24  00 01 00 00  80 0b 00 01  80 0c 0e 10
|   80 01 00 07  80 02 00 04  80 03 fd e9  80 04 00 05
|   80 0e 01 00  03 00 00 24  01 01 00 00  80 0b 00 01
|   80 0c 0e 10  80 01 00 07  80 02 00 04  80 03 fd e9
|   80 04 00 05  80 0e 00 80  03 00 00 24  02 01 00 00
|   80 0b 00 01  80 0c 0e 10  80 01 00 07  80 02 00 06
|   80 03 fd e9  80 04 00 05  80 0e 01 00  03 00 00 24
|   03 01 00 00  80 0b 00 01  80 0c 0e 10  80 01 00 07
|   80 02 00 06  80 03 fd e9  80 04 00 05  80 0e 00 80
|   03 00 00 24  04 01 00 00  80 0b 00 01  80 0c 0e 10
|   80 01 00 07  80 02 00 02  80 03 fd e9  80 04 00 05
|   80 0e 01 00  03 00 00 24  05 01 00 00  80 0b 00 01
|   80 0c 0e 10  80 01 00 07  80 02 00 02  80 03 fd e9
|   80 04 00 05  80 0e 00 80  03 00 00 20  06 01 00 00
|   80 0b 00 01  80 0c 0e 10  80 01 00 05  80 02 00 04
|   80 03 fd e9  80 04 00 05  03 00 00 20  07 01 00 00
|   80 0b 00 01  80 0c 0e 10  80 01 00 05  80 02 00 06
|   80 03 fd e9  80 04 00 05  00 00 00 20  08 01 00 00
|   80 0b 00 01  80 0c 0e 10  80 01 00 05  80 02 00 02
|   80 03 fd e9  80 04 00 05  0a 00 00 c4  7a de 1b 4a
|   c9 d8 2d f1  d5 ae 39 06  37 45 a0 69  2d 4c 09 4b
|   71 d3 3b 87  d0 b6 a4 8e  e4 47 a1 35  57 6b d1 fa
|   9b 0b b4 c5  a5 a0 10 48  fc e4 53 55  df b8 d8 cc
|   e9 e6 fe 74  bb 73 50 2e  64 78 ba a2  1a b7 92 3c
|   ed a5 b5 76  73 55 22 a8  5e ed df f0  8c ae cc d6
|   b5 86 78 dc  63 95 29 9b  97 23 46 fc  cf 56 a8 12
|   d2 73 f6 3f  71 6f 03 48  74 4a b1 d6  14 76 ba f4
|   f2 e4 cf fd  52 c4 51 c5  d9 f3 27 12  d6 6a 3c 17
|   01 cc ee ba  ba 68 6c 51  f5 2e 04 f9  90 44 aa df
|   1f 08 a4 cd  37 90 01 41  34 96 b6 bc  e0 21 7d 39
|   76 5f 81 a1  6d d1 1a 33  85 ad e2 65  8d f4 46 8a
|   6f c2 eb 2e  8f 57 28 e1  ac 6f 0a b3  05 00 00 24
|   14 5a 9e 56  cd 88 93 08  9f e9 09 99  cf d1 d8 66
|   0f 53 d3 27  47 bf 40 b3  ec c5 b4 93  78 39 91 d2
|   0d 00 00 12  02 00 00 00  72 6f 61 64  72 61 6e 64
|   6f 6d 0d 00  00 14 40 48  b7 d5 6e bc  e8 85 25 e7
|   de 7f 00 d6  c2 d3 0d 00  00 0c 09 00  26 89 df d6
|   b7 12 0d 00  00 14 af ca  d7 13 68 a1  f1 c9 6b 86
|   96 fc 77 57  01 00 0d 00  00 14 4a 13  1c 81 07 03
|   58 45 5c 57  28 f2 0e 95  45 2f 0d 00  00 14 7d 94
|   19 a6 53 10  ca 6f 2c 17  9d 92 15 52  9d 56 0d 00
|   00 14 90 cb  80 91 3e bb  69 6e 08 63  81 b5 ec 42
|   7b 1f 00 00  00 14 cd 60  46 43 35 df  21 f8 7c fd
|   b2 fc 68 b6  a4 48 00 00
| state #1 requesting EVENT_CRYPTO_TIMEOUT to be deleted
| libevent_free: release ptr-libevent@0x55ef3f81dc98
| free_event_entry: release EVENT_CRYPTO_TIMEOUT-pe@0x55ef3f83eb48
| event_schedule: new EVENT_RETRANSMIT-pe@0x55ef3f840b88
| inserting event EVENT_RETRANSMIT, timeout in 2.5 seconds for #1
| libevent_malloc: new ptr-libevent@0x55ef3f81dc98 size 128
| #1 STATE_AGGR_I1: retransmits: first event in 2.5 seconds; timeout in 6 seconds; limit of 12 retransmits; current time is 29843.0547
| stop processing: state #1 connection "road-east" from 192.1.2.23 (in aggr_outI1_tail() at ikev1_aggr.c:1199)
| complete v1 state transition with STF_IGNORE
| resume sending helper answer for #1 suppresed complete_v1_state_transition()
| #1 spent 0.789 milliseconds in resume sending helper answer
| processing: STOP state #0 (in resume_handler() at server.c:833)
| libevent_free: release ptr-libevent@0x7f86a8001af8
| spent 0.00281 milliseconds in comm_handle_cb() calling check_incoming_msg_errqueue()
| *received 508 bytes from 192.1.2.23:500 on eth0 (192.1.3.209:500)
|   b7 39 42 85  45 99 81 7d  80 99 c3 dc  05 37 71 eb
|   01 10 04 00  00 00 00 00  00 00 01 fc  04 00 00 38
|   00 00 00 01  00 00 00 01  00 00 00 2c  00 01 00 01
|   00 00 00 24  00 01 00 00  80 0b 00 01  80 0c 0e 10
|   80 01 00 07  80 02 00 04  80 03 fd e9  80 04 00 05
|   80 0e 01 00  0a 00 00 c4  95 96 89 3f  3d 65 36 22
|   05 0d ee fd  18 e2 e1 28  25 01 28 63  ac 94 3d dc
|   a7 56 9f ef  5f 2f ba c2  76 a0 a3 d0  d0 ad 9f a2
|   2b e3 b4 3a  d7 75 2c b5  76 11 01 b0  01 21 1f 22
|   8d 7e a2 78  15 b2 f3 fd  d2 e7 9f a0  c8 a1 6f c1
|   7a 19 ae de  0a 2f bb 1f  a7 16 2d 8d  8e 9d 32 8b
|   a2 b2 69 36  53 47 1a fa  7d 61 28 86  dd 2b 0c df
|   05 13 0a 7b  da 0c 48 23  96 60 08 b7  bd e0 b8 c0
|   69 62 5e 8d  da 1a 98 e4  f2 b6 56 a3  9a 16 3a 06
|   c9 db fc 73  78 dc 75 51  fe c4 5b a5  30 ab 88 a1
|   1c cd 7d d2  f6 91 0c fc  de 72 ea 9f  52 2b c6 50
|   bb ec 05 63  5c f2 59 c0  8c 60 83 8c  f0 6e eb 06
|   85 ce 6b 2c  b3 a9 f1 50  05 00 00 24  50 35 5a e4
|   d8 ea f1 b8  2f bd 75 42  3d 9c 94 4a  25 27 4a 47
|   34 8c e5 3d  33 d1 94 65  fa c3 56 25  08 00 00 0c
|   02 00 00 00  65 61 73 74  0d 00 00 24  76 8a e9 37
|   ed 3f b8 64  d5 9f 17 d7  13 5a 93 52  79 38 21 3d
|   37 89 65 dd  ae 93 d0 f4  ee 16 8e 79  0d 00 00 14
|   40 48 b7 d5  6e bc e8 85  25 e7 de 7f  00 d6 c2 d3
|   0d 00 00 0c  09 00 26 89  df d6 b7 12  0d 00 00 14
|   af ca d7 13  68 a1 f1 c9  6b 86 96 fc  77 57 01 00
|   14 00 00 14  4a 13 1c 81  07 03 58 45  5c 57 28 f2
|   0e 95 45 2f  14 00 00 24  02 82 fe 25  7b 10 0a 7c
|   fc 72 93 aa  21 58 24 68  b2 0d 0a 8e  08 5c 46 78
|   9b f1 56 8c  fd b9 e3 e1  00 00 00 24  bf fa ec 40
|   77 13 35 14  e1 24 c5 f8  34 2b 30 3f  05 f0 c1 39
|   f1 1a 82 b3  8f 69 65 d1  a7 05 f4 55
| start processing: from 192.1.2.23:500 (in process_md() at demux.c:378)
| **parse ISAKMP Message:
|    initiator cookie:
|   b7 39 42 85  45 99 81 7d
|    responder cookie:
|   80 99 c3 dc  05 37 71 eb
|    next payload type: ISAKMP_NEXT_SA (0x1)
|    ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10)
|    exchange type: ISAKMP_XCHG_AGGR (0x4)
|    flags: none (0x0)
|    Message ID: 0 (0x0)
|    length: 508 (0x1fc)
|  processing version=1.0 packet with exchange type=ISAKMP_XCHG_AGGR (4)
| State DB: IKEv1 state not found (find_state_ikev1)
| State DB: found IKEv1 state #1 in AGGR_I1 (find_state_ikev1_init)
| start processing: state #1 connection "road-east" from 192.1.2.23 (in process_v1_packet() at ikev1.c:1459)
| #1 is idle
| #1 idle
| got payload 0x2  (ISAKMP_NEXT_SA) needed: 0x532 opt: 0x102000
| ***parse ISAKMP Security Association Payload:
|    next payload type: ISAKMP_NEXT_KE (0x4)
|    length: 56 (0x38)
|    DOI: ISAKMP_DOI_IPSEC (0x1)
| got payload 0x10  (ISAKMP_NEXT_KE) needed: 0x530 opt: 0x102000
| ***parse ISAKMP Key Exchange Payload:
|    next payload type: ISAKMP_NEXT_NONCE (0xa)
|    length: 196 (0xc4)
| got payload 0x400  (ISAKMP_NEXT_NONCE) needed: 0x520 opt: 0x102000
| ***parse ISAKMP Nonce Payload:
|    next payload type: ISAKMP_NEXT_ID (0x5)
|    length: 36 (0x24)
| got payload 0x20  (ISAKMP_NEXT_ID) needed: 0x120 opt: 0x102000
| ***parse ISAKMP Identification Payload:
|    next payload type: ISAKMP_NEXT_HASH (0x8)
|    length: 12 (0xc)
|    ID type: ID_FQDN (0x2)
|    DOI specific A: 0 (0x0)
|    DOI specific B: 0 (0x0)
|      obj:   65 61 73 74
| got payload 0x100  (ISAKMP_NEXT_HASH) needed: 0x100 opt: 0x102000
| ***parse ISAKMP Hash Payload:
|    next payload type: ISAKMP_NEXT_VID (0xd)
|    length: 36 (0x24)
| got payload 0x2000  (ISAKMP_NEXT_VID) needed: 0x0 opt: 0x102000
| ***parse ISAKMP Vendor ID Payload:
|    next payload type: ISAKMP_NEXT_VID (0xd)
|    length: 20 (0x14)
| got payload 0x2000  (ISAKMP_NEXT_VID) needed: 0x0 opt: 0x102000
| ***parse ISAKMP Vendor ID Payload:
|    next payload type: ISAKMP_NEXT_VID (0xd)
|    length: 12 (0xc)
| got payload 0x2000  (ISAKMP_NEXT_VID) needed: 0x0 opt: 0x102000
| ***parse ISAKMP Vendor ID Payload:
|    next payload type: ISAKMP_NEXT_VID (0xd)
|    length: 20 (0x14)
| got payload 0x2000  (ISAKMP_NEXT_VID) needed: 0x0 opt: 0x102000
| ***parse ISAKMP Vendor ID Payload:
|    next payload type: ISAKMP_NEXT_NATD_RFC (0x14)
|    length: 20 (0x14)
| got payload 0x100000  (ISAKMP_NEXT_NATD_RFC) needed: 0x0 opt: 0x102000
| ***parse ISAKMP NAT-D Payload:
|    next payload type: ISAKMP_NEXT_NATD_RFC (0x14)
|    length: 36 (0x24)
| got payload 0x100000  (ISAKMP_NEXT_NATD_RFC) needed: 0x0 opt: 0x102000
| ***parse ISAKMP NAT-D Payload:
|    next payload type: ISAKMP_NEXT_NONE (0x0)
|    length: 36 (0x24)
| message 'aggr_inR1_outI2' HASH payload not checked early
| received Vendor ID payload [FRAGMENTATION]
| received Vendor ID payload [XAUTH]
| received Vendor ID payload [Dead Peer Detection]
|  quirks.qnat_traversal_vid set to=117 [RFC 3947]
| received Vendor ID payload [RFC 3947]
"road-east" #1: Peer ID is ID_FQDN: '@east'
| X509: no CERT payloads to process
| ****parse IPsec DOI SIT:
|    IPsec DOI SIT: SIT_IDENTITY_ONLY (0x1)
| ****parse ISAKMP Proposal Payload:
|    next payload type: ISAKMP_NEXT_NONE (0x0)
|    length: 44 (0x2c)
|    proposal number: 0 (0x0)
|    protocol ID: PROTO_ISAKMP (0x1)
|    SPI size: 0 (0x0)
|    number of transforms: 1 (0x1)
| *****parse ISAKMP Transform Payload (ISAKMP):
|    next payload type: ISAKMP_NEXT_NONE (0x0)
|    length: 36 (0x24)
|    ISAKMP transform number: 0 (0x0)
|    ISAKMP transform ID: KEY_IKE (0x1)
| ******parse ISAKMP Oakley attribute:
|    af+type: AF+OAKLEY_LIFE_TYPE (0x800b)
|    length/value: 1 (0x1)
|    [1 is OAKLEY_LIFE_SECONDS]
| ******parse ISAKMP Oakley attribute:
|    af+type: AF+OAKLEY_LIFE_DURATION (variable length) (0x800c)
|    length/value: 3600 (0xe10)
| ******parse ISAKMP Oakley attribute:
|    af+type: AF+OAKLEY_ENCRYPTION_ALGORITHM (0x8001)
|    length/value: 7 (0x7)
|    [7 is OAKLEY_AES_CBC]
| ******parse ISAKMP Oakley attribute:
|    af+type: AF+OAKLEY_HASH_ALGORITHM (0x8002)
|    length/value: 4 (0x4)
|    [4 is OAKLEY_SHA2_256]
| ******parse ISAKMP Oakley attribute:
|    af+type: AF+OAKLEY_AUTHENTICATION_METHOD (0x8003)
|    length/value: 65001 (0xfde9)
|    [65001 is XAUTHInitPreShared]
| started looking for secret for @roadrandom->@east of kind PKK_PSK
| actually looking for secret for @roadrandom->@east of kind PKK_PSK
| line 12: key type PKK_PSK(@roadrandom) to type PKK_PSK
| 1: compared key @east to @roadrandom / @east -> 004
| 2: compared key @roadrandom to @roadrandom / @east -> 014
| line 12: match=014
| match 014 beats previous best_match 000 match=0x55ef3f83d238 (line=12)
| line 10: key type PKK_PSK(@roadrandom) to type PKK_PSK
| 1: compared key @east to @roadrandom / @east -> 004
| 2: compared key @west to @roadrandom / @east -> 004
| line 10: match=004
| line 9: key type PKK_PSK(@roadrandom) to type PKK_PSK
| 1: compared key %any to @roadrandom / @east -> 002
| 2: compared key %any to @roadrandom / @east -> 002
| line 9: match=002
| match 002 loses to best_match 014
| concluding with best_match=014 best=0x55ef3f83d238 (lineno=12)
| ******parse ISAKMP Oakley attribute:
|    af+type: AF+OAKLEY_GROUP_DESCRIPTION (0x8004)
|    length/value: 5 (0x5)
|    [5 is OAKLEY_GROUP_MODP1536]
| ******parse ISAKMP Oakley attribute:
|    af+type: AF+OAKLEY_KEY_LENGTH (0x800e)
|    length/value: 256 (0x100)
| OAKLEY proposal verified unconditionally; no alg_info to check against
| Oakley Transform 0 accepted
| sender checking NAT-T: enabled; VID 117
| returning NAT-T method NAT_TRAVERSAL_METHOD_IETF_RFC
| enabling possible NAT-traversal with method RFC 3947 (NAT-Traversal)
| State DB: re-hashing IKEv1 state #1 IKE SPIi and SPI[ir]
| init checking NAT-T: enabled; RFC 3947 (NAT-Traversal)
| natd_hash: hasher=0x55ef3e723ca0(32)
| natd_hash: icookie=  b7 39 42 85  45 99 81 7d
| natd_hash: rcookie=  80 99 c3 dc  05 37 71 eb
| natd_hash: ip=  c0 01 03 d1
| natd_hash: port=500
| natd_hash: hash=  02 82 fe 25  7b 10 0a 7c  fc 72 93 aa  21 58 24 68
| natd_hash: hash=  b2 0d 0a 8e  08 5c 46 78  9b f1 56 8c  fd b9 e3 e1
| natd_hash: hasher=0x55ef3e723ca0(32)
| natd_hash: icookie=  b7 39 42 85  45 99 81 7d
| natd_hash: rcookie=  80 99 c3 dc  05 37 71 eb
| natd_hash: ip=  c0 01 02 17
| natd_hash: port=500
| natd_hash: hash=  bf fa ec 40  77 13 35 14  e1 24 c5 f8  34 2b 30 3f
| natd_hash: hash=  05 f0 c1 39  f1 1a 82 b3  8f 69 65 d1  a7 05 f4 55
| expected NAT-D(me):  02 82 fe 25  7b 10 0a 7c  fc 72 93 aa  21 58 24 68
| expected NAT-D(me):  b2 0d 0a 8e  08 5c 46 78  9b f1 56 8c  fd b9 e3 e1
| expected NAT-D(him):
|   bf fa ec 40  77 13 35 14  e1 24 c5 f8  34 2b 30 3f
|   05 f0 c1 39  f1 1a 82 b3  8f 69 65 d1  a7 05 f4 55
| received NAT-D:  02 82 fe 25  7b 10 0a 7c  fc 72 93 aa  21 58 24 68
| received NAT-D:  b2 0d 0a 8e  08 5c 46 78  9b f1 56 8c  fd b9 e3 e1
| received NAT-D:  bf fa ec 40  77 13 35 14  e1 24 c5 f8  34 2b 30 3f
| received NAT-D:  05 f0 c1 39  f1 1a 82 b3  8f 69 65 d1  a7 05 f4 55
| NAT_TRAVERSAL encaps using auto-detect
| NAT_TRAVERSAL this end is NOT behind NAT
| NAT_TRAVERSAL that end is NOT behind NAT
| NAT_TRAVERSAL nat-keepalive enabled 192.1.2.23
| NAT-Traversal: Result using RFC 3947 (NAT-Traversal) sender port 500: no NAT detected
|  NAT_T_WITH_KA detected
| global one-shot timer EVENT_NAT_T_KEEPALIVE scheduled in 20 seconds
| started looking for secret for @roadrandom->@east of kind PKK_PSK
| actually looking for secret for @roadrandom->@east of kind PKK_PSK
| line 12: key type PKK_PSK(@roadrandom) to type PKK_PSK
| 1: compared key @east to @roadrandom / @east -> 004
| 2: compared key @roadrandom to @roadrandom / @east -> 014
| line 12: match=014
| match 014 beats previous best_match 000 match=0x55ef3f83d238 (line=12)
| line 10: key type PKK_PSK(@roadrandom) to type PKK_PSK
| 1: compared key @east to @roadrandom / @east -> 004
| 2: compared key @west to @roadrandom / @east -> 004
| line 10: match=004
| line 9: key type PKK_PSK(@roadrandom) to type PKK_PSK
| 1: compared key %any to @roadrandom / @east -> 002
| 2: compared key %any to @roadrandom / @east -> 002
| line 9: match=002
| match 002 loses to best_match 014
| concluding with best_match=014 best=0x55ef3f83d238 (lineno=12)
| adding aggr outR1 DH work-order 2 for state #1
| state #1 requesting EVENT_RETRANSMIT to be deleted
| #1 STATE_AGGR_I1: retransmits: cleared
| libevent_free: release ptr-libevent@0x55ef3f81dc98
| free_event_entry: release EVENT_RETRANSMIT-pe@0x55ef3f840b88
| event_schedule: new EVENT_CRYPTO_TIMEOUT-pe@0x55ef3f840b88
| inserting event EVENT_CRYPTO_TIMEOUT, timeout in 60 seconds for #1
| libevent_malloc: new ptr-libevent@0x55ef3f81dc98 size 128
| complete v1 state transition with STF_SUSPEND
| [RE]START processing: state #1 connection "road-east" from 192.1.2.23 (in complete_v1_state_transition() at ikev1.c:2648)
| suspending state #1 and saving MD
| crypto helper 3 resuming
| crypto helper 3 starting work-order 2 for state #1
| #1 is busy; has a suspended MD
| crypto helper 3 doing compute dh+iv (V1 Phase 1) (aggr outR1 DH); request ID 2
| #1 spent 0.263 milliseconds in process_packet_tail()
| stop processing: from 192.1.2.23:500 (BACKGROUND) (in process_md() at demux.c:380)
| stop processing: state #1 connection "road-east" from 192.1.2.23 (in process_md() at demux.c:382)
| processing: STOP connection NULL (in process_md() at demux.c:383)
| spent 0.466 milliseconds in comm_handle_cb() reading and processing packet
| crypto helper 3 finished compute dh+iv (V1 Phase 1) (aggr outR1 DH); request ID 2 time elapsed 0.000602 seconds
| (#1) spent 0.607 milliseconds in crypto helper computing work-order 2: aggr outR1 DH (pcr)
| crypto helper 3 sending results from work-order 2 for state #1 to event queue
| scheduling resume sending helper answer for #1
| libevent_malloc: new ptr-libevent@0x7f86a0000f08 size 128
| crypto helper 3 waiting (nothing to do)
| processing resume sending helper answer for #1
| start processing: state #1 connection "road-east" from 192.1.2.23 (in resume_handler() at server.c:797)
| crypto helper 3 replies to request ID 2
| calling continuation function 0x55ef3e64eb50
| aggr inR1_outI2: calculated DH, sending I2
"road-east" #1: Peer ID is ID_FQDN: '@east'
| X509: no CERT payloads to process
| received 'Aggr' message HASH_R data ok
| thinking about whether to send my certificate:
|   I have RSA key: OAKLEY_PRESHARED_KEY cert.type: 0?? 
|   sendcert: CERT_ALWAYSSEND and I did not get a certificate request 
|   so do not send cert.
| I did not send a certificate because digital signatures are not being used. (PSK)
| **emit ISAKMP Message:
|    initiator cookie:
|   b7 39 42 85  45 99 81 7d
|    responder cookie:
|   80 99 c3 dc  05 37 71 eb
|    next payload type: ISAKMP_NEXT_NONE (0x0)
|    ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10)
|    exchange type: ISAKMP_XCHG_AGGR (0x4)
|    flags: ISAKMP_FLAG_v1_ENCRYPTION (0x1)
|    Message ID: 0 (0x0)
| next payload chain: saving message location 'ISAKMP Message'.'next payload type'
| sending NAT-D payloads
| natd_hash: hasher=0x55ef3e723ca0(32)
| natd_hash: icookie=  b7 39 42 85  45 99 81 7d
| natd_hash: rcookie=  80 99 c3 dc  05 37 71 eb
| natd_hash: ip=  c0 01 02 17
| natd_hash: port=500
| natd_hash: hash=  bf fa ec 40  77 13 35 14  e1 24 c5 f8  34 2b 30 3f
| natd_hash: hash=  05 f0 c1 39  f1 1a 82 b3  8f 69 65 d1  a7 05 f4 55
| ***emit ISAKMP NAT-D Payload:
|    next payload type: ISAKMP_NEXT_NATD_RFC (0x14)
| next payload chain: ignoring supplied 'ISAKMP NAT-D Payload'.'next payload type' value 20:ISAKMP_NEXT_NATD_RFC
| next payload chain: setting previous 'ISAKMP Message'.'next payload type' to current ISAKMP NAT-D Payload (20:ISAKMP_NEXT_NATD_RFC)
| next payload chain: saving location 'ISAKMP NAT-D Payload'.'next payload type' in 'reply packet'
| emitting 32 raw bytes of NAT-D into ISAKMP NAT-D Payload
| NAT-D  bf fa ec 40  77 13 35 14  e1 24 c5 f8  34 2b 30 3f
| NAT-D  05 f0 c1 39  f1 1a 82 b3  8f 69 65 d1  a7 05 f4 55
| emitting length of ISAKMP NAT-D Payload: 36
| natd_hash: hasher=0x55ef3e723ca0(32)
| natd_hash: icookie=  b7 39 42 85  45 99 81 7d
| natd_hash: rcookie=  80 99 c3 dc  05 37 71 eb
| natd_hash: ip=  c0 01 03 d1
| natd_hash: port=500
| natd_hash: hash=  02 82 fe 25  7b 10 0a 7c  fc 72 93 aa  21 58 24 68
| natd_hash: hash=  b2 0d 0a 8e  08 5c 46 78  9b f1 56 8c  fd b9 e3 e1
| ***emit ISAKMP NAT-D Payload:
|    next payload type: ISAKMP_NEXT_HASH (0x8)
| next payload chain: ignoring supplied 'ISAKMP NAT-D Payload'.'next payload type' value 8:ISAKMP_NEXT_HASH
| next payload chain: setting previous 'ISAKMP NAT-D Payload'.'next payload type' to current ISAKMP NAT-D Payload (20:ISAKMP_NEXT_NATD_RFC)
| next payload chain: saving location 'ISAKMP NAT-D Payload'.'next payload type' in 'reply packet'
| emitting 32 raw bytes of NAT-D into ISAKMP NAT-D Payload
| NAT-D  02 82 fe 25  7b 10 0a 7c  fc 72 93 aa  21 58 24 68
| NAT-D  b2 0d 0a 8e  08 5c 46 78  9b f1 56 8c  fd b9 e3 e1
| emitting length of ISAKMP NAT-D Payload: 36
| next payload chain: creating a fake payload for hashing identity
| **emit ISAKMP Identification Payload (IPsec DOI):
|    next payload type: ISAKMP_NEXT_NONE (0x0)
|    ID type: ID_FQDN (0x2)
|    Protocol ID: 0 (0x0)
|    port: 0 (0x0)
| next payload chain: no previous for current ISAKMP Identification Payload (IPsec DOI) (5:ISAKMP_NEXT_ID); assumed to be fake
| emitting 10 raw bytes of my identity into ISAKMP Identification Payload (IPsec DOI)
| my identity  72 6f 61 64  72 61 6e 64  6f 6d
| emitting length of ISAKMP Identification Payload (IPsec DOI): 18
| ***emit ISAKMP Hash Payload:
|    next payload type: ISAKMP_NEXT_NONE (0x0)
| next payload chain: setting previous 'ISAKMP NAT-D Payload'.'next payload type' to current ISAKMP Hash Payload (8:ISAKMP_NEXT_HASH)
| next payload chain: saving location 'ISAKMP Hash Payload'.'next payload type' in 'reply packet'
| emitting 32 raw bytes of HASH_I into ISAKMP Hash Payload
| HASH_I  e3 78 47 26  b2 5e 63 1c  9c 99 48 9f  cd 97 2c d7
| HASH_I  7b 04 9e aa  55 45 59 25  62 94 5a 60  26 07 c1 b6
| emitting length of ISAKMP Hash Payload: 36
| emitting 4 zero bytes of encryption padding into ISAKMP Message
| no IKEv1 message padding required
| emitting length of ISAKMP Message: 140
| phase 1 complete
| FOR_EACH_CONNECTION_... in ISAKMP_SA_established
| complete v1 state transition with STF_OK
| [RE]START processing: state #1 connection "road-east" from 192.1.2.23 (in complete_v1_state_transition() at ikev1.c:2673)
| #1 is idle
| doing_xauth:yes, t_xauth_client_done:no
| peer supports fragmentation
| peer supports DPD
| IKEv1: transition from state STATE_AGGR_I1 to state STATE_AGGR_I2
| parent state #1: AGGR_I1(half-open IKE SA) => AGGR_I2(established IKE SA)
| event_already_set, deleting event
| state #1 requesting EVENT_CRYPTO_TIMEOUT to be deleted
| libevent_free: release ptr-libevent@0x55ef3f81dc98
| free_event_entry: release EVENT_CRYPTO_TIMEOUT-pe@0x55ef3f840b88
| sending reply packet to 192.1.2.23:500 (from 192.1.3.209:500)
| sending 140 bytes for STATE_AGGR_I1 through eth0 from 192.1.3.209:500 to 192.1.2.23:500 (using #1)
|   b7 39 42 85  45 99 81 7d  80 99 c3 dc  05 37 71 eb
|   14 10 04 01  00 00 00 00  00 00 00 8c  b8 2b 3c 87
|   2c fc 10 57  42 3b 65 69  a1 56 5f 0a  18 7a 75 1f
|   f4 6b 19 e0  da d7 f6 e4  45 be f2 02  07 c6 e4 2c
|   4d 89 68 b7  46 09 02 f7  15 09 d8 0b  14 18 70 c7
|   8e 8b c4 47  cd 65 ec ae  a2 01 51 2a  b6 03 a3 1c
|   f2 ee 6e b2  43 44 d7 6c  da 20 31 36  ca 19 f8 e6
|   93 54 85 a4  b5 2f a9 4e  60 68 dc 8c  46 48 94 b7
|   5e 1a 43 8b  58 9b f8 c7  e5 d1 eb c9
| !event_already_set at reschedule
| event_schedule: new EVENT_SA_REPLACE-pe@0x55ef3f840b88
| inserting event EVENT_SA_REPLACE, timeout in 2607 seconds for #1
| libevent_malloc: new ptr-libevent@0x55ef3f83f728 size 128
| pstats #1 ikev1.isakmp established
"road-east" #1: STATE_AGGR_I2: sent AI2, ISAKMP SA established {auth=PRESHARED_KEY cipher=AES_CBC_256 integ=HMAC_SHA2_256 group=MODP1536}
| DPD: dpd_init() called on ISAKMP SA
| DPD: Peer supports Dead Peer Detection
| DPD: not initializing DPD because DPD is disabled locally
| XAUTH client is not yet authenticated
| resume sending helper answer for #1 suppresed complete_v1_state_transition()
| #1 spent 0.762 milliseconds in resume sending helper answer
| stop processing: state #1 connection "road-east" from 192.1.2.23 (in resume_handler() at server.c:833)
| libevent_free: release ptr-libevent@0x7f86a0000f08
| spent 0.00313 milliseconds in comm_handle_cb() calling check_incoming_msg_errqueue()
| *received 92 bytes from 192.1.2.23:500 on eth0 (192.1.3.209:500)
|   b7 39 42 85  45 99 81 7d  80 99 c3 dc  05 37 71 eb
|   08 10 06 01  7b 04 79 54  00 00 00 5c  ba 0f 01 01
|   7d 62 31 43  7f 80 0d 48  52 6d cb 3c  bc 3b 2d d3
|   7f ee bb 72  ae 80 51 2b  98 71 2e f2  bd 2e 53 5d
|   3e ab 5c 10  89 27 4c 5e  eb c8 96 66  3f 7c 53 ac
|   b8 bd 38 2b  24 6f a3 e2  0c 5c c8 2f
| start processing: from 192.1.2.23:500 (in process_md() at demux.c:378)
| **parse ISAKMP Message:
|    initiator cookie:
|   b7 39 42 85  45 99 81 7d
|    responder cookie:
|   80 99 c3 dc  05 37 71 eb
|    next payload type: ISAKMP_NEXT_HASH (0x8)
|    ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10)
|    exchange type: ISAKMP_XCHG_MODE_CFG (0x6)
|    flags: ISAKMP_FLAG_v1_ENCRYPTION (0x1)
|    Message ID: 2063890772 (0x7b047954)
|    length: 92 (0x5c)
|  processing version=1.0 packet with exchange type=ISAKMP_XCHG_MODE_CFG (6)
| peer and cookies match on #1; msgid=7b047954 st_msgid=00000000 st_msgid_phase15=00000000
| State DB: IKEv1 state not found (find_v1_info_state)
| No appropriate Mode Config state yet. See if we have a Main Mode state
| peer and cookies match on #1; msgid=00000000 st_msgid=00000000 st_msgid_phase15=00000000
| p15 state object #1 found, in STATE_AGGR_I2
| State DB: found IKEv1 state #1 in AGGR_I2 (find_v1_info_state)
| start processing: state #1 connection "road-east" from 192.1.2.23 (in process_v1_packet() at ikev1.c:1678)
|  processing received isakmp_xchg_type ISAKMP_XCHG_MODE_CFG.
|  this is a xauthclient modecfgclient
|  call  init_phase2_iv
|  set from_state to STATE_AGGR_I2 this is xauthclient and IS_PHASE1() is TRUE
| #1 is idle
| #1 idle
| received encrypted packet from 192.1.2.23:500
| got payload 0x100  (ISAKMP_NEXT_HASH) needed: 0x4100 opt: 0x2000
| ***parse ISAKMP Hash Payload:
|    next payload type: ISAKMP_NEXT_MODECFG (0xe)
|    length: 36 (0x24)
| got payload 0x4000  (ISAKMP_NEXT_MODECFG) needed: 0x4000 opt: 0x2000
| ***parse ISAKMP Mode Attribute:
|    next payload type: ISAKMP_NEXT_NONE (0x0)
|    length: 16 (0x10)
|    Attr Msg Type: ISAKMP_CFG_REQUEST (0x1)
|    Identifier: 0 (0x0)
| removing 12 bytes of padding
| xauth_inI0 HASH(1):
|   a8 ae ef 98  4f 35 2e f7  f6 b4 73 0c  d2 af 8c 05
|   bb f5 6c 91  d7 8b 8d 36  4b ad 54 2f  0c e7 20 1c
| received 'xauth_inI0' message HASH(1) data ok
| **emit ISAKMP Message:
|    initiator cookie:
|   b7 39 42 85  45 99 81 7d
|    responder cookie:
|   80 99 c3 dc  05 37 71 eb
|    next payload type: ISAKMP_NEXT_HASH (0x8)
|    ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10)
|    exchange type: ISAKMP_XCHG_MODE_CFG (0x6)
|    flags: ISAKMP_FLAG_v1_ENCRYPTION (0x1)
|    Message ID: 2063890772 (0x7b047954)
| next payload chain: saving message location 'ISAKMP Message'.'next payload type'
| next payload chain: ignoring supplied 'ISAKMP Message'.'next payload type' value 8:ISAKMP_NEXT_HASH
| arrived in xauth_inI0
"road-east" #1: IMPAIR: drop XAUTH R0 message 
| complete v1 state transition with STF_FAIL
| [RE]START processing: state #1 connection "road-east" from 192.1.2.23 (in complete_v1_state_transition() at ikev1.c:2673)
| #1 is idle
| state transition function for STATE_AGGR_I2 failed: failed
| #1 spent 0.146 milliseconds in process_packet_tail()
| stop processing: from 192.1.2.23:500 (BACKGROUND) (in process_md() at demux.c:380)
| stop processing: state #1 connection "road-east" from 192.1.2.23 (in process_md() at demux.c:382)
| processing: STOP connection NULL (in process_md() at demux.c:383)
| spent 0.341 milliseconds in comm_handle_cb() reading and processing packet
| spent 0.00247 milliseconds in comm_handle_cb() calling check_incoming_msg_errqueue()
| *received 92 bytes from 192.1.2.23:500 on eth0 (192.1.3.209:500)
|   b7 39 42 85  45 99 81 7d  80 99 c3 dc  05 37 71 eb
|   08 10 06 01  7b 04 79 54  00 00 00 5c  ba 0f 01 01
|   7d 62 31 43  7f 80 0d 48  52 6d cb 3c  bc 3b 2d d3
|   7f ee bb 72  ae 80 51 2b  98 71 2e f2  bd 2e 53 5d
|   3e ab 5c 10  89 27 4c 5e  eb c8 96 66  3f 7c 53 ac
|   b8 bd 38 2b  24 6f a3 e2  0c 5c c8 2f
| start processing: from 192.1.2.23:500 (in process_md() at demux.c:378)
| **parse ISAKMP Message:
|    initiator cookie:
|   b7 39 42 85  45 99 81 7d
|    responder cookie:
|   80 99 c3 dc  05 37 71 eb
|    next payload type: ISAKMP_NEXT_HASH (0x8)
|    ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10)
|    exchange type: ISAKMP_XCHG_MODE_CFG (0x6)
|    flags: ISAKMP_FLAG_v1_ENCRYPTION (0x1)
|    Message ID: 2063890772 (0x7b047954)
|    length: 92 (0x5c)
|  processing version=1.0 packet with exchange type=ISAKMP_XCHG_MODE_CFG (6)
| peer and cookies match on #1; msgid=7b047954 st_msgid=00000000 st_msgid_phase15=00000000
| State DB: IKEv1 state not found (find_v1_info_state)
| No appropriate Mode Config state yet. See if we have a Main Mode state
| peer and cookies match on #1; msgid=00000000 st_msgid=00000000 st_msgid_phase15=00000000
| p15 state object #1 found, in STATE_AGGR_I2
| State DB: found IKEv1 state #1 in AGGR_I2 (find_v1_info_state)
| start processing: state #1 connection "road-east" from 192.1.2.23 (in process_v1_packet() at ikev1.c:1678)
|  processing received isakmp_xchg_type ISAKMP_XCHG_MODE_CFG.
|  this is a xauthclient modecfgclient
|  call  init_phase2_iv
|  set from_state to STATE_AGGR_I2 this is xauthclient and IS_PHASE1() is TRUE
| #1 is idle
| #1 idle
| received encrypted packet from 192.1.2.23:500
| got payload 0x100  (ISAKMP_NEXT_HASH) needed: 0x4100 opt: 0x2000
| ***parse ISAKMP Hash Payload:
|    next payload type: ISAKMP_NEXT_MODECFG (0xe)
|    length: 36 (0x24)
| got payload 0x4000  (ISAKMP_NEXT_MODECFG) needed: 0x4000 opt: 0x2000
| ***parse ISAKMP Mode Attribute:
|    next payload type: ISAKMP_NEXT_NONE (0x0)
|    length: 16 (0x10)
|    Attr Msg Type: ISAKMP_CFG_REQUEST (0x1)
|    Identifier: 0 (0x0)
| removing 12 bytes of padding
| xauth_inI0 HASH(1):
|   a8 ae ef 98  4f 35 2e f7  f6 b4 73 0c  d2 af 8c 05
|   bb f5 6c 91  d7 8b 8d 36  4b ad 54 2f  0c e7 20 1c
| received 'xauth_inI0' message HASH(1) data ok
| **emit ISAKMP Message:
|    initiator cookie:
|   b7 39 42 85  45 99 81 7d
|    responder cookie:
|   80 99 c3 dc  05 37 71 eb
|    next payload type: ISAKMP_NEXT_HASH (0x8)
|    ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10)
|    exchange type: ISAKMP_XCHG_MODE_CFG (0x6)
|    flags: ISAKMP_FLAG_v1_ENCRYPTION (0x1)
|    Message ID: 2063890772 (0x7b047954)
| next payload chain: saving message location 'ISAKMP Message'.'next payload type'
| next payload chain: ignoring supplied 'ISAKMP Message'.'next payload type' value 8:ISAKMP_NEXT_HASH
| arrived in xauth_inI0
"road-east" #1: IMPAIR: drop XAUTH R0 message 
| complete v1 state transition with STF_FAIL
| [RE]START processing: state #1 connection "road-east" from 192.1.2.23 (in complete_v1_state_transition() at ikev1.c:2673)
| #1 is idle
| state transition function for STATE_AGGR_I2 failed: failed
| #1 spent 0.116 milliseconds in process_packet_tail()
| stop processing: from 192.1.2.23:500 (BACKGROUND) (in process_md() at demux.c:380)
| stop processing: state #1 connection "road-east" from 192.1.2.23 (in process_md() at demux.c:382)
| processing: STOP connection NULL (in process_md() at demux.c:383)
| spent 0.312 milliseconds in comm_handle_cb() reading and processing packet
| spent 0.00291 milliseconds in comm_handle_cb() calling check_incoming_msg_errqueue()
| *received 92 bytes from 192.1.2.23:500 on eth0 (192.1.3.209:500)
|   b7 39 42 85  45 99 81 7d  80 99 c3 dc  05 37 71 eb
|   08 10 06 01  7b 04 79 54  00 00 00 5c  ba 0f 01 01
|   7d 62 31 43  7f 80 0d 48  52 6d cb 3c  bc 3b 2d d3
|   7f ee bb 72  ae 80 51 2b  98 71 2e f2  bd 2e 53 5d
|   3e ab 5c 10  89 27 4c 5e  eb c8 96 66  3f 7c 53 ac
|   b8 bd 38 2b  24 6f a3 e2  0c 5c c8 2f
| start processing: from 192.1.2.23:500 (in process_md() at demux.c:378)
| **parse ISAKMP Message:
|    initiator cookie:
|   b7 39 42 85  45 99 81 7d
|    responder cookie:
|   80 99 c3 dc  05 37 71 eb
|    next payload type: ISAKMP_NEXT_HASH (0x8)
|    ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10)
|    exchange type: ISAKMP_XCHG_MODE_CFG (0x6)
|    flags: ISAKMP_FLAG_v1_ENCRYPTION (0x1)
|    Message ID: 2063890772 (0x7b047954)
|    length: 92 (0x5c)
|  processing version=1.0 packet with exchange type=ISAKMP_XCHG_MODE_CFG (6)
| peer and cookies match on #1; msgid=7b047954 st_msgid=00000000 st_msgid_phase15=00000000
| State DB: IKEv1 state not found (find_v1_info_state)
| No appropriate Mode Config state yet. See if we have a Main Mode state
| peer and cookies match on #1; msgid=00000000 st_msgid=00000000 st_msgid_phase15=00000000
| p15 state object #1 found, in STATE_AGGR_I2
| State DB: found IKEv1 state #1 in AGGR_I2 (find_v1_info_state)
| start processing: state #1 connection "road-east" from 192.1.2.23 (in process_v1_packet() at ikev1.c:1678)
|  processing received isakmp_xchg_type ISAKMP_XCHG_MODE_CFG.
|  this is a xauthclient modecfgclient
|  call  init_phase2_iv
|  set from_state to STATE_AGGR_I2 this is xauthclient and IS_PHASE1() is TRUE
| #1 is idle
| #1 idle
| received encrypted packet from 192.1.2.23:500
| got payload 0x100  (ISAKMP_NEXT_HASH) needed: 0x4100 opt: 0x2000
| ***parse ISAKMP Hash Payload:
|    next payload type: ISAKMP_NEXT_MODECFG (0xe)
|    length: 36 (0x24)
| got payload 0x4000  (ISAKMP_NEXT_MODECFG) needed: 0x4000 opt: 0x2000
| ***parse ISAKMP Mode Attribute:
|    next payload type: ISAKMP_NEXT_NONE (0x0)
|    length: 16 (0x10)
|    Attr Msg Type: ISAKMP_CFG_REQUEST (0x1)
|    Identifier: 0 (0x0)
| removing 12 bytes of padding
| xauth_inI0 HASH(1):
|   a8 ae ef 98  4f 35 2e f7  f6 b4 73 0c  d2 af 8c 05
|   bb f5 6c 91  d7 8b 8d 36  4b ad 54 2f  0c e7 20 1c
| received 'xauth_inI0' message HASH(1) data ok
| **emit ISAKMP Message:
|    initiator cookie:
|   b7 39 42 85  45 99 81 7d
|    responder cookie:
|   80 99 c3 dc  05 37 71 eb
|    next payload type: ISAKMP_NEXT_HASH (0x8)
|    ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10)
|    exchange type: ISAKMP_XCHG_MODE_CFG (0x6)
|    flags: ISAKMP_FLAG_v1_ENCRYPTION (0x1)
|    Message ID: 2063890772 (0x7b047954)
| next payload chain: saving message location 'ISAKMP Message'.'next payload type'
| next payload chain: ignoring supplied 'ISAKMP Message'.'next payload type' value 8:ISAKMP_NEXT_HASH
| arrived in xauth_inI0
"road-east" #1: IMPAIR: drop XAUTH R0 message 
| complete v1 state transition with STF_FAIL
| [RE]START processing: state #1 connection "road-east" from 192.1.2.23 (in complete_v1_state_transition() at ikev1.c:2673)
| #1 is idle
| state transition function for STATE_AGGR_I2 failed: failed
| #1 spent 0.686 milliseconds in process_packet_tail()
| stop processing: from 192.1.2.23:500 (BACKGROUND) (in process_md() at demux.c:380)
| stop processing: state #1 connection "road-east" from 192.1.2.23 (in process_md() at demux.c:382)
| processing: STOP connection NULL (in process_md() at demux.c:383)
| spent 0.835 milliseconds in comm_handle_cb() reading and processing packet
| spent 0.00283 milliseconds in comm_handle_cb() calling check_incoming_msg_errqueue()
| *received 92 bytes from 192.1.2.23:500 on eth0 (192.1.3.209:500)
|   b7 39 42 85  45 99 81 7d  80 99 c3 dc  05 37 71 eb
|   08 10 05 01  de 96 ea 07  00 00 00 5c  7d f8 e0 b9
|   e5 a2 71 c2  91 35 b1 0c  39 74 f3 6f  e8 79 99 02
|   e7 34 b0 ba  d9 4e e8 d8  0e 14 11 d1  2b 72 66 51
|   81 45 32 07  72 0f 03 27  ed 67 1a 2e  94 d0 9c 1b
|   54 57 94 42  9d 54 ce 91  b4 44 8a b6
| start processing: from 192.1.2.23:500 (in process_md() at demux.c:378)
| **parse ISAKMP Message:
|    initiator cookie:
|   b7 39 42 85  45 99 81 7d
|    responder cookie:
|   80 99 c3 dc  05 37 71 eb
|    next payload type: ISAKMP_NEXT_HASH (0x8)
|    ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10)
|    exchange type: ISAKMP_XCHG_INFO (0x5)
|    flags: ISAKMP_FLAG_v1_ENCRYPTION (0x1)
|    Message ID: 3734432263 (0xde96ea07)
|    length: 92 (0x5c)
|  processing version=1.0 packet with exchange type=ISAKMP_XCHG_INFO (5)
| peer and cookies match on #1; msgid=00000000 st_msgid=00000000 st_msgid_phase15=00000000
| p15 state object #1 found, in STATE_AGGR_I2
| State DB: found IKEv1 state #1 in AGGR_I2 (find_v1_info_state)
| start processing: state #1 connection "road-east" from 192.1.2.23 (in process_v1_packet() at ikev1.c:1479)
| #1 is idle
| #1 idle
| received encrypted packet from 192.1.2.23:500
| got payload 0x100  (ISAKMP_NEXT_HASH) needed: 0x100 opt: 0x0
| ***parse ISAKMP Hash Payload:
|    next payload type: ISAKMP_NEXT_D (0xc)
|    length: 36 (0x24)
| got payload 0x1000  (ISAKMP_NEXT_D) needed: 0x0 opt: 0x0
| ***parse ISAKMP Delete Payload:
|    next payload type: ISAKMP_NEXT_NONE (0x0)
|    length: 28 (0x1c)
|    DOI: ISAKMP_DOI_IPSEC (0x1)
|    protocol ID: 1 (0x1)
|    SPI size: 16 (0x10)
|    number of SPIs: 1 (0x1)
| informational HASH(1):
|   65 2d e5 6b  0f 63 85 bb  2e 6b e3 91  52 31 b9 72
|   2e 9b 6f 82  3a 78 7a 7b  1c da 0b 6b  2e 37 75 0f
| received 'informational' message HASH(1) data ok
| parsing 8 raw bytes of ISAKMP Delete Payload into iCookie
| iCookie  b7 39 42 85  45 99 81 7d
| parsing 8 raw bytes of ISAKMP Delete Payload into rCookie
| rCookie  80 99 c3 dc  05 37 71 eb
| State DB: found IKEv1 state #1 in AGGR_I2 (find_state_ikev1)
| del:
"road-east" #1: received Delete SA payload: self-deleting ISAKMP State #1
| pstats #1 ikev1.isakmp deleted completed
| [RE]START processing: state #1 connection "road-east" from 192.1.2.23 (in delete_state() at state.c:879)
"road-east" #1: deleting state (STATE_AGGR_I2) aged 8.095s and sending notification
| parent state #1: AGGR_I2(established IKE SA) => delete
| #1 send IKEv1 delete notification for STATE_AGGR_I2
| **emit ISAKMP Message:
|    initiator cookie:
|   b7 39 42 85  45 99 81 7d
|    responder cookie:
|   80 99 c3 dc  05 37 71 eb
|    next payload type: ISAKMP_NEXT_NONE (0x0)
|    ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10)
|    exchange type: ISAKMP_XCHG_INFO (0x5)
|    flags: ISAKMP_FLAG_v1_ENCRYPTION (0x1)
|    Message ID: 3719944305 (0xddb9d871)
| next payload chain: saving message location 'ISAKMP Message'.'next payload type'
| ***emit ISAKMP Hash Payload:
|    next payload type: ISAKMP_NEXT_NONE (0x0)
| next payload chain: setting previous 'ISAKMP Message'.'next payload type' to current ISAKMP Hash Payload (8:ISAKMP_NEXT_HASH)
| next payload chain: saving location 'ISAKMP Hash Payload'.'next payload type' in 'delete msg'
| emitting 32 zero bytes of HASH DATA into ISAKMP Hash Payload
| emitting length of ISAKMP Hash Payload: 36
| ***emit ISAKMP Delete Payload:
|    next payload type: ISAKMP_NEXT_NONE (0x0)
|    DOI: ISAKMP_DOI_IPSEC (0x1)
|    protocol ID: 1 (0x1)
|    SPI size: 16 (0x10)
|    number of SPIs: 1 (0x1)
| next payload chain: setting previous 'ISAKMP Hash Payload'.'next payload type' to current ISAKMP Delete Payload (12:ISAKMP_NEXT_D)
| next payload chain: saving location 'ISAKMP Delete Payload'.'next payload type' in 'delete msg'
| emitting 8 raw bytes of initiator SPI into ISAKMP Delete Payload
| initiator SPI  b7 39 42 85  45 99 81 7d
| emitting 8 raw bytes of responder SPI into ISAKMP Delete Payload
| responder SPI  80 99 c3 dc  05 37 71 eb
| emitting length of ISAKMP Delete Payload: 28
| send delete HASH(1):
|   88 1d eb 2b  d4 32 96 b4  9d 3a 22 9f  2c a1 f3 f3
|   3a 55 cf 92  7a 1b f9 ce  e6 46 85 c7  d6 ba 84 66
| no IKEv1 message padding required
| emitting length of ISAKMP Message: 92
| sending 92 bytes for delete notify through eth0 from 192.1.3.209:500 to 192.1.2.23:500 (using #1)
|   b7 39 42 85  45 99 81 7d  80 99 c3 dc  05 37 71 eb
|   08 10 05 01  dd b9 d8 71  00 00 00 5c  91 15 d2 80
|   d1 04 8b 1a  8b ce fe 85  1d 4b 1b d1  b2 88 0b 52
|   f8 74 c7 c8  56 a8 b9 87  ac 51 f8 50  f2 c8 98 76
|   2a e9 fc 4c  39 b0 c2 47  35 00 e4 d7  b7 fe 7f a5
|   ed 13 13 61  c9 7a 8e 56  a0 a9 be c3
| state #1 requesting EVENT_SA_REPLACE to be deleted
| libevent_free: release ptr-libevent@0x55ef3f83f728
| free_event_entry: release EVENT_SA_REPLACE-pe@0x55ef3f840b88
| in connection_discard for connection road-east
| close_any(fd@23) (in delete_pending() at pending.c:244)
| removing pending policy for "road-east" {0x55ef3f7f2758}
| State DB: IKEv1 state not found (flush_incomplete_children)
| picked newest_isakmp_sa #0 for #1
"road-east" #1: deleting IKE SA for connection 'road-east' but connection is supposed to remain up; schedule EVENT_REVIVE_CONNS
| add revival: connection 'road-east' added to the list and scheduled for 0 seconds
| global one-shot timer EVENT_REVIVE_CONNS scheduled in 0 seconds
| in connection_discard for connection road-east
| State DB: deleting IKEv1 state #1 in AGGR_I2
| parent state #1: AGGR_I2(established IKE SA) => UNDEFINED(ignore)
| close_any(fd@22) (in release_whack() at state.c:654)
| stop processing: state #1 from 192.1.2.23 (in delete_state() at state.c:1143)
| in statetime_start() with no state
| complete v1 state transition with STF_IGNORE
| stop processing: from 192.1.2.23:500 (in process_md() at demux.c:380)
| processing: STOP state #0 (in process_md() at demux.c:382)
| processing: STOP connection NULL (in process_md() at demux.c:383)
| spent 0.439 milliseconds in comm_handle_cb() reading and processing packet
| processing global timer EVENT_REVIVE_CONNS
Initiating connection road-east which received a Delete/Notify but must remain up per local policy
| FOR_EACH_CONNECTION_... in conn_by_name
| start processing: connection "road-east" (in initiate_a_connection() at initiate.c:186)
| empty esp_info, returning defaults for ENCRYPT
| connection 'road-east' +POLICY_UP
| dup_any(fd@-1) -> fd@-1 (in initiate_a_connection() at initiate.c:342)
| FOR_EACH_STATE_... in find_phase1_state
"road-east": IKEv1 Aggressive Mode with PSK is vulnerable to dictionary attacks and is cracked on large scale by TLA's
| creating state object #2 at 0x55ef3f83d488
| State DB: adding IKEv1 state #2 in UNDEFINED
| pstats #2 ikev1.isakmp started
| parent state #2: UNDEFINED(ignore) => AGGR_I1(half-open IKE SA)
| suspend processing: connection "road-east" (in aggr_outI1() at ikev1_aggr.c:1015)
| start processing: state #2 connection "road-east" from 192.1.2.23 (in aggr_outI1() at ikev1_aggr.c:1015)
| no specific IKE algorithms specified - using defaults
| oakley_alg_makedb() processing ealg=aes=7 halg=sha2_256=4 modp=MODP2048=14 eklen=0
| oakley_alg_makedb() processing ealg=aes=7 halg=sha2_512=6 modp=MODP2048=14 eklen=0
| oakley_alg_makedb() processing ealg=aes=7 halg=sha=2 modp=MODP2048=14 eklen=0
| oakley_alg_makedb() processing ealg=aes=7 halg=sha2_256=4 modp=MODP1536=5 eklen=0
"road-east" #2: multiple DH groups in aggressive mode can cause interop failure
"road-east" #2: Deleting previous proposal in the hopes of selecting DH 2 or DH 5
| oakley_alg_makedb() processing ealg=aes=7 halg=sha2_512=6 modp=MODP1536=5 eklen=0
| oakley_alg_makedb() processing ealg=aes=7 halg=sha=2 modp=MODP1536=5 eklen=0
| oakley_alg_makedb() processing ealg=3des_cbc=5 halg=sha2_256=4 modp=MODP2048=14 eklen=0
"road-east" #2: transform (OAKLEY_3DES_CBC,OAKLEY_SHA2_256,MODP2048 keylen 0) ignored.
| oakley_alg_makedb() processing ealg=3des_cbc=5 halg=sha2_512=6 modp=MODP2048=14 eklen=0
"road-east" #2: transform (OAKLEY_3DES_CBC,OAKLEY_SHA2_512,MODP2048 keylen 0) ignored.
| oakley_alg_makedb() processing ealg=3des_cbc=5 halg=sha=2 modp=MODP2048=14 eklen=0
"road-east" #2: transform (OAKLEY_3DES_CBC,OAKLEY_SHA1,MODP2048 keylen 0) ignored.
| oakley_alg_makedb() processing ealg=3des_cbc=5 halg=sha2_256=4 modp=MODP1536=5 eklen=0
| oakley_alg_makedb() processing ealg=3des_cbc=5 halg=sha2_512=6 modp=MODP1536=5 eklen=0
| oakley_alg_makedb() processing ealg=3des_cbc=5 halg=sha=2 modp=MODP1536=5 eklen=0
| oakley_alg_makedb() returning 0x55ef3f83e798
| initiating aggressive mode with IKE=E=7-H=4-M=5
| dup_any(fd@-1) -> fd@-1 (in aggr_outI1() at ikev1_aggr.c:1031)
| Queuing pending IPsec SA negotiating with 192.1.2.23 "road-east" IKE SA #2 "road-east"
"road-east" #2: initiating Aggressive Mode
| adding aggr_outI1 KE + nonce work-order 3 for state #2
| event_schedule: new EVENT_CRYPTO_TIMEOUT-pe@0x55ef3f840b88
| inserting event EVENT_CRYPTO_TIMEOUT, timeout in 60 seconds for #2
| libevent_malloc: new ptr-libevent@0x7f86a0000f08 size 128
| #2 spent 0.157 milliseconds in aggr_outI1()
| RESET processing: state #2 connection "road-east" from 192.1.2.23 (in aggr_outI1() at ikev1_aggr.c:1054)
| crypto helper 4 resuming
| crypto helper 4 starting work-order 3 for state #2
| RESET processing: connection "road-east" (in aggr_outI1() at ikev1_aggr.c:1054)
| crypto helper 4 doing build KE and nonce (aggr_outI1 KE + nonce); request ID 3
| processing: STOP connection NULL (in initiate_a_connection() at initiate.c:349)
| spent 0.186 milliseconds in global timer EVENT_REVIVE_CONNS
| crypto helper 4 finished build KE and nonce (aggr_outI1 KE + nonce); request ID 3 time elapsed 0.000523 seconds
| (#2) spent 0.529 milliseconds in crypto helper computing work-order 3: aggr_outI1 KE + nonce (pcr)
| crypto helper 4 sending results from work-order 3 for state #2 to event queue
| scheduling resume sending helper answer for #2
| libevent_malloc: new ptr-libevent@0x7f86a4001af8 size 128
| crypto helper 4 waiting (nothing to do)
| processing resume sending helper answer for #2
| start processing: state #2 connection "road-east" from 192.1.2.23 (in resume_handler() at server.c:797)
| crypto helper 4 replies to request ID 3
| calling continuation function 0x55ef3e64eb50
| aggr_outI1_continue for #2: calculated ke+nonce, sending I1
| aggr_outI1_tail for #2
| **emit ISAKMP Message:
|    initiator cookie:
|   62 ce 45 2c  07 54 0f a2
|    responder cookie:
|   00 00 00 00  00 00 00 00
|    next payload type: ISAKMP_NEXT_SA (0x1)
|    ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10)
|    exchange type: ISAKMP_XCHG_AGGR (0x4)
|    flags: none (0x0)
|    Message ID: 0 (0x0)
| next payload chain: saving message location 'ISAKMP Message'.'next payload type'
| next payload chain: ignoring supplied 'ISAKMP Message'.'next payload type' value 1:ISAKMP_NEXT_SA
| no specific IKE algorithms specified - using defaults
| oakley_alg_makedb() processing ealg=aes=7 halg=sha2_256=4 modp=MODP2048=14 eklen=0
| oakley_alg_makedb() processing ealg=aes=7 halg=sha2_512=6 modp=MODP2048=14 eklen=0
| oakley_alg_makedb() processing ealg=aes=7 halg=sha=2 modp=MODP2048=14 eklen=0
| oakley_alg_makedb() processing ealg=aes=7 halg=sha2_256=4 modp=MODP1536=5 eklen=0
"road-east" #2: multiple DH groups in aggressive mode can cause interop failure
"road-east" #2: Deleting previous proposal in the hopes of selecting DH 2 or DH 5
| oakley_alg_makedb() processing ealg=aes=7 halg=sha2_512=6 modp=MODP1536=5 eklen=0
| oakley_alg_makedb() processing ealg=aes=7 halg=sha=2 modp=MODP1536=5 eklen=0
| oakley_alg_makedb() processing ealg=3des_cbc=5 halg=sha2_256=4 modp=MODP2048=14 eklen=0
"road-east" #2: transform (OAKLEY_3DES_CBC,OAKLEY_SHA2_256,MODP2048 keylen 0) ignored.
| oakley_alg_makedb() processing ealg=3des_cbc=5 halg=sha2_512=6 modp=MODP2048=14 eklen=0
"road-east" #2: transform (OAKLEY_3DES_CBC,OAKLEY_SHA2_512,MODP2048 keylen 0) ignored.
| oakley_alg_makedb() processing ealg=3des_cbc=5 halg=sha=2 modp=MODP2048=14 eklen=0
"road-east" #2: transform (OAKLEY_3DES_CBC,OAKLEY_SHA1,MODP2048 keylen 0) ignored.
| oakley_alg_makedb() processing ealg=3des_cbc=5 halg=sha2_256=4 modp=MODP1536=5 eklen=0
| oakley_alg_makedb() processing ealg=3des_cbc=5 halg=sha2_512=6 modp=MODP1536=5 eklen=0
| oakley_alg_makedb() processing ealg=3des_cbc=5 halg=sha=2 modp=MODP1536=5 eklen=0
| oakley_alg_makedb() returning 0x55ef3f840058
| ***emit ISAKMP Security Association Payload:
|    next payload type: ISAKMP_NEXT_KE (0x4)
|    DOI: ISAKMP_DOI_IPSEC (0x1)
| next payload chain: ignoring supplied 'ISAKMP Security Association Payload'.'next payload type' value 4:ISAKMP_NEXT_KE
| next payload chain: setting previous 'ISAKMP Message'.'next payload type' to current ISAKMP Security Association Payload (1:ISAKMP_NEXT_SA)
| next payload chain: saving location 'ISAKMP Security Association Payload'.'next payload type' in 'reply packet'
| ****emit IPsec DOI SIT:
|    IPsec DOI SIT: SIT_IDENTITY_ONLY (0x1)
| ikev1_out_sa pcn: 0 has 1 valid proposals
| ikev1_out_sa pcn: 0 pn: 0<1 valid_count: 1 trans_cnt: 9
| ****emit ISAKMP Proposal Payload:
|    next payload type: ISAKMP_NEXT_NONE (0x0)
|    proposal number: 0 (0x0)
|    protocol ID: PROTO_ISAKMP (0x1)
|    SPI size: 0 (0x0)
|    number of transforms: 9 (0x9)
| last substructure: saving location 'ISAKMP Security Association Payload'.'ISAKMP Proposal Payload'.'next payload type'
| *****emit ISAKMP Transform Payload (ISAKMP):
|    next payload type: ISAKMP_NEXT_T (0x3)
|    ISAKMP transform number: 0 (0x0)
|    ISAKMP transform ID: KEY_IKE (0x1)
| last substructure: saving location 'ISAKMP Proposal Payload'.'ISAKMP Transform Payload (ISAKMP)'.'next payload type'
| ******emit ISAKMP Oakley attribute:
|    af+type: AF+OAKLEY_LIFE_TYPE (0x800b)
|    length/value: 1 (0x1)
|     [1 is OAKLEY_LIFE_SECONDS]
| ******emit ISAKMP Oakley attribute:
|    af+type: AF+OAKLEY_LIFE_DURATION (variable length) (0x800c)
|    length/value: 3600 (0xe10)
| ******emit ISAKMP Oakley attribute:
|    af+type: AF+OAKLEY_ENCRYPTION_ALGORITHM (0x8001)
|    length/value: 7 (0x7)
|     [7 is OAKLEY_AES_CBC]
| ******emit ISAKMP Oakley attribute:
|    af+type: AF+OAKLEY_HASH_ALGORITHM (0x8002)
|    length/value: 4 (0x4)
|     [4 is OAKLEY_SHA2_256]
| ******emit ISAKMP Oakley attribute:
|    af+type: AF+OAKLEY_AUTHENTICATION_METHOD (0x8003)
|    length/value: 65001 (0xfde9)
|     [65001 is XAUTHInitPreShared]
| ******emit ISAKMP Oakley attribute:
|    af+type: AF+OAKLEY_GROUP_DESCRIPTION (0x8004)
|    length/value: 5 (0x5)
|     [5 is OAKLEY_GROUP_MODP1536]
| ******emit ISAKMP Oakley attribute:
|    af+type: AF+OAKLEY_KEY_LENGTH (0x800e)
|    length/value: 256 (0x100)
| emitting length of ISAKMP Transform Payload (ISAKMP): 36
| *****emit ISAKMP Transform Payload (ISAKMP):
|    next payload type: ISAKMP_NEXT_T (0x3)
|    ISAKMP transform number: 1 (0x1)
|    ISAKMP transform ID: KEY_IKE (0x1)
| last substructure: checking 'ISAKMP Proposal Payload'.'ISAKMP Transform Payload (ISAKMP)'.'next payload type' is ISAKMP_NEXT_T (0x3)
| last substructure: saving location 'ISAKMP Proposal Payload'.'ISAKMP Transform Payload (ISAKMP)'.'next payload type'
| ******emit ISAKMP Oakley attribute:
|    af+type: AF+OAKLEY_LIFE_TYPE (0x800b)
|    length/value: 1 (0x1)
|     [1 is OAKLEY_LIFE_SECONDS]
| ******emit ISAKMP Oakley attribute:
|    af+type: AF+OAKLEY_LIFE_DURATION (variable length) (0x800c)
|    length/value: 3600 (0xe10)
| ******emit ISAKMP Oakley attribute:
|    af+type: AF+OAKLEY_ENCRYPTION_ALGORITHM (0x8001)
|    length/value: 7 (0x7)
|     [7 is OAKLEY_AES_CBC]
| ******emit ISAKMP Oakley attribute:
|    af+type: AF+OAKLEY_HASH_ALGORITHM (0x8002)
|    length/value: 4 (0x4)
|     [4 is OAKLEY_SHA2_256]
| ******emit ISAKMP Oakley attribute:
|    af+type: AF+OAKLEY_AUTHENTICATION_METHOD (0x8003)
|    length/value: 65001 (0xfde9)
|     [65001 is XAUTHInitPreShared]
| ******emit ISAKMP Oakley attribute:
|    af+type: AF+OAKLEY_GROUP_DESCRIPTION (0x8004)
|    length/value: 5 (0x5)
|     [5 is OAKLEY_GROUP_MODP1536]
| ******emit ISAKMP Oakley attribute:
|    af+type: AF+OAKLEY_KEY_LENGTH (0x800e)
|    length/value: 128 (0x80)
| emitting length of ISAKMP Transform Payload (ISAKMP): 36
| *****emit ISAKMP Transform Payload (ISAKMP):
|    next payload type: ISAKMP_NEXT_T (0x3)
|    ISAKMP transform number: 2 (0x2)
|    ISAKMP transform ID: KEY_IKE (0x1)
| last substructure: checking 'ISAKMP Proposal Payload'.'ISAKMP Transform Payload (ISAKMP)'.'next payload type' is ISAKMP_NEXT_T (0x3)
| last substructure: saving location 'ISAKMP Proposal Payload'.'ISAKMP Transform Payload (ISAKMP)'.'next payload type'
| ******emit ISAKMP Oakley attribute:
|    af+type: AF+OAKLEY_LIFE_TYPE (0x800b)
|    length/value: 1 (0x1)
|     [1 is OAKLEY_LIFE_SECONDS]
| ******emit ISAKMP Oakley attribute:
|    af+type: AF+OAKLEY_LIFE_DURATION (variable length) (0x800c)
|    length/value: 3600 (0xe10)
| ******emit ISAKMP Oakley attribute:
|    af+type: AF+OAKLEY_ENCRYPTION_ALGORITHM (0x8001)
|    length/value: 7 (0x7)
|     [7 is OAKLEY_AES_CBC]
| ******emit ISAKMP Oakley attribute:
|    af+type: AF+OAKLEY_HASH_ALGORITHM (0x8002)
|    length/value: 6 (0x6)
|     [6 is OAKLEY_SHA2_512]
| ******emit ISAKMP Oakley attribute:
|    af+type: AF+OAKLEY_AUTHENTICATION_METHOD (0x8003)
|    length/value: 65001 (0xfde9)
|     [65001 is XAUTHInitPreShared]
| ******emit ISAKMP Oakley attribute:
|    af+type: AF+OAKLEY_GROUP_DESCRIPTION (0x8004)
|    length/value: 5 (0x5)
|     [5 is OAKLEY_GROUP_MODP1536]
| ******emit ISAKMP Oakley attribute:
|    af+type: AF+OAKLEY_KEY_LENGTH (0x800e)
|    length/value: 256 (0x100)
| emitting length of ISAKMP Transform Payload (ISAKMP): 36
| *****emit ISAKMP Transform Payload (ISAKMP):
|    next payload type: ISAKMP_NEXT_T (0x3)
|    ISAKMP transform number: 3 (0x3)
|    ISAKMP transform ID: KEY_IKE (0x1)
| last substructure: checking 'ISAKMP Proposal Payload'.'ISAKMP Transform Payload (ISAKMP)'.'next payload type' is ISAKMP_NEXT_T (0x3)
| last substructure: saving location 'ISAKMP Proposal Payload'.'ISAKMP Transform Payload (ISAKMP)'.'next payload type'
| ******emit ISAKMP Oakley attribute:
|    af+type: AF+OAKLEY_LIFE_TYPE (0x800b)
|    length/value: 1 (0x1)
|     [1 is OAKLEY_LIFE_SECONDS]
| ******emit ISAKMP Oakley attribute:
|    af+type: AF+OAKLEY_LIFE_DURATION (variable length) (0x800c)
|    length/value: 3600 (0xe10)
| ******emit ISAKMP Oakley attribute:
|    af+type: AF+OAKLEY_ENCRYPTION_ALGORITHM (0x8001)
|    length/value: 7 (0x7)
|     [7 is OAKLEY_AES_CBC]
| ******emit ISAKMP Oakley attribute:
|    af+type: AF+OAKLEY_HASH_ALGORITHM (0x8002)
|    length/value: 6 (0x6)
|     [6 is OAKLEY_SHA2_512]
| ******emit ISAKMP Oakley attribute:
|    af+type: AF+OAKLEY_AUTHENTICATION_METHOD (0x8003)
|    length/value: 65001 (0xfde9)
|     [65001 is XAUTHInitPreShared]
| ******emit ISAKMP Oakley attribute:
|    af+type: AF+OAKLEY_GROUP_DESCRIPTION (0x8004)
|    length/value: 5 (0x5)
|     [5 is OAKLEY_GROUP_MODP1536]
| ******emit ISAKMP Oakley attribute:
|    af+type: AF+OAKLEY_KEY_LENGTH (0x800e)
|    length/value: 128 (0x80)
| emitting length of ISAKMP Transform Payload (ISAKMP): 36
| *****emit ISAKMP Transform Payload (ISAKMP):
|    next payload type: ISAKMP_NEXT_T (0x3)
|    ISAKMP transform number: 4 (0x4)
|    ISAKMP transform ID: KEY_IKE (0x1)
| last substructure: checking 'ISAKMP Proposal Payload'.'ISAKMP Transform Payload (ISAKMP)'.'next payload type' is ISAKMP_NEXT_T (0x3)
| last substructure: saving location 'ISAKMP Proposal Payload'.'ISAKMP Transform Payload (ISAKMP)'.'next payload type'
| ******emit ISAKMP Oakley attribute:
|    af+type: AF+OAKLEY_LIFE_TYPE (0x800b)
|    length/value: 1 (0x1)
|     [1 is OAKLEY_LIFE_SECONDS]
| ******emit ISAKMP Oakley attribute:
|    af+type: AF+OAKLEY_LIFE_DURATION (variable length) (0x800c)
|    length/value: 3600 (0xe10)
| ******emit ISAKMP Oakley attribute:
|    af+type: AF+OAKLEY_ENCRYPTION_ALGORITHM (0x8001)
|    length/value: 7 (0x7)
|     [7 is OAKLEY_AES_CBC]
| ******emit ISAKMP Oakley attribute:
|    af+type: AF+OAKLEY_HASH_ALGORITHM (0x8002)
|    length/value: 2 (0x2)
|     [2 is OAKLEY_SHA1]
| ******emit ISAKMP Oakley attribute:
|    af+type: AF+OAKLEY_AUTHENTICATION_METHOD (0x8003)
|    length/value: 65001 (0xfde9)
|     [65001 is XAUTHInitPreShared]
| ******emit ISAKMP Oakley attribute:
|    af+type: AF+OAKLEY_GROUP_DESCRIPTION (0x8004)
|    length/value: 5 (0x5)
|     [5 is OAKLEY_GROUP_MODP1536]
| ******emit ISAKMP Oakley attribute:
|    af+type: AF+OAKLEY_KEY_LENGTH (0x800e)
|    length/value: 256 (0x100)
| emitting length of ISAKMP Transform Payload (ISAKMP): 36
| *****emit ISAKMP Transform Payload (ISAKMP):
|    next payload type: ISAKMP_NEXT_T (0x3)
|    ISAKMP transform number: 5 (0x5)
|    ISAKMP transform ID: KEY_IKE (0x1)
| last substructure: checking 'ISAKMP Proposal Payload'.'ISAKMP Transform Payload (ISAKMP)'.'next payload type' is ISAKMP_NEXT_T (0x3)
| last substructure: saving location 'ISAKMP Proposal Payload'.'ISAKMP Transform Payload (ISAKMP)'.'next payload type'
| ******emit ISAKMP Oakley attribute:
|    af+type: AF+OAKLEY_LIFE_TYPE (0x800b)
|    length/value: 1 (0x1)
|     [1 is OAKLEY_LIFE_SECONDS]
| ******emit ISAKMP Oakley attribute:
|    af+type: AF+OAKLEY_LIFE_DURATION (variable length) (0x800c)
|    length/value: 3600 (0xe10)
| ******emit ISAKMP Oakley attribute:
|    af+type: AF+OAKLEY_ENCRYPTION_ALGORITHM (0x8001)
|    length/value: 7 (0x7)
|     [7 is OAKLEY_AES_CBC]
| ******emit ISAKMP Oakley attribute:
|    af+type: AF+OAKLEY_HASH_ALGORITHM (0x8002)
|    length/value: 2 (0x2)
|     [2 is OAKLEY_SHA1]
| ******emit ISAKMP Oakley attribute:
|    af+type: AF+OAKLEY_AUTHENTICATION_METHOD (0x8003)
|    length/value: 65001 (0xfde9)
|     [65001 is XAUTHInitPreShared]
| ******emit ISAKMP Oakley attribute:
|    af+type: AF+OAKLEY_GROUP_DESCRIPTION (0x8004)
|    length/value: 5 (0x5)
|     [5 is OAKLEY_GROUP_MODP1536]
| ******emit ISAKMP Oakley attribute:
|    af+type: AF+OAKLEY_KEY_LENGTH (0x800e)
|    length/value: 128 (0x80)
| emitting length of ISAKMP Transform Payload (ISAKMP): 36
| *****emit ISAKMP Transform Payload (ISAKMP):
|    next payload type: ISAKMP_NEXT_T (0x3)
|    ISAKMP transform number: 6 (0x6)
|    ISAKMP transform ID: KEY_IKE (0x1)
| last substructure: checking 'ISAKMP Proposal Payload'.'ISAKMP Transform Payload (ISAKMP)'.'next payload type' is ISAKMP_NEXT_T (0x3)
| last substructure: saving location 'ISAKMP Proposal Payload'.'ISAKMP Transform Payload (ISAKMP)'.'next payload type'
| ******emit ISAKMP Oakley attribute:
|    af+type: AF+OAKLEY_LIFE_TYPE (0x800b)
|    length/value: 1 (0x1)
|     [1 is OAKLEY_LIFE_SECONDS]
| ******emit ISAKMP Oakley attribute:
|    af+type: AF+OAKLEY_LIFE_DURATION (variable length) (0x800c)
|    length/value: 3600 (0xe10)
| ******emit ISAKMP Oakley attribute:
|    af+type: AF+OAKLEY_ENCRYPTION_ALGORITHM (0x8001)
|    length/value: 5 (0x5)
|     [5 is OAKLEY_3DES_CBC]
| ******emit ISAKMP Oakley attribute:
|    af+type: AF+OAKLEY_HASH_ALGORITHM (0x8002)
|    length/value: 4 (0x4)
|     [4 is OAKLEY_SHA2_256]
| ******emit ISAKMP Oakley attribute:
|    af+type: AF+OAKLEY_AUTHENTICATION_METHOD (0x8003)
|    length/value: 65001 (0xfde9)
|     [65001 is XAUTHInitPreShared]
| ******emit ISAKMP Oakley attribute:
|    af+type: AF+OAKLEY_GROUP_DESCRIPTION (0x8004)
|    length/value: 5 (0x5)
|     [5 is OAKLEY_GROUP_MODP1536]
| emitting length of ISAKMP Transform Payload (ISAKMP): 32
| *****emit ISAKMP Transform Payload (ISAKMP):
|    next payload type: ISAKMP_NEXT_T (0x3)
|    ISAKMP transform number: 7 (0x7)
|    ISAKMP transform ID: KEY_IKE (0x1)
| last substructure: checking 'ISAKMP Proposal Payload'.'ISAKMP Transform Payload (ISAKMP)'.'next payload type' is ISAKMP_NEXT_T (0x3)
| last substructure: saving location 'ISAKMP Proposal Payload'.'ISAKMP Transform Payload (ISAKMP)'.'next payload type'
| ******emit ISAKMP Oakley attribute:
|    af+type: AF+OAKLEY_LIFE_TYPE (0x800b)
|    length/value: 1 (0x1)
|     [1 is OAKLEY_LIFE_SECONDS]
| ******emit ISAKMP Oakley attribute:
|    af+type: AF+OAKLEY_LIFE_DURATION (variable length) (0x800c)
|    length/value: 3600 (0xe10)
| ******emit ISAKMP Oakley attribute:
|    af+type: AF+OAKLEY_ENCRYPTION_ALGORITHM (0x8001)
|    length/value: 5 (0x5)
|     [5 is OAKLEY_3DES_CBC]
| ******emit ISAKMP Oakley attribute:
|    af+type: AF+OAKLEY_HASH_ALGORITHM (0x8002)
|    length/value: 6 (0x6)
|     [6 is OAKLEY_SHA2_512]
| ******emit ISAKMP Oakley attribute:
|    af+type: AF+OAKLEY_AUTHENTICATION_METHOD (0x8003)
|    length/value: 65001 (0xfde9)
|     [65001 is XAUTHInitPreShared]
| ******emit ISAKMP Oakley attribute:
|    af+type: AF+OAKLEY_GROUP_DESCRIPTION (0x8004)
|    length/value: 5 (0x5)
|     [5 is OAKLEY_GROUP_MODP1536]
| emitting length of ISAKMP Transform Payload (ISAKMP): 32
| *****emit ISAKMP Transform Payload (ISAKMP):
|    next payload type: ISAKMP_NEXT_NONE (0x0)
|    ISAKMP transform number: 8 (0x8)
|    ISAKMP transform ID: KEY_IKE (0x1)
| last substructure: checking 'ISAKMP Proposal Payload'.'ISAKMP Transform Payload (ISAKMP)'.'next payload type' is ISAKMP_NEXT_T (0x3)
| last substructure: saving location 'ISAKMP Proposal Payload'.'ISAKMP Transform Payload (ISAKMP)'.'next payload type'
| ******emit ISAKMP Oakley attribute:
|    af+type: AF+OAKLEY_LIFE_TYPE (0x800b)
|    length/value: 1 (0x1)
|     [1 is OAKLEY_LIFE_SECONDS]
| ******emit ISAKMP Oakley attribute:
|    af+type: AF+OAKLEY_LIFE_DURATION (variable length) (0x800c)
|    length/value: 3600 (0xe10)
| ******emit ISAKMP Oakley attribute:
|    af+type: AF+OAKLEY_ENCRYPTION_ALGORITHM (0x8001)
|    length/value: 5 (0x5)
|     [5 is OAKLEY_3DES_CBC]
| ******emit ISAKMP Oakley attribute:
|    af+type: AF+OAKLEY_HASH_ALGORITHM (0x8002)
|    length/value: 2 (0x2)
|     [2 is OAKLEY_SHA1]
| ******emit ISAKMP Oakley attribute:
|    af+type: AF+OAKLEY_AUTHENTICATION_METHOD (0x8003)
|    length/value: 65001 (0xfde9)
|     [65001 is XAUTHInitPreShared]
| ******emit ISAKMP Oakley attribute:
|    af+type: AF+OAKLEY_GROUP_DESCRIPTION (0x8004)
|    length/value: 5 (0x5)
|     [5 is OAKLEY_GROUP_MODP1536]
| emitting length of ISAKMP Transform Payload (ISAKMP): 32
| emitting length of ISAKMP Proposal Payload: 320
| last substructure: checking 'ISAKMP Proposal Payload'.'ISAKMP Transform Payload (ISAKMP)'.'next payload type' is 0
| emitting length of ISAKMP Security Association Payload: 332
| last substructure: checking 'ISAKMP Security Association Payload'.'ISAKMP Proposal Payload'.'next payload type' is 0
| ***emit ISAKMP Key Exchange Payload:
|    next payload type: ISAKMP_NEXT_NONCE (0xa)
| next payload chain: ignoring supplied 'ISAKMP Key Exchange Payload'.'next payload type' value 10:ISAKMP_NEXT_NONCE
| next payload chain: setting previous 'ISAKMP Security Association Payload'.'next payload type' to current ISAKMP Key Exchange Payload (4:ISAKMP_NEXT_KE)
| next payload chain: saving location 'ISAKMP Key Exchange Payload'.'next payload type' in 'reply packet'
| emitting 192 raw bytes of keyex value into ISAKMP Key Exchange Payload
| keyex value  d0 1c c3 19  ce 49 03 2d  66 42 ae 1d  c3 70 64 6a
| keyex value  2d 0e 9e 1e  14 59 e6 66  8a 69 2e ae  1a d1 82 3a
| keyex value  c1 f3 a0 1a  9f 81 91 a0  8e 64 de ac  82 7f f2 e4
| keyex value  30 b4 f2 ef  c3 ab 9a a8  89 ff 43 54  07 d5 cb 49
| keyex value  8b d1 23 3a  48 c8 7b 89  cf ad b1 ab  b8 28 1f 6e
| keyex value  e7 f1 71 74  a4 fc 80 0d  07 46 a4 25  92 d0 92 be
| keyex value  9e 23 6e 96  d0 be af 25  fe a1 e8 e1  cf 80 8b b4
| keyex value  7a 28 18 41  53 bc 7e a2  75 14 99 bc  35 8e 69 e7
| keyex value  0b a1 f5 8f  9d 76 16 9c  51 fc e5 ce  ff 79 b8 56
| keyex value  8c 86 d1 52  48 08 a7 ce  3c c1 66 79  a4 ac 0a 12
| keyex value  76 da d5 c5  b7 10 c5 44  35 ee 68 6a  26 ac 3f a5
| keyex value  18 08 98 09  a9 82 14 8a  e0 79 ce 73  86 2a 11 09
| emitting length of ISAKMP Key Exchange Payload: 196
| ***emit ISAKMP Nonce Payload:
|    next payload type: ISAKMP_NEXT_ID (0x5)
| next payload chain: ignoring supplied 'ISAKMP Nonce Payload'.'next payload type' value 5:ISAKMP_NEXT_ID
| next payload chain: setting previous 'ISAKMP Key Exchange Payload'.'next payload type' to current ISAKMP Nonce Payload (10:ISAKMP_NEXT_NONCE)
| next payload chain: saving location 'ISAKMP Nonce Payload'.'next payload type' in 'reply packet'
| emitting 32 raw bytes of Ni into ISAKMP Nonce Payload
| Ni  79 60 e4 a4  27 6a ac e8  f9 bc 7f f2  a0 ba 41 3a
| Ni  db 2f 89 00  64 ea 20 ed  fd ce 08 d2  b4 ad 30 f5
| emitting length of ISAKMP Nonce Payload: 36
| ***emit ISAKMP Identification Payload (IPsec DOI):
|    next payload type: ISAKMP_NEXT_VID (0xd)
|    ID type: ID_FQDN (0x2)
|    Protocol ID: 0 (0x0)
|    port: 0 (0x0)
| next payload chain: ignoring supplied 'ISAKMP Identification Payload (IPsec DOI)'.'next payload type' value 13:ISAKMP_NEXT_VID
| next payload chain: setting previous 'ISAKMP Nonce Payload'.'next payload type' to current ISAKMP Identification Payload (IPsec DOI) (5:ISAKMP_NEXT_ID)
| next payload chain: saving location 'ISAKMP Identification Payload (IPsec DOI)'.'next payload type' in 'reply packet'
| emitting 10 raw bytes of my identity into ISAKMP Identification Payload (IPsec DOI)
| my identity  72 6f 61 64  72 61 6e 64  6f 6d
| emitting length of ISAKMP Identification Payload (IPsec DOI): 18
| out_vid(): sending [FRAGMENTATION]
| ***emit ISAKMP Vendor ID Payload:
|    next payload type: ISAKMP_NEXT_VID (0xd)
| next payload chain: ignoring supplied 'ISAKMP Vendor ID Payload'.'next payload type' value 13:ISAKMP_NEXT_VID
| next payload chain: setting previous 'ISAKMP Identification Payload (IPsec DOI)'.'next payload type' to current ISAKMP Vendor ID Payload (13:ISAKMP_NEXT_VID)
| next payload chain: saving location 'ISAKMP Vendor ID Payload'.'next payload type' in 'reply packet'
| emitting 16 raw bytes of V_ID into ISAKMP Vendor ID Payload
| V_ID  40 48 b7 d5  6e bc e8 85  25 e7 de 7f  00 d6 c2 d3
| emitting length of ISAKMP Vendor ID Payload: 20
| out_vid(): sending [XAUTH]
| ***emit ISAKMP Vendor ID Payload:
|    next payload type: ISAKMP_NEXT_VID (0xd)
| next payload chain: ignoring supplied 'ISAKMP Vendor ID Payload'.'next payload type' value 13:ISAKMP_NEXT_VID
| next payload chain: setting previous 'ISAKMP Vendor ID Payload'.'next payload type' to current ISAKMP Vendor ID Payload (13:ISAKMP_NEXT_VID)
| next payload chain: saving location 'ISAKMP Vendor ID Payload'.'next payload type' in 'reply packet'
| emitting 8 raw bytes of V_ID into ISAKMP Vendor ID Payload
| V_ID  09 00 26 89  df d6 b7 12
| emitting length of ISAKMP Vendor ID Payload: 12
| out_vid(): sending [Dead Peer Detection]
| ***emit ISAKMP Vendor ID Payload:
|    next payload type: ISAKMP_NEXT_NONE (0x0)
| next payload chain: setting previous 'ISAKMP Vendor ID Payload'.'next payload type' to current ISAKMP Vendor ID Payload (13:ISAKMP_NEXT_VID)
| next payload chain: saving location 'ISAKMP Vendor ID Payload'.'next payload type' in 'reply packet'
| emitting 16 raw bytes of V_ID into ISAKMP Vendor ID Payload
| V_ID  af ca d7 13  68 a1 f1 c9  6b 86 96 fc  77 57 01 00
| emitting length of ISAKMP Vendor ID Payload: 20
| nat add vid
| sending draft and RFC NATT VIDs
| out_vid(): sending [RFC 3947]
| ***emit ISAKMP Vendor ID Payload:
|    next payload type: ISAKMP_NEXT_VID (0xd)
| next payload chain: ignoring supplied 'ISAKMP Vendor ID Payload'.'next payload type' value 13:ISAKMP_NEXT_VID
| next payload chain: setting previous 'ISAKMP Vendor ID Payload'.'next payload type' to current ISAKMP Vendor ID Payload (13:ISAKMP_NEXT_VID)
| next payload chain: saving location 'ISAKMP Vendor ID Payload'.'next payload type' in 'reply packet'
| emitting 16 raw bytes of V_ID into ISAKMP Vendor ID Payload
| V_ID  4a 13 1c 81  07 03 58 45  5c 57 28 f2  0e 95 45 2f
| emitting length of ISAKMP Vendor ID Payload: 20
| skipping VID_NATT_RFC
| out_vid(): sending [draft-ietf-ipsec-nat-t-ike-03]
| ***emit ISAKMP Vendor ID Payload:
|    next payload type: ISAKMP_NEXT_VID (0xd)
| next payload chain: ignoring supplied 'ISAKMP Vendor ID Payload'.'next payload type' value 13:ISAKMP_NEXT_VID
| next payload chain: setting previous 'ISAKMP Vendor ID Payload'.'next payload type' to current ISAKMP Vendor ID Payload (13:ISAKMP_NEXT_VID)
| next payload chain: saving location 'ISAKMP Vendor ID Payload'.'next payload type' in 'reply packet'
| emitting 16 raw bytes of V_ID into ISAKMP Vendor ID Payload
| V_ID  7d 94 19 a6  53 10 ca 6f  2c 17 9d 92  15 52 9d 56
| emitting length of ISAKMP Vendor ID Payload: 20
| out_vid(): sending [draft-ietf-ipsec-nat-t-ike-02_n]
| ***emit ISAKMP Vendor ID Payload:
|    next payload type: ISAKMP_NEXT_VID (0xd)
| next payload chain: ignoring supplied 'ISAKMP Vendor ID Payload'.'next payload type' value 13:ISAKMP_NEXT_VID
| next payload chain: setting previous 'ISAKMP Vendor ID Payload'.'next payload type' to current ISAKMP Vendor ID Payload (13:ISAKMP_NEXT_VID)
| next payload chain: saving location 'ISAKMP Vendor ID Payload'.'next payload type' in 'reply packet'
| emitting 16 raw bytes of V_ID into ISAKMP Vendor ID Payload
| V_ID  90 cb 80 91  3e bb 69 6e  08 63 81 b5  ec 42 7b 1f
| emitting length of ISAKMP Vendor ID Payload: 20
| out_vid(): sending [draft-ietf-ipsec-nat-t-ike-02]
| ***emit ISAKMP Vendor ID Payload:
|    next payload type: ISAKMP_NEXT_NONE (0x0)
| next payload chain: setting previous 'ISAKMP Vendor ID Payload'.'next payload type' to current ISAKMP Vendor ID Payload (13:ISAKMP_NEXT_VID)
| next payload chain: saving location 'ISAKMP Vendor ID Payload'.'next payload type' in 'reply packet'
| emitting 16 raw bytes of V_ID into ISAKMP Vendor ID Payload
| V_ID  cd 60 46 43  35 df 21 f8  7c fd b2 fc  68 b6 a4 48
| emitting length of ISAKMP Vendor ID Payload: 20
| padding IKEv1 message with 2 bytes
| emitting 2 zero bytes of message padding into ISAKMP Message
| emitting length of ISAKMP Message: 744
| sending 744 bytes for aggr_outI1 through eth0 from 192.1.3.209:500 to 192.1.2.23:500 (using #2)
|   62 ce 45 2c  07 54 0f a2  00 00 00 00  00 00 00 00
|   01 10 04 00  00 00 00 00  00 00 02 e8  04 00 01 4c
|   00 00 00 01  00 00 00 01  00 00 01 40  00 01 00 09
|   03 00 00 24  00 01 00 00  80 0b 00 01  80 0c 0e 10
|   80 01 00 07  80 02 00 04  80 03 fd e9  80 04 00 05
|   80 0e 01 00  03 00 00 24  01 01 00 00  80 0b 00 01
|   80 0c 0e 10  80 01 00 07  80 02 00 04  80 03 fd e9
|   80 04 00 05  80 0e 00 80  03 00 00 24  02 01 00 00
|   80 0b 00 01  80 0c 0e 10  80 01 00 07  80 02 00 06
|   80 03 fd e9  80 04 00 05  80 0e 01 00  03 00 00 24
|   03 01 00 00  80 0b 00 01  80 0c 0e 10  80 01 00 07
|   80 02 00 06  80 03 fd e9  80 04 00 05  80 0e 00 80
|   03 00 00 24  04 01 00 00  80 0b 00 01  80 0c 0e 10
|   80 01 00 07  80 02 00 02  80 03 fd e9  80 04 00 05
|   80 0e 01 00  03 00 00 24  05 01 00 00  80 0b 00 01
|   80 0c 0e 10  80 01 00 07  80 02 00 02  80 03 fd e9
|   80 04 00 05  80 0e 00 80  03 00 00 20  06 01 00 00
|   80 0b 00 01  80 0c 0e 10  80 01 00 05  80 02 00 04
|   80 03 fd e9  80 04 00 05  03 00 00 20  07 01 00 00
|   80 0b 00 01  80 0c 0e 10  80 01 00 05  80 02 00 06
|   80 03 fd e9  80 04 00 05  00 00 00 20  08 01 00 00
|   80 0b 00 01  80 0c 0e 10  80 01 00 05  80 02 00 02
|   80 03 fd e9  80 04 00 05  0a 00 00 c4  d0 1c c3 19
|   ce 49 03 2d  66 42 ae 1d  c3 70 64 6a  2d 0e 9e 1e
|   14 59 e6 66  8a 69 2e ae  1a d1 82 3a  c1 f3 a0 1a
|   9f 81 91 a0  8e 64 de ac  82 7f f2 e4  30 b4 f2 ef
|   c3 ab 9a a8  89 ff 43 54  07 d5 cb 49  8b d1 23 3a
|   48 c8 7b 89  cf ad b1 ab  b8 28 1f 6e  e7 f1 71 74
|   a4 fc 80 0d  07 46 a4 25  92 d0 92 be  9e 23 6e 96
|   d0 be af 25  fe a1 e8 e1  cf 80 8b b4  7a 28 18 41
|   53 bc 7e a2  75 14 99 bc  35 8e 69 e7  0b a1 f5 8f
|   9d 76 16 9c  51 fc e5 ce  ff 79 b8 56  8c 86 d1 52
|   48 08 a7 ce  3c c1 66 79  a4 ac 0a 12  76 da d5 c5
|   b7 10 c5 44  35 ee 68 6a  26 ac 3f a5  18 08 98 09
|   a9 82 14 8a  e0 79 ce 73  86 2a 11 09  05 00 00 24
|   79 60 e4 a4  27 6a ac e8  f9 bc 7f f2  a0 ba 41 3a
|   db 2f 89 00  64 ea 20 ed  fd ce 08 d2  b4 ad 30 f5
|   0d 00 00 12  02 00 00 00  72 6f 61 64  72 61 6e 64
|   6f 6d 0d 00  00 14 40 48  b7 d5 6e bc  e8 85 25 e7
|   de 7f 00 d6  c2 d3 0d 00  00 0c 09 00  26 89 df d6
|   b7 12 0d 00  00 14 af ca  d7 13 68 a1  f1 c9 6b 86
|   96 fc 77 57  01 00 0d 00  00 14 4a 13  1c 81 07 03
|   58 45 5c 57  28 f2 0e 95  45 2f 0d 00  00 14 7d 94
|   19 a6 53 10  ca 6f 2c 17  9d 92 15 52  9d 56 0d 00
|   00 14 90 cb  80 91 3e bb  69 6e 08 63  81 b5 ec 42
|   7b 1f 00 00  00 14 cd 60  46 43 35 df  21 f8 7c fd
|   b2 fc 68 b6  a4 48 00 00
| state #2 requesting EVENT_CRYPTO_TIMEOUT to be deleted
| libevent_free: release ptr-libevent@0x7f86a0000f08
| free_event_entry: release EVENT_CRYPTO_TIMEOUT-pe@0x55ef3f840b88
| event_schedule: new EVENT_RETRANSMIT-pe@0x55ef3f840b88
| inserting event EVENT_RETRANSMIT, timeout in 2.5 seconds for #2
| libevent_malloc: new ptr-libevent@0x7f86a0000f08 size 128
| #2 STATE_AGGR_I1: retransmits: first event in 2.5 seconds; timeout in 6 seconds; limit of 12 retransmits; current time is 29851.150553
| stop processing: state #2 connection "road-east" from 192.1.2.23 (in aggr_outI1_tail() at ikev1_aggr.c:1199)
| complete v1 state transition with STF_IGNORE
| resume sending helper answer for #2 suppresed complete_v1_state_transition()
| #2 spent 1.03 milliseconds in resume sending helper answer
| processing: STOP state #0 (in resume_handler() at server.c:833)
| libevent_free: release ptr-libevent@0x7f86a4001af8
| spent 0.00255 milliseconds in comm_handle_cb() calling check_incoming_msg_errqueue()
| *received 508 bytes from 192.1.2.23:500 on eth0 (192.1.3.209:500)
|   62 ce 45 2c  07 54 0f a2  3e 15 fb f7  96 7d bc 97
|   01 10 04 00  00 00 00 00  00 00 01 fc  04 00 00 38
|   00 00 00 01  00 00 00 01  00 00 00 2c  00 01 00 01
|   00 00 00 24  00 01 00 00  80 0b 00 01  80 0c 0e 10
|   80 01 00 07  80 02 00 04  80 03 fd e9  80 04 00 05
|   80 0e 01 00  0a 00 00 c4  85 98 08 27  03 90 2a 1e
|   8f 4b bf 7b  69 dc 6f 4e  c9 2a 48 4f  0e 2d 17 eb
|   b0 be c4 7b  5f 07 3d af  c4 c0 43 0b  fe ef e1 e5
|   76 e8 3c a1  63 f6 8c 19  c8 64 92 12  f8 da 29 96
|   dd c0 55 43  6f e4 ed 7a  09 cc d0 7c  e8 7a 7c 11
|   6f 3a b0 14  95 07 03 6a  57 29 11 01  52 a4 f8 f9
|   27 7c c4 8f  26 b4 02 54  33 72 6d 1c  c8 a9 6a 44
|   3f 89 6e da  29 85 51 ea  b8 54 80 59  b3 8c f5 02
|   6a fa c0 09  cb 3f 58 08  15 9d 7e f5  bf c5 4b 7b
|   63 f4 be b3  00 f2 56 3c  fd b2 3d d0  ab 51 f6 7b
|   4f cc d1 f5  c4 34 bf 25  e0 ff 2a d5  af 4d 12 89
|   5e 90 6b 87  0c b3 e5 88  a4 ed d3 58  d3 17 a5 7f
|   c1 19 26 38  57 99 50 ff  05 00 00 24  34 4a 72 60
|   84 c7 8b 8f  f8 f1 fe 88  d6 b1 2b d8  2f a7 21 13
|   09 f8 e3 f9  48 4a 3a b3  3e e9 97 b4  08 00 00 0c
|   02 00 00 00  65 61 73 74  0d 00 00 24  96 b2 82 18
|   ca 83 e2 f5  d0 41 dd 4d  b6 8b 34 66  bc 86 59 8f
|   03 c8 8f 24  75 d2 ed 5e  3f 97 ce ad  0d 00 00 14
|   40 48 b7 d5  6e bc e8 85  25 e7 de 7f  00 d6 c2 d3
|   0d 00 00 0c  09 00 26 89  df d6 b7 12  0d 00 00 14
|   af ca d7 13  68 a1 f1 c9  6b 86 96 fc  77 57 01 00
|   14 00 00 14  4a 13 1c 81  07 03 58 45  5c 57 28 f2
|   0e 95 45 2f  14 00 00 24  e6 33 5d 4e  c7 0e a0 4a
|   d3 58 7b 0b  12 21 14 27  03 c5 d2 d0  4d ec de 67
|   30 86 57 d4  3c 10 7b 20  00 00 00 24  c6 33 50 83
|   80 4a a5 db  2c 01 b8 2b  f5 ff 1a 58  6c 40 fe 21
|   b0 2a d1 3f  fc 86 dd 53  c1 f6 7b f2
| start processing: from 192.1.2.23:500 (in process_md() at demux.c:378)
| **parse ISAKMP Message:
|    initiator cookie:
|   62 ce 45 2c  07 54 0f a2
|    responder cookie:
|   3e 15 fb f7  96 7d bc 97
|    next payload type: ISAKMP_NEXT_SA (0x1)
|    ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10)
|    exchange type: ISAKMP_XCHG_AGGR (0x4)
|    flags: none (0x0)
|    Message ID: 0 (0x0)
|    length: 508 (0x1fc)
|  processing version=1.0 packet with exchange type=ISAKMP_XCHG_AGGR (4)
| State DB: IKEv1 state not found (find_state_ikev1)
| State DB: found IKEv1 state #2 in AGGR_I1 (find_state_ikev1_init)
| start processing: state #2 connection "road-east" from 192.1.2.23 (in process_v1_packet() at ikev1.c:1459)
| #2 is idle
| #2 idle
| got payload 0x2  (ISAKMP_NEXT_SA) needed: 0x532 opt: 0x102000
| ***parse ISAKMP Security Association Payload:
|    next payload type: ISAKMP_NEXT_KE (0x4)
|    length: 56 (0x38)
|    DOI: ISAKMP_DOI_IPSEC (0x1)
| got payload 0x10  (ISAKMP_NEXT_KE) needed: 0x530 opt: 0x102000
| ***parse ISAKMP Key Exchange Payload:
|    next payload type: ISAKMP_NEXT_NONCE (0xa)
|    length: 196 (0xc4)
| got payload 0x400  (ISAKMP_NEXT_NONCE) needed: 0x520 opt: 0x102000
| ***parse ISAKMP Nonce Payload:
|    next payload type: ISAKMP_NEXT_ID (0x5)
|    length: 36 (0x24)
| got payload 0x20  (ISAKMP_NEXT_ID) needed: 0x120 opt: 0x102000
| ***parse ISAKMP Identification Payload:
|    next payload type: ISAKMP_NEXT_HASH (0x8)
|    length: 12 (0xc)
|    ID type: ID_FQDN (0x2)
|    DOI specific A: 0 (0x0)
|    DOI specific B: 0 (0x0)
|      obj:   65 61 73 74
| got payload 0x100  (ISAKMP_NEXT_HASH) needed: 0x100 opt: 0x102000
| ***parse ISAKMP Hash Payload:
|    next payload type: ISAKMP_NEXT_VID (0xd)
|    length: 36 (0x24)
| got payload 0x2000  (ISAKMP_NEXT_VID) needed: 0x0 opt: 0x102000
| ***parse ISAKMP Vendor ID Payload:
|    next payload type: ISAKMP_NEXT_VID (0xd)
|    length: 20 (0x14)
| got payload 0x2000  (ISAKMP_NEXT_VID) needed: 0x0 opt: 0x102000
| ***parse ISAKMP Vendor ID Payload:
|    next payload type: ISAKMP_NEXT_VID (0xd)
|    length: 12 (0xc)
| got payload 0x2000  (ISAKMP_NEXT_VID) needed: 0x0 opt: 0x102000
| ***parse ISAKMP Vendor ID Payload:
|    next payload type: ISAKMP_NEXT_VID (0xd)
|    length: 20 (0x14)
| got payload 0x2000  (ISAKMP_NEXT_VID) needed: 0x0 opt: 0x102000
| ***parse ISAKMP Vendor ID Payload:
|    next payload type: ISAKMP_NEXT_NATD_RFC (0x14)
|    length: 20 (0x14)
| got payload 0x100000  (ISAKMP_NEXT_NATD_RFC) needed: 0x0 opt: 0x102000
| ***parse ISAKMP NAT-D Payload:
|    next payload type: ISAKMP_NEXT_NATD_RFC (0x14)
|    length: 36 (0x24)
| got payload 0x100000  (ISAKMP_NEXT_NATD_RFC) needed: 0x0 opt: 0x102000
| ***parse ISAKMP NAT-D Payload:
|    next payload type: ISAKMP_NEXT_NONE (0x0)
|    length: 36 (0x24)
| message 'aggr_inR1_outI2' HASH payload not checked early
| received Vendor ID payload [FRAGMENTATION]
| received Vendor ID payload [XAUTH]
| received Vendor ID payload [Dead Peer Detection]
|  quirks.qnat_traversal_vid set to=117 [RFC 3947]
| received Vendor ID payload [RFC 3947]
"road-east" #2: Peer ID is ID_FQDN: '@east'
| X509: no CERT payloads to process
| ****parse IPsec DOI SIT:
|    IPsec DOI SIT: SIT_IDENTITY_ONLY (0x1)
| ****parse ISAKMP Proposal Payload:
|    next payload type: ISAKMP_NEXT_NONE (0x0)
|    length: 44 (0x2c)
|    proposal number: 0 (0x0)
|    protocol ID: PROTO_ISAKMP (0x1)
|    SPI size: 0 (0x0)
|    number of transforms: 1 (0x1)
| *****parse ISAKMP Transform Payload (ISAKMP):
|    next payload type: ISAKMP_NEXT_NONE (0x0)
|    length: 36 (0x24)
|    ISAKMP transform number: 0 (0x0)
|    ISAKMP transform ID: KEY_IKE (0x1)
| ******parse ISAKMP Oakley attribute:
|    af+type: AF+OAKLEY_LIFE_TYPE (0x800b)
|    length/value: 1 (0x1)
|    [1 is OAKLEY_LIFE_SECONDS]
| ******parse ISAKMP Oakley attribute:
|    af+type: AF+OAKLEY_LIFE_DURATION (variable length) (0x800c)
|    length/value: 3600 (0xe10)
| ******parse ISAKMP Oakley attribute:
|    af+type: AF+OAKLEY_ENCRYPTION_ALGORITHM (0x8001)
|    length/value: 7 (0x7)
|    [7 is OAKLEY_AES_CBC]
| ******parse ISAKMP Oakley attribute:
|    af+type: AF+OAKLEY_HASH_ALGORITHM (0x8002)
|    length/value: 4 (0x4)
|    [4 is OAKLEY_SHA2_256]
| ******parse ISAKMP Oakley attribute:
|    af+type: AF+OAKLEY_AUTHENTICATION_METHOD (0x8003)
|    length/value: 65001 (0xfde9)
|    [65001 is XAUTHInitPreShared]
| started looking for secret for @roadrandom->@east of kind PKK_PSK
| actually looking for secret for @roadrandom->@east of kind PKK_PSK
| line 12: key type PKK_PSK(@roadrandom) to type PKK_PSK
| 1: compared key @east to @roadrandom / @east -> 004
| 2: compared key @roadrandom to @roadrandom / @east -> 014
| line 12: match=014
| match 014 beats previous best_match 000 match=0x55ef3f83d238 (line=12)
| line 10: key type PKK_PSK(@roadrandom) to type PKK_PSK
| 1: compared key @east to @roadrandom / @east -> 004
| 2: compared key @west to @roadrandom / @east -> 004
| line 10: match=004
| line 9: key type PKK_PSK(@roadrandom) to type PKK_PSK
| 1: compared key %any to @roadrandom / @east -> 002
| 2: compared key %any to @roadrandom / @east -> 002
| line 9: match=002
| match 002 loses to best_match 014
| concluding with best_match=014 best=0x55ef3f83d238 (lineno=12)
| ******parse ISAKMP Oakley attribute:
|    af+type: AF+OAKLEY_GROUP_DESCRIPTION (0x8004)
|    length/value: 5 (0x5)
|    [5 is OAKLEY_GROUP_MODP1536]
| ******parse ISAKMP Oakley attribute:
|    af+type: AF+OAKLEY_KEY_LENGTH (0x800e)
|    length/value: 256 (0x100)
| OAKLEY proposal verified unconditionally; no alg_info to check against
| Oakley Transform 0 accepted
| sender checking NAT-T: enabled; VID 117
| returning NAT-T method NAT_TRAVERSAL_METHOD_IETF_RFC
| enabling possible NAT-traversal with method RFC 3947 (NAT-Traversal)
| State DB: re-hashing IKEv1 state #2 IKE SPIi and SPI[ir]
| init checking NAT-T: enabled; RFC 3947 (NAT-Traversal)
| natd_hash: hasher=0x55ef3e723ca0(32)
| natd_hash: icookie=  62 ce 45 2c  07 54 0f a2
| natd_hash: rcookie=  3e 15 fb f7  96 7d bc 97
| natd_hash: ip=  c0 01 03 d1
| natd_hash: port=500
| natd_hash: hash=  e6 33 5d 4e  c7 0e a0 4a  d3 58 7b 0b  12 21 14 27
| natd_hash: hash=  03 c5 d2 d0  4d ec de 67  30 86 57 d4  3c 10 7b 20
| natd_hash: hasher=0x55ef3e723ca0(32)
| natd_hash: icookie=  62 ce 45 2c  07 54 0f a2
| natd_hash: rcookie=  3e 15 fb f7  96 7d bc 97
| natd_hash: ip=  c0 01 02 17
| natd_hash: port=500
| natd_hash: hash=  c6 33 50 83  80 4a a5 db  2c 01 b8 2b  f5 ff 1a 58
| natd_hash: hash=  6c 40 fe 21  b0 2a d1 3f  fc 86 dd 53  c1 f6 7b f2
| expected NAT-D(me):  e6 33 5d 4e  c7 0e a0 4a  d3 58 7b 0b  12 21 14 27
| expected NAT-D(me):  03 c5 d2 d0  4d ec de 67  30 86 57 d4  3c 10 7b 20
| expected NAT-D(him):
|   c6 33 50 83  80 4a a5 db  2c 01 b8 2b  f5 ff 1a 58
|   6c 40 fe 21  b0 2a d1 3f  fc 86 dd 53  c1 f6 7b f2
| received NAT-D:  e6 33 5d 4e  c7 0e a0 4a  d3 58 7b 0b  12 21 14 27
| received NAT-D:  03 c5 d2 d0  4d ec de 67  30 86 57 d4  3c 10 7b 20
| received NAT-D:  c6 33 50 83  80 4a a5 db  2c 01 b8 2b  f5 ff 1a 58
| received NAT-D:  6c 40 fe 21  b0 2a d1 3f  fc 86 dd 53  c1 f6 7b f2
| NAT_TRAVERSAL encaps using auto-detect
| NAT_TRAVERSAL this end is NOT behind NAT
| NAT_TRAVERSAL that end is NOT behind NAT
| NAT_TRAVERSAL nat-keepalive enabled 192.1.2.23
| NAT-Traversal: Result using RFC 3947 (NAT-Traversal) sender port 500: no NAT detected
|  NAT_T_WITH_KA detected
| started looking for secret for @roadrandom->@east of kind PKK_PSK
| actually looking for secret for @roadrandom->@east of kind PKK_PSK
| line 12: key type PKK_PSK(@roadrandom) to type PKK_PSK
| 1: compared key @east to @roadrandom / @east -> 004
| 2: compared key @roadrandom to @roadrandom / @east -> 014
| line 12: match=014
| match 014 beats previous best_match 000 match=0x55ef3f83d238 (line=12)
| line 10: key type PKK_PSK(@roadrandom) to type PKK_PSK
| 1: compared key @east to @roadrandom / @east -> 004
| 2: compared key @west to @roadrandom / @east -> 004
| line 10: match=004
| line 9: key type PKK_PSK(@roadrandom) to type PKK_PSK
| 1: compared key %any to @roadrandom / @east -> 002
| 2: compared key %any to @roadrandom / @east -> 002
| line 9: match=002
| match 002 loses to best_match 014
| concluding with best_match=014 best=0x55ef3f83d238 (lineno=12)
| adding aggr outR1 DH work-order 4 for state #2
| state #2 requesting EVENT_RETRANSMIT to be deleted
| #2 STATE_AGGR_I1: retransmits: cleared
| libevent_free: release ptr-libevent@0x7f86a0000f08
| free_event_entry: release EVENT_RETRANSMIT-pe@0x55ef3f840b88
| event_schedule: new EVENT_CRYPTO_TIMEOUT-pe@0x55ef3f840b88
| inserting event EVENT_CRYPTO_TIMEOUT, timeout in 60 seconds for #2
| libevent_malloc: new ptr-libevent@0x7f86a4001af8 size 128
| complete v1 state transition with STF_SUSPEND
| [RE]START processing: state #2 connection "road-east" from 192.1.2.23 (in complete_v1_state_transition() at ikev1.c:2648)
| suspending state #2 and saving MD
| #2 is busy; has a suspended MD
| crypto helper 5 resuming
| crypto helper 5 starting work-order 4 for state #2
| #2 spent 0.283 milliseconds in process_packet_tail()
| crypto helper 5 doing compute dh+iv (V1 Phase 1) (aggr outR1 DH); request ID 4
| stop processing: from 192.1.2.23:500 (BACKGROUND) (in process_md() at demux.c:380)
| stop processing: state #2 connection "road-east" from 192.1.2.23 (in process_md() at demux.c:382)
| processing: STOP connection NULL (in process_md() at demux.c:383)
| spent 0.539 milliseconds in comm_handle_cb() reading and processing packet
| crypto helper 5 finished compute dh+iv (V1 Phase 1) (aggr outR1 DH); request ID 4 time elapsed 0.000689 seconds
| (#2) spent 0.695 milliseconds in crypto helper computing work-order 4: aggr outR1 DH (pcr)
| crypto helper 5 sending results from work-order 4 for state #2 to event queue
| scheduling resume sending helper answer for #2
| libevent_malloc: new ptr-libevent@0x7f8698000f08 size 128
| crypto helper 5 waiting (nothing to do)
| processing resume sending helper answer for #2
| start processing: state #2 connection "road-east" from 192.1.2.23 (in resume_handler() at server.c:797)
| crypto helper 5 replies to request ID 4
| calling continuation function 0x55ef3e64eb50
| aggr inR1_outI2: calculated DH, sending I2
"road-east" #2: Peer ID is ID_FQDN: '@east'
| X509: no CERT payloads to process
| received 'Aggr' message HASH_R data ok
| thinking about whether to send my certificate:
|   I have RSA key: OAKLEY_PRESHARED_KEY cert.type: 0?? 
|   sendcert: CERT_ALWAYSSEND and I did not get a certificate request 
|   so do not send cert.
| I did not send a certificate because digital signatures are not being used. (PSK)
| **emit ISAKMP Message:
|    initiator cookie:
|   62 ce 45 2c  07 54 0f a2
|    responder cookie:
|   3e 15 fb f7  96 7d bc 97
|    next payload type: ISAKMP_NEXT_NONE (0x0)
|    ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10)
|    exchange type: ISAKMP_XCHG_AGGR (0x4)
|    flags: ISAKMP_FLAG_v1_ENCRYPTION (0x1)
|    Message ID: 0 (0x0)
| next payload chain: saving message location 'ISAKMP Message'.'next payload type'
| sending NAT-D payloads
| natd_hash: hasher=0x55ef3e723ca0(32)
| natd_hash: icookie=  62 ce 45 2c  07 54 0f a2
| natd_hash: rcookie=  3e 15 fb f7  96 7d bc 97
| natd_hash: ip=  c0 01 02 17
| natd_hash: port=500
| natd_hash: hash=  c6 33 50 83  80 4a a5 db  2c 01 b8 2b  f5 ff 1a 58
| natd_hash: hash=  6c 40 fe 21  b0 2a d1 3f  fc 86 dd 53  c1 f6 7b f2
| ***emit ISAKMP NAT-D Payload:
|    next payload type: ISAKMP_NEXT_NATD_RFC (0x14)
| next payload chain: ignoring supplied 'ISAKMP NAT-D Payload'.'next payload type' value 20:ISAKMP_NEXT_NATD_RFC
| next payload chain: setting previous 'ISAKMP Message'.'next payload type' to current ISAKMP NAT-D Payload (20:ISAKMP_NEXT_NATD_RFC)
| next payload chain: saving location 'ISAKMP NAT-D Payload'.'next payload type' in 'reply packet'
| emitting 32 raw bytes of NAT-D into ISAKMP NAT-D Payload
| NAT-D  c6 33 50 83  80 4a a5 db  2c 01 b8 2b  f5 ff 1a 58
| NAT-D  6c 40 fe 21  b0 2a d1 3f  fc 86 dd 53  c1 f6 7b f2
| emitting length of ISAKMP NAT-D Payload: 36
| natd_hash: hasher=0x55ef3e723ca0(32)
| natd_hash: icookie=  62 ce 45 2c  07 54 0f a2
| natd_hash: rcookie=  3e 15 fb f7  96 7d bc 97
| natd_hash: ip=  c0 01 03 d1
| natd_hash: port=500
| natd_hash: hash=  e6 33 5d 4e  c7 0e a0 4a  d3 58 7b 0b  12 21 14 27
| natd_hash: hash=  03 c5 d2 d0  4d ec de 67  30 86 57 d4  3c 10 7b 20
| ***emit ISAKMP NAT-D Payload:
|    next payload type: ISAKMP_NEXT_HASH (0x8)
| next payload chain: ignoring supplied 'ISAKMP NAT-D Payload'.'next payload type' value 8:ISAKMP_NEXT_HASH
| next payload chain: setting previous 'ISAKMP NAT-D Payload'.'next payload type' to current ISAKMP NAT-D Payload (20:ISAKMP_NEXT_NATD_RFC)
| next payload chain: saving location 'ISAKMP NAT-D Payload'.'next payload type' in 'reply packet'
| emitting 32 raw bytes of NAT-D into ISAKMP NAT-D Payload
| NAT-D  e6 33 5d 4e  c7 0e a0 4a  d3 58 7b 0b  12 21 14 27
| NAT-D  03 c5 d2 d0  4d ec de 67  30 86 57 d4  3c 10 7b 20
| emitting length of ISAKMP NAT-D Payload: 36
| next payload chain: creating a fake payload for hashing identity
| **emit ISAKMP Identification Payload (IPsec DOI):
|    next payload type: ISAKMP_NEXT_NONE (0x0)
|    ID type: ID_FQDN (0x2)
|    Protocol ID: 0 (0x0)
|    port: 0 (0x0)
| next payload chain: no previous for current ISAKMP Identification Payload (IPsec DOI) (5:ISAKMP_NEXT_ID); assumed to be fake
| emitting 10 raw bytes of my identity into ISAKMP Identification Payload (IPsec DOI)
| my identity  72 6f 61 64  72 61 6e 64  6f 6d
| emitting length of ISAKMP Identification Payload (IPsec DOI): 18
| ***emit ISAKMP Hash Payload:
|    next payload type: ISAKMP_NEXT_NONE (0x0)
| next payload chain: setting previous 'ISAKMP NAT-D Payload'.'next payload type' to current ISAKMP Hash Payload (8:ISAKMP_NEXT_HASH)
| next payload chain: saving location 'ISAKMP Hash Payload'.'next payload type' in 'reply packet'
| emitting 32 raw bytes of HASH_I into ISAKMP Hash Payload
| HASH_I  fd 12 87 5d  f1 b1 cc b2  2e b6 92 fd  fe 1c 72 44
| HASH_I  78 c4 b3 90  ea 03 78 67  38 12 2a 5f  5d 22 33 bc
| emitting length of ISAKMP Hash Payload: 36
| emitting 4 zero bytes of encryption padding into ISAKMP Message
| no IKEv1 message padding required
| emitting length of ISAKMP Message: 140
| phase 1 complete
| FOR_EACH_CONNECTION_... in ISAKMP_SA_established
| complete v1 state transition with STF_OK
| [RE]START processing: state #2 connection "road-east" from 192.1.2.23 (in complete_v1_state_transition() at ikev1.c:2673)
| #2 is idle
| doing_xauth:yes, t_xauth_client_done:no
| peer supports fragmentation
| peer supports DPD
| IKEv1: transition from state STATE_AGGR_I1 to state STATE_AGGR_I2
| parent state #2: AGGR_I1(half-open IKE SA) => AGGR_I2(established IKE SA)
| event_already_set, deleting event
| state #2 requesting EVENT_CRYPTO_TIMEOUT to be deleted
| libevent_free: release ptr-libevent@0x7f86a4001af8
| free_event_entry: release EVENT_CRYPTO_TIMEOUT-pe@0x55ef3f840b88
| sending reply packet to 192.1.2.23:500 (from 192.1.3.209:500)
| sending 140 bytes for STATE_AGGR_I1 through eth0 from 192.1.3.209:500 to 192.1.2.23:500 (using #2)
|   62 ce 45 2c  07 54 0f a2  3e 15 fb f7  96 7d bc 97
|   14 10 04 01  00 00 00 00  00 00 00 8c  ea 06 b6 7b
|   79 80 5f 8a  62 cc a8 6d  2d 02 cd 30  86 17 09 3a
|   61 03 40 7e  e8 76 bb c4  4f 42 5c 43  34 43 47 7a
|   b2 72 8c dc  9f 7b 3a 72  77 7c 79 82  c7 03 ce e1
|   ef 62 c6 c5  e9 85 8c 61  a3 d9 fe 28  fe 88 ce 42
|   23 dd 08 a6  af ce 80 60  c8 12 23 a2  6a c0 84 f9
|   5b 63 31 41  3f e3 57 32  dd 82 3d ee  e8 bd 28 3a
|   64 20 cc 54  02 85 2f ba  f3 cf 62 0c
| !event_already_set at reschedule
| event_schedule: new EVENT_SA_REPLACE-pe@0x55ef3f840b88
| inserting event EVENT_SA_REPLACE, timeout in 2848 seconds for #2
| libevent_malloc: new ptr-libevent@0x55ef3f8402b8 size 128
| pstats #2 ikev1.isakmp established
"road-east" #2: STATE_AGGR_I2: sent AI2, ISAKMP SA established {auth=PRESHARED_KEY cipher=AES_CBC_256 integ=HMAC_SHA2_256 group=MODP1536}
| DPD: dpd_init() called on ISAKMP SA
| DPD: Peer supports Dead Peer Detection
| DPD: not initializing DPD because DPD is disabled locally
| XAUTH client is not yet authenticated
| resume sending helper answer for #2 suppresed complete_v1_state_transition()
| #2 spent 0.374 milliseconds in resume sending helper answer
| stop processing: state #2 connection "road-east" from 192.1.2.23 (in resume_handler() at server.c:833)
| libevent_free: release ptr-libevent@0x7f8698000f08
| spent 0.00273 milliseconds in comm_handle_cb() calling check_incoming_msg_errqueue()
| *received 92 bytes from 192.1.2.23:500 on eth0 (192.1.3.209:500)
|   62 ce 45 2c  07 54 0f a2  3e 15 fb f7  96 7d bc 97
|   08 10 06 01  a5 0e 06 19  00 00 00 5c  09 ec 64 6d
|   50 8c 5a 83  11 59 8c aa  ce c0 80 06  51 92 5b d2
|   a9 ad af ba  fc 6c 63 2b  59 59 a2 78  1d 31 ac 0c
|   17 09 56 5b  a9 3b a4 66  93 ff 0e e1  08 27 34 41
|   f5 c4 c3 8f  c3 ac a6 2e  a1 2f a7 48
| start processing: from 192.1.2.23:500 (in process_md() at demux.c:378)
| **parse ISAKMP Message:
|    initiator cookie:
|   62 ce 45 2c  07 54 0f a2
|    responder cookie:
|   3e 15 fb f7  96 7d bc 97
|    next payload type: ISAKMP_NEXT_HASH (0x8)
|    ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10)
|    exchange type: ISAKMP_XCHG_MODE_CFG (0x6)
|    flags: ISAKMP_FLAG_v1_ENCRYPTION (0x1)
|    Message ID: 2769159705 (0xa50e0619)
|    length: 92 (0x5c)
|  processing version=1.0 packet with exchange type=ISAKMP_XCHG_MODE_CFG (6)
| peer and cookies match on #2; msgid=a50e0619 st_msgid=00000000 st_msgid_phase15=00000000
| State DB: IKEv1 state not found (find_v1_info_state)
| No appropriate Mode Config state yet. See if we have a Main Mode state
| peer and cookies match on #2; msgid=00000000 st_msgid=00000000 st_msgid_phase15=00000000
| p15 state object #2 found, in STATE_AGGR_I2
| State DB: found IKEv1 state #2 in AGGR_I2 (find_v1_info_state)
| start processing: state #2 connection "road-east" from 192.1.2.23 (in process_v1_packet() at ikev1.c:1678)
|  processing received isakmp_xchg_type ISAKMP_XCHG_MODE_CFG.
|  this is a xauthclient modecfgclient
|  call  init_phase2_iv
|  set from_state to STATE_AGGR_I2 this is xauthclient and IS_PHASE1() is TRUE
| #2 is idle
| #2 idle
| received encrypted packet from 192.1.2.23:500
| got payload 0x100  (ISAKMP_NEXT_HASH) needed: 0x4100 opt: 0x2000
| ***parse ISAKMP Hash Payload:
|    next payload type: ISAKMP_NEXT_MODECFG (0xe)
|    length: 36 (0x24)
| got payload 0x4000  (ISAKMP_NEXT_MODECFG) needed: 0x4000 opt: 0x2000
| ***parse ISAKMP Mode Attribute:
|    next payload type: ISAKMP_NEXT_NONE (0x0)
|    length: 16 (0x10)
|    Attr Msg Type: ISAKMP_CFG_REQUEST (0x1)
|    Identifier: 0 (0x0)
| removing 12 bytes of padding
| xauth_inI0 HASH(1):
|   8a 7f 39 f7  91 90 a3 bc  22 c5 f0 84  42 55 3f 40
|   88 17 c8 55  ff c7 89 2f  9b 4d 03 a0  63 2e 56 3e
| received 'xauth_inI0' message HASH(1) data ok
| **emit ISAKMP Message:
|    initiator cookie:
|   62 ce 45 2c  07 54 0f a2
|    responder cookie:
|   3e 15 fb f7  96 7d bc 97
|    next payload type: ISAKMP_NEXT_HASH (0x8)
|    ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10)
|    exchange type: ISAKMP_XCHG_MODE_CFG (0x6)
|    flags: ISAKMP_FLAG_v1_ENCRYPTION (0x1)
|    Message ID: 2769159705 (0xa50e0619)
| next payload chain: saving message location 'ISAKMP Message'.'next payload type'
| next payload chain: ignoring supplied 'ISAKMP Message'.'next payload type' value 8:ISAKMP_NEXT_HASH
| arrived in xauth_inI0
"road-east" #2: IMPAIR: drop XAUTH R0 message 
| complete v1 state transition with STF_FAIL
| [RE]START processing: state #2 connection "road-east" from 192.1.2.23 (in complete_v1_state_transition() at ikev1.c:2673)
| #2 is idle
| state transition function for STATE_AGGR_I2 failed: failed
| #2 spent 0.133 milliseconds in process_packet_tail()
| stop processing: from 192.1.2.23:500 (BACKGROUND) (in process_md() at demux.c:380)
| stop processing: state #2 connection "road-east" from 192.1.2.23 (in process_md() at demux.c:382)
| processing: STOP connection NULL (in process_md() at demux.c:383)
| spent 0.274 milliseconds in comm_handle_cb() reading and processing packet
| accept(whackctlfd, (struct sockaddr *)&whackaddr, &whackaddrlen) -> fd@16 (in whack_handle() at rcv_whack.c:722)
| FOR_EACH_CONNECTION_... in show_connections_status
| FOR_EACH_CONNECTION_... in show_connections_status
| FOR_EACH_STATE_... in show_states_status (sort_states)
| FOR_EACH_STATE_... in sort_states
| close_any(fd@16) (in whack_process() at rcv_whack.c:700)
| spent 0.347 milliseconds in whack
| spent 0.00304 milliseconds in comm_handle_cb() calling check_incoming_msg_errqueue()
| *received 92 bytes from 192.1.2.23:500 on eth0 (192.1.3.209:500)
|   62 ce 45 2c  07 54 0f a2  3e 15 fb f7  96 7d bc 97
|   08 10 05 01  64 ff 93 f0  00 00 00 5c  b2 21 d8 c3
|   2a ff 90 4b  5b 52 0c 83  df 88 01 0a  2b 30 d0 8f
|   6b 49 b8 a8  00 94 06 e3  26 77 e7 5c  6e 78 3c 65
|   c2 5e 00 14  cb 2e bb 44  dd f1 f8 fa  ba 84 e0 54
|   87 c2 0b 40  8b ad a2 97  ec 4b 1b 06
| start processing: from 192.1.2.23:500 (in process_md() at demux.c:378)
| **parse ISAKMP Message:
|    initiator cookie:
|   62 ce 45 2c  07 54 0f a2
|    responder cookie:
|   3e 15 fb f7  96 7d bc 97
|    next payload type: ISAKMP_NEXT_HASH (0x8)
|    ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10)
|    exchange type: ISAKMP_XCHG_INFO (0x5)
|    flags: ISAKMP_FLAG_v1_ENCRYPTION (0x1)
|    Message ID: 1694471152 (0x64ff93f0)
|    length: 92 (0x5c)
|  processing version=1.0 packet with exchange type=ISAKMP_XCHG_INFO (5)
| peer and cookies match on #2; msgid=00000000 st_msgid=00000000 st_msgid_phase15=00000000
| p15 state object #2 found, in STATE_AGGR_I2
| State DB: found IKEv1 state #2 in AGGR_I2 (find_v1_info_state)
| start processing: state #2 connection "road-east" from 192.1.2.23 (in process_v1_packet() at ikev1.c:1479)
| #2 is idle
| #2 idle
| received encrypted packet from 192.1.2.23:500
| got payload 0x100  (ISAKMP_NEXT_HASH) needed: 0x100 opt: 0x0
| ***parse ISAKMP Hash Payload:
|    next payload type: ISAKMP_NEXT_D (0xc)
|    length: 36 (0x24)
| got payload 0x1000  (ISAKMP_NEXT_D) needed: 0x0 opt: 0x0
| ***parse ISAKMP Delete Payload:
|    next payload type: ISAKMP_NEXT_NONE (0x0)
|    length: 28 (0x1c)
|    DOI: ISAKMP_DOI_IPSEC (0x1)
|    protocol ID: 1 (0x1)
|    SPI size: 16 (0x10)
|    number of SPIs: 1 (0x1)
| informational HASH(1):
|   ea 14 b5 66  a4 22 3e 80  ae c6 d9 70  f1 5e 33 5d
|   92 2f 60 33  5f 4d 81 68  fa e1 01 51  6e a7 20 c9
| received 'informational' message HASH(1) data ok
| parsing 8 raw bytes of ISAKMP Delete Payload into iCookie
| iCookie  62 ce 45 2c  07 54 0f a2
| parsing 8 raw bytes of ISAKMP Delete Payload into rCookie
| rCookie  3e 15 fb f7  96 7d bc 97
| State DB: found IKEv1 state #2 in AGGR_I2 (find_state_ikev1)
| del:
"road-east" #2: received Delete SA payload: self-deleting ISAKMP State #2
| pstats #2 ikev1.isakmp deleted completed
| [RE]START processing: state #2 connection "road-east" from 192.1.2.23 (in delete_state() at state.c:879)
"road-east" #2: deleting state (STATE_AGGR_I2) aged 1.270s and sending notification
| parent state #2: AGGR_I2(established IKE SA) => delete
| #2 send IKEv1 delete notification for STATE_AGGR_I2
| **emit ISAKMP Message:
|    initiator cookie:
|   62 ce 45 2c  07 54 0f a2
|    responder cookie:
|   3e 15 fb f7  96 7d bc 97
|    next payload type: ISAKMP_NEXT_NONE (0x0)
|    ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10)
|    exchange type: ISAKMP_XCHG_INFO (0x5)
|    flags: ISAKMP_FLAG_v1_ENCRYPTION (0x1)
|    Message ID: 2801642993 (0xa6fdadf1)
| next payload chain: saving message location 'ISAKMP Message'.'next payload type'
| ***emit ISAKMP Hash Payload:
|    next payload type: ISAKMP_NEXT_NONE (0x0)
| next payload chain: setting previous 'ISAKMP Message'.'next payload type' to current ISAKMP Hash Payload (8:ISAKMP_NEXT_HASH)
| next payload chain: saving location 'ISAKMP Hash Payload'.'next payload type' in 'delete msg'
| emitting 32 zero bytes of HASH DATA into ISAKMP Hash Payload
| emitting length of ISAKMP Hash Payload: 36
| ***emit ISAKMP Delete Payload:
|    next payload type: ISAKMP_NEXT_NONE (0x0)
|    DOI: ISAKMP_DOI_IPSEC (0x1)
|    protocol ID: 1 (0x1)
|    SPI size: 16 (0x10)
|    number of SPIs: 1 (0x1)
| next payload chain: setting previous 'ISAKMP Hash Payload'.'next payload type' to current ISAKMP Delete Payload (12:ISAKMP_NEXT_D)
| next payload chain: saving location 'ISAKMP Delete Payload'.'next payload type' in 'delete msg'
| emitting 8 raw bytes of initiator SPI into ISAKMP Delete Payload
| initiator SPI  62 ce 45 2c  07 54 0f a2
| emitting 8 raw bytes of responder SPI into ISAKMP Delete Payload
| responder SPI  3e 15 fb f7  96 7d bc 97
| emitting length of ISAKMP Delete Payload: 28
| send delete HASH(1):
|   71 25 10 bd  ec 8d 5f 25  6a 8b be b9  7b 4b 57 3b
|   62 2e ff 8f  fc f9 43 2a  8d bb 3e 36  37 cb 5e 9c
| no IKEv1 message padding required
| emitting length of ISAKMP Message: 92
| sending 92 bytes for delete notify through eth0 from 192.1.3.209:500 to 192.1.2.23:500 (using #2)
|   62 ce 45 2c  07 54 0f a2  3e 15 fb f7  96 7d bc 97
|   08 10 05 01  a6 fd ad f1  00 00 00 5c  5a 20 47 d6
|   ae f5 7d 42  37 2b 2b f1  18 8a 2f 8b  2c ba 81 39
|   8c d6 4d 67  d1 2c 6e 60  86 0a af 34  e7 74 d8 79
|   66 89 55 a9  5d 58 70 e0  88 36 de 74  93 94 4f 9b
|   db 15 27 4d  92 15 56 b1  5a 69 44 25
| state #2 requesting EVENT_SA_REPLACE to be deleted
| libevent_free: release ptr-libevent@0x55ef3f8402b8
| free_event_entry: release EVENT_SA_REPLACE-pe@0x55ef3f840b88
| in connection_discard for connection road-east
| removing pending policy for "road-east" {0x55ef3f7f2758}
| State DB: IKEv1 state not found (flush_incomplete_children)
| picked newest_isakmp_sa #0 for #2
"road-east" #2: deleting IKE SA for connection 'road-east' but connection is supposed to remain up; schedule EVENT_REVIVE_CONNS
| add revival: connection 'road-east' added to the list and scheduled for 5 seconds
| global one-shot timer EVENT_REVIVE_CONNS scheduled in 5 seconds
| in connection_discard for connection road-east
| State DB: deleting IKEv1 state #2 in AGGR_I2
| parent state #2: AGGR_I2(established IKE SA) => UNDEFINED(ignore)
| stop processing: state #2 from 192.1.2.23 (in delete_state() at state.c:1143)
| in statetime_start() with no state
| complete v1 state transition with STF_IGNORE
| stop processing: from 192.1.2.23:500 (in process_md() at demux.c:380)
| processing: STOP state #0 (in process_md() at demux.c:382)
| processing: STOP connection NULL (in process_md() at demux.c:383)
| spent 0.401 milliseconds in comm_handle_cb() reading and processing packet
recvmsg: received truncated IKE packet (MSG_TRUNC)
| **parse ISAKMP Message (raw):
|    initiator cookie:
|   62 ce 45 2c  07 54 0f a2
|    responder cookie:
|   3e 15 fb f7  96 7d bc 97
|    next payload type: 8 (0x8)
|    ISAKMP version: 16 (0x10)
|    exchange type: 5 (0x5)
|    flags: 1 (0x1)
|    Message ID: 2801642993 (0xa6fdadf1)
|    length: 92 (0x5c)
| State DB: IKEv1 state not found (find_likely_sender)
| MSG_ERRQUEUE packet has no matching IKEv1 SA
| rejected packet:
|   62 ce 45 2c  07 54 0f a2  3e 15 fb f7  96 7d bc 97
|   08 10 05 01  a6 fd ad f1  00 00 00 5c  5a 20 47 d6
|   ae f5 7d 42  37 2b 2b f1  18 8a 2f 8b  2c ba 81 39
|   8c d6 4d 67  d1 2c 6e 60
| control:
|   1c 00 00 00  00 00 00 00  00 00 00 00  08 00 00 00
|   fb 6b 00 00  00 00 00 00  c0 01 03 d1  ef 55 00 00
|   30 00 00 00  00 00 00 00  00 00 00 00  0b 00 00 00
|   6f 00 00 00  02 03 03 00  00 00 00 00  00 00 00 00
|   02 00 00 00  c0 01 02 17  00 00 00 00  00 00 00 00
| name:
|   02 00 01 f4  c0 01 02 17  00 00 00 00  00 00 00 00
| ERROR: asynchronous network error report on eth0 (192.1.3.209:500) for message to 192.1.2.23 port 500, complainant 192.1.2.23: Connection refused [errno 111, origin ICMP type 3 code 3 (not authenticated)]
| spent 0.0593 milliseconds in comm_handle_cb() calling check_incoming_msg_errqueue()
| accept(whackctlfd, (struct sockaddr *)&whackaddr, &whackaddrlen) -> fd@16 (in whack_handle() at rcv_whack.c:722)
shutting down
| processing: RESET whack log_fd (was fd@16) (in exit_pluto() at plutomain.c:1825)
| certs and keys locked by 'free_preshared_secrets'
forgetting secrets
| certs and keys unlocked by 'free_preshared_secrets'
| start processing: connection "road-east" (in delete_connection() at connections.c:189)
| Deleting states for connection - including all other IPsec SA's of this IKE SA
| pass 0
| FOR_EACH_STATE_... in foreach_state_by_connection_func_delete
| pass 1
| FOR_EACH_STATE_... in foreach_state_by_connection_func_delete
| free hp@0x55ef3f83c988
| flush revival: connection 'road-east' revival flushed
| stop processing: connection "road-east" (in discard_connection() at connections.c:249)
| crl fetch request list locked by 'free_crl_fetch'
| crl fetch request list unlocked by 'free_crl_fetch'
shutting down interface lo/lo 127.0.0.1:4500
shutting down interface lo/lo 127.0.0.1:500
shutting down interface eth0/eth0 192.1.3.209:4500
shutting down interface eth0/eth0 192.1.3.209:500
| FOR_EACH_STATE_... in delete_states_dead_interfaces
| libevent_free: release ptr-libevent@0x55ef3f82fab8
| free_event_entry: release EVENT_NULL-pe@0x55ef3f83b728
| libevent_free: release ptr-libevent@0x55ef3f7f0a78
| free_event_entry: release EVENT_NULL-pe@0x55ef3f83b7d8
| libevent_free: release ptr-libevent@0x55ef3f7f0398
| free_event_entry: release EVENT_NULL-pe@0x55ef3f83b888
| libevent_free: release ptr-libevent@0x55ef3f81db98
| free_event_entry: release EVENT_NULL-pe@0x55ef3f83b938
| FOR_EACH_UNORIENTED_CONNECTION_... in check_orientations
| libevent_free: release ptr-libevent@0x55ef3f82fb68
| free_event_entry: release EVENT_NULL-pe@0x55ef3f823d08
| libevent_free: release ptr-libevent@0x55ef3f7f09c8
| free_event_entry: release EVENT_NULL-pe@0x55ef3f823868
| libevent_free: release ptr-libevent@0x55ef3f81c418
| free_event_entry: release EVENT_NULL-pe@0x55ef3f81ddf8
| global timer EVENT_REINIT_SECRET uninitialized
| global timer EVENT_SHUNT_SCAN uninitialized
| global timer EVENT_PENDING_DDNS uninitialized
| global timer EVENT_PENDING_PHASE2 uninitialized
| global timer EVENT_CHECK_CRLS uninitialized
| global timer EVENT_REVIVE_CONNS uninitialized
| global timer EVENT_FREE_ROOT_CERTS uninitialized
| global timer EVENT_RESET_LOG_RATE_LIMIT uninitialized
| global timer EVENT_NAT_T_KEEPALIVE uninitialized
| libevent_free: release ptr-libevent@0x55ef3f777798
| signal event handler PLUTO_SIGCHLD uninstalled
| libevent_free: release ptr-libevent@0x55ef3f77ff68
| signal event handler PLUTO_SIGTERM uninstalled
| libevent_free: release ptr-libevent@0x55ef3f83b0e8
| signal event handler PLUTO_SIGHUP uninstalled
| libevent_free: release ptr-libevent@0x55ef3f83b328
| signal event handler PLUTO_SIGSYS uninstalled
| releasing event base
| libevent_free: release ptr-libevent@0x55ef3f83b1f8
| libevent_free: release ptr-libevent@0x55ef3f81e128
| libevent_free: release ptr-libevent@0x55ef3f81e0d8
| libevent_free: release ptr-libevent@0x55ef3f7f0328
| libevent_free: release ptr-libevent@0x55ef3f81e098
| libevent_free: release ptr-libevent@0x55ef3f83adb8
| libevent_free: release ptr-libevent@0x55ef3f83b028
| libevent_free: release ptr-libevent@0x55ef3f81e2d8
| libevent_free: release ptr-libevent@0x55ef3f8234f8
| libevent_free: release ptr-libevent@0x55ef3f823e18
| libevent_free: release ptr-libevent@0x55ef3f83b9a8
| libevent_free: release ptr-libevent@0x55ef3f83b8f8
| libevent_free: release ptr-libevent@0x55ef3f83b848
| libevent_free: release ptr-libevent@0x55ef3f83b798
| libevent_free: release ptr-libevent@0x55ef3f775e08
| libevent_free: release ptr-libevent@0x55ef3f83b0a8
| libevent_free: release ptr-libevent@0x55ef3f83b068
| libevent_free: release ptr-libevent@0x55ef3f83af28
| libevent_free: release ptr-libevent@0x55ef3f83b1b8
| libevent_free: release ptr-libevent@0x55ef3f83adf8
| libevent_free: release ptr-libevent@0x55ef3f7ec928
| libevent_free: release ptr-libevent@0x55ef3f7ec8a8
| libevent_free: release ptr-libevent@0x55ef3f776178
| releasing global libevent data
| libevent_free: release ptr-libevent@0x55ef3f7ecaa8
| libevent_free: release ptr-libevent@0x55ef3f7eca28
| libevent_free: release ptr-libevent@0x55ef3f7ec9a8
leak: 3 * sa copy attrs array, item size: 32
leak: 6 * sa copy attrs array, item size: 40
leak: sa copy trans array, item size: 216
leak: sa copy prop array, item size: 24
leak: sa copy prop conj array, item size: 16
leak: conjoin sa, item size: 24
leak: msg_digest in read_packet, item size: 5080
leak: msg_digest by aggr_outI1, item size: 5080
leak: 3 * sa copy attrs array, item size: 32
leak: 6 * sa copy attrs array, item size: 40
leak: sa copy trans array, item size: 216
leak: sa copy prop array, item size: 24
leak: sa copy prop conj array, item size: 16
leak: conjoin sa, item size: 24
leak detective found 28 leaks, total size 10864