Sep 21 07:36:13.957106: FIPS Product: YES
Sep 21 07:36:13.957139: FIPS Kernel: NO
Sep 21 07:36:13.957142: FIPS Mode: NO
Sep 21 07:36:13.957144: NSS DB directory: sql:/etc/ipsec.d
Sep 21 07:36:13.957304: Initializing NSS
Sep 21 07:36:13.957308: Opening NSS database "sql:/etc/ipsec.d" read-only
Sep 21 07:36:13.988049: NSS initialized
Sep 21 07:36:13.988060: NSS crypto library initialized
Sep 21 07:36:13.988063: FIPS HMAC integrity support [enabled]
Sep 21 07:36:13.988064: FIPS mode disabled for pluto daemon
Sep 21 07:36:14.045317: FIPS HMAC integrity verification self-test FAILED
Sep 21 07:36:14.045423: libcap-ng support [enabled]
Sep 21 07:36:14.045430: Linux audit support [enabled]
Sep 21 07:36:14.045451: Linux audit activated
Sep 21 07:36:14.045456: Starting Pluto (Libreswan Version v3.28-827-gc9aa82b8a6-master-s2 XFRM(netkey) esp-hw-offload FORK PTHREAD_SETSCHEDPRIO NSS (IPsec profile) DNSSEC SYSTEMD_WATCHDOG FIPS_CHECK LABELED_IPSEC SECCOMP LIBCAP_NG LINUX_AUDIT XAUTH_PAM NETWORKMANAGER CURL(non-NSS)) pid:18655
Sep 21 07:36:14.045459: core dump dir: /var/tmp
Sep 21 07:36:14.045460: secrets file: /etc/ipsec.secrets
Sep 21 07:36:14.045462: leak-detective disabled
Sep 21 07:36:14.045463: NSS crypto [enabled]
Sep 21 07:36:14.045464: XAUTH PAM support [enabled]
Sep 21 07:36:14.045521: | libevent is using pluto's memory allocator
Sep 21 07:36:14.045528: Initializing libevent in pthreads mode: headers: 2.1.8-stable (2010800); library: 2.1.8-stable (2010800)
Sep 21 07:36:14.045538: | libevent_malloc: new ptr-libevent@0x55e820bdeff0 size 40
Sep 21 07:36:14.045540: | libevent_malloc: new ptr-libevent@0x55e820bdf020 size 40
Sep 21 07:36:14.045543: | libevent_malloc: new ptr-libevent@0x55e820be0d50 size 40
Sep 21 07:36:14.045544: | creating event base
Sep 21 07:36:14.045546: | libevent_malloc: new ptr-libevent@0x55e820be0d10 size 56
Sep 21 07:36:14.045548: | libevent_malloc: new ptr-libevent@0x55e820be0d80 size 664
Sep 21 07:36:14.045557: | libevent_malloc: new ptr-libevent@0x55e820be05d0 size 24
Sep 21 07:36:14.045559: | libevent_malloc: new ptr-libevent@0x55e820bb6560 size 384
Sep 21 07:36:14.045567: | libevent_malloc: new ptr-libevent@0x55e820be1020 size 16
Sep 21 07:36:14.045568: | libevent_malloc: new ptr-libevent@0x55e820be1040 size 40
Sep 21 07:36:14.045570: | libevent_malloc: new ptr-libevent@0x55e820be1070 size 48
Sep 21 07:36:14.045574: | libevent_realloc: new ptr-libevent@0x55e820be10b0 size 256
Sep 21 07:36:14.045575: | libevent_malloc: new ptr-libevent@0x55e820be11c0 size 16
Sep 21 07:36:14.045579: | libevent_free: release ptr-libevent@0x55e820be0d10
Sep 21 07:36:14.045582: | libevent initialized
Sep 21 07:36:14.045584: | libevent_realloc: new ptr-libevent@0x55e820be11e0 size 64
Sep 21 07:36:14.045589: | global periodic timer EVENT_RESET_LOG_RATE_LIMIT enabled with interval of 3600 seconds
Sep 21 07:36:14.045600: | init_nat_traversal() initialized with keep_alive=0s
Sep 21 07:36:14.045602: NAT-Traversal support  [enabled]
Sep 21 07:36:14.045603: | global one-shot timer EVENT_NAT_T_KEEPALIVE initialized
Sep 21 07:36:14.045608: | global one-shot timer EVENT_FREE_ROOT_CERTS initialized
Sep 21 07:36:14.045610: | global periodic timer EVENT_REINIT_SECRET enabled with interval of 3600 seconds
Sep 21 07:36:14.045638: | global one-shot timer EVENT_REVIVE_CONNS initialized
Sep 21 07:36:14.045640: | global periodic timer EVENT_PENDING_DDNS enabled with interval of 60 seconds
Sep 21 07:36:14.045642: | global periodic timer EVENT_PENDING_PHASE2 enabled with interval of 120 seconds
Sep 21 07:36:14.045680: Encryption algorithms:
Sep 21 07:36:14.045684:   AES_CCM_16              IKEv1:     ESP     IKEv2:     ESP     FIPS  {256,192,*128}  aes_ccm, aes_ccm_c
Sep 21 07:36:14.045686:   AES_CCM_12              IKEv1:     ESP     IKEv2:     ESP     FIPS  {256,192,*128}  aes_ccm_b
Sep 21 07:36:14.045689:   AES_CCM_8               IKEv1:     ESP     IKEv2:     ESP     FIPS  {256,192,*128}  aes_ccm_a
Sep 21 07:36:14.045691:   3DES_CBC                IKEv1: IKE ESP     IKEv2: IKE ESP     FIPS  [*192]  3des
Sep 21 07:36:14.045693:   CAMELLIA_CTR            IKEv1:     ESP     IKEv2:     ESP           {256,192,*128}
Sep 21 07:36:14.045701:   CAMELLIA_CBC            IKEv1: IKE ESP     IKEv2: IKE ESP           {256,192,*128}  camellia
Sep 21 07:36:14.045704:   AES_GCM_16              IKEv1:     ESP     IKEv2: IKE ESP     FIPS  {256,192,*128}  aes_gcm, aes_gcm_c
Sep 21 07:36:14.045706:   AES_GCM_12              IKEv1:     ESP     IKEv2: IKE ESP     FIPS  {256,192,*128}  aes_gcm_b
Sep 21 07:36:14.045708:   AES_GCM_8               IKEv1:     ESP     IKEv2: IKE ESP     FIPS  {256,192,*128}  aes_gcm_a
Sep 21 07:36:14.045710:   AES_CTR                 IKEv1: IKE ESP     IKEv2: IKE ESP     FIPS  {256,192,*128}  aesctr
Sep 21 07:36:14.045712:   AES_CBC                 IKEv1: IKE ESP     IKEv2: IKE ESP     FIPS  {256,192,*128}  aes
Sep 21 07:36:14.045715:   SERPENT_CBC             IKEv1: IKE ESP     IKEv2: IKE ESP           {256,192,*128}  serpent
Sep 21 07:36:14.045717:   TWOFISH_CBC             IKEv1: IKE ESP     IKEv2: IKE ESP           {256,192,*128}  twofish
Sep 21 07:36:14.045719:   TWOFISH_SSH             IKEv1: IKE         IKEv2: IKE ESP           {256,192,*128}  twofish_cbc_ssh
Sep 21 07:36:14.045721:   NULL_AUTH_AES_GMAC      IKEv1:     ESP     IKEv2:     ESP     FIPS  {256,192,*128}  aes_gmac
Sep 21 07:36:14.045723:   NULL                    IKEv1:     ESP     IKEv2:     ESP           []
Sep 21 07:36:14.045725:   CHACHA20_POLY1305       IKEv1:             IKEv2: IKE ESP           [*256]  chacha20poly1305
Sep 21 07:36:14.045730: Hash algorithms:
Sep 21 07:36:14.045731:   MD5                     IKEv1: IKE         IKEv2:                 
Sep 21 07:36:14.045733:   SHA1                    IKEv1: IKE         IKEv2:             FIPS  sha
Sep 21 07:36:14.045735:   SHA2_256                IKEv1: IKE         IKEv2:             FIPS  sha2, sha256
Sep 21 07:36:14.045737:   SHA2_384                IKEv1: IKE         IKEv2:             FIPS  sha384
Sep 21 07:36:14.045739:   SHA2_512                IKEv1: IKE         IKEv2:             FIPS  sha512
Sep 21 07:36:14.045747: PRF algorithms:
Sep 21 07:36:14.045749:   HMAC_MD5                IKEv1: IKE         IKEv2: IKE               md5
Sep 21 07:36:14.045751:   HMAC_SHA1               IKEv1: IKE         IKEv2: IKE         FIPS  sha, sha1
Sep 21 07:36:14.045753:   HMAC_SHA2_256           IKEv1: IKE         IKEv2: IKE         FIPS  sha2, sha256, sha2_256
Sep 21 07:36:14.045755:   HMAC_SHA2_384           IKEv1: IKE         IKEv2: IKE         FIPS  sha384, sha2_384
Sep 21 07:36:14.045757:   HMAC_SHA2_512           IKEv1: IKE         IKEv2: IKE         FIPS  sha512, sha2_512
Sep 21 07:36:14.045759:   AES_XCBC                IKEv1:             IKEv2: IKE               aes128_xcbc
Sep 21 07:36:14.045773: Integrity algorithms:
Sep 21 07:36:14.045775:   HMAC_MD5_96             IKEv1: IKE ESP AH  IKEv2: IKE ESP AH        md5, hmac_md5
Sep 21 07:36:14.045778:   HMAC_SHA1_96            IKEv1: IKE ESP AH  IKEv2: IKE ESP AH  FIPS  sha, sha1, sha1_96, hmac_sha1
Sep 21 07:36:14.045780:   HMAC_SHA2_512_256       IKEv1: IKE ESP AH  IKEv2: IKE ESP AH  FIPS  sha512, sha2_512, sha2_512_256, hmac_sha2_512
Sep 21 07:36:14.045787:   HMAC_SHA2_384_192       IKEv1: IKE ESP AH  IKEv2: IKE ESP AH  FIPS  sha384, sha2_384, sha2_384_192, hmac_sha2_384
Sep 21 07:36:14.045794:   HMAC_SHA2_256_128       IKEv1: IKE ESP AH  IKEv2: IKE ESP AH  FIPS  sha2, sha256, sha2_256, sha2_256_128, hmac_sha2_256
Sep 21 07:36:14.045796:   HMAC_SHA2_256_TRUNCBUG  IKEv1:     ESP AH  IKEv2:         AH      
Sep 21 07:36:14.045800:   AES_XCBC_96             IKEv1:     ESP AH  IKEv2: IKE ESP AH        aes_xcbc, aes128_xcbc, aes128_xcbc_96
Sep 21 07:36:14.045801:   AES_CMAC_96             IKEv1:     ESP AH  IKEv2:     ESP AH  FIPS  aes_cmac
Sep 21 07:36:14.045803:   NONE                    IKEv1:     ESP     IKEv2: IKE ESP     FIPS  null
Sep 21 07:36:14.045811: DH algorithms:
Sep 21 07:36:14.045813:   NONE                    IKEv1:             IKEv2: IKE ESP AH  FIPS  null, dh0
Sep 21 07:36:14.045815:   MODP1536                IKEv1: IKE ESP AH  IKEv2: IKE ESP AH        dh5
Sep 21 07:36:14.045817:   MODP2048                IKEv1: IKE ESP AH  IKEv2: IKE ESP AH  FIPS  dh14
Sep 21 07:36:14.045826:   MODP3072                IKEv1: IKE ESP AH  IKEv2: IKE ESP AH  FIPS  dh15
Sep 21 07:36:14.045828:   MODP4096                IKEv1: IKE ESP AH  IKEv2: IKE ESP AH  FIPS  dh16
Sep 21 07:36:14.045829:   MODP6144                IKEv1: IKE ESP AH  IKEv2: IKE ESP AH  FIPS  dh17
Sep 21 07:36:14.045831:   MODP8192                IKEv1: IKE ESP AH  IKEv2: IKE ESP AH  FIPS  dh18
Sep 21 07:36:14.045833:   DH19                    IKEv1: IKE         IKEv2: IKE ESP AH  FIPS  ecp_256, ecp256
Sep 21 07:36:14.045835:   DH20                    IKEv1: IKE         IKEv2: IKE ESP AH  FIPS  ecp_384, ecp384
Sep 21 07:36:14.045837:   DH21                    IKEv1: IKE         IKEv2: IKE ESP AH  FIPS  ecp_521, ecp521
Sep 21 07:36:14.045838:   DH31                    IKEv1: IKE         IKEv2: IKE ESP AH        curve25519
Sep 21 07:36:14.045840: testing CAMELLIA_CBC:
Sep 21 07:36:14.045842:   Camellia: 16 bytes with 128-bit key
Sep 21 07:36:14.045936:   Camellia: 16 bytes with 128-bit key
Sep 21 07:36:14.045954:   Camellia: 16 bytes with 256-bit key
Sep 21 07:36:14.045971:   Camellia: 16 bytes with 256-bit key
Sep 21 07:36:14.045987: testing AES_GCM_16:
Sep 21 07:36:14.045989:   empty string
Sep 21 07:36:14.046006:   one block
Sep 21 07:36:14.046021:   two blocks
Sep 21 07:36:14.046036:   two blocks with associated data
Sep 21 07:36:14.046052: testing AES_CTR:
Sep 21 07:36:14.046054:   Encrypting 16 octets using AES-CTR with 128-bit key
Sep 21 07:36:14.046071:   Encrypting 32 octets using AES-CTR with 128-bit key
Sep 21 07:36:14.046087:   Encrypting 36 octets using AES-CTR with 128-bit key
Sep 21 07:36:14.046104:   Encrypting 16 octets using AES-CTR with 192-bit key
Sep 21 07:36:14.046119:   Encrypting 32 octets using AES-CTR with 192-bit key
Sep 21 07:36:14.046135:   Encrypting 36 octets using AES-CTR with 192-bit key
Sep 21 07:36:14.046151:   Encrypting 16 octets using AES-CTR with 256-bit key
Sep 21 07:36:14.046166:   Encrypting 32 octets using AES-CTR with 256-bit key
Sep 21 07:36:14.046182:   Encrypting 36 octets using AES-CTR with 256-bit key
Sep 21 07:36:14.046198: testing AES_CBC:
Sep 21 07:36:14.046200:   Encrypting 16 bytes (1 block) using AES-CBC with 128-bit key
Sep 21 07:36:14.046215:   Encrypting 32 bytes (2 blocks) using AES-CBC with 128-bit key
Sep 21 07:36:14.046232:   Encrypting 48 bytes (3 blocks) using AES-CBC with 128-bit key
Sep 21 07:36:14.046250:   Encrypting 64 bytes (4 blocks) using AES-CBC with 128-bit key
Sep 21 07:36:14.046271: testing AES_XCBC:
Sep 21 07:36:14.046273:   RFC 3566 Test Case #1: AES-XCBC-MAC-96 with 0-byte input
Sep 21 07:36:14.046346:   RFC 3566 Test Case #2: AES-XCBC-MAC-96 with 3-byte input
Sep 21 07:36:14.046423:   RFC 3566 Test Case #3: AES-XCBC-MAC-96 with 16-byte input
Sep 21 07:36:14.046498:   RFC 3566 Test Case #4: AES-XCBC-MAC-96 with 20-byte input
Sep 21 07:36:14.046575:   RFC 3566 Test Case #5: AES-XCBC-MAC-96 with 32-byte input
Sep 21 07:36:14.046649:   RFC 3566 Test Case #6: AES-XCBC-MAC-96 with 34-byte input
Sep 21 07:36:14.046727:   RFC 3566 Test Case #7: AES-XCBC-MAC-96 with 1000-byte input
Sep 21 07:36:14.046924:   RFC 4434 Test Case AES-XCBC-PRF-128 with 20-byte input (key length 16)
Sep 21 07:36:14.047006:   RFC 4434 Test Case AES-XCBC-PRF-128 with 20-byte input (key length 10)
Sep 21 07:36:14.047089:   RFC 4434 Test Case AES-XCBC-PRF-128 with 20-byte input (key length 18)
Sep 21 07:36:14.047233: testing HMAC_MD5:
Sep 21 07:36:14.047236:   RFC 2104: MD5_HMAC test 1
Sep 21 07:36:14.047343:   RFC 2104: MD5_HMAC test 2
Sep 21 07:36:14.047435:   RFC 2104: MD5_HMAC test 3
Sep 21 07:36:14.047651: 8 CPU cores online
Sep 21 07:36:14.047657: starting up 7 crypto helpers
Sep 21 07:36:14.047698: started thread for crypto helper 0
Sep 21 07:36:14.047722: started thread for crypto helper 1
Sep 21 07:36:14.047755: started thread for crypto helper 2
Sep 21 07:36:14.047779: started thread for crypto helper 3
Sep 21 07:36:14.047814: started thread for crypto helper 4
Sep 21 07:36:14.047843: started thread for crypto helper 5
Sep 21 07:36:14.047872: started thread for crypto helper 6
Sep 21 07:36:14.047877: | checking IKEv1 state table
Sep 21 07:36:14.047884: |   MAIN_R0: category: half-open IKE SA flags: 0:
Sep 21 07:36:14.047886: |     -> MAIN_R1 EVENT_SO_DISCARD
Sep 21 07:36:14.047889: |   MAIN_I1: category: half-open IKE SA flags: 0:
Sep 21 07:36:14.047891: |     -> MAIN_I2 EVENT_RETRANSMIT
Sep 21 07:36:14.047893: |   MAIN_R1: category: open IKE SA flags: 200:
Sep 21 07:36:14.047895: |     -> MAIN_R2 EVENT_RETRANSMIT
Sep 21 07:36:14.047898: |     -> UNDEFINED EVENT_RETRANSMIT
Sep 21 07:36:14.047900: |     -> UNDEFINED EVENT_RETRANSMIT
Sep 21 07:36:14.047902: |   MAIN_I2: category: open IKE SA flags: 0:
Sep 21 07:36:14.047905: |     -> MAIN_I3 EVENT_RETRANSMIT
Sep 21 07:36:14.047907: |     -> UNDEFINED EVENT_RETRANSMIT
Sep 21 07:36:14.047909: |     -> UNDEFINED EVENT_RETRANSMIT
Sep 21 07:36:14.047911: |   MAIN_R2: category: open IKE SA flags: 0:
Sep 21 07:36:14.047914: |     -> MAIN_R3 EVENT_SA_REPLACE
Sep 21 07:36:14.047916: |     -> MAIN_R3 EVENT_SA_REPLACE
Sep 21 07:36:14.047918: |     -> UNDEFINED EVENT_SA_REPLACE
Sep 21 07:36:14.047921: |   MAIN_I3: category: open IKE SA flags: 0:
Sep 21 07:36:14.047923: |     -> MAIN_I4 EVENT_SA_REPLACE
Sep 21 07:36:14.047925: |     -> MAIN_I4 EVENT_SA_REPLACE
Sep 21 07:36:14.047927: |     -> UNDEFINED EVENT_SA_REPLACE
Sep 21 07:36:14.047929: |   MAIN_R3: category: established IKE SA flags: 200:
Sep 21 07:36:14.047932: |     -> UNDEFINED EVENT_NULL
Sep 21 07:36:14.047934: |   MAIN_I4: category: established IKE SA flags: 0:
Sep 21 07:36:14.047936: |     -> UNDEFINED EVENT_NULL
Sep 21 07:36:14.047938: |   AGGR_R0: category: half-open IKE SA flags: 0:
Sep 21 07:36:14.047941: |     -> AGGR_R1 EVENT_SO_DISCARD
Sep 21 07:36:14.047943: |   AGGR_I1: category: half-open IKE SA flags: 0:
Sep 21 07:36:14.047945: |     -> AGGR_I2 EVENT_SA_REPLACE
Sep 21 07:36:14.047947: |     -> AGGR_I2 EVENT_SA_REPLACE
Sep 21 07:36:14.047950: |   AGGR_R1: category: open IKE SA flags: 200:
Sep 21 07:36:14.047952: |     -> AGGR_R2 EVENT_SA_REPLACE
Sep 21 07:36:14.047954: |     -> AGGR_R2 EVENT_SA_REPLACE
Sep 21 07:36:14.047957: |   AGGR_I2: category: established IKE SA flags: 200:
Sep 21 07:36:14.047959: |     -> UNDEFINED EVENT_NULL
Sep 21 07:36:14.047961: |   AGGR_R2: category: established IKE SA flags: 0:
Sep 21 07:36:14.047963: |     -> UNDEFINED EVENT_NULL
Sep 21 07:36:14.047966: |   QUICK_R0: category: established CHILD SA flags: 0:
Sep 21 07:36:14.047968: |     -> QUICK_R1 EVENT_RETRANSMIT
Sep 21 07:36:14.047970: |   QUICK_I1: category: established CHILD SA flags: 0:
Sep 21 07:36:14.047972: |     -> QUICK_I2 EVENT_SA_REPLACE
Sep 21 07:36:14.047975: |   QUICK_R1: category: established CHILD SA flags: 0:
Sep 21 07:36:14.047977: |     -> QUICK_R2 EVENT_SA_REPLACE
Sep 21 07:36:14.047979: |   QUICK_I2: category: established CHILD SA flags: 200:
Sep 21 07:36:14.047981: |     -> UNDEFINED EVENT_NULL
Sep 21 07:36:14.047984: |   QUICK_R2: category: established CHILD SA flags: 0:
Sep 21 07:36:14.047986: |     -> UNDEFINED EVENT_NULL
Sep 21 07:36:14.047988: |   INFO: category: informational flags: 0:
Sep 21 07:36:14.047990: |     -> UNDEFINED EVENT_NULL
Sep 21 07:36:14.047992: |   INFO_PROTECTED: category: informational flags: 0:
Sep 21 07:36:14.047994: |     -> UNDEFINED EVENT_NULL
Sep 21 07:36:14.047996: |   XAUTH_R0: category: established IKE SA flags: 0:
Sep 21 07:36:14.047997: |     -> XAUTH_R1 EVENT_NULL
Sep 21 07:36:14.047999: |   XAUTH_R1: category: established IKE SA flags: 0:
Sep 21 07:36:14.048001: |     -> MAIN_R3 EVENT_SA_REPLACE
Sep 21 07:36:14.048003: |   MODE_CFG_R0: category: informational flags: 0:
Sep 21 07:36:14.048005: |     -> MODE_CFG_R1 EVENT_SA_REPLACE
Sep 21 07:36:14.048007: |   MODE_CFG_R1: category: established IKE SA flags: 0:
Sep 21 07:36:14.048009: |     -> MODE_CFG_R2 EVENT_SA_REPLACE
Sep 21 07:36:14.048011: |   MODE_CFG_R2: category: established IKE SA flags: 0:
Sep 21 07:36:14.048013: |     -> UNDEFINED EVENT_NULL
Sep 21 07:36:14.048015: |   MODE_CFG_I1: category: established IKE SA flags: 0:
Sep 21 07:36:14.048019: |     -> MAIN_I4 EVENT_SA_REPLACE
Sep 21 07:36:14.048022: |   XAUTH_I0: category: established IKE SA flags: 0:
Sep 21 07:36:14.048023: |     -> XAUTH_I1 EVENT_RETRANSMIT
Sep 21 07:36:14.048026: |   XAUTH_I1: category: established IKE SA flags: 0:
Sep 21 07:36:14.048028: |     -> MAIN_I4 EVENT_RETRANSMIT
Sep 21 07:36:14.048034: | checking IKEv2 state table
Sep 21 07:36:14.048040: |   PARENT_I0: category: ignore flags: 0:
Sep 21 07:36:14.048042: |     -> PARENT_I1 EVENT_RETRANSMIT send-request (initiate IKE_SA_INIT)
Sep 21 07:36:14.048045: |   PARENT_I1: category: half-open IKE SA flags: 0:
Sep 21 07:36:14.048047: |     -> PARENT_I1 EVENT_RETAIN send-request (Initiator: process SA_INIT reply notification)
Sep 21 07:36:14.048050: |     -> PARENT_I2 EVENT_RETRANSMIT send-request (Initiator: process IKE_SA_INIT reply, initiate IKE_AUTH)
Sep 21 07:36:14.048053: |   PARENT_I2: category: open IKE SA flags: 0:
Sep 21 07:36:14.048055: |     -> PARENT_I2 EVENT_NULL (Initiator: process INVALID_SYNTAX AUTH notification)
Sep 21 07:36:14.048058: |     -> PARENT_I2 EVENT_NULL (Initiator: process AUTHENTICATION_FAILED AUTH notification)
Sep 21 07:36:14.048060: |     -> PARENT_I2 EVENT_NULL (Initiator: process UNSUPPORTED_CRITICAL_PAYLOAD AUTH notification)
Sep 21 07:36:14.048062: |     -> V2_IPSEC_I EVENT_SA_REPLACE (Initiator: process IKE_AUTH response)
Sep 21 07:36:14.048065: |     -> PARENT_I2 EVENT_NULL (IKE SA: process IKE_AUTH response containing unknown notification)
Sep 21 07:36:14.048067: |   PARENT_I3: category: established IKE SA flags: 0:
Sep 21 07:36:14.048070: |     -> PARENT_I3 EVENT_RETAIN (I3: Informational Request)
Sep 21 07:36:14.048072: |     -> PARENT_I3 EVENT_RETAIN (I3: Informational Response)
Sep 21 07:36:14.048075: |     -> PARENT_I3 EVENT_RETAIN (I3: INFORMATIONAL Request)
Sep 21 07:36:14.048077: |     -> PARENT_I3 EVENT_RETAIN (I3: INFORMATIONAL Response)
Sep 21 07:36:14.048080: |   PARENT_R0: category: half-open IKE SA flags: 0:
Sep 21 07:36:14.048082: |     -> PARENT_R1 EVENT_SO_DISCARD send-request (Respond to IKE_SA_INIT)
Sep 21 07:36:14.048085: |   PARENT_R1: category: half-open IKE SA flags: 0:
Sep 21 07:36:14.048088: |     -> PARENT_R1 EVENT_SA_REPLACE send-request (Responder: process IKE_AUTH request (no SKEYSEED))
Sep 21 07:36:14.048090: |     -> V2_IPSEC_R EVENT_SA_REPLACE send-request (Responder: process IKE_AUTH request)
Sep 21 07:36:14.048093: |   PARENT_R2: category: established IKE SA flags: 0:
Sep 21 07:36:14.048096: |     -> PARENT_R2 EVENT_RETAIN (R2: process Informational Request)
Sep 21 07:36:14.048098: |     -> PARENT_R2 EVENT_RETAIN (R2: process Informational Response)
Sep 21 07:36:14.048101: |     -> PARENT_R2 EVENT_RETAIN (R2: process INFORMATIONAL Request)
Sep 21 07:36:14.048103: |     -> PARENT_R2 EVENT_RETAIN (R2: process INFORMATIONAL Response)
Sep 21 07:36:14.048106: |   V2_CREATE_I0: category: established IKE SA flags: 0:
Sep 21 07:36:14.048109: |     -> V2_CREATE_I EVENT_RETRANSMIT send-request (Initiate CREATE_CHILD_SA IPsec SA)
Sep 21 07:36:14.048111: |   V2_CREATE_I: category: established IKE SA flags: 0:
Sep 21 07:36:14.048114: |     -> V2_IPSEC_I EVENT_SA_REPLACE (Process CREATE_CHILD_SA IPsec SA Response)
Sep 21 07:36:14.048117: |   V2_REKEY_IKE_I0: category: established IKE SA flags: 0:
Sep 21 07:36:14.048119: |     -> V2_REKEY_IKE_I EVENT_RETRANSMIT send-request (Initiate CREATE_CHILD_SA IKE Rekey)
Sep 21 07:36:14.048122: |   V2_REKEY_IKE_I: category: established IKE SA flags: 0:
Sep 21 07:36:14.048125: |     -> PARENT_I3 EVENT_SA_REPLACE (Process CREATE_CHILD_SA IKE Rekey Response)
Sep 21 07:36:14.048128: |   V2_REKEY_CHILD_I0: category: established IKE SA flags: 0:
Sep 21 07:36:14.048131: |     -> V2_REKEY_CHILD_I EVENT_RETRANSMIT send-request (Initiate CREATE_CHILD_SA IPsec Rekey SA)
Sep 21 07:36:14.048134: |   V2_REKEY_CHILD_I: category: established IKE SA flags: 0: <none>
Sep 21 07:36:14.048137: |   V2_CREATE_R: category: established IKE SA flags: 0:
Sep 21 07:36:14.048139: |     -> V2_IPSEC_R EVENT_SA_REPLACE send-request (Respond to CREATE_CHILD_SA IPsec SA Request)
Sep 21 07:36:14.048145: |   V2_REKEY_IKE_R: category: established IKE SA flags: 0:
Sep 21 07:36:14.048148: |     -> PARENT_R2 EVENT_SA_REPLACE send-request (Respond to CREATE_CHILD_SA IKE Rekey)
Sep 21 07:36:14.048150: |   V2_REKEY_CHILD_R: category: established IKE SA flags: 0: <none>
Sep 21 07:36:14.048153: |   V2_IPSEC_I: category: established CHILD SA flags: 0: <none>
Sep 21 07:36:14.048155: |   V2_IPSEC_R: category: established CHILD SA flags: 0: <none>
Sep 21 07:36:14.048158: |   IKESA_DEL: category: established IKE SA flags: 0:
Sep 21 07:36:14.048160: |     -> IKESA_DEL EVENT_RETAIN (IKE_SA_DEL: process INFORMATIONAL)
Sep 21 07:36:14.048162: |   CHILDSA_DEL: category: informational flags: 0: <none>
Sep 21 07:36:14.048210: Using Linux XFRM/NETKEY IPsec interface code on 5.2.11+
Sep 21 07:36:14.048268: | Hard-wiring algorithms
Sep 21 07:36:14.048273: | adding AES_CCM_16 to kernel algorithm db
Sep 21 07:36:14.048277: | adding AES_CCM_12 to kernel algorithm db
Sep 21 07:36:14.048280: | adding AES_CCM_8 to kernel algorithm db
Sep 21 07:36:14.048282: | adding 3DES_CBC to kernel algorithm db
Sep 21 07:36:14.048284: | adding CAMELLIA_CBC to kernel algorithm db
Sep 21 07:36:14.048287: | adding AES_GCM_16 to kernel algorithm db
Sep 21 07:36:14.048289: | adding AES_GCM_12 to kernel algorithm db
Sep 21 07:36:14.048291: | adding AES_GCM_8 to kernel algorithm db
Sep 21 07:36:14.048293: | adding AES_CTR to kernel algorithm db
Sep 21 07:36:14.048295: | adding AES_CBC to kernel algorithm db
Sep 21 07:36:14.048297: | adding SERPENT_CBC to kernel algorithm db
Sep 21 07:36:14.048300: | adding TWOFISH_CBC to kernel algorithm db
Sep 21 07:36:14.048302: | adding NULL_AUTH_AES_GMAC to kernel algorithm db
Sep 21 07:36:14.048304: | adding NULL to kernel algorithm db
Sep 21 07:36:14.048307: | adding CHACHA20_POLY1305 to kernel algorithm db
Sep 21 07:36:14.048309: | adding HMAC_MD5_96 to kernel algorithm db
Sep 21 07:36:14.048311: | adding HMAC_SHA1_96 to kernel algorithm db
Sep 21 07:36:14.048313: | adding HMAC_SHA2_512_256 to kernel algorithm db
Sep 21 07:36:14.048315: | adding HMAC_SHA2_384_192 to kernel algorithm db
Sep 21 07:36:14.048318: | adding HMAC_SHA2_256_128 to kernel algorithm db
Sep 21 07:36:14.048320: | adding HMAC_SHA2_256_TRUNCBUG to kernel algorithm db
Sep 21 07:36:14.048322: | adding AES_XCBC_96 to kernel algorithm db
Sep 21 07:36:14.048324: | adding AES_CMAC_96 to kernel algorithm db
Sep 21 07:36:14.048327: | adding NONE to kernel algorithm db
Sep 21 07:36:14.048348: | net.ipv6.conf.all.disable_ipv6=1 ignore ipv6 holes
Sep 21 07:36:14.048355: | global periodic timer EVENT_SHUNT_SCAN enabled with interval of 20 seconds
Sep 21 07:36:14.048358: | setup kernel fd callback
Sep 21 07:36:14.048361: | add_fd_read_event_handler: new KERNEL_XRM_FD-pe@0x55e820be6d40
Sep 21 07:36:14.048365: | libevent_malloc: new ptr-libevent@0x55e820bf2ae0 size 128
Sep 21 07:36:14.048369: | libevent_malloc: new ptr-libevent@0x55e820be13d0 size 16
Sep 21 07:36:14.048375: | add_fd_read_event_handler: new KERNEL_ROUTE_FD-pe@0x55e820be6d00
Sep 21 07:36:14.048379: | libevent_malloc: new ptr-libevent@0x55e820bf2b70 size 128
Sep 21 07:36:14.048382: | libevent_malloc: new ptr-libevent@0x55e820be5cc0 size 16
Sep 21 07:36:14.048420: | starting up helper thread 4
Sep 21 07:36:14.048430: | status value returned by setting the priority of this thread (crypto helper 4) 22
Sep 21 07:36:14.048432: | crypto helper 4 waiting (nothing to do)
Sep 21 07:36:14.048439: | starting up helper thread 0
Sep 21 07:36:14.048444: | status value returned by setting the priority of this thread (crypto helper 0) 22
Sep 21 07:36:14.048446: | crypto helper 0 waiting (nothing to do)
Sep 21 07:36:14.048451: | starting up helper thread 1
Sep 21 07:36:14.048457: | status value returned by setting the priority of this thread (crypto helper 1) 22
Sep 21 07:36:14.048459: | crypto helper 1 waiting (nothing to do)
Sep 21 07:36:14.048597: | global one-shot timer EVENT_CHECK_CRLS initialized
Sep 21 07:36:14.048607: selinux support is enabled.
Sep 21 07:36:14.048692: systemd watchdog not enabled - not sending watchdog keepalives
Sep 21 07:36:14.050418: | unbound context created - setting debug level to 5
Sep 21 07:36:14.050466: | /etc/hosts lookups activated
Sep 21 07:36:14.050487: | /etc/resolv.conf usage activated
Sep 21 07:36:14.050557: | outgoing-port-avoid set 0-65535
Sep 21 07:36:14.050582: | outgoing-port-permit set 32768-60999
Sep 21 07:36:14.050586: | Loading dnssec root key from:/var/lib/unbound/root.key
Sep 21 07:36:14.050590: | No additional dnssec trust anchors defined via dnssec-trusted= option
Sep 21 07:36:14.050593: | Setting up events, loop start
Sep 21 07:36:14.050597: | add_fd_read_event_handler: new PLUTO_CTL_FD-pe@0x55e820be0d10
Sep 21 07:36:14.050601: | libevent_malloc: new ptr-libevent@0x55e820bfd0e0 size 128
Sep 21 07:36:14.050605: | libevent_malloc: new ptr-libevent@0x55e820bfd170 size 16
Sep 21 07:36:14.050612: | libevent_realloc: new ptr-libevent@0x55e820bfd190 size 256
Sep 21 07:36:14.050615: | libevent_malloc: new ptr-libevent@0x55e820bfd2a0 size 8
Sep 21 07:36:14.050618: | libevent_realloc: new ptr-libevent@0x55e820bf1e60 size 144
Sep 21 07:36:14.050621: | libevent_malloc: new ptr-libevent@0x55e820bfd2c0 size 152
Sep 21 07:36:14.050625: | libevent_malloc: new ptr-libevent@0x55e820bfd360 size 16
Sep 21 07:36:14.050629: | signal event handler PLUTO_SIGCHLD installed
Sep 21 07:36:14.050632: | libevent_malloc: new ptr-libevent@0x55e820bfd380 size 8
Sep 21 07:36:14.050634: | libevent_malloc: new ptr-libevent@0x55e820bfd3a0 size 152
Sep 21 07:36:14.050637: | signal event handler PLUTO_SIGTERM installed
Sep 21 07:36:14.050640: | libevent_malloc: new ptr-libevent@0x55e820bfd440 size 8
Sep 21 07:36:14.050642: | libevent_malloc: new ptr-libevent@0x55e820bfd460 size 152
Sep 21 07:36:14.050645: | signal event handler PLUTO_SIGHUP installed
Sep 21 07:36:14.050647: | libevent_malloc: new ptr-libevent@0x55e820bfd500 size 8
Sep 21 07:36:14.050650: | libevent_realloc: release ptr-libevent@0x55e820bf1e60
Sep 21 07:36:14.050652: | libevent_realloc: new ptr-libevent@0x55e820bfd520 size 256
Sep 21 07:36:14.050654: | libevent_malloc: new ptr-libevent@0x55e820bf1e60 size 152
Sep 21 07:36:14.050657: | signal event handler PLUTO_SIGSYS installed
Sep 21 07:36:14.051154: | created addconn helper (pid:18719) using fork+execve
Sep 21 07:36:14.051182: | forked child 18719
Sep 21 07:36:14.051225: | accept(whackctlfd, (struct sockaddr *)&whackaddr, &whackaddrlen) -> fd@16 (in whack_handle() at rcv_whack.c:721)
Sep 21 07:36:14.051241: | pluto_sd: executing action action: reloading(4), status 0
Sep 21 07:36:14.051248: listening for IKE messages
Sep 21 07:36:14.051283: | Inspecting interface lo 
Sep 21 07:36:14.051289: | found lo with address 127.0.0.1
Sep 21 07:36:14.051292: | Inspecting interface eth0 
Sep 21 07:36:14.051296: | found eth0 with address 192.1.3.209
Sep 21 07:36:14.051346: Kernel supports NIC esp-hw-offload
Sep 21 07:36:14.051357: adding interface eth0/eth0 (esp-hw-offload not supported by kernel) 192.1.3.209:500
Sep 21 07:36:14.051380: | NAT-Traversal: Trying sockopt style NAT-T
Sep 21 07:36:14.051385: | NAT-Traversal: ESPINUDP(2) setup succeeded for sockopt style NAT-T family IPv4
Sep 21 07:36:14.051388: adding interface eth0/eth0 192.1.3.209:4500
Sep 21 07:36:14.051416: adding interface lo/lo (esp-hw-offload not supported by kernel) 127.0.0.1:500
Sep 21 07:36:14.051436: | NAT-Traversal: Trying sockopt style NAT-T
Sep 21 07:36:14.051440: | NAT-Traversal: ESPINUDP(2) setup succeeded for sockopt style NAT-T family IPv4
Sep 21 07:36:14.051443: adding interface lo/lo 127.0.0.1:4500
Sep 21 07:36:14.051498: | no interfaces to sort
Sep 21 07:36:14.051502: | FOR_EACH_UNORIENTED_CONNECTION_... in check_orientations
Sep 21 07:36:14.051510: | add_fd_read_event_handler: new ethX-pe@0x55e820be64a0
Sep 21 07:36:14.051154: | starting up helper thread 2
Sep 21 07:36:14.051514: | libevent_malloc: new ptr-libevent@0x55e820bfd820 size 128
Sep 21 07:36:14.051524: | status value returned by setting the priority of this thread (crypto helper 2) 22
Sep 21 07:36:14.051531: | libevent_malloc: new ptr-libevent@0x55e820bfd8b0 size 16
Sep 21 07:36:14.051542: | crypto helper 2 waiting (nothing to do)
Sep 21 07:36:14.051549: | setup callback for interface lo 127.0.0.1:4500 fd 20
Sep 21 07:36:14.051552: | add_fd_read_event_handler: new ethX-pe@0x55e820bfd8d0
Sep 21 07:36:14.051555: | libevent_malloc: new ptr-libevent@0x55e820bfd910 size 128
Sep 21 07:36:14.051557: | libevent_malloc: new ptr-libevent@0x55e820bfd9a0 size 16
Sep 21 07:36:14.051562: | setup callback for interface lo 127.0.0.1:500 fd 19
Sep 21 07:36:14.051565: | add_fd_read_event_handler: new ethX-pe@0x55e820bfd9c0
Sep 21 07:36:14.051568: | libevent_malloc: new ptr-libevent@0x55e820bfda00 size 128
Sep 21 07:36:14.051571: | libevent_malloc: new ptr-libevent@0x55e820bfda90 size 16
Sep 21 07:36:14.051576: | setup callback for interface eth0 192.1.3.209:4500 fd 18
Sep 21 07:36:14.051578: | add_fd_read_event_handler: new ethX-pe@0x55e820bfdab0
Sep 21 07:36:14.051581: | libevent_malloc: new ptr-libevent@0x55e820bfdaf0 size 128
Sep 21 07:36:14.051584: | libevent_malloc: new ptr-libevent@0x55e820bfdb80 size 16
Sep 21 07:36:14.051588: | setup callback for interface eth0 192.1.3.209:500 fd 17
Sep 21 07:36:14.051598: | certs and keys locked by 'free_preshared_secrets'
Sep 21 07:36:14.051600: | certs and keys unlocked by 'free_preshared_secrets'
Sep 21 07:36:14.050728: | starting up helper thread 3
Sep 21 07:36:14.051622: | status value returned by setting the priority of this thread (crypto helper 3) 22
Sep 21 07:36:14.051624: loading secrets from "/etc/ipsec.secrets"
Sep 21 07:36:14.051627: | crypto helper 3 waiting (nothing to do)
Sep 21 07:36:14.050734: | starting up helper thread 5
Sep 21 07:36:14.051646: | status value returned by setting the priority of this thread (crypto helper 5) 22
Sep 21 07:36:14.051650: | crypto helper 5 waiting (nothing to do)
Sep 21 07:36:14.051650: | saving Modulus
Sep 21 07:36:14.050738: | starting up helper thread 6
Sep 21 07:36:14.051670: | saving PublicExponent
Sep 21 07:36:14.051673: | status value returned by setting the priority of this thread (crypto helper 6) 22
Sep 21 07:36:14.051676: | crypto helper 6 waiting (nothing to do)
Sep 21 07:36:14.051724: | computed rsa CKAID  1a 15 cc e8  92 73 43 9c  2b f4 20 2a  c1 06 6e f2
Sep 21 07:36:14.051727: | computed rsa CKAID  59 b0 ef 45
Sep 21 07:36:14.051730: loaded private key for keyid: PKK_RSA:AQPHFfpyJ
Sep 21 07:36:14.051736: | certs and keys locked by 'process_secret'
Sep 21 07:36:14.051738: | certs and keys unlocked by 'process_secret'
Sep 21 07:36:14.051743: | pluto_sd: executing action action: ready(5), status 0
Sep 21 07:36:14.051751: | close_any(fd@16) (in whack_process() at rcv_whack.c:700)
Sep 21 07:36:14.051758: | spent 0.53 milliseconds in whack
Sep 21 07:36:14.096923: | accept(whackctlfd, (struct sockaddr *)&whackaddr, &whackaddrlen) -> fd@16 (in whack_handle() at rcv_whack.c:721)
Sep 21 07:36:14.096952: | pluto_sd: executing action action: reloading(4), status 0
Sep 21 07:36:14.096959: listening for IKE messages
Sep 21 07:36:14.096998: | Inspecting interface lo 
Sep 21 07:36:14.097006: | found lo with address 127.0.0.1
Sep 21 07:36:14.097009: | Inspecting interface eth0 
Sep 21 07:36:14.097014: | found eth0 with address 192.1.3.209
Sep 21 07:36:14.097085: | no interfaces to sort
Sep 21 07:36:14.097097: | libevent_free: release ptr-libevent@0x55e820bfd820
Sep 21 07:36:14.097100: | free_event_entry: release EVENT_NULL-pe@0x55e820be64a0
Sep 21 07:36:14.097104: | add_fd_read_event_handler: new ethX-pe@0x55e820be64a0
Sep 21 07:36:14.097107: | libevent_malloc: new ptr-libevent@0x55e820bfd820 size 128
Sep 21 07:36:14.097115: | setup callback for interface lo 127.0.0.1:4500 fd 20
Sep 21 07:36:14.097118: | libevent_free: release ptr-libevent@0x55e820bfd910
Sep 21 07:36:14.097121: | free_event_entry: release EVENT_NULL-pe@0x55e820bfd8d0
Sep 21 07:36:14.097124: | add_fd_read_event_handler: new ethX-pe@0x55e820bfd8d0
Sep 21 07:36:14.097127: | libevent_malloc: new ptr-libevent@0x55e820bfd910 size 128
Sep 21 07:36:14.097132: | setup callback for interface lo 127.0.0.1:500 fd 19
Sep 21 07:36:14.097141: | libevent_free: release ptr-libevent@0x55e820bfda00
Sep 21 07:36:14.097145: | free_event_entry: release EVENT_NULL-pe@0x55e820bfd9c0
Sep 21 07:36:14.097147: | add_fd_read_event_handler: new ethX-pe@0x55e820bfd9c0
Sep 21 07:36:14.097150: | libevent_malloc: new ptr-libevent@0x55e820bfda00 size 128
Sep 21 07:36:14.097155: | setup callback for interface eth0 192.1.3.209:4500 fd 18
Sep 21 07:36:14.097159: | libevent_free: release ptr-libevent@0x55e820bfdaf0
Sep 21 07:36:14.097162: | free_event_entry: release EVENT_NULL-pe@0x55e820bfdab0
Sep 21 07:36:14.097164: | add_fd_read_event_handler: new ethX-pe@0x55e820bfdab0
Sep 21 07:36:14.097167: | libevent_malloc: new ptr-libevent@0x55e820bfdaf0 size 128
Sep 21 07:36:14.097172: | setup callback for interface eth0 192.1.3.209:500 fd 17
Sep 21 07:36:14.097175: | certs and keys locked by 'free_preshared_secrets'
Sep 21 07:36:14.097178: forgetting secrets
Sep 21 07:36:14.097186: | certs and keys unlocked by 'free_preshared_secrets'
Sep 21 07:36:14.097202: loading secrets from "/etc/ipsec.secrets"
Sep 21 07:36:14.097219: | saving Modulus
Sep 21 07:36:14.097223: | saving PublicExponent
Sep 21 07:36:14.097250: | computed rsa CKAID  1a 15 cc e8  92 73 43 9c  2b f4 20 2a  c1 06 6e f2
Sep 21 07:36:14.097253: | computed rsa CKAID  59 b0 ef 45
Sep 21 07:36:14.097257: loaded private key for keyid: PKK_RSA:AQPHFfpyJ
Sep 21 07:36:14.097262: | certs and keys locked by 'process_secret'
Sep 21 07:36:14.097265: | certs and keys unlocked by 'process_secret'
Sep 21 07:36:14.097270: | pluto_sd: executing action action: ready(5), status 0
Sep 21 07:36:14.097278: | close_any(fd@16) (in whack_process() at rcv_whack.c:700)
Sep 21 07:36:14.097285: | spent 0.371 milliseconds in whack
Sep 21 07:36:14.098743: | processing signal PLUTO_SIGCHLD
Sep 21 07:36:14.098760: | waitpid returned pid 18719 (exited with status 0)
Sep 21 07:36:14.098765: | reaped addconn helper child (status 0)
Sep 21 07:36:14.098771: | waitpid returned ECHILD (no child processes left)
Sep 21 07:36:14.098777: | spent 0.0211 milliseconds in signal handler PLUTO_SIGCHLD
Sep 21 07:36:14.150336: | accept(whackctlfd, (struct sockaddr *)&whackaddr, &whackaddrlen) -> fd@16 (in whack_handle() at rcv_whack.c:721)
Sep 21 07:36:14.150356: | FOR_EACH_CONNECTION_... in conn_by_name
Sep 21 07:36:14.150359: | FOR_EACH_CONNECTION_... in foreach_connection_by_alias
Sep 21 07:36:14.150361: | FOR_EACH_CONNECTION_... in conn_by_name
Sep 21 07:36:14.150362: | FOR_EACH_CONNECTION_... in foreach_connection_by_alias
Sep 21 07:36:14.150365: | FOR_EACH_CONNECTION_... in conn_by_name
Sep 21 07:36:14.150371: | Added new connection xauth-road-eastnet with policy ENCRYPT+TUNNEL+PFS+XAUTH+IKEV1_ALLOW+SAREF_TRACK+IKE_FRAG_ALLOW+ESN_NO
Sep 21 07:36:14.150374: | No AUTH policy was set - defaulting to RSASIG
Sep 21 07:36:14.150378: | counting wild cards for @road is 0
Sep 21 07:36:14.150382: | counting wild cards for @east is 0
Sep 21 07:36:14.150393: | connect_to_host_pair: 192.1.3.209:500 192.1.2.23:500 -> hp@(nil): none
Sep 21 07:36:14.150395: | new hp@0x55e820be1410
Sep 21 07:36:14.150400: added connection description "xauth-road-eastnet"
Sep 21 07:36:14.150409: | ike_life: 3600s; ipsec_life: 28800s; rekey_margin: 540s; rekey_fuzz: 100%; keyingtries: 0; replay_window: 32; policy: RSASIG+ENCRYPT+TUNNEL+PFS+XAUTH+IKEV1_ALLOW+SAREF_TRACK+IKE_FRAG_ALLOW+ESN_NO
Sep 21 07:36:14.150421: | 192.1.3.209[@road,+XC+S=C]---192.1.3.254...192.1.2.23<192.1.2.23>[@east,+XS+S=C]===192.0.2.0/24
Sep 21 07:36:14.150428: | close_any(fd@16) (in whack_process() at rcv_whack.c:700)
Sep 21 07:36:14.150434: | spent 0.106 milliseconds in whack
Sep 21 07:36:14.150692: | accept(whackctlfd, (struct sockaddr *)&whackaddr, &whackaddrlen) -> fd@16 (in whack_handle() at rcv_whack.c:721)
Sep 21 07:36:14.150701: add keyid @road
Sep 21 07:36:14.150705: | add pubkey  01 03 c7 15  fa 72 27 70  a4 e1 f3 0a  70 21 f9 0c
Sep 21 07:36:14.150706: | add pubkey  3f e2 65 12  87 d9 fd 12  cb af d4 e0  c2 e3 dd 77
Sep 21 07:36:14.150708: | add pubkey  a0 ef aa c7  d6 a2 b2 30  f2 64 b0 c5  e6 c7 a7 27
Sep 21 07:36:14.150713: | add pubkey  17 54 7a 8e  32 c9 ac fd  bf 8f b3 33  b9 74 74 73
Sep 21 07:36:14.150715: | add pubkey  dd 23 83 11  53 d6 d4 91  0e 36 7e 67  fc 89 1e 48
Sep 21 07:36:14.150716: | add pubkey  ac e9 da 2e  66 9d 6e 4f  e2 98 a7 dc  41 b3 a4 37
Sep 21 07:36:14.150718: | add pubkey  f5 07 a9 9c  23 69 83 54  87 7b ea 00  a7 5b ab 2d
Sep 21 07:36:14.150719: | add pubkey  41 34 d1 a3  17 1e a7 64  2d 7f ff 45  7a 5d 85 5c
Sep 21 07:36:14.150720: | add pubkey  73 dd 63 e7  40 ad eb 71  e6 5f 21 43  80 f5 23 4c
Sep 21 07:36:14.150722: | add pubkey  3d 4a 11 2c  ca 9a d6 79  c5 c2 51 6e  af c3 6e 99
Sep 21 07:36:14.150723: | add pubkey  f5 26 1c 67  ee 8a 3e 30  4b c1 93 a7  92 34 36 8c
Sep 21 07:36:14.150724: | add pubkey  bf e6 d0 d3  fe 78 0b 0a  64 04 44 ca  8c 83 fd f1
Sep 21 07:36:14.150726: | add pubkey  2e b5 00 76  61 a6 de f1  59 67 2b 6d  c2 57 e0 f2
Sep 21 07:36:14.150727: | add pubkey  7d 6b 9f d3  46 41 8c 31  c2 fd c4 60  72 08 3b bb
Sep 21 07:36:14.150729: | add pubkey  56 fb 01 fc  1d 57 4e cf  7c 0f c4 6f  72 6f 2a 0e
Sep 21 07:36:14.150730: | add pubkey  f3 30 db a0  80 f9 70 cc  bb 07 a9 f9  d7 76 99 63
Sep 21 07:36:14.150731: | add pubkey  4b 6a 0f 1a  37 95 cb 9b  ea 17 f7 55  62 6b 8a 83
Sep 21 07:36:14.150733: | add pubkey  05 ff 43 78  57 dd bd 08  85 9c f1 62  35 6e 69 c7
Sep 21 07:36:14.150734: | add pubkey  04 0b 4b c4  1b d2 38 89  8c de 56 d0  c8 2c 51 54
Sep 21 07:36:14.150736: | add pubkey  32 1b 7d 27  dc cd 37 7a  4e cb 1a ec  d2 ce 48 ed
Sep 21 07:36:14.150737: | add pubkey  43 48 9c 8a  fc 30 9f b1  57 1c a9 98  e5 84 93 6c
Sep 21 07:36:14.150738: | add pubkey  da 4d cc 95  e3 f5 f2 a5  b3 9d 70 ae  24 8d 08 3b
Sep 21 07:36:14.150740: | add pubkey  0f 8c e9 5a  a5 f0 4d 9c  3c 2f 7f bc  10 95 34 1c
Sep 21 07:36:14.150741: | add pubkey  96 74 29 fc  ab fb 8f 4b  71 aa 0b 26  b5 f0 32 98
Sep 21 07:36:14.150743: | add pubkey  90 6a fd 31  f5 ab
Sep 21 07:36:14.150756: | computed rsa CKAID  1a 15 cc e8  92 73 43 9c  2b f4 20 2a  c1 06 6e f2
Sep 21 07:36:14.150773: | computed rsa CKAID  59 b0 ef 45
Sep 21 07:36:14.150781: | keyid: *AQPHFfpyJ
Sep 21 07:36:14.150800: |   n  c7 15 fa 72  27 70 a4 e1  f3 0a 70 21  f9 0c 3f e2
Sep 21 07:36:14.150802: |   n  65 12 87 d9  fd 12 cb af  d4 e0 c2 e3  dd 77 a0 ef
Sep 21 07:36:14.150804: |   n  aa c7 d6 a2  b2 30 f2 64  b0 c5 e6 c7  a7 27 17 54
Sep 21 07:36:14.150806: |   n  7a 8e 32 c9  ac fd bf 8f  b3 33 b9 74  74 73 dd 23
Sep 21 07:36:14.150809: |   n  83 11 53 d6  d4 91 0e 36  7e 67 fc 89  1e 48 ac e9
Sep 21 07:36:14.150811: |   n  da 2e 66 9d  6e 4f e2 98  a7 dc 41 b3  a4 37 f5 07
Sep 21 07:36:14.150813: |   n  a9 9c 23 69  83 54 87 7b  ea 00 a7 5b  ab 2d 41 34
Sep 21 07:36:14.150816: |   n  d1 a3 17 1e  a7 64 2d 7f  ff 45 7a 5d  85 5c 73 dd
Sep 21 07:36:14.150822: |   n  63 e7 40 ad  eb 71 e6 5f  21 43 80 f5  23 4c 3d 4a
Sep 21 07:36:14.150827: |   n  11 2c ca 9a  d6 79 c5 c2  51 6e af c3  6e 99 f5 26
Sep 21 07:36:14.150829: |   n  1c 67 ee 8a  3e 30 4b c1  93 a7 92 34  36 8c bf e6
Sep 21 07:36:14.150831: |   n  d0 d3 fe 78  0b 0a 64 04  44 ca 8c 83  fd f1 2e b5
Sep 21 07:36:14.150834: |   n  00 76 61 a6  de f1 59 67  2b 6d c2 57  e0 f2 7d 6b
Sep 21 07:36:14.150836: |   n  9f d3 46 41  8c 31 c2 fd  c4 60 72 08  3b bb 56 fb
Sep 21 07:36:14.150838: |   n  01 fc 1d 57  4e cf 7c 0f  c4 6f 72 6f  2a 0e f3 30
Sep 21 07:36:14.150840: |   n  db a0 80 f9  70 cc bb 07  a9 f9 d7 76  99 63 4b 6a
Sep 21 07:36:14.150843: |   n  0f 1a 37 95  cb 9b ea 17  f7 55 62 6b  8a 83 05 ff
Sep 21 07:36:14.150847: |   n  43 78 57 dd  bd 08 85 9c  f1 62 35 6e  69 c7 04 0b
Sep 21 07:36:14.150853: |   n  4b c4 1b d2  38 89 8c de  56 d0 c8 2c  51 54 32 1b
Sep 21 07:36:14.150855: |   n  7d 27 dc cd  37 7a 4e cb  1a ec d2 ce  48 ed 43 48
Sep 21 07:36:14.150858: |   n  9c 8a fc 30  9f b1 57 1c  a9 98 e5 84  93 6c da 4d
Sep 21 07:36:14.150860: |   n  cc 95 e3 f5  f2 a5 b3 9d  70 ae 24 8d  08 3b 0f 8c
Sep 21 07:36:14.150865: |   n  e9 5a a5 f0  4d 9c 3c 2f  7f bc 10 95  34 1c 96 74
Sep 21 07:36:14.150868: |   n  29 fc ab fb  8f 4b 71 aa  0b 26 b5 f0  32 98 90 6a
Sep 21 07:36:14.150874: |   n  fd 31 f5 ab
Sep 21 07:36:14.150876: |   e  03
Sep 21 07:36:14.150878: |   CKAID  1a 15 cc e8  92 73 43 9c  2b f4 20 2a  c1 06 6e f2
Sep 21 07:36:14.150880: |   CKAID  59 b0 ef 45
Sep 21 07:36:14.150889: | close_any(fd@16) (in whack_process() at rcv_whack.c:700)
Sep 21 07:36:14.150895: | spent 0.187 milliseconds in whack
Sep 21 07:36:14.151053: | accept(whackctlfd, (struct sockaddr *)&whackaddr, &whackaddrlen) -> fd@16 (in whack_handle() at rcv_whack.c:721)
Sep 21 07:36:14.151063: add keyid @east
Sep 21 07:36:14.151068: | add pubkey  01 03 bd 6c  96 eb df 78  89 b3 ed 77  0d a1 7f 7b
Sep 21 07:36:14.151070: | add pubkey  e5 16 c2 c9  e4 7d 92 0a  90 9d 55 43  b4 62 13 03
Sep 21 07:36:14.151072: | add pubkey  85 7a e0 26  7b 54 1f ca  09 93 cf ff  25 c9 02 4c
Sep 21 07:36:14.151074: | add pubkey  78 ca 94 e5  3e ac d1 f9  a8 e5 bb 7f  cc 20 84 e0
Sep 21 07:36:14.151076: | add pubkey  21 c9 f0 0d  c5 44 ba f3  48 64 61 58  f6 0f 63 0d
Sep 21 07:36:14.151078: | add pubkey  d2 67 1e 59  8b ec f3 50  39 71 fb 39  da 11 64 b6
Sep 21 07:36:14.151080: | add pubkey  62 cd 5f d3  8d 2e c1 50  ed 9c 6e 22  0c 39 a7 ce
Sep 21 07:36:14.151082: | add pubkey  62 b5 af 8a  80 0f 2e 4c  05 5c 82 c7  8d 29 02 2e
Sep 21 07:36:14.151084: | add pubkey  bb 23 5f db  f2 9e b5 7d  e2 20 70 1a  63 f3 8e 5d
Sep 21 07:36:14.151086: | add pubkey  ac 47 f0 5c  26 4e b1 d0  42 60 52 4a  b0 77 25 ce
Sep 21 07:36:14.151088: | add pubkey  e0 98 2b 43  f4 c7 59 1a  64 01 83 ea  4e e3 1a 2a
Sep 21 07:36:14.151091: | add pubkey  92 b8 55 ab  63 dd 4b 70  47 29 dc e9  b4 60 bf 43
Sep 21 07:36:14.151093: | add pubkey  4d 58 8f 64  73 95 70 ac  35 89 b2 c2  9c d4 62 c0
Sep 21 07:36:14.151095: | add pubkey  5f 56 5f ad  1b e5 dd 49  93 6a f5 23  82 ed d4 e7
Sep 21 07:36:14.151097: | add pubkey  d5 f1 55 f2  2d a2 26 a6  36 53 2f 94  fb 99 22 5c
Sep 21 07:36:14.151099: | add pubkey  47 cc 6d 80  30 88 96 38  0c f5 f2 ed  37 d0 09 d5
Sep 21 07:36:14.151101: | add pubkey  07 8f 69 ef  a9 99 ce 4d  1a 77 9e 39  c4 38 f3 c5
Sep 21 07:36:14.151104: | add pubkey  51 51 48 ef
Sep 21 07:36:14.151116: | computed rsa CKAID  61 55 99 73  d3 ac ef 7d  3a 37 0e 3e  82 ad 92 c1
Sep 21 07:36:14.151119: | computed rsa CKAID  8a 82 25 f1
Sep 21 07:36:14.151123: | keyid: *AQO9bJbr3
Sep 21 07:36:14.151125: |   n  bd 6c 96 eb  df 78 89 b3  ed 77 0d a1  7f 7b e5 16
Sep 21 07:36:14.151127: |   n  c2 c9 e4 7d  92 0a 90 9d  55 43 b4 62  13 03 85 7a
Sep 21 07:36:14.151129: |   n  e0 26 7b 54  1f ca 09 93  cf ff 25 c9  02 4c 78 ca
Sep 21 07:36:14.151131: |   n  94 e5 3e ac  d1 f9 a8 e5  bb 7f cc 20  84 e0 21 c9
Sep 21 07:36:14.151133: |   n  f0 0d c5 44  ba f3 48 64  61 58 f6 0f  63 0d d2 67
Sep 21 07:36:14.151135: |   n  1e 59 8b ec  f3 50 39 71  fb 39 da 11  64 b6 62 cd
Sep 21 07:36:14.151137: |   n  5f d3 8d 2e  c1 50 ed 9c  6e 22 0c 39  a7 ce 62 b5
Sep 21 07:36:14.151139: |   n  af 8a 80 0f  2e 4c 05 5c  82 c7 8d 29  02 2e bb 23
Sep 21 07:36:14.151141: |   n  5f db f2 9e  b5 7d e2 20  70 1a 63 f3  8e 5d ac 47
Sep 21 07:36:14.151143: |   n  f0 5c 26 4e  b1 d0 42 60  52 4a b0 77  25 ce e0 98
Sep 21 07:36:14.151145: |   n  2b 43 f4 c7  59 1a 64 01  83 ea 4e e3  1a 2a 92 b8
Sep 21 07:36:14.151147: |   n  55 ab 63 dd  4b 70 47 29  dc e9 b4 60  bf 43 4d 58
Sep 21 07:36:14.151149: |   n  8f 64 73 95  70 ac 35 89  b2 c2 9c d4  62 c0 5f 56
Sep 21 07:36:14.151151: |   n  5f ad 1b e5  dd 49 93 6a  f5 23 82 ed  d4 e7 d5 f1
Sep 21 07:36:14.151153: |   n  55 f2 2d a2  26 a6 36 53  2f 94 fb 99  22 5c 47 cc
Sep 21 07:36:14.151155: |   n  6d 80 30 88  96 38 0c f5  f2 ed 37 d0  09 d5 07 8f
Sep 21 07:36:14.151157: |   n  69 ef a9 99  ce 4d 1a 77  9e 39 c4 38  f3 c5 51 51
Sep 21 07:36:14.151159: |   n  48 ef
Sep 21 07:36:14.151161: |   e  03
Sep 21 07:36:14.151163: |   CKAID  61 55 99 73  d3 ac ef 7d  3a 37 0e 3e  82 ad 92 c1
Sep 21 07:36:14.151165: |   CKAID  8a 82 25 f1
Sep 21 07:36:14.151171: | close_any(fd@16) (in whack_process() at rcv_whack.c:700)
Sep 21 07:36:14.151176: | spent 0.126 milliseconds in whack
Sep 21 07:36:14.322013: | accept(whackctlfd, (struct sockaddr *)&whackaddr, &whackaddrlen) -> fd@16 (in whack_handle() at rcv_whack.c:721)
Sep 21 07:36:14.322043: | dup_any(fd@16) -> fd@21 (in whack_process() at rcv_whack.c:590)
Sep 21 07:36:14.322047: | FOR_EACH_CONNECTION_... in conn_by_name
Sep 21 07:36:14.322053: | start processing: connection "xauth-road-eastnet" (in initiate_a_connection() at initiate.c:186)
Sep 21 07:36:14.322057: | empty esp_info, returning defaults for ENCRYPT
Sep 21 07:36:14.322062: | connection 'xauth-road-eastnet' +POLICY_UP
Sep 21 07:36:14.322065: | dup_any(fd@21) -> fd@22 (in initiate_a_connection() at initiate.c:342)
Sep 21 07:36:14.322068: | FOR_EACH_STATE_... in find_phase1_state
Sep 21 07:36:14.322088: | creating state object #1 at 0x55e820bfedf0
Sep 21 07:36:14.322091: | State DB: adding IKEv1 state #1 in UNDEFINED
Sep 21 07:36:14.322099: | pstats #1 ikev1.isakmp started
Sep 21 07:36:14.322106: | suspend processing: connection "xauth-road-eastnet" (in main_outI1() at ikev1_main.c:118)
Sep 21 07:36:14.322111: | start processing: state #1 connection "xauth-road-eastnet" from 192.1.2.23:500 (in main_outI1() at ikev1_main.c:118)
Sep 21 07:36:14.322115: | parent state #1: UNDEFINED(ignore) => MAIN_I1(half-open IKE SA)
Sep 21 07:36:14.322118: | dup_any(fd@22) -> fd@23 (in main_outI1() at ikev1_main.c:123)
Sep 21 07:36:14.322122: | Queuing pending IPsec SA negotiating with 192.1.2.23 "xauth-road-eastnet" IKE SA #1 "xauth-road-eastnet"
Sep 21 07:36:14.322126: "xauth-road-eastnet" #1: initiating Main Mode
Sep 21 07:36:14.322161: | **emit ISAKMP Message:
Sep 21 07:36:14.322165: |    initiator cookie:
Sep 21 07:36:14.322167: |   18 ed 1e 4b  88 fb a0 90
Sep 21 07:36:14.322169: |    responder cookie:
Sep 21 07:36:14.322171: |   00 00 00 00  00 00 00 00
Sep 21 07:36:14.322174: |    next payload type: ISAKMP_NEXT_SA (0x1)
Sep 21 07:36:14.322177: |    ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10)
Sep 21 07:36:14.322179: |    exchange type: ISAKMP_XCHG_IDPROT (0x2)
Sep 21 07:36:14.322182: |    flags: none (0x0)
Sep 21 07:36:14.322184: |    Message ID: 0 (0x0)
Sep 21 07:36:14.322187: | next payload chain: saving message location 'ISAKMP Message'.'next payload type'
Sep 21 07:36:14.322190: | next payload chain: ignoring supplied 'ISAKMP Message'.'next payload type' value 1:ISAKMP_NEXT_SA
Sep 21 07:36:14.322193: | no specific IKE algorithms specified - using defaults
Sep 21 07:36:14.322217: | oakley_alg_makedb() processing ealg=aes=7 halg=sha2_256=4 modp=MODP2048=14 eklen=0
Sep 21 07:36:14.322222: | oakley_alg_makedb() processing ealg=aes=7 halg=sha2_512=6 modp=MODP2048=14 eklen=0
Sep 21 07:36:14.322226: | oakley_alg_makedb() processing ealg=aes=7 halg=sha=2 modp=MODP2048=14 eklen=0
Sep 21 07:36:14.322231: | oakley_alg_makedb() processing ealg=aes=7 halg=sha2_256=4 modp=MODP1536=5 eklen=0
Sep 21 07:36:14.322235: | oakley_alg_makedb() processing ealg=aes=7 halg=sha2_512=6 modp=MODP1536=5 eklen=0
Sep 21 07:36:14.322240: | oakley_alg_makedb() processing ealg=aes=7 halg=sha=2 modp=MODP1536=5 eklen=0
Sep 21 07:36:14.322246: | oakley_alg_makedb() processing ealg=3des_cbc=5 halg=sha2_256=4 modp=MODP2048=14 eklen=0
Sep 21 07:36:14.322250: | oakley_alg_makedb() processing ealg=3des_cbc=5 halg=sha2_512=6 modp=MODP2048=14 eklen=0
Sep 21 07:36:14.322254: | oakley_alg_makedb() processing ealg=3des_cbc=5 halg=sha=2 modp=MODP2048=14 eklen=0
Sep 21 07:36:14.322258: | oakley_alg_makedb() processing ealg=3des_cbc=5 halg=sha2_256=4 modp=MODP1536=5 eklen=0
Sep 21 07:36:14.322262: | oakley_alg_makedb() processing ealg=3des_cbc=5 halg=sha2_512=6 modp=MODP1536=5 eklen=0
Sep 21 07:36:14.322266: | oakley_alg_makedb() processing ealg=3des_cbc=5 halg=sha=2 modp=MODP1536=5 eklen=0
Sep 21 07:36:14.322270: | oakley_alg_makedb() returning 0x55e820c001f0
Sep 21 07:36:14.322274: | ***emit ISAKMP Security Association Payload:
Sep 21 07:36:14.322277: |    next payload type: ISAKMP_NEXT_VID (0xd)
Sep 21 07:36:14.322279: |    DOI: ISAKMP_DOI_IPSEC (0x1)
Sep 21 07:36:14.322282: | next payload chain: ignoring supplied 'ISAKMP Security Association Payload'.'next payload type' value 13:ISAKMP_NEXT_VID
Sep 21 07:36:14.322288: | next payload chain: setting previous 'ISAKMP Message'.'next payload type' to current ISAKMP Security Association Payload (1:ISAKMP_NEXT_SA)
Sep 21 07:36:14.322291: | next payload chain: saving location 'ISAKMP Security Association Payload'.'next payload type' in 'reply packet'
Sep 21 07:36:14.322293: | ****emit IPsec DOI SIT:
Sep 21 07:36:14.322296: |    IPsec DOI SIT: SIT_IDENTITY_ONLY (0x1)
Sep 21 07:36:14.322299: | ikev1_out_sa pcn: 0 has 1 valid proposals
Sep 21 07:36:14.322302: | ikev1_out_sa pcn: 0 pn: 0<1 valid_count: 1 trans_cnt: 18
Sep 21 07:36:14.322304: | ****emit ISAKMP Proposal Payload:
Sep 21 07:36:14.322307: |    next payload type: ISAKMP_NEXT_NONE (0x0)
Sep 21 07:36:14.322309: |    proposal number: 0 (0x0)
Sep 21 07:36:14.322312: |    protocol ID: PROTO_ISAKMP (0x1)
Sep 21 07:36:14.322314: |    SPI size: 0 (0x0)
Sep 21 07:36:14.322316: |    number of transforms: 18 (0x12)
Sep 21 07:36:14.322319: | last substructure: saving location 'ISAKMP Security Association Payload'.'ISAKMP Proposal Payload'.'next payload type'
Sep 21 07:36:14.322322: | *****emit ISAKMP Transform Payload (ISAKMP):
Sep 21 07:36:14.322324: |    next payload type: ISAKMP_NEXT_T (0x3)
Sep 21 07:36:14.322327: |    ISAKMP transform number: 0 (0x0)
Sep 21 07:36:14.322329: |    ISAKMP transform ID: KEY_IKE (0x1)
Sep 21 07:36:14.322332: | last substructure: saving location 'ISAKMP Proposal Payload'.'ISAKMP Transform Payload (ISAKMP)'.'next payload type'
Sep 21 07:36:14.322335: | ******emit ISAKMP Oakley attribute:
Sep 21 07:36:14.322338: |    af+type: AF+OAKLEY_LIFE_TYPE (0x800b)
Sep 21 07:36:14.322340: |    length/value: 1 (0x1)
Sep 21 07:36:14.322343: |     [1 is OAKLEY_LIFE_SECONDS]
Sep 21 07:36:14.322346: | ******emit ISAKMP Oakley attribute:
Sep 21 07:36:14.322348: |    af+type: AF+OAKLEY_LIFE_DURATION (variable length) (0x800c)
Sep 21 07:36:14.322351: |    length/value: 3600 (0xe10)
Sep 21 07:36:14.322353: | ******emit ISAKMP Oakley attribute:
Sep 21 07:36:14.322356: |    af+type: AF+OAKLEY_ENCRYPTION_ALGORITHM (0x8001)
Sep 21 07:36:14.322358: |    length/value: 7 (0x7)
Sep 21 07:36:14.322360: |     [7 is OAKLEY_AES_CBC]
Sep 21 07:36:14.322362: | ******emit ISAKMP Oakley attribute:
Sep 21 07:36:14.322365: |    af+type: AF+OAKLEY_HASH_ALGORITHM (0x8002)
Sep 21 07:36:14.322367: |    length/value: 4 (0x4)
Sep 21 07:36:14.322370: |     [4 is OAKLEY_SHA2_256]
Sep 21 07:36:14.322372: | ******emit ISAKMP Oakley attribute:
Sep 21 07:36:14.322374: |    af+type: AF+OAKLEY_AUTHENTICATION_METHOD (0x8003)
Sep 21 07:36:14.322377: |    length/value: 65005 (0xfded)
Sep 21 07:36:14.322379: |     [65005 is XAUTHInitRSA]
Sep 21 07:36:14.322381: | ******emit ISAKMP Oakley attribute:
Sep 21 07:36:14.322384: |    af+type: AF+OAKLEY_GROUP_DESCRIPTION (0x8004)
Sep 21 07:36:14.322386: |    length/value: 14 (0xe)
Sep 21 07:36:14.322389: |     [14 is OAKLEY_GROUP_MODP2048]
Sep 21 07:36:14.322391: | ******emit ISAKMP Oakley attribute:
Sep 21 07:36:14.322393: |    af+type: AF+OAKLEY_KEY_LENGTH (0x800e)
Sep 21 07:36:14.322396: |    length/value: 256 (0x100)
Sep 21 07:36:14.322398: | emitting length of ISAKMP Transform Payload (ISAKMP): 36
Sep 21 07:36:14.322401: | *****emit ISAKMP Transform Payload (ISAKMP):
Sep 21 07:36:14.322403: |    next payload type: ISAKMP_NEXT_T (0x3)
Sep 21 07:36:14.322405: |    ISAKMP transform number: 1 (0x1)
Sep 21 07:36:14.322408: |    ISAKMP transform ID: KEY_IKE (0x1)
Sep 21 07:36:14.322411: | last substructure: checking 'ISAKMP Proposal Payload'.'ISAKMP Transform Payload (ISAKMP)'.'next payload type' is ISAKMP_NEXT_T (0x3)
Sep 21 07:36:14.322413: | last substructure: saving location 'ISAKMP Proposal Payload'.'ISAKMP Transform Payload (ISAKMP)'.'next payload type'
Sep 21 07:36:14.322416: | ******emit ISAKMP Oakley attribute:
Sep 21 07:36:14.322418: |    af+type: AF+OAKLEY_LIFE_TYPE (0x800b)
Sep 21 07:36:14.322420: |    length/value: 1 (0x1)
Sep 21 07:36:14.322423: |     [1 is OAKLEY_LIFE_SECONDS]
Sep 21 07:36:14.322425: | ******emit ISAKMP Oakley attribute:
Sep 21 07:36:14.322427: |    af+type: AF+OAKLEY_LIFE_DURATION (variable length) (0x800c)
Sep 21 07:36:14.322431: |    length/value: 3600 (0xe10)
Sep 21 07:36:14.322434: | ******emit ISAKMP Oakley attribute:
Sep 21 07:36:14.322436: |    af+type: AF+OAKLEY_ENCRYPTION_ALGORITHM (0x8001)
Sep 21 07:36:14.322438: |    length/value: 7 (0x7)
Sep 21 07:36:14.322441: |     [7 is OAKLEY_AES_CBC]
Sep 21 07:36:14.322443: | ******emit ISAKMP Oakley attribute:
Sep 21 07:36:14.322445: |    af+type: AF+OAKLEY_HASH_ALGORITHM (0x8002)
Sep 21 07:36:14.322447: |    length/value: 4 (0x4)
Sep 21 07:36:14.322450: |     [4 is OAKLEY_SHA2_256]
Sep 21 07:36:14.322452: | ******emit ISAKMP Oakley attribute:
Sep 21 07:36:14.322454: |    af+type: AF+OAKLEY_AUTHENTICATION_METHOD (0x8003)
Sep 21 07:36:14.322457: |    length/value: 65005 (0xfded)
Sep 21 07:36:14.322459: |     [65005 is XAUTHInitRSA]
Sep 21 07:36:14.322461: | ******emit ISAKMP Oakley attribute:
Sep 21 07:36:14.322464: |    af+type: AF+OAKLEY_GROUP_DESCRIPTION (0x8004)
Sep 21 07:36:14.322466: |    length/value: 14 (0xe)
Sep 21 07:36:14.322469: |     [14 is OAKLEY_GROUP_MODP2048]
Sep 21 07:36:14.322471: | ******emit ISAKMP Oakley attribute:
Sep 21 07:36:14.322473: |    af+type: AF+OAKLEY_KEY_LENGTH (0x800e)
Sep 21 07:36:14.322476: |    length/value: 128 (0x80)
Sep 21 07:36:14.322478: | emitting length of ISAKMP Transform Payload (ISAKMP): 36
Sep 21 07:36:14.322480: | *****emit ISAKMP Transform Payload (ISAKMP):
Sep 21 07:36:14.322483: |    next payload type: ISAKMP_NEXT_T (0x3)
Sep 21 07:36:14.322485: |    ISAKMP transform number: 2 (0x2)
Sep 21 07:36:14.322487: |    ISAKMP transform ID: KEY_IKE (0x1)
Sep 21 07:36:14.322490: | last substructure: checking 'ISAKMP Proposal Payload'.'ISAKMP Transform Payload (ISAKMP)'.'next payload type' is ISAKMP_NEXT_T (0x3)
Sep 21 07:36:14.322493: | last substructure: saving location 'ISAKMP Proposal Payload'.'ISAKMP Transform Payload (ISAKMP)'.'next payload type'
Sep 21 07:36:14.322495: | ******emit ISAKMP Oakley attribute:
Sep 21 07:36:14.322497: |    af+type: AF+OAKLEY_LIFE_TYPE (0x800b)
Sep 21 07:36:14.322500: |    length/value: 1 (0x1)
Sep 21 07:36:14.322502: |     [1 is OAKLEY_LIFE_SECONDS]
Sep 21 07:36:14.322504: | ******emit ISAKMP Oakley attribute:
Sep 21 07:36:14.322507: |    af+type: AF+OAKLEY_LIFE_DURATION (variable length) (0x800c)
Sep 21 07:36:14.322509: |    length/value: 3600 (0xe10)
Sep 21 07:36:14.322512: | ******emit ISAKMP Oakley attribute:
Sep 21 07:36:14.322514: |    af+type: AF+OAKLEY_ENCRYPTION_ALGORITHM (0x8001)
Sep 21 07:36:14.322516: |    length/value: 7 (0x7)
Sep 21 07:36:14.322519: |     [7 is OAKLEY_AES_CBC]
Sep 21 07:36:14.322521: | ******emit ISAKMP Oakley attribute:
Sep 21 07:36:14.322523: |    af+type: AF+OAKLEY_HASH_ALGORITHM (0x8002)
Sep 21 07:36:14.322525: |    length/value: 6 (0x6)
Sep 21 07:36:14.322528: |     [6 is OAKLEY_SHA2_512]
Sep 21 07:36:14.322530: | ******emit ISAKMP Oakley attribute:
Sep 21 07:36:14.322532: |    af+type: AF+OAKLEY_AUTHENTICATION_METHOD (0x8003)
Sep 21 07:36:14.322535: |    length/value: 65005 (0xfded)
Sep 21 07:36:14.322537: |     [65005 is XAUTHInitRSA]
Sep 21 07:36:14.322539: | ******emit ISAKMP Oakley attribute:
Sep 21 07:36:14.322542: |    af+type: AF+OAKLEY_GROUP_DESCRIPTION (0x8004)
Sep 21 07:36:14.322544: |    length/value: 14 (0xe)
Sep 21 07:36:14.322546: |     [14 is OAKLEY_GROUP_MODP2048]
Sep 21 07:36:14.322548: | ******emit ISAKMP Oakley attribute:
Sep 21 07:36:14.322551: |    af+type: AF+OAKLEY_KEY_LENGTH (0x800e)
Sep 21 07:36:14.322553: |    length/value: 256 (0x100)
Sep 21 07:36:14.322555: | emitting length of ISAKMP Transform Payload (ISAKMP): 36
Sep 21 07:36:14.322558: | *****emit ISAKMP Transform Payload (ISAKMP):
Sep 21 07:36:14.322560: |    next payload type: ISAKMP_NEXT_T (0x3)
Sep 21 07:36:14.322562: |    ISAKMP transform number: 3 (0x3)
Sep 21 07:36:14.322565: |    ISAKMP transform ID: KEY_IKE (0x1)
Sep 21 07:36:14.322567: | last substructure: checking 'ISAKMP Proposal Payload'.'ISAKMP Transform Payload (ISAKMP)'.'next payload type' is ISAKMP_NEXT_T (0x3)
Sep 21 07:36:14.322570: | last substructure: saving location 'ISAKMP Proposal Payload'.'ISAKMP Transform Payload (ISAKMP)'.'next payload type'
Sep 21 07:36:14.322574: | ******emit ISAKMP Oakley attribute:
Sep 21 07:36:14.322576: |    af+type: AF+OAKLEY_LIFE_TYPE (0x800b)
Sep 21 07:36:14.322578: |    length/value: 1 (0x1)
Sep 21 07:36:14.322581: |     [1 is OAKLEY_LIFE_SECONDS]
Sep 21 07:36:14.322583: | ******emit ISAKMP Oakley attribute:
Sep 21 07:36:14.322585: |    af+type: AF+OAKLEY_LIFE_DURATION (variable length) (0x800c)
Sep 21 07:36:14.322588: |    length/value: 3600 (0xe10)
Sep 21 07:36:14.322590: | ******emit ISAKMP Oakley attribute:
Sep 21 07:36:14.322592: |    af+type: AF+OAKLEY_ENCRYPTION_ALGORITHM (0x8001)
Sep 21 07:36:14.322595: |    length/value: 7 (0x7)
Sep 21 07:36:14.322597: |     [7 is OAKLEY_AES_CBC]
Sep 21 07:36:14.322599: | ******emit ISAKMP Oakley attribute:
Sep 21 07:36:14.322602: |    af+type: AF+OAKLEY_HASH_ALGORITHM (0x8002)
Sep 21 07:36:14.322604: |    length/value: 6 (0x6)
Sep 21 07:36:14.322606: |     [6 is OAKLEY_SHA2_512]
Sep 21 07:36:14.322608: | ******emit ISAKMP Oakley attribute:
Sep 21 07:36:14.322611: |    af+type: AF+OAKLEY_AUTHENTICATION_METHOD (0x8003)
Sep 21 07:36:14.322613: |    length/value: 65005 (0xfded)
Sep 21 07:36:14.322615: |     [65005 is XAUTHInitRSA]
Sep 21 07:36:14.322618: | ******emit ISAKMP Oakley attribute:
Sep 21 07:36:14.322620: |    af+type: AF+OAKLEY_GROUP_DESCRIPTION (0x8004)
Sep 21 07:36:14.322622: |    length/value: 14 (0xe)
Sep 21 07:36:14.322625: |     [14 is OAKLEY_GROUP_MODP2048]
Sep 21 07:36:14.322627: | ******emit ISAKMP Oakley attribute:
Sep 21 07:36:14.322629: |    af+type: AF+OAKLEY_KEY_LENGTH (0x800e)
Sep 21 07:36:14.322631: |    length/value: 128 (0x80)
Sep 21 07:36:14.322634: | emitting length of ISAKMP Transform Payload (ISAKMP): 36
Sep 21 07:36:14.322636: | *****emit ISAKMP Transform Payload (ISAKMP):
Sep 21 07:36:14.322639: |    next payload type: ISAKMP_NEXT_T (0x3)
Sep 21 07:36:14.322641: |    ISAKMP transform number: 4 (0x4)
Sep 21 07:36:14.322643: |    ISAKMP transform ID: KEY_IKE (0x1)
Sep 21 07:36:14.322646: | last substructure: checking 'ISAKMP Proposal Payload'.'ISAKMP Transform Payload (ISAKMP)'.'next payload type' is ISAKMP_NEXT_T (0x3)
Sep 21 07:36:14.322648: | last substructure: saving location 'ISAKMP Proposal Payload'.'ISAKMP Transform Payload (ISAKMP)'.'next payload type'
Sep 21 07:36:14.322651: | ******emit ISAKMP Oakley attribute:
Sep 21 07:36:14.322653: |    af+type: AF+OAKLEY_LIFE_TYPE (0x800b)
Sep 21 07:36:14.322655: |    length/value: 1 (0x1)
Sep 21 07:36:14.322658: |     [1 is OAKLEY_LIFE_SECONDS]
Sep 21 07:36:14.322660: | ******emit ISAKMP Oakley attribute:
Sep 21 07:36:14.322663: |    af+type: AF+OAKLEY_LIFE_DURATION (variable length) (0x800c)
Sep 21 07:36:14.322665: |    length/value: 3600 (0xe10)
Sep 21 07:36:14.322667: | ******emit ISAKMP Oakley attribute:
Sep 21 07:36:14.322670: |    af+type: AF+OAKLEY_ENCRYPTION_ALGORITHM (0x8001)
Sep 21 07:36:14.322672: |    length/value: 7 (0x7)
Sep 21 07:36:14.322674: |     [7 is OAKLEY_AES_CBC]
Sep 21 07:36:14.322676: | ******emit ISAKMP Oakley attribute:
Sep 21 07:36:14.322679: |    af+type: AF+OAKLEY_HASH_ALGORITHM (0x8002)
Sep 21 07:36:14.322681: |    length/value: 2 (0x2)
Sep 21 07:36:14.322683: |     [2 is OAKLEY_SHA1]
Sep 21 07:36:14.322685: | ******emit ISAKMP Oakley attribute:
Sep 21 07:36:14.322688: |    af+type: AF+OAKLEY_AUTHENTICATION_METHOD (0x8003)
Sep 21 07:36:14.322690: |    length/value: 65005 (0xfded)
Sep 21 07:36:14.322692: |     [65005 is XAUTHInitRSA]
Sep 21 07:36:14.322695: | ******emit ISAKMP Oakley attribute:
Sep 21 07:36:14.322697: |    af+type: AF+OAKLEY_GROUP_DESCRIPTION (0x8004)
Sep 21 07:36:14.322699: |    length/value: 14 (0xe)
Sep 21 07:36:14.322702: |     [14 is OAKLEY_GROUP_MODP2048]
Sep 21 07:36:14.322704: | ******emit ISAKMP Oakley attribute:
Sep 21 07:36:14.322706: |    af+type: AF+OAKLEY_KEY_LENGTH (0x800e)
Sep 21 07:36:14.322708: |    length/value: 256 (0x100)
Sep 21 07:36:14.322711: | emitting length of ISAKMP Transform Payload (ISAKMP): 36
Sep 21 07:36:14.322713: | *****emit ISAKMP Transform Payload (ISAKMP):
Sep 21 07:36:14.322717: |    next payload type: ISAKMP_NEXT_T (0x3)
Sep 21 07:36:14.322720: |    ISAKMP transform number: 5 (0x5)
Sep 21 07:36:14.322722: |    ISAKMP transform ID: KEY_IKE (0x1)
Sep 21 07:36:14.322725: | last substructure: checking 'ISAKMP Proposal Payload'.'ISAKMP Transform Payload (ISAKMP)'.'next payload type' is ISAKMP_NEXT_T (0x3)
Sep 21 07:36:14.322727: | last substructure: saving location 'ISAKMP Proposal Payload'.'ISAKMP Transform Payload (ISAKMP)'.'next payload type'
Sep 21 07:36:14.322730: | ******emit ISAKMP Oakley attribute:
Sep 21 07:36:14.322732: |    af+type: AF+OAKLEY_LIFE_TYPE (0x800b)
Sep 21 07:36:14.322735: |    length/value: 1 (0x1)
Sep 21 07:36:14.322737: |     [1 is OAKLEY_LIFE_SECONDS]
Sep 21 07:36:14.322739: | ******emit ISAKMP Oakley attribute:
Sep 21 07:36:14.322742: |    af+type: AF+OAKLEY_LIFE_DURATION (variable length) (0x800c)
Sep 21 07:36:14.322744: |    length/value: 3600 (0xe10)
Sep 21 07:36:14.322746: | ******emit ISAKMP Oakley attribute:
Sep 21 07:36:14.322748: |    af+type: AF+OAKLEY_ENCRYPTION_ALGORITHM (0x8001)
Sep 21 07:36:14.322751: |    length/value: 7 (0x7)
Sep 21 07:36:14.322753: |     [7 is OAKLEY_AES_CBC]
Sep 21 07:36:14.322755: | ******emit ISAKMP Oakley attribute:
Sep 21 07:36:14.322764: |    af+type: AF+OAKLEY_HASH_ALGORITHM (0x8002)
Sep 21 07:36:14.322767: |    length/value: 2 (0x2)
Sep 21 07:36:14.322769: |     [2 is OAKLEY_SHA1]
Sep 21 07:36:14.322771: | ******emit ISAKMP Oakley attribute:
Sep 21 07:36:14.322774: |    af+type: AF+OAKLEY_AUTHENTICATION_METHOD (0x8003)
Sep 21 07:36:14.322776: |    length/value: 65005 (0xfded)
Sep 21 07:36:14.322778: |     [65005 is XAUTHInitRSA]
Sep 21 07:36:14.322780: | ******emit ISAKMP Oakley attribute:
Sep 21 07:36:14.322791: |    af+type: AF+OAKLEY_GROUP_DESCRIPTION (0x8004)
Sep 21 07:36:14.322797: |    length/value: 14 (0xe)
Sep 21 07:36:14.322799: |     [14 is OAKLEY_GROUP_MODP2048]
Sep 21 07:36:14.322801: | ******emit ISAKMP Oakley attribute:
Sep 21 07:36:14.322804: |    af+type: AF+OAKLEY_KEY_LENGTH (0x800e)
Sep 21 07:36:14.322806: |    length/value: 128 (0x80)
Sep 21 07:36:14.322809: | emitting length of ISAKMP Transform Payload (ISAKMP): 36
Sep 21 07:36:14.322811: | *****emit ISAKMP Transform Payload (ISAKMP):
Sep 21 07:36:14.322813: |    next payload type: ISAKMP_NEXT_T (0x3)
Sep 21 07:36:14.322816: |    ISAKMP transform number: 6 (0x6)
Sep 21 07:36:14.322818: |    ISAKMP transform ID: KEY_IKE (0x1)
Sep 21 07:36:14.322821: | last substructure: checking 'ISAKMP Proposal Payload'.'ISAKMP Transform Payload (ISAKMP)'.'next payload type' is ISAKMP_NEXT_T (0x3)
Sep 21 07:36:14.322823: | last substructure: saving location 'ISAKMP Proposal Payload'.'ISAKMP Transform Payload (ISAKMP)'.'next payload type'
Sep 21 07:36:14.322826: | ******emit ISAKMP Oakley attribute:
Sep 21 07:36:14.322828: |    af+type: AF+OAKLEY_LIFE_TYPE (0x800b)
Sep 21 07:36:14.322830: |    length/value: 1 (0x1)
Sep 21 07:36:14.322833: |     [1 is OAKLEY_LIFE_SECONDS]
Sep 21 07:36:14.322835: | ******emit ISAKMP Oakley attribute:
Sep 21 07:36:14.322837: |    af+type: AF+OAKLEY_LIFE_DURATION (variable length) (0x800c)
Sep 21 07:36:14.322840: |    length/value: 3600 (0xe10)
Sep 21 07:36:14.322842: | ******emit ISAKMP Oakley attribute:
Sep 21 07:36:14.322844: |    af+type: AF+OAKLEY_ENCRYPTION_ALGORITHM (0x8001)
Sep 21 07:36:14.322847: |    length/value: 7 (0x7)
Sep 21 07:36:14.322849: |     [7 is OAKLEY_AES_CBC]
Sep 21 07:36:14.322851: | ******emit ISAKMP Oakley attribute:
Sep 21 07:36:14.322854: |    af+type: AF+OAKLEY_HASH_ALGORITHM (0x8002)
Sep 21 07:36:14.322856: |    length/value: 4 (0x4)
Sep 21 07:36:14.322858: |     [4 is OAKLEY_SHA2_256]
Sep 21 07:36:14.322860: | ******emit ISAKMP Oakley attribute:
Sep 21 07:36:14.322863: |    af+type: AF+OAKLEY_AUTHENTICATION_METHOD (0x8003)
Sep 21 07:36:14.322865: |    length/value: 65005 (0xfded)
Sep 21 07:36:14.322868: |     [65005 is XAUTHInitRSA]
Sep 21 07:36:14.322870: | ******emit ISAKMP Oakley attribute:
Sep 21 07:36:14.322872: |    af+type: AF+OAKLEY_GROUP_DESCRIPTION (0x8004)
Sep 21 07:36:14.322878: |    length/value: 5 (0x5)
Sep 21 07:36:14.322881: |     [5 is OAKLEY_GROUP_MODP1536]
Sep 21 07:36:14.322883: | ******emit ISAKMP Oakley attribute:
Sep 21 07:36:14.322885: |    af+type: AF+OAKLEY_KEY_LENGTH (0x800e)
Sep 21 07:36:14.322887: |    length/value: 256 (0x100)
Sep 21 07:36:14.322890: | emitting length of ISAKMP Transform Payload (ISAKMP): 36
Sep 21 07:36:14.322892: | *****emit ISAKMP Transform Payload (ISAKMP):
Sep 21 07:36:14.322895: |    next payload type: ISAKMP_NEXT_T (0x3)
Sep 21 07:36:14.322897: |    ISAKMP transform number: 7 (0x7)
Sep 21 07:36:14.322899: |    ISAKMP transform ID: KEY_IKE (0x1)
Sep 21 07:36:14.322902: | last substructure: checking 'ISAKMP Proposal Payload'.'ISAKMP Transform Payload (ISAKMP)'.'next payload type' is ISAKMP_NEXT_T (0x3)
Sep 21 07:36:14.322905: | last substructure: saving location 'ISAKMP Proposal Payload'.'ISAKMP Transform Payload (ISAKMP)'.'next payload type'
Sep 21 07:36:14.322907: | ******emit ISAKMP Oakley attribute:
Sep 21 07:36:14.322909: |    af+type: AF+OAKLEY_LIFE_TYPE (0x800b)
Sep 21 07:36:14.322911: |    length/value: 1 (0x1)
Sep 21 07:36:14.322914: |     [1 is OAKLEY_LIFE_SECONDS]
Sep 21 07:36:14.322916: | ******emit ISAKMP Oakley attribute:
Sep 21 07:36:14.322918: |    af+type: AF+OAKLEY_LIFE_DURATION (variable length) (0x800c)
Sep 21 07:36:14.322921: |    length/value: 3600 (0xe10)
Sep 21 07:36:14.322923: | ******emit ISAKMP Oakley attribute:
Sep 21 07:36:14.322925: |    af+type: AF+OAKLEY_ENCRYPTION_ALGORITHM (0x8001)
Sep 21 07:36:14.322928: |    length/value: 7 (0x7)
Sep 21 07:36:14.322930: |     [7 is OAKLEY_AES_CBC]
Sep 21 07:36:14.322932: | ******emit ISAKMP Oakley attribute:
Sep 21 07:36:14.322935: |    af+type: AF+OAKLEY_HASH_ALGORITHM (0x8002)
Sep 21 07:36:14.322937: |    length/value: 4 (0x4)
Sep 21 07:36:14.322939: |     [4 is OAKLEY_SHA2_256]
Sep 21 07:36:14.322942: | ******emit ISAKMP Oakley attribute:
Sep 21 07:36:14.322944: |    af+type: AF+OAKLEY_AUTHENTICATION_METHOD (0x8003)
Sep 21 07:36:14.322946: |    length/value: 65005 (0xfded)
Sep 21 07:36:14.322949: |     [65005 is XAUTHInitRSA]
Sep 21 07:36:14.322951: | ******emit ISAKMP Oakley attribute:
Sep 21 07:36:14.322953: |    af+type: AF+OAKLEY_GROUP_DESCRIPTION (0x8004)
Sep 21 07:36:14.322956: |    length/value: 5 (0x5)
Sep 21 07:36:14.322958: |     [5 is OAKLEY_GROUP_MODP1536]
Sep 21 07:36:14.322960: | ******emit ISAKMP Oakley attribute:
Sep 21 07:36:14.322963: |    af+type: AF+OAKLEY_KEY_LENGTH (0x800e)
Sep 21 07:36:14.322965: |    length/value: 128 (0x80)
Sep 21 07:36:14.322967: | emitting length of ISAKMP Transform Payload (ISAKMP): 36
Sep 21 07:36:14.322969: | *****emit ISAKMP Transform Payload (ISAKMP):
Sep 21 07:36:14.322972: |    next payload type: ISAKMP_NEXT_T (0x3)
Sep 21 07:36:14.322974: |    ISAKMP transform number: 8 (0x8)
Sep 21 07:36:14.322976: |    ISAKMP transform ID: KEY_IKE (0x1)
Sep 21 07:36:14.322979: | last substructure: checking 'ISAKMP Proposal Payload'.'ISAKMP Transform Payload (ISAKMP)'.'next payload type' is ISAKMP_NEXT_T (0x3)
Sep 21 07:36:14.322983: | last substructure: saving location 'ISAKMP Proposal Payload'.'ISAKMP Transform Payload (ISAKMP)'.'next payload type'
Sep 21 07:36:14.322986: | ******emit ISAKMP Oakley attribute:
Sep 21 07:36:14.322988: |    af+type: AF+OAKLEY_LIFE_TYPE (0x800b)
Sep 21 07:36:14.322991: |    length/value: 1 (0x1)
Sep 21 07:36:14.322993: |     [1 is OAKLEY_LIFE_SECONDS]
Sep 21 07:36:14.322995: | ******emit ISAKMP Oakley attribute:
Sep 21 07:36:14.322998: |    af+type: AF+OAKLEY_LIFE_DURATION (variable length) (0x800c)
Sep 21 07:36:14.323000: |    length/value: 3600 (0xe10)
Sep 21 07:36:14.323002: | ******emit ISAKMP Oakley attribute:
Sep 21 07:36:14.323005: |    af+type: AF+OAKLEY_ENCRYPTION_ALGORITHM (0x8001)
Sep 21 07:36:14.323007: |    length/value: 7 (0x7)
Sep 21 07:36:14.323009: |     [7 is OAKLEY_AES_CBC]
Sep 21 07:36:14.323011: | ******emit ISAKMP Oakley attribute:
Sep 21 07:36:14.323014: |    af+type: AF+OAKLEY_HASH_ALGORITHM (0x8002)
Sep 21 07:36:14.323016: |    length/value: 6 (0x6)
Sep 21 07:36:14.323018: |     [6 is OAKLEY_SHA2_512]
Sep 21 07:36:14.323022: | ******emit ISAKMP Oakley attribute:
Sep 21 07:36:14.323024: |    af+type: AF+OAKLEY_AUTHENTICATION_METHOD (0x8003)
Sep 21 07:36:14.323027: |    length/value: 65005 (0xfded)
Sep 21 07:36:14.323029: |     [65005 is XAUTHInitRSA]
Sep 21 07:36:14.323031: | ******emit ISAKMP Oakley attribute:
Sep 21 07:36:14.323034: |    af+type: AF+OAKLEY_GROUP_DESCRIPTION (0x8004)
Sep 21 07:36:14.323036: |    length/value: 5 (0x5)
Sep 21 07:36:14.323038: |     [5 is OAKLEY_GROUP_MODP1536]
Sep 21 07:36:14.323040: | ******emit ISAKMP Oakley attribute:
Sep 21 07:36:14.323043: |    af+type: AF+OAKLEY_KEY_LENGTH (0x800e)
Sep 21 07:36:14.323045: |    length/value: 256 (0x100)
Sep 21 07:36:14.323047: | emitting length of ISAKMP Transform Payload (ISAKMP): 36
Sep 21 07:36:14.323050: | *****emit ISAKMP Transform Payload (ISAKMP):
Sep 21 07:36:14.323052: |    next payload type: ISAKMP_NEXT_T (0x3)
Sep 21 07:36:14.323054: |    ISAKMP transform number: 9 (0x9)
Sep 21 07:36:14.323056: |    ISAKMP transform ID: KEY_IKE (0x1)
Sep 21 07:36:14.323059: | last substructure: checking 'ISAKMP Proposal Payload'.'ISAKMP Transform Payload (ISAKMP)'.'next payload type' is ISAKMP_NEXT_T (0x3)
Sep 21 07:36:14.323062: | last substructure: saving location 'ISAKMP Proposal Payload'.'ISAKMP Transform Payload (ISAKMP)'.'next payload type'
Sep 21 07:36:14.323064: | ******emit ISAKMP Oakley attribute:
Sep 21 07:36:14.323067: |    af+type: AF+OAKLEY_LIFE_TYPE (0x800b)
Sep 21 07:36:14.323069: |    length/value: 1 (0x1)
Sep 21 07:36:14.323071: |     [1 is OAKLEY_LIFE_SECONDS]
Sep 21 07:36:14.323074: | ******emit ISAKMP Oakley attribute:
Sep 21 07:36:14.323076: |    af+type: AF+OAKLEY_LIFE_DURATION (variable length) (0x800c)
Sep 21 07:36:14.323078: |    length/value: 3600 (0xe10)
Sep 21 07:36:14.323081: | ******emit ISAKMP Oakley attribute:
Sep 21 07:36:14.323083: |    af+type: AF+OAKLEY_ENCRYPTION_ALGORITHM (0x8001)
Sep 21 07:36:14.323085: |    length/value: 7 (0x7)
Sep 21 07:36:14.323087: |     [7 is OAKLEY_AES_CBC]
Sep 21 07:36:14.323090: | ******emit ISAKMP Oakley attribute:
Sep 21 07:36:14.323092: |    af+type: AF+OAKLEY_HASH_ALGORITHM (0x8002)
Sep 21 07:36:14.323094: |    length/value: 6 (0x6)
Sep 21 07:36:14.323096: |     [6 is OAKLEY_SHA2_512]
Sep 21 07:36:14.323099: | ******emit ISAKMP Oakley attribute:
Sep 21 07:36:14.323101: |    af+type: AF+OAKLEY_AUTHENTICATION_METHOD (0x8003)
Sep 21 07:36:14.323103: |    length/value: 65005 (0xfded)
Sep 21 07:36:14.323106: |     [65005 is XAUTHInitRSA]
Sep 21 07:36:14.323108: | ******emit ISAKMP Oakley attribute:
Sep 21 07:36:14.323110: |    af+type: AF+OAKLEY_GROUP_DESCRIPTION (0x8004)
Sep 21 07:36:14.323113: |    length/value: 5 (0x5)
Sep 21 07:36:14.323115: |     [5 is OAKLEY_GROUP_MODP1536]
Sep 21 07:36:14.323117: | ******emit ISAKMP Oakley attribute:
Sep 21 07:36:14.323119: |    af+type: AF+OAKLEY_KEY_LENGTH (0x800e)
Sep 21 07:36:14.323122: |    length/value: 128 (0x80)
Sep 21 07:36:14.323124: | emitting length of ISAKMP Transform Payload (ISAKMP): 36
Sep 21 07:36:14.323127: | *****emit ISAKMP Transform Payload (ISAKMP):
Sep 21 07:36:14.323129: |    next payload type: ISAKMP_NEXT_T (0x3)
Sep 21 07:36:14.323131: |    ISAKMP transform number: 10 (0xa)
Sep 21 07:36:14.323134: |    ISAKMP transform ID: KEY_IKE (0x1)
Sep 21 07:36:14.323136: | last substructure: checking 'ISAKMP Proposal Payload'.'ISAKMP Transform Payload (ISAKMP)'.'next payload type' is ISAKMP_NEXT_T (0x3)
Sep 21 07:36:14.323139: | last substructure: saving location 'ISAKMP Proposal Payload'.'ISAKMP Transform Payload (ISAKMP)'.'next payload type'
Sep 21 07:36:14.323141: | ******emit ISAKMP Oakley attribute:
Sep 21 07:36:14.323144: |    af+type: AF+OAKLEY_LIFE_TYPE (0x800b)
Sep 21 07:36:14.323146: |    length/value: 1 (0x1)
Sep 21 07:36:14.323148: |     [1 is OAKLEY_LIFE_SECONDS]
Sep 21 07:36:14.323151: | ******emit ISAKMP Oakley attribute:
Sep 21 07:36:14.323153: |    af+type: AF+OAKLEY_LIFE_DURATION (variable length) (0x800c)
Sep 21 07:36:14.323155: |    length/value: 3600 (0xe10)
Sep 21 07:36:14.323158: | ******emit ISAKMP Oakley attribute:
Sep 21 07:36:14.323163: |    af+type: AF+OAKLEY_ENCRYPTION_ALGORITHM (0x8001)
Sep 21 07:36:14.323165: |    length/value: 7 (0x7)
Sep 21 07:36:14.323167: |     [7 is OAKLEY_AES_CBC]
Sep 21 07:36:14.323170: | ******emit ISAKMP Oakley attribute:
Sep 21 07:36:14.323172: |    af+type: AF+OAKLEY_HASH_ALGORITHM (0x8002)
Sep 21 07:36:14.323174: |    length/value: 2 (0x2)
Sep 21 07:36:14.323176: |     [2 is OAKLEY_SHA1]
Sep 21 07:36:14.323179: | ******emit ISAKMP Oakley attribute:
Sep 21 07:36:14.323181: |    af+type: AF+OAKLEY_AUTHENTICATION_METHOD (0x8003)
Sep 21 07:36:14.323183: |    length/value: 65005 (0xfded)
Sep 21 07:36:14.323186: |     [65005 is XAUTHInitRSA]
Sep 21 07:36:14.323188: | ******emit ISAKMP Oakley attribute:
Sep 21 07:36:14.323191: |    af+type: AF+OAKLEY_GROUP_DESCRIPTION (0x8004)
Sep 21 07:36:14.323193: |    length/value: 5 (0x5)
Sep 21 07:36:14.323195: |     [5 is OAKLEY_GROUP_MODP1536]
Sep 21 07:36:14.323197: | ******emit ISAKMP Oakley attribute:
Sep 21 07:36:14.323200: |    af+type: AF+OAKLEY_KEY_LENGTH (0x800e)
Sep 21 07:36:14.323202: |    length/value: 256 (0x100)
Sep 21 07:36:14.323204: | emitting length of ISAKMP Transform Payload (ISAKMP): 36
Sep 21 07:36:14.323207: | *****emit ISAKMP Transform Payload (ISAKMP):
Sep 21 07:36:14.323209: |    next payload type: ISAKMP_NEXT_T (0x3)
Sep 21 07:36:14.323211: |    ISAKMP transform number: 11 (0xb)
Sep 21 07:36:14.323214: |    ISAKMP transform ID: KEY_IKE (0x1)
Sep 21 07:36:14.323216: | last substructure: checking 'ISAKMP Proposal Payload'.'ISAKMP Transform Payload (ISAKMP)'.'next payload type' is ISAKMP_NEXT_T (0x3)
Sep 21 07:36:14.323219: | last substructure: saving location 'ISAKMP Proposal Payload'.'ISAKMP Transform Payload (ISAKMP)'.'next payload type'
Sep 21 07:36:14.323221: | ******emit ISAKMP Oakley attribute:
Sep 21 07:36:14.323224: |    af+type: AF+OAKLEY_LIFE_TYPE (0x800b)
Sep 21 07:36:14.323226: |    length/value: 1 (0x1)
Sep 21 07:36:14.323228: |     [1 is OAKLEY_LIFE_SECONDS]
Sep 21 07:36:14.323231: | ******emit ISAKMP Oakley attribute:
Sep 21 07:36:14.323233: |    af+type: AF+OAKLEY_LIFE_DURATION (variable length) (0x800c)
Sep 21 07:36:14.323235: |    length/value: 3600 (0xe10)
Sep 21 07:36:14.323238: | ******emit ISAKMP Oakley attribute:
Sep 21 07:36:14.323240: |    af+type: AF+OAKLEY_ENCRYPTION_ALGORITHM (0x8001)
Sep 21 07:36:14.323242: |    length/value: 7 (0x7)
Sep 21 07:36:14.323244: |     [7 is OAKLEY_AES_CBC]
Sep 21 07:36:14.323247: | ******emit ISAKMP Oakley attribute:
Sep 21 07:36:14.323249: |    af+type: AF+OAKLEY_HASH_ALGORITHM (0x8002)
Sep 21 07:36:14.323251: |    length/value: 2 (0x2)
Sep 21 07:36:14.323254: |     [2 is OAKLEY_SHA1]
Sep 21 07:36:14.323256: | ******emit ISAKMP Oakley attribute:
Sep 21 07:36:14.323258: |    af+type: AF+OAKLEY_AUTHENTICATION_METHOD (0x8003)
Sep 21 07:36:14.323261: |    length/value: 65005 (0xfded)
Sep 21 07:36:14.323263: |     [65005 is XAUTHInitRSA]
Sep 21 07:36:14.323265: | ******emit ISAKMP Oakley attribute:
Sep 21 07:36:14.323268: |    af+type: AF+OAKLEY_GROUP_DESCRIPTION (0x8004)
Sep 21 07:36:14.323270: |    length/value: 5 (0x5)
Sep 21 07:36:14.323272: |     [5 is OAKLEY_GROUP_MODP1536]
Sep 21 07:36:14.323274: | ******emit ISAKMP Oakley attribute:
Sep 21 07:36:14.323277: |    af+type: AF+OAKLEY_KEY_LENGTH (0x800e)
Sep 21 07:36:14.323279: |    length/value: 128 (0x80)
Sep 21 07:36:14.323281: | emitting length of ISAKMP Transform Payload (ISAKMP): 36
Sep 21 07:36:14.323284: | *****emit ISAKMP Transform Payload (ISAKMP):
Sep 21 07:36:14.323286: |    next payload type: ISAKMP_NEXT_T (0x3)
Sep 21 07:36:14.323288: |    ISAKMP transform number: 12 (0xc)
Sep 21 07:36:14.323290: |    ISAKMP transform ID: KEY_IKE (0x1)
Sep 21 07:36:14.323293: | last substructure: checking 'ISAKMP Proposal Payload'.'ISAKMP Transform Payload (ISAKMP)'.'next payload type' is ISAKMP_NEXT_T (0x3)
Sep 21 07:36:14.323296: | last substructure: saving location 'ISAKMP Proposal Payload'.'ISAKMP Transform Payload (ISAKMP)'.'next payload type'
Sep 21 07:36:14.323298: | ******emit ISAKMP Oakley attribute:
Sep 21 07:36:14.323302: |    af+type: AF+OAKLEY_LIFE_TYPE (0x800b)
Sep 21 07:36:14.323304: |    length/value: 1 (0x1)
Sep 21 07:36:14.323306: |     [1 is OAKLEY_LIFE_SECONDS]
Sep 21 07:36:14.323309: | ******emit ISAKMP Oakley attribute:
Sep 21 07:36:14.323311: |    af+type: AF+OAKLEY_LIFE_DURATION (variable length) (0x800c)
Sep 21 07:36:14.323313: |    length/value: 3600 (0xe10)
Sep 21 07:36:14.323316: | ******emit ISAKMP Oakley attribute:
Sep 21 07:36:14.323318: |    af+type: AF+OAKLEY_ENCRYPTION_ALGORITHM (0x8001)
Sep 21 07:36:14.323320: |    length/value: 5 (0x5)
Sep 21 07:36:14.323323: |     [5 is OAKLEY_3DES_CBC]
Sep 21 07:36:14.323325: | ******emit ISAKMP Oakley attribute:
Sep 21 07:36:14.323327: |    af+type: AF+OAKLEY_HASH_ALGORITHM (0x8002)
Sep 21 07:36:14.323330: |    length/value: 4 (0x4)
Sep 21 07:36:14.323332: |     [4 is OAKLEY_SHA2_256]
Sep 21 07:36:14.323334: | ******emit ISAKMP Oakley attribute:
Sep 21 07:36:14.323337: |    af+type: AF+OAKLEY_AUTHENTICATION_METHOD (0x8003)
Sep 21 07:36:14.323339: |    length/value: 65005 (0xfded)
Sep 21 07:36:14.323341: |     [65005 is XAUTHInitRSA]
Sep 21 07:36:14.323343: | ******emit ISAKMP Oakley attribute:
Sep 21 07:36:14.323346: |    af+type: AF+OAKLEY_GROUP_DESCRIPTION (0x8004)
Sep 21 07:36:14.323348: |    length/value: 14 (0xe)
Sep 21 07:36:14.323350: |     [14 is OAKLEY_GROUP_MODP2048]
Sep 21 07:36:14.323353: | emitting length of ISAKMP Transform Payload (ISAKMP): 32
Sep 21 07:36:14.323355: | *****emit ISAKMP Transform Payload (ISAKMP):
Sep 21 07:36:14.323357: |    next payload type: ISAKMP_NEXT_T (0x3)
Sep 21 07:36:14.323360: |    ISAKMP transform number: 13 (0xd)
Sep 21 07:36:14.323362: |    ISAKMP transform ID: KEY_IKE (0x1)
Sep 21 07:36:14.323365: | last substructure: checking 'ISAKMP Proposal Payload'.'ISAKMP Transform Payload (ISAKMP)'.'next payload type' is ISAKMP_NEXT_T (0x3)
Sep 21 07:36:14.323367: | last substructure: saving location 'ISAKMP Proposal Payload'.'ISAKMP Transform Payload (ISAKMP)'.'next payload type'
Sep 21 07:36:14.323370: | ******emit ISAKMP Oakley attribute:
Sep 21 07:36:14.323372: |    af+type: AF+OAKLEY_LIFE_TYPE (0x800b)
Sep 21 07:36:14.323374: |    length/value: 1 (0x1)
Sep 21 07:36:14.323377: |     [1 is OAKLEY_LIFE_SECONDS]
Sep 21 07:36:14.323379: | ******emit ISAKMP Oakley attribute:
Sep 21 07:36:14.323381: |    af+type: AF+OAKLEY_LIFE_DURATION (variable length) (0x800c)
Sep 21 07:36:14.323384: |    length/value: 3600 (0xe10)
Sep 21 07:36:14.323386: | ******emit ISAKMP Oakley attribute:
Sep 21 07:36:14.323388: |    af+type: AF+OAKLEY_ENCRYPTION_ALGORITHM (0x8001)
Sep 21 07:36:14.323391: |    length/value: 5 (0x5)
Sep 21 07:36:14.323393: |     [5 is OAKLEY_3DES_CBC]
Sep 21 07:36:14.323395: | ******emit ISAKMP Oakley attribute:
Sep 21 07:36:14.323398: |    af+type: AF+OAKLEY_HASH_ALGORITHM (0x8002)
Sep 21 07:36:14.323400: |    length/value: 6 (0x6)
Sep 21 07:36:14.323402: |     [6 is OAKLEY_SHA2_512]
Sep 21 07:36:14.323404: | ******emit ISAKMP Oakley attribute:
Sep 21 07:36:14.323407: |    af+type: AF+OAKLEY_AUTHENTICATION_METHOD (0x8003)
Sep 21 07:36:14.323409: |    length/value: 65005 (0xfded)
Sep 21 07:36:14.323411: |     [65005 is XAUTHInitRSA]
Sep 21 07:36:14.323413: | ******emit ISAKMP Oakley attribute:
Sep 21 07:36:14.323416: |    af+type: AF+OAKLEY_GROUP_DESCRIPTION (0x8004)
Sep 21 07:36:14.323418: |    length/value: 14 (0xe)
Sep 21 07:36:14.323420: |     [14 is OAKLEY_GROUP_MODP2048]
Sep 21 07:36:14.323423: | emitting length of ISAKMP Transform Payload (ISAKMP): 32
Sep 21 07:36:14.323425: | *****emit ISAKMP Transform Payload (ISAKMP):
Sep 21 07:36:14.323427: |    next payload type: ISAKMP_NEXT_T (0x3)
Sep 21 07:36:14.323430: |    ISAKMP transform number: 14 (0xe)
Sep 21 07:36:14.323432: |    ISAKMP transform ID: KEY_IKE (0x1)
Sep 21 07:36:14.323435: | last substructure: checking 'ISAKMP Proposal Payload'.'ISAKMP Transform Payload (ISAKMP)'.'next payload type' is ISAKMP_NEXT_T (0x3)
Sep 21 07:36:14.323437: | last substructure: saving location 'ISAKMP Proposal Payload'.'ISAKMP Transform Payload (ISAKMP)'.'next payload type'
Sep 21 07:36:14.323441: | ******emit ISAKMP Oakley attribute:
Sep 21 07:36:14.323443: |    af+type: AF+OAKLEY_LIFE_TYPE (0x800b)
Sep 21 07:36:14.323446: |    length/value: 1 (0x1)
Sep 21 07:36:14.323448: |     [1 is OAKLEY_LIFE_SECONDS]
Sep 21 07:36:14.323450: | ******emit ISAKMP Oakley attribute:
Sep 21 07:36:14.323452: |    af+type: AF+OAKLEY_LIFE_DURATION (variable length) (0x800c)
Sep 21 07:36:14.323455: |    length/value: 3600 (0xe10)
Sep 21 07:36:14.323457: | ******emit ISAKMP Oakley attribute:
Sep 21 07:36:14.323460: |    af+type: AF+OAKLEY_ENCRYPTION_ALGORITHM (0x8001)
Sep 21 07:36:14.323462: |    length/value: 5 (0x5)
Sep 21 07:36:14.323464: |     [5 is OAKLEY_3DES_CBC]
Sep 21 07:36:14.323466: | ******emit ISAKMP Oakley attribute:
Sep 21 07:36:14.323469: |    af+type: AF+OAKLEY_HASH_ALGORITHM (0x8002)
Sep 21 07:36:14.323471: |    length/value: 2 (0x2)
Sep 21 07:36:14.323473: |     [2 is OAKLEY_SHA1]
Sep 21 07:36:14.323475: | ******emit ISAKMP Oakley attribute:
Sep 21 07:36:14.323478: |    af+type: AF+OAKLEY_AUTHENTICATION_METHOD (0x8003)
Sep 21 07:36:14.323480: |    length/value: 65005 (0xfded)
Sep 21 07:36:14.323482: |     [65005 is XAUTHInitRSA]
Sep 21 07:36:14.323485: | ******emit ISAKMP Oakley attribute:
Sep 21 07:36:14.323487: |    af+type: AF+OAKLEY_GROUP_DESCRIPTION (0x8004)
Sep 21 07:36:14.323489: |    length/value: 14 (0xe)
Sep 21 07:36:14.323492: |     [14 is OAKLEY_GROUP_MODP2048]
Sep 21 07:36:14.323494: | emitting length of ISAKMP Transform Payload (ISAKMP): 32
Sep 21 07:36:14.323496: | *****emit ISAKMP Transform Payload (ISAKMP):
Sep 21 07:36:14.323499: |    next payload type: ISAKMP_NEXT_T (0x3)
Sep 21 07:36:14.323501: |    ISAKMP transform number: 15 (0xf)
Sep 21 07:36:14.323503: |    ISAKMP transform ID: KEY_IKE (0x1)
Sep 21 07:36:14.323506: | last substructure: checking 'ISAKMP Proposal Payload'.'ISAKMP Transform Payload (ISAKMP)'.'next payload type' is ISAKMP_NEXT_T (0x3)
Sep 21 07:36:14.323508: | last substructure: saving location 'ISAKMP Proposal Payload'.'ISAKMP Transform Payload (ISAKMP)'.'next payload type'
Sep 21 07:36:14.323511: | ******emit ISAKMP Oakley attribute:
Sep 21 07:36:14.323513: |    af+type: AF+OAKLEY_LIFE_TYPE (0x800b)
Sep 21 07:36:14.323515: |    length/value: 1 (0x1)
Sep 21 07:36:14.323518: |     [1 is OAKLEY_LIFE_SECONDS]
Sep 21 07:36:14.323520: | ******emit ISAKMP Oakley attribute:
Sep 21 07:36:14.323523: |    af+type: AF+OAKLEY_LIFE_DURATION (variable length) (0x800c)
Sep 21 07:36:14.323525: |    length/value: 3600 (0xe10)
Sep 21 07:36:14.323527: | ******emit ISAKMP Oakley attribute:
Sep 21 07:36:14.323530: |    af+type: AF+OAKLEY_ENCRYPTION_ALGORITHM (0x8001)
Sep 21 07:36:14.323532: |    length/value: 5 (0x5)
Sep 21 07:36:14.323534: |     [5 is OAKLEY_3DES_CBC]
Sep 21 07:36:14.323536: | ******emit ISAKMP Oakley attribute:
Sep 21 07:36:14.323539: |    af+type: AF+OAKLEY_HASH_ALGORITHM (0x8002)
Sep 21 07:36:14.323541: |    length/value: 4 (0x4)
Sep 21 07:36:14.323543: |     [4 is OAKLEY_SHA2_256]
Sep 21 07:36:14.323546: | ******emit ISAKMP Oakley attribute:
Sep 21 07:36:14.323548: |    af+type: AF+OAKLEY_AUTHENTICATION_METHOD (0x8003)
Sep 21 07:36:14.323550: |    length/value: 65005 (0xfded)
Sep 21 07:36:14.323553: |     [65005 is XAUTHInitRSA]
Sep 21 07:36:14.323555: | ******emit ISAKMP Oakley attribute:
Sep 21 07:36:14.323557: |    af+type: AF+OAKLEY_GROUP_DESCRIPTION (0x8004)
Sep 21 07:36:14.323560: |    length/value: 5 (0x5)
Sep 21 07:36:14.323562: |     [5 is OAKLEY_GROUP_MODP1536]
Sep 21 07:36:14.323564: | emitting length of ISAKMP Transform Payload (ISAKMP): 32
Sep 21 07:36:14.323566: | *****emit ISAKMP Transform Payload (ISAKMP):
Sep 21 07:36:14.323569: |    next payload type: ISAKMP_NEXT_T (0x3)
Sep 21 07:36:14.323571: |    ISAKMP transform number: 16 (0x10)
Sep 21 07:36:14.323573: |    ISAKMP transform ID: KEY_IKE (0x1)
Sep 21 07:36:14.323576: | last substructure: checking 'ISAKMP Proposal Payload'.'ISAKMP Transform Payload (ISAKMP)'.'next payload type' is ISAKMP_NEXT_T (0x3)
Sep 21 07:36:14.323579: | last substructure: saving location 'ISAKMP Proposal Payload'.'ISAKMP Transform Payload (ISAKMP)'.'next payload type'
Sep 21 07:36:14.323583: | ******emit ISAKMP Oakley attribute:
Sep 21 07:36:14.323586: |    af+type: AF+OAKLEY_LIFE_TYPE (0x800b)
Sep 21 07:36:14.323588: |    length/value: 1 (0x1)
Sep 21 07:36:14.323590: |     [1 is OAKLEY_LIFE_SECONDS]
Sep 21 07:36:14.323593: | ******emit ISAKMP Oakley attribute:
Sep 21 07:36:14.323595: |    af+type: AF+OAKLEY_LIFE_DURATION (variable length) (0x800c)
Sep 21 07:36:14.323597: |    length/value: 3600 (0xe10)
Sep 21 07:36:14.323600: | ******emit ISAKMP Oakley attribute:
Sep 21 07:36:14.323602: |    af+type: AF+OAKLEY_ENCRYPTION_ALGORITHM (0x8001)
Sep 21 07:36:14.323604: |    length/value: 5 (0x5)
Sep 21 07:36:14.323607: |     [5 is OAKLEY_3DES_CBC]
Sep 21 07:36:14.323609: | ******emit ISAKMP Oakley attribute:
Sep 21 07:36:14.323611: |    af+type: AF+OAKLEY_HASH_ALGORITHM (0x8002)
Sep 21 07:36:14.323613: |    length/value: 6 (0x6)
Sep 21 07:36:14.323616: |     [6 is OAKLEY_SHA2_512]
Sep 21 07:36:14.323618: | ******emit ISAKMP Oakley attribute:
Sep 21 07:36:14.323620: |    af+type: AF+OAKLEY_AUTHENTICATION_METHOD (0x8003)
Sep 21 07:36:14.323623: |    length/value: 65005 (0xfded)
Sep 21 07:36:14.323625: |     [65005 is XAUTHInitRSA]
Sep 21 07:36:14.323627: | ******emit ISAKMP Oakley attribute:
Sep 21 07:36:14.323630: |    af+type: AF+OAKLEY_GROUP_DESCRIPTION (0x8004)
Sep 21 07:36:14.323632: |    length/value: 5 (0x5)
Sep 21 07:36:14.323634: |     [5 is OAKLEY_GROUP_MODP1536]
Sep 21 07:36:14.323636: | emitting length of ISAKMP Transform Payload (ISAKMP): 32
Sep 21 07:36:14.323639: | *****emit ISAKMP Transform Payload (ISAKMP):
Sep 21 07:36:14.323641: |    next payload type: ISAKMP_NEXT_NONE (0x0)
Sep 21 07:36:14.323643: |    ISAKMP transform number: 17 (0x11)
Sep 21 07:36:14.323646: |    ISAKMP transform ID: KEY_IKE (0x1)
Sep 21 07:36:14.323648: | last substructure: checking 'ISAKMP Proposal Payload'.'ISAKMP Transform Payload (ISAKMP)'.'next payload type' is ISAKMP_NEXT_T (0x3)
Sep 21 07:36:14.323651: | last substructure: saving location 'ISAKMP Proposal Payload'.'ISAKMP Transform Payload (ISAKMP)'.'next payload type'
Sep 21 07:36:14.323653: | ******emit ISAKMP Oakley attribute:
Sep 21 07:36:14.323656: |    af+type: AF+OAKLEY_LIFE_TYPE (0x800b)
Sep 21 07:36:14.323658: |    length/value: 1 (0x1)
Sep 21 07:36:14.323660: |     [1 is OAKLEY_LIFE_SECONDS]
Sep 21 07:36:14.323663: | ******emit ISAKMP Oakley attribute:
Sep 21 07:36:14.323665: |    af+type: AF+OAKLEY_LIFE_DURATION (variable length) (0x800c)
Sep 21 07:36:14.323667: |    length/value: 3600 (0xe10)
Sep 21 07:36:14.323670: | ******emit ISAKMP Oakley attribute:
Sep 21 07:36:14.323672: |    af+type: AF+OAKLEY_ENCRYPTION_ALGORITHM (0x8001)
Sep 21 07:36:14.323674: |    length/value: 5 (0x5)
Sep 21 07:36:14.323677: |     [5 is OAKLEY_3DES_CBC]
Sep 21 07:36:14.323679: | ******emit ISAKMP Oakley attribute:
Sep 21 07:36:14.323681: |    af+type: AF+OAKLEY_HASH_ALGORITHM (0x8002)
Sep 21 07:36:14.323683: |    length/value: 2 (0x2)
Sep 21 07:36:14.323686: |     [2 is OAKLEY_SHA1]
Sep 21 07:36:14.323688: | ******emit ISAKMP Oakley attribute:
Sep 21 07:36:14.323690: |    af+type: AF+OAKLEY_AUTHENTICATION_METHOD (0x8003)
Sep 21 07:36:14.323693: |    length/value: 65005 (0xfded)
Sep 21 07:36:14.323695: |     [65005 is XAUTHInitRSA]
Sep 21 07:36:14.323697: | ******emit ISAKMP Oakley attribute:
Sep 21 07:36:14.323699: |    af+type: AF+OAKLEY_GROUP_DESCRIPTION (0x8004)
Sep 21 07:36:14.323702: |    length/value: 5 (0x5)
Sep 21 07:36:14.323704: |     [5 is OAKLEY_GROUP_MODP1536]
Sep 21 07:36:14.323706: | emitting length of ISAKMP Transform Payload (ISAKMP): 32
Sep 21 07:36:14.323709: | emitting length of ISAKMP Proposal Payload: 632
Sep 21 07:36:14.323711: | last substructure: checking 'ISAKMP Proposal Payload'.'ISAKMP Transform Payload (ISAKMP)'.'next payload type' is 0
Sep 21 07:36:14.323714: | emitting length of ISAKMP Security Association Payload: 644
Sep 21 07:36:14.323717: | last substructure: checking 'ISAKMP Security Association Payload'.'ISAKMP Proposal Payload'.'next payload type' is 0
Sep 21 07:36:14.323724: | out_vid(): sending [FRAGMENTATION]
Sep 21 07:36:14.323727: | ***emit ISAKMP Vendor ID Payload:
Sep 21 07:36:14.323729: |    next payload type: ISAKMP_NEXT_VID (0xd)
Sep 21 07:36:14.323732: | next payload chain: ignoring supplied 'ISAKMP Vendor ID Payload'.'next payload type' value 13:ISAKMP_NEXT_VID
Sep 21 07:36:14.323735: | next payload chain: setting previous 'ISAKMP Security Association Payload'.'next payload type' to current ISAKMP Vendor ID Payload (13:ISAKMP_NEXT_VID)
Sep 21 07:36:14.323738: | next payload chain: saving location 'ISAKMP Vendor ID Payload'.'next payload type' in 'reply packet'
Sep 21 07:36:14.323741: | emitting 16 raw bytes of V_ID into ISAKMP Vendor ID Payload
Sep 21 07:36:14.323743: | V_ID  40 48 b7 d5  6e bc e8 85  25 e7 de 7f  00 d6 c2 d3
Sep 21 07:36:14.323746: | emitting length of ISAKMP Vendor ID Payload: 20
Sep 21 07:36:14.323748: | out_vid(): sending [XAUTH]
Sep 21 07:36:14.323750: | ***emit ISAKMP Vendor ID Payload:
Sep 21 07:36:14.323753: |    next payload type: ISAKMP_NEXT_VID (0xd)
Sep 21 07:36:14.323755: | next payload chain: ignoring supplied 'ISAKMP Vendor ID Payload'.'next payload type' value 13:ISAKMP_NEXT_VID
Sep 21 07:36:14.323758: | next payload chain: setting previous 'ISAKMP Vendor ID Payload'.'next payload type' to current ISAKMP Vendor ID Payload (13:ISAKMP_NEXT_VID)
Sep 21 07:36:14.323761: | next payload chain: saving location 'ISAKMP Vendor ID Payload'.'next payload type' in 'reply packet'
Sep 21 07:36:14.323763: | emitting 8 raw bytes of V_ID into ISAKMP Vendor ID Payload
Sep 21 07:36:14.323766: | V_ID  09 00 26 89  df d6 b7 12
Sep 21 07:36:14.323768: | emitting length of ISAKMP Vendor ID Payload: 12
Sep 21 07:36:14.323771: | out_vid(): sending [Dead Peer Detection]
Sep 21 07:36:14.323773: | ***emit ISAKMP Vendor ID Payload:
Sep 21 07:36:14.323775: |    next payload type: ISAKMP_NEXT_NONE (0x0)
Sep 21 07:36:14.323778: | next payload chain: setting previous 'ISAKMP Vendor ID Payload'.'next payload type' to current ISAKMP Vendor ID Payload (13:ISAKMP_NEXT_VID)
Sep 21 07:36:14.323780: | next payload chain: saving location 'ISAKMP Vendor ID Payload'.'next payload type' in 'reply packet'
Sep 21 07:36:14.323786: | emitting 16 raw bytes of V_ID into ISAKMP Vendor ID Payload
Sep 21 07:36:14.323790: | V_ID  af ca d7 13  68 a1 f1 c9  6b 86 96 fc  77 57 01 00
Sep 21 07:36:14.323793: | emitting length of ISAKMP Vendor ID Payload: 20
Sep 21 07:36:14.323795: | nat add vid
Sep 21 07:36:14.323797: | sending draft and RFC NATT VIDs
Sep 21 07:36:14.323800: | out_vid(): sending [RFC 3947]
Sep 21 07:36:14.323802: | ***emit ISAKMP Vendor ID Payload:
Sep 21 07:36:14.323804: |    next payload type: ISAKMP_NEXT_VID (0xd)
Sep 21 07:36:14.323807: | next payload chain: ignoring supplied 'ISAKMP Vendor ID Payload'.'next payload type' value 13:ISAKMP_NEXT_VID
Sep 21 07:36:14.323810: | next payload chain: setting previous 'ISAKMP Vendor ID Payload'.'next payload type' to current ISAKMP Vendor ID Payload (13:ISAKMP_NEXT_VID)
Sep 21 07:36:14.323812: | next payload chain: saving location 'ISAKMP Vendor ID Payload'.'next payload type' in 'reply packet'
Sep 21 07:36:14.323815: | emitting 16 raw bytes of V_ID into ISAKMP Vendor ID Payload
Sep 21 07:36:14.323817: | V_ID  4a 13 1c 81  07 03 58 45  5c 57 28 f2  0e 95 45 2f
Sep 21 07:36:14.323819: | emitting length of ISAKMP Vendor ID Payload: 20
Sep 21 07:36:14.323822: | skipping VID_NATT_RFC
Sep 21 07:36:14.323824: | out_vid(): sending [draft-ietf-ipsec-nat-t-ike-03]
Sep 21 07:36:14.323826: | ***emit ISAKMP Vendor ID Payload:
Sep 21 07:36:14.323828: |    next payload type: ISAKMP_NEXT_VID (0xd)
Sep 21 07:36:14.323831: | next payload chain: ignoring supplied 'ISAKMP Vendor ID Payload'.'next payload type' value 13:ISAKMP_NEXT_VID
Sep 21 07:36:14.323834: | next payload chain: setting previous 'ISAKMP Vendor ID Payload'.'next payload type' to current ISAKMP Vendor ID Payload (13:ISAKMP_NEXT_VID)
Sep 21 07:36:14.323837: | next payload chain: saving location 'ISAKMP Vendor ID Payload'.'next payload type' in 'reply packet'
Sep 21 07:36:14.323839: | emitting 16 raw bytes of V_ID into ISAKMP Vendor ID Payload
Sep 21 07:36:14.323843: | V_ID  7d 94 19 a6  53 10 ca 6f  2c 17 9d 92  15 52 9d 56
Sep 21 07:36:14.323845: | emitting length of ISAKMP Vendor ID Payload: 20
Sep 21 07:36:14.323847: | out_vid(): sending [draft-ietf-ipsec-nat-t-ike-02_n]
Sep 21 07:36:14.323850: | ***emit ISAKMP Vendor ID Payload:
Sep 21 07:36:14.323852: |    next payload type: ISAKMP_NEXT_VID (0xd)
Sep 21 07:36:14.323855: | next payload chain: ignoring supplied 'ISAKMP Vendor ID Payload'.'next payload type' value 13:ISAKMP_NEXT_VID
Sep 21 07:36:14.323858: | next payload chain: setting previous 'ISAKMP Vendor ID Payload'.'next payload type' to current ISAKMP Vendor ID Payload (13:ISAKMP_NEXT_VID)
Sep 21 07:36:14.323860: | next payload chain: saving location 'ISAKMP Vendor ID Payload'.'next payload type' in 'reply packet'
Sep 21 07:36:14.323863: | emitting 16 raw bytes of V_ID into ISAKMP Vendor ID Payload
Sep 21 07:36:14.323865: | V_ID  90 cb 80 91  3e bb 69 6e  08 63 81 b5  ec 42 7b 1f
Sep 21 07:36:14.323868: | emitting length of ISAKMP Vendor ID Payload: 20
Sep 21 07:36:14.323870: | out_vid(): sending [draft-ietf-ipsec-nat-t-ike-02]
Sep 21 07:36:14.323872: | ***emit ISAKMP Vendor ID Payload:
Sep 21 07:36:14.323874: |    next payload type: ISAKMP_NEXT_NONE (0x0)
Sep 21 07:36:14.323877: | next payload chain: setting previous 'ISAKMP Vendor ID Payload'.'next payload type' to current ISAKMP Vendor ID Payload (13:ISAKMP_NEXT_VID)
Sep 21 07:36:14.323880: | next payload chain: saving location 'ISAKMP Vendor ID Payload'.'next payload type' in 'reply packet'
Sep 21 07:36:14.323882: | emitting 16 raw bytes of V_ID into ISAKMP Vendor ID Payload
Sep 21 07:36:14.323885: | V_ID  cd 60 46 43  35 df 21 f8  7c fd b2 fc  68 b6 a4 48
Sep 21 07:36:14.323887: | emitting length of ISAKMP Vendor ID Payload: 20
Sep 21 07:36:14.323889: | no IKEv1 message padding required
Sep 21 07:36:14.323892: | emitting length of ISAKMP Message: 804
Sep 21 07:36:14.323905: | sending 804 bytes for reply packet for main_outI1 through eth0 from 192.1.3.209:500 to 192.1.2.23:500 (using #1)
Sep 21 07:36:14.323907: |   18 ed 1e 4b  88 fb a0 90  00 00 00 00  00 00 00 00
Sep 21 07:36:14.323909: |   01 10 02 00  00 00 00 00  00 00 03 24  0d 00 02 84
Sep 21 07:36:14.323912: |   00 00 00 01  00 00 00 01  00 00 02 78  00 01 00 12
Sep 21 07:36:14.323914: |   03 00 00 24  00 01 00 00  80 0b 00 01  80 0c 0e 10
Sep 21 07:36:14.323916: |   80 01 00 07  80 02 00 04  80 03 fd ed  80 04 00 0e
Sep 21 07:36:14.323919: |   80 0e 01 00  03 00 00 24  01 01 00 00  80 0b 00 01
Sep 21 07:36:14.323921: |   80 0c 0e 10  80 01 00 07  80 02 00 04  80 03 fd ed
Sep 21 07:36:14.323923: |   80 04 00 0e  80 0e 00 80  03 00 00 24  02 01 00 00
Sep 21 07:36:14.323925: |   80 0b 00 01  80 0c 0e 10  80 01 00 07  80 02 00 06
Sep 21 07:36:14.323928: |   80 03 fd ed  80 04 00 0e  80 0e 01 00  03 00 00 24
Sep 21 07:36:14.323930: |   03 01 00 00  80 0b 00 01  80 0c 0e 10  80 01 00 07
Sep 21 07:36:14.323932: |   80 02 00 06  80 03 fd ed  80 04 00 0e  80 0e 00 80
Sep 21 07:36:14.323934: |   03 00 00 24  04 01 00 00  80 0b 00 01  80 0c 0e 10
Sep 21 07:36:14.323936: |   80 01 00 07  80 02 00 02  80 03 fd ed  80 04 00 0e
Sep 21 07:36:14.323939: |   80 0e 01 00  03 00 00 24  05 01 00 00  80 0b 00 01
Sep 21 07:36:14.323941: |   80 0c 0e 10  80 01 00 07  80 02 00 02  80 03 fd ed
Sep 21 07:36:14.323943: |   80 04 00 0e  80 0e 00 80  03 00 00 24  06 01 00 00
Sep 21 07:36:14.323945: |   80 0b 00 01  80 0c 0e 10  80 01 00 07  80 02 00 04
Sep 21 07:36:14.323948: |   80 03 fd ed  80 04 00 05  80 0e 01 00  03 00 00 24
Sep 21 07:36:14.323950: |   07 01 00 00  80 0b 00 01  80 0c 0e 10  80 01 00 07
Sep 21 07:36:14.323952: |   80 02 00 04  80 03 fd ed  80 04 00 05  80 0e 00 80
Sep 21 07:36:14.323954: |   03 00 00 24  08 01 00 00  80 0b 00 01  80 0c 0e 10
Sep 21 07:36:14.323956: |   80 01 00 07  80 02 00 06  80 03 fd ed  80 04 00 05
Sep 21 07:36:14.323959: |   80 0e 01 00  03 00 00 24  09 01 00 00  80 0b 00 01
Sep 21 07:36:14.323961: |   80 0c 0e 10  80 01 00 07  80 02 00 06  80 03 fd ed
Sep 21 07:36:14.323964: |   80 04 00 05  80 0e 00 80  03 00 00 24  0a 01 00 00
Sep 21 07:36:14.323967: |   80 0b 00 01  80 0c 0e 10  80 01 00 07  80 02 00 02
Sep 21 07:36:14.323969: |   80 03 fd ed  80 04 00 05  80 0e 01 00  03 00 00 24
Sep 21 07:36:14.323971: |   0b 01 00 00  80 0b 00 01  80 0c 0e 10  80 01 00 07
Sep 21 07:36:14.323973: |   80 02 00 02  80 03 fd ed  80 04 00 05  80 0e 00 80
Sep 21 07:36:14.323975: |   03 00 00 20  0c 01 00 00  80 0b 00 01  80 0c 0e 10
Sep 21 07:36:14.323978: |   80 01 00 05  80 02 00 04  80 03 fd ed  80 04 00 0e
Sep 21 07:36:14.323980: |   03 00 00 20  0d 01 00 00  80 0b 00 01  80 0c 0e 10
Sep 21 07:36:14.323982: |   80 01 00 05  80 02 00 06  80 03 fd ed  80 04 00 0e
Sep 21 07:36:14.323984: |   03 00 00 20  0e 01 00 00  80 0b 00 01  80 0c 0e 10
Sep 21 07:36:14.323987: |   80 01 00 05  80 02 00 02  80 03 fd ed  80 04 00 0e
Sep 21 07:36:14.323989: |   03 00 00 20  0f 01 00 00  80 0b 00 01  80 0c 0e 10
Sep 21 07:36:14.323991: |   80 01 00 05  80 02 00 04  80 03 fd ed  80 04 00 05
Sep 21 07:36:14.323993: |   03 00 00 20  10 01 00 00  80 0b 00 01  80 0c 0e 10
Sep 21 07:36:14.323995: |   80 01 00 05  80 02 00 06  80 03 fd ed  80 04 00 05
Sep 21 07:36:14.323998: |   00 00 00 20  11 01 00 00  80 0b 00 01  80 0c 0e 10
Sep 21 07:36:14.324000: |   80 01 00 05  80 02 00 02  80 03 fd ed  80 04 00 05
Sep 21 07:36:14.324002: |   0d 00 00 14  40 48 b7 d5  6e bc e8 85  25 e7 de 7f
Sep 21 07:36:14.324004: |   00 d6 c2 d3  0d 00 00 0c  09 00 26 89  df d6 b7 12
Sep 21 07:36:14.324007: |   0d 00 00 14  af ca d7 13  68 a1 f1 c9  6b 86 96 fc
Sep 21 07:36:14.324009: |   77 57 01 00  0d 00 00 14  4a 13 1c 81  07 03 58 45
Sep 21 07:36:14.324011: |   5c 57 28 f2  0e 95 45 2f  0d 00 00 14  7d 94 19 a6
Sep 21 07:36:14.324013: |   53 10 ca 6f  2c 17 9d 92  15 52 9d 56  0d 00 00 14
Sep 21 07:36:14.324015: |   90 cb 80 91  3e bb 69 6e  08 63 81 b5  ec 42 7b 1f
Sep 21 07:36:14.324018: |   00 00 00 14  cd 60 46 43  35 df 21 f8  7c fd b2 fc
Sep 21 07:36:14.324020: |   68 b6 a4 48
Sep 21 07:36:14.324116: | event_schedule: new EVENT_RETRANSMIT-pe@0x55e820bffbb0
Sep 21 07:36:14.324121: | inserting event EVENT_RETRANSMIT, timeout in 25 seconds for #1
Sep 21 07:36:14.324125: | libevent_malloc: new ptr-libevent@0x55e820c013a0 size 128
Sep 21 07:36:14.324131: | #1 STATE_MAIN_I1: retransmits: first event in 25 seconds; timeout in 107 seconds; limit of 12 retransmits; current time is 50020.692379
Sep 21 07:36:14.324146: | #1 spent 2.05 milliseconds in main_outI1()
Sep 21 07:36:14.324151: | stop processing: state #1 connection "xauth-road-eastnet" from 192.1.2.23:500 (in main_outI1() at ikev1_main.c:228)
Sep 21 07:36:14.324155: | resume processing: connection "xauth-road-eastnet" (in main_outI1() at ikev1_main.c:228)
Sep 21 07:36:14.324158: | stop processing: connection "xauth-road-eastnet" (in initiate_a_connection() at initiate.c:349)
Sep 21 07:36:14.324162: | close_any(fd@21) (in initiate_connection() at initiate.c:372)
Sep 21 07:36:14.324165: | close_any(fd@16) (in whack_process() at rcv_whack.c:700)
Sep 21 07:36:14.324169: | spent 2.09 milliseconds in whack
Sep 21 07:36:14.325711: | spent 0.00228 milliseconds in comm_handle_cb() calling check_incoming_msg_errqueue()
Sep 21 07:36:14.325740: | *received 156 bytes from 192.1.2.23:500 on eth0 (192.1.3.209:500)
Sep 21 07:36:14.325744: |   18 ed 1e 4b  88 fb a0 90  14 dd 6a d7  ad 65 53 88
Sep 21 07:36:14.325746: |   01 10 02 00  00 00 00 00  00 00 00 9c  0d 00 00 38
Sep 21 07:36:14.325749: |   00 00 00 01  00 00 00 01  00 00 00 2c  00 01 00 01
Sep 21 07:36:14.325751: |   00 00 00 24  00 01 00 00  80 0b 00 01  80 0c 0e 10
Sep 21 07:36:14.325753: |   80 01 00 07  80 02 00 04  80 03 fd ed  80 04 00 0e
Sep 21 07:36:14.325755: |   80 0e 01 00  0d 00 00 14  40 48 b7 d5  6e bc e8 85
Sep 21 07:36:14.325758: |   25 e7 de 7f  00 d6 c2 d3  0d 00 00 0c  09 00 26 89
Sep 21 07:36:14.325760: |   df d6 b7 12  0d 00 00 14  af ca d7 13  68 a1 f1 c9
Sep 21 07:36:14.325762: |   6b 86 96 fc  77 57 01 00  00 00 00 14  4a 13 1c 81
Sep 21 07:36:14.325764: |   07 03 58 45  5c 57 28 f2  0e 95 45 2f
Sep 21 07:36:14.325769: | start processing: from 192.1.2.23:500 (in process_md() at demux.c:378)
Sep 21 07:36:14.325775: | **parse ISAKMP Message:
Sep 21 07:36:14.325777: |    initiator cookie:
Sep 21 07:36:14.325779: |   18 ed 1e 4b  88 fb a0 90
Sep 21 07:36:14.325782: |    responder cookie:
Sep 21 07:36:14.325793: |   14 dd 6a d7  ad 65 53 88
Sep 21 07:36:14.325796: |    next payload type: ISAKMP_NEXT_SA (0x1)
Sep 21 07:36:14.325799: |    ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10)
Sep 21 07:36:14.325801: |    exchange type: ISAKMP_XCHG_IDPROT (0x2)
Sep 21 07:36:14.325804: |    flags: none (0x0)
Sep 21 07:36:14.325806: |    Message ID: 0 (0x0)
Sep 21 07:36:14.325808: |    length: 156 (0x9c)
Sep 21 07:36:14.325811: |  processing version=1.0 packet with exchange type=ISAKMP_XCHG_IDPROT (2)
Sep 21 07:36:14.325814: | State DB: IKEv1 state not found (find_state_ikev1)
Sep 21 07:36:14.325817: | State DB: found IKEv1 state #1 in MAIN_I1 (find_state_ikev1_init)
Sep 21 07:36:14.325823: | start processing: state #1 connection "xauth-road-eastnet" from 192.1.2.23:500 (in process_v1_packet() at ikev1.c:1435)
Sep 21 07:36:14.325825: | #1 is idle
Sep 21 07:36:14.325827: | #1 idle
Sep 21 07:36:14.325831: | got payload 0x2  (ISAKMP_NEXT_SA) needed: 0x2 opt: 0x2080
Sep 21 07:36:14.325834: | ***parse ISAKMP Security Association Payload:
Sep 21 07:36:14.325836: |    next payload type: ISAKMP_NEXT_VID (0xd)
Sep 21 07:36:14.325839: |    length: 56 (0x38)
Sep 21 07:36:14.325841: |    DOI: ISAKMP_DOI_IPSEC (0x1)
Sep 21 07:36:14.325844: | got payload 0x2000  (ISAKMP_NEXT_VID) needed: 0x0 opt: 0x2080
Sep 21 07:36:14.325846: | ***parse ISAKMP Vendor ID Payload:
Sep 21 07:36:14.325849: |    next payload type: ISAKMP_NEXT_VID (0xd)
Sep 21 07:36:14.325851: |    length: 20 (0x14)
Sep 21 07:36:14.325853: | got payload 0x2000  (ISAKMP_NEXT_VID) needed: 0x0 opt: 0x2080
Sep 21 07:36:14.325856: | ***parse ISAKMP Vendor ID Payload:
Sep 21 07:36:14.325858: |    next payload type: ISAKMP_NEXT_VID (0xd)
Sep 21 07:36:14.325860: |    length: 12 (0xc)
Sep 21 07:36:14.325863: | got payload 0x2000  (ISAKMP_NEXT_VID) needed: 0x0 opt: 0x2080
Sep 21 07:36:14.325865: | ***parse ISAKMP Vendor ID Payload:
Sep 21 07:36:14.325867: |    next payload type: ISAKMP_NEXT_VID (0xd)
Sep 21 07:36:14.325869: |    length: 20 (0x14)
Sep 21 07:36:14.325872: | got payload 0x2000  (ISAKMP_NEXT_VID) needed: 0x0 opt: 0x2080
Sep 21 07:36:14.325874: | ***parse ISAKMP Vendor ID Payload:
Sep 21 07:36:14.325877: |    next payload type: ISAKMP_NEXT_NONE (0x0)
Sep 21 07:36:14.325879: |    length: 20 (0x14)
Sep 21 07:36:14.325881: | message 'main_inR1_outI2' HASH payload not checked early
Sep 21 07:36:14.325886: | received Vendor ID payload [FRAGMENTATION]
Sep 21 07:36:14.325888: | received Vendor ID payload [XAUTH]
Sep 21 07:36:14.325891: | received Vendor ID payload [Dead Peer Detection]
Sep 21 07:36:14.325894: |  quirks.qnat_traversal_vid set to=117 [RFC 3947]
Sep 21 07:36:14.325897: | received Vendor ID payload [RFC 3947]
Sep 21 07:36:14.325900: | ****parse IPsec DOI SIT:
Sep 21 07:36:14.325903: |    IPsec DOI SIT: SIT_IDENTITY_ONLY (0x1)
Sep 21 07:36:14.325906: | ****parse ISAKMP Proposal Payload:
Sep 21 07:36:14.325908: |    next payload type: ISAKMP_NEXT_NONE (0x0)
Sep 21 07:36:14.325910: |    length: 44 (0x2c)
Sep 21 07:36:14.325913: |    proposal number: 0 (0x0)
Sep 21 07:36:14.325915: |    protocol ID: PROTO_ISAKMP (0x1)
Sep 21 07:36:14.325917: |    SPI size: 0 (0x0)
Sep 21 07:36:14.325920: |    number of transforms: 1 (0x1)
Sep 21 07:36:14.325922: | *****parse ISAKMP Transform Payload (ISAKMP):
Sep 21 07:36:14.325925: |    next payload type: ISAKMP_NEXT_NONE (0x0)
Sep 21 07:36:14.325927: |    length: 36 (0x24)
Sep 21 07:36:14.325929: |    ISAKMP transform number: 0 (0x0)
Sep 21 07:36:14.325932: |    ISAKMP transform ID: KEY_IKE (0x1)
Sep 21 07:36:14.325934: | ******parse ISAKMP Oakley attribute:
Sep 21 07:36:14.325937: |    af+type: AF+OAKLEY_LIFE_TYPE (0x800b)
Sep 21 07:36:14.325939: |    length/value: 1 (0x1)
Sep 21 07:36:14.325941: |    [1 is OAKLEY_LIFE_SECONDS]
Sep 21 07:36:14.325944: | ******parse ISAKMP Oakley attribute:
Sep 21 07:36:14.325948: |    af+type: AF+OAKLEY_LIFE_DURATION (variable length) (0x800c)
Sep 21 07:36:14.325951: |    length/value: 3600 (0xe10)
Sep 21 07:36:14.325953: | ******parse ISAKMP Oakley attribute:
Sep 21 07:36:14.325956: |    af+type: AF+OAKLEY_ENCRYPTION_ALGORITHM (0x8001)
Sep 21 07:36:14.325958: |    length/value: 7 (0x7)
Sep 21 07:36:14.325961: |    [7 is OAKLEY_AES_CBC]
Sep 21 07:36:14.325963: | ******parse ISAKMP Oakley attribute:
Sep 21 07:36:14.325966: |    af+type: AF+OAKLEY_HASH_ALGORITHM (0x8002)
Sep 21 07:36:14.325968: |    length/value: 4 (0x4)
Sep 21 07:36:14.325970: |    [4 is OAKLEY_SHA2_256]
Sep 21 07:36:14.325973: | ******parse ISAKMP Oakley attribute:
Sep 21 07:36:14.325975: |    af+type: AF+OAKLEY_AUTHENTICATION_METHOD (0x8003)
Sep 21 07:36:14.325978: |    length/value: 65005 (0xfded)
Sep 21 07:36:14.325980: |    [65005 is XAUTHInitRSA]
Sep 21 07:36:14.325982: | ******parse ISAKMP Oakley attribute:
Sep 21 07:36:14.325985: |    af+type: AF+OAKLEY_GROUP_DESCRIPTION (0x8004)
Sep 21 07:36:14.325987: |    length/value: 14 (0xe)
Sep 21 07:36:14.325989: |    [14 is OAKLEY_GROUP_MODP2048]
Sep 21 07:36:14.325992: | ******parse ISAKMP Oakley attribute:
Sep 21 07:36:14.325994: |    af+type: AF+OAKLEY_KEY_LENGTH (0x800e)
Sep 21 07:36:14.325997: |    length/value: 256 (0x100)
Sep 21 07:36:14.325999: | OAKLEY proposal verified unconditionally; no alg_info to check against
Sep 21 07:36:14.326001: | Oakley Transform 0 accepted
Sep 21 07:36:14.326004: | sender checking NAT-T: enabled; VID 117
Sep 21 07:36:14.326006: | returning NAT-T method NAT_TRAVERSAL_METHOD_IETF_RFC
Sep 21 07:36:14.326009: | enabling possible NAT-traversal with method RFC 3947 (NAT-Traversal)
Sep 21 07:36:14.326014: | adding outI2 KE work-order 1 for state #1
Sep 21 07:36:14.326017: | state #1 requesting EVENT_RETRANSMIT to be deleted
Sep 21 07:36:14.326020: | #1 STATE_MAIN_I1: retransmits: cleared
Sep 21 07:36:14.326023: | libevent_free: release ptr-libevent@0x55e820c013a0
Sep 21 07:36:14.326026: | free_event_entry: release EVENT_RETRANSMIT-pe@0x55e820bffbb0
Sep 21 07:36:14.326030: | event_schedule: new EVENT_CRYPTO_TIMEOUT-pe@0x55e820bffbb0
Sep 21 07:36:14.326033: | inserting event EVENT_CRYPTO_TIMEOUT, timeout in 60 seconds for #1
Sep 21 07:36:14.326036: | libevent_malloc: new ptr-libevent@0x55e820c013a0 size 128
Sep 21 07:36:14.326045: | complete v1 state transition with STF_SUSPEND
Sep 21 07:36:14.326050: | [RE]START processing: state #1 connection "xauth-road-eastnet" from 192.1.2.23:500 (in complete_v1_state_transition() at ikev1.c:2624)
Sep 21 07:36:14.326052: | crypto helper 4 resuming
Sep 21 07:36:14.326053: | suspending state #1 and saving MD
Sep 21 07:36:14.326061: | crypto helper 4 starting work-order 1 for state #1
Sep 21 07:36:14.326067: | #1 is busy; has a suspended MD
Sep 21 07:36:14.326074: | crypto helper 4 doing build KE and nonce (outI2 KE); request ID 1
Sep 21 07:36:14.326081: | #1 spent 0.173 milliseconds in process_packet_tail()
Sep 21 07:36:14.326087: | stop processing: from 192.1.2.23:500 (BACKGROUND) (in process_md() at demux.c:380)
Sep 21 07:36:14.326092: | stop processing: state #1 connection "xauth-road-eastnet" from 192.1.2.23:500 (in process_md() at demux.c:382)
Sep 21 07:36:14.326094: | processing: STOP connection NULL (in process_md() at demux.c:383)
Sep 21 07:36:14.326098: | spent 0.363 milliseconds in comm_handle_cb() reading and processing packet
Sep 21 07:36:14.327117: | crypto helper 4 finished build KE and nonce (outI2 KE); request ID 1 time elapsed 0.001042 seconds
Sep 21 07:36:14.327128: | (#1) spent 1.05 milliseconds in crypto helper computing work-order 1: outI2 KE (pcr)
Sep 21 07:36:14.327131: | crypto helper 4 sending results from work-order 1 for state #1 to event queue
Sep 21 07:36:14.327134: | scheduling resume sending helper answer for #1
Sep 21 07:36:14.327137: | libevent_malloc: new ptr-libevent@0x7feb40006900 size 128
Sep 21 07:36:14.327145: | crypto helper 4 waiting (nothing to do)
Sep 21 07:36:14.327155: | processing resume sending helper answer for #1
Sep 21 07:36:14.327163: | start processing: state #1 connection "xauth-road-eastnet" from 192.1.2.23:500 (in resume_handler() at server.c:797)
Sep 21 07:36:14.327167: | crypto helper 4 replies to request ID 1
Sep 21 07:36:14.327169: | calling continuation function 0x55e81ef1e630
Sep 21 07:36:14.327172: | main_inR1_outI2_continue for #1: calculated ke+nonce, sending I2
Sep 21 07:36:14.327176: | **emit ISAKMP Message:
Sep 21 07:36:14.327179: |    initiator cookie:
Sep 21 07:36:14.327181: |   18 ed 1e 4b  88 fb a0 90
Sep 21 07:36:14.327184: |    responder cookie:
Sep 21 07:36:14.327186: |   14 dd 6a d7  ad 65 53 88
Sep 21 07:36:14.327188: |    next payload type: ISAKMP_NEXT_NONE (0x0)
Sep 21 07:36:14.327191: |    ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10)
Sep 21 07:36:14.327193: |    exchange type: ISAKMP_XCHG_IDPROT (0x2)
Sep 21 07:36:14.327196: |    flags: none (0x0)
Sep 21 07:36:14.327198: |    Message ID: 0 (0x0)
Sep 21 07:36:14.327201: | next payload chain: saving message location 'ISAKMP Message'.'next payload type'
Sep 21 07:36:14.327204: | ***emit ISAKMP Key Exchange Payload:
Sep 21 07:36:14.327207: |    next payload type: ISAKMP_NEXT_NONCE (0xa)
Sep 21 07:36:14.327210: | next payload chain: ignoring supplied 'ISAKMP Key Exchange Payload'.'next payload type' value 10:ISAKMP_NEXT_NONCE
Sep 21 07:36:14.327213: | next payload chain: setting previous 'ISAKMP Message'.'next payload type' to current ISAKMP Key Exchange Payload (4:ISAKMP_NEXT_KE)
Sep 21 07:36:14.327216: | next payload chain: saving location 'ISAKMP Key Exchange Payload'.'next payload type' in 'reply packet'
Sep 21 07:36:14.327219: | emitting 256 raw bytes of keyex value into ISAKMP Key Exchange Payload
Sep 21 07:36:14.327221: | keyex value  b6 1d 5b 4a  30 2e b8 9c  77 44 3a 1e  2a 60 a6 6c
Sep 21 07:36:14.327223: | keyex value  57 03 90 16  07 11 d0 94  24 2c 81 c6  79 e5 ba d2
Sep 21 07:36:14.327226: | keyex value  59 a0 46 70  e2 a5 25 30  a3 d5 61 18  88 a2 f5 9a
Sep 21 07:36:14.327228: | keyex value  27 fe 33 63  1e 19 4d 01  40 be b6 df  38 a8 db 15
Sep 21 07:36:14.327230: | keyex value  e4 48 e4 bc  ef af 0d 80  86 8f 45 da  8c 73 8b 9f
Sep 21 07:36:14.327233: | keyex value  9b d1 dc 69  fd a7 a8 03  2b ca 09 49  96 52 ac 70
Sep 21 07:36:14.327235: | keyex value  1c 6a 47 23  0b 40 47 b7  b1 09 00 0c  2e 61 83 28
Sep 21 07:36:14.327237: | keyex value  f1 bc 5a 5e  6b 68 61 30  e5 40 90 f3  cc 73 22 6c
Sep 21 07:36:14.327239: | keyex value  97 9f fd 25  06 e9 d4 52  5e 6c fd a5  27 cb c7 c4
Sep 21 07:36:14.327242: | keyex value  c0 0b 60 43  bc 34 0f 83  22 2a c8 3e  7f 0f 2d 36
Sep 21 07:36:14.327244: | keyex value  47 ad 7a 9d  d2 38 ff 1d  ca 0f 44 88  8b cd bc 30
Sep 21 07:36:14.327246: | keyex value  1f fc bb b0  2e ce 72 61  e6 77 b8 cb  06 59 3d 90
Sep 21 07:36:14.327249: | keyex value  49 b4 ed e0  bc 8d f7 bb  aa ac 34 36  a3 a0 85 b1
Sep 21 07:36:14.327251: | keyex value  60 16 a4 f0  4d 7a 04 61  f5 82 f2 d3  e6 8e 00 af
Sep 21 07:36:14.327253: | keyex value  f0 88 fb 94  cb bc f5 78  b4 f1 ab 36  43 87 3b c3
Sep 21 07:36:14.327255: | keyex value  59 54 20 e8  08 f9 76 26  91 83 76 15  2a 56 c7 b4
Sep 21 07:36:14.327258: | emitting length of ISAKMP Key Exchange Payload: 260
Sep 21 07:36:14.327261: | ***emit ISAKMP Nonce Payload:
Sep 21 07:36:14.327263: |    next payload type: ISAKMP_NEXT_NONE (0x0)
Sep 21 07:36:14.327266: | next payload chain: setting previous 'ISAKMP Key Exchange Payload'.'next payload type' to current ISAKMP Nonce Payload (10:ISAKMP_NEXT_NONCE)
Sep 21 07:36:14.327268: | next payload chain: saving location 'ISAKMP Nonce Payload'.'next payload type' in 'reply packet'
Sep 21 07:36:14.327271: | emitting 32 raw bytes of Ni into ISAKMP Nonce Payload
Sep 21 07:36:14.327274: | Ni  3c fd 4b d7  ab d2 fe 40  ff b5 e8 1e  6f 06 eb d4
Sep 21 07:36:14.327276: | Ni  0a 60 2b b6  64 b2 b0 40  4e bf 5f 43  32 b5 1e cc
Sep 21 07:36:14.327278: | emitting length of ISAKMP Nonce Payload: 36
Sep 21 07:36:14.327281: | NAT-T checking st_nat_traversal
Sep 21 07:36:14.327283: | NAT-T found (implies NAT_T_WITH_NATD)
Sep 21 07:36:14.327285: | sending NAT-D payloads
Sep 21 07:36:14.327298: | natd_hash: hasher=0x55e81eff4c40(32)
Sep 21 07:36:14.327301: | natd_hash: icookie=  18 ed 1e 4b  88 fb a0 90
Sep 21 07:36:14.327303: | natd_hash: rcookie=  14 dd 6a d7  ad 65 53 88
Sep 21 07:36:14.327305: | natd_hash: ip=  c0 01 02 17
Sep 21 07:36:14.327308: | natd_hash: port=  01 f4
Sep 21 07:36:14.327310: | natd_hash: hash=  e6 ba a1 07  b6 b7 7d 83  10 58 fb b8  0f e4 2b 1b
Sep 21 07:36:14.327312: | natd_hash: hash=  18 7a 78 24  e9 b3 e2 10  c8 0b 11 41  60 f1 f7 68
Sep 21 07:36:14.327315: | ***emit ISAKMP NAT-D Payload:
Sep 21 07:36:14.327317: |    next payload type: ISAKMP_NEXT_NATD_RFC (0x14)
Sep 21 07:36:14.327320: | next payload chain: ignoring supplied 'ISAKMP NAT-D Payload'.'next payload type' value 20:ISAKMP_NEXT_NATD_RFC
Sep 21 07:36:14.327323: | next payload chain: setting previous 'ISAKMP Nonce Payload'.'next payload type' to current ISAKMP NAT-D Payload (20:ISAKMP_NEXT_NATD_RFC)
Sep 21 07:36:14.327326: | next payload chain: saving location 'ISAKMP NAT-D Payload'.'next payload type' in 'reply packet'
Sep 21 07:36:14.327328: | emitting 32 raw bytes of NAT-D into ISAKMP NAT-D Payload
Sep 21 07:36:14.327331: | NAT-D  e6 ba a1 07  b6 b7 7d 83  10 58 fb b8  0f e4 2b 1b
Sep 21 07:36:14.327333: | NAT-D  18 7a 78 24  e9 b3 e2 10  c8 0b 11 41  60 f1 f7 68
Sep 21 07:36:14.327335: | emitting length of ISAKMP NAT-D Payload: 36
Sep 21 07:36:14.327342: | natd_hash: hasher=0x55e81eff4c40(32)
Sep 21 07:36:14.327344: | natd_hash: icookie=  18 ed 1e 4b  88 fb a0 90
Sep 21 07:36:14.327346: | natd_hash: rcookie=  14 dd 6a d7  ad 65 53 88
Sep 21 07:36:14.327348: | natd_hash: ip=  c0 01 03 d1
Sep 21 07:36:14.327351: | natd_hash: port=  01 f4
Sep 21 07:36:14.327353: | natd_hash: hash=  2a 64 c6 25  1f df 71 c7  e9 6c 6e ae  9e a0 26 3f
Sep 21 07:36:14.327355: | natd_hash: hash=  1f 65 9a 60  fc 04 05 13  fd 4d b1 1b  18 fd 7b 4b
Sep 21 07:36:14.327358: | ***emit ISAKMP NAT-D Payload:
Sep 21 07:36:14.327360: |    next payload type: ISAKMP_NEXT_NONE (0x0)
Sep 21 07:36:14.327363: | next payload chain: setting previous 'ISAKMP NAT-D Payload'.'next payload type' to current ISAKMP NAT-D Payload (20:ISAKMP_NEXT_NATD_RFC)
Sep 21 07:36:14.327366: | next payload chain: saving location 'ISAKMP NAT-D Payload'.'next payload type' in 'reply packet'
Sep 21 07:36:14.327368: | emitting 32 raw bytes of NAT-D into ISAKMP NAT-D Payload
Sep 21 07:36:14.327371: | NAT-D  2a 64 c6 25  1f df 71 c7  e9 6c 6e ae  9e a0 26 3f
Sep 21 07:36:14.327373: | NAT-D  1f 65 9a 60  fc 04 05 13  fd 4d b1 1b  18 fd 7b 4b
Sep 21 07:36:14.327375: | emitting length of ISAKMP NAT-D Payload: 36
Sep 21 07:36:14.327378: | no IKEv1 message padding required
Sep 21 07:36:14.327380: | emitting length of ISAKMP Message: 396
Sep 21 07:36:14.327383: | State DB: re-hashing IKEv1 state #1 IKE SPIi and SPI[ir]
Sep 21 07:36:14.327388: | complete v1 state transition with STF_OK
Sep 21 07:36:14.327393: | [RE]START processing: state #1 connection "xauth-road-eastnet" from 192.1.2.23:500 (in complete_v1_state_transition() at ikev1.c:2649)
Sep 21 07:36:14.327395: | #1 is idle
Sep 21 07:36:14.327398: | doing_xauth:yes, t_xauth_client_done:no
Sep 21 07:36:14.327400: | peer supports fragmentation
Sep 21 07:36:14.327402: | peer supports DPD
Sep 21 07:36:14.327404: | IKEv1: transition from state STATE_MAIN_I1 to state STATE_MAIN_I2
Sep 21 07:36:14.327408: | parent state #1: MAIN_I1(half-open IKE SA) => MAIN_I2(open IKE SA)
Sep 21 07:36:14.327410: | event_already_set, deleting event
Sep 21 07:36:14.327413: | state #1 requesting EVENT_CRYPTO_TIMEOUT to be deleted
Sep 21 07:36:14.327416: | libevent_free: release ptr-libevent@0x55e820c013a0
Sep 21 07:36:14.327419: | free_event_entry: release EVENT_CRYPTO_TIMEOUT-pe@0x55e820bffbb0
Sep 21 07:36:14.327425: | sending reply packet to 192.1.2.23:500 (from 192.1.3.209:500)
Sep 21 07:36:14.327433: | sending 396 bytes for STATE_MAIN_I1 through eth0 from 192.1.3.209:500 to 192.1.2.23:500 (using #1)
Sep 21 07:36:14.327436: |   18 ed 1e 4b  88 fb a0 90  14 dd 6a d7  ad 65 53 88
Sep 21 07:36:14.327438: |   04 10 02 00  00 00 00 00  00 00 01 8c  0a 00 01 04
Sep 21 07:36:14.327442: |   b6 1d 5b 4a  30 2e b8 9c  77 44 3a 1e  2a 60 a6 6c
Sep 21 07:36:14.327444: |   57 03 90 16  07 11 d0 94  24 2c 81 c6  79 e5 ba d2
Sep 21 07:36:14.327446: |   59 a0 46 70  e2 a5 25 30  a3 d5 61 18  88 a2 f5 9a
Sep 21 07:36:14.327448: |   27 fe 33 63  1e 19 4d 01  40 be b6 df  38 a8 db 15
Sep 21 07:36:14.327451: |   e4 48 e4 bc  ef af 0d 80  86 8f 45 da  8c 73 8b 9f
Sep 21 07:36:14.327453: |   9b d1 dc 69  fd a7 a8 03  2b ca 09 49  96 52 ac 70
Sep 21 07:36:14.327455: |   1c 6a 47 23  0b 40 47 b7  b1 09 00 0c  2e 61 83 28
Sep 21 07:36:14.327457: |   f1 bc 5a 5e  6b 68 61 30  e5 40 90 f3  cc 73 22 6c
Sep 21 07:36:14.327459: |   97 9f fd 25  06 e9 d4 52  5e 6c fd a5  27 cb c7 c4
Sep 21 07:36:14.327462: |   c0 0b 60 43  bc 34 0f 83  22 2a c8 3e  7f 0f 2d 36
Sep 21 07:36:14.327464: |   47 ad 7a 9d  d2 38 ff 1d  ca 0f 44 88  8b cd bc 30
Sep 21 07:36:14.327466: |   1f fc bb b0  2e ce 72 61  e6 77 b8 cb  06 59 3d 90
Sep 21 07:36:14.327468: |   49 b4 ed e0  bc 8d f7 bb  aa ac 34 36  a3 a0 85 b1
Sep 21 07:36:14.327470: |   60 16 a4 f0  4d 7a 04 61  f5 82 f2 d3  e6 8e 00 af
Sep 21 07:36:14.327473: |   f0 88 fb 94  cb bc f5 78  b4 f1 ab 36  43 87 3b c3
Sep 21 07:36:14.327475: |   59 54 20 e8  08 f9 76 26  91 83 76 15  2a 56 c7 b4
Sep 21 07:36:14.327477: |   14 00 00 24  3c fd 4b d7  ab d2 fe 40  ff b5 e8 1e
Sep 21 07:36:14.327479: |   6f 06 eb d4  0a 60 2b b6  64 b2 b0 40  4e bf 5f 43
Sep 21 07:36:14.327482: |   32 b5 1e cc  14 00 00 24  e6 ba a1 07  b6 b7 7d 83
Sep 21 07:36:14.327484: |   10 58 fb b8  0f e4 2b 1b  18 7a 78 24  e9 b3 e2 10
Sep 21 07:36:14.327486: |   c8 0b 11 41  60 f1 f7 68  00 00 00 24  2a 64 c6 25
Sep 21 07:36:14.327488: |   1f df 71 c7  e9 6c 6e ae  9e a0 26 3f  1f 65 9a 60
Sep 21 07:36:14.327490: |   fc 04 05 13  fd 4d b1 1b  18 fd 7b 4b
Sep 21 07:36:14.327523: | !event_already_set at reschedule
Sep 21 07:36:14.327527: | event_schedule: new EVENT_RETRANSMIT-pe@0x55e820bffbb0
Sep 21 07:36:14.327531: | inserting event EVENT_RETRANSMIT, timeout in 25 seconds for #1
Sep 21 07:36:14.327534: | libevent_malloc: new ptr-libevent@0x55e820c013a0 size 128
Sep 21 07:36:14.327539: | #1 STATE_MAIN_I2: retransmits: first event in 25 seconds; timeout in 107 seconds; limit of 12 retransmits; current time is 50020.695791
Sep 21 07:36:14.327542: "xauth-road-eastnet" #1: STATE_MAIN_I2: sent MI2, expecting MR2
Sep 21 07:36:14.327550: | XAUTH client is not yet authenticated
Sep 21 07:36:14.327553: | resume sending helper answer for #1 suppresed complete_v1_state_transition()
Sep 21 07:36:14.327558: | #1 spent 0.372 milliseconds in resume sending helper answer
Sep 21 07:36:14.327563: | stop processing: state #1 connection "xauth-road-eastnet" from 192.1.2.23:500 (in resume_handler() at server.c:833)
Sep 21 07:36:14.327566: | libevent_free: release ptr-libevent@0x7feb40006900
Sep 21 07:36:14.329402: | spent 0.00191 milliseconds in comm_handle_cb() calling check_incoming_msg_errqueue()
Sep 21 07:36:14.329420: | *received 396 bytes from 192.1.2.23:500 on eth0 (192.1.3.209:500)
Sep 21 07:36:14.329423: |   18 ed 1e 4b  88 fb a0 90  14 dd 6a d7  ad 65 53 88
Sep 21 07:36:14.329426: |   04 10 02 00  00 00 00 00  00 00 01 8c  0a 00 01 04
Sep 21 07:36:14.329428: |   a4 bc 13 31  72 94 82 94  48 f5 47 78  a0 8f d8 8b
Sep 21 07:36:14.329430: |   c9 52 08 9d  66 79 35 b3  77 e9 a7 61  6c 98 db 36
Sep 21 07:36:14.329432: |   2d e4 1e 43  53 d7 ce 1f  ee 93 76 df  9c e3 ac e3
Sep 21 07:36:14.329434: |   6d ba 47 c1  b6 06 43 e8  ae d6 ce 35  8e 44 03 f5
Sep 21 07:36:14.329436: |   67 99 fa 41  39 cd f8 8f  e4 77 67 05  bc 9b ac 55
Sep 21 07:36:14.329438: |   7f 89 96 27  a6 62 4a 9e  09 d5 33 0f  41 27 39 5d
Sep 21 07:36:14.329440: |   44 2a f1 40  d4 3c e6 56  0c a3 ab 77  10 cb ee d5
Sep 21 07:36:14.329442: |   f2 d8 cc 33  12 5a e9 54  08 d5 c7 db  6f 20 ea 8c
Sep 21 07:36:14.329444: |   35 c5 bf 07  4e d4 bc 18  35 70 1f b1  33 71 af a8
Sep 21 07:36:14.329446: |   f3 ae 92 91  3b a8 a8 44  55 da ca 77  28 64 41 79
Sep 21 07:36:14.329448: |   ad dd ae 8b  ec 26 4a 71  49 c4 6c c9  00 ae eb 0f
Sep 21 07:36:14.329452: |   af 83 51 86  74 3b eb f0  26 11 84 92  ce d6 7b 35
Sep 21 07:36:14.329455: |   88 e6 2c cf  d0 13 ad c0  0a 0d fb 5c  43 7a d8 8e
Sep 21 07:36:14.329457: |   48 ec a2 16  90 cd a7 09  bb 72 61 67  aa ea 56 de
Sep 21 07:36:14.329459: |   2a a8 24 ca  d8 90 f8 95  c8 f4 64 eb  bd 01 e7 b6
Sep 21 07:36:14.329461: |   21 ce 1f 39  b2 22 52 57  a9 7b b6 fd  bb 33 a3 ed
Sep 21 07:36:14.329463: |   14 00 00 24  fa 3c 21 ca  f9 6d d3 8b  59 6a 8e 06
Sep 21 07:36:14.329465: |   cf 4c e1 92  6e 6b 9a 20  24 bf fd e0  49 aa 45 9b
Sep 21 07:36:14.329467: |   fb 93 43 71  14 00 00 24  2a 64 c6 25  1f df 71 c7
Sep 21 07:36:14.329469: |   e9 6c 6e ae  9e a0 26 3f  1f 65 9a 60  fc 04 05 13
Sep 21 07:36:14.329471: |   fd 4d b1 1b  18 fd 7b 4b  00 00 00 24  e6 ba a1 07
Sep 21 07:36:14.329473: |   b6 b7 7d 83  10 58 fb b8  0f e4 2b 1b  18 7a 78 24
Sep 21 07:36:14.329475: |   e9 b3 e2 10  c8 0b 11 41  60 f1 f7 68
Sep 21 07:36:14.329479: | start processing: from 192.1.2.23:500 (in process_md() at demux.c:378)
Sep 21 07:36:14.329482: | **parse ISAKMP Message:
Sep 21 07:36:14.329484: |    initiator cookie:
Sep 21 07:36:14.329486: |   18 ed 1e 4b  88 fb a0 90
Sep 21 07:36:14.329488: |    responder cookie:
Sep 21 07:36:14.329490: |   14 dd 6a d7  ad 65 53 88
Sep 21 07:36:14.329492: |    next payload type: ISAKMP_NEXT_KE (0x4)
Sep 21 07:36:14.329495: |    ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10)
Sep 21 07:36:14.329497: |    exchange type: ISAKMP_XCHG_IDPROT (0x2)
Sep 21 07:36:14.329500: |    flags: none (0x0)
Sep 21 07:36:14.329502: |    Message ID: 0 (0x0)
Sep 21 07:36:14.329504: |    length: 396 (0x18c)
Sep 21 07:36:14.329507: |  processing version=1.0 packet with exchange type=ISAKMP_XCHG_IDPROT (2)
Sep 21 07:36:14.329511: | State DB: found IKEv1 state #1 in MAIN_I2 (find_state_ikev1)
Sep 21 07:36:14.329516: | start processing: state #1 connection "xauth-road-eastnet" from 192.1.2.23:500 (in process_v1_packet() at ikev1.c:1435)
Sep 21 07:36:14.329518: | #1 is idle
Sep 21 07:36:14.329521: | #1 idle
Sep 21 07:36:14.329523: | got payload 0x10  (ISAKMP_NEXT_KE) needed: 0x410 opt: 0x102080
Sep 21 07:36:14.329526: | ***parse ISAKMP Key Exchange Payload:
Sep 21 07:36:14.329529: |    next payload type: ISAKMP_NEXT_NONCE (0xa)
Sep 21 07:36:14.329531: |    length: 260 (0x104)
Sep 21 07:36:14.329534: | got payload 0x400  (ISAKMP_NEXT_NONCE) needed: 0x400 opt: 0x102080
Sep 21 07:36:14.329536: | ***parse ISAKMP Nonce Payload:
Sep 21 07:36:14.329538: |    next payload type: ISAKMP_NEXT_NATD_RFC (0x14)
Sep 21 07:36:14.329541: |    length: 36 (0x24)
Sep 21 07:36:14.329543: | got payload 0x100000  (ISAKMP_NEXT_NATD_RFC) needed: 0x0 opt: 0x102080
Sep 21 07:36:14.329545: | ***parse ISAKMP NAT-D Payload:
Sep 21 07:36:14.329547: |    next payload type: ISAKMP_NEXT_NATD_RFC (0x14)
Sep 21 07:36:14.329549: |    length: 36 (0x24)
Sep 21 07:36:14.329551: | got payload 0x100000  (ISAKMP_NEXT_NATD_RFC) needed: 0x0 opt: 0x102080
Sep 21 07:36:14.329553: | ***parse ISAKMP NAT-D Payload:
Sep 21 07:36:14.329556: |    next payload type: ISAKMP_NEXT_NONE (0x0)
Sep 21 07:36:14.329558: |    length: 36 (0x24)
Sep 21 07:36:14.329561: | message 'main_inR2_outI3' HASH payload not checked early
Sep 21 07:36:14.329566: | started looking for secret for @road->@east of kind PKK_PSK
Sep 21 07:36:14.329569: | actually looking for secret for @road->@east of kind PKK_PSK
Sep 21 07:36:14.329572: | line 1: key type PKK_PSK(@road) to type PKK_RSA
Sep 21 07:36:14.329576: | concluding with best_match=000 best=(nil) (lineno=-1)
Sep 21 07:36:14.329578: | no PreShared Key Found
Sep 21 07:36:14.329582: | adding aggr outR1 DH work-order 2 for state #1
Sep 21 07:36:14.329584: | state #1 requesting EVENT_RETRANSMIT to be deleted
Sep 21 07:36:14.329587: | #1 STATE_MAIN_I2: retransmits: cleared
Sep 21 07:36:14.329590: | libevent_free: release ptr-libevent@0x55e820c013a0
Sep 21 07:36:14.329593: | free_event_entry: release EVENT_RETRANSMIT-pe@0x55e820bffbb0
Sep 21 07:36:14.329596: | event_schedule: new EVENT_CRYPTO_TIMEOUT-pe@0x7feb40002b20
Sep 21 07:36:14.329602: | inserting event EVENT_CRYPTO_TIMEOUT, timeout in 60 seconds for #1
Sep 21 07:36:14.329605: | libevent_malloc: new ptr-libevent@0x55e820c013a0 size 128
Sep 21 07:36:14.329613: | complete v1 state transition with STF_SUSPEND
Sep 21 07:36:14.329619: | [RE]START processing: state #1 connection "xauth-road-eastnet" from 192.1.2.23:500 (in complete_v1_state_transition() at ikev1.c:2624)
Sep 21 07:36:14.329621: | suspending state #1 and saving MD
Sep 21 07:36:14.329621: | crypto helper 0 resuming
Sep 21 07:36:14.329623: | #1 is busy; has a suspended MD
Sep 21 07:36:14.329642: | #1 spent 0.0707 milliseconds in process_packet_tail()
Sep 21 07:36:14.329647: | stop processing: from 192.1.2.23:500 (BACKGROUND) (in process_md() at demux.c:380)
Sep 21 07:36:14.329651: | stop processing: state #1 connection "xauth-road-eastnet" from 192.1.2.23:500 (in process_md() at demux.c:382)
Sep 21 07:36:14.329867: | processing: STOP connection NULL (in process_md() at demux.c:383)
Sep 21 07:36:14.329877: | spent 0.252 milliseconds in comm_handle_cb() reading and processing packet
Sep 21 07:36:14.329633: | crypto helper 0 starting work-order 2 for state #1
Sep 21 07:36:14.329889: | crypto helper 0 doing compute dh+iv (V1 Phase 1) (aggr outR1 DH); request ID 2
Sep 21 07:36:14.331008: | crypto helper 0 finished compute dh+iv (V1 Phase 1) (aggr outR1 DH); request ID 2 time elapsed 0.001119 seconds
Sep 21 07:36:14.331019: | (#1) spent 1.03 milliseconds in crypto helper computing work-order 2: aggr outR1 DH (pcr)
Sep 21 07:36:14.331022: | crypto helper 0 sending results from work-order 2 for state #1 to event queue
Sep 21 07:36:14.331025: | scheduling resume sending helper answer for #1
Sep 21 07:36:14.331029: | libevent_malloc: new ptr-libevent@0x7feb38004f00 size 128
Sep 21 07:36:14.331036: | crypto helper 0 waiting (nothing to do)
Sep 21 07:36:14.331045: | processing resume sending helper answer for #1
Sep 21 07:36:14.331051: | start processing: state #1 connection "xauth-road-eastnet" from 192.1.2.23:500 (in resume_handler() at server.c:797)
Sep 21 07:36:14.331055: | crypto helper 0 replies to request ID 2
Sep 21 07:36:14.331056: | calling continuation function 0x55e81ef1e630
Sep 21 07:36:14.331058: | main_inR2_outI3_cryptotail for #1: calculated DH, sending R1
Sep 21 07:36:14.331062: | **emit ISAKMP Message:
Sep 21 07:36:14.331064: |    initiator cookie:
Sep 21 07:36:14.331067: |   18 ed 1e 4b  88 fb a0 90
Sep 21 07:36:14.331069: |    responder cookie:
Sep 21 07:36:14.331071: |   14 dd 6a d7  ad 65 53 88
Sep 21 07:36:14.331074: |    next payload type: ISAKMP_NEXT_ID (0x5)
Sep 21 07:36:14.331076: |    ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10)
Sep 21 07:36:14.331079: |    exchange type: ISAKMP_XCHG_IDPROT (0x2)
Sep 21 07:36:14.331081: |    flags: ISAKMP_FLAG_v1_ENCRYPTION (0x1)
Sep 21 07:36:14.331084: |    Message ID: 0 (0x0)
Sep 21 07:36:14.331087: | next payload chain: saving message location 'ISAKMP Message'.'next payload type'
Sep 21 07:36:14.331089: | next payload chain: ignoring supplied 'ISAKMP Message'.'next payload type' value 5:ISAKMP_NEXT_ID
Sep 21 07:36:14.331093: | thinking about whether to send my certificate:
Sep 21 07:36:14.331096: |   I have RSA key: OAKLEY_RSA_SIG cert.type: 0?? 
Sep 21 07:36:14.331099: |   sendcert: CERT_ALWAYSSEND and I did not get a certificate request 
Sep 21 07:36:14.331101: |   so do not send cert.
Sep 21 07:36:14.331103: | I did not send a certificate because I do not have one.
Sep 21 07:36:14.331106: |  I am not sending a certificate request
Sep 21 07:36:14.331108: | I will NOT send an initial contact payload
Sep 21 07:36:14.331112: | init checking NAT-T: enabled; RFC 3947 (NAT-Traversal)
Sep 21 07:36:14.331122: | natd_hash: hasher=0x55e81eff4c40(32)
Sep 21 07:36:14.331125: | natd_hash: icookie=  18 ed 1e 4b  88 fb a0 90
Sep 21 07:36:14.331127: | natd_hash: rcookie=  14 dd 6a d7  ad 65 53 88
Sep 21 07:36:14.331129: | natd_hash: ip=  c0 01 03 d1
Sep 21 07:36:14.331131: | natd_hash: port=  01 f4
Sep 21 07:36:14.331133: | natd_hash: hash=  2a 64 c6 25  1f df 71 c7  e9 6c 6e ae  9e a0 26 3f
Sep 21 07:36:14.331138: | natd_hash: hash=  1f 65 9a 60  fc 04 05 13  fd 4d b1 1b  18 fd 7b 4b
Sep 21 07:36:14.331146: | natd_hash: hasher=0x55e81eff4c40(32)
Sep 21 07:36:14.331148: | natd_hash: icookie=  18 ed 1e 4b  88 fb a0 90
Sep 21 07:36:14.331151: | natd_hash: rcookie=  14 dd 6a d7  ad 65 53 88
Sep 21 07:36:14.331153: | natd_hash: ip=  c0 01 02 17
Sep 21 07:36:14.331155: | natd_hash: port=  01 f4
Sep 21 07:36:14.331157: | natd_hash: hash=  e6 ba a1 07  b6 b7 7d 83  10 58 fb b8  0f e4 2b 1b
Sep 21 07:36:14.331158: | natd_hash: hash=  18 7a 78 24  e9 b3 e2 10  c8 0b 11 41  60 f1 f7 68
Sep 21 07:36:14.331160: | expected NAT-D(me):  2a 64 c6 25  1f df 71 c7  e9 6c 6e ae  9e a0 26 3f
Sep 21 07:36:14.331161: | expected NAT-D(me):  1f 65 9a 60  fc 04 05 13  fd 4d b1 1b  18 fd 7b 4b
Sep 21 07:36:14.331162: | expected NAT-D(him):
Sep 21 07:36:14.331164: |   e6 ba a1 07  b6 b7 7d 83  10 58 fb b8  0f e4 2b 1b
Sep 21 07:36:14.331165: |   18 7a 78 24  e9 b3 e2 10  c8 0b 11 41  60 f1 f7 68
Sep 21 07:36:14.331167: | received NAT-D:  2a 64 c6 25  1f df 71 c7  e9 6c 6e ae  9e a0 26 3f
Sep 21 07:36:14.331168: | received NAT-D:  1f 65 9a 60  fc 04 05 13  fd 4d b1 1b  18 fd 7b 4b
Sep 21 07:36:14.331170: | received NAT-D:  e6 ba a1 07  b6 b7 7d 83  10 58 fb b8  0f e4 2b 1b
Sep 21 07:36:14.331171: | received NAT-D:  18 7a 78 24  e9 b3 e2 10  c8 0b 11 41  60 f1 f7 68
Sep 21 07:36:14.331173: | NAT_TRAVERSAL encaps using auto-detect
Sep 21 07:36:14.331174: | NAT_TRAVERSAL this end is NOT behind NAT
Sep 21 07:36:14.331176: | NAT_TRAVERSAL that end is NOT behind NAT
Sep 21 07:36:14.331178: | NAT_TRAVERSAL nat-keepalive enabled 192.1.2.23
Sep 21 07:36:14.331180: | NAT-Traversal: Result using RFC 3947 (NAT-Traversal) sender port 500: no NAT detected
Sep 21 07:36:14.331181: |  NAT_T_WITH_KA detected
Sep 21 07:36:14.331184: | global one-shot timer EVENT_NAT_T_KEEPALIVE scheduled in 20 seconds
Sep 21 07:36:14.331186: | ***emit ISAKMP Identification Payload (IPsec DOI):
Sep 21 07:36:14.331188: |    next payload type: ISAKMP_NEXT_SIG (0x9)
Sep 21 07:36:14.331190: |    ID type: ID_FQDN (0x2)
Sep 21 07:36:14.331191: |    Protocol ID: 0 (0x0)
Sep 21 07:36:14.331193: |    port: 0 (0x0)
Sep 21 07:36:14.331195: | next payload chain: ignoring supplied 'ISAKMP Identification Payload (IPsec DOI)'.'next payload type' value 9:ISAKMP_NEXT_SIG
Sep 21 07:36:14.331197: | next payload chain: setting previous 'ISAKMP Message'.'next payload type' to current ISAKMP Identification Payload (IPsec DOI) (5:ISAKMP_NEXT_ID)
Sep 21 07:36:14.331199: | next payload chain: saving location 'ISAKMP Identification Payload (IPsec DOI)'.'next payload type' in 'reply packet'
Sep 21 07:36:14.331201: | emitting 4 raw bytes of my identity into ISAKMP Identification Payload (IPsec DOI)
Sep 21 07:36:14.331202: | my identity  72 6f 61 64
Sep 21 07:36:14.331204: | emitting length of ISAKMP Identification Payload (IPsec DOI): 12
Sep 21 07:36:14.331225: | started looking for secret for @road->@east of kind PKK_RSA
Sep 21 07:36:14.331228: | actually looking for secret for @road->@east of kind PKK_RSA
Sep 21 07:36:14.331230: | line 1: key type PKK_RSA(@road) to type PKK_RSA
Sep 21 07:36:14.331232: | 1: compared key (none) to @road / @east -> 002
Sep 21 07:36:14.331234: | 2: compared key (none) to @road / @east -> 002
Sep 21 07:36:14.331236: | line 1: match=002
Sep 21 07:36:14.331238: | match 002 beats previous best_match 000 match=0x55e820bf2cc0 (line=1)
Sep 21 07:36:14.331239: | concluding with best_match=002 best=0x55e820bf2cc0 (lineno=1)
Sep 21 07:36:14.338132: | ***emit ISAKMP Signature Payload:
Sep 21 07:36:14.338148: |    next payload type: ISAKMP_NEXT_NONE (0x0)
Sep 21 07:36:14.338151: | next payload chain: setting previous 'ISAKMP Identification Payload (IPsec DOI)'.'next payload type' to current ISAKMP Signature Payload (9:ISAKMP_NEXT_SIG)
Sep 21 07:36:14.338153: | next payload chain: saving location 'ISAKMP Signature Payload'.'next payload type' in 'reply packet'
Sep 21 07:36:14.338156: | emitting 388 raw bytes of SIG_I into ISAKMP Signature Payload
Sep 21 07:36:14.338157: | SIG_I  76 66 65 09  2b 1a f8 a8  95 d4 55 3b  3e a6 8a 59
Sep 21 07:36:14.338162: | SIG_I  7e 28 c1 91  77 1f 76 38  04 8a 86 ad  eb 26 fe bc
Sep 21 07:36:14.338164: | SIG_I  88 61 b6 7d  55 76 86 f2  88 2f df 5c  df e3 b8 48
Sep 21 07:36:14.338165: | SIG_I  64 0c 65 e6  47 c8 c2 8c  c7 13 ae bc  5b b3 e3 59
Sep 21 07:36:14.338167: | SIG_I  20 cc 17 8e  33 5a de 0e  4f 0c 0e 20  76 98 23 8e
Sep 21 07:36:14.338168: | SIG_I  dc d7 aa 8d  6f 32 ca bf  7e 11 fb 9f  ae e8 14 49
Sep 21 07:36:14.338169: | SIG_I  29 e2 95 e2  46 3e 2b cb  30 ec fa 65  cc 06 74 b6
Sep 21 07:36:14.338171: | SIG_I  01 c4 16 22  95 c9 b0 4a  22 60 1a 0d  7b 04 e1 d5
Sep 21 07:36:14.338172: | SIG_I  b8 94 e1 d6  34 e6 1a 05  4d 53 f4 f8  89 a6 42 8d
Sep 21 07:36:14.338173: | SIG_I  6f 04 27 5c  b6 04 3f 61  35 12 25 a2  8a 2a 3e 3a
Sep 21 07:36:14.338175: | SIG_I  c6 7c be 1a  b0 05 89 c9  e4 6c 59 fd  dd 57 af 00
Sep 21 07:36:14.338176: | SIG_I  cd be 03 31  d1 56 91 69  02 6d 0c 6d  26 de 86 2a
Sep 21 07:36:14.338178: | SIG_I  f8 64 d2 69  4f 30 de 6c  b0 9e ac 96  b0 8f 30 84
Sep 21 07:36:14.338179: | SIG_I  0f f9 2b 40  9a a5 9c ec  f0 2e 31 49  6a 7a f3 e3
Sep 21 07:36:14.338180: | SIG_I  f2 86 6e ab  fd 2d 54 f5  4f 6e 24 35  66 2b 1e 31
Sep 21 07:36:14.338182: | SIG_I  3d f1 db bd  ac f3 12 2e  58 db 1e 80  6f 16 f2 a1
Sep 21 07:36:14.338183: | SIG_I  13 f6 f0 42  7c 7f 91 82  ec 32 c3 64  54 e2 ab cc
Sep 21 07:36:14.338185: | SIG_I  31 53 1f ef  ac 91 a7 ec  0d f1 ab bd  71 66 b8 59
Sep 21 07:36:14.338186: | SIG_I  43 d2 ae a6  c8 e2 18 07  2f 10 76 8c  c7 37 ab 06
Sep 21 07:36:14.338187: | SIG_I  fc a8 e0 8c  92 6b 30 39  b8 ab 07 94  38 58 69 c5
Sep 21 07:36:14.338189: | SIG_I  8b 1a cc d3  ce e5 3a bb  1a 4a 69 39  88 51 47 63
Sep 21 07:36:14.338190: | SIG_I  dc 88 cb ff  45 33 5c 80  f8 51 6d f6  aa 32 18 5c
Sep 21 07:36:14.338191: | SIG_I  cf 3c 36 19  e5 78 0c e4  ad 27 3e ee  38 f0 a8 67
Sep 21 07:36:14.338193: | SIG_I  4d d5 62 a4  2e 1b 43 77  ec 4c 79 f6  87 24 f1 ab
Sep 21 07:36:14.338194: | SIG_I  41 cd ef e9
Sep 21 07:36:14.338196: | emitting length of ISAKMP Signature Payload: 392
Sep 21 07:36:14.338197: | Not sending INITIAL_CONTACT
Sep 21 07:36:14.338199: | emitting 12 zero bytes of encryption padding into ISAKMP Message
Sep 21 07:36:14.338201: | no IKEv1 message padding required
Sep 21 07:36:14.338203: | emitting length of ISAKMP Message: 444
Sep 21 07:36:14.338218: | complete v1 state transition with STF_OK
Sep 21 07:36:14.338224: | [RE]START processing: state #1 connection "xauth-road-eastnet" from 192.1.2.23:500 (in complete_v1_state_transition() at ikev1.c:2649)
Sep 21 07:36:14.338226: | #1 is idle
Sep 21 07:36:14.338228: | doing_xauth:yes, t_xauth_client_done:no
Sep 21 07:36:14.338230: | IKEv1: transition from state STATE_MAIN_I2 to state STATE_MAIN_I3
Sep 21 07:36:14.338232: | parent state #1: MAIN_I2(open IKE SA) => MAIN_I3(open IKE SA)
Sep 21 07:36:14.338234: | event_already_set, deleting event
Sep 21 07:36:14.338236: | state #1 requesting EVENT_CRYPTO_TIMEOUT to be deleted
Sep 21 07:36:14.338240: | libevent_free: release ptr-libevent@0x55e820c013a0
Sep 21 07:36:14.338242: | free_event_entry: release EVENT_CRYPTO_TIMEOUT-pe@0x7feb40002b20
Sep 21 07:36:14.338246: | sending reply packet to 192.1.2.23:500 (from 192.1.3.209:500)
Sep 21 07:36:14.338253: | sending 444 bytes for STATE_MAIN_I2 through eth0 from 192.1.3.209:500 to 192.1.2.23:500 (using #1)
Sep 21 07:36:14.338255: |   18 ed 1e 4b  88 fb a0 90  14 dd 6a d7  ad 65 53 88
Sep 21 07:36:14.338256: |   05 10 02 01  00 00 00 00  00 00 01 bc  86 ba 05 41
Sep 21 07:36:14.338257: |   dc ab f0 77  e0 61 c8 7c  c1 d3 9c 1c  86 8d b4 06
Sep 21 07:36:14.338259: |   c3 b7 86 b2  53 61 f4 f7  79 c7 02 04  98 7e a6 ff
Sep 21 07:36:14.338260: |   a2 bb 95 37  b8 02 87 1c  0f b1 bc 5d  99 ea 7e fa
Sep 21 07:36:14.338262: |   60 68 90 58  d2 c7 26 69  28 00 7f 85  81 46 e6 f8
Sep 21 07:36:14.338263: |   a4 a7 13 db  29 13 10 29  e3 ba 6f 6c  dd 5a 53 c7
Sep 21 07:36:14.338264: |   33 a8 e3 55  87 79 63 b8  f9 17 ea c4  1e c7 2a f9
Sep 21 07:36:14.338266: |   d6 ae 4f 4f  d0 c7 c1 57  47 4a 4d 70  89 b5 2f 73
Sep 21 07:36:14.338268: |   72 7b 71 06  06 24 bc f9  f7 8a af 6a  d2 5c 7e 5a
Sep 21 07:36:14.338270: |   2a 94 fe d7  25 fa f5 cc  24 1c 4f 41  e3 a9 ec 6b
Sep 21 07:36:14.338271: |   3f f6 5f ef  0d 59 71 4d  01 f7 2f 61  54 4e 0a b3
Sep 21 07:36:14.338272: |   78 3d 4e e3  b9 0d ee 44  0a 71 73 65  02 d8 a8 52
Sep 21 07:36:14.338274: |   94 2d 15 8e  2c a3 64 bc  86 05 42 4c  2b 18 d3 8b
Sep 21 07:36:14.338275: |   a0 f7 41 39  4c 5c e3 5e  9c 53 a0 78  cf 2c 42 f4
Sep 21 07:36:14.338277: |   16 8f 21 be  1f d0 34 63  7c e0 9d ea  8d 93 a9 61
Sep 21 07:36:14.338278: |   58 cb 9f 86  79 13 65 68  a5 f6 21 c4  ff 8a d1 64
Sep 21 07:36:14.338279: |   c9 f2 62 27  aa 70 f7 65  43 9f 50 76  70 37 83 c9
Sep 21 07:36:14.338281: |   76 49 37 f5  e3 6a ec d9  18 dc 50 b8  5f 11 d1 43
Sep 21 07:36:14.338282: |   19 02 2a 3e  eb 67 70 9c  96 eb 23 33  98 81 49 0c
Sep 21 07:36:14.338283: |   c7 cb 04 45  62 2e a4 56  26 e9 95 e3  f9 14 44 23
Sep 21 07:36:14.338285: |   d7 27 2e 2b  63 7a b7 47  9e 78 5b 4a  97 34 3c cf
Sep 21 07:36:14.338286: |   be cd 77 bd  c8 05 0b f4  bf a6 33 d1  5b 33 0b 45
Sep 21 07:36:14.338287: |   41 3b 95 3a  e0 ab 97 7e  fa 14 51 ea  62 65 55 82
Sep 21 07:36:14.338289: |   e1 ca 99 29  e2 5d 4f d5  56 04 e1 75  a4 71 da 50
Sep 21 07:36:14.338290: |   71 0e 3e 5f  fa 2d ec 38  c5 c8 af 23  ff dd 67 6c
Sep 21 07:36:14.338292: |   84 c3 a7 23  fb 56 36 9f  bc a9 28 12  54 a8 6a ce
Sep 21 07:36:14.338293: |   22 32 cd 1d  02 99 4a fe  96 15 ab 39
Sep 21 07:36:14.338340: | !event_already_set at reschedule
Sep 21 07:36:14.338345: | event_schedule: new EVENT_RETRANSMIT-pe@0x55e820bfed10
Sep 21 07:36:14.338349: | inserting event EVENT_RETRANSMIT, timeout in 25 seconds for #1
Sep 21 07:36:14.338352: | libevent_malloc: new ptr-libevent@0x55e820c013a0 size 128
Sep 21 07:36:14.338357: | #1 STATE_MAIN_I3: retransmits: first event in 25 seconds; timeout in 107 seconds; limit of 12 retransmits; current time is 50020.706609
Sep 21 07:36:14.338359: "xauth-road-eastnet" #1: STATE_MAIN_I3: sent MI3, expecting MR3
Sep 21 07:36:14.338390: | XAUTH client is not yet authenticated
Sep 21 07:36:14.338396: | resume sending helper answer for #1 suppresed complete_v1_state_transition()
Sep 21 07:36:14.338402: | #1 spent 7.22 milliseconds in resume sending helper answer
Sep 21 07:36:14.338408: | stop processing: state #1 connection "xauth-road-eastnet" from 192.1.2.23:500 (in resume_handler() at server.c:833)
Sep 21 07:36:14.338411: | libevent_free: release ptr-libevent@0x7feb38004f00
Sep 21 07:36:14.342705: | spent 0.00327 milliseconds in comm_handle_cb() calling check_incoming_msg_errqueue()
Sep 21 07:36:14.342727: | *received 332 bytes from 192.1.2.23:500 on eth0 (192.1.3.209:500)
Sep 21 07:36:14.342730: |   18 ed 1e 4b  88 fb a0 90  14 dd 6a d7  ad 65 53 88
Sep 21 07:36:14.342733: |   05 10 02 01  00 00 00 00  00 00 01 4c  c4 43 b9 d9
Sep 21 07:36:14.342735: |   f2 87 8d d6  f1 14 76 56  7b 89 95 ca  be 67 1c 6b
Sep 21 07:36:14.342737: |   71 2d 2a 4f  9f fb e4 21  9f 64 e5 a9  75 85 f8 fe
Sep 21 07:36:14.342739: |   e7 94 8b 75  4b e6 f7 bb  24 bf 73 8b  78 c4 30 8b
Sep 21 07:36:14.342741: |   b5 14 56 cb  11 2d 3a c4  29 fb 2e 8c  06 46 91 7b
Sep 21 07:36:14.342744: |   b5 57 10 71  9d 32 cc ff  54 39 4b 79  5d d2 ee 1c
Sep 21 07:36:14.342746: |   69 0d 1c d4  70 a0 eb 82  cb 33 4a cd  9d 29 7d 54
Sep 21 07:36:14.342748: |   a3 ec f9 b9  71 46 ca 06  6a 44 59 ab  ad 1f 9b 32
Sep 21 07:36:14.342750: |   78 f0 00 92  46 4e 68 8d  80 dd 2e c9  d4 48 fa 18
Sep 21 07:36:14.342753: |   fc af 4d 8a  05 a0 c7 df  bb 0e 0a bc  7a 2f fe 45
Sep 21 07:36:14.342754: |   b8 09 0f dc  f7 ef 01 23  03 c2 24 90  2b 90 7b 4e
Sep 21 07:36:14.342756: |   59 20 88 fe  e7 4d a2 04  0d 40 6b b2  f8 96 fd 24
Sep 21 07:36:14.342774: |   7c 0e 36 f4  74 77 22 ac  2b dd a8 7f  63 4a 41 c9
Sep 21 07:36:14.342780: |   ea b0 2e a6  ec 61 20 dd  16 d5 00 ba  d7 ab ca f5
Sep 21 07:36:14.342788: |   52 f4 d8 79  28 28 92 2f  8e b2 79 72  9b 91 66 84
Sep 21 07:36:14.342793: |   43 11 5c 5a  d6 de 0b 1d  4c 11 40 23  5b ee 5f 8a
Sep 21 07:36:14.342798: |   f1 68 f4 12  ce 4f d8 be  80 c2 09 fc  fd ec 34 10
Sep 21 07:36:14.342800: |   83 1d 5a 66  7e f6 ac 59  ad 76 01 99  9a 75 e9 29
Sep 21 07:36:14.342802: |   16 06 20 08  b3 31 e7 17  1e 8a 0d 9e  aa 2a 86 7c
Sep 21 07:36:14.342805: |   f5 ca 19 4a  bf 2b a7 9f  c9 6b 2c 6a
Sep 21 07:36:14.342810: | start processing: from 192.1.2.23:500 (in process_md() at demux.c:378)
Sep 21 07:36:14.342815: | **parse ISAKMP Message:
Sep 21 07:36:14.342819: |    initiator cookie:
Sep 21 07:36:14.342823: |   18 ed 1e 4b  88 fb a0 90
Sep 21 07:36:14.342826: |    responder cookie:
Sep 21 07:36:14.342828: |   14 dd 6a d7  ad 65 53 88
Sep 21 07:36:14.342831: |    next payload type: ISAKMP_NEXT_ID (0x5)
Sep 21 07:36:14.342834: |    ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10)
Sep 21 07:36:14.342837: |    exchange type: ISAKMP_XCHG_IDPROT (0x2)
Sep 21 07:36:14.342840: |    flags: ISAKMP_FLAG_v1_ENCRYPTION (0x1)
Sep 21 07:36:14.342842: |    Message ID: 0 (0x0)
Sep 21 07:36:14.342843: |    length: 332 (0x14c)
Sep 21 07:36:14.342845: |  processing version=1.0 packet with exchange type=ISAKMP_XCHG_IDPROT (2)
Sep 21 07:36:14.342849: | State DB: found IKEv1 state #1 in MAIN_I3 (find_state_ikev1)
Sep 21 07:36:14.342853: | start processing: state #1 connection "xauth-road-eastnet" from 192.1.2.23:500 (in process_v1_packet() at ikev1.c:1435)
Sep 21 07:36:14.342855: | #1 is idle
Sep 21 07:36:14.342856: | #1 idle
Sep 21 07:36:14.342859: | received encrypted packet from 192.1.2.23:500
Sep 21 07:36:14.342874: | got payload 0x20  (ISAKMP_NEXT_ID) needed: 0x220 opt: 0x20c0
Sep 21 07:36:14.342876: | ***parse ISAKMP Identification Payload:
Sep 21 07:36:14.342878: |    next payload type: ISAKMP_NEXT_SIG (0x9)
Sep 21 07:36:14.342880: |    length: 12 (0xc)
Sep 21 07:36:14.342882: |    ID type: ID_FQDN (0x2)
Sep 21 07:36:14.342883: |    DOI specific A: 0 (0x0)
Sep 21 07:36:14.342884: |    DOI specific B: 0 (0x0)
Sep 21 07:36:14.342886: |      obj:   65 61 73 74
Sep 21 07:36:14.342888: | got payload 0x200  (ISAKMP_NEXT_SIG) needed: 0x200 opt: 0x20c0
Sep 21 07:36:14.342889: | ***parse ISAKMP Signature Payload:
Sep 21 07:36:14.342891: |    next payload type: ISAKMP_NEXT_NONE (0x0)
Sep 21 07:36:14.342892: |    length: 278 (0x116)
Sep 21 07:36:14.342894: | removing 14 bytes of padding
Sep 21 07:36:14.342896: | message 'main_inR3' HASH payload not checked early
Sep 21 07:36:14.342901: "xauth-road-eastnet" #1: Peer ID is ID_FQDN: '@east'
Sep 21 07:36:14.342910: | X509: no CERT payloads to process
Sep 21 07:36:14.342949: | required RSA CA is '%any'
Sep 21 07:36:14.342953: | checking RSA keyid '@east' for match with '@east'
Sep 21 07:36:14.342955: | RSA key issuer CA is '%any'
Sep 21 07:36:14.343001: | an RSA Sig check passed with *AQO9bJbr3 [preloaded keys]
Sep 21 07:36:14.343006: |   #1 spent 0.047 milliseconds in try_all_keys() trying a pubkey
Sep 21 07:36:14.343008: "xauth-road-eastnet" #1: Authenticated using RSA
Sep 21 07:36:14.343015: | FOR_EACH_CONNECTION_... in ISAKMP_SA_established
Sep 21 07:36:14.343096: | complete v1 state transition with STF_OK
Sep 21 07:36:14.343106: | [RE]START processing: state #1 connection "xauth-road-eastnet" from 192.1.2.23:500 (in complete_v1_state_transition() at ikev1.c:2649)
Sep 21 07:36:14.343109: | #1 is idle
Sep 21 07:36:14.343112: | doing_xauth:yes, t_xauth_client_done:no
Sep 21 07:36:14.343116: | IKEv1: transition from state STATE_MAIN_I3 to state STATE_MAIN_I4
Sep 21 07:36:14.343119: | parent state #1: MAIN_I3(open IKE SA) => MAIN_I4(established IKE SA)
Sep 21 07:36:14.343122: | event_already_set, deleting event
Sep 21 07:36:14.343125: | state #1 requesting EVENT_RETRANSMIT to be deleted
Sep 21 07:36:14.343128: | #1 STATE_MAIN_I4: retransmits: cleared
Sep 21 07:36:14.343133: | libevent_free: release ptr-libevent@0x55e820c013a0
Sep 21 07:36:14.343136: | free_event_entry: release EVENT_RETRANSMIT-pe@0x55e820bfed10
Sep 21 07:36:14.343140: | !event_already_set at reschedule
Sep 21 07:36:14.343144: | event_schedule: new EVENT_SA_REPLACE-pe@0x55e820bfed10
Sep 21 07:36:14.343148: | inserting event EVENT_SA_REPLACE, timeout in 2607 seconds for #1
Sep 21 07:36:14.343153: | libevent_malloc: new ptr-libevent@0x55e820c013a0 size 128
Sep 21 07:36:14.343156: | pstats #1 ikev1.isakmp established
Sep 21 07:36:14.343159: "xauth-road-eastnet" #1: STATE_MAIN_I4: ISAKMP SA established {auth=RSA_SIG cipher=AES_CBC_256 integ=HMAC_SHA2_256 group=MODP2048}
Sep 21 07:36:14.343165: | DPD: dpd_init() called on ISAKMP SA
Sep 21 07:36:14.343171: | DPD: Peer supports Dead Peer Detection
Sep 21 07:36:14.343174: | DPD: not initializing DPD because DPD is disabled locally
Sep 21 07:36:14.343177: | XAUTH client is not yet authenticated
Sep 21 07:36:14.343182: | #1 spent 0.279 milliseconds in process_packet_tail()
Sep 21 07:36:14.343185: | stop processing: from 192.1.2.23:500 (BACKGROUND) (in process_md() at demux.c:380)
Sep 21 07:36:14.343188: | stop processing: state #1 connection "xauth-road-eastnet" from 192.1.2.23:500 (in process_md() at demux.c:382)
Sep 21 07:36:14.343190: | processing: STOP connection NULL (in process_md() at demux.c:383)
Sep 21 07:36:14.343193: | spent 0.46 milliseconds in comm_handle_cb() reading and processing packet
Sep 21 07:36:14.423108: | spent 0.00325 milliseconds in comm_handle_cb() calling check_incoming_msg_errqueue()
Sep 21 07:36:14.423131: | *received 92 bytes from 192.1.2.23:500 on eth0 (192.1.3.209:500)
Sep 21 07:36:14.423135: |   18 ed 1e 4b  88 fb a0 90  14 dd 6a d7  ad 65 53 88
Sep 21 07:36:14.423137: |   08 10 06 01  38 d4 3c e9  00 00 00 5c  40 85 79 a1
Sep 21 07:36:14.423139: |   b5 27 49 23  b6 63 54 b6  06 75 86 20  f9 f7 f9 0c
Sep 21 07:36:14.423142: |   bc c8 5e d8  43 82 62 a5  fc d1 32 2e  db 1c 7a 5f
Sep 21 07:36:14.423144: |   4c 2f e3 4a  d6 ef 36 83  7a b6 da dd  6d 4f 8e c0
Sep 21 07:36:14.423146: |   71 f2 50 c1  c2 87 66 bb  27 1d 8a 15
Sep 21 07:36:14.423151: | start processing: from 192.1.2.23:500 (in process_md() at demux.c:378)
Sep 21 07:36:14.423154: | **parse ISAKMP Message:
Sep 21 07:36:14.423157: |    initiator cookie:
Sep 21 07:36:14.423159: |   18 ed 1e 4b  88 fb a0 90
Sep 21 07:36:14.423161: |    responder cookie:
Sep 21 07:36:14.423164: |   14 dd 6a d7  ad 65 53 88
Sep 21 07:36:14.423166: |    next payload type: ISAKMP_NEXT_HASH (0x8)
Sep 21 07:36:14.423169: |    ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10)
Sep 21 07:36:14.423171: |    exchange type: ISAKMP_XCHG_MODE_CFG (0x6)
Sep 21 07:36:14.423174: |    flags: ISAKMP_FLAG_v1_ENCRYPTION (0x1)
Sep 21 07:36:14.423176: |    Message ID: 953433321 (0x38d43ce9)
Sep 21 07:36:14.423179: |    length: 92 (0x5c)
Sep 21 07:36:14.423181: |  processing version=1.0 packet with exchange type=ISAKMP_XCHG_MODE_CFG (6)
Sep 21 07:36:14.423186: | peer and cookies match on #1; msgid=38d43ce9 st_msgid=00000000 st_msgid_phase15=00000000
Sep 21 07:36:14.423189: | State DB: IKEv1 state not found (find_v1_info_state)
Sep 21 07:36:14.423192: | No appropriate Mode Config state yet. See if we have a Main Mode state
Sep 21 07:36:14.423195: | peer and cookies match on #1; msgid=00000000 st_msgid=00000000 st_msgid_phase15=00000000
Sep 21 07:36:14.423197: | p15 state object #1 found, in STATE_MAIN_I4
Sep 21 07:36:14.423200: | State DB: found IKEv1 state #1 in MAIN_I4 (find_v1_info_state)
Sep 21 07:36:14.423205: | start processing: state #1 connection "xauth-road-eastnet" from 192.1.2.23:500 (in process_v1_packet() at ikev1.c:1654)
Sep 21 07:36:14.423208: |  processing received isakmp_xchg_type ISAKMP_XCHG_MODE_CFG.
Sep 21 07:36:14.423210: |  this is a xauthclient
Sep 21 07:36:14.423212: |  call  init_phase2_iv
Sep 21 07:36:14.423227: |  set from_state to STATE_MAIN_I4 this is xauthclient and IS_PHASE1() is TRUE
Sep 21 07:36:14.423231: | #1 is idle
Sep 21 07:36:14.423233: | #1 idle
Sep 21 07:36:14.423237: | received encrypted packet from 192.1.2.23:500
Sep 21 07:36:14.423247: | got payload 0x100  (ISAKMP_NEXT_HASH) needed: 0x4100 opt: 0x2000
Sep 21 07:36:14.423250: | ***parse ISAKMP Hash Payload:
Sep 21 07:36:14.423252: |    next payload type: ISAKMP_NEXT_MODECFG (0xe)
Sep 21 07:36:14.423255: |    length: 36 (0x24)
Sep 21 07:36:14.423258: | got payload 0x4000  (ISAKMP_NEXT_MODECFG) needed: 0x4000 opt: 0x2000
Sep 21 07:36:14.423263: | ***parse ISAKMP Mode Attribute:
Sep 21 07:36:14.423265: |    next payload type: ISAKMP_NEXT_NONE (0x0)
Sep 21 07:36:14.423268: |    length: 16 (0x10)
Sep 21 07:36:14.423270: |    Attr Msg Type: ISAKMP_CFG_REQUEST (0x1)
Sep 21 07:36:14.423273: |    Identifier: 0 (0x0)
Sep 21 07:36:14.423275: | removing 12 bytes of padding
Sep 21 07:36:14.423294: | xauth_inI0 HASH(1):
Sep 21 07:36:14.423296: |   4c f6 50 11  1f f0 0e 88  1e 81 0b c9  a6 23 fa 1d
Sep 21 07:36:14.423298: |   3d ab 25 e1  71 4c 10 b7  f4 cb d6 7e  c2 fd 35 16
Sep 21 07:36:14.423301: | received 'xauth_inI0' message HASH(1) data ok
Sep 21 07:36:14.423307: | **emit ISAKMP Message:
Sep 21 07:36:14.423309: |    initiator cookie:
Sep 21 07:36:14.423311: |   18 ed 1e 4b  88 fb a0 90
Sep 21 07:36:14.423314: |    responder cookie:
Sep 21 07:36:14.423316: |   14 dd 6a d7  ad 65 53 88
Sep 21 07:36:14.423318: |    next payload type: ISAKMP_NEXT_HASH (0x8)
Sep 21 07:36:14.423321: |    ISAKMP version: ISAKMP Version 1.0 (rfc2407) (0x10)
Sep 21 07:36:14.423323: |    exchange type: ISAKMP_XCHG_MODE_CFG (0x6)
Sep 21 07:36:14.423326: |    flags: ISAKMP_FLAG_v1_ENCRYPTION (0x1)
Sep 21 07:36:14.423328: |    Message ID: 953433321 (0x38d43ce9)
Sep 21 07:36:14.423331: | next payload chain: saving message location 'ISAKMP Message'.'next payload type'
Sep 21 07:36:14.423334: | next payload chain: ignoring supplied 'ISAKMP Message'.'next payload type' value 8:ISAKMP_NEXT_HASH
Sep 21 07:36:14.423336: | arrived in xauth_inI0
Sep 21 07:36:14.423339: | ****parse ISAKMP ModeCfg attribute:
Sep 21 07:36:14.423342: |    ModeCfg attr type: XAUTH-USER-NAME (0x4089)
Sep 21 07:36:14.423344: |    length/value: 0 (0x0)
Sep 21 07:36:14.423347: | Received Cisco XAUTH username
Sep 21 07:36:14.423349: | ****parse ISAKMP ModeCfg attribute:
Sep 21 07:36:14.423351: |    ModeCfg attr type: XAUTH-USER-PASSWORD (0x408a)
Sep 21 07:36:14.423354: |    length/value: 0 (0x0)
Sep 21 07:36:14.423356: | Received Cisco XAUTH password
Sep 21 07:36:14.423358: | XAUTH: Username or password request received
Sep 21 07:36:14.423361: | ***emit ISAKMP Hash Payload:
Sep 21 07:36:14.423363: |    next payload type: ISAKMP_NEXT_NONE (0x0)
Sep 21 07:36:14.423366: | next payload chain: setting previous 'ISAKMP Message'.'next payload type' to current ISAKMP Hash Payload (8:ISAKMP_NEXT_HASH)
Sep 21 07:36:14.423369: | next payload chain: saving location 'ISAKMP Hash Payload'.'next payload type' in 'reply packet'
Sep 21 07:36:14.423372: | emitting 32 zero bytes of HASH DATA into ISAKMP Hash Payload
Sep 21 07:36:14.423375: | emitting length of ISAKMP Hash Payload: 36
Sep 21 07:36:14.423377: | ***emit ISAKMP Mode Attribute:
Sep 21 07:36:14.423379: |    next payload type: ISAKMP_NEXT_NONE (0x0)
Sep 21 07:36:14.423382: |    Attr Msg Type: ISAKMP_CFG_REPLY (0x2)
Sep 21 07:36:14.423384: |    Identifier: 0 (0x0)
Sep 21 07:36:14.423387: | next payload chain: setting previous 'ISAKMP Hash Payload'.'next payload type' to current ISAKMP Mode Attribute (14:ISAKMP_NEXT_MODECFG)
Sep 21 07:36:14.423389: | next payload chain: saving location 'ISAKMP Mode Attribute'.'next payload type' in 'reply packet'
Sep 21 07:36:14.423392: | ****emit ISAKMP ModeCfg attribute:
Sep 21 07:36:14.423394: |    ModeCfg attr type: XAUTH-USER-NAME (0x4089)
Sep 21 07:36:14.423398: | prompting for Username:
Sep 21 07:36:14.423655: | emitting 10 raw bytes of XAUTH username into ISAKMP ModeCfg attribute
Sep 21 07:36:14.423662: | XAUTH username  67 6f 6f 64  75 73 65 72  39 30
Sep 21 07:36:14.423665: | emitting length of ISAKMP ModeCfg attribute: 10
Sep 21 07:36:14.423667: | ****emit ISAKMP ModeCfg attribute:
Sep 21 07:36:14.423670: |    ModeCfg attr type: XAUTH-USER-PASSWORD (0x408a)
Sep 21 07:36:14.423673: | started looking for xauth secret for gooduser90
Sep 21 07:36:14.423676: | line 1: key type PKK_XAUTH(@gooduser90) to type PKK_RSA
Sep 21 07:36:14.423679: | concluding with best_match=000 best=(nil) (lineno=-1)
Sep 21 07:36:14.423681: | looked up username=gooduser90, got=(nil)
Sep 21 07:36:14.423686: | prompting for Password:
Sep 21 07:36:14.423706: | emitting 8 raw bytes of XAUTH password into ISAKMP ModeCfg attribute
Sep 21 07:36:14.423710: | XAUTH password  75 73 65 31  70 61 73 73
Sep 21 07:36:14.423713: | emitting length of ISAKMP ModeCfg attribute: 8
Sep 21 07:36:14.423715: | emitting length of ISAKMP Mode Attribute: 34
Sep 21 07:36:14.423717: "xauth-road-eastnet" #1: XAUTH: Answering XAUTH challenge with user='gooduser90'
Sep 21 07:36:14.423738: | XAUTH: client response HASH(1):
Sep 21 07:36:14.423742: |   5d de c7 e4  f4 d1 89 cf  47 5b ee 3c  42 20 19 5e
Sep 21 07:36:14.423744: |   ce 2f c9 36  2c d0 9b a8  e2 63 d6 d4  ee 3a 43 aa
Sep 21 07:36:14.423746: | padding IKEv1 message with 2 bytes
Sep 21 07:36:14.423749: | emitting 2 zero bytes of message padding into ISAKMP Message
Sep 21 07:36:14.423751: | emitting length of ISAKMP Message: 100
Sep 21 07:36:14.423753: | emitting 8 zero bytes of encryption padding into ISAKMP Message
Sep 21 07:36:14.423756: | no IKEv1 message padding required
Sep 21 07:36:14.423758: | emitting length of ISAKMP Message: 108
Sep 21 07:36:14.423765: | xauth_inI0(STF_OK)
Sep 21 07:36:14.423768: | complete v1 state transition with STF_OK
Sep 21 07:36:14.423774: | [RE]START processing: state #1 connection "xauth-road-eastnet" from 192.1.2.23:500 (in complete_v1_state_transition() at ikev1.c:2649)
Sep 21 07:36:14.423776: | #1 is idle
Sep 21 07:36:14.423778: | doing_xauth:yes, t_xauth_client_done:no
Sep 21 07:36:14.423781: | IKEv1: transition from state STATE_XAUTH_I0 to state STATE_XAUTH_I1
Sep 21 07:36:14.423798: | parent state #1: MAIN_I4(established IKE SA) => XAUTH_I1(established IKE SA)
Sep 21 07:36:14.423804: | event_already_set, deleting event
Sep 21 07:36:14.423807: | state #1 requesting EVENT_SA_REPLACE to be deleted
Sep 21 07:36:14.423811: | libevent_free: release ptr-libevent@0x55e820c013a0
Sep 21 07:36:14.423813: | free_event_entry: release EVENT_SA_REPLACE-pe@0x55e820bfed10
Sep 21 07:36:14.423818: | sending reply packet to 192.1.2.23:500 (from 192.1.3.209:500)
Sep 21 07:36:14.423824: | sending 108 bytes for STATE_XAUTH_I0 through eth0 from 192.1.3.209:500 to 192.1.2.23:500 (using #1)
Sep 21 07:36:14.423827: |   18 ed 1e 4b  88 fb a0 90  14 dd 6a d7  ad 65 53 88
Sep 21 07:36:14.423829: |   08 10 06 01  38 d4 3c e9  00 00 00 6c  06 55 a7 33
Sep 21 07:36:14.423831: |   23 19 fc c0  c8 63 fe 36  63 6f bd dc  0c 89 9f c1
Sep 21 07:36:14.423833: |   6d 6d 0e 0f  60 bf 86 50  bd 67 2a 99  b6 e3 f6 1b
Sep 21 07:36:14.423835: |   97 c5 68 02  e0 e7 0a f5  5e 11 66 84  3d 11 b0 86
Sep 21 07:36:14.423837: |   22 a0 73 42  47 9a fc 36  50 b8 f2 f5  c4 81 41 b7
Sep 21 07:36:14.423839: |   f1 b3 cc 28  35 72 88 6f  23 90 88 78
Sep 21 07:36:14.423876: | !event_already_set at reschedule
Sep 21 07:36:14.423881: | event_schedule: new EVENT_RETRANSMIT-pe@0x55e820bfed10
Sep 21 07:36:14.423884: | inserting event EVENT_RETRANSMIT, timeout in 25 seconds for #1
Sep 21 07:36:14.423887: | libevent_malloc: new ptr-libevent@0x55e820c013a0 size 128
Sep 21 07:36:14.423892: | #1 STATE_XAUTH_I1: retransmits: first event in 25 seconds; timeout in 107 seconds; limit of 12 retransmits; current time is 50020.792145
Sep 21 07:36:14.423895: | pstats #1 ikev1.isakmp established
Sep 21 07:36:14.423900: "xauth-road-eastnet" #1: STATE_XAUTH_I1: XAUTH client - possibly awaiting CFG_set {auth=RSA_SIG cipher=AES_CBC_256 integ=HMAC_SHA2_256 group=MODP2048}
Sep 21 07:36:14.423905: | DPD: dpd_init() called on ISAKMP SA
Sep 21 07:36:14.423907: | DPD: Peer supports Dead Peer Detection
Sep 21 07:36:14.423909: | DPD: not initializing DPD because DPD is disabled locally
Sep 21 07:36:14.423912: | XAUTH client is not yet authenticated
Sep 21 07:36:14.423917: | #1 spent 0.332 milliseconds in process_packet_tail()
Sep 21 07:36:14.423922: | stop processing: from 192.1.2.23:500 (BACKGROUND) (in process_md() at demux.c:380)
Sep 21 07:36:14.423927: | stop processing: state #1 connection "xauth-road-eastnet" from 192.1.2.23:500 (in process_md() at demux.c:382)
Sep 21 07:36:14.423930: | processing: STOP connection NULL (in process_md() at demux.c:383)
Sep 21 07:36:14.423936: | spent 0.535 milliseconds in comm_handle_cb() reading and processing packet
Sep 21 07:36:34.068808: | processing global timer EVENT_SHUNT_SCAN
Sep 21 07:36:34.068831: | expiring aged bare shunts from shunt table
Sep 21 07:36:34.068841: | spent 0.00696 milliseconds in global timer EVENT_SHUNT_SCAN
Sep 21 07:36:34.331128: | processing global timer EVENT_NAT_T_KEEPALIVE
Sep 21 07:36:34.331151: | FOR_EACH_STATE_... in nat_traversal_ka_event (for_each_state)
Sep 21 07:36:34.331161: | start processing: state #1 connection "xauth-road-eastnet" from 192.1.2.23:500 (in for_each_state() at state.c:1572)
Sep 21 07:36:34.331165: | not behind NAT: no NAT-T KEEP-ALIVE required for conn xauth-road-eastnet
Sep 21 07:36:34.331170: | stop processing: state #1 connection "xauth-road-eastnet" from 192.1.2.23:500 (in for_each_state() at state.c:1574)
Sep 21 07:36:34.331177: | spent 0.0243 milliseconds in global timer EVENT_NAT_T_KEEPALIVE
Sep 21 07:36:39.432744: | timer_event_cb: processing event@0x55e820bfed10
Sep 21 07:36:39.432761: | handling event EVENT_RETRANSMIT for parent state #1
Sep 21 07:36:39.432770: | start processing: state #1 connection "xauth-road-eastnet" from 192.1.2.23:500 (in timer_event_cb() at timer.c:250)
Sep 21 07:36:39.432773: | IKEv1 retransmit event
Sep 21 07:36:39.432778: | [RE]START processing: state #1 connection "xauth-road-eastnet" from 192.1.2.23:500 (in retransmit_v1_msg() at retry.c:61)
Sep 21 07:36:39.432789: | handling event EVENT_RETRANSMIT for 192.1.2.23 "xauth-road-eastnet" #1 keying attempt 1 of 0; retransmit 1
Sep 21 07:36:39.432797: | retransmits: current time 50045.801058; retransmit count 0 exceeds limit? NO; deltatime 25 exceeds limit? NO; monotime 25.008913 exceeds limit? NO
Sep 21 07:36:39.432801: | event_schedule: new EVENT_RETRANSMIT-pe@0x55e820bffaf0
Sep 21 07:36:39.432804: | inserting event EVENT_RETRANSMIT, timeout in 25 seconds for #1
Sep 21 07:36:39.432808: | libevent_malloc: new ptr-libevent@0x7feb38004f00 size 128
Sep 21 07:36:39.432813: "xauth-road-eastnet" #1: STATE_XAUTH_I1: retransmission; will wait 25 seconds for response
Sep 21 07:36:39.432828: | sending 108 bytes for EVENT_RETRANSMIT through eth0 from 192.1.3.209:500 to 192.1.2.23:500 (using #1)
Sep 21 07:36:39.432831: |   18 ed 1e 4b  88 fb a0 90  14 dd 6a d7  ad 65 53 88
Sep 21 07:36:39.432834: |   08 10 06 01  38 d4 3c e9  00 00 00 6c  06 55 a7 33
Sep 21 07:36:39.432836: |   23 19 fc c0  c8 63 fe 36  63 6f bd dc  0c 89 9f c1
Sep 21 07:36:39.432838: |   6d 6d 0e 0f  60 bf 86 50  bd 67 2a 99  b6 e3 f6 1b
Sep 21 07:36:39.432840: |   97 c5 68 02  e0 e7 0a f5  5e 11 66 84  3d 11 b0 86
Sep 21 07:36:39.432843: |   22 a0 73 42  47 9a fc 36  50 b8 f2 f5  c4 81 41 b7
Sep 21 07:36:39.432845: |   f1 b3 cc 28  35 72 88 6f  23 90 88 78
Sep 21 07:36:39.432901: | libevent_free: release ptr-libevent@0x55e820c013a0
Sep 21 07:36:39.432905: | free_event_entry: release EVENT_RETRANSMIT-pe@0x55e820bfed10
Sep 21 07:36:39.432912: | #1 spent 0.152 milliseconds in timer_event_cb() EVENT_RETRANSMIT
Sep 21 07:36:39.432917: | stop processing: state #1 connection "xauth-road-eastnet" from 192.1.2.23:500 (in timer_event_cb() at timer.c:557)