*Jul 10 16:44:02.409: ISAKMP (0:0): received packet from 200.44.59.147 dport 500 sport 500 Global (N) NEW SA *Jul 10 16:44:02.409: ISAKMP: Found a peer struct for 200.44.59.147, peer port 500 *Jul 10 16:44:02.409: ISAKMP: Locking peer struct 0x46FD3514, IKE refcount 1 for crypto_isakmp_process_block *Jul 10 16:44:02.409: ISAKMP: local port 500, remote port 500 *Jul 10 16:44:02.409: insert sa successfully sa = 45770D94 *Jul 10 16:44:02.409: ISAKMP:(0:0:N/A:0):Input = IKE_MESG_FROM_PEER, IKE_MM_EXCH *Jul 10 16:44:02.409: ISAKMP:(0:0:N/A:0):Old State = IKE_READY New State = IKE_R_MM1 *Jul 10 16:44:02.409: ISAKMP:(0:0:N/A:0): processing SA payload. message ID = 0 *Jul 10 16:44:02.413: ISAKMP:(0:0:N/A:0): processing vendor id payload *Jul 10 16:44:02.413: ISAKMP:(0:0:N/A:0): vendor ID seems Unity/DPD but major 0 mismatch *Jul 10 16:44:02.413: ISAKMP:(0:0:N/A:0):Looking for a matching key for 200.44.59.147 in default *Jul 10 16:44:02.413: ISAKMP:(0:0:N/A:0): : success *Jul 10 16:44:02.413: ISAKMP:(0:0:N/A:0):found peer pre-shared key matching 200.44.59.147 *Jul 10 16:44:02.413: ISAKMP:(0:0:N/A:0): local preshared key found *Jul 10 16:44:02.413: ISAKMP : Scanning profiles for xauth ... *Jul 10 16:44:02.413: ISAKMP:(0:0:N/A:0):Checking ISAKMP transform 1 against priority 1 policy *Jul 10 16:44:02.413: ISAKMP: default group 1 *Jul 10 16:44:02.413: ISAKMP: auth pre-share *Jul 10 16:44:02.413: ISAKMP: encryption 3DES-CBC *Jul 10 16:44:02.413: ISAKMP: hash SHA *Jul 10 16:44:02.413: ISAKMP: life type in seconds *Jul 10 16:44:02.413: ISAKMP: life duration (VPI) of 0x0 0x0 0x70 0x80 *Jul 10 16:44:02.413: ISAKMP:(0:0:N/A:0):atts are acceptable. Next payload is 0 *Jul 10 16:44:02.437: ISAKMP:(0:1:SW:1): processing vendor id payload *Jul 10 16:44:02.437: ISAKMP:(0:1:SW:1): vendor ID seems Unity/DPD but major 0 mismatch *Jul 10 16:44:02.437: ISAKMP:(0:1:SW:1):Input = IKE_MESG_INTERNAL, IKE_PROCESS_MAIN_MODE *Jul 10 16:44:02.437: ISAKMP:(0:1:SW:1):Old State = IKE_R_MM1 New State = IKE_R_MM1 *Jul 10 16:44:02.437: ISAKMP:(0:1:SW:1): sending packet to 200.44.59.147 my_port 500 peer_port 500 (R) MM_SA_SETUP *Jul 10 16:44:02.441: ISAKMP:(0:1:SW:1):Input = IKE_MESG_INTERNAL, IKE_PROCESS_COMPLETE *Jul 10 16:44:02.441: ISAKMP:(0:1:SW:1):Old State = IKE_R_MM1 New State = IKE_R_MM2 *Jul 10 16:44:02.845: ISAKMP (0:134217729): received packet from 200.44.59.147 dport 500 sport 500 Global (R) MM_SA_SETUP *Jul 10 16:44:02.845: ISAKMP:(0:1:SW:1):Input = IKE_MESG_FROM_PEER, IKE_MM_EXCH *Jul 10 16:44:02.845: ISAKMP:(0:1:SW:1):Old State = IKE_R_MM2 New State = IKE_R_MM3 *Jul 10 16:44:02.845: ISAKMP:(0:1:SW:1): processing KE payload. message ID = 0 *Jul 10 16:44:02.873: ISAKMP:(0:1:SW:1): processing NONCE payload. message ID = 0 *Jul 10 16:44:02.873: ISAKMP:(0:0:N/A:0):Looking for a matching key for 200.44.59.147 in default *Jul 10 16:44:02.873: ISAKMP:(0:0:N/A:0): : success *Jul 10 16:44:02.873: ISAKMP:(0:1:SW:1):found peer pre-shared key matching 200.44.59.147 *Jul 10 16:44:02.873: ISAKMP:(0:1:SW:1):SKEYID state generated *Jul 10 16:44:02.877: ISAKMP:(0:1:SW:1):Input = IKE_MESG_INTERNAL, IKE_PROCESS_MAIN_MODE *Jul 10 16:44:02.877: ISAKMP:(0:1:SW:1):Old State = IKE_R_MM3 New State = IKE_R_MM3 *Jul 10 16:44:02.877: ISAKMP:(0:1:SW:1): sending packet to 200.44.59.147 my_port 500 peer_port 500 (R) MM_KEY_EXCH *Jul 10 16:44:02.877: ISAKMP:(0:1:SW:1):Input = IKE_MESG_INTERNAL, IKE_PROCESS_COMPLETE *Jul 10 16:44:02.877: ISAKMP:(0:1:SW:1):Old State = IKE_R_MM3 New State = IKE_R_MM4 *Jul 10 16:44:03.253: ISAKMP (0:134217729): received packet from 200.44.59.147 dport 500 sport 500 Global (R) MM_KEY_EXCH *Jul 10 16:44:03.253: ISAKMP:(0:1:SW:1):Input = IKE_MESG_FROM_PEER, IKE_MM_EXCH *Jul 10 16:44:03.253: ISAKMP:(0:1:SW:1):Old State = IKE_R_MM4 New State = IKE_R_MM5 *Jul 10 16:44:03.253: ISAKMP:(0:1:SW:1): processing ID payload. message ID = 0 *Jul 10 16:44:03.253: ISAKMP (0:134217729): ID payload next-payload : 8 type : 1 address : 200.44.59.147 protocol : 0 port : 0 length : 12 *Jul 10 16:44:03.253: ISAKMP:(0:1:SW:1):: peer matches *none* of the profiles *Jul 10 16:44:03.253: ISAKMP:(0:1:SW:1): processing HASH payload. message ID = 0 *Jul 10 16:44:03.253: ISAKMP:(0:1:SW:1):SA authentication status: authenticated *Jul 10 16:44:03.257: ISAKMP:(0:1:SW:1):SA has been authenticated with 200.44.59.147 *Jul 10 16:44:03.257: ISAKMP:(0:1:SW:1):Input = IKE_MESG_INTERNAL, IKE_PROCESS_MAIN_MODE *Jul 10 16:44:03.257: ISAKMP:(0:1:SW:1):Old State = IKE_R_MM5 New State = IKE_R_MM5 *Jul 10 16:44:03.257: ISAKMP:(0:1:SW:1):SA is doing pre-shared key authentication using id type ID_IPV4_ADDR *Jul 10 16:44:03.257: ISAKMP (0:134217729): ID payload next-payload : 8 type : 1 address : 85.62.24.193 protocol : 17 port : 500 length : 12 *Jul 10 16:44:03.257: ISAKMP:(0:1:SW:1):Total payload length: 12 *Jul 10 16:44:03.257: ISAKMP:(0:1:SW:1): sending packet to 200.44.59.147 my_port 500 peer_port 500 (R) MM_KEY_EXCH *Jul 10 16:44:03.257: ISAKMP:(0:1:SW:1):Input = IKE_MESG_INTERNAL, IKE_PROCESS_COMPLETE *Jul 10 16:44:03.257: ISAKMP:(0:1:SW:1):Old State = IKE_R_MM5 New State = IKE_P1_COMPLETE *Jul 10 16:44:03.261: ISAKMP:(0:1:SW:1):Input = IKE_MESG_INTERNAL, IKE_PHASE1_COMPLETE *Jul 10 16:44:03.261: ISAKMP:(0:1:SW:1):Old State = IKE_P1_COMPLETE New State = IKE_P1_COMPLETE *Jul 10 16:44:03.585: ISAKMP (0:134217729): received packet from 200.44.59.147 dport 500 sport 500 Global (R) QM_IDLE *Jul 10 16:44:03.589: ISAKMP: set new node -1273054243 to QM_IDLE *Jul 10 16:44:03.589: ISAKMP:(0:1:SW:1): hash verification failed for -1273054243! *Jul 10 16:44:03.589: ISAKMP:(0:1:SW:1):Input = IKE_MESG_FROM_PEER, IKE_INFO_NOTIFY *Jul 10 16:44:03.589: ISAKMP:(0:1:SW:1):Old State = IKE_P1_COMPLETE New State = IKE_P1_COMPLETE *Jul 10 16:44:03.589: ISAKMP:(0:1:SW:1):deleting node -1273054243 error FALSE reason "IKMP_NO_ERR_NO_TRANS" *Jul 10 16:44:03.593: ISAKMP (0:134217729): received packet from 200.44.59.147 dport 500 sport 500 Global (R) QM_IDLE *Jul 10 16:44:03.593: ISAKMP: set new node -1301812105 to QM_IDLE *Jul 10 16:44:03.593: ISAKMP:(0:1:SW:1): processing HASH payload. message ID = -1301812105 *Jul 10 16:44:03.593: ISAKMP:(0:1:SW:1): processing SA payload. message ID = -1301812105 *Jul 10 16:44:03.593: ISAKMP:(0:1:SW:1):Checking IPSec proposal 1 *Jul 10 16:44:03.593: ISAKMP: transform 1, ESP_3DES *Jul 10 16:44:03.593: ISAKMP: attributes in transform: *Jul 10 16:44:03.593: ISAKMP: authenticator is HMAC-SHA *Jul 10 16:44:03.593: ISAKMP: encaps is 1 (Tunnel) *Jul 10 16:44:03.593: ISAKMP: SA life type in kilobytes *Jul 10 16:44:03.593: ISAKMP: SA life duration (VPI) of 0x0 0x1 0xF4 0x0 *Jul 10 16:44:03.593: ISAKMP: SA life type in seconds *Jul 10 16:44:03.593: ISAKMP: SA life duration (VPI) of 0x0 0x0 0x70 0x80 *Jul 10 16:44:03.593: ISAKMP:(0:1:SW:1):atts are acceptable. *Jul 10 16:44:03.593: IPSEC(validate_proposal_request): proposal part #1, (key eng. msg.) INBOUND local= 85.62.24.193, remote= 200.44.59.147, local_proxy= 129.47.0.0/255.255.252.0/0/0 (type=4), remote_proxy= 128.1.20.0/255.255.255.0/0/0 (type=4), protocol= ESP, transform= esp-3des esp-sha-hmac (Tunnel), lifedur= 0s and 0kb, spi= 0x0(0), conn_id= 0, keysize= 0, flags= 0x2 *Jul 10 16:44:03.597: Crypto mapdb : proxy_match src addr : 129.47.0.0 dst addr : 128.1.20.0 protocol : 0 src port : 0 dst port : 0 *Jul 10 16:44:03.597: ISAKMP:(0:1:SW:1): processing NONCE payload. message ID = -1301812105 *Jul 10 16:44:03.597: ISAKMP:(0:1:SW:1): processing ID payload. message ID = -1301812105 *Jul 10 16:44:03.597: ISAKMP:(0:1:SW:1): processing ID payload. message ID = -1301812105 *Jul 10 16:44:03.597: ISAKMP:(0:1:SW:1): asking for 1 spis from ipsec *Jul 10 16:44:03.597: ISAKMP:(0:1:SW:1):Node -1301812105, Input = IKE_MESG_FROM_PEER, IKE_QM_EXCH *Jul 10 16:44:03.597: ISAKMP:(0:1:SW:1):Old State = IKE_QM_READY New State = IKE_QM_SPI_STARVE *Jul 10 16:44:03.597: IPSEC(key_engine): got a queue event with 1 kei messages *Jul 10 16:44:03.597: IPSEC(spi_response): getting spi 1058442374 for SA from 85.62.24.193 to 200.44.59.147 for prot 3 *Jul 10 16:44:03.597: ISAKMP: received ke message (2/1) *Jul 10 16:44:03.601: ISAKMP: Locking peer struct 0x46FD3514, IPSEC refcount 2 for for stuff_ke *Jul 10 16:44:03.601: ISAKMP:(0:1:SW:1): Creating IPSec SAs *Jul 10 16:44:03.601: inbound SA from 200.44.59.147 to 85.62.24.193 (f/i) 0/ 0 (proxy 128.1.20.0 to 129.47.0.0) *Jul 10 16:44:03.601: has spi 0x3F168C86 and conn_id 0 and flags 2 *Jul 10 16:44:03.601: lifetime of 28800 seconds *Jul 10 16:44:03.601: lifetime of 128000 kilobytes *Jul 10 16:44:03.601: has client flags 0x0 *Jul 10 16:44:03.601: outbound SA from 85.62.24.193 to 200.44.59.147 (f/i) 0/0 (proxy 129.47.0.0 to 128.1.20.0) *Jul 10 16:44:03.601: has spi 1070175911 and conn_id 0 and flags A *Jul 10 16:44:03.601: lifetime of 28800 seconds *Jul 10 16:44:03.601: lifetime of 128000 kilobytes *Jul 10 16:44:03.601: has client flags 0x0 *Jul 10 16:44:03.605: ISAKMP:(0:1:SW:1): sending packet to 200.44.59.147 my_port 500 peer_port 500 (R) QM_IDLE *Jul 10 16:44:03.605: ISAKMP:(0:1:SW:1):Node -1301812105, Input = IKE_MESG_FROM_IPSEC, IKE_SPI_REPLY *Jul 10 16:44:03.605: ISAKMP:(0:1:SW:1):Old State = IKE_QM_SPI_STARVE New State = IKE_QM_R_QM2 *Jul 10 16:44:03.605: IPSEC(key_engine): got a queue event with 2 kei messages *Jul 10 16:44:03.605: IPSEC(initialize_sas): , (key eng. msg.) INBOUND local= 85.62.24.193, remote= 200.44.59.147, local_proxy= 129.47.0.0/255.255.252.0/0/0 (type=4), remote_proxy= 128.1.20.0/255.255.255.0/0/0 (type=4), protocol= ESP, transform= esp-3des esp-sha-hmac (Tunnel), lifedur= 28800s and 128000kb, spi= 0x3F168C86(1058442374), conn_id= 0, keysize= 0, flags= 0x2 *Jul 10 16:44:03.605: IPSEC(initialize_sas): , (key eng. msg.) OUTBOUND local= 85.62.24.193, remote= 200.44.59.147, local_proxy= 129.47.0.0/255.255.252.0/0/0 (type=4), remote_proxy= 128.1.20.0/255.255.255.0/0/0 (type=4), protocol= ESP, transform= esp-3des esp-sha-hmac (Tunnel), lifedur= 28800s and 128000kb, spi= 0x3FC996A7(1070175911), conn_id= 0, keysize= 0, flags= 0xA *Jul 10 16:44:03.605: Crypto mapdb : proxy_match src addr : 129.47.0.0 dst addr : 128.1.20.0 protocol : 0 src port : 0 dst port : 0 *Jul 10 16:44:03.605: IPSEC(crypto_ipsec_sa_find_ident_head): reconnecting with the same proxies and 200.44.59.147 *Jul 10 16:44:03.605: IPSec: Flow_switching Allocated flow for sibling 8000009E *Jul 10 16:44:03.605: ISAKMP: Locking peer struct 0x46FD3514, IPSEC refcount 3 for from create_transforms *Jul 10 16:44:03.605: IPSEC(create_sa): sa created, (sa) sa_dest= 85.62.24.193, sa_proto= 50, sa_spi= 0x3F168C86(1058442374), sa_trans= esp-3des esp-sha-hmac , sa_conn_id= 2002 *Jul 10 16:44:03.605: IPSEC(create_sa): sa created, (sa) sa_dest= 200.44.59.147, sa_proto= 50, sa_spi= 0x3FC996A7(1070175911), sa_trans= esp-3des esp-sha-hmac , sa_conn_id= 2001 *Jul 10 16:44:03.609: ISAKMP: Unlocking IPSEC struct 0x46FD3514 from create_transforms, count 2 *Jul 10 16:44:03.945: ISAKMP (0:134217729): received packet from 200.44.59.147 dport 500 sport 500 Global (R) QM_IDLE *Jul 10 16:44:03.945: ISAKMP:(0:1:SW:1):deleting node -1301812105 error FALSE reason "QM done (await)" *Jul 10 16:44:03.945: ISAKMP:(0:1:SW:1):Node -1301812105, Input = IKE_MESG_FROM_PEER, IKE_QM_EXCH *Jul 10 16:44:03.945: ISAKMP:(0:1:SW:1):Old State = IKE_QM_R_QM2 New State = IKE_QM_PHASE2_COMPLETE *Jul 10 16:44:03.945: IPSEC(key_engine): got a queue event with 1 kei messages *Jul 10 16:44:03.945: IPSEC(key_engine_enable_outbound): rec'd enable notify from ISAKMP *Jul 10 16:44:03.945: IPSEC(key_engine_enable_outbound): enable SA with spi 1070175911/50 *Jul 10 16:44:03.945: IPSEC(add_sa): have new SAs -- expire existing in 30 sec., (sa) sa_dest= 85.62.24.193, sa_proto= 50, sa_spi= 0xDD55C6A(232086634), sa_trans= esp-3des esp-sha-hmac , sa_conn_id= 2003, (identity) local= 85.62.24.193, remote= 200.44.59.147, local_proxy= 129.47.0.0/255.255.252.0/0/0 (type=4), remote_proxy= 128.1.20.0/255.255.255.0/0/0 (type=4) *Jul 10 16:44:33.945: IPSEC(delete_sa): deleting SA, (sa) sa_dest= 85.62.24.193, sa_proto= 50, sa_spi= 0xDD55C6A(232086634), sa_trans= esp-3des esp-sha-hmac , sa_conn_id= 2003, (identity) local= 85.62.24.193, remote= 200.44.59.147, local_proxy= 129.47.0.0/255.255.252.0/0/0 (type=4), remote_proxy= 128.1.20.0/255.255.255.0/0/0 (type=4) *Jul 10 16:44:33.945: IPSEC(delete_sa): deleting SA, (sa) sa_dest= 200.44.59.147, sa_proto= 50, sa_spi= 0x63E50050(1675952208), sa_trans= esp-3des esp-sha-hmac , sa_conn_id= 2004, (identity) local= 85.62.24.193, remote= 200.44.59.147, local_proxy= 129.47.0.0/255.255.252.0/0/0 (type=4), remote_proxy= 128.1.20.0/255.255.255.0/0/0 (type=4) *Jul 10 16:44:33.945: IPSec: Flow_switching Deallocated flow for sibling 8000009D *Jul 10 16:44:33.945: ISAKMP: Unlocking IPSEC struct 0x46FD3514 from delete_siblings, count 1 *Jul 10 16:44:33.945: ISAKMP: received ke message (3/1) *Jul 10 16:44:33.945: ISAKMP: set new node -1681229688 to QM_IDLE *Jul 10 16:44:33.949: ISAKMP:(0:1:SW:1): sending packet to 200.44.59.147 my_port 500 peer_port 500 (R) QM_IDLE *Jul 10 16:44:33.949: ISAKMP:(0:1:SW:1):purging node -1681229688 *Jul 10 16:44:33.949: ISAKMP:(0:1:SW:1):Input = IKE_MESG_FROM_IPSEC, IKE_PHASE2_DEL *Jul 10 16:44:33.949: ISAKMP:(0:1:SW:1):Old State = IKE_P1_COMPLETE New State = IKE_P1_COMPLETE *Jul 10 16:44:46.753: ISAKMP (0:134217729): received packet from 200.44.59.147 dport 500 sport 500 Global (R) QM_IDLE *Jul 10 16:44:46.753: ISAKMP: set new node -1213250205 to QM_IDLE *Jul 10 16:44:46.753: ISAKMP:(0:1:SW:1): processing HASH payload. message ID = -1213250205 *Jul 10 16:44:46.753: ISAKMP:(0:1:SW:1): processing DELETE payload. message ID = -1213250205 *Jul 10 16:44:46.753: ISAKMP:(0:1:SW:1):peer does not do paranoid keepalives. *Jul 10 16:44:46.753: ISAKMP:(0:1:SW:1):deleting node -1213250205 error FALSE reason "Informational (in) state 1" *Jul 10 16:44:46.753: IPSEC(key_engine): got a queue event with 1 kei messages *Jul 10 16:44:46.753: IPSEC(key_engine_delete_sas): rec'd delete notify from ISAKMP *Jul 10 16:44:53.589: ISAKMP:(0:1:SW:1):purging node -1273054243 *Jul 10 16:44:53.945: ISAKMP:(0:1:SW:1):purging node -1301812105 *Jul 10 16:45:36.754: ISAKMP:(0:1:SW:1):purging node -1213250205