X-ASA# debug cry isa 255 X-ASA# debug cry ipsec 255 X-ASA# IKE Recv RAW packet dump 8f 7d 34 7e b3 3f 86 39 00 00 00 00 00 00 00 00 | .}4~.?.9........ 01 10 02 00 00 00 00 00 00 00 00 54 00 00 00 38 | ...........T...8 00 00 00 01 00 00 00 01 00 00 00 2c 01 01 00 01 | ...........,.... 00 00 00 24 01 01 00 00 80 04 00 02 80 03 00 01 | ...$............ 80 01 00 05 80 02 00 01 80 0b 00 01 00 0c 00 04 | ................ 00 00 01 2c | ..., RECV PACKET from x.x.x.x ISAKMP Header Initiator COOKIE: 8f 7d 34 7e b3 3f 86 39 Responder COOKIE: 00 00 00 00 00 00 00 00 Next Payload: Security Association Version: 1.0 Exchange Type: Identity Protection (Main Mode) Flags: (none) MessageID: 00000000 Length: 84 Payload Security Association Next Payload: None Reserved: 00 Payload Length: 56 DOI: IPsec Situation:(SIT_IDENTITY_ONLY) Payload Proposal Next Payload: None Reserved: 00 Payload Length: 44 Proposal #: 1 Protocol-Id: PROTO_ISAKMP SPI Size: 0 # of transforms: 1 Payload Transform Next Payload: None Reserved: 00 Payload Length: 36 Transform #: 1 Transform-Id: KEY_IKE Reserved2: 0000 Group Description: Group 2 Authentication Method: Preshared key Encryption Algorithm: 3DES-CBC Hash Algorithm: MD5 Life Type: seconds Life Duration (Hex): 00 00 01 2c Feb 21 16:07:35 [IKEv1]: IP = x.x.x.x, IKE_DECODE RECEIVED Message (msgid=0) with payloads : HDR + SA (1) + NONE (0) total length : 84 Feb 21 16:07:35 [IKEv1 DEBUG]: IP = x.x.x.x, processing SA payload Feb 21 16:07:35 [IKEv1 DEBUG]: IP = x.x.x.x, Oakley proposal is acceptable Feb 21 16:07:35 [IKEv1 DEBUG]: IP = x.x.x.x, processing IKE SA payload Feb 21 16:07:35 [IKEv1 DEBUG]: IP = x.x.x.x, IKE SA Proposal # 1, Transform # 1 acceptable Matches global IKE entry # 2 Feb 21 16:07:35 [IKEv1 DEBUG]: IP = x.x.x.x, constructing ISAKMP SA payload Feb 21 16:07:35 [IKEv1 DEBUG]: IP = x.x.x.x, constructing Fragmentation VID + extended capabilities payload Feb 21 16:07:35 [IKEv1]: IP = x.x.x.x, IKE_DECODE SENDING Message (msgid=0) with payloads : HDR + SA (1) + VENDOR (13) + NONE (0) total length : 104 SENDING PACKET to x.x.x.x ISAKMP Header Initiator COOKIE: 8f 7d 34 7e b3 3f 86 39 Responder COOKIE: 96 48 5f 10 34 f3 7f 62 Next Payload: Security Association Version: 1.0 Exchange Type: Identity Protection (Main Mode) Flags: (none) MessageID: 00000000 Length: 104 Payload Security Association Next Payload: Vendor ID Reserved: 00 Payload Length: 52 DOI: IPsec Situation:(SIT_IDENTITY_ONLY) Payload Proposal Next Payload: None Reserved: 00 Payload Length: 40 Proposal #: 1 Protocol-Id: PROTO_ISAKMP SPI Size: 0 # of transforms: 1 Payload Transform Next Payload: None Reserved: 00 Payload Length: 32 Transform #: 1 Transform-Id: KEY_IKE Reserved2: 0000 Encryption Algorithm: 3DES-CBC Hash Algorithm: MD5 Group Description: Group 2 Authentication Method: Preshared key Life Type: seconds Life Duration (Hex): 01 2c Payload Vendor ID Next Payload: None Reserved: 00 Payload Length: 24 Data (In Hex): 40 48 b7 d5 6e bc e8 85 25 e7 de 7f 00 d6 c2 d3 c0 00 00 00 IKE Recv RAW packet dump 8f 7d 34 7e b3 3f 86 39 96 48 5f 10 34 f3 7f 62 | .}4~.?.9.H_.4.b 04 10 02 00 00 00 00 00 00 00 00 ac 0a 00 00 84 | ................ 2a 71 c2 7e e9 fc 46 67 8e a6 1c 3b 2a 4e a3 ee | *q.~..Fg...;*N.. 24 c8 9a 66 39 a6 ae 41 94 4f c5 16 3e 8a 15 d9 | $..f9..A.O..>... ea 1c 57 02 fa 95 65 83 4f ff 86 59 ba 83 38 e8 | ..W...e.O..Y..8. e7 6c 61 89 be 20 f3 7c 4a 09 b2 37 b2 ef 9f c7 | .la.. .|J..7.... c0 66 07 3d c7 61 1b a3 6e 5b 8e 6e 46 e4 9f 1f | .f.=.a..n[.nF... ce a3 a5 a3 e3 77 ef 60 02 f2 8d 1b b3 e9 a6 d2 | .....w.`........ 00 f0 4a 15 bc 7b ae c0 b2 af 19 2d 93 c6 76 fc | ..J..{.....-..v. 1a fe da d7 b2 0e 8f fd bf 6e 04 d6 d6 a1 f9 1d | .........n...... 00 00 00 0c c4 28 db 23 7a f7 ba dc | .....(.#z... RECV PACKET from x.x.x.x ISAKMP Header Initiator COOKIE: 8f 7d 34 7e b3 3f 86 39 Responder COOKIE: 96 48 5f 10 34 f3 7f 62 Next Payload: Key Exchange Version: 1.0 Exchange Type: Identity Protection (Main Mode) Flags: (none) MessageID: 00000000 Length: 172 Payload Key Exchange Next Payload: Nonce Reserved: 00 Payload Length: 132 Data: 2a 71 c2 7e e9 fc 46 67 8e a6 1c 3b 2a 4e a3 ee 24 c8 9a 66 39 a6 ae 41 94 4f c5 16 3e 8a 15 d9 ea 1c 57 02 fa 95 65 83 4f ff 86 59 ba 83 38 e8 e7 6c 61 89 be 20 f3 7c 4a 09 b2 37 b2 ef 9f c7 c0 66 07 3d c7 61 1b a3 6e 5b 8e 6e 46 e4 9f 1f ce a3 a5 a3 e3 77 ef 60 02 f2 8d 1b b3 e9 a6 d2 00 f0 4a 15 bc 7b ae c0 b2 af 19 2d 93 c6 76 fc 1a fe da d7 b2 0e 8f fd bf 6e 04 d6 d6 a1 f9 1d Payload Nonce Next Payload: None Reserved: 00 Payload Length: 12 Data: c4 28 db 23 7a f7 ba dc Feb 21 16:07:36 [IKEv1]: IP = x.x.x.x, IKE_DECODE RECEIVED Message (msgid=0) with payloads : HDR + KE (4) + NONCE (10) + NONE (0) total length : 172 Feb 21 16:07:36 [IKEv1 DEBUG]: IP = x.x.x.x, processing ke payload Feb 21 16:07:36 [IKEv1 DEBUG]: IP = x.x.x.x, processing ISA_KE payload Feb 21 16:07:36 [IKEv1 DEBUG]: IP = x.x.x.x, processing nonce payload Feb 21 16:07:36 [IKEv1 DEBUG]: IP = x.x.x.x, constructing ke payload Feb 21 16:07:36 [IKEv1 DEBUG]: IP = x.x.x.x, constructing nonce payload Feb 21 16:07:36 [IKEv1 DEBUG]: IP = x.x.x.x, constructing Cisco Unity VID payload Feb 21 16:07:36 [IKEv1 DEBUG]: IP = x.x.x.x, constructing xauth V6 VID payload Feb 21 16:07:36 [IKEv1 DEBUG]: IP = x.x.x.x, Send IOS VID Feb 21 16:07:36 [IKEv1 DEBUG]: IP = x.x.x.x, Constructing ASA spoofing IOS Vendor ID payload (version: 1.0.0, capabilities: 20000001) Feb 21 16:07:36 [IKEv1 DEBUG]: IP = x.x.x.x, constructing VID payload Feb 21 16:07:36 [IKEv1 DEBUG]: IP = x.x.x.x, Send Altiga/Cisco VPN3000/Cisco ASA GW VID Feb 21 16:07:36 [IKEv1]: IP = x.x.x.x, Connection landed on tunnel_group x.x.x.x Feb 21 16:07:36 [IKEv1 DEBUG]: Group = x.x.x.x, IP = x.x.x.x, Generating keys for Responder... Feb 21 16:07:36 [IKEv1]: IP = x.x.x.x, IKE_DECODE SENDING Message (msgid=0) with payloads : HDR + KE (4) + NONCE (10) + VENDOR (13) + VENDOR (13) + VENDOR (13) + VENDOR (13) + NONE (0) total length : 256 SENDING PACKET to x.x.x.x ISAKMP Header Initiator COOKIE: 8f 7d 34 7e b3 3f 86 39 Responder COOKIE: 96 48 5f 10 34 f3 7f 62 Next Payload: Key Exchange Version: 1.0 Exchange Type: Identity Protection (Main Mode) Flags: (none) MessageID: 00000000 Length: 256 Payload Key Exchange Next Payload: Nonce Reserved: 00 Payload Length: 132 Data: f5 c6 13 b5 c0 1f cc 2f 8e 31 86 18 d8 79 73 9b 9d 22 a3 52 45 73 0c c6 92 b2 d8 0a d2 3d 2f d8 2c 73 5e cb b7 b5 e3 6f 72 c4 c8 9e a0 cf df b9 14 a1 6a fd 14 51 4f fb 65 b6 8b ea 29 53 eb 5a db f3 2a cd ca 76 0c bf 54 fe 3a 1c 1c 05 3d 99 2f db 8d f5 64 75 1e 4c 92 b1 27 9d 59 bc 88 58 7c 15 f0 4f 69 42 9f 54 5c df e3 22 46 c2 7d 5a 8b ab 0a 05 f7 cc 82 a9 c0 9a 99 9d ca 4f 73 93 Payload Nonce Next Payload: Vendor ID Reserved: 00 Payload Length: 24 Data: 6d 44 b8 79 08 67 dd 28 f4 71 f1 b3 67 45 a3 1a 8a 8f 4e c5 Payload Vendor ID Next Payload: Vendor ID Reserved: 00 Payload Length: 20 Data (In Hex): 12 f5 f2 8c 45 71 68 a9 70 2d 9f e2 74 cc 01 00 Payload Vendor ID Next Payload: Vendor ID Reserved: 00 Payload Length: 12 Data (In Hex): 09 00 26 89 df d6 b7 12 Payload Vendor ID Next Payload: Vendor ID Reserved: 00 Payload Length: 20 Data (In Hex): 63 8f f8 0d 34 f2 7f 62 cf 71 23 c5 6c c9 ca 50 Payload Vendor ID Next Payload: None Reserved: 00 Payload Length: 20 Data (In Hex): 1f 07 f7 0e aa 65 14 d3 b0 fa 96 54 2a 50 01 00 IKE Recv RAW packet dump 8f 7d 34 7e b3 3f 86 39 96 48 5f 10 34 f3 7f 62 | .}4~.?.9.H_.4.b 05 10 02 01 00 00 00 00 00 00 00 3c 0e 28 08 e2 | ...........<.(.. 94 c3 0d 03 1a 99 d0 b1 e3 fc 68 c0 1a 22 7c b0 | ..........h.."|. 4d 47 68 f3 95 f3 5b ba b6 a0 df 4e | MGh...[....N RECV PACKET from x.x.x.x ISAKMP Header Initiator COOKIE: 8f 7d 34 7e b3 3f 86 39 Responder COOKIE: 96 48 5f 10 34 f3 7f 62 Next Payload: Identification Version: 1.0 Exchange Type: Identity Protection (Main Mode) Flags: (Encryption) MessageID: 00000000 Length: 60 AFTER DECRYPTION ISAKMP Header Initiator COOKIE: 8f 7d 34 7e b3 3f 86 39 Responder COOKIE: 96 48 5f 10 34 f3 7f 62 Next Payload: Identification Version: 1.0 Exchange Type: Identity Protection (Main Mode) Flags: (Encryption) MessageID: 00000000 Length: 60 Payload Identification Next Payload: Hash Reserved: 00 Payload Length: 12 ID Type: IPv4 Address (1) Protocol ID (UDP/TCP, etc...): 0 Port: 0 ID Data: x.x.x.x Payload Hash Next Payload: None Reserved: 00 Payload Length: 20 Data: 74 46 8f 93 9c e6 50 05 8b 42 b8 31 86 1f 97 51 Feb 21 16:07:36 [IKEv1]: IP = x.x.x.x, IKE_DECODE RECEIVED Message (msgid=0) with payloads : HDR + ID (5) + HASH (8) + NONE (0) total length : 60 Feb 21 16:07:36 [IKEv1 DEBUG]: Group = x.x.x.x, IP = x.x.x.x, processing ID payload Feb 21 16:07:36 [IKEv1 DECODE]: Group = x.x.x.x, IP = x.x.x.x, ID_IPV4_ADDR ID received x.x.x.x Feb 21 16:07:36 [IKEv1 DEBUG]: Group = x.x.x.x, IP = x.x.x.x, processing hash payload Feb 21 16:07:36 [IKEv1 DEBUG]: Group = x.x.x.x, IP = x.x.x.x, Computing hash for ISAKMP Feb 21 16:07:36 [IKEv1]: IP = x.x.x.x, Connection landed on tunnel_group x.x.x.x Feb 21 16:07:36 [IKEv1]: Group = x.x.x.x, IP = x.x.x.x, Freeing previously allocated memory for authorization-dn-attributes Feb 21 16:07:36 [IKEv1 DEBUG]: Group = x.x.x.x, IP = x.x.x.x, constructing ID payload Feb 21 16:07:36 [IKEv1 DEBUG]: Group = x.x.x.x, IP = x.x.x.x, constructing hash payload Feb 21 16:07:36 [IKEv1 DEBUG]: Group = x.x.x.x, IP = x.x.x.x, Computing hash for ISAKMP Feb 21 16:07:36 [IKEv1 DEBUG]: Group = x.x.x.x, IP = x.x.x.x, constructing dpd vid payload Feb 21 16:07:36 [IKEv1]: IP = x.x.x.x, IKE_DECODE SENDING Message (msgid=0) with payloads : HDR + ID (5) + HASH (8) + VENDOR (13) + NONE (0) total length : 80 BEFORE ENCRYPTION RAW PACKET DUMP on SEND 8f 7d 34 7e b3 3f 86 39 96 48 5f 10 34 f3 7f 62 | .}4~.?.9.H_.4.b 05 10 02 00 00 00 00 00 1c 00 00 00 08 00 00 0c | ................ 01 11 01 f4 a8 bb f6 c2 0d 00 00 14 9f 9a 59 5d | ..............Y] fa 9f dc 59 2a ed af 22 2f ca b0 88 00 00 00 14 | ...Y*.."/....... af ca d7 13 68 a1 f1 c9 6b 86 96 fc 77 57 01 00 | ....h...k...wW.. ISAKMP Header Initiator COOKIE: 8f 7d 34 7e b3 3f 86 39 Responder COOKIE: 96 48 5f 10 34 f3 7f 62 Next Payload: Identification Version: 1.0 Exchange Type: Identity Protection (Main Mode) Flags: (none) MessageID: 00000000 Length: 469762048 Payload Identification Next Payload: Hash Reserved: 00 Payload Length: 12 ID Type: IPv4 Address (1) Protocol ID (UDP/TCP, etc...): 17 Port: 500 ID Data: 168.187.246.194 Payload Hash Next Payload: Vendor ID Reserved: 00 Payload Length: 20 Data: 9f 9a 59 5d fa 9f dc 59 2a ed af 22 2f ca b0 88 Payload Vendor ID Next Payload: None Reserved: 00 Payload Length: 20 Data (In Hex): af ca d7 13 68 a1 f1 c9 6b 86 96 fc 77 57 01 00 SENDING PACKET to x.x.x.x ISAKMP Header Initiator COOKIE: 8f 7d 34 7e b3 3f 86 39 Responder COOKIE: 96 48 5f 10 34 f3 7f 62 Next Payload: Identification Version: 1.0 Exchange Type: Identity Protection (Main Mode) Flags: (Encryption) MessageID: 00000000 Length: 84 Feb 21 16:07:36 [IKEv1]: Group = x.x.x.x, IP = x.x.x.x, PHASE 1 COMPLETED Feb 21 16:07:36 [IKEv1]: IP = x.x.x.x, Keep-alive type for this connection: None Feb 21 16:07:36 [IKEv1]: IP = x.x.x.x, Keep-alives configured on but peer does not support keep-alives (type = None) Feb 21 16:07:36 [IKEv1 DEBUG]: Group = x.x.x.x, IP = x.x.x.x, Starting P1 rekey timer: 195 seconds. IKE Recv RAW packet dump 8f 7d 34 7e b3 3f 86 39 96 48 5f 10 34 f3 7f 62 | .}4~.?.9.H_.4.b 08 10 20 01 ce b0 87 80 00 00 01 1c dd ca 43 4e | .. ...........CN 65 6e f0 e8 a3 3e 1b 21 3f b1 f2 54 7d af 25 f1 | en...>.!?..T}.%. 25 fb 1c f9 80 c2 3f 86 45 28 dd 87 18 bc 65 34 | %.....?.E(....e4 d6 fc 4b 1a 9e bf f5 bd f0 47 f9 56 a8 d0 0a d8 | ..K......G.V.... f1 e4 70 17 e5 0b 37 3b c1 76 d4 26 44 fc 6e 9c | ..p...7;.v.&D.n. 54 4b aa 91 b4 a3 8e 7f b6 0b 92 15 aa d5 54 84 | TK...........T. 0a 29 e7 2e 92 b5 d9 21 4f 22 6f 9f 13 52 e9 b1 | .).....!O"o..R.. 3c aa 2d 7d dd de b3 b0 54 45 12 cb d3 d0 68 d7 | <.-}....TE....h. f4 c6 6b d6 c6 7a 28 aa 36 18 8a 2b bb dc d0 c2 | ..k..z(.6..+.... 76 a1 60 30 db 7a c4 ed c0 e3 32 7d 5f 3f fc 08 | v.`0.z....2}_?.. 56 5d 7d a8 13 43 61 cc dd f8 28 90 9e cc 57 8b | V]}..Ca...(...W. c2 04 75 3a 7f 23 2e f5 99 41 fa 96 16 4e 98 2f | ..u:#...A...N./ 73 3a 39 a7 4e 6a ad c0 11 8b 0c dc ac 92 67 9c | s:9.Nj........g. a6 6a ee 63 26 e9 51 a7 79 83 8e f1 76 10 38 d0 | .j.c&.Q.y...v.8. 89 2e d7 83 3c 0b 9d d3 8e 53 96 b9 f2 bf f9 38 | ....<....S.....8 65 37 e5 a0 60 8f c9 19 df be 2b bf 80 8a 5f e4 | e7..`.....+..._. c0 27 ea c3 f5 0e 61 f0 49 0a ba 18 | .'....a.I... RECV PACKET from x.x.x.x ISAKMP Header Initiator COOKIE: 8f 7d 34 7e b3 3f 86 39 Responder COOKIE: 96 48 5f 10 34 f3 7f 62 Next Payload: Hash Version: 1.0 Exchange Type: Quick Mode Flags: (Encryption) MessageID: CEB08780 Length: 284 Feb 21 16:07:37 [IKEv1 DECODE]: IP = x.x.x.x, IKE Responder starting QM: msg id = ceb08780 AFTER DECRYPTION ISAKMP Header Initiator COOKIE: 8f 7d 34 7e b3 3f 86 39 Responder COOKIE: 96 48 5f 10 34 f3 7f 62 Next Payload: Hash Version: 1.0 Exchange Type: Quick Mode Flags: (Encryption) MessageID: CEB08780 Length: 284 Payload Hash Next Payload: Security Association Reserved: 00 Payload Length: 20 Data: 51 7c 89 f9 5f 40 42 53 26 ad 1a 0b a8 34 5e a3 Payload Security Association Next Payload: Nonce Reserved: 00 Payload Length: 56 DOI: IPsec Situation:(SIT_IDENTITY_ONLY) Payload Proposal Next Payload: None Reserved: 00 Payload Length: 44 Proposal #: 1 Protocol-Id: PROTO_IPSEC_ESP SPI Size: 4 # of transforms: 1 SPI: ed c1 72 f7 Payload Transform Next Payload: None Reserved: 00 Payload Length: 32 Transform #: 1 Transform-Id: ESP_3DES Reserved2: 0000 Authentication Algorithm: MD5 Group Description: Group 2 Encapsulation Mode: Tunnel Life Type: Seconds Life Duration (Hex): 00 00 01 2c Payload Nonce Next Payload: Identification Reserved: 00 Payload Length: 12 Data: a6 64 eb ca 3a 41 79 d6 Payload Identification Next Payload: Identification Reserved: 00 Payload Length: 16 ID Type: IPv4 Subnet (4) Protocol ID (UDP/TCP, etc...): 0 Port: 0 ID Data: 192.168.0.0/255.255.255.0 Payload Identification Next Payload: Key Exchange Reserved: 00 Payload Length: 16 ID Type: IPv4 Subnet (4) Protocol ID (UDP/TCP, etc...): 0 Port: 0 ID Data: 10.100.0.0/255.255.0.0 Payload Key Exchange Next Payload: None Reserved: 00 Payload Length: 132 Data: eb ec 39 92 53 cd e5 f5 da 95 5d c6 82 2f 5e 63 8e 18 56 b6 06 25 ac 52 51 90 56 47 e5 c7 5d a9 47 5a 02 67 44 04 b5 5d 8c 95 bf ba 2a 21 78 37 b9 ff db e5 ba 73 b0 61 79 db 54 ed a9 0e b1 df ab f3 b5 41 46 19 f1 07 08 b6 93 37 90 1b a5 43 21 af 83 ad 9a 8b 6b 26 1c 8a 9f a1 c8 f5 b2 74 6a b0 c5 78 4a 4b 3a 2f ac 41 5c 27 33 9a e3 e6 47 83 e9 eb 22 a8 a9 dd fb 91 c8 e1 96 66 de 15 Feb 21 16:07:37 [IKEv1]: IP = x.x.x.x, IKE_DECODE RECEIVED Message (msgid=ceb08780) with payloads : HDR + HASH (8) + SA (1) + NONCE (10) + ID (5) + ID (5) + KE (4) + NONE (0) total length : 280 Feb 21 16:07:37 [IKEv1 DEBUG]: Group = x.x.x.x, IP = x.x.x.x, processing hash payload Feb 21 16:07:37 [IKEv1 DEBUG]: Group = x.x.x.x, IP = x.x.x.x, processing SA payload Feb 21 16:07:37 [IKEv1 DEBUG]: Group = x.x.x.x, IP = x.x.x.x, processing nonce payload Feb 21 16:07:37 [IKEv1 DEBUG]: Group = x.x.x.x, IP = x.x.x.x, processing ID payload Feb 21 16:07:37 [IKEv1 DECODE]: Group = x.x.x.x, IP = x.x.x.x, ID_IPV4_ADDR_SUBNET ID received--192.168.0.0--255.255.255.0 Feb 21 16:07:37 [IKEv1]: Group = x.x.x.x, IP = x.x.x.x, Received remote IP Proxy Subnet data in ID Payload: Address 192.168.0.0, Mask 255.255.255.0, Protocol 0, Port 0 Feb 21 16:07:37 [IKEv1 DEBUG]: Group = x.x.x.x, IP = x.x.x.x, processing ID payload Feb 21 16:07:37 [IKEv1 DECODE]: Group = x.x.x.x, IP = x.x.x.x, ID_IPV4_ADDR_SUBNET ID received--10.100.0.0--255.255.0.0 Feb 21 16:07:37 [IKEv1]: Group = x.x.x.x, IP = x.x.x.x, Received local IP Proxy Subnet data in ID Payload: Address 10.100.0.0, Mask 255.255.0.0, Protocol 0, Port 0 Feb 21 16:07:37 [IKEv1 DEBUG]: Group = x.x.x.x, IP = x.x.x.x, processing ke payload Feb 21 16:07:37 [IKEv1 DEBUG]: Group = x.x.x.x, IP = x.x.x.x, processing ISA_KE for PFS in phase 2 Feb 21 16:07:37 [IKEv1]: Group = x.x.x.x, IP = x.x.x.x, QM IsRekeyed old sa not found by addr Feb 21 16:07:37 [IKEv1]: Group = x.x.x.x, IP = x.x.x.x, Static Crypto Map check, checking map = Mymap, seq = 69... Feb 21 16:07:37 [IKEv1]: Group = x.x.x.x, IP = x.x.x.x, Static Crypto Map check, map Mymap, seq = 69 is a successful match Feb 21 16:07:37 [IKEv1]: Group = x.x.x.x, IP = x.x.x.x, IKE Remote Peer configured for crypto map: Mymap Feb 21 16:07:37 [IKEv1 DEBUG]: Group = x.x.x.x, IP = x.x.x.x, processing IPSec SA payload Feb 21 16:07:37 [IKEv1]: Group = x.x.x.x, IP = x.x.x.x, All IPSec SA proposals found unacceptable! Feb 21 16:07:37 [IKEv1 DEBUG]: Group = x.x.x.x, IP = x.x.x.x, sending notify message Feb 21 16:07:37 [IKEv1 DEBUG]: Group = x.x.x.x, IP = x.x.x.x, constructing blank hash payload Feb 21 16:07:37 [IKEv1 DEBUG]: Group = x.x.x.x, IP = x.x.x.x, constructing ipsec notify payload for msg id ceb08780 Feb 21 16:07:37 [IKEv1 DEBUG]: Group = x.x.x.x, IP = x.x.x.x, constructing qm hash payload Feb 21 16:07:37 [IKEv1]: IP = x.x.x.x, IKE_DECODE SENDING Message (msgid=43c9b600) with payloads : HDR + HASH (8) + NOTIFY (11) + NONE (0) total length : 80 BEFORE ENCRYPTION RAW PACKET DUMP on SEND 8f 7d 34 7e b3 3f 86 39 96 48 5f 10 34 f3 7f 62 | .}4~.?.9.H_.4.b 08 10 05 00 00 b6 c9 43 1c 00 00 00 0b 00 00 14 | .......C........ 7c 22 91 ea af 2c be 72 5c bf 5f e3 7d 9b bb 0a | |"...,.r\._.}... 00 00 00 20 00 00 00 01 03 10 00 0e 8f 7d 34 7e | ... .........}4~ b3 3f 86 39 96 48 5f 10 34 f3 7f 62 ce b0 87 80 | .?.9.H_.4.b.... ISAKMP Header Initiator COOKIE: 8f 7d 34 7e b3 3f 86 39 Responder COOKIE: 96 48 5f 10 34 f3 7f 62 Next Payload: Hash Version: 1.0 Exchange Type: Informational Flags: (none) MessageID: 00B6C943 Length: 469762048 Payload Hash Next Payload: Notification Reserved: 00 Payload Length: 20 Data: 7c 22 91 ea af 2c be 72 5c bf 5f e3 7d 9b bb 0a Payload Notification Next Payload: None Reserved: 00 Payload Length: 32 DOI: IPsec Protocol-ID: PROTO_IPSEC_ESP Spi Size: 16 Notify Type: NO_PROPOSAL_CHOSEN SPI: 8f 7d 34 7e b3 3f 86 39 96 48 5f 10 34 f3 7f 62 Data: ce b0 87 80 ISAKMP Header Initiator COOKIE: 8f 7d 34 7e b3 3f 86 39 Responder COOKIE: 96 48 5f 10 34 f3 7f 62 Next Payload: Hash Version: 1.0 Exchange Type: Informational Flags: (Encryption) MessageID: 43C9B600 Length: 84 Feb 21 16:07:37 [IKEv1]: Group = x.x.x.x, IP = x.x.x.x, QM FSM error (P2 struct &0xdc000b0, mess id 0xceb08780)! Feb 21 16:07:37 [IKEv1 DEBUG]: Group = x.x.x.x, IP = x.x.x.x, IKE QM Responder FSM error history (struct &0xdc000b0) , : QM_DONE, EV_ERROR-->QM_BLD_MSG2, EV_NEGO_SA-->QM_BLD_MSG2, EV_IS_REKEY-->QM_BLD_MSG2, EV_CONFIRM_SA-->QM_BLD_MSG2, EV_PROC_MSG-->QM_BLD_MSG2, EV_HASH_OK-->QM_BLD_MSG2, NullEvent-->QM_BLD_MSG2, EV_COMP_HASH Feb 21 16:07:37 [IKEv1 DEBUG]: Group = x.x.x.x, IP = x.x.x.x, sending delete/delete with reason message Feb 21 16:07:37 [IKEv1]: Group = x.x.x.x, IP = x.x.x.x, Removing peer from correlator table failed, no match! Feb 21 16:07:37 [IKEv1 DEBUG]: Group = x.x.x.x, IP = x.x.x.x, IKE SA MM:105f4896 rcv'd Terminate: state MM_ACTIVE flags 0x00000042, refcnt 1, tuncnt 0 Feb 21 16:07:37 [IKEv1 DEBUG]: Group = x.x.x.x, IP = x.x.x.x, IKE SA MM:105f4896 terminating: flags 0x01000002, refcnt 0, tuncnt 0 Feb 21 16:07:37 [IKEv1 DEBUG]: Group = x.x.x.x, IP = x.x.x.x, sending delete/delete with reason message Feb 21 16:07:37 [IKEv1 DEBUG]: Group = x.x.x.x, IP = x.x.x.x, constructing blank hash payload Feb 21 16:07:37 [IKEv1 DEBUG]: Group = x.x.x.x, IP = x.x.x.x, constructing IKE delete payload Feb 21 16:07:37 [IKEv1 DEBUG]: Group = x.x.x.x, IP = x.x.x.x, constructing qm hash payload Feb 21 16:07:37 [IKEv1]: IP = x.x.x.x, IKE_DECODE SENDING Message (msgid=e586ebb3) with payloads : HDR + HASH (8) + DELETE (12) + NONE (0) total length : 76 BEFORE ENCRYPTION RAW PACKET DUMP on SEND 8f 7d 34 7e b3 3f 86 39 96 48 5f 10 34 f3 7f 62 | .}4~.?.9.H_.4.b 08 10 05 00 b3 eb 86 e5 1c 00 00 00 0c 00 00 14 | ................ 25 0d b6 8c c9 d9 89 ae 1a ca 26 dc d3 09 89 96 | %.........&..... 00 00 00 1c 00 00 00 01 01 10 00 01 8f 7d 34 7e | .............}4~ b3 3f 86 39 96 48 5f 10 34 f3 7f 62 | .?.9.H_.4.b ISAKMP Header Initiator COOKIE: 8f 7d 34 7e b3 3f 86 39 Responder COOKIE: 96 48 5f 10 34 f3 7f 62 Next Payload: Hash Version: 1.0 Exchange Type: Informational Flags: (none) MessageID: B3EB86E5 Length: 469762048 Payload Hash Next Payload: Delete Reserved: 00 Payload Length: 20 Data: 25 0d b6 8c c9 d9 89 ae 1a ca 26 dc d3 09 89 96 Payload Delete Next Payload: None Reserved: 00 Payload Length: 28 DOI: IPsec Protocol-ID: PROTO_ISAKMP Spi Size: 16 # of SPIs: 1 SPI (Hex dump): 8f 7d 34 7e b3 3f 86 39 96 48 5f 10 34 f3 7f 62 ISAKMP Header Initiator COOKIE: 8f 7d 34 7e b3 3f 86 39 Responder COOKIE: 96 48 5f 10 34 f3 7f 62 Next Payload: Hash Version: 1.0 Exchange Type: Informational Flags: (Encryption) MessageID: E586EBB3 Length: 76 IKE Recv RAW packet dump 79 a1 84 65 54 85 8a 43 00 00 00 00 00 00 00 00 | y..eT..C........ 01 10 02 00 00 00 00 00 00 00 00 54 00 00 00 38 | ...........T...8 00 00 00 01 00 00 00 01 00 00 00 2c 01 01 00 01 | ...........,.... 00 00 00 24 01 01 00 00 80 04 00 02 80 03 00 01 | ...$............ 80 01 00 05 80 02 00 01 80 0b 00 01 00 0c 00 04 | ................ 00 00 01 2c | ..., RECV PACKET from x.x.x.x ISAKMP Header Initiator COOKIE: 79 a1 84 65 54 85 8a 43 Responder COOKIE: 00 00 00 00 00 00 00 00 Next Payload: Security Association Version: 1.0 Exchange Type: Identity Protection (Main Mode) Flags: (none) MessageID: 00000000 Length: 84 Payload Security Association Next Payload: None Reserved: 00 Payload Length: 56 DOI: IPsec Situation:(SIT_IDENTITY_ONLY) Payload Proposal Next Payload: None Reserved: 00 Payload Length: 44 Proposal #: 1 Protocol-Id: PROTO_ISAKMP SPI Size: 0 # of transforms: 1 Payload Transform Next Payload: None Reserved: 00 Payload Length: 36 Transform #: 1 Transform-Id: KEY_IKE Reserved2: 0000 Group Description: Group 2 Authentication Method: Preshared key Encryption Algorithm: 3DES-CBC Hash Algorithm: MD5 Life Type: seconds Life Duration (Hex): 00 00 01 2c Feb 21 16:07:45 [IKEv1]: IP = x.x.x.x, IKE_DECODE RECEIVED Message (msgid=0) with payloads : HDR + SA (1) + NONE (0) total length : 84 Feb 21 16:07:45 [IKEv1 DEBUG]: IP = x.x.x.x, processing SA payload Feb 21 16:07:45 [IKEv1 DEBUG]: IP = x.x.x.x, Oakley proposal is acceptable Feb 21 16:07:45 [IKEv1 DEBUG]: IP = x.x.x.x, processing IKE SA payload Feb 21 16:07:45 [IKEv1 DEBUG]: IP = x.x.x.x, IKE SA Proposal # 1, Transform # 1 acceptable Matches global IKE entry # 2 Feb 21 16:07:45 [IKEv1 DEBUG]: IP = x.x.x.x, constructing ISAKMP SA payload Feb 21 16:07:45 [IKEv1 DEBUG]: IP = x.x.x.x, constructing Fragmentation VID + extended capabilities payload Feb 21 16:07:45 [IKEv1]: IP = x.x.x.x, IKE_DECODE SENDING Message (msgid=0) with payloads : HDR + SA (1) + VENDOR (13) + NONE (0) total length : 104 SENDING PACKET to x.x.x.x ISAKMP Header Initiator COOKIE: 79 a1 84 65 54 85 8a 43 Responder COOKIE: 0b 8f a8 6e ac dc 41 07 Next Payload: Security Association Version: 1.0 Exchange Type: Identity Protection (Main Mode) Flags: (none) MessageID: 00000000 Length: 104 Payload Security Association Next Payload: Vendor ID Reserved: 00 Payload Length: 52 DOI: IPsec Situation:(SIT_IDENTITY_ONLY) Payload Proposal Next Payload: None Reserved: 00 Payload Length: 40 Proposal #: 1 Protocol-Id: PROTO_ISAKMP SPI Size: 0 # of transforms: 1 Payload Transform Next Payload: None Reserved: 00 Payload Length: 32 Transform #: 1 Transform-Id: KEY_IKE Reserved2: 0000 Encryption Algorithm: 3DES-CBC Hash Algorithm: MD5 Group Description: Group 2 Authentication Method: Preshared key Life Type: seconds Life Duration (Hex): 01 2c Payload Vendor ID Next Payload: None Reserved: 00 Payload Length: 24 Data (In Hex): 40 48 b7 d5 6e bc e8 85 25 e7 de 7f 00 d6 c2 d3 c0 00 00 00 IKE Recv RAW packet dump 79 a1 84 65 54 85 8a 43 0b 8f a8 6e ac dc 41 07 | y..eT..C...n..A. 04 10 02 00 00 00 00 00 00 00 00 ac 0a 00 00 84 | ................ 6b 37 ef fb ad ca 5a 5f ac 62 85 e9 f8 6e 4f 70 | k7....Z_.b...nOp d0 52 93 7d 29 cd 22 df 1e dd 93 80 48 d8 03 93 | .R.}).".....H... 2b 69 ca 48 cc ba 0a 1c 2f 04 00 ec cb e2 48 f8 | +i.H..../.....H. 77 34 59 ae c7 bb d7 19 64 69 c2 87 3f 8c 44 bd | w4Y.....di..?.D. fc 7b 72 1d 4f ad ba bd a8 97 90 35 f6 b9 9f d0 | .{r.O......5.... 1e 8d 85 32 2a 96 e8 09 f3 bd a5 41 54 6d 91 bc | ...2*......ATm.. 34 47 e4 15 1e 4f 69 07 86 cb 43 20 c0 4b 1a c5 | 4G...Oi...C .K.. 34 87 e2 ef e6 56 94 d3 a3 63 7b 27 67 67 79 3e | 4....V...c{'ggy> 00 00 00 0c a6 bd 74 75 d9 13 d8 5b | ......tu...[ RECV PACKET from x.x.x.x ISAKMP Header Initiator COOKIE: 79 a1 84 65 54 85 8a 43 Responder COOKIE: 0b 8f a8 6e ac dc 41 07 Next Payload: Key Exchange Version: 1.0 Exchange Type: Identity Protection (Main Mode) Flags: (none) MessageID: 00000000 Length: 172 Payload Key Exchange Next Payload: Nonce Reserved: 00 Payload Length: 132 Data: 6b 37 ef fb ad ca 5a 5f ac 62 85 e9 f8 6e 4f 70 d0 52 93 7d 29 cd 22 df 1e dd 93 80 48 d8 03 93 2b 69 ca 48 cc ba 0a 1c 2f 04 00 ec cb e2 48 f8 77 34 59 ae c7 bb d7 19 64 69 c2 87 3f 8c 44 bd fc 7b 72 1d 4f ad ba bd a8 97 90 35 f6 b9 9f d0 1e 8d 85 32 2a 96 e8 09 f3 bd a5 41 54 6d 91 bc 34 47 e4 15 1e 4f 69 07 86 cb 43 20 c0 4b 1a c5 34 87 e2 ef e6 56 94 d3 a3 63 7b 27 67 67 79 3e Payload Nonce Next Payload: None Reserved: 00 Payload Length: 12 Data: a6 bd 74 75 d9 13 d8 5b Feb 21 16:07:46 [IKEv1]: IP = x.x.x.x, IKE_DECODE RECEIVED Message (msgid=0) with payloads : HDR + KE (4) + NONCE (10) + NONE (0) total length : 172 Feb 21 16:07:46 [IKEv1 DEBUG]: IP = x.x.x.x, processing ke payload Feb 21 16:07:46 [IKEv1 DEBUG]: IP = x.x.x.x, processing ISA_KE payload Feb 21 16:07:46 [IKEv1 DEBUG]: IP = x.x.x.x, processing nonce payload Feb 21 16:07:46 [IKEv1 DEBUG]: IP = x.x.x.x, constructing ke payload Feb 21 16:07:46 [IKEv1 DEBUG]: IP = x.x.x.x, constructing nonce payload Feb 21 16:07:46 [IKEv1 DEBUG]: IP = x.x.x.x, constructing Cisco Unity VID payload Feb 21 16:07:46 [IKEv1 DEBUG]: IP = x.x.x.x, constructing xauth V6 VID payload Feb 21 16:07:46 [IKEv1 DEBUG]: IP = x.x.x.x, Send IOS VID Feb 21 16:07:46 [IKEv1 DEBUG]: IP = x.x.x.x, Constructing ASA spoofing IOS Vendor ID payload (version: 1.0.0, capabilities: 20000001) Feb 21 16:07:46 [IKEv1 DEBUG]: IP = x.x.x.x, constructing VID payload Feb 21 16:07:46 [IKEv1 DEBUG]: IP = x.x.x.x, Send Altiga/Cisco VPN3000/Cisco ASA GW VID Feb 21 16:07:46 [IKEv1]: IP = x.x.x.x, Connection landed on tunnel_group x.x.x.x Feb 21 16:07:46 [IKEv1 DEBUG]: Group = x.x.x.x, IP = x.x.x.x, Generating keys for Responder... Feb 21 16:07:46 [IKEv1]: IP = x.x.x.x, IKE_DECODE SENDING Message (msgid=0) with payloads : HDR + KE (4) + NONCE (10) + VENDOR (13) + VENDOR (13) + VENDOR (13) + VENDOR (13) + NONE (0) total length : 256 SENDING PACKET to x.x.x.x ISAKMP Header Initiator COOKIE: 79 a1 84 65 54 85 8a 43 Responder COOKIE: 0b 8f a8 6e ac dc 41 07 Next Payload: Key Exchange Version: 1.0 Exchange Type: Identity Protection (Main Mode) Flags: (none) MessageID: 00000000 Length: 256 Payload Key Exchange Next Payload: Nonce Reserved: 00 Payload Length: 132 Data: 2d 94 24 17 0d 9f 33 6d 9b c3 c3 5d 1f d7 3b 27 03 c7 6e f8 74 8d 05 de 63 53 d1 fc 6d ec dc 64 2b 50 de bc bb bb 0a 0f ae 90 51 8d 00 0c 1e b8 7f 20 32 06 a5 33 55 66 62 6a bf 45 10 b2 80 4a ed 93 20 50 fb 19 db fc 17 7d 45 5b 0e 60 06 00 87 bb 6c 11 3a 88 00 c6 ea 91 83 d6 fd 77 b2 e3 00 89 04 f8 1d 1e 5f 4f a6 c8 52 f7 eb 87 56 d0 2a d2 05 51 3e 9a 27 84 e9 aa 9a ed 59 c2 48 15 Payload Nonce Next Payload: Vendor ID Reserved: 00 Payload Length: 24 Data: 1e 74 4c 77 c0 b5 37 28 0e 05 50 a8 02 f1 13 ff 8a 5a 71 b3 Payload Vendor ID Next Payload: Vendor ID Reserved: 00 Payload Length: 20 Data (In Hex): 12 f5 f2 8c 45 71 68 a9 70 2d 9f e2 74 cc 01 00 Payload Vendor ID Next Payload: Vendor ID Reserved: 00 Payload Length: 12 Data (In Hex): 09 00 26 89 df d6 b7 12 Payload Vendor ID Next Payload: Vendor ID Reserved: 00 Payload Length: 20 Data (In Hex): fe 48 0f 73 ac dd 41 07 31 56 7f 2e de 03 42 47 Payload Vendor ID Next Payload: None Reserved: 00 Payload Length: 20 Data (In Hex): 1f 07 f7 0e aa 65 14 d3 b0 fa 96 54 2a 50 01 00 IKE Recv RAW packet dump 79 a1 84 65 54 85 8a 43 0b 8f a8 6e ac dc 41 07 | y..eT..C...n..A. 05 10 02 01 00 00 00 00 00 00 00 3c 6e da a4 ad | .............5.m RECV PACKET from x.x.x.x ISAKMP Header Initiator COOKIE: 79 a1 84 65 54 85 8a 43 Responder COOKIE: 0b 8f a8 6e ac dc 41 07 Next Payload: Hash Version: 1.0 Exchange Type: Quick Mode Flags: (Encryption) MessageID: FA0C5691 Length: 284 Feb 21 16:07:47 [IKEv1 DECODE]: IP = x.x.x.x, IKE Responder starting QM: msg id = fa0c5691 AFTER DECRYPTION ISAKMP Header Initiator COOKIE: 79 a1 84 65 54 85 8a 43 Responder COOKIE: 0b 8f a8 6e ac dc 41 07 Next Payload: Hash Version: 1.0 Exchange Type: Quick Mode Flags: (Encryption) MessageID: FA0C5691 Length: 284 Payload Hash Next Payload: Security Association Reserved: 00 Payload Length: 20 Data: 44 54 60 78 ec d8 b2 0b 9f 4e 30 74 f3 91 42 19 Payload Security Association Next Payload: Nonce Reserved: 00 Payload Length: 56 DOI: IPsec Situation:(SIT_IDENTITY_ONLY) Payload Proposal Next Payload: None Reserved: 00 Payload Length: 44 Proposal #: 1 Protocol-Id: PROTO_IPSEC_ESP SPI Size: 4 # of transforms: 1 SPI: b3 f3 97 7d Payload Transform Next Payload: None Reserved: 00 Payload Length: 32 Transform #: 1 Transform-Id: ESP_3DES Reserved2: 0000 Authentication Algorithm: MD5 Group Description: Group 2 Encapsulation Mode: Tunnel Life Type: Seconds Life Duration (Hex): 00 00 01 2c Payload Nonce Next Payload: Identification Reserved: 00 Payload Length: 12 Data: d2 2d 24 c6 3a 5a b4 e8 Payload Identification Next Payload: Identification Reserved: 00 Payload Length: 16 ID Type: IPv4 Subnet (4) Protocol ID (UDP/TCP, etc...): 0 Port: 0 ID Data: 192.168.0.0/255.255.255.0 Payload Identification Next Payload: Key Exchange Reserved: 00 Payload Length: 16 ID Type: IPv4 Subnet (4) Protocol ID (UDP/TCP, etc...): 0 Port: 0 ID Data: 10.100.0.0/255.255.0.0 Payload Key Exchange Next Payload: None Reserved: 00 Payload Length: 132 Data: 65 62 03 52 4f 7e 5c 70 62 4b 67 a8 9d 73 d9 3d 1b c6 5d f3 83 4f c6 c9 c2 32 aa dc 38 0b d6 02 00 25 2f e6 a0 90 09 c3 62 4b fa 88 d8 19 14 86 c5 33 45 ff 8e 99 b5 5d 59 1c 1b 7a 01 a1 2a c0 ec 35 42 b5 c3 81 e3 d3 43 8e ba 4b 74 8e 40 3a a1 c5 4b 1c 8a c6 d0 39 22 ad 57 3c 01 0a 91 1e f2 27 23 9a 64 60 11 26 52 39 f4 b8 c6 04 73 99 fa ed f3 8a 03 de 62 85 22 fc e2 ce 7b e9 4c a0 Feb 21 16:07:47 [IKEv1]: IP = x.x.x.x, IKE_DECODE RECEIVED Message (msgid=fa0c5691) with payloads : HDR + HASH (8) + SA (1) + NONCE (10) + ID (5) + ID (5) + KE (4) + NONE (0) total length : 280 Feb 21 16:07:47 [IKEv1 DEBUG]: Group = x.x.x.x, IP = x.x.x.x, processing hash payload Feb 21 16:07:47 [IKEv1 DEBUG]: Group = x.x.x.x, IP = x.x.x.x, processing SA payload Feb 21 16:07:47 [IKEv1 DEBUG]: Group = x.x.x.x, IP = x.x.x.x, processing nonce payload Feb 21 16:07:47 [IKEv1 DEBUG]: Group = x.x.x.x, IP = x.x.x.x, processing ID payload Feb 21 16:07:47 [IKEv1 DECODE]: Group = x.x.x.x, IP = x.x.x.x, ID_IPV4_ADDR_SUBNET ID received--192.168.0.0--255.255.255.0 Feb 21 16:07:47 [IKEv1]: Group = x.x.x.x, IP = x.x.x.x, Received remote IP Proxy Subnet data in ID Payload: Address 192.168.0.0, Mask 255.255.255.0, Protocol 0, Port 0 Feb 21 16:07:47 [IKEv1 DEBUG]: Group = x.x.x.x, IP = x.x.x.x, processing ID payload Feb 21 16:07:47 [IKEv1 DECODE]: Group = x.x.x.x, IP = x.x.x.x, ID_IPV4_ADDR_SUBNET ID received--10.100.0.0--255.255.0.0 Feb 21 16:07:47 [IKEv1]: Group = x.x.x.x, IP = x.x.x.x, Received local IP Proxy Subnet data in ID Payload: Address 10.100.0.0, Mask 255.255.0.0, Protocol 0, Port 0 Feb 21 16:07:47 [IKEv1 DEBUG]: Group = x.x.x.x, IP = x.x.x.x, processing ke payload Feb 21 16:07:47 [IKEv1 DEBUG]: Group = x.x.x.x, IP = x.x.x.x, processing ISA_KE for PFS in phase 2 Feb 21 16:07:47 [IKEv1]: Group = x.x.x.x, IP = x.x.x.x, QM IsRekeyed old sa not found by addr Feb 21 16:07:47 [IKEv1]: Group = x.x.x.x, IP = x.x.x.x, Static Crypto Map check, checking map = Mymap, seq = 69... Feb 21 16:07:47 [IKEv1]: Group = x.x.x.x, IP = x.x.x.x, Static Crypto Map check, map Mymap, seq = 69 is a successful match Feb 21 16:07:47 [IKEv1]: Group = x.x.x.x, IP = x.x.x.x, IKE Remote Peer configured for crypto map: Mymap Feb 21 16:07:47 [IKEv1 DEBUG]: Group = x.x.x.x, IP = x.x.x.x, processing IPSec SA payload Feb 21 16:07:47 [IKEv1]: Group = x.x.x.x, IP = x.x.x.x, All IPSec SA proposals found unacceptable! Feb 21 16:07:47 [IKEv1 DEBUG]: Group = x.x.x.x, IP = x.x.x.x, sending notify message Feb 21 16:07:47 [IKEv1 DEBUG]: Group = x.x.x.x, IP = x.x.x.x, constructing blank hash payload Feb 21 16:07:47 [IKEv1 DEBUG]: Group = x.x.x.x, IP = x.x.x.x, constructing ipsec notify payload for msg id fa0c5691 Feb 21 16:07:47 [IKEv1 DEBUG]: Group = x.x.x.x, IP = x.x.x.x, constructing qm hash payload Feb 21 16:07:47 [IKEv1]: IP = x.x.x.x, IKE_DECODE SENDING Message (msgid=1309bf65) with payloads : HDR + HASH (8) + NOTIFY (11) + NONE (0) total length : 80 BEFORE ENCRYPTION RAW PACKET DUMP on SEND 79 a1 84 65 54 85 8a 43 0b 8f a8 6e ac dc 41 07 | y..eT..C...n..A. 08 10 05 00 65 bf 09 13 1c 00 00 00 0b 00 00 14 | ....e........... fd c5 4d 1a fd a5 1b 61 a4 54 e5 e8 3d 5a a6 57 | ..M....a.T..=Z.W 00 00 00 20 00 00 00 01 03 10 00 0e 79 a1 84 65 | ... ........y..e 54 85 8a 43 0b 8f a8 6e ac dc 41 07 fa 0c 56 91 | T..C...n..A...V. ISAKMP Header Initiator COOKIE: 79 a1 84 65 54 85 8a 43 Responder COOKIE: 0b 8f a8 6e ac dc 41 07 Next Payload: Hash Version: 1.0 Exchange Type: Informational Flags: (none) MessageID: 65BF0913 Length: 469762048 Payload Hash Next Payload: Notification Reserved: 00 Payload Length: 20 Data: fd c5 4d 1a fd a5 1b 61 a4 54 e5 e8 3d 5a a6 57 Payload Notification Next Payload: None Reserved: 00 Payload Length: 32 DOI: IPsec Protocol-ID: PROTO_IPSEC_ESP Spi Size: 16 Notify Type: NO_PROPOSAL_CHOSEN SPI: 79 a1 84 65 54 85 8a 43 0b 8f a8 6e ac dc 41 07 Data: fa 0c 56 91 ISAKMP Header Initiator COOKIE: 79 a1 84 65 54 85 8a 43 Responder COOKIE: 0b 8f a8 6e ac dc 41 07 Next Payload: Hash Version: 1.0 Exchange Type: Informational Flags: (Encryption) MessageID: 1309BF65 Length: 84 Feb 21 16:07:47 [IKEv1]: Group = x.x.x.x, IP = x.x.x.x, QM FSM error (P2 struct &0xdc65010, mess id 0xfa0c5691)! Feb 21 16:07:47 [IKEv1 DEBUG]: Group = x.x.x.x, IP = x.x.x.x, IKE QM Responder FSM error history (struct &0xdc65010) , : QM_DONE, EV_ERROR-->QM_BLD_MSG2, EV_NEGO_SA-->QM_BLD_MSG2, EV_IS_REKEY-->QM_BLD_MSG2, EV_CONFIRM_SA-->QM_BLD_MSG2, EV_PROC_MSG-->QM_BLD_MSG2, EV_HASH_OK-->QM_BLD_MSG2, NullEvent-->QM_BLD_MSG2, EV_COMP_HASH Feb 21 16:07:47 [IKEv1 DEBUG]: Group = x.x.x.x, IP = x.x.x.x, sending delete/delete with reason message Feb 21 16:07:47 [IKEv1]: Group = x.x.x.x, IP = x.x.x.x, Removing peer from correlator table failed, no match! Feb 21 16:07:47 [IKEv1 DEBUG]: Group = x.x.x.x, IP = x.x.x.x, IKE SA MM:6ea88f0b rcv'd Terminate: state MM_ACTIVE flags 0x00000042, refcnt 1, tuncnt 0 Feb 21 16:07:47 [IKEv1 DEBUG]: Group = x.x.x.x, IP = x.x.x.x, IKE SA MM:6ea88f0b terminating: flags 0x01000002, refcnt 0, tuncnt 0 Feb 21 16:07:47 [IKEv1 DEBUG]: Group = x.x.x.x, IP = x.x.x.x, sending delete/delete with reason message Feb 21 16:07:47 [IKEv1 DEBUG]: Group = x.x.x.x, IP = x.x.x.x, constructing blank hash payload Feb 21 16:07:47 [IKEv1 DEBUG]: Group = x.x.x.x, IP = x.x.x.x, constructing IKE delete payload Feb 21 16:07:47 [IKEv1 DEBUG]: Group = x.x.x.x, IP = x.x.x.x, constructing qm hash payload Feb 21 16:07:47 [IKEv1]: IP = x.x.x.x, IKE_DECODE SENDING Message (msgid=a8a2b9a4) with payloads : HDR + HASH (8) + DELETE (12) + NONE (0) total length : 76 BEFORE ENCRYPTION RAW PACKET DUMP on SEND 79 a1 84 65 54 85 8a 43 0b 8f a8 6e ac dc 41 07 | y..eT..C...n..A. 08 10 05 00 a4 b9 a2 a8 1c 00 00 00 0c 00 00 14 | ................ fd 3f cf 2d 9b dd 2b 4f 3a bd 37 45 f7 4c 78 3c | .?.-..+O:.7E.Lx< 00 00 00 1c 00 00 00 01 01 10 00 01 79 a1 84 65 | ............y..e 54 85 8a 43 0b 8f a8 6e ac dc 41 07 | T..C...n..A. ISAKMP Header Initiator COOKIE: 79 a1 84 65 54 85 8a 43 Responder COOKIE: 0b 8f a8 6e ac dc 41 07 Next Payload: Hash Version: 1.0 Exchange Type: Informational Flags: (none) MessageID: A4B9A2A8 Length: 469762048 Payload Hash Next Payload: Delete Reserved: 00 Payload Length: 20 Data: fd 3f cf 2d 9b dd 2b 4f 3a bd 37 45 f7 4c 78 3c Payload Delete Next Payload: None Reserved: 00 Payload Length: 28 DOI: IPsec Protocol-ID: PROTO_ISAKMP Spi Size: 16 # of SPIs: 1 SPI (Hex dump): 79 a1 84 65 54 85 8a 43 0b 8f a8 6e ac dc 41 07 ISAKMP Header Initiator COOKIE: 79 a1 84 65 54 85 8a 43 Responder COOKIE: 0b 8f a8 6e ac dc 41 07 Next Payload: Hash Version: 1.0 Exchange Type: Informational Flags: (Encryption) MessageID: A8A2B9A4 Length: 76 IKE Recv RAW packet dump 14 15 47 6f 5e 94 f5 b9 00 00 00 00 00 00 00 00 | ..Go^........... 01 10 02 00 00 00 00 00 00 00 00 54 00 00 00 38 | ...........T...8 00 00 00 01 00 00 00 01 00 00 00 2c 01 01 00 01 | ...........,.... 00 00 00 24 01 01 00 00 80 04 00 02 80 03 00 01 | ...$............ 80 01 00 05 80 02 00 01 80 0b 00 01 00 0c 00 04 | ................ 00 00 01 2c | ..., RECV PACKET from x.x.x.x ISAKMP Header Initiator COOKIE: 14 15 47 6f 5e 94 f5 b9 Responder COOKIE: 00 00 00 00 00 00 00 00 Next Payload: Security Association Version: 1.0 Exchange Type: Identity Protection (Main Mode) Flags: (none) MessageID: 00000000 Length: 84 Payload Security Association Next Payload: None Reserved: 00 Payload Length: 56 DOI: IPsec Situation:(SIT_IDENTITY_ONLY) Payload Proposal Next Payload: None Reserved: 00 Payload Length: 44 Proposal #: 1 Protocol-Id: PROTO_ISAKMP SPI Size: 0 # of transforms: 1 Payload Transform Next Payload: None Reserved: 00 Payload Length: 36 Transform #: 1 Transform-Id: KEY_IKE Reserved2: 0000 Group Description: Group 2 Authentication Method: Preshared key Encryption Algorithm: 3DES-CBC Hash Algorithm: MD5 Life Type: seconds Life Duration (Hex): 00 00 01 2c Feb 21 16:07:56 [IKEv1]: IP = x.x.x.x, IKE_DECODE RECEIVED Message (msgid=0) with payloads : HDR + SA (1) + NONE (0) total length : 84 Feb 21 16:07:56 [IKEv1 DEBUG]: IP = x.x.x.x, processing SA payload Feb 21 16:07:56 [IKEv1 DEBUG]: IP = x.x.x.x, Oakley proposal is acceptable Feb 21 16:07:56 [IKEv1 DEBUG]: IP = x.x.x.x, processing IKE SA payload Feb 21 16:07:56 [IKEv1 DEBUG]: IP = x.x.x.x, IKE SA Proposal # 1, Transform # 1 acceptable Matches global IKE entry # 2 Feb 21 16:07:56 [IKEv1 DEBUG]: IP = x.x.x.x, constructing ISAKMP SA payload Feb 21 16:07:56 [IKEv1 DEBUG]: IP = x.x.x.x, constructing Fragmentation VID + extended capabilities payload Feb 21 16:07:56 [IKEv1]: IP = x.x.x.x, IKE_DECODE SENDING Message (msgid=0) with payloads : HDR + SA (1) + VENDOR (13) + NONE (0) total length : 104 SENDING PACKET to x.x.x.x ISAKMP Header Initiator COOKIE: 14 15 47 6f 5e 94 f5 b9 Responder COOKIE: 89 4f 8d 7e 33 73 51 7c Next Payload: Security Association Version: 1.0 Exchange Type: Identity Protection (Main Mode) Flags: (none) MessageID: 00000000 Length: 104 Payload Security Association Next Payload: Vendor ID Reserved: 00 Payload Length: 52 DOI: IPsec Situation:(SIT_IDENTITY_ONLY) Payload Proposal Next Payload: None Reserved: 00 Payload Length: 40 Proposal #: 1 Protocol-Id: PROTO_ISAKMP SPI Size: 0 # of transforms: 1 Payload Transform Next Payload: None Reserved: 00 Payload Length: 32 Transform #: 1 Transform-Id: KEY_IKE Reserved2: 0000 Encryption Algorithm: 3DES-CBC Hash Algorithm: MD5 Group Description: Group 2 Authentication Method: Preshared key Life Type: seconds Life Duration (Hex): 01 2c Payload Vendor ID Next Payload: None Reserved: 00 Payload Length: 24 Data (In Hex): 40 48 b7 d5 6e bc e8 85 25 e7 de 7f 00 d6 c2 d3 c0 00 00 00 IKE Recv RAW packet dump 14 15 47 6f 5e 94 f5 b9 89 4f 8d 7e 33 73 51 7c | ..Go^....O.~3sQ| 04 10 02 00 00 00 00 00 00 00 00 ac 0a 00 00 84 | ................ d8 e7 79 fa ce a2 4f da 78 f1 a3 6b b0 39 6d bf | ..y...O.x..k.9m. c7 8a 95 7e 91 fc c2 b5 a0 0c d0 13 93 09 01 de | ...~............ 29 67 2b e2 ef b3 4b 07 b2 3e 16 56 b8 0b 77 15 | )g+...K..>.V..w. 04 a3 2e 26 39 b7 b2 28 7d 21 55 0e 76 2e 64 ad | ...&9..(}!U.v.d. a0 27 47 80 64 e9 ac da eb b1 fe 1e 9e 9d 3c 0a | .'G.d.........<. 71 64 11 cf 2d 65 c0 55 15 ee f7 a4 f5 0d a2 c5 | qd..-e.U........ 6c e3 1e 50 16 15 29 88 5b a7 c2 9c a2 e4 ca f3 | l..P..).[....... 2d 91 d5 bf ba 9c f4 4d 24 16 a1 a1 f8 88 a8 4c | -......M$......L 00 00 00 0c d1 2c 05 33 b6 de 8b e8 | .....,.3.... RECV PACKET from x.x.x.x ISAKMP Header Initiator COOKIE: 14 15 47 6f 5e 94 f5 b9 Responder COOKIE: 89 4f 8d 7e 33 73 51 7c Next Payload: Key Exchange Version: 1.0 Exchange Type: Identity Protection (Main Mode) Flags: (none) MessageID: 00000000 Length: 172 Payload Key Exchange Next Payload: Nonce Reserved: 00 Payload Length: 132 Data: d8 e7 79 fa ce a2 4f da 78 f1 a3 6b b0 39 6d bf c7 8a 95 7e 91 fc c2 b5 a0 0c d0 13 93 09 01 de 29 67 2b e2 ef b3 4b 07 b2 3e 16 56 b8 0b 77 15 04 a3 2e 26 39 b7 b2 28 7d 21 55 0e 76 2e 64 ad a0 27 47 80 64 e9 ac da eb b1 fe 1e 9e 9d 3c 0a 71 64 11 cf 2d 65 c0 55 15 ee f7 a4 f5 0d a2 c5 6c e3 1e 50 16 15 29 88 5b a7 c2 9c a2 e4 ca f3 2d 91 d5 bf ba 9c f4 4d 24 16 a1 a1 f8 88 a8 4c Payload Nonce Next Payload: None Reserved: 00 Payload Length: 12 Data: d1 2c 05 33 b6 de 8b e8 Feb 21 16:07:56 [IKEv1]: IP = x.x.x.x, IKE_DECODE RECEIVED Message (msgid=0) with payloads : HDR + KE (4) + NONCE (10) + NONE (0) total length : 172 Feb 21 16:07:56 [IKEv1 DEBUG]: IP = x.x.x.x, processing ke payload Feb 21 16:07:56 [IKEv1 DEBUG]: IP = x.x.x.x, processing ISA_KE payload Feb 21 16:07:56 [IKEv1 DEBUG]: IP = x.x.x.x, processing nonce payload Feb 21 16:07:56 [IKEv1 DEBUG]: IP = x.x.x.x, constructing ke payload Feb 21 16:07:56 [IKEv1 DEBUG]: IP = x.x.x.x, constructing nonce payload Feb 21 16:07:56 [IKEv1 DEBUG]: IP = x.x.x.x, constructing Cisco Unity VID payload Feb 21 16:07:56 [IKEv1 DEBUG]: IP = x.x.x.x, constructing xauth V6 VID payload Feb 21 16:07:56 [IKEv1 DEBUG]: IP = x.x.x.x, Send IOS VID Feb 21 16:07:56 [IKEv1 DEBUG]: IP = x.x.x.x, Constructing ASA spoofing IOS Vendor ID payload (version: 1.0.0, capabilities: 20000001) Feb 21 16:07:56 [IKEv1 DEBUG]: IP = x.x.x.x, constructing VID payload Feb 21 16:07:56 [IKEv1 DEBUG]: IP = x.x.x.x, Send Altiga/Cisco VPN3000/Cisco ASA GW VID Feb 21 16:07:56 [IKEv1]: IP = x.x.x.x, Connection landed on tunnel_group x.x.x.x Feb 21 16:07:56 [IKEv1 DEBUG]: Group = x.x.x.x, IP = x.x.x.x, Generating keys for Responder... Feb 21 16:07:56 [IKEv1]: IP = x.x.x.x, IKE_DECODE SENDING Message (msgid=0) with payloads : HDR + KE (4) + NONCE (10) + VENDOR (13) + VENDOR (13) + VENDOR (13) + VENDOR (13) + NONE (0) total length : 256 SENDING PACKET to x.x.x.x ISAKMP Header Initiator COOKIE: 14 15 47 6f 5e 94 f5 b9 Responder COOKIE: 89 4f 8d 7e 33 73 51 7c Next Payload: Key Exchange Version: 1.0 Exchange Type: Identity Protection (Main Mode) Flags: (none) MessageID: 00000000 Length: 256 Payload Key Exchange Next Payload: Nonce Reserved: 00 Payload Length: 132 Data: db 3b 95 6e ac eb a0 d5 df b7 24 e7 cb ba d1 79 9e b8 cf 75 0e 6c 53 7e 44 f0 c9 c6 1f d3 f2 e1 1a 43 77 30 91 06 77 e2 15 08 cb 59 86 2b b0 91 99 20 a2 30 e6 dd e0 e7 9c cb cf 0f 4e 20 af 01 2a 78 9e bd 66 7e e3 92 aa 58 59 0b a4 21 e3 b9 83 04 4d 14 48 04 49 90 5c c4 17 85 4d 51 13 1c 6e ae 9f 56 f7 74 ae eb 0a 00 44 d0 fb f9 8a e7 c8 47 df 99 9f dc 2a b1 5a b8 42 6a e4 29 a2 59 Payload Nonce Next Payload: Vendor ID Reserved: 00 Payload Length: 24 Data: 0d 9e 0c fe 29 58 75 69 38 0b 6c a6 36 1a 35 43 2e da be cb Payload Vendor ID Next Payload: Vendor ID Reserved: 00 Payload Length: 20 Data (In Hex): 12 f5 f2 8c 45 71 68 a9 70 2d 9f e2 74 cc 01 00 Payload Vendor ID Next Payload: Vendor ID Reserved: 00 Payload Length: 12 Data (In Hex): 09 00 26 89 df d6 b7 12 Payload Vendor ID Next Payload: Vendor ID Reserved: 00 Payload Length: 20 Data (In Hex): 7c 88 2a 63 33 72 51 7c e9 96 c2 0e cd a0 19 e8 Payload Vendor ID Next Payload: None Reserved: 00 Payload Length: 20 Data (In Hex): 1f 07 f7 0e aa 65 14 d3 b0 fa 96 54 2a 50 01 00 IKE Recv RAW packet dump 14 15 47 6f 5e 94 f5 b9 89 4f 8d 7e 33 73 51 7c | ..Go^....O.~3sQ| 05 10 02 01 00 00 00 00 00 00 00 3c 2f 78 5d 52 | ............ 93 35 7d 6b 7f 12 87 cb df c6 00 fe 00 00 00 14 | .5}k........... af ca d7 13 68 a1 f1 c9 6b 86 96 fc 77 57 01 00 | ....h...k...wW.. ISAKMP Header Initiator COOKIE: 14 15 47 6f 5e 94 f5 b9 Responder COOKIE: 89 4f 8d 7e 33 73 51 7c Next Payload: Identification Version: 1.0 Exchange Type: Identity Protection (Main Mode) Flags: (none) MessageID: 00000000 Length: 469762048 Payload Identification Next Payload: Hash Reserved: 00 Payload Length: 12 ID Type: IPv4 Address (1) Protocol ID (UDP/TCP, etc...): 17 Port: 500 ID Data: 168.187.246.194 Payload Hash Next Payload: Vendor ID Reserved: 00 Payload Length: 20 Data: 3c 6a 3e 8a 93 35 7d 6b 7f 12 87 cb df c6 00 fe Payload Vendor ID Next Payload: None Reserved: 00 Payload Length: 20 Data (In Hex): af ca d7 13 68 a1 f1 c9 6b 86 96 fc 77 57 01 00 SENDING PACKET to x.x.x.x ISAKMP Header Initiator COOKIE: 14 15 47 6f 5e 94 f5 b9 Responder COOKIE: 89 4f 8d 7e 33 73 51 7c Next Payload: Identification Version: 1.0 Exchange Type: Identity Protection (Main Mode) Flags: (Encryption) MessageID: 00000000 Length: 84 Feb 21 16:07:57 [IKEv1]: Group = x.x.x.x, IP = x.x.x.x, PHASE 1 COMPLETED Feb 21 16:07:57 [IKEv1]: IP = x.x.x.x, Keep-alive type for this connection: None Feb 21 16:07:57 [IKEv1]: IP = x.x.x.x, Keep-alives configured on but peer does not support keep-alives (type = None) Feb 21 16:07:57 [IKEv1 DEBUG]: Group = x.x.x.x, IP = x.x.x.x, Starting P1 rekey timer: 195 seconds. IKE Recv RAW packet dump 14 15 47 6f 5e 94 f5 b9 89 4f 8d 7e 33 73 51 7c | ..Go^....O.~3sQ| 08 10 20 01 bd 5f 2a a8 00 00 01 1c b0 f9 ab 44 | .. .._*........D 80 f8 a2 d0 e1 31 30 2f 7b b1 8e 08 fe 62 23 e3 | .....10/{....b#. 3e b0 48 48 1b 1e c3 e9 ca f8 ab 84 39 97 fa c8 | >.HH........9... 01 cb 08 a3 49 00 dc d2 74 b1 6a 0e 8d 5a 07 33 | ....I...t.j..Z.3 fb 95 8e 6d 9b e7 82 a5 b4 c9 95 75 04 ec 45 8b | ...m.......u..E. a9 18 12 15 c8 82 7c 88 c7 8b fc 15 ac 90 7e d3 | ......|.......~. 2a 5e e7 c2 75 56 76 c4 82 95 f3 c1 da 9b 7e 66 | *^..uVv.......~f fc fe df fb 5b 03 c7 f8 67 ed 65 a6 22 6d f6 19 | ....[...g.e."m.. 30 d7 72 06 d3 b2 ba 83 e9 ac f0 57 99 b6 0b 48 | 0.r........W...H 78 31 bd 25 d8 71 0d 6c b7 92 cd 04 de c6 b2 27 | x1.%.q.l.......' 02 68 79 3e 9e 04 f1 d3 b2 77 be 97 6d 43 de 4e | .hy>.....w..mC.N 51 b5 5c 62 47 22 ea 2f 2c 2b 1b 96 21 9b eb 0a | Q.\bG"./,+..!... 53 e1 3a 18 a2 3a 58 71 2d 1d 72 8b bc 2f f2 ee | S.:..:Xq-.r../.. 03 25 8a 29 de 44 2f 1f 5b 8b dc 21 43 84 7d a8 | .%.).D/.[..!C.}. 5f 1f 75 5b 00 5d 51 b1 21 c9 38 62 79 b4 d4 2f | _.u[.]Q.!.8by../ ae ba a4 30 a7 16 99 26 ba 2f 7b d1 67 5a ba 2b | ...0...&./{.gZ.+ 03 bc 01 a2 cb 44 51 04 4d 00 b8 72 | .....DQ.M..r RECV PACKET from x.x.x.x ISAKMP Header Initiator COOKIE: 14 15 47 6f 5e 94 f5 b9 Responder COOKIE: 89 4f 8d 7e 33 73 51 7c Next Payload: Hash Version: 1.0 Exchange Type: Quick Mode Flags: (Encryption) MessageID: BD5F2AA8 Length: 284 Feb 21 16:07:57 [IKEv1 DECODE]: IP = x.x.x.x, IKE Responder starting QM: msg id = bd5f2aa8 AFTER DECRYPTION ISAKMP Header Initiator COOKIE: 14 15 47 6f 5e 94 f5 b9 Responder COOKIE: 89 4f 8d 7e 33 73 51 7c Next Payload: Hash Version: 1.0 Exchange Type: Quick Mode Flags: (Encryption) MessageID: BD5F2AA8 Length: 284 Payload Hash Next Payload: Security Association Reserved: 00 Payload Length: 20 Data: f7 17 11 0f f2 3a 7b 1d 0a e1 5b 09 0d 7c 2c 6e Payload Security Association Next Payload: Nonce Reserved: 00 Payload Length: 56 DOI: IPsec Situation:(SIT_IDENTITY_ONLY) Payload Proposal Next Payload: None Reserved: 00 Payload Length: 44 Proposal #: 1 Protocol-Id: PROTO_IPSEC_ESP SPI Size: 4 # of transforms: 1 SPI: b6 42 72 cc Payload Transform Next Payload: None Reserved: 00 Payload Length: 32 Transform #: 1 Transform-Id: ESP_3DES Reserved2: 0000 Authentication Algorithm: MD5 Group Description: Group 2 Encapsulation Mode: Tunnel Life Type: Seconds Life Duration (Hex): 00 00 01 2c Payload Nonce Next Payload: Identification Reserved: 00 Payload Length: 12 Data: 9f db a2 3f ca 1e 30 4c Payload Identification Next Payload: Identification Reserved: 00 Payload Length: 16 ID Type: IPv4 Subnet (4) Protocol ID (UDP/TCP, etc...): 0 Port: 0 ID Data: 192.168.0.0/255.255.255.0 Payload Identification Next Payload: Key Exchange Reserved: 00 Payload Length: 16 ID Type: IPv4 Subnet (4) Protocol ID (UDP/TCP, etc...): 0 Port: 0 ID Data: 10.100.0.0/255.255.0.0 Payload Key Exchange Next Payload: None Reserved: 00 Payload Length: 132 Data: 15 be 35 eb 6f 1c 30 0c 9a aa 93 2e 1c ee 38 7d 18 0e ba 68 35 48 72 df 50 c4 39 63 65 96 35 d0 df da 89 12 c7 86 ad 3f ce 20 0f 81 98 cd f1 a3 a9 b8 12 fb f4 b1 0e 7b 04 07 ec da a9 8e 54 44 1d f1 2d f7 77 4b 08 27 35 f1 5e 55 f5 e2 93 5d c3 45 da 1d bf 84 55 f8 1d d1 27 5a 12 6a 21 f5 c6 1f 26 3c 40 4a 64 57 d1 a5 e6 ad ef bf e7 24 b0 19 ab fc c6 c2 60 e9 be a8 8c e6 51 36 6f 32 Feb 21 16:07:57 [IKEv1]: IP = x.x.x.x, IKE_DECODE RECEIVED Message (msgid=bd5f2aa8) with payloads : HDR + HASH (8) + SA (1) + NONCE (10) + ID (5) + ID (5) + KE (4) + NONE (0) total length : 280 Feb 21 16:07:57 [IKEv1 DEBUG]: Group = x.x.x.x, IP = x.x.x.x, processing hash payload Feb 21 16:07:57 [IKEv1 DEBUG]: Group = x.x.x.x, IP = x.x.x.x, processing SA payload Feb 21 16:07:57 [IKEv1 DEBUG]: Group = x.x.x.x, IP = x.x.x.x, processing nonce payload Feb 21 16:07:57 [IKEv1 DEBUG]: Group = x.x.x.x, IP = x.x.x.x, processing ID payload Feb 21 16:07:57 [IKEv1 DECODE]: Group = x.x.x.x, IP = x.x.x.x, ID_IPV4_ADDR_SUBNET ID received--192.168.0.0--255.255.255.0 Feb 21 16:07:57 [IKEv1]: Group = x.x.x.x, IP = x.x.x.x, Received remote IP Proxy Subnet data in ID Payload: Address 192.168.0.0, Mask 255.255.255.0, Protocol 0, Port 0 Feb 21 16:07:57 [IKEv1 DEBUG]: Group = x.x.x.x, IP = x.x.x.x, processing ID payload Feb 21 16:07:57 [IKEv1 DECODE]: Group = x.x.x.x, IP = x.x.x.x, ID_IPV4_ADDR_SUBNET ID received--10.100.0.0--255.255.0.0 Feb 21 16:07:57 [IKEv1]: Group = x.x.x.x, IP = x.x.x.x, Received local IP Proxy Subnet data in ID Payload: Address 10.100.0.0, Mask 255.255.0.0, Protocol 0, Port 0 Feb 21 16:07:57 [IKEv1 DEBUG]: Group = x.x.x.x, IP = x.x.x.x, processing ke payload Feb 21 16:07:57 [IKEv1 DEBUG]: Group = x.x.x.x, IP = x.x.x.x, processing ISA_KE for PFS in phase 2 Feb 21 16:07:57 [IKEv1]: Group = x.x.x.x, IP = x.x.x.x, QM IsRekeyed old sa not found by addr Feb 21 16:07:57 [IKEv1]: Group = x.x.x.x, IP = x.x.x.x, Static Crypto Map check, checking map = Mymap, seq = 69... Feb 21 16:07:57 [IKEv1]: Group = x.x.x.x, IP = x.x.x.x, Static Crypto Map check, map Mymap, seq = 69 is a successful match Feb 21 16:07:57 [IKEv1]: Group = x.x.x.x, IP = x.x.x.x, IKE Remote Peer configured for crypto map: Mymap Feb 21 16:07:57 [IKEv1 DEBUG]: Group = x.x.x.x, IP = x.x.x.x, processing IPSec SA payload Feb 21 16:07:57 [IKEv1]: Group = x.x.x.x, IP = x.x.x.x, All IPSec SA proposals found unacceptable! Feb 21 16:07:57 [IKEv1 DEBUG]: Group = x.x.x.x, IP = x.x.x.x, sending notify message Feb 21 16:07:57 [IKEv1 DEBUG]: Group = x.x.x.x, IP = x.x.x.x, constructing blank hash payload Feb 21 16:07:57 [IKEv1 DEBUG]: Group = x.x.x.x, IP = x.x.x.x, constructing ipsec notify payload for msg id bd5f2aa8 Feb 21 16:07:57 [IKEv1 DEBUG]: Group = x.x.x.x, IP = x.x.x.x, constructing qm hash payload Feb 21 16:07:57 [IKEv1]: IP = x.x.x.x, IKE_DECODE SENDING Message (msgid=e9369438) with payloads : HDR + HASH (8) + NOTIFY (11) + NONE (0) total length : 80 BEFORE ENCRYPTION RAW PACKET DUMP on SEND 14 15 47 6f 5e 94 f5 b9 89 4f 8d 7e 33 73 51 7c | ..Go^....O.~3sQ| 08 10 05 00 38 94 36 e9 1c 00 00 00 0b 00 00 14 | ....8.6......... e7 ac ff ed 62 25 bb 58 9c 52 99 9e a4 6d 2f ba | ....b%.X.R...m/. 00 00 00 20 00 00 00 01 03 10 00 0e 14 15 47 6f | ... ..........Go 5e 94 f5 b9 89 4f 8d 7e 33 73 51 7c bd 5f 2a a8 | ^....O.~3sQ|._*. ISAKMP Header Initiator COOKIE: 14 15 47 6f 5e 94 f5 b9 Responder COOKIE: 89 4f 8d 7e 33 73 51 7c Next Payload: Hash Version: 1.0 Exchange Type: Informational Flags: (none) MessageID: 389436E9 Length: 469762048 Payload Hash Next Payload: Notification Reserved: 00 Payload Length: 20 Data: e7 ac ff ed 62 25 bb 58 9c 52 99 9e a4 6d 2f ba Payload Notification Next Payload: None Reserved: 00 Payload Length: 32 DOI: IPsec Protocol-ID: PROTO_IPSEC_ESP Spi Size: 16 Notify Type: NO_PROPOSAL_CHOSEN SPI: 14 15 47 6f 5e 94 f5 b9 89 4f 8d 7e 33 73 51 7c Data: bd 5f 2a a8 ISAKMP Header Initiator COOKIE: 14 15 47 6f 5e 94 f5 b9 Responder COOKIE: 89 4f 8d 7e 33 73 51 7c Next Payload: Hash Version: 1.0 Exchange Type: Informational Flags: (Encryption) MessageID: E9369438 Length: 84 Feb 21 16:07:57 [IKEv1]: Group = x.x.x.x, IP = x.x.x.x, QM FSM error (P2 struct &0x3ab7728, mess id 0xbd5f2aa8)! Feb 21 16:07:57 [IKEv1 DEBUG]: Group = x.x.x.x, IP = x.x.x.x, IKE QM Responder FSM error history (struct &0x3ab7728) , : QM_DONE, EV_ERROR-->QM_BLD_MSG2, EV_NEGO_SA-->QM_BLD_MSG2, EV_IS_REKEY-->QM_BLD_MSG2, EV_CONFIRM_SA-->QM_BLD_MSG2, EV_PROC_MSG-->QM_BLD_MSG2, EV_HASH_OK-->QM_BLD_MSG2, NullEvent-->QM_BLD_MSG2, EV_COMP_HASH Feb 21 16:07:57 [IKEv1 DEBUG]: Group = x.x.x.x, IP = x.x.x.x, sending delete/delete with reason message Feb 21 16:07:57 [IKEv1]: Group = x.x.x.x, IP = x.x.x.x, Removing peer from correlator table failed, no match! Feb 21 16:07:57 [IKEv1 DEBUG]: Group = x.x.x.x, IP = x.x.x.x, IKE SA MM:7e8d4f89 rcv'd Terminate: state MM_ACTIVE flags 0x00000042, refcnt 1, tuncnt 0 Feb 21 16:07:57 [IKEv1 DEBUG]: Group = x.x.x.x, IP = x.x.x.x, IKE SA MM:7e8d4f89 terminating: flags 0x01000002, refcnt 0, tuncnt 0 Feb 21 16:07:57 [IKEv1 DEBUG]: Group = x.x.x.x, IP = x.x.x.x, sending delete/delete with reason message Feb 21 16:07:57 [IKEv1 DEBUG]: Group = x.x.x.x, IP = x.x.x.x, constructing blank hash payload Feb 21 16:07:57 [IKEv1 DEBUG]: Group = x.x.x.x, IP = x.x.x.x, constructing IKE delete payload Feb 21 16:07:57 [IKEv1 DEBUG]: Group = x.x.x.x, IP = x.x.x.x, constructing qm hash payload Feb 21 16:07:57 [IKEv1]: IP = x.x.x.x, IKE_DECODE SENDING Message (msgid=93c1e8b5) with payloads : HDR + HASH (8) + DELETE (12) + NONE (0) total length : 76 BEFORE ENCRYPTION RAW PACKET DUMP on SEND 14 15 47 6f 5e 94 f5 b9 89 4f 8d 7e 33 73 51 7c | ..Go^....O.~3sQ| 08 10 05 00 b5 e8 c1 93 1c 00 00 00 0c 00 00 14 | ................ d2 a8 c5 6a 81 8a f4 87 5b 35 d9 a9 21 3e bb 49 | ...j....[5..!>.I 00 00 00 1c 00 00 00 01 01 10 00 01 14 15 47 6f | ..............Go 5e 94 f5 b9 89 4f 8d 7e 33 73 51 7c | ^....O.~3sQ| ISAKMP Header Initiator COOKIE: 14 15 47 6f 5e 94 f5 b9 Responder COOKIE: 89 4f 8d 7e 33 73 51 7c Next Payload: Hash Version: 1.0 Exchange Type: Informational Flags: (none) MessageID: B5E8C193 Length: 469762048 Payload Hash Next Payload: Delete Reserved: 00 Payload Length: 20 Data: d2 a8 c5 6a 81 8a f4 87 5b 35 d9 a9 21 3e bb 49 Payload Delete Next Payload: None Reserved: 00 Payload Length: 28 DOI: IPsec Protocol-ID: PROTO_ISAKMP Spi Size: 16 # of SPIs: 1 SPI (Hex dump): 14 15 47 6f 5e 94 f5 b9 89 4f 8d 7e 33 73 51 7c ISAKMP Header Initiator COOKIE: 14 15 47 6f 5e 94 f5 b9 Responder COOKIE: 89 4f 8d 7e 33 73 51 7c Next Payload: Hash Version: 1.0 Exchange Type: Informational Flags: (Encryption) MessageID: 93C1E8B5 Length: 76 IKE Recv RAW packet dump 7f 84 07 0c 01 57 f2 a6 00 00 00 00 00 00 00 00 | ....W.......... 01 10 02 00 00 00 00 00 00 00 00 54 00 00 00 38 | ...........T...8 00 00 00 01 00 00 00 01 00 00 00 2c 01 01 00 01 | ...........,.... 00 00 00 24 01 01 00 00 80 04 00 02 80 03 00 01 | ...$............ 80 01 00 05 80 02 00 01 80 0b 00 01 00 0c 00 04 | ................ 00 00 01 2c | ..., RECV PACKET from x.x.x.x ISAKMP Header Initiator COOKIE: 7f 84 07 0c 01 57 f2 a6 Responder COOKIE: 00 00 00 00 00 00 00 00 Next Payload: Security Association Version: 1.0 Exchange Type: Identity Protection (Main Mode) Flags: (none) MessageID: 00000000 Length: 84 Payload Security Association Next Payload: None Reserved: 00 Payload Length: 56 DOI: IPsec Situation:(SIT_IDENTITY_ONLY) Payload Proposal Next Payload: None Reserved: 00 Payload Length: 44 Proposal #: 1 Protocol-Id: PROTO_ISAKMP SPI Size: 0 # of transforms: 1 Payload Transform Next Payload: None Reserved: 00 Payload Length: 36 Transform #: 1 Transform-Id: KEY_IKE Reserved2: 0000 Group Description: Group 2 Authentication Method: Preshared key Encryption Algorithm: 3DES-CBC Hash Algorithm: MD5 Life Type: seconds Life Duration (Hex): 00 00 01 2c Feb 21 16:08:06 [IKEv1]: IP = x.x.x.x, IKE_DECODE RECEIVED Message (msgid=0) with payloads : HDR + SA (1) + NONE (0) total length : 84 Feb 21 16:08:06 [IKEv1 DEBUG]: IP = x.x.x.x, processing SA payload Feb 21 16:08:06 [IKEv1 DEBUG]: IP = x.x.x.x, Oakley proposal is acceptable Feb 21 16:08:06 [IKEv1 DEBUG]: IP = x.x.x.x, processing IKE SA payload Feb 21 16:08:06 [IKEv1 DEBUG]: IP = x.x.x.x, IKE SA Proposal # 1, Transform # 1 acceptable Matches global IKE entry # 2 Feb 21 16:08:06 [IKEv1 DEBUG]: IP = x.x.x.x, constructing ISAKMP SA payload Feb 21 16:08:06 [IKEv1 DEBUG]: IP = x.x.x.x, constructing Fragmentation VID + extended capabilities payload Feb 21 16:08:06 [IKEv1]: IP = x.x.x.x, IKE_DECODE SENDING Message (msgid=0) with payloads : HDR + SA (1) + VENDOR (13) + NONE (0) total length : 104 SENDING PACKET to x.x.x.x ISAKMP Header Initiator COOKIE: 7f 84 07 0c 01 57 f2 a6 Responder COOKIE: 22 63 13 97 fc eb 16 ad Next Payload: Security Association Version: 1.0 Exchange Type: Identity Protection (Main Mode) Flags: (none) MessageID: 00000000 Length: 104 Payload Security Association Next Payload: Vendor ID Reserved: 00 Payload Length: 52 DOI: IPsec Situation:(SIT_IDENTITY_ONLY) Payload Proposal Next Payload: None Reserved: 00 Payload Length: 40 Proposal #: 1 Protocol-Id: PROTO_ISAKMP SPI Size: 0 # of transforms: 1 Payload Transform Next Payload: None Reserved: 00 Payload Length: 32 Transform #: 1 Transform-Id: KEY_IKE Reserved2: 0000 Encryption Algorithm: 3DES-CBC Hash Algorithm: MD5 Group Description: Group 2 Authentication Method: Preshared key Life Type: seconds Life Duration (Hex): 01 2c Payload Vendor ID Next Payload: None Reserved: 00 Payload Length: 24 Data (In Hex): 40 48 b7 d5 6e bc e8 85 25 e7 de 7f 00 d6 c2 d3 c0 00 00 00 IKE Recv RAW packet dump 7f 84 07 0c 01 57 f2 a6 22 63 13 97 fc eb 16 ad | ....W.."c...... 04 10 02 00 00 00 00 00 00 00 00 ac 0a 00 00 84 | ................ d8 c6 ea dc 42 ff d0 ad c9 18 fd 11 63 bb c4 a1 | ....B.......c... da 28 69 2a b1 f1 ab 54 39 3d 90 ea 45 8d a6 6e | .(i*...T9=..E..n e6 d2 8a 47 1d a4 a9 67 ad c2 f0 46 c4 47 13 67 | ...G...g...F.G.g 46 4f 4e 55 b4 0a 12 1d ce 0a 02 3d 43 c3 0a 0b | FONU.......=C... a7 14 fb 45 d0 02 d9 9a 95 b1 e5 59 e2 15 bf 69 | ...E.......Y...i 32 a3 d6 83 f1 0e 28 0a 83 e2 70 32 81 ae ee 2f | 2.....(...p2.../ 59 60 38 cd e0 a4 f5 6d d8 a9 ee a9 30 4c dc 87 | Y`8....m....0L.. 8f 94 e3 5b 17 34 d4 cb 83 ee 3f e3 14 9e d4 8a | ...[.4....?..... 00 00 00 0c c8 77 5b 4f 85 4d 21 22 | .....w[O.M!" RECV PACKET from x.x.x.x ISAKMP Header Initiator COOKIE: 7f 84 07 0c 01 57 f2 a6 Responder COOKIE: 22 63 13 97 fc eb 16 ad Next Payload: Key Exchange Version: 1.0 Exchange Type: Identity Protection (Main Mode) Flags: (none) MessageID: 00000000 Length: 172 Payload Key Exchange Next Payload: Nonce Reserved: 00 Payload Length: 132 Data: d8 c6 ea dc 42 ff d0 ad c9 18 fd 11 63 bb c4 a1 da 28 69 2a b1 f1 ab 54 39 3d 90 ea 45 8d a6 6e e6 d2 8a 47 1d a4 a9 67 ad c2 f0 46 c4 47 13 67 46 4f 4e 55 b4 0a 12 1d ce 0a 02 3d 43 c3 0a 0b a7 14 fb 45 d0 02 d9 9a 95 b1 e5 59 e2 15 bf 69 32 a3 d6 83 f1 0e 28 0a 83 e2 70 32 81 ae ee 2f 59 60 38 cd e0 a4 f5 6d d8 a9 ee a9 30 4c dc 87 8f 94 e3 5b 17 34 d4 cb 83 ee 3f e3 14 9e d4 8a Payload Nonce Next Payload: None Reserved: 00 Payload Length: 12 Data: c8 77 5b 4f 85 4d 21 22 Feb 21 16:08:06 [IKEv1]: IP = x.x.x.x, IKE_DECODE RECEIVED Message (msgid=0) with payloads : HDR + KE (4) + NONCE (10) + NONE (0) total length : 172 Feb 21 16:08:06 [IKEv1 DEBUG]: IP = x.x.x.x, processing ke payload Feb 21 16:08:06 [IKEv1 DEBUG]: IP = x.x.x.x, processing ISA_KE payload Feb 21 16:08:06 [IKEv1 DEBUG]: IP = x.x.x.x, processing nonce payload Feb 21 16:08:06 [IKEv1 DEBUG]: IP = x.x.x.x, constructing ke payload Feb 21 16:08:06 [IKEv1 DEBUG]: IP = x.x.x.x, constructing nonce payload Feb 21 16:08:06 [IKEv1 DEBUG]: IP = x.x.x.x, constructing Cisco Unity VID payload Feb 21 16:08:06 [IKEv1 DEBUG]: IP = x.x.x.x, constructing xauth V6 VID payload Feb 21 16:08:06 [IKEv1 DEBUG]: IP = x.x.x.x, Send IOS VID Feb 21 16:08:06 [IKEv1 DEBUG]: IP = x.x.x.x, Constructing ASA spoofing IOS Vendor ID payload (version: 1.0.0, capabilities: 20000001) Feb 21 16:08:06 [IKEv1 DEBUG]: IP = x.x.x.x, constructing VID payload Feb 21 16:08:06 [IKEv1 DEBUG]: IP = x.x.x.x, Send Altiga/Cisco VPN3000/Cisco ASA GW VID Feb 21 16:08:06 [IKEv1]: IP = x.x.x.x, Connection landed on tunnel_group x.x.x.x Feb 21 16:08:06 [IKEv1 DEBUG]: Group = x.x.x.x, IP = x.x.x.x, Generating keys for Responder... Feb 21 16:08:07 [IKEv1]: IP = x.x.x.x, IKE_DECODE SENDING Message (msgid=0) with payloads : HDR + KE (4) + NONCE (10) + VENDOR (13) + VENDOR (13) + VENDOR (13) + VENDOR (13) + NONE (0) total length : 256 SENDING PACKET to x.x.x.x ISAKMP Header Initiator COOKIE: 7f 84 07 0c 01 57 f2 a6 Responder COOKIE: 22 63 13 97 fc eb 16 ad Next Payload: Key Exchange Version: 1.0 Exchange Type: Identity Protection (Main Mode) Flags: (none) MessageID: 00000000 Length: 256 Payload Key Exchange Next Payload: Nonce Reserved: 00 Payload Length: 132 Data: 2e 61 16 10 9f fb 5b 76 94 3b d8 a4 e7 b8 a6 3b e6 b7 8e 32 7f a0 7c 3c a0 7d 56 6d 60 5f 06 43 69 23 9b 99 d9 1f 77 27 22 7b 4d a2 3b 54 74 29 e5 c4 5b c8 a1 33 56 c6 8f d2 26 ca 30 ca ae fb d2 61 47 c5 fe 80 ea e8 32 64 b9 36 cf 23 41 5a fa 06 1a ae d3 e9 c9 15 74 35 5a 9d ff 3f fa 09 f5 6a 8d e6 98 e9 96 68 69 9e ea 30 af 35 b2 f7 2c ae 99 a7 f6 d0 bb 6d 79 ef 0f 68 80 5a f5 cb Payload Nonce Next Payload: Vendor ID Reserved: 00 Payload Length: 24 Data: 15 d8 0f 24 19 c9 08 e0 29 53 14 f6 d3 28 9c 86 3b 87 eb 70 Payload Vendor ID Next Payload: Vendor ID Reserved: 00 Payload Length: 20 Data (In Hex): 12 f5 f2 8c 45 71 68 a9 70 2d 9f e2 74 cc 01 00 Payload Vendor ID Next Payload: Vendor ID Reserved: 00 Payload Length: 12 Data (In Hex): 09 00 26 89 df d6 b7 12 Payload Vendor ID Next Payload: Vendor ID Reserved: 00 Payload Length: 20 Data (In Hex): d7 a4 b4 8a fc ea 16 ad 1e 7d f9 e8 2e f6 92 02 Payload Vendor ID Next Payload: None Reserved: 00 Payload Length: 20 Data (In Hex): 1f 07 f7 0e aa 65 14 d3 b0 fa 96 54 2a 50 01 00 IKE Recv RAW packet dump 7f 84 07 0c 01 57 f2 a6 22 63 13 97 fc eb 16 ad | ....W.."c...... 05 10 02 01 00 00 00 00 00 00 00 3c 33 fe dd ab | ...........<3... 74 b4 1e d7 8a f7 6b 12 69 66 6d 3c f0 09 af a9 | t.....k.ifm<.... f4 01 51 e5 8d 65 62 bc dc 9a 75 34 | ..Q..eb...u4 RECV PACKET from x.x.x.x ISAKMP Header Initiator COOKIE: 7f 84 07 0c 01 57 f2 a6 Responder COOKIE: 22 63 13 97 fc eb 16 ad Next Payload: Identification Version: 1.0 Exchange Type: Identity Protection (Main Mode) Flags: (Encryption) MessageID: 00000000 Length: 60 AFTER DECRYPTION ISAKMP Header Initiator COOKIE: 7f 84 07 0c 01 57 f2 a6 Responder COOKIE: 22 63 13 97 fc eb 16 ad Next Payload: Identification Version: 1.0 Exchange Type: Identity Protection (Main Mode) Flags: (Encryption) MessageID: 00000000 Length: 60 Payload Identification Next Payload: Hash Reserved: 00 Payload Length: 12 ID Type: IPv4 Address (1) Protocol ID (UDP/TCP, etc...): 0 Port: 0 ID Data: x.x.x.x Payload Hash Next Payload: None Reserved: 00 Payload Length: 20 Data: 4f b0 3e d6 51 2f e9 e5 3c 68 fd 60 34 ed e1 d3 Feb 21 16:08:07 [IKEv1]: IP = x.x.x.x, IKE_DECODE RECEIVED Message (msgid=0) with payloads : HDR + ID (5) + HASH (8) + NONE (0) total length : 60 Feb 21 16:08:07 [IKEv1 DEBUG]: Group = x.x.x.x, IP = x.x.x.x, processing ID payload Feb 21 16:08:07 [IKEv1 DECODE]: Group = x.x.x.x, IP = x.x.x.x, ID_IPV4_ADDR ID received x.x.x.x Feb 21 16:08:07 [IKEv1 DEBUG]: Group = x.x.x.x, IP = x.x.x.x, processing hash payload Feb 21 16:08:07 [IKEv1 DEBUG]: Group = x.x.x.x, IP = x.x.x.x, Computing hash for ISAKMP Feb 21 16:08:07 [IKEv1]: IP = x.x.x.x, Connection landed on tunnel_group x.x.x.x Feb 21 16:08:07 [IKEv1]: Group = x.x.x.x, IP = x.x.x.x, Freeing previously allocated memory for authorization-dn-attributes Feb 21 16:08:07 [IKEv1 DEBUG]: Group = x.x.x.x, IP = x.x.x.x, constructing ID payload Feb 21 16:08:07 [IKEv1 DEBUG]: Group = x.x.x.x, IP = x.x.x.x, constructing hash payload Feb 21 16:08:07 [IKEv1 DEBUG]: Group = x.x.x.x, IP = x.x.x.x, Computing hash for ISAKMP Feb 21 16:08:07 [IKEv1 DEBUG]: Group = x.x.x.x, IP = x.x.x.x, constructing dpd vid payload Feb 21 16:08:07 [IKEv1]: IP = x.x.x.x, IKE_DECODE SENDING Message (msgid=0) with payloads : HDR + ID (5) + HASH (8) + VENDOR (13) + NONE (0) total length : 80 BEFORE ENCRYPTION RAW PACKET DUMP on SEND 7f 84 07 0c 01 57 f2 a6 22 63 13 97 fc eb 16 ad | ....W.."c...... 05 10 02 00 00 00 00 00 1c 00 00 00 08 00 00 0c | ................ 01 11 01 f4 a8 bb f6 c2 0d 00 00 14 db 46 dc 7f | .............F. 06 5d 2e 59 17 c3 0f d3 29 da 18 66 00 00 00 14 | .].Y....)..f.... af ca d7 13 68 a1 f1 c9 6b 86 96 fc 77 57 01 00 | ....h...k...wW.. ISAKMP Header Initiator COOKIE: 7f 84 07 0c 01 57 f2 a6 Responder COOKIE: 22 63 13 97 fc eb 16 ad Next Payload: Identification Version: 1.0 Exchange Type: Identity Protection (Main Mode) Flags: (none) MessageID: 00000000 Length: 469762048 Payload Identification Next Payload: Hash Reserved: 00 Payload Length: 12 ID Type: IPv4 Address (1) Protocol ID (UDP/TCP, etc...): 17 Port: 500 ID Data: 168.187.246.194 Payload Hash Next Payload: Vendor ID Reserved: 00 Payload Length: 20 Data: db 46 dc 7f 06 5d 2e 59 17 c3 0f d3 29 da 18 66 Payload Vendor ID Next Payload: None Reserved: 00 Payload Length: 20 Data (In Hex): af ca d7 13 68 a1 f1 c9 6b 86 96 fc 77 57 01 00 SENDING PACKET to x.x.x.x ISAKMP Header Initiator COOKIE: 7f 84 07 0c 01 57 f2 a6 Responder COOKIE: 22 63 13 97 fc eb 16 ad Next Payload: Identification Version: 1.0 Exchange Type: Identity Protection (Main Mode) Flags: (Encryption) MessageID: 00000000 Length: 84 Feb 21 16:08:07 [IKEv1]: Group = x.x.x.x, IP = x.x.x.x, PHASE 1 COMPLETED Feb 21 16:08:07 [IKEv1]: IP = x.x.x.x, Keep-alive type for this connection: None Feb 21 16:08:07 [IKEv1]: IP = x.x.x.x, Keep-alives configured on but peer does not support keep-alives (type = None) Feb 21 16:08:07 [IKEv1 DEBUG]: Group = x.x.x.x, IP = x.x.x.x, Starting P1 rekey timer: 195 seconds. IKE Recv RAW packet dump 7f 84 07 0c 01 57 f2 a6 22 63 13 97 fc eb 16 ad | ....W.."c...... 08 10 20 01 a8 35 58 68 00 00 01 1c 07 73 b2 ad | .. ..5Xh.....s.. e3 b1 4d de f6 79 dd 1c 33 9f f0 13 f6 f9 ac cd | ..M..y..3....... f6 7f 0e 26 c3 50 d8 68 1d f0 f2 27 44 57 b7 2c | ..&.P.h...'DW., ff b4 c7 16 26 a4 74 a9 42 00 4e 39 a5 5c f1 4d | ....&.t.B.N9.\.M d8 1a 95 19 0d cd 0c 37 54 c3 94 86 03 17 ac 7e | .......7T......~ 3a 48 0d bf 32 f1 9c fb 62 a1 23 eb 80 18 c1 79 | :H..2...b.#....y 11 e0 bd 00 ae 01 8b a8 3b 82 a5 95 fd 93 5e 7e | ........;.....^~ 38 f2 d3 62 0e da 16 09 39 53 fe 87 f3 8c 71 53 | 8..b....9S....qS af 35 0e bb cc f1 a8 37 47 54 c7 51 d4 1b e6 fd | .5.....7GT.Q.... 76 ea 5f bd c5 96 ab f9 c8 0b 78 45 3f ce 6a a5 | v._.......xE?.j. a8 8d 9c a1 85 2a 1d 81 ff 71 62 d7 9f da 47 50 | .....*...qb...GP d1 bf 7b 2b e7 f6 cc 0e 68 8c df 9a bf 5f b8 2b | ..{+....h...._.+ 89 d7 c5 14 35 8a 70 0a e7 5b 0c e1 6f b5 32 12 | ....5.p..[..o.2. 08 8a 6e 1f 9a 2c 01 9a 05 84 b7 e0 96 7b dd d9 | ..n..,.......{.. 40 fb ec 08 c6 fb 53 fd 40 0c 5a c9 d3 c2 82 59 | @.....S.@.Z....Y a4 a0 b3 f8 58 8e a4 26 82 4d 2b c0 4f 9f 42 1b | ....X..&.M+.O.B. 8f e0 f1 06 ed 58 79 3b e4 ea df 3a | .....Xy;...: RECV PACKET from x.x.x.x ISAKMP Header Initiator COOKIE: 7f 84 07 0c 01 57 f2 a6 Responder COOKIE: 22 63 13 97 fc eb 16 ad Next Payload: Hash Version: 1.0 Exchange Type: Quick Mode Flags: (Encryption) MessageID: A8355868 Length: 284 Feb 21 16:08:08 [IKEv1 DECODE]: IP = x.x.x.x, IKE Responder starting QM: msg id = a8355868 AFTER DECRYPTION ISAKMP Header Initiator COOKIE: 7f 84 07 0c 01 57 f2 a6 Responder COOKIE: 22 63 13 97 fc eb 16 ad Next Payload: Hash Version: 1.0 Exchange Type: Quick Mode Flags: (Encryption) MessageID: A8355868 Length: 284 Payload Hash Next Payload: Security Association Reserved: 00 Payload Length: 20 Data: f1 6d 75 bc 08 73 df 1f 1f e3 66 a7 95 41 16 5c Payload Security Association Next Payload: Nonce Reserved: 00 Payload Length: 56 DOI: IPsec Situation:(SIT_IDENTITY_ONLY) Payload Proposal Next Payload: None Reserved: 00 Payload Length: 44 Proposal #: 1 Protocol-Id: PROTO_IPSEC_ESP SPI Size: 4 # of transforms: 1 SPI: ea 3a 04 be Payload Transform Next Payload: None Reserved: 00 Payload Length: 32 Transform #: 1 Transform-Id: ESP_3DES Reserved2: 0000 Authentication Algorithm: MD5 Group Description: Group 2 Encapsulation Mode: Tunnel Life Type: Seconds Life Duration (Hex): 00 00 01 2c Payload Nonce Next Payload: Identification Reserved: 00 Payload Length: 12 Data: b4 76 86 8a 8c 57 82 9f Payload Identification Next Payload: Identification Reserved: 00 Payload Length: 16 ID Type: IPv4 Subnet (4) Protocol ID (UDP/TCP, etc...): 0 Port: 0 ID Data: 192.168.0.0/255.255.255.0 Payload Identification Next Payload: Key Exchange Reserved: 00 Payload Length: 16 ID Type: IPv4 Subnet (4) Protocol ID (UDP/TCP, etc...): 0 Port: 0 ID Data: 10.100.0.0/255.255.0.0 Payload Key Exchange Next Payload: None Reserved: 00 Payload Length: 132 Data: 7b 0a 14 d7 6b 7a 51 42 99 8f a7 3f a8 0a f9 92 ad c0 07 bc fe 6f 09 90 82 62 7d 2e ed ca 46 02 97 e8 26 4a 35 52 fd 62 02 3d 29 e7 ec a8 17 68 13 c0 7f 2e e5 db e1 62 d6 36 39 b9 f2 e3 24 1d 7f 11 dc 18 34 42 8c 93 56 97 0c 7d e3 32 e2 59 57 e0 78 5c 3d de 3f 69 61 80 09 56 0b f9 df c4 c2 9e 8b 10 25 34 68 28 1e 43 b9 dd 63 4e 23 06 d4 37 0a 04 eb 19 13 9d e7 4d 9c 6d 58 8e ed b4 Feb 21 16:08:08 [IKEv1]: IP = x.x.x.x, IKE_DECODE RECEIVED Message (msgid=a8355868) with payloads : HDR + HASH (8) + SA (1) + NONCE (10) + ID (5) + ID (5) + KE (4) + NONE (0) total length : 280 Feb 21 16:08:08 [IKEv1 DEBUG]: Group = x.x.x.x, IP = x.x.x.x, processing hash payload Feb 21 16:08:08 [IKEv1 DEBUG]: Group = x.x.x.x, IP = x.x.x.x, processing SA payload Feb 21 16:08:08 [IKEv1 DEBUG]: Group = x.x.x.x, IP = x.x.x.x, processing nonce payload Feb 21 16:08:08 [IKEv1 DEBUG]: Group = x.x.x.x, IP = x.x.x.x, processing ID payload Feb 21 16:08:08 [IKEv1 DECODE]: Group = x.x.x.x, IP = x.x.x.x, ID_IPV4_ADDR_SUBNET ID received--192.168.0.0--255.255.255.0 Feb 21 16:08:08 [IKEv1]: Group = x.x.x.x, IP = x.x.x.x, Received remote IP Proxy Subnet data in ID Payload: Address 192.168.0.0, Mask 255.255.255.0, Protocol 0, Port 0 Feb 21 16:08:08 [IKEv1 DEBUG]: Group = x.x.x.x, IP = x.x.x.x, processing ID payload Feb 21 16:08:08 [IKEv1 DECODE]: Group = x.x.x.x, IP = x.x.x.x, ID_IPV4_ADDR_SUBNET ID received--10.100.0.0--255.255.0.0 Feb 21 16:08:08 [IKEv1]: Group = x.x.x.x, IP = x.x.x.x, Received local IP Proxy Subnet data in ID Payload: Address 10.100.0.0, Mask 255.255.0.0, Protocol 0, Port 0 Feb 21 16:08:08 [IKEv1 DEBUG]: Group = x.x.x.x, IP = x.x.x.x, processing ke payload Feb 21 16:08:08 [IKEv1 DEBUG]: Group = x.x.x.x, IP = x.x.x.x, processing ISA_KE for PFS in phase 2 Feb 21 16:08:08 [IKEv1]: Group = x.x.x.x, IP = x.x.x.x, QM IsRekeyed old sa not found by addr Feb 21 16:08:08 [IKEv1]: Group = x.x.x.x, IP = x.x.x.x, Static Crypto Map check, checking map = Mymap, seq = 69... Feb 21 16:08:08 [IKEv1]: Group = x.x.x.x, IP = x.x.x.x, Static Crypto Map check, map Mymap, seq = 69 is a successful match Feb 21 16:08:08 [IKEv1]: Group = x.x.x.x, IP = x.x.x.x, IKE Remote Peer configured for crypto map: Mymap Feb 21 16:08:08 [IKEv1 DEBUG]: Group = x.x.x.x, IP = x.x.x.x, processing IPSec SA payload Feb 21 16:08:08 [IKEv1]: Group = x.x.x.x, IP = x.x.x.x, All IPSec SA proposals found unacceptable! Feb 21 16:08:08 [IKEv1 DEBUG]: Group = x.x.x.x, IP = x.x.x.x, sending notify message Feb 21 16:08:08 [IKEv1 DEBUG]: Group = x.x.x.x, IP = x.x.x.x, constructing blank hash payload Feb 21 16:08:08 [IKEv1 DEBUG]: Group = x.x.x.x, IP = x.x.x.x, constructing ipsec notify payload for msg id a8355868 Feb 21 16:08:08 [IKEv1 DEBUG]: Group = x.x.x.x, IP = x.x.x.x, constructing qm hash payload Feb 21 16:08:08 [IKEv1]: IP = x.x.x.x, IKE_DECODE SENDING Message (msgid=4fda6a11) with payloads : HDR + HASH (8) + NOTIFY (11) + NONE (0) total length : 80 BEFORE ENCRYPTION RAW PACKET DUMP on SEND 7f 84 07 0c 01 57 f2 a6 22 63 13 97 fc eb 16 ad | ....W.."c...... 08 10 05 00 11 6a da 4f 1c 00 00 00 0b 00 00 14 | .....j.O........ 55 85 8a 22 a0 bd 11 da 17 1c 00 70 57 0d 01 75 | U..".......pW..u 00 00 00 20 00 00 00 01 03 10 00 0e 7f 84 07 0c | ... ........... 01 57 f2 a6 22 63 13 97 fc eb 16 ad a8 35 58 68 | .W.."c.......5Xh ISAKMP Header Initiator COOKIE: 7f 84 07 0c 01 57 f2 a6 Responder COOKIE: 22 63 13 97 fc eb 16 ad Next Payload: Hash Version: 1.0 Exchange Type: Informational Flags: (none) MessageID: 116ADA4F Length: 469762048 Payload Hash Next Payload: Notification Reserved: 00 Payload Length: 20 Data: 55 85 8a 22 a0 bd 11 da 17 1c 00 70 57 0d 01 75 Payload Notification Next Payload: None Reserved: 00 Payload Length: 32 DOI: IPsec Protocol-ID: PROTO_IPSEC_ESP Spi Size: 16 Notify Type: NO_PROPOSAL_CHOSEN SPI: 7f 84 07 0c 01 57 f2 a6 22 63 13 97 fc eb 16 ad Data: a8 35 58 68 ISAKMP Header Initiator COOKIE: 7f 84 07 0c 01 57 f2 a6 Responder COOKIE: 22 63 13 97 fc eb 16 ad Next Payload: Hash Version: 1.0 Exchange Type: Informational Flags: (Encryption) MessageID: 4FDA6A11 Length: 84 Feb 21 16:08:08 [IKEv1]: Group = x.x.x.x, IP = x.x.x.x, QM FSM error (P2 struct &0xdc000b0, mess id 0xa8355868)! Feb 21 16:08:08 [IKEv1 DEBUG]: Group = x.x.x.x, IP = x.x.x.x, IKE QM Responder FSM error history (struct &0xdc000b0) , : QM_DONE, EV_ERROR-->QM_BLD_MSG2, EV_NEGO_SA-->QM_BLD_MSG2, EV_IS_REKEY-->QM_BLD_MSG2, EV_CONFIRM_SA-->QM_BLD_MSG2, EV_PROC_MSG-->QM_BLD_MSG2, EV_HASH_OK-->QM_BLD_MSG2, NullEvent-->QM_BLD_MSG2, EV_COMP_HASH Feb 21 16:08:08 [IKEv1 DEBUG]: Group = x.x.x.x, IP = x.x.x.x, sending delete/delete with reason message Feb 21 16:08:08 [IKEv1]: Group = x.x.x.x, IP = x.x.x.x, Removing peer from correlator table failed, no match! Feb 21 16:08:08 [IKEv1 DEBUG]: Group = x.x.x.x, IP = x.x.x.x, IKE SA MM:97136322 rcv'd Terminate: state MM_ACTIVE flags 0x00000042, refcnt 1, tuncnt 0 Feb 21 16:08:08 [IKEv1 DEBUG]: Group = x.x.x.x, IP = x.x.x.x, IKE SA MM:97136322 terminating: flags 0x01000002, refcnt 0, tuncnt 0 Feb 21 16:08:08 [IKEv1 DEBUG]: Group = x.x.x.x, IP = x.x.x.x, sending delete/delete with reason message Feb 21 16:08:08 [IKEv1 DEBUG]: Group = x.x.x.x, IP = x.x.x.x, constructing blank hash payload Feb 21 16:08:08 [IKEv1 DEBUG]: Group = x.x.x.x, IP = x.x.x.x, constructing IKE delete payload Feb 21 16:08:08 [IKEv1 DEBUG]: Group = x.x.x.x, IP = x.x.x.x, constructing qm hash payload Feb 21 16:08:08 [IKEv1]: IP = x.x.x.x, IKE_DECODE SENDING Message (msgid=b86d03aa) with payloads : HDR + HASH (8) + DELETE (12) + NONE (0) total length : 76 BEFORE ENCRYPTION RAW PACKET DUMP on SEND 7f 84 07 0c 01 57 f2 a6 22 63 13 97 fc eb 16 ad | ....W.."c...... 08 10 05 00 aa 03 6d b8 1c 00 00 00 0c 00 00 14 | ......m......... 0a 10 25 47 0f 7b 8e 8d 28 16 f5 c7 61 ce 92 e2 | ..%G.{..(...a... 00 00 00 1c 00 00 00 01 01 10 00 01 7f 84 07 0c | ............... 01 57 f2 a6 22 63 13 97 fc eb 16 ad | .W.."c...... ISAKMP Header Initiator COOKIE: 7f 84 07 0c 01 57 f2 a6 Responder COOKIE: 22 63 13 97 fc eb 16 ad Next Payload: Hash Version: 1.0 Exchange Type: Informational Flags: (none) MessageID: AA036DB8 Length: 469762048 Payload Hash Next Payload: Delete Reserved: 00 Payload Length: 20 Data: 0a 10 25 47 0f 7b 8e 8d 28 16 f5 c7 61 ce 92 e2 Payload Delete Next Payload: None Reserved: 00 Payload Length: 28 DOI: IPsec Protocol-ID: PROTO_ISAKMP Spi Size: 16 # of SPIs: 1 SPI (Hex dump): 7f 84 07 0c 01 57 f2 a6 22 63 13 97 fc eb 16 ad ISAKMP Header Initiator COOKIE: 7f 84 07 0c 01 57 f2 a6 Responder COOKIE: 22 63 13 97 fc eb 16 ad Next Payload: Hash Version: 1.0 Exchange Type: Informational Flags: (Encryption) MessageID: B86D03AA Length: 76 X-ASA# u all X-ASA# X-ASA# X-ASA# X-ASA# u all