Community discussions

MikroTik App
 
Jpolo
just joined
Topic Author
Posts: 4
Joined: Mon May 14, 2012 11:34 am

Problems VPN L2TP

Thu May 24, 2012 2:42 pm

Hello
I'm having problem configuring L2TP server in a RB751U-2HnD.
The error in the client (MAC OS X 10.7.4 is:
Thu May 24 13:26:25 2012 : L2TP connecting to server '192.168.88.1' (192.168.88.1)...
Thu May 24 13:26:25 2012 : IPSec connection started
Thu May 24 13:26:26 2012 : IPSec connection established
Thu May 24 13:26:46 2012 : L2TP cannot connect to the server

In the log of router 11:26:27 l2tp,info first L2TP UDP packet received from 192.168.3.240

This is the configuration (version 5.16):

/interface l2tp-server
add comment="VPN a Rural" disabled=no name=VPN_Rural user=joaquin
/ip ipsec proposal
set [ find default=yes ] auth-algorithms=sha1 disabled=no enc-algorithms=3des,aes-128,aes-192,aes-256 lifetime=30m name=default pfs-group=modp1024
/ip pool
add name=DHCP_Config ranges=192.168.88.10-192.168.88.254
add name=DHCP_Organizacion ranges=192.168.3.100-192.168.3.250
add name=DHCP_Participantes ranges=192.168.4.11-192.168.4.250
/ppp profile
set 0 change-tcp-mss=yes name=default only-one=default use-compression=default use-encryption=default use-mpls=default use-vj-compression=default
add change-tcp-mss=default local-address=DHCP_Config name=profile1_Seg_VPN_Configuracion only-one=default remote-address=DHCP_Config use-compression=yes use-encryption=yes \
use-mpls=default use-vj-compression=yes
set 2 change-tcp-mss=yes name=default-encryption only-one=default use-compression=default use-encryption=yes use-mpls=default use-vj-compression=default
/interface l2tp-server server
set authentication=pap,chap,mschap1,mschap2 default-profile=profile1_Seg_VPN_Configuracion enabled=yes max-mru=1460 max-mtu=1460 mrru=1600
/ip ipsec peer
add address=0.0.0.0/0 auth-method=pre-shared-key dh-group=modp1024 disabled=no dpd-interval=2m dpd-maximum-failures=5 enc-algorithm=3des exchange-mode=main generate-policy=yes \
hash-algorithm=sha1 lifebytes=0 lifetime=1d my-id-user-fqdn="" nat-traversal=yes port=500 proposal-check=obey secret=1234567joaquin send-initial-contact=yes
/ppp aaa
set accounting=yes interim-update=0s use-radius=no
/ppp secret
add caller-id="" disabled=no limit-bytes-in=0 limit-bytes-out=0 name=joaquin password=1234567joaquin profile=profile1_Seg_VPN_Configuracion routes="" service=l2tp

What is the problem?
Many thanks

Regards

Joaquin
 
sveno
newbie
Posts: 41
Joined: Mon May 14, 2012 8:29 pm

Re: Problems VPN L2TP

Wed Jun 20, 2012 3:33 pm

I have the same problem.

OSX 10.7.4 and RB450 v5.16

using 3des enc and sha hash with mod1024 as OSX should prefer.

Does anyone have a clue what osx wants?


Sven
 
Jpolo
just joined
Topic Author
Posts: 4
Joined: Mon May 14, 2012 11:34 am

Problems VPN L2TP

Wed Jun 20, 2012 7:26 pm

Hello
Do you have tried with windows, linux or another mikrotik?
Many thanks

Joaquin Polo


Sent from my iPad using Tapatalk HD
 
User avatar
normis
MikroTik Support
MikroTik Support
Posts: 26322
Joined: Fri May 28, 2004 11:04 am
Location: Riga, Latvia

Re: Problems VPN L2TP

Thu Jun 21, 2012 1:07 pm

Enable debug log for L2TP and you will see some more info:

Image

Also you could do the same with IPsec logs.
 
Jpolo
just joined
Topic Author
Posts: 4
Joined: Mon May 14, 2012 11:34 am

Re: Problems VPN L2TP

Fri Oct 12, 2012 12:45 pm

Hello
I put debug and try to conect from iPad. This is the debug.

09:42:44 ipsec,debug,packet ==========
09:42:44 ipsec,debug,packet 476 bytes message received from 192.168.89.11[500] to 192.168.2.1[500]
09:42:44 ipsec,debug,packet 40f4b7c6 b0f475b9 00000000 00000000 01100200 00000000 000001dc 0d0000e4
09:42:44 ipsec,debug,packet 00000001 00000001 000000d8 01010006 03000024 01010000 800b0001 800c0e10
09:42:44 ipsec,debug,packet 80010007 800e0100 80030001 80020002 80040002 03000024 02010000 800b0001
09:42:44 ipsec,debug,packet 800c0e10 80010007 800e0100 80030001 80020001 80040002 03000024 03010000
09:42:44 ipsec,debug,packet 800b0001 800c0e10 80010007 800e0080 80030001 80020002 80040002 03000024
09:42:44 ipsec,debug,packet 04010000 800b0001 800c0e10 80010007 800e0080 80030001 80020001 80040002
09:42:44 ipsec,debug,packet 03000020 05010000 800b0001 800c0e10 80010005 80030001 80020002 80040002
09:42:44 ipsec,debug,packet 00000020 06010000 800b0001 800c0e10 80010005 80030001 80020001 80040002
09:42:44 ipsec,debug,packet 0d000014 4a131c81 07035845 5c5728f2 0e95452f 0d000014 4df37928 e9fc4fd1
09:42:44 ipsec,debug,packet b3262170 d515c662 0d000014 8f8d8382 6d246b6f c7a8a6a4 28c11de8 0d000014
09:42:44 ipsec,debug,packet 439b59f8 ba676c4c 7737ae22 eab8f582 0d000014 4d1e0e13 6deafa34 c4f3ea9f
09:42:44 ipsec,debug,packet 02ec7285 0d000014 80d0bb3d ef54565e e84645d4 c85ce3ee 0d000014 9909b64e
09:42:44 ipsec,debug,packet ed937c65 73de52ac e952fa6b 0d000014 7d9419a6 5310ca6f 2c179d92 15529d56
09:42:44 ipsec,debug,packet 0d000014 cd604643 35df21f8 7cfdb2fc 68b6a448 0d000014 90cb8091 3ebb696e
09:42:44 ipsec,debug,packet 086381b5 ec427b1f 00000014 afcad713 68a1f1c9 6b8696fc 77570100
09:42:44 ipsec,debug,packet ===
09:42:44 ipsec,debug respond new phase 1 negotiation: 192.168.2.1[500]<=>192.168.89.11[500]
09:42:44 ipsec,debug begin Identity Protection mode.
09:42:44 ipsec,debug,packet begin.
09:42:44 ipsec,debug,packet seen nptype=1(sa)
09:42:44 ipsec,debug,packet seen nptype=13(vid)
09:42:44 ipsec,debug,packet seen nptype=13(vid)
09:42:44 ipsec,debug,packet seen nptype=13(vid)
09:42:44 ipsec,debug,packet seen nptype=13(vid)
09:42:44 ipsec,debug,packet seen nptype=13(vid)
09:42:44 ipsec,debug,packet seen nptype=13(vid)
09:42:44 ipsec,debug,packet seen nptype=13(vid)
09:42:44 ipsec,debug,packet seen nptype=13(vid)
09:42:44 ipsec,debug,packet seen nptype=13(vid)
09:42:44 ipsec,debug,packet seen nptype=13(vid)
09:42:44 ipsec,debug,packet seen nptype=13(vid)
09:42:44 ipsec,debug,packet succeed.
09:42:44 ipsec,debug received Vendor ID: RFC 3947
09:42:44 ipsec,debug,packet received unknown Vendor ID
09:42:44 ipsec,debug received Vendor ID: draft-ietf-ipsec-nat-t-ike-08
09:42:44 ipsec,debug received Vendor ID: draft-ietf-ipsec-nat-t-ike-07
09:42:44 ipsec,debug received Vendor ID: draft-ietf-ipsec-nat-t-ike-06
09:42:44 ipsec,debug received Vendor ID: draft-ietf-ipsec-nat-t-ike-05
09:42:44 ipsec,debug received Vendor ID: draft-ietf-ipsec-nat-t-ike-04
09:42:44 ipsec,debug received Vendor ID: draft-ietf-ipsec-nat-t-ike-03
09:42:44 ipsec,debug received Vendor ID: draft-ietf-ipsec-nat-t-ike-02
09:42:44 ipsec,debug received Vendor ID: draft-ietf-ipsec-nat-t-ike-02
09:42:44 ipsec,debug
09:42:44 ipsec,debug received Vendor ID: DPD
09:42:44 ipsec,debug Selected NAT-T version: RFC 3947
09:42:44 ipsec,debug,packet total SA len=224
09:42:44 ipsec,debug,packet 00000001 00000001 000000d8 01010006 03000024 01010000 800b0001 800c0e10
09:42:44 ipsec,debug,packet 80010007 800e0100 80030001 80020002 80040002 03000024 02010000 800b0001
09:42:44 ipsec,debug,packet 800c0e10 80010007 800e0100 80030001 80020001 80040002 03000024 03010000
09:42:44 ipsec,debug,packet 800b0001 800c0e10 80010007 800e0080 80030001 80020002 80040002 03000024
09:42:44 ipsec,debug,packet 04010000 800b0001 800c0e10 80010007 800e0080 80030001 80020001 80040002
09:42:44 ipsec,debug,packet 03000020 05010000 800b0001 800c0e10 80010005 80030001 80020002 80040002
09:42:44 ipsec,debug,packet 00000020 06010000 800b0001 800c0e10 80010005 80030001 80020001 80040002
09:42:44 ipsec,debug,packet begin.
09:42:44 ipsec,debug,packet seen nptype=2(prop)
09:42:44 ipsec,debug,packet succeed.
09:42:44 ipsec,debug,packet proposal #1 len=216
09:42:44 ipsec,debug,packet begin.
09:42:44 ipsec,debug,packet seen nptype=3(trns)
09:42:44 ipsec,debug,packet seen nptype=3(trns)
09:42:44 ipsec,debug,packet seen nptype=3(trns)
09:42:44 ipsec,debug,packet seen nptype=3(trns)
09:42:44 ipsec,debug,packet seen nptype=3(trns)
09:42:44 ipsec,debug,packet seen nptype=3(trns)
09:42:44 ipsec,debug,packet succeed.
09:42:44 ipsec,debug,packet transform #1 len=36
09:42:44 ipsec,debug,packet type=Life Type, flag=0x8000, lorv=seconds
09:42:44 ipsec,debug,packet type=Life Duration, flag=0x8000, lorv=3600
09:42:44 ipsec,debug,packet type=Encryption Algorithm, flag=0x8000, lorv=AES-CBC
09:42:44 ipsec,debug,packet encryption(aes)
09:42:44 ipsec,debug,packet type=Key Length, flag=0x8000, lorv=256
09:42:44 ipsec,debug,packet type=Authentication Method, flag=0x8000, lorv=pre-shared key
09:42:44 ipsec,debug,packet type=Hash Algorithm, flag=0x8000, lorv=SHA
09:42:44 ipsec,debug,packet hash(sha1)
09:42:44 ipsec,debug,packet type=Group Description, flag=0x8000, lorv=1024-bit MODP group
09:42:44 ipsec,debug,packet hmac(modp1024)
09:42:44 ipsec,debug,packet transform #2 len=36
09:42:44 ipsec,debug,packet type=Life Type, flag=0x8000, lorv=seconds
09:42:44 ipsec,debug,packet type=Life Duration, flag=0x8000, lorv=3600
09:42:44 ipsec,debug,packet type=Encryption Algorithm, flag=0x8000, lorv=AES-CBC
09:42:44 ipsec,debug,packet encryption(aes)
09:42:44 ipsec,debug,packet type=Key Length, flag=0x8000, lorv=256
09:42:44 ipsec,debug,packet type=Authentication Method, flag=0x8000, lorv=pre-shared key
09:42:44 ipsec,debug,packet type=Hash Algorithm, flag=0x8000, lorv=MD5
09:42:44 ipsec,debug,packet hash(md5)
09:42:44 ipsec,debug,packet type=Group Description, flag=0x8000, lorv=1024-bit MODP group
09:42:44 ipsec,debug,packet hmac(modp1024)
09:42:44 ipsec,debug,packet transform #3 len=36
09:42:44 ipsec,debug,packet type=Life Type, flag=0x8000, lorv=seconds
09:42:44 ipsec,debug,packet type=Life Duration, flag=0x8000, lorv=3600
09:42:44 ipsec,debug,packet type=Encryption Algorithm, flag=0x8000, lorv=AES-CBC
09:42:44 ipsec,debug,packet encryption(aes)
09:42:44 ipsec,debug,packet type=Key Length, flag=0x8000, lorv=128
09:42:44 ipsec,debug,packet type=Authentication Method, flag=0x8000, lorv=pre-shared key
09:42:44 ipsec,debug,packet type=Hash Algorithm, flag=0x8000, lorv=SHA
09:42:44 ipsec,debug,packet hash(sha1)
09:42:44 ipsec,debug,packet type=Group Description, flag=0x8000, lorv=1024-bit MODP group
09:42:44 ipsec,debug,packet hmac(modp1024)
09:42:44 ipsec,debug,packet transform #4 len=36
09:42:44 ipsec,debug,packet type=Life Type, flag=0x8000, lorv=seconds
09:42:44 ipsec,debug,packet type=Life Duration, flag=0x8000, lorv=3600
09:42:44 ipsec,debug,packet type=Encryption Algorithm, flag=0x8000, lorv=AES-CBC
09:42:44 ipsec,debug,packet encryption(aes)
09:42:44 ipsec,debug,packet type=Key Length, flag=0x8000, lorv=128
09:42:44 ipsec,debug,packet type=Authentication Method, flag=0x8000, lorv=pre-shared key
09:42:44 ipsec,debug,packet type=Hash Algorithm, flag=0x8000, lorv=MD5
09:42:44 ipsec,debug,packet hash(md5)
09:42:44 ipsec,debug,packet type=Group Description, flag=0x8000, lorv=1024-bit MODP group
09:42:44 ipsec,debug,packet hmac(modp1024)
09:42:44 ipsec,debug,packet transform #5 len=32
09:42:44 ipsec,debug,packet type=Life Type, flag=0x8000, lorv=seconds
09:42:44 ipsec,debug,packet type=Life Duration, flag=0x8000, lorv=3600
09:42:44 ipsec,debug,packet type=Encryption Algorithm, flag=0x8000, lorv=3DES-CBC
09:42:44 ipsec,debug,packet encryption(3des)
09:42:44 ipsec,debug,packet type=Authentication Method, flag=0x8000, lorv=pre-shared key
09:42:44 ipsec,debug,packet type=Hash Algorithm, flag=0x8000, lorv=SHA
09:42:44 ipsec,debug,packet hash(sha1)
09:42:44 ipsec,debug,packet type=Group Description, flag=0x8000, lorv=1024-bit MODP group
09:42:44 ipsec,debug,packet hmac(modp1024)
09:42:44 ipsec,debug,packet transform #6 len=32
09:42:44 ipsec,debug,packet type=Life Type, flag=0x8000, lorv=seconds
09:42:44 ipsec,debug,packet type=Life Duration, flag=0x8000, lorv=3600
09:42:44 ipsec,debug,packet type=Encryption Algorithm, flag=0x8000, lorv=3DES-CBC
09:42:44 ipsec,debug,packet encryption(3des)
09:42:44 ipsec,debug,packet type=Authentication Method, flag=0x8000, lorv=pre-shared key
09:42:44 ipsec,debug,packet type=Hash Algorithm, flag=0x8000, lorv=MD5
09:42:44 ipsec,debug,packet hash(md5)
09:42:44 ipsec,debug,packet type=Group Description, flag=0x8000, lorv=1024-bit MODP group
09:42:44 ipsec,debug,packet hmac(modp1024)
09:42:44 ipsec,debug,packet pair 1:
09:42:44 ipsec,debug,packet 0x486268: next=(nil) tnext=0x48ccb0
09:42:44 ipsec,debug,packet 0x48ccb0: next=(nil) tnext=0x48bc48
09:42:44 ipsec,debug,packet 0x48bc48: next=(nil) tnext=0x48e2b0
09:42:44 ipsec,debug,packet 0x48e2b0: next=(nil) tnext=0x48c0b0
09:42:44 ipsec,debug,packet 0x48c0b0: next=(nil) tnext=0x48e738
09:42:44 ipsec,debug,packet 0x48e738: next=(nil) tnext=(nil)
09:42:44 ipsec,debug,packet proposal #1: 6 transform
09:42:44 ipsec,debug,packet prop#=1, prot-id=ISAKMP, spi-size=0, #trns=6
09:42:44 ipsec,debug,packet trns#=1, trns-id=IKE
09:42:44 ipsec,debug,packet type=Life Type, flag=0x8000, lorv=seconds
09:42:44 ipsec,debug,packet type=Life Duration, flag=0x8000, lorv=3600
09:42:44 ipsec,debug,packet type=Encryption Algorithm, flag=0x8000, lorv=AES-CBC
09:42:44 ipsec,debug,packet type=Key Length, flag=0x8000, lorv=256
09:42:44 ipsec,debug,packet type=Authentication Method, flag=0x8000, lorv=pre-shared key
09:42:44 ipsec,debug,packet type=Hash Algorithm, flag=0x8000, lorv=SHA
09:42:44 ipsec,debug,packet type=Group Description, flag=0x8000, lorv=1024-bit MODP group
09:42:44 ipsec,debug,packet Compared: DB:Peer
09:42:44 ipsec,debug,packet (lifetime = 86400:3600)
09:42:44 ipsec,debug,packet (lifebyte = 0:0)
09:42:44 ipsec,debug,packet enctype = 3DES-CBC:AES-CBC
09:42:44 ipsec,debug,packet (encklen = 0:256)
09:42:44 ipsec,debug,packet hashtype = SHA:SHA
09:42:44 ipsec,debug,packet authmethod = pre-shared key:pre-shared key
09:42:44 ipsec,debug,packet dh_group = 1024-bit MODP group:1024-bit MODP group
09:42:44 ipsec,debug,packet prop#=1, prot-id=ISAKMP, spi-size=0, #trns=6
09:42:44 ipsec,debug,packet trns#=2, trns-id=IKE
09:42:44 ipsec,debug,packet type=Life Type, flag=0x8000, lorv=seconds
09:42:44 ipsec,debug,packet type=Life Duration, flag=0x8000, lorv=3600
09:42:44 ipsec,debug,packet type=Encryption Algorithm, flag=0x8000, lorv=AES-CBC
09:42:44 ipsec,debug,packet type=Key Length, flag=0x8000, lorv=256
09:42:44 ipsec,debug,packet type=Authentication Method, flag=0x8000, lorv=pre-shared key
09:42:44 ipsec,debug,packet type=Hash Algorithm, flag=0x8000, lorv=MD5
09:42:44 ipsec,debug,packet type=Group Description, flag=0x8000, lorv=1024-bit MODP group
09:42:44 ipsec,debug,packet Compared: DB:Peer
09:42:44 ipsec,debug,packet (lifetime = 86400:3600)
09:42:44 ipsec,debug,packet (lifebyte = 0:0)
09:42:44 ipsec,debug,packet enctype = 3DES-CBC:AES-CBC
09:42:44 ipsec,debug,packet (encklen = 0:256)
09:42:44 ipsec,debug,packet hashtype = SHA:MD5
09:42:44 ipsec,debug,packet authmethod = pre-shared key:pre-shared key
09:42:44 ipsec,debug,packet dh_group = 1024-bit MODP group:1024-bit MODP group
09:42:44 ipsec,debug,packet prop#=1, prot-id=ISAKMP, spi-size=0, #trns=6
09:42:44 ipsec,debug,packet trns#=3, trns-id=IKE
09:42:44 ipsec,debug,packet type=Life Type, flag=0x8000, lorv=seconds
09:42:44 ipsec,debug,packet type=Life Duration, flag=0x8000, lorv=3600
09:42:44 ipsec,debug,packet type=Encryption Algorithm, flag=0x8000, lorv=AES-CBC
09:42:44 ipsec,debug,packet type=Key Length, flag=0x8000, lorv=128
09:42:44 ipsec,debug,packet type=Authentication Method, flag=0x8000, lorv=pre-shared key
09:42:44 ipsec,debug,packet type=Hash Algorithm, flag=0x8000, lorv=SHA
09:42:44 ipsec,debug,packet type=Group Description, flag=0x8000, lorv=1024-bit MODP group
09:42:44 ipsec,debug,packet Compared: DB:Peer
09:42:44 ipsec,debug,packet (lifetime = 86400:3600)
09:42:44 ipsec,debug,packet (lifebyte = 0:0)
09:42:44 ipsec,debug,packet enctype = 3DES-CBC:AES-CBC
09:42:44 ipsec,debug,packet (encklen = 0:128)
09:42:44 ipsec,debug,packet hashtype = SHA:SHA
09:42:44 ipsec,debug,packet authmethod = pre-shared key:pre-shared key
09:42:44 ipsec,debug,packet dh_group = 1024-bit MODP group:1024-bit MODP group
09:42:44 ipsec,debug,packet prop#=1, prot-id=ISAKMP, spi-size=0, #trns=6
09:42:44 ipsec,debug,packet trns#=4, trns-id=IKE
09:42:44 ipsec,debug,packet type=Life Type, flag=0x8000, lorv=seconds
09:42:44 ipsec,debug,packet type=Life Duration, flag=0x8000, lorv=3600
09:42:44 ipsec,debug,packet type=Encryption Algorithm, flag=0x8000, lorv=AES-CBC
09:42:44 ipsec,debug,packet type=Key Length, flag=0x8000, lorv=128
09:42:44 ipsec,debug,packet type=Authentication Method, flag=0x8000, lorv=pre-shared key
09:42:44 ipsec,debug,packet type=Hash Algorithm, flag=0x8000, lorv=MD5
09:42:44 ipsec,debug,packet type=Group Description, flag=0x8000, lorv=1024-bit MODP group
09:42:44 ipsec,debug,packet Compared: DB:Peer
09:42:44 ipsec,debug,packet (lifetime = 86400:3600)
09:42:44 ipsec,debug,packet (lifebyte = 0:0)
09:42:44 ipsec,debug,packet enctype = 3DES-CBC:AES-CBC
09:42:44 ipsec,debug,packet (encklen = 0:128)
09:42:44 ipsec,debug,packet hashtype = SHA:MD5
09:42:44 ipsec,debug,packet authmethod = pre-shared key:pre-shared key
09:42:44 ipsec,debug,packet dh_group = 1024-bit MODP group:1024-bit MODP group
09:42:44 ipsec,debug,packet prop#=1, prot-id=ISAKMP, spi-size=0, #trns=6
09:42:44 ipsec,debug,packet trns#=5, trns-id=IKE
09:42:44 ipsec,debug,packet type=Life Type, flag=0x8000, lorv=seconds
09:42:44 ipsec,debug,packet type=Life Duration, flag=0x8000, lorv=3600
09:42:44 ipsec,debug,packet type=Encryption Algorithm, flag=0x8000, lorv=3DES-CBC
09:42:44 ipsec,debug,packet type=Authentication Method, flag=0x8000, lorv=pre-shared key
09:42:44 ipsec,debug,packet type=Hash Algorithm, flag=0x8000, lorv=SHA
09:42:44 ipsec,debug,packet type=Group Description, flag=0x8000, lorv=1024-bit MODP group
09:42:44 ipsec,debug,packet Compared: DB:Peer
09:42:44 ipsec,debug,packet (lifetime = 86400:3600)
09:42:44 ipsec,debug,packet (lifebyte = 0:0)
09:42:44 ipsec,debug,packet enctype = 3DES-CBC:3DES-CBC
09:42:44 ipsec,debug,packet (encklen = 0:0)
09:42:44 ipsec,debug,packet hashtype = SHA:SHA
09:42:44 ipsec,debug,packet authmethod = pre-shared key:pre-shared key
09:42:44 ipsec,debug,packet dh_group = 1024-bit MODP group:1024-bit MODP group
09:42:44 ipsec,debug,packet an acceptable proposal found.
09:42:44 ipsec,debug,packet hmac(modp1024)
09:42:44 ipsec,debug,packet agreed on pre-shared key auth.
09:42:44 ipsec,debug,packet ===
09:42:44 ipsec,debug,packet new cookie:
09:42:44 ipsec,debug,packet 5521e1512fec6213
09:42:44 ipsec,debug,packet add payload of len 48, next type 13
09:42:44 ipsec,debug,packet add payload of len 16, next type 13
09:42:44 ipsec,debug,packet add payload of len 16, next type 0
09:42:44 ipsec,debug,packet 120 bytes from 192.168.2.1[500] to 192.168.89.11[500]
09:42:44 ipsec,debug,packet sockname 192.168.2.1[500]
09:42:44 ipsec,debug,packet send packet from 192.168.2.1[500]
09:42:44 ipsec,debug,packet send packet to 192.168.89.11[500]
09:42:44 ipsec,debug,packet src4 192.168.2.1[500]
09:42:44 ipsec,debug,packet dst4 192.168.89.11[500]
09:42:44 ipsec,debug,packet 1 times of 120 bytes message will be sent to 192.168.89.11[500]
09:42:44 ipsec,debug,packet 40f4b7c6 b0f475b9 5521e151 2fec6213 01100200 00000000 00000078 0d000034
09:42:44 ipsec,debug,packet 00000001 00000001 00000028 01010001 00000020 05010000 800b0001 800c0e10
09:42:44 ipsec,debug,packet 80010005 80030001 80020002 80040002 0d000014 4a131c81 07035845 5c5728f2
09:42:44 ipsec,debug,packet 0e95452f 00000014 afcad713 68a1f1c9 6b8696fc 77570100
09:42:44 ipsec,debug,packet resend phase1 packet 40f4b7c6b0f475b9:5521e1512fec6213
09:42:47 ipsec,debug,packet ==========
09:42:47 ipsec,debug,packet 476 bytes message received from 192.168.89.11[500] to 192.168.2.1[500]
09:42:47 ipsec,debug,packet 40f4b7c6 b0f475b9 00000000 00000000 01100200 00000000 000001dc 0d0000e4
09:42:47 ipsec,debug,packet 00000001 00000001 000000d8 01010006 03000024 01010000 800b0001 800c0e10
09:42:47 ipsec,debug,packet 80010007 800e0100 80030001 80020002 80040002 03000024 02010000 800b0001
09:42:47 ipsec,debug,packet 800c0e10 80010007 800e0100 80030001 80020001 80040002 03000024 03010000
09:42:47 ipsec,debug,packet 800b0001 800c0e10 80010007 800e0080 80030001 80020002 80040002 03000024
09:42:47 ipsec,debug,packet 04010000 800b0001 800c0e10 80010007 800e0080 80030001 80020001 80040002
09:42:47 ipsec,debug,packet 03000020 05010000 800b0001 800c0e10 80010005 80030001 80020002 80040002
09:42:47 ipsec,debug,packet 00000020 06010000 800b0001 800c0e10 80010005 80030001 80020001 80040002
09:42:47 ipsec,debug,packet 0d000014 4a131c81 07035845 5c5728f2 0e95452f 0d000014 4df37928 e9fc4fd1
09:42:47 ipsec,debug,packet b3262170 d515c662 0d000014 8f8d8382 6d246b6f c7a8a6a4 28c11de8 0d000014
09:42:47 ipsec,debug,packet 439b59f8 ba676c4c 7737ae22 eab8f582 0d000014 4d1e0e13 6deafa34 c4f3ea9f
09:42:47 ipsec,debug,packet 02ec7285 0d000014 80d0bb3d ef54565e e84645d4 c85ce3ee 0d000014 9909b64e
09:42:47 ipsec,debug,packet ed937c65 73de52ac e952fa6b 0d000014 7d9419a6 5310ca6f 2c179d92 15529d56
09:42:47 ipsec,debug,packet 0d000014 cd604643 35df21f8 7cfdb2fc 68b6a448 0d000014 90cb8091 3ebb696e
09:42:47 ipsec,debug,packet 086381b5 ec427b1f 00000014 afcad713 68a1f1c9 6b8696fc 77570100
09:42:47 ipsec,debug,packet sockname 192.168.2.1[500]
09:42:47 ipsec,debug,packet send packet from 192.168.2.1[500]
09:42:47 ipsec,debug,packet send packet to 192.168.89.11[500]
09:42:47 ipsec,debug,packet src4 192.168.2.1[500]
09:42:47 ipsec,debug,packet dst4 192.168.89.11[500]
09:42:47 ipsec,debug,packet 1 times of 120 bytes message will be sent to 192.168.89.11[500]
09:42:47 ipsec,debug,packet 40f4b7c6 b0f475b9 5521e151 2fec6213 01100200 00000000 00000078 0d000034
09:42:47 ipsec,debug,packet 00000001 00000001 00000028 01010001 00000020 05010000 800b0001 800c0e10
09:42:47 ipsec,debug,packet 80010005 80030001 80020002 80040002 0d000014 4a131c81 07035845 5c5728f2
09:42:47 ipsec,debug,packet 0e95452f 00000014 afcad713 68a1f1c9 6b8696fc 77570100
09:42:47 ipsec,debug the packet is retransmitted by 192.168.89.11[500].
09:42:50 ipsec,debug,packet ==========
09:42:50 ipsec,debug,packet 476 bytes message received from 192.168.89.11[500] to 192.168.2.1[500]
09:42:50 ipsec,debug,packet 40f4b7c6 b0f475b9 00000000 00000000 01100200 00000000 000001dc 0d0000e4
09:42:50 ipsec,debug,packet 00000001 00000001 000000d8 01010006 03000024 01010000 800b0001 800c0e10
09:42:50 ipsec,debug,packet 80010007 800e0100 80030001 80020002 80040002 03000024 02010000 800b0001
09:42:50 ipsec,debug,packet 800c0e10 80010007 800e0100 80030001 80020001 80040002 03000024 03010000
09:42:50 ipsec,debug,packet 800b0001 800c0e10 80010007 800e0080 80030001 80020002 80040002 03000024
09:42:50 ipsec,debug,packet 04010000 800b0001 800c0e10 80010007 800e0080 80030001 80020001 80040002
09:42:50 ipsec,debug,packet 03000020 05010000 800b0001 800c0e10 80010005 80030001 80020002 80040002
09:42:50 ipsec,debug,packet 00000020 06010000 800b0001 800c0e10 80010005 80030001 80020001 80040002
09:42:50 ipsec,debug,packet 0d000014 4a131c81 07035845 5c5728f2 0e95452f 0d000014 4df37928 e9fc4fd1
09:42:50 ipsec,debug,packet b3262170 d515c662 0d000014 8f8d8382 6d246b6f c7a8a6a4 28c11de8 0d000014
09:42:50 ipsec,debug,packet 439b59f8 ba676c4c 7737ae22 eab8f582 0d000014 4d1e0e13 6deafa34 c4f3ea9f
09:42:50 ipsec,debug,packet 02ec7285 0d000014 80d0bb3d ef54565e e84645d4 c85ce3ee 0d000014 9909b64e
09:42:50 ipsec,debug,packet ed937c65 73de52ac e952fa6b 0d000014 7d9419a6 5310ca6f 2c179d92 15529d56
09:42:50 ipsec,debug,packet 0d000014 cd604643 35df21f8 7cfdb2fc 68b6a448 0d000014 90cb8091 3ebb696e
09:42:50 ipsec,debug,packet 086381b5 ec427b1f 00000014 afcad713 68a1f1c9 6b8696fc 77570100
09:42:50 ipsec,debug,packet sockname 192.168.2.1[500]
09:42:50 ipsec,debug,packet send packet from 192.168.2.1[500]
09:42:50 ipsec,debug,packet send packet to 192.168.89.11[500]
09:42:50 ipsec,debug,packet src4 192.168.2.1[500]
09:42:50 ipsec,debug,packet dst4 192.168.89.11[500]
09:42:50 ipsec,debug,packet 1 times of 120 bytes message will be sent to 192.168.89.11[500]
09:42:50 ipsec,debug,packet 40f4b7c6 b0f475b9 5521e151 2fec6213 01100200 00000000 00000078 0d000034
09:42:50 ipsec,debug,packet 00000001 00000001 00000028 01010001 00000020 05010000 800b0001 800c0e10
09:42:50 ipsec,debug,packet 80010005 80030001 80020002 80040002 0d000014 4a131c81 07035845 5c5728f2
09:42:50 ipsec,debug,packet 0e95452f 00000014 afcad713 68a1f1c9 6b8696fc 77570100
09:42:50 ipsec,debug the packet is retransmitted by 192.168.89.11[500].
09:42:53 ipsec,debug,packet ==========
09:42:53 ipsec,debug,packet 476 bytes message received from 192.168.89.11[500] to 192.168.2.1[500]
09:42:53 ipsec,debug,packet 40f4b7c6 b0f475b9 00000000 00000000 01100200 00000000 000001dc 0d0000e4
09:42:53 ipsec,debug,packet 00000001 00000001 000000d8 01010006 03000024 01010000 800b0001 800c0e10
09:42:53 ipsec,debug,packet 80010007 800e0100 80030001 80020002 80040002 03000024 02010000 800b0001
09:42:53 ipsec,debug,packet 800c0e10 80010007 800e0100 80030001 80020001 80040002 03000024 03010000
09:42:53 ipsec,debug,packet 800b0001 800c0e10 80010007 800e0080 80030001 80020002 80040002 03000024
09:42:53 ipsec,debug,packet 04010000 800b0001 800c0e10 80010007 800e0080 80030001 80020001 80040002
09:42:53 ipsec,debug,packet 03000020 05010000 800b0001 800c0e10 80010005 80030001 80020002 80040002
09:42:53 ipsec,debug,packet 00000020 06010000 800b0001 800c0e10 80010005 80030001 80020001 80040002
09:42:53 ipsec,debug,packet 0d000014 4a131c81 07035845 5c5728f2 0e95452f 0d000014 4df37928 e9fc4fd1
09:42:53 ipsec,debug,packet b3262170 d515c662 0d000014 8f8d8382 6d246b6f c7a8a6a4 28c11de8 0d000014
09:42:53 ipsec,debug,packet 439b59f8 ba676c4c 7737ae22 eab8f582 0d000014 4d1e0e13 6deafa34 c4f3ea9f
09:42:53 ipsec,debug,packet 02ec7285 0d000014 80d0bb3d ef54565e e84645d4 c85ce3ee 0d000014 9909b64e
09:42:53 ipsec,debug,packet ed937c65 73de52ac e952fa6b 0d000014 7d9419a6 5310ca6f 2c179d92 15529d56
09:42:53 ipsec,debug,packet 0d000014 cd604643 35df21f8 7cfdb2fc 68b6a448 0d000014 90cb8091 3ebb696e
09:42:53 ipsec,debug,packet 086381b5 ec427b1f 00000014 afcad713 68a1f1c9 6b8696fc 77570100
09:42:53 ipsec,debug,packet sockname 192.168.2.1[500]
09:42:53 ipsec,debug,packet send packet from 192.168.2.1[500]
09:42:53 ipsec,debug,packet send packet to 192.168.89.11[500]
09:42:53 ipsec,debug,packet src4 192.168.2.1[500]
09:42:53 ipsec,debug,packet dst4 192.168.89.11[500]
09:42:53 ipsec,debug,packet 1 times of 120 bytes message will be sent to 192.168.89.11[500]
09:42:53 ipsec,debug,packet 40f4b7c6 b0f475b9 5521e151 2fec6213 01100200 00000000 00000078 0d000034
09:42:53 ipsec,debug,packet 00000001 00000001 00000028 01010001 00000020 05010000 800b0001 800c0e10
09:42:53 ipsec,debug,packet 80010005 80030001 80020002 80040002 0d000014 4a131c81 07035845 5c5728f2
09:42:53 ipsec,debug,packet 0e95452f 00000014 afcad713 68a1f1c9 6b8696fc 77570100
09:42:53 ipsec,debug the packet is retransmitted by 192.168.89.11[500].
09:42:54 ipsec,debug,packet 120 bytes from 192.168.2.1[500] to 192.168.89.11[500]
09:42:54 ipsec,debug,packet sockname 192.168.2.1[500]
09:42:54 ipsec,debug,packet send packet from 192.168.2.1[500]
09:42:54 ipsec,debug,packet send packet to 192.168.89.11[500]
09:42:54 ipsec,debug,packet src4 192.168.2.1[500]
09:42:54 ipsec,debug,packet dst4 192.168.89.11[500]
09:42:54 ipsec,debug,packet 1 times of 120 bytes message will be sent to 192.168.89.11[500]
09:42:54 ipsec,debug,packet 40f4b7c6 b0f475b9 5521e151 2fec6213 01100200 00000000 00000078 0d000034
09:42:54 ipsec,debug,packet 00000001 00000001 00000028 01010001 00000020 05010000 800b0001 800c0e10
09:42:54 ipsec,debug,packet 80010005 80030001 80020002 80040002 0d000014 4a131c81 07035845 5c5728f2
09:42:54 ipsec,debug,packet 0e95452f 00000014 afcad713 68a1f1c9 6b8696fc 77570100
09:42:54 ipsec,debug,packet resend phase1 packet 40f4b7c6b0f475b9:5521e1512fec6213


Where is the problem?
Many thanks
regards
 
gsloop
Member Candidate
Member Candidate
Posts: 213
Joined: Wed Jan 04, 2012 11:34 pm
Contact:

Re: Problems VPN L2TP

Sat Oct 13, 2012 2:18 am

I'm horrible grok'ing IPSec debugs - but it looks like it keeps retrying/failing IPSec phase 1 negotiation.

To confirm this, watch the SA's in IP | IPSec | SA in winbox.

If the IPSec connection is successful, you'll see SA's appear and stay, and be encrypted.

That's the first half of the connection. [L2TP is IPSec + L2TP/[MPPE]]
So, make sure the IPSec tunnel is built properly first, then watch the next step.

-Greg
 
Jpolo
just joined
Topic Author
Posts: 4
Joined: Mon May 14, 2012 11:34 am

Re: Problems VPN L2TP

Sat Oct 13, 2012 4:21 pm

Hello
I have seen in IPSEC SA and appears the ip of the iPad and the ip of mikrotik. But the VPN conection fails. This is the log. Seems that the L2TP tunnel fails, but I don't know why.


01:18:32 ipsec,debug,packet ==========
01:18:32 ipsec,debug,packet 476 bytes message received from 192.168.3.241[500] to 192.168.88.1[500]
01:18:32 ipsec,debug,packet 8a808153 6a6a57f2 00000000 00000000 01100200 00000000 000001dc 0d0000e4
01:18:32 ipsec,debug,packet 00000001 00000001 000000d8 01010006 03000024 01010000 800b0001 800c0e10
01:18:32 ipsec,debug,packet 80010007 800e0100 80030001 80020002 80040002 03000024 02010000 800b0001
01:18:32 ipsec,debug,packet 800c0e10 80010007 800e0100 80030001 80020001 80040002 03000024 03010000
01:18:32 ipsec,debug,packet 800b0001 800c0e10 80010007 800e0080 80030001 80020002 80040002 03000024
01:18:32 ipsec,debug,packet 04010000 800b0001 800c0e10 80010007 800e0080 80030001 80020001 80040002
01:18:32 ipsec,debug,packet 03000020 05010000 800b0001 800c0e10 80010005 80030001 80020002 80040002
01:18:32 ipsec,debug,packet 00000020 06010000 800b0001 800c0e10 80010005 80030001 80020001 80040002
01:18:32 ipsec,debug,packet 0d000014 4a131c81 07035845 5c5728f2 0e95452f 0d000014 4df37928 e9fc4fd1
01:18:32 ipsec,debug,packet b3262170 d515c662 0d000014 8f8d8382 6d246b6f c7a8a6a4 28c11de8 0d000014
01:18:32 ipsec,debug,packet 439b59f8 ba676c4c 7737ae22 eab8f582 0d000014 4d1e0e13 6deafa34 c4f3ea9f
01:18:32 ipsec,debug,packet 02ec7285 0d000014 80d0bb3d ef54565e e84645d4 c85ce3ee 0d000014 9909b64e
01:18:32 ipsec,debug,packet ed937c65 73de52ac e952fa6b 0d000014 7d9419a6 5310ca6f 2c179d92 15529d56
01:18:32 ipsec,debug,packet 0d000014 cd604643 35df21f8 7cfdb2fc 68b6a448 0d000014 90cb8091 3ebb696e
01:18:32 ipsec,debug,packet 086381b5 ec427b1f 00000014 afcad713 68a1f1c9 6b8696fc 77570100
01:18:32 ipsec,debug,packet ===
01:18:32 ipsec,debug respond new phase 1 negotiation: 192.168.88.1[500]<=>192.168.3.241[500]
01:18:32 ipsec,debug begin Identity Protection mode.
01:18:32 ipsec,debug,packet begin.
01:18:32 ipsec,debug,packet seen nptype=1(sa)
01:18:32 ipsec,debug,packet seen nptype=13(vid)
01:18:32 ipsec,debug,packet seen nptype=13(vid)
01:18:32 ipsec,debug,packet seen nptype=13(vid)
01:18:32 ipsec,debug,packet seen nptype=13(vid)
01:18:32 ipsec,debug,packet seen nptype=13(vid)
01:18:32 ipsec,debug,packet seen nptype=13(vid)
01:18:32 ipsec,debug,packet seen nptype=13(vid)
01:18:32 ipsec,debug,packet seen nptype=13(vid)
01:18:32 ipsec,debug,packet seen nptype=13(vid)
01:18:32 ipsec,debug,packet seen nptype=13(vid)
01:18:32 ipsec,debug,packet seen nptype=13(vid)
01:18:32 ipsec,debug,packet succeed.
01:18:32 ipsec,debug received Vendor ID: RFC 3947
01:18:32 ipsec,debug,packet received unknown Vendor ID
01:18:32 ipsec,debug received Vendor ID: draft-ietf-ipsec-nat-t-ike-08
01:18:32 ipsec,debug received Vendor ID: draft-ietf-ipsec-nat-t-ike-07
01:18:32 ipsec,debug received Vendor ID: draft-ietf-ipsec-nat-t-ike-06
01:18:32 ipsec,debug received Vendor ID: draft-ietf-ipsec-nat-t-ike-05
01:18:32 ipsec,debug received Vendor ID: draft-ietf-ipsec-nat-t-ike-04
01:18:32 ipsec,debug received Vendor ID: draft-ietf-ipsec-nat-t-ike-03
01:18:32 ipsec,debug received Vendor ID: draft-ietf-ipsec-nat-t-ike-02
01:18:32 ipsec,debug received Vendor ID: draft-ietf-ipsec-nat-t-ike-02
01:18:32 ipsec,debug
01:18:32 ipsec,debug received Vendor ID: DPD
01:18:32 ipsec,debug Selected NAT-T version: RFC 3947
01:18:32 ipsec,debug,packet total SA len=224
01:18:32 ipsec,debug,packet 00000001 00000001 000000d8 01010006 03000024 01010000 800b0001 800c0e10
01:18:32 ipsec,debug,packet 80010007 800e0100 80030001 80020002 80040002 03000024 02010000 800b0001
01:18:32 ipsec,debug,packet 800c0e10 80010007 800e0100 80030001 80020001 80040002 03000024 03010000
01:18:32 ipsec,debug,packet 800b0001 800c0e10 80010007 800e0080 80030001 80020002 80040002 03000024
01:18:32 ipsec,debug,packet 04010000 800b0001 800c0e10 80010007 800e0080 80030001 80020001 80040002
01:18:32 ipsec,debug,packet 03000020 05010000 800b0001 800c0e10 80010005 80030001 80020002 80040002
01:18:32 ipsec,debug,packet 00000020 06010000 800b0001 800c0e10 80010005 80030001 80020001 80040002
01:18:32 ipsec,debug,packet begin.
01:18:32 ipsec,debug,packet seen nptype=2(prop)
01:18:32 ipsec,debug,packet succeed.
01:18:32 ipsec,debug,packet proposal #1 len=216
01:18:32 ipsec,debug,packet begin.
01:18:32 ipsec,debug,packet seen nptype=3(trns)
01:18:32 ipsec,debug,packet seen nptype=3(trns)
01:18:32 ipsec,debug,packet seen nptype=3(trns)
01:18:32 ipsec,debug,packet seen nptype=3(trns)
01:18:32 ipsec,debug,packet seen nptype=3(trns)
01:18:32 ipsec,debug,packet seen nptype=3(trns)
01:18:32 ipsec,debug,packet succeed.
01:18:32 ipsec,debug,packet transform #1 len=36
01:18:32 ipsec,debug,packet type=Life Type, flag=0x8000, lorv=seconds
01:18:32 ipsec,debug,packet type=Life Duration, flag=0x8000, lorv=3600
01:18:32 ipsec,debug,packet type=Encryption Algorithm, flag=0x8000, lorv=AES-CBC
01:18:32 ipsec,debug,packet encryption(aes)
01:18:32 ipsec,debug,packet type=Key Length, flag=0x8000, lorv=256
01:18:32 ipsec,debug,packet type=Authentication Method, flag=0x8000, lorv=pre-shared key
01:18:32 ipsec,debug,packet type=Hash Algorithm, flag=0x8000, lorv=SHA
01:18:32 ipsec,debug,packet hash(sha1)
01:18:32 ipsec,debug,packet type=Group Description, flag=0x8000, lorv=1024-bit MODP group
01:18:32 ipsec,debug,packet hmac(modp1024)
01:18:32 ipsec,debug,packet transform #2 len=36
01:18:32 ipsec,debug,packet type=Life Type, flag=0x8000, lorv=seconds
01:18:32 ipsec,debug,packet type=Life Duration, flag=0x8000, lorv=3600
01:18:32 ipsec,debug,packet type=Encryption Algorithm, flag=0x8000, lorv=AES-CBC
01:18:32 ipsec,debug,packet encryption(aes)
01:18:32 ipsec,debug,packet type=Key Length, flag=0x8000, lorv=256
01:18:32 ipsec,debug,packet type=Authentication Method, flag=0x8000, lorv=pre-shared key
01:18:32 ipsec,debug,packet type=Hash Algorithm, flag=0x8000, lorv=MD5
01:18:32 ipsec,debug,packet hash(md5)
01:18:32 ipsec,debug,packet type=Group Description, flag=0x8000, lorv=1024-bit MODP group
01:18:32 ipsec,debug,packet hmac(modp1024)
01:18:32 ipsec,debug,packet transform #3 len=36
01:18:32 ipsec,debug,packet type=Life Type, flag=0x8000, lorv=seconds
01:18:32 ipsec,debug,packet type=Life Duration, flag=0x8000, lorv=3600
01:18:32 ipsec,debug,packet type=Encryption Algorithm, flag=0x8000, lorv=AES-CBC
01:18:32 ipsec,debug,packet encryption(aes)
01:18:32 ipsec,debug,packet type=Key Length, flag=0x8000, lorv=128
01:18:32 ipsec,debug,packet type=Authentication Method, flag=0x8000, lorv=pre-shared key
01:18:32 ipsec,debug,packet type=Hash Algorithm, flag=0x8000, lorv=SHA
01:18:32 ipsec,debug,packet hash(sha1)
01:18:32 ipsec,debug,packet type=Group Description, flag=0x8000, lorv=1024-bit MODP group
01:18:32 ipsec,debug,packet hmac(modp1024)
01:18:32 ipsec,debug,packet transform #4 len=36
01:18:32 ipsec,debug,packet type=Life Type, flag=0x8000, lorv=seconds
01:18:32 ipsec,debug,packet type=Life Duration, flag=0x8000, lorv=3600
01:18:32 ipsec,debug,packet type=Encryption Algorithm, flag=0x8000, lorv=AES-CBC
01:18:32 ipsec,debug,packet encryption(aes)
01:18:32 ipsec,debug,packet type=Key Length, flag=0x8000, lorv=128
01:18:32 ipsec,debug,packet type=Authentication Method, flag=0x8000, lorv=pre-shared key
01:18:32 ipsec,debug,packet type=Hash Algorithm, flag=0x8000, lorv=MD5
01:18:32 ipsec,debug,packet hash(md5)
01:18:32 ipsec,debug,packet type=Group Description, flag=0x8000, lorv=1024-bit MODP group
01:18:32 ipsec,debug,packet hmac(modp1024)
01:18:32 ipsec,debug,packet transform #5 len=32
01:18:32 ipsec,debug,packet type=Life Type, flag=0x8000, lorv=seconds
01:18:32 ipsec,debug,packet type=Life Duration, flag=0x8000, lorv=3600
01:18:32 ipsec,debug,packet type=Encryption Algorithm, flag=0x8000, lorv=3DES-CBC
01:18:32 ipsec,debug,packet encryption(3des)
01:18:32 ipsec,debug,packet type=Authentication Method, flag=0x8000, lorv=pre-shared key
01:18:32 ipsec,debug,packet type=Hash Algorithm, flag=0x8000, lorv=SHA
01:18:32 ipsec,debug,packet hash(sha1)
01:18:32 ipsec,debug,packet type=Group Description, flag=0x8000, lorv=1024-bit MODP group
01:18:32 ipsec,debug,packet hmac(modp1024)
01:18:32 ipsec,debug,packet transform #6 len=32
01:18:32 ipsec,debug,packet type=Life Type, flag=0x8000, lorv=seconds
01:18:32 ipsec,debug,packet type=Life Duration, flag=0x8000, lorv=3600
01:18:32 ipsec,debug,packet type=Encryption Algorithm, flag=0x8000, lorv=3DES-CBC
01:18:32 ipsec,debug,packet encryption(3des)
01:18:32 ipsec,debug,packet type=Authentication Method, flag=0x8000, lorv=pre-shared key
01:18:32 ipsec,debug,packet type=Hash Algorithm, flag=0x8000, lorv=MD5
01:18:32 ipsec,debug,packet hash(md5)
01:18:32 ipsec,debug,packet type=Group Description, flag=0x8000, lorv=1024-bit MODP group
01:18:32 ipsec,debug,packet hmac(modp1024)
01:18:32 ipsec,debug,packet pair 1:
01:18:32 ipsec,debug,packet 0x48ffc0: next=(nil) tnext=0x490928
01:18:32 ipsec,debug,packet 0x490928: next=(nil) tnext=0x490110
01:18:32 ipsec,debug,packet 0x490110: next=(nil) tnext=0x490068
01:18:32 ipsec,debug,packet 0x490068: next=(nil) tnext=0x48a2b0
01:18:32 ipsec,debug,packet 0x48a2b0: next=(nil) tnext=0x4901b8
01:18:32 ipsec,debug,packet 0x4901b8: next=(nil) tnext=(nil)
01:18:32 ipsec,debug,packet proposal #1: 6 transform
01:18:32 ipsec,debug,packet prop#=1, prot-id=ISAKMP, spi-size=0, #trns=6
01:18:32 ipsec,debug,packet trns#=1, trns-id=IKE
01:18:32 ipsec,debug,packet type=Life Type, flag=0x8000, lorv=seconds
01:18:32 ipsec,debug,packet type=Life Duration, flag=0x8000, lorv=3600
01:18:32 ipsec,debug,packet type=Encryption Algorithm, flag=0x8000, lorv=AES-CBC
01:18:32 ipsec,debug,packet type=Key Length, flag=0x8000, lorv=256
01:18:32 ipsec,debug,packet type=Authentication Method, flag=0x8000, lorv=pre-shared key
01:18:32 ipsec,debug,packet type=Hash Algorithm, flag=0x8000, lorv=SHA
01:18:32 ipsec,debug,packet type=Group Description, flag=0x8000, lorv=1024-bit MODP group
01:18:32 ipsec,debug,packet Compared: DB:Peer
01:18:32 ipsec,debug,packet (lifetime = 86400:3600)
01:18:32 ipsec,debug,packet (lifebyte = 0:0)
01:18:32 ipsec,debug,packet enctype = 3DES-CBC:AES-CBC
01:18:32 ipsec,debug,packet (encklen = 0:256)
01:18:32 ipsec,debug,packet hashtype = SHA:SHA
01:18:32 ipsec,debug,packet authmethod = pre-shared key:pre-shared key
01:18:32 ipsec,debug,packet dh_group = 1024-bit MODP group:1024-bit MODP group
01:18:32 ipsec,debug,packet prop#=1, prot-id=ISAKMP, spi-size=0, #trns=6
01:18:32 ipsec,debug,packet trns#=2, trns-id=IKE
01:18:32 ipsec,debug,packet type=Life Type, flag=0x8000, lorv=seconds
01:18:32 ipsec,debug,packet type=Life Duration, flag=0x8000, lorv=3600
01:18:32 ipsec,debug,packet type=Encryption Algorithm, flag=0x8000, lorv=AES-CBC
01:18:32 ipsec,debug,packet type=Key Length, flag=0x8000, lorv=256
01:18:32 ipsec,debug,packet type=Authentication Method, flag=0x8000, lorv=pre-shared key
01:18:32 ipsec,debug,packet type=Hash Algorithm, flag=0x8000, lorv=MD5
01:18:32 ipsec,debug,packet type=Group Description, flag=0x8000, lorv=1024-bit MODP group
01:18:32 ipsec,debug,packet Compared: DB:Peer
01:18:32 ipsec,debug,packet (lifetime = 86400:3600)
01:18:32 ipsec,debug,packet (lifebyte = 0:0)
01:18:32 ipsec,debug,packet enctype = 3DES-CBC:AES-CBC
01:18:32 ipsec,debug,packet (encklen = 0:256)
01:18:32 ipsec,debug,packet hashtype = SHA:MD5
01:18:32 ipsec,debug,packet authmethod = pre-shared key:pre-shared key
01:18:32 ipsec,debug,packet dh_group = 1024-bit MODP group:1024-bit MODP group
01:18:32 ipsec,debug,packet prop#=1, prot-id=ISAKMP, spi-size=0, #trns=6
01:18:32 ipsec,debug,packet trns#=3, trns-id=IKE
01:18:32 ipsec,debug,packet type=Life Type, flag=0x8000, lorv=seconds
01:18:32 ipsec,debug,packet type=Life Duration, flag=0x8000, lorv=3600
01:18:32 ipsec,debug,packet type=Encryption Algorithm, flag=0x8000, lorv=AES-CBC
01:18:32 ipsec,debug,packet type=Key Length, flag=0x8000, lorv=128
01:18:32 ipsec,debug,packet type=Authentication Method, flag=0x8000, lorv=pre-shared key
01:18:32 ipsec,debug,packet type=Hash Algorithm, flag=0x8000, lorv=SHA
01:18:32 ipsec,debug,packet type=Group Description, flag=0x8000, lorv=1024-bit MODP group
01:18:32 ipsec,debug,packet Compared: DB:Peer
01:18:32 ipsec,debug,packet (lifetime = 86400:3600)
01:18:32 ipsec,debug,packet (lifebyte = 0:0)
01:18:32 ipsec,debug,packet enctype = 3DES-CBC:AES-CBC
01:18:32 ipsec,debug,packet (encklen = 0:128)
01:18:32 ipsec,debug,packet hashtype = SHA:SHA
01:18:32 ipsec,debug,packet authmethod = pre-shared key:pre-shared key
01:18:32 ipsec,debug,packet dh_group = 1024-bit MODP group:1024-bit MODP group
01:18:32 ipsec,debug,packet prop#=1, prot-id=ISAKMP, spi-size=0, #trns=6
01:18:32 ipsec,debug,packet trns#=4, trns-id=IKE
01:18:32 ipsec,debug,packet type=Life Type, flag=0x8000, lorv=seconds
01:18:32 ipsec,debug,packet type=Life Duration, flag=0x8000, lorv=3600
01:18:32 ipsec,debug,packet type=Encryption Algorithm, flag=0x8000, lorv=AES-CBC
01:18:32 ipsec,debug,packet type=Key Length, flag=0x8000, lorv=128
01:18:32 ipsec,debug,packet type=Authentication Method, flag=0x8000, lorv=pre-shared key
01:18:32 ipsec,debug,packet type=Hash Algorithm, flag=0x8000, lorv=MD5
01:18:32 ipsec,debug,packet type=Group Description, flag=0x8000, lorv=1024-bit MODP group
01:18:32 ipsec,debug,packet Compared: DB:Peer
01:18:32 ipsec,debug,packet (lifetime = 86400:3600)
01:18:32 ipsec,debug,packet (lifebyte = 0:0)
01:18:32 ipsec,debug,packet enctype = 3DES-CBC:AES-CBC
01:18:32 ipsec,debug,packet (encklen = 0:128)
01:18:32 ipsec,debug,packet hashtype = SHA:MD5
01:18:32 ipsec,debug,packet authmethod = pre-shared key:pre-shared key
01:18:32 ipsec,debug,packet dh_group = 1024-bit MODP group:1024-bit MODP group
01:18:32 ipsec,debug,packet prop#=1, prot-id=ISAKMP, spi-size=0, #trns=6
01:18:32 ipsec,debug,packet trns#=5, trns-id=IKE
01:18:32 ipsec,debug,packet type=Life Type, flag=0x8000, lorv=seconds
01:18:32 ipsec,debug,packet type=Life Duration, flag=0x8000, lorv=3600
01:18:32 ipsec,debug,packet type=Encryption Algorithm, flag=0x8000, lorv=3DES-CBC
01:18:32 ipsec,debug,packet type=Authentication Method, flag=0x8000, lorv=pre-shared key
01:18:32 ipsec,debug,packet type=Hash Algorithm, flag=0x8000, lorv=SHA
01:18:32 ipsec,debug,packet type=Group Description, flag=0x8000, lorv=1024-bit MODP group
01:18:32 ipsec,debug,packet Compared: DB:Peer
01:18:32 ipsec,debug,packet (lifetime = 86400:3600)
01:18:32 ipsec,debug,packet (lifebyte = 0:0)
01:18:32 ipsec,debug,packet enctype = 3DES-CBC:3DES-CBC
01:18:32 ipsec,debug,packet (encklen = 0:0)
01:18:32 ipsec,debug,packet hashtype = SHA:SHA
01:18:32 ipsec,debug,packet authmethod = pre-shared key:pre-shared key
01:18:32 ipsec,debug,packet dh_group = 1024-bit MODP group:1024-bit MODP group
01:18:32 ipsec,debug,packet an acceptable proposal found.
01:18:32 ipsec,debug,packet hmac(modp1024)
01:18:32 ipsec,debug,packet agreed on pre-shared key auth.
01:18:32 ipsec,debug,packet ===
01:18:32 ipsec,debug,packet new cookie:
01:18:32 ipsec,debug,packet e2507dc2b7071b5e
01:18:32 ipsec,debug,packet add payload of len 48, next type 13
01:18:32 ipsec,debug,packet add payload of len 16, next type 13
01:18:32 ipsec,debug,packet add payload of len 16, next type 0
01:18:32 ipsec,debug,packet 120 bytes from 192.168.88.1[500] to 192.168.3.241[500]
01:18:32 ipsec,debug,packet sockname 192.168.88.1[500]
01:18:32 ipsec,debug,packet send packet from 192.168.88.1[500]
01:18:32 ipsec,debug,packet send packet to 192.168.3.241[500]
01:18:32 ipsec,debug,packet src4 192.168.88.1[500]
01:18:32 ipsec,debug,packet dst4 192.168.3.241[500]
01:18:32 ipsec,debug,packet 1 times of 120 bytes message will be sent to 192.168.3.241[500]
01:18:32 ipsec,debug,packet 8a808153 6a6a57f2 e2507dc2 b7071b5e 01100200 00000000 00000078 0d000034
01:18:32 ipsec,debug,packet 00000001 00000001 00000028 01010001 00000020 05010000 800b0001 800c0e10
01:18:32 ipsec,debug,packet 80010005 80030001 80020002 80040002 0d000014 4a131c81 07035845 5c5728f2
01:18:32 ipsec,debug,packet 0e95452f 00000014 afcad713 68a1f1c9 6b8696fc 77570100
01:18:32 ipsec,debug,packet resend phase1 packet 8a8081536a6a57f2:e2507dc2b7071b5e
01:18:32 ipsec,debug,packet ==========
01:18:32 ipsec,debug,packet 228 bytes message received from 192.168.3.241[500] to 192.168.88.1[500]
01:18:32 ipsec,debug,packet 8a808153 6a6a57f2 e2507dc2 b7071b5e 04100200 00000000 000000e4 0a000084
01:18:32 ipsec,debug,packet 3b59b769 4ac10fa9 c14266da f191ea84 1008fe46 5b2bb267 d1b4c012 7fce679d
01:18:32 ipsec,debug,packet 3571cc3d 69514327 95272749 7a040e5e 25dcd294 1174ebf4 6ccf9df1 daff5147
01:18:32 ipsec,debug,packet 287f8485 54fa2e3e ae266387 1fc223ca 4480c2c0 efee712c d428e8e0 80c46b55
01:18:32 ipsec,debug,packet 40c2090a e1bd9f92 17e03fb1 574872ca 2cfcb818 4501aaeb 9e2ff579 f54a48ea
01:18:32 ipsec,debug,packet 14000014 cd7b9520 6d01a4f3 b395f1f8 e7978e82 14000018 36963261 5be7a4ba
01:18:32 ipsec,debug,packet ff07e4f9 491a564c 00176007 00000018 da94f81b b8fa67f9 d03da8b5 225e54e8
01:18:32 ipsec,debug,packet 5a004748
01:18:32 ipsec,debug,packet begin.
01:18:32 ipsec,debug,packet seen nptype=4(ke)
01:18:32 ipsec,debug,packet seen nptype=10(nonce)
01:18:32 ipsec,debug,packet seen nptype=20(nat-d)
01:18:32 ipsec,debug,packet seen nptype=20(nat-d)
01:18:32 ipsec,debug,packet succeed.
01:18:32 ipsec,debug Hashing 192.168.88.1[500] with algo #2
01:18:32 ipsec,debug,packet hash(sha1)
01:18:32 ipsec,debug NAT-D payload #0 verified
01:18:32 ipsec,debug Hashing 192.168.3.241[500] with algo #2
01:18:32 ipsec,debug,packet hash(sha1)
01:18:32 ipsec,debug NAT-D payload #1 verified
01:18:32 ipsec,debug NAT not detected
01:18:32 ipsec,debug,packet ===
01:18:32 ipsec,debug,packet compute DH's private.
01:18:32 ipsec,debug,packet 6e19074a d8e2afad f44eb20b 2bd835b0 7fa09043 d1c90dd7 7d6565b9 896634b4
01:18:32 ipsec,debug,packet 895f78f9 584db05e 4ca67f99 9756fdf6 91c61174 bfa324cc 995192f0 0de426c1
01:18:32 ipsec,debug,packet e5cbfc40 09dd7e5a 74ff9137 b5206d98 965bd22e 0c4982b4 ce114e28 8e6cea9f
01:18:32 ipsec,debug,packet c5af0a10 06aebca0 15bd0b67 883d03eb 15e3f6d4 a3964c01 aba28732 e55a3cee
01:18:32 ipsec,debug,packet compute DH's public.
01:18:32 ipsec,debug,packet 22fd61fa 8b2044fa 81bc11f4 2e99ca16 5f972b05 6eab066f 17cb0ea5 55854e43
01:18:32 ipsec,debug,packet be6265ba d3f49991 3421e246 b8bf0e51 e75e06c7 426a9d73 c2613552 d478a921
01:18:32 ipsec,debug,packet b65ba5ff 0f742cb2 e329bf63 95ad3a8c 013a8d99 494ba8be 1e976c9e 152a0b45
01:18:32 ipsec,debug,packet dd67e082 d1e1859d 1b2b1703 d0f66ef9 5a7bf122 bd68208f 2d637fa8 1f15dd56
01:18:32 ipsec,debug Hashing 192.168.3.241[500] with algo #2
01:18:32 ipsec,debug,packet hash(sha1)
01:18:32 ipsec,debug Hashing 192.168.88.1[500] with algo #2
01:18:32 ipsec,debug,packet hash(sha1)
01:18:32 ipsec,debug Adding remote and local NAT-D payloads.
01:18:32 ipsec,debug,packet add payload of len 128, next type 10
01:18:32 ipsec,debug,packet add payload of len 24, next type 20
01:18:32 ipsec,debug,packet add payload of len 20, next type 20
01:18:32 ipsec,debug,packet add payload of len 20, next type 0
01:18:32 ipsec,debug,packet 236 bytes from 192.168.88.1[500] to 192.168.3.241[500]
01:18:32 ipsec,debug,packet sockname 192.168.88.1[500]
01:18:32 ipsec,debug,packet send packet from 192.168.88.1[500]
01:18:32 ipsec,debug,packet send packet to 192.168.3.241[500]
01:18:32 ipsec,debug,packet src4 192.168.88.1[500]
01:18:32 ipsec,debug,packet dst4 192.168.3.241[500]
01:18:32 ipsec,debug,packet 1 times of 236 bytes message will be sent to 192.168.3.241[500]
01:18:32 ipsec,debug,packet 8a808153 6a6a57f2 e2507dc2 b7071b5e 04100200 00000000 000000ec 0a000084
01:18:32 ipsec,debug,packet 22fd61fa 8b2044fa 81bc11f4 2e99ca16 5f972b05 6eab066f 17cb0ea5 55854e43
01:18:32 ipsec,debug,packet be6265ba d3f49991 3421e246 b8bf0e51 e75e06c7 426a9d73 c2613552 d478a921
01:18:32 ipsec,debug,packet b65ba5ff 0f742cb2 e329bf63 95ad3a8c 013a8d99 494ba8be 1e976c9e 152a0b45
01:18:32 ipsec,debug,packet dd67e082 d1e1859d 1b2b1703 d0f66ef9 5a7bf122 bd68208f 2d637fa8 1f15dd56
01:18:32 ipsec,debug,packet 1400001c 8776391b 46537a0c bf1df85e 7d8daffe 8af27736 e48ca195 14000018
01:18:32 ipsec,debug,packet da94f81b b8fa67f9 d03da8b5 225e54e8 5a004748 00000018 36963261 5be7a4ba
01:18:32 ipsec,debug,packet ff07e4f9 491a564c 00176007
01:18:32 ipsec,debug,packet resend phase1 packet 8a8081536a6a57f2:e2507dc2b7071b5e
01:18:32 ipsec,debug,packet compute DH's shared.
01:18:32 ipsec,debug,packet
01:18:32 ipsec,debug,packet 55d9fb64 c766b5b6 fc84fdd5 b1003a78 92f76b31 80bed9ab d30d50b1 2b14a051
01:18:32 ipsec,debug,packet d0e45566 d9562cda 34285f43 130b65b9 18e30b8e 5607510d 9c2abf4d 129df2a7
01:18:32 ipsec,debug,packet d10971b3 d298faa3 2eace331 284ab1d7 dc96e679 245fdec9 dc56b152 f20e7dc1
01:18:32 ipsec,debug,packet ecebdf4d 50d5e928 09dc7ab7 3a2fa1e1 a78de3af df936639 fba79cdd 2a2b4e2d
01:18:32 ipsec,debug,packet the psk found.
01:18:32 ipsec,debug,packet nonce 1:
01:18:32 ipsec,debug,packet cd7b9520 6d01a4f3 b395f1f8 e7978e82
01:18:32 ipsec,debug,packet nonce 2:
01:18:32 ipsec,debug,packet 8776391b 46537a0c bf1df85e 7d8daffe 8af27736 e48ca195
01:18:32 ipsec,debug,packet hmac(hmac_sha1)
01:18:32 ipsec,debug,packet SKEYID computed:
01:18:32 ipsec,debug,packet 6de63c7e 87f40ac4 9ff0c772 28164e68 84c4a034
01:18:32 ipsec,debug,packet hmac(hmac_sha1)
01:18:32 ipsec,debug,packet SKEYID_d computed:
01:18:32 ipsec,debug,packet c6389f62 afe02f64 f69ec083 905f1a14 750e1fcd
01:18:32 ipsec,debug,packet hmac(hmac_sha1)
01:18:32 ipsec,debug,packet SKEYID_a computed:
01:18:32 ipsec,debug,packet 91fdedd2 517953cb 871278d8 0b4a1603 e6ab4b82
01:18:32 ipsec,debug,packet hmac(hmac_sha1)
01:18:32 ipsec,debug,packet SKEYID_e computed:
01:18:32 ipsec,debug,packet ac1cf71b ea52126d e5eafdbf de7f950f 26493bc8
01:18:32 ipsec,debug,packet encryption(3des)
01:18:32 ipsec,debug,packet hash(sha1)
01:18:32 ipsec,debug,packet len(SKEYID_e) < len(Ka) (20 < 24), generating long key (Ka = K1 | K2 | ...)
01:18:32 ipsec,debug,packet hmac(hmac_sha1)
01:18:32 ipsec,debug,packet compute intermediate encryption key K1
01:18:32 ipsec,debug,packet 00
01:18:32 ipsec,debug,packet 0ae48904 e46f100b 64980a89 4ff2da99 cfa96958
01:18:32 ipsec,debug,packet hmac(hmac_sha1)
01:18:32 ipsec,debug,packet compute intermediate encryption key K2
01:18:32 ipsec,debug,packet 0ae48904 e46f100b 64980a89 4ff2da99 cfa96958
01:18:32 ipsec,debug,packet f855e258 7d68c917 fc16abb0 9398530f c4b38466
01:18:32 ipsec,debug,packet final encryption key computed:
01:18:32 ipsec,debug,packet 0ae48904 e46f100b 64980a89 4ff2da99 cfa96958 f855e258
01:18:32 ipsec,debug,packet hash(sha1)
01:18:32 ipsec,debug,packet encryption(3des)
01:18:32 ipsec,debug,packet IV computed:
01:18:32 ipsec,debug,packet 765014d0 059597ae
01:18:32 ipsec,debug,packet ==========
01:18:32 ipsec,debug,packet 100 bytes message received from 192.168.3.241[500] to 192.168.88.1[500]
01:18:32 ipsec,debug,packet 8a808153 6a6a57f2 e2507dc2 b7071b5e 05100201 00000000 00000064 57ce3323
01:18:32 ipsec,debug,packet 23c87af4 59387a74 1a7bb5af 0ed679cc 30a25f49 14f47960 279ecb37 fedfa10a
01:18:32 ipsec,debug,packet 674716ad d324e363 5a609235 c7905ea4 24d19845 c8a71403 2404f095 2f1810ac
01:18:32 ipsec,debug,packet 20e09ee8
01:18:32 ipsec,debug,packet encryption(3des)
01:18:32 ipsec,debug,packet IV was saved for next processing:
01:18:32 ipsec,debug,packet 2f1810ac 20e09ee8
01:18:32 ipsec,debug,packet encryption(3des)
01:18:32 ipsec,debug,packet with key:
01:18:32 ipsec,debug,packet 0ae48904 e46f100b 64980a89 4ff2da99 cfa96958 f855e258
01:18:32 ipsec,debug,packet decrypted payload by IV:
01:18:32 ipsec,debug,packet 765014d0 059597ae
01:18:32 ipsec,debug,packet decrypted payload, but not trimed.
01:18:32 ipsec,debug,packet 0800000c 011101f4 c0a803f1 0b000018 8309c2f5 9d16a76b 3b22d274 4a748de4
01:18:32 ipsec,debug,packet d0668b61 0000001c 00000001 01106002 8a808153 6a6a57f2 e2507dc2 b7071b5e
01:18:32 ipsec,debug,packet 00000000 00000008
01:18:32 ipsec,debug,packet padding len=9
01:18:32 ipsec,debug,packet skip to trim padding.
01:18:32 ipsec,debug,packet decrypted.
01:18:32 ipsec,debug,packet 8a808153 6a6a57f2 e2507dc2 b7071b5e 05100201 00000000 00000064 0800000c
01:18:32 ipsec,debug,packet 011101f4 c0a803f1 0b000018 8309c2f5 9d16a76b 3b22d274 4a748de4 d0668b61
01:18:32 ipsec,debug,packet 0000001c 00000001 01106002 8a808153 6a6a57f2 e2507dc2 b7071b5e 00000000
01:18:32 ipsec,debug,packet 00000008
01:18:32 ipsec,debug,packet begin.
01:18:32 ipsec,debug,packet seen nptype=5(id)
01:18:32 ipsec,debug,packet seen nptype=8(hash)
01:18:32 ipsec,debug,packet seen nptype=11(notify)
01:18:32 ipsec,debug,packet succeed.
01:18:32 ipsec,debug,packet Notify Message received
01:18:32 ipsec,debug ignore INITIAL-CONTACT notification, because it is only accepted after phase1.
01:18:32 ipsec,debug,packet HASH received:
01:18:32 ipsec,debug,packet 8309c2f5 9d16a76b 3b22d274 4a748de4 d0668b61
01:18:32 ipsec,debug,packet HASH with:
01:18:32 ipsec,debug,packet 3b59b769 4ac10fa9 c14266da f191ea84 1008fe46 5b2bb267 d1b4c012 7fce679d
01:18:32 ipsec,debug,packet 3571cc3d 69514327 95272749 7a040e5e 25dcd294 1174ebf4 6ccf9df1 daff5147
01:18:32 ipsec,debug,packet 287f8485 54fa2e3e ae266387 1fc223ca 4480c2c0 efee712c d428e8e0 80c46b55
01:18:32 ipsec,debug,packet 40c2090a e1bd9f92 17e03fb1 574872ca 2cfcb818 4501aaeb 9e2ff579 f54a48ea
01:18:32 ipsec,debug,packet 22fd61fa 8b2044fa 81bc11f4 2e99ca16 5f972b05 6eab066f 17cb0ea5 55854e43
01:18:32 ipsec,debug,packet be6265ba d3f49991 3421e246 b8bf0e51 e75e06c7 426a9d73 c2613552 d478a921
01:18:32 ipsec,debug,packet b65ba5ff 0f742cb2 e329bf63 95ad3a8c 013a8d99 494ba8be 1e976c9e 152a0b45
01:18:32 ipsec,debug,packet dd67e082 d1e1859d 1b2b1703 d0f66ef9 5a7bf122 bd68208f 2d637fa8 1f15dd56
01:18:32 ipsec,debug,packet 8a808153 6a6a57f2 e2507dc2 b7071b5e 00000001 00000001 000000d8 01010006
01:18:32 ipsec,debug,packet 03000024 01010000 800b0001 800c0e10 80010007 800e0100 80030001 80020002
01:18:32 ipsec,debug,packet 80040002 03000024 02010000 800b0001 800c0e10 80010007 800e0100 80030001
01:18:32 ipsec,debug,packet 80020001 80040002 03000024 03010000 800b0001 800c0e10 80010007 800e0080
01:18:32 ipsec,debug,packet 80030001 80020002 80040002 03000024 04010000 800b0001 800c0e10 80010007
01:18:32 ipsec,debug,packet 800e0080 80030001 80020001 80040002 03000020 05010000 800b0001 800c0e10
01:18:32 ipsec,debug,packet 80010005 80030001 80020002 80040002 00000020 06010000 800b0001 800c0e10
01:18:32 ipsec,debug,packet 80010005 80030001 80020001 80040002 011101f4 c0a803f1
01:18:32 ipsec,debug,packet hmac(hmac_sha1)
01:18:32 ipsec,debug,packet HASH computed:
01:18:32 ipsec,debug,packet 8309c2f5 9d16a76b 3b22d274 4a748de4 d0668b61
01:18:32 ipsec,debug,packet HASH for PSK validated.
01:18:32 ipsec,debug,packet peer's ID
01:18:32 ipsec,debug,packet 011101f4 c0a803f1
01:18:32 ipsec,debug,packet ===
01:18:32 ipsec,debug,packet use ID type of IPv4_address
01:18:32 ipsec,debug,packet generate HASH_R
01:18:32 ipsec,debug,packet HASH with:
01:18:32 ipsec,debug,packet 22fd61fa 8b2044fa 81bc11f4 2e99ca16 5f972b05 6eab066f 17cb0ea5 55854e43
01:18:32 ipsec,debug,packet be6265ba d3f49991 3421e246 b8bf0e51 e75e06c7 426a9d73 c2613552 d478a921
01:18:32 ipsec,debug,packet b65ba5ff 0f742cb2 e329bf63 95ad3a8c 013a8d99 494ba8be 1e976c9e 152a0b45
01:18:32 ipsec,debug,packet dd67e082 d1e1859d 1b2b1703 d0f66ef9 5a7bf122 bd68208f 2d637fa8 1f15dd56
01:18:32 ipsec,debug,packet 3b59b769 4ac10fa9 c14266da f191ea84 1008fe46 5b2bb267 d1b4c012 7fce679d
01:18:32 ipsec,debug,packet 3571cc3d 69514327 95272749 7a040e5e 25dcd294 1174ebf4 6ccf9df1 daff5147
01:18:32 ipsec,debug,packet 287f8485 54fa2e3e ae266387 1fc223ca 4480c2c0 efee712c d428e8e0 80c46b55
01:18:32 ipsec,debug,packet 40c2090a e1bd9f92 17e03fb1 574872ca 2cfcb818 4501aaeb 9e2ff579 f54a48ea
01:18:32 ipsec,debug,packet e2507dc2 b7071b5e 8a808153 6a6a57f2 00000001 00000001 000000d8 01010006
01:18:32 ipsec,debug,packet 03000024 01010000 800b0001 800c0e10 80010007 800e0100 80030001 80020002
01:18:32 ipsec,debug,packet 80040002 03000024 02010000 800b0001 800c0e10 80010007 800e0100 80030001
01:18:32 ipsec,debug,packet 80020001 80040002 03000024 03010000 800b0001 800c0e10 80010007 800e0080
01:18:32 ipsec,debug,packet 80030001 80020002 80040002 03000024 04010000 800b0001 800c0e10 80010007
01:18:32 ipsec,debug,packet 800e0080 80030001 80020001 80040002 03000020 05010000 800b0001 800c0e10
01:18:32 ipsec,debug,packet 80010005 80030001 80020002 80040002 00000020 06010000 800b0001 800c0e10
01:18:32 ipsec,debug,packet 80010005 80030001 80020001 80040002 011101f4 c0a85801
01:18:32 ipsec,debug,packet hmac(hmac_sha1)
01:18:32 ipsec,debug,packet HASH computed:
01:18:32 ipsec,debug,packet 48295969 6978e8e4 9337d81e e7dc9023 21de7d57
01:18:32 ipsec,debug,packet add payload of len 8, next type 8
01:18:32 ipsec,debug,packet add payload of len 20, next type 0
01:18:32 ipsec,debug,packet begin encryption.
01:18:32 ipsec,debug,packet encryption(3des)
01:18:32 ipsec,debug,packet pad length = 4
01:18:32 ipsec,debug,packet 0800000c 011101f4 c0a85801 00000018 48295969 6978e8e4 9337d81e e7dc9023
01:18:32 ipsec,debug,packet 21de7d57 0cf57303
01:18:32 ipsec,debug,packet encryption(3des)
01:18:32 ipsec,debug,packet with key:
01:18:32 ipsec,debug,packet 0ae48904 e46f100b 64980a89 4ff2da99 cfa96958 f855e258
01:18:32 ipsec,debug,packet encrypted payload by IV:
01:18:32 ipsec,debug,packet 2f1810ac 20e09ee8
01:18:32 ipsec,debug,packet save IV for next:
01:18:32 ipsec,debug,packet 7df619ef 618c537e
01:18:32 ipsec,debug,packet encrypted.
01:18:32 ipsec,debug,packet 68 bytes from 192.168.88.1[500] to 192.168.3.241[500]
01:18:32 ipsec,debug,packet sockname 192.168.88.1[500]
01:18:32 ipsec,debug,packet send packet from 192.168.88.1[500]
01:18:32 ipsec,debug,packet send packet to 192.168.3.241[500]
01:18:32 ipsec,debug,packet src4 192.168.88.1[500]
01:18:32 ipsec,debug,packet dst4 192.168.3.241[500]
01:18:32 ipsec,debug,packet 1 times of 68 bytes message will be sent to 192.168.3.241[500]
01:18:32 ipsec,debug,packet 8a808153 6a6a57f2 e2507dc2 b7071b5e 05100201 00000000 00000044 680414d1
01:18:32 ipsec,debug,packet f54271ad 57d304a1 97f6c9f2 d3a9fcf3 b31a2bc4 ace0745c 0b0c50ed 7df619ef
01:18:32 ipsec,debug,packet 618c537e
01:18:32 ipsec,debug ISAKMP-SA established 192.168.88.1[500]-192.168.3.241[500] spi:8a8081536a6a57f2:e2507dc2b7071b5e
01:18:32 ipsec,debug,packet ===
01:18:33 ipsec,debug,packet ==========
01:18:33 ipsec,debug,packet 284 bytes message received from 192.168.3.241[500] to 192.168.88.1[500]
01:18:33 ipsec,debug,packet 8a808153 6a6a57f2 e2507dc2 b7071b5e 08102001 e35fffe1 0000011c 018086b3
01:18:33 ipsec,debug,packet 460f93c8 56807154 c7950420 c965e603 e4dcbd9d ab23f1fd f937e06d de87a529
01:18:33 ipsec,debug,packet aeeb3087 f658ca3b 11256932 94bd9e1a 0c36d58f 5cda4812 7724572f 8d993691
01:18:33 ipsec,debug,packet 12326bfa 772bf8f6 85ed9e2b 81dbe5ad c44e324b 292cc9ae 4b50bbed 02c100d6
01:18:33 ipsec,debug,packet dda81dfb e2329c5d c3921067 6063424b 28b22287 e1ed850e 8690dbfe cd54eeef
01:18:33 ipsec,debug,packet 193bfdde e18f5bf1 82c200db 71f7dd21 82229040 a0f75c9c b8666bb0 5c459a8f
01:18:33 ipsec,debug,packet 1f36ad42 547711a2 8666b61c cd8b8761 73194209 e8df6a3c 0442160b 9bd59889
01:18:33 ipsec,debug,packet c9699b72 2e4a3a7a fe0a67df acff7968 82e32231 4115bb3e cced4966 a3490e61
01:18:33 ipsec,debug,packet 237c8886 07cdcdf7 fbae4bed ea838adc 38c6f3cb 12692f93 fb4d1880
01:18:33 ipsec,debug,packet compute IV for phase2
01:18:33 ipsec,debug,packet phase1 last IV:
01:18:33 ipsec,debug,packet 7df619ef 618c537e e35fffe1
01:18:33 ipsec,debug,packet hash(sha1)
01:18:33 ipsec,debug,packet encryption(3des)
01:18:33 ipsec,debug,packet phase2 IV computed:
01:18:33 ipsec,debug,packet d6f99866 8081f1f6
01:18:33 ipsec,debug,packet ===
01:18:33 ipsec,debug respond new phase 2 negotiation: 192.168.88.1[500]<=>192.168.3.241[500]
01:18:33 ipsec,debug,packet encryption(3des)
01:18:33 ipsec,debug,packet IV was saved for next processing:
01:18:33 ipsec,debug,packet 12692f93 fb4d1880
01:18:33 ipsec,debug,packet encryption(3des)
01:18:33 ipsec,debug,packet with key:
01:18:33 ipsec,debug,packet 0ae48904 e46f100b 64980a89 4ff2da99 cfa96958 f855e258
01:18:33 ipsec,debug,packet decrypted payload by IV:
01:18:33 ipsec,debug,packet d6f99866 8081f1f6
01:18:33 ipsec,debug,packet decrypted payload, but not trimed.
01:18:33 ipsec,debug,packet 01000018 9fe6c691 3f6600c9 585f9584 8f7f300e 0b5ef1ce 0a0000b8 00000001
01:18:33 ipsec,debug,packet 00000001 000000ac 01030406 08ba6520 0300001c 010c0000 80010001 80020e10
01:18:33 ipsec,debug,packet 80040002 80060100 80050002 0300001c 020c0000 80010001 80020e10 80040002
01:18:33 ipsec,debug,packet 80060100 80050001 0300001c 030c0000 80010001 80020e10 80040002 80060080
01:18:33 ipsec,debug,packet 80050002 0300001c 040c0000 80010001 80020e10 80040002 80060080 80050001
01:18:33 ipsec,debug,packet 03000018 05030000 80010001 80020e10 80040002 80050002 00000018 06030000
01:18:33 ipsec,debug,packet 80010001 80020e10 80040002 80050001 05000014 99ae010e b8a47fe7 488a395e
01:18:33 ipsec,debug,packet 2561a840 0500000c 0111c2ac c0a803f1 0000000c 011106a5 c0a85801 00000004
01:18:33 ipsec,debug,packet padding len=5
01:18:33 ipsec,debug,packet skip to trim padding.
01:18:33 ipsec,debug,packet decrypted.
01:18:33 ipsec,debug,packet 8a808153 6a6a57f2 e2507dc2 b7071b5e 08102001 e35fffe1 0000011c 01000018
01:18:33 ipsec,debug,packet 9fe6c691 3f6600c9 585f9584 8f7f300e 0b5ef1ce 0a0000b8 00000001 00000001
01:18:33 ipsec,debug,packet 000000ac 01030406 08ba6520 0300001c 010c0000 80010001 80020e10 80040002
01:18:33 ipsec,debug,packet 80060100 80050002 0300001c 020c0000 80010001 80020e10 80040002 80060100
01:18:33 ipsec,debug,packet 80050001 0300001c 030c0000 80010001 80020e10 80040002 80060080 80050002
01:18:33 ipsec,debug,packet 0300001c 040c0000 80010001 80020e10 80040002 80060080 80050001 03000018
01:18:33 ipsec,debug,packet 05030000 80010001 80020e10 80040002 80050002 00000018 06030000 80010001
01:18:33 ipsec,debug,packet 80020e10 80040002 80050001 05000014 99ae010e b8a47fe7 488a395e 2561a840
01:18:33 ipsec,debug,packet 0500000c 0111c2ac c0a803f1 0000000c 011106a5 c0a85801 00000004
01:18:33 ipsec,debug,packet begin.
01:18:33 ipsec,debug,packet seen nptype=8(hash)
01:18:33 ipsec,debug,packet seen nptype=1(sa)
01:18:33 ipsec,debug,packet seen nptype=10(nonce)
01:18:33 ipsec,debug,packet seen nptype=5(id)
01:18:33 ipsec,debug,packet seen nptype=5(id)
01:18:33 ipsec,debug,packet succeed.
01:18:33 ipsec,debug,packet received IDci2:
01:18:33 ipsec,debug,packet 0111c2ac c0a803f1
01:18:33 ipsec,debug,packet received IDcr2:
01:18:33 ipsec,debug,packet 011106a5 c0a85801
01:18:33 ipsec,debug,packet HASH(1) validate:
01:18:33 ipsec,debug,packet 9fe6c691 3f6600c9 585f9584 8f7f300e 0b5ef1ce
01:18:33 ipsec,debug,packet HASH with:
01:18:33 ipsec,debug,packet e35fffe1 0a0000b8 00000001 00000001 000000ac 01030406 08ba6520 0300001c
01:18:33 ipsec,debug,packet 010c0000 80010001 80020e10 80040002 80060100 80050002 0300001c 020c0000
01:18:33 ipsec,debug,packet 80010001 80020e10 80040002 80060100 80050001 0300001c 030c0000 80010001
01:18:33 ipsec,debug,packet 80020e10 80040002 80060080 80050002 0300001c 040c0000 80010001 80020e10
01:18:33 ipsec,debug,packet 80040002 80060080 80050001 03000018 05030000 80010001 80020e10 80040002
01:18:33 ipsec,debug,packet 80050002 00000018 06030000 80010001 80020e10 80040002 80050001 05000014
01:18:33 ipsec,debug,packet 99ae010e b8a47fe7 488a395e 2561a840 0500000c 0111c2ac c0a803f1 0000000c
01:18:33 ipsec,debug,packet 011106a5 c0a85801
01:18:33 ipsec,debug,packet hmac(hmac_sha1)
01:18:33 ipsec,debug,packet HASH computed:
01:18:33 ipsec,debug,packet 9fe6c691 3f6600c9 585f9584 8f7f300e 0b5ef1ce
01:18:33 ipsec,debug,packet anonymous sainfo selected.
01:18:33 ipsec,debug,packet get sa info: anonymous
01:18:33 ipsec,debug,packet get a src address from ID payload 192.168.3.241[49836] prefixlen=32 ul_proto=17
01:18:33 ipsec,debug,packet get dst address from ID payload 192.168.88.1[1701] prefixlen=32 ul_proto=17
01:18:33 ipsec,debug,packet 0x7f864440 masked with /32: 192.168.3.241[49836]
01:18:33 ipsec,debug,packet 0x491a18 masked with /32: 192.168.3.241[0]
01:18:33 ipsec,debug,packet 0x7f864440 masked with /32: 192.168.88.1[1701]
01:18:33 ipsec,debug,packet 0x491a18 masked with /32: 192.168.88.1[0]
01:18:33 ipsec,debug Update the generated policy : 192.168.3.241/32[49836] 192.168.88.1/32[1701] proto=udp dir=in
01:18:33 ipsec,debug,packet 0x7f864440 masked with /32: 192.168.88.1[1701]
01:18:33 ipsec,debug,packet 0x491de8 masked with /32: 192.168.88.1[0]
01:18:33 ipsec,debug,packet 0x7f864440 masked with /32: 192.168.3.241[49836]
01:18:33 ipsec,debug,packet 0x491de8 masked with /32: 192.168.3.241[0]
01:18:33 ipsec,debug,packet suitable SP found:192.168.88.1/32[1701] 192.168.3.241/32[49836] proto=udp dir=out
01:18:33 ipsec,debug,packet (proto_id=ESP spisize=4 spi=00000000 spi_p=00000000 encmode=Transport reqid=0:0)
01:18:33 ipsec,debug,packet (trns_id=3DES encklen=0 authtype=hmac-sha)
01:18:33 ipsec,debug,packet (trns_id=AES encklen=128 authtype=hmac-sha)
01:18:33 ipsec,debug,packet (trns_id=AES encklen=192 authtype=hmac-sha)
01:18:33 ipsec,debug,packet (trns_id=AES encklen=256 authtype=hmac-sha)
01:18:33 ipsec,debug,packet total SA len=180
01:18:33 ipsec,debug,packet 00000001 00000001 000000ac 01030406 08ba6520 0300001c 010c0000 80010001
01:18:33 ipsec,debug,packet 80020e10 80040002 80060100 80050002 0300001c 020c0000 80010001 80020e10
01:18:33 ipsec,debug,packet 80040002 80060100 80050001 0300001c 030c0000 80010001 80020e10 80040002
01:18:33 ipsec,debug,packet 80060080 80050002 0300001c 040c0000 80010001 80020e10 80040002 80060080
01:18:33 ipsec,debug,packet 80050001 03000018 05030000 80010001 80020e10 80040002 80050002 00000018
01:18:33 ipsec,debug,packet 06030000 80010001 80020e10 80040002 80050001
01:18:33 ipsec,debug,packet begin.
01:18:33 ipsec,debug,packet seen nptype=2(prop)
01:18:33 ipsec,debug,packet succeed.
01:18:33 ipsec,debug,packet proposal #1 len=172
01:18:33 ipsec,debug,packet begin.
01:18:33 ipsec,debug,packet seen nptype=3(trns)
01:18:33 ipsec,debug,packet seen nptype=3(trns)
01:18:33 ipsec,debug,packet seen nptype=3(trns)
01:18:33 ipsec,debug,packet seen nptype=3(trns)
01:18:33 ipsec,debug,packet seen nptype=3(trns)
01:18:33 ipsec,debug,packet seen nptype=3(trns)
01:18:33 ipsec,debug,packet succeed.
01:18:33 ipsec,debug,packet transform #1 len=28
01:18:33 ipsec,debug,packet type=SA Life Type, flag=0x8000, lorv=seconds
01:18:33 ipsec,debug,packet type=SA Life Duration, flag=0x8000, lorv=3600
01:18:33 ipsec,debug,packet life duration was in TLV.
01:18:33 ipsec,debug,packet type=Encryption Mode, flag=0x8000, lorv=Transport
01:18:33 ipsec,debug,packet type=Key Length, flag=0x8000, lorv=256
01:18:33 ipsec,debug,packet type=Authentication Algorithm, flag=0x8000, lorv=hmac-sha
01:18:33 ipsec,debug,packet transform #2 len=28
01:18:33 ipsec,debug,packet type=SA Life Type, flag=0x8000, lorv=seconds
01:18:33 ipsec,debug,packet type=SA Life Duration, flag=0x8000, lorv=3600
01:18:33 ipsec,debug,packet life duration was in TLV.
01:18:33 ipsec,debug,packet type=Encryption Mode, flag=0x8000, lorv=Transport
01:18:33 ipsec,debug,packet type=Key Length, flag=0x8000, lorv=256
01:18:33 ipsec,debug,packet type=Authentication Algorithm, flag=0x8000, lorv=hmac-md5
01:18:33 ipsec,debug,packet transform #3 len=28
01:18:33 ipsec,debug,packet type=SA Life Type, flag=0x8000, lorv=seconds
01:18:33 ipsec,debug,packet type=SA Life Duration, flag=0x8000, lorv=3600
01:18:33 ipsec,debug,packet life duration was in TLV.
01:18:33 ipsec,debug,packet type=Encryption Mode, flag=0x8000, lorv=Transport
01:18:33 ipsec,debug,packet type=Key Length, flag=0x8000, lorv=128
01:18:33 ipsec,debug,packet type=Authentication Algorithm, flag=0x8000, lorv=hmac-sha
01:18:33 ipsec,debug,packet transform #4 len=28
01:18:33 ipsec,debug,packet type=SA Life Type, flag=0x8000, lorv=seconds
01:18:33 ipsec,debug,packet type=SA Life Duration, flag=0x8000, lorv=3600
01:18:33 ipsec,debug,packet life duration was in TLV.
01:18:33 ipsec,debug,packet type=Encryption Mode, flag=0x8000, lorv=Transport
01:18:33 ipsec,debug,packet type=Key Length, flag=0x8000, lorv=128
01:18:33 ipsec,debug,packet type=Authentication Algorithm, flag=0x8000, lorv=hmac-md5
01:18:33 ipsec,debug,packet transform #5 len=24
01:18:33 ipsec,debug,packet type=SA Life Type, flag=0x8000, lorv=seconds
01:18:33 ipsec,debug,packet type=SA Life Duration, flag=0x8000, lorv=3600
01:18:33 ipsec,debug,packet life duration was in TLV.
01:18:33 ipsec,debug,packet type=Encryption Mode, flag=0x8000, lorv=Transport
01:18:33 ipsec,debug,packet type=Authentication Algorithm, flag=0x8000, lorv=hmac-sha
01:18:33 ipsec,debug,packet transform #6 len=24
01:18:33 ipsec,debug,packet type=SA Life Type, flag=0x8000, lorv=seconds
01:18:33 ipsec,debug,packet type=SA Life Duration, flag=0x8000, lorv=3600
01:18:33 ipsec,debug,packet life duration was in TLV.
01:18:33 ipsec,debug,packet type=Encryption Mode, flag=0x8000, lorv=Transport
01:18:33 ipsec,debug,packet type=Authentication Algorithm, flag=0x8000, lorv=hmac-md5
01:18:33 ipsec,debug,packet pair 1:
01:18:33 ipsec,debug,packet 0x490470: next=(nil) tnext=0x491718
01:18:33 ipsec,debug,packet 0x491718: next=(nil) tnext=0x491730
01:18:33 ipsec,debug,packet 0x491730: next=(nil) tnext=0x492548
01:18:33 ipsec,debug,packet 0x492548: next=(nil) tnext=0x492560
01:18:33 ipsec,debug,packet 0x492560: next=(nil) tnext=0x492578
01:18:33 ipsec,debug,packet 0x492578: next=(nil) tnext=(nil)
01:18:33 ipsec,debug,packet proposal #1: 6 transform
01:18:33 ipsec,debug,packet begin compare proposals.
01:18:33 ipsec,debug,packet pair[1]: 0x490470
01:18:33 ipsec,debug,packet 0x490470: next=(nil) tnext=0x491718
01:18:33 ipsec,debug,packet 0x491718: next=(nil) tnext=0x491730
01:18:33 ipsec,debug,packet 0x491730: next=(nil) tnext=0x492548
01:18:33 ipsec,debug,packet 0x492548: next=(nil) tnext=0x492560
01:18:33 ipsec,debug,packet 0x492560: next=(nil) tnext=0x492578
01:18:33 ipsec,debug,packet 0x492578: next=(nil) tnext=(nil)
01:18:33 ipsec,debug,packet prop#=1 prot-id=ESP spi-size=4 #trns=6 trns#=1 trns-id=AES
01:18:33 ipsec,debug,packet type=SA Life Type, flag=0x8000, lorv=seconds
01:18:33 ipsec,debug,packet type=SA Life Duration, flag=0x8000, lorv=3600
01:18:33 ipsec,debug,packet type=Encryption Mode, flag=0x8000, lorv=Transport
01:18:33 ipsec,debug,packet type=Key Length, flag=0x8000, lorv=256
01:18:33 ipsec,debug,packet type=Authentication Algorithm, flag=0x8000, lorv=hmac-sha
01:18:33 ipsec,debug,packet prop#=1 prot-id=ESP spi-size=4 #trns=6 trns#=2 trns-id=AES
01:18:33 ipsec,debug,packet type=SA Life Type, flag=0x8000, lorv=seconds
01:18:33 ipsec,debug,packet type=SA Life Duration, flag=0x8000, lorv=3600
01:18:33 ipsec,debug,packet type=Encryption Mode, flag=0x8000, lorv=Transport
01:18:33 ipsec,debug,packet type=Key Length, flag=0x8000, lorv=256
01:18:33 ipsec,debug,packet type=Authentication Algorithm, flag=0x8000, lorv=hmac-md5
01:18:33 ipsec,debug,packet prop#=1 prot-id=ESP spi-size=4 #trns=6 trns#=3 trns-id=AES
01:18:33 ipsec,debug,packet type=SA Life Type, flag=0x8000, lorv=seconds
01:18:33 ipsec,debug,packet type=SA Life Duration, flag=0x8000, lorv=3600
01:18:33 ipsec,debug,packet type=Encryption Mode, flag=0x8000, lorv=Transport
01:18:33 ipsec,debug,packet type=Key Length, flag=0x8000, lorv=128
01:18:33 ipsec,debug,packet type=Authentication Algorithm, flag=0x8000, lorv=hmac-sha
01:18:33 ipsec,debug,packet prop#=1 prot-id=ESP spi-size=4 #trns=6 trns#=4 trns-id=AES
01:18:33 ipsec,debug,packet type=SA Life Type, flag=0x8000, lorv=seconds
01:18:33 ipsec,debug,packet type=SA Life Duration, flag=0x8000, lorv=3600
01:18:33 ipsec,debug,packet type=Encryption Mode, flag=0x8000, lorv=Transport
01:18:33 ipsec,debug,packet type=Key Length, flag=0x8000, lorv=128
01:18:33 ipsec,debug,packet type=Authentication Algorithm, flag=0x8000, lorv=hmac-md5
01:18:33 ipsec,debug,packet prop#=1 prot-id=ESP spi-size=4 #trns=6 trns#=5 trns-id=3DES
01:18:33 ipsec,debug,packet type=SA Life Type, flag=0x8000, lorv=seconds
01:18:33 ipsec,debug,packet type=SA Life Duration, flag=0x8000, lorv=3600
01:18:33 ipsec,debug,packet type=Encryption Mode, flag=0x8000, lorv=Transport
01:18:33 ipsec,debug,packet type=Authentication Algorithm, flag=0x8000, lorv=hmac-sha
01:18:33 ipsec,debug,packet prop#=1 prot-id=ESP spi-size=4 #trns=6 trns#=6 trns-id=3DES
01:18:33 ipsec,debug,packet type=SA Life Type, flag=0x8000, lorv=seconds
01:18:33 ipsec,debug,packet type=SA Life Duration, flag=0x8000, lorv=3600
01:18:33 ipsec,debug,packet type=Encryption Mode, flag=0x8000, lorv=Transport
01:18:33 ipsec,debug,packet type=Authentication Algorithm, flag=0x8000, lorv=hmac-md5
01:18:33 ipsec,debug,packet peer's single bundle:
01:18:33 ipsec,debug,packet (proto_id=ESP spisize=4 spi=08ba6520 spi_p=00000000 encmode=Transport reqid=0:0)
01:18:33 ipsec,debug,packet (trns_id=AES encklen=256 authtype=hmac-sha)
01:18:33 ipsec,debug,packet (trns_id=AES encklen=256 authtype=hmac-md5)
01:18:33 ipsec,debug,packet (trns_id=AES encklen=128 authtype=hmac-sha)
01:18:33 ipsec,debug,packet (trns_id=AES encklen=128 authtype=hmac-md5)
01:18:33 ipsec,debug,packet (trns_id=3DES encklen=0 authtype=hmac-sha)
01:18:33 ipsec,debug,packet (trns_id=3DES encklen=0 authtype=hmac-md5)
01:18:33 ipsec,debug,packet my single bundle:
01:18:33 ipsec,debug,packet (proto_id=ESP spisize=4 spi=00000000 spi_p=00000000 encmode=Transport reqid=0:0)
01:18:33 ipsec,debug,packet (trns_id=3DES encklen=0 authtype=hmac-sha)
01:18:33 ipsec,debug,packet (trns_id=AES encklen=128 authtype=hmac-sha)
01:18:33 ipsec,debug,packet (trns_id=AES encklen=192 authtype=hmac-sha)
01:18:33 ipsec,debug,packet (trns_id=AES encklen=256 authtype=hmac-sha)
01:18:33 ipsec,debug trns_id mismatched: my:3DES peer:AES
01:18:33 ipsec,debug less key length proposed, mine:128 peer:256. Use initiaotr's one.
01:18:33 ipsec,debug,packet matched
01:18:33 ipsec,debug,packet ===
01:18:33 ipsec,debug,packet call pfkey_send_getspi
01:18:33 ipsec,debug,packet pfkey GETSPI sent: ESP/Transport 192.168.3.241[500]->192.168.88.1[500]
01:18:33 ipsec,debug,packet pfkey getspi sent.
01:18:33 ipsec,debug pfkey GETSPI succeeded: ESP/Transport 192.168.3.241[500]->192.168.88.1[500] spi=100469176(0x5fd09b8)
01:18:33 ipsec,debug,packet total SA len=48
01:18:33 ipsec,debug,packet 00000001 00000001 00000028 01030401 00000000 0000001c 010c0000 80010001
01:18:33 ipsec,debug,packet 80020e10 80040002 80060100 80050002
01:18:33 ipsec,debug,packet begin.
01:18:33 ipsec,debug,packet seen nptype=2(prop)
01:18:33 ipsec,debug,packet succeed.
01:18:33 ipsec,debug,packet proposal #1 len=40
01:18:33 ipsec,debug,packet begin.
01:18:33 ipsec,debug,packet seen nptype=3(trns)
01:18:33 ipsec,debug,packet succeed.
01:18:33 ipsec,debug,packet transform #1 len=28
01:18:33 ipsec,debug,packet type=SA Life Type, flag=0x8000, lorv=seconds
01:18:33 ipsec,debug,packet type=SA Life Duration, flag=0x8000, lorv=3600
01:18:33 ipsec,debug,packet life duration was in TLV.
01:18:33 ipsec,debug,packet type=Encryption Mode, flag=0x8000, lorv=Transport
01:18:33 ipsec,debug,packet type=Key Length, flag=0x8000, lorv=256
01:18:33 ipsec,debug,packet type=Authentication Algorithm, flag=0x8000, lorv=hmac-sha
01:18:33 ipsec,debug,packet pair 1:
01:18:33 ipsec,debug,packet 0x490470: next=(nil) tnext=(nil)
01:18:33 ipsec,debug,packet proposal #1: 1 transform
01:18:33 ipsec,debug,packet add payload of len 48, next type 10
01:18:33 ipsec,debug,packet add payload of len 24, next type 5
01:18:33 ipsec,debug,packet add payload of len 8, next type 5
01:18:33 ipsec,debug,packet add payload of len 8, next type 0
01:18:33 ipsec,debug,packet HASH with:
01:18:33 ipsec,debug,packet e35fffe1 99ae010e b8a47fe7 488a395e 2561a840 0a000034 00000001 00000001
01:18:33 ipsec,debug,packet 00000028 01030401 05fd09b8 0000001c 010c0000 80010001 80020e10 80040002
01:18:33 ipsec,debug,packet 80060100 80050002 0500001c a54c88ae f9c29d85 e04eb9ba 8cf0c724 284d68cd
01:18:33 ipsec,debug,packet 0d87c37d 0500000c 0111c2ac c0a803f1 0000000c 011106a5 c0a85801
01:18:33 ipsec,debug,packet hmac(hmac_sha1)
01:18:33 ipsec,debug,packet HASH computed:
01:18:33 ipsec,debug,packet 19744534 52192850 f5c5fc5f 7c54d923 c138ba79
01:18:33 ipsec,debug,packet add payload of len 20, next type 1
01:18:33 ipsec,debug,packet begin encryption.
01:18:33 ipsec,debug,packet encryption(3des)
01:18:33 ipsec,debug,packet pad length = 8
01:18:33 ipsec,debug,packet 01000018 19744534 52192850 f5c5fc5f 7c54d923 c138ba79 0a000034 00000001
01:18:33 ipsec,debug,packet 00000001 00000028 01030401 05fd09b8 0000001c 010c0000 80010001 80020e10
01:18:33 ipsec,debug,packet 80040002 80060100 80050002 0500001c a54c88ae f9c29d85 e04eb9ba 8cf0c724
01:18:33 ipsec,debug,packet 284d68cd 0d87c37d 0500000c 0111c2ac c0a803f1 0000000c 011106a5 c0a85801
01:18:33 ipsec,debug,packet 2c91fa00 f2fe5b07
01:18:33 ipsec,debug,packet encryption(3des)
01:18:33 ipsec,debug,packet with key:
01:18:33 ipsec,debug,packet 0ae48904 e46f100b 64980a89 4ff2da99 cfa96958 f855e258
01:18:33 ipsec,debug,packet encrypted payload by IV:
01:18:33 ipsec,debug,packet 12692f93 fb4d1880
01:18:33 ipsec,debug,packet save IV for next:
01:18:33 ipsec,debug,packet 8b1220ba 75c6e9ca
01:18:33 ipsec,debug,packet encrypted.
01:18:33 ipsec,debug,packet 164 bytes from 192.168.88.1[500] to 192.168.3.241[500]
01:18:33 ipsec,debug,packet sockname 192.168.88.1[500]
01:18:33 ipsec,debug,packet send packet from 192.168.88.1[500]
01:18:33 ipsec,debug,packet send packet to 192.168.3.241[500]
01:18:33 ipsec,debug,packet src4 192.168.88.1[500]
01:18:33 ipsec,debug,packet dst4 192.168.3.241[500]
01:18:33 ipsec,debug,packet 1 times of 164 bytes message will be sent to 192.168.3.241[500]
01:18:33 ipsec,debug,packet 8a808153 6a6a57f2 e2507dc2 b7071b5e 08102001 e35fffe1 000000a4 1044d57c
01:18:33 ipsec,debug,packet 60bae1ce 63feca52 240bac70 7cb54584 8fdd8fdb 7cab0970 1bf9624c 67db109e
01:18:33 ipsec,debug,packet e50d684b 863a65c2 d8ea9298 ec504738 b9f10df1 29a704fb 70b71f5f 74df6d2a
01:18:33 ipsec,debug,packet a575fab2 e626866e fc313dad 73a28b21 56946f27 9e11beb4 9adf9fe4 90447de0
01:18:33 ipsec,debug,packet ab1c36b1 536592a2 cec7ef50 0512d321 892dbfea e3dbe55b 228d2a06 8b1220ba
01:18:33 ipsec,debug,packet 75c6e9ca
01:18:33 ipsec,debug,packet resend phase2 packet 8a8081536a6a57f2:e2507dc2b7071b5e:e35fffe1
01:18:33 ipsec,debug,packet ==========
01:18:33 ipsec,debug,packet 60 bytes message received from 192.168.3.241[500] to 192.168.88.1[500]
01:18:33 ipsec,debug,packet 8a808153 6a6a57f2 e2507dc2 b7071b5e 08102001 e35fffe1 0000003c 4c797b9e
01:18:33 ipsec,debug,packet eb5691e5 d2a3d64b 8cb91ee3 d80288ab 7411f9ce 9f7eeab2 7c887600
01:18:33 ipsec,debug,packet encryption(3des)
01:18:33 ipsec,debug,packet IV was saved for next processing:
01:18:33 ipsec,debug,packet 9f7eeab2 7c887600
01:18:33 ipsec,debug,packet encryption(3des)
01:18:33 ipsec,debug,packet with key:
01:18:33 ipsec,debug,packet 0ae48904 e46f100b 64980a89 4ff2da99 cfa96958 f855e258
01:18:33 ipsec,debug,packet decrypted payload by IV:
01:18:33 ipsec,debug,packet 8b1220ba 75c6e9ca
01:18:33 ipsec,debug,packet decrypted payload, but not trimed.
01:18:33 ipsec,debug,packet 00000018 ca0e520a a7ba38c8 7e6e5c44 e1bf8c4a aaeed3cf 00000000 00000008
01:18:33 ipsec,debug,packet padding len=9
01:18:33 ipsec,debug,packet skip to trim padding.
01:18:33 ipsec,debug,packet decrypted.
01:18:33 ipsec,debug,packet 8a808153 6a6a57f2 e2507dc2 b7071b5e 08102001 e35fffe1 0000003c 00000018
01:18:33 ipsec,debug,packet ca0e520a a7ba38c8 7e6e5c44 e1bf8c4a aaeed3cf 00000000 00000008
01:18:33 ipsec,debug,packet begin.
01:18:33 ipsec,debug,packet seen nptype=8(hash)
01:18:33 ipsec,debug,packet succeed.
01:18:33 ipsec,debug,packet HASH(3) validate:
01:18:33 ipsec,debug,packet ca0e520a a7ba38c8 7e6e5c44 e1bf8c4a aaeed3cf
01:18:33 ipsec,debug,packet HASH with:
01:18:33 ipsec,debug,packet 00e35fff e199ae01 0eb8a47f e7488a39 5e2561a8 40a54c88 aef9c29d 85e04eb9
01:18:33 ipsec,debug,packet ba8cf0c7 24284d68 cd0d87c3 7d
01:18:33 ipsec,debug,packet hmac(hmac_sha1)
01:18:33 ipsec,debug,packet HASH computed:
01:18:33 ipsec,debug,packet ca0e520a a7ba38c8 7e6e5c44 e1bf8c4a aaeed3cf
01:18:33 ipsec,debug,packet ===
01:18:33 ipsec,debug,packet KEYMAT compute with
01:18:33 ipsec,debug,packet 0305fd09 b899ae01 0eb8a47f e7488a39 5e2561a8 40a54c88 aef9c29d 85e04eb9
01:18:33 ipsec,debug,packet ba8cf0c7 24284d68 cd0d87c3 7d
01:18:33 ipsec,debug,packet hmac(hmac_sha1)
01:18:33 ipsec,debug,packet encryption(aes)
01:18:33 ipsec,debug,packet hmac(hmac_sha1)
01:18:33 ipsec,debug,packet encklen=256 authklen=160
01:18:33 ipsec,debug,packet generating 640 bits of key (dupkeymat=4)
01:18:33 ipsec,debug,packet generating K1...K4 for KEYMAT.
01:18:33 ipsec,debug,packet hmac(hmac_sha1)
01:18:33 ipsec,debug,packet hmac(hmac_sha1)
01:18:33 ipsec,debug,packet hmac(hmac_sha1)
01:18:33 ipsec,debug,packet 01388cbd 87c05c07 a5302ce0 b0aa0736 df69f625 a6a34310 af176132 508dea6f
01:18:33 ipsec,debug,packet d6475ba5 9f064ecb 8cefb875 43cbd81e b3ebfc84 5c455c9c 95f27ef7 d235b2d2
01:18:33 ipsec,debug,packet 5fa8dd23 c2ed8f92 4a1e59e5 198ef72b
01:18:33 ipsec,debug,packet KEYMAT compute with
01:18:33 ipsec,debug,packet 0308ba65 2099ae01 0eb8a47f e7488a39 5e2561a8 40a54c88 aef9c29d 85e04eb9
01:18:33 ipsec,debug,packet ba8cf0c7 24284d68 cd0d87c3 7d
01:18:33 ipsec,debug,packet hmac(hmac_sha1)
01:18:33 ipsec,debug,packet encryption(aes)
01:18:33 ipsec,debug,packet hmac(hmac_sha1)
01:18:33 ipsec,debug,packet encklen=256 authklen=160
01:18:33 ipsec,debug,packet generating 640 bits of key (dupkeymat=4)
01:18:33 ipsec,debug,packet generating K1...K4 for KEYMAT.
01:18:33 ipsec,debug,packet hmac(hmac_sha1)
01:18:33 ipsec,debug,packet hmac(hmac_sha1)
01:18:33 ipsec,debug,packet hmac(hmac_sha1)
01:18:33 ipsec,debug,packet c8282311 8d9cdfff 8867ad4e 369e98a0 2eead7f3 d87f417b 4ac81c53 5ebf1b2a
01:18:33 ipsec,debug,packet 1cc59dd3 5a8c1ca1 b3c5ff76 f4db3567 f0087f73 a5990789 9db6713e c2666f72
01:18:33 ipsec,debug,packet 7698bba6 ee2698ef 9b7026b6 ed43f615
01:18:33 ipsec,debug,packet KEYMAT computed.
01:18:33 ipsec,debug,packet call pk_sendupdate
01:18:33 ipsec,debug,packet encryption(aes)
01:18:33 ipsec,debug,packet hmac(hmac_sha1)
01:18:33 ipsec,debug,packet call pfkey_send_update_nat
01:18:33 ipsec,debug,packet pfkey update sent.
01:18:33 ipsec,debug,packet encryption(aes)
01:18:33 ipsec,debug,packet hmac(hmac_sha1)
01:18:33 ipsec,debug,packet call pfkey_send_add_nat
01:18:33 ipsec,debug,packet pfkey add sent.
01:18:33 ipsec,debug,packet call pfkey_send_spdupdate2
01:18:33 ipsec,debug,packet pfkey spdupdate2(inbound) sent.
01:18:33 ipsec,debug,packet call pfkey_send_spdupdate2
01:18:33 ipsec,debug,packet pfkey spdupdate2(outbound) sent.
01:18:33 ipsec IPsec-SA established: ESP/Transport 192.168.3.241[0]->192.168.88.1[0] spi=100469176(0x5fd09b8)
01:18:33 ipsec,debug ===
01:18:33 ipsec IPsec-SA established: ESP/Transport 192.168.88.1[0]->192.168.3.241[0] spi=146433312(0x8ba6520)
01:18:33 ipsec,debug ===
01:18:33 ipsec,debug,packet such policy does not already exist: 192.168.3.241/32[0] 192.168.88.1/32[0] proto=udp dir=in
01:18:33 ipsec,debug,packet such policy does not already exist: 192.168.88.1/32[0] 192.168.3.241/32[0] proto=udp dir=out
01:18:34 l2tp,debug,packet rcvd control message from 192.168.3.241:49836
01:18:34 l2tp,debug,packet tunnel-id=0, session-id=0, ns=0, nr=0
01:18:34 l2tp,debug,packet (M) Message-Type=SCCRQ
01:18:34 l2tp,debug,packet (M) Protocol-Version=0x01:00
01:18:34 l2tp,debug,packet (M) Framing-Capabilities=0x3
01:18:34 l2tp,debug,packet (M) Host-Name=0x69:50:61:64:2d:64:65:2d:4a:6f:61:71:75:69:6e:2d
01:18:34 l2tp,debug,packet 50:6f:6c:6f:2d:4d:6f:6c:65:72:6f:00
01:18:34 l2tp,debug,packet (M) Assigned-Tunnel-ID=7
01:18:34 l2tp,debug,packet (M) Receive-Window-Size=4
01:18:34 l2tp,info first L2TP UDP packet received from 192.168.3.241
01:18:34 l2tp,debug tunnel 2 entering state: wait-ctl-conn
01:18:34 l2tp,debug,packet sent control message to 192.168.3.241:49836
01:18:34 l2tp,debug,packet tunnel-id=7, session-id=0, ns=0, nr=1
01:18:34 l2tp,debug,packet (M) Message-Type=SCCRP
01:18:34 l2tp,debug,packet (M) Protocol-Version=0x01:00
01:18:34 l2tp,debug,packet (M) Framing-Capabilities=0x1
01:18:34 l2tp,debug,packet (M) Bearer-Capabilities=0x0
01:18:34 l2tp,debug,packet Firmware-Revision=0x1
01:18:34 l2tp,debug,packet (M) Host-Name="MikroTik"
01:18:34 l2tp,debug,packet Vendor-Name="MikroTik"
01:18:34 l2tp,debug,packet (M) Assigned-Tunnel-ID=2
01:18:34 l2tp,debug,packet (M) Receive-Window-Size=4
01:18:35 l2tp,debug,packet sent control message to 192.168.3.241:49836
01:18:35 l2tp,debug,packet tunnel-id=7, session-id=0, ns=0, nr=1
01:18:35 l2tp,debug,packet (M) Message-Type=SCCRP
01:18:35 l2tp,debug,packet (M) Protocol-Version=0x01:00
01:18:35 l2tp,debug,packet (M) Framing-Capabilities=0x1
01:18:35 l2tp,debug,packet (M) Bearer-Capabilities=0x0
01:18:35 l2tp,debug,packet Firmware-Revision=0x1
01:18:35 l2tp,debug,packet (M) Host-Name="MikroTik"
01:18:35 l2tp,debug,packet Vendor-Name="MikroTik"
01:18:35 l2tp,debug,packet (M) Assigned-Tunnel-ID=2
01:18:35 l2tp,debug,packet (M) Receive-Window-Size=4
01:18:36 l2tp,debug,packet sent control message to 192.168.3.241:49836
01:18:36 l2tp,debug,packet tunnel-id=7, session-id=0, ns=0, nr=1
01:18:36 l2tp,debug,packet (M) Message-Type=SCCRP
01:18:36 l2tp,debug,packet (M) Protocol-Version=0x01:00
01:18:36 l2tp,debug,packet (M) Framing-Capabilities=0x1
01:18:36 l2tp,debug,packet (M) Bearer-Capabilities=0x0
01:18:36 l2tp,debug,packet Firmware-Revision=0x1
01:18:36 l2tp,debug,packet (M) Host-Name="MikroTik"
01:18:36 l2tp,debug,packet Vendor-Name="MikroTik"
01:18:36 l2tp,debug,packet (M) Assigned-Tunnel-ID=2
01:18:36 l2tp,debug,packet (M) Receive-Window-Size=4
01:18:36 l2tp,debug,packet rcvd control message from 192.168.3.241:49836
01:18:36 l2tp,debug,packet tunnel-id=0, session-id=0, ns=0, nr=0
01:18:36 l2tp,debug,packet (M) Message-Type=SCCRQ
01:18:36 l2tp,debug,packet (M) Protocol-Version=0x01:00
01:18:36 l2tp,debug,packet (M) Framing-Capabilities=0x3
01:18:36 l2tp,debug,packet (M) Host-Name=0x69:50:61:64:2d:64:65:2d:4a:6f:61:71:75:69:6e:2d
01:18:36 l2tp,debug,packet 50:6f:6c:6f:2d:4d:6f:6c:65:72:6f:00
01:18:36 l2tp,debug,packet (M) Assigned-Tunnel-ID=7
01:18:36 l2tp,debug,packet (M) Receive-Window-Size=4
01:18:36 l2tp,debug,packet sent control message (ack) to 192.168.3.241:49836
01:18:36 l2tp,debug,packet tunnel-id=7, session-id=0, ns=1, nr=1
01:18:38 l2tp,debug,packet sent control message to 192.168.3.241:49836
01:18:38 l2tp,debug,packet tunnel-id=7, session-id=0, ns=0, nr=1
01:18:38 l2tp,debug,packet (M) Message-Type=SCCRP
01:18:38 l2tp,debug,packet (M) Protocol-Version=0x01:00
01:18:38 l2tp,debug,packet (M) Framing-Capabilities=0x1
01:18:38 l2tp,debug,packet (M) Bearer-Capabilities=0x0
01:18:38 l2tp,debug,packet Firmware-Revision=0x1
01:18:38 l2tp,debug,packet (M) Host-Name="MikroTik"
01:18:38 l2tp,debug,packet Vendor-Name="MikroTik"
01:18:38 l2tp,debug,packet (M) Assigned-Tunnel-ID=2
01:18:38 l2tp,debug,packet (M) Receive-Window-Size=4
01:18:40 l2tp,debug,packet rcvd control message from 192.168.3.241:49836
01:18:40 l2tp,debug,packet tunnel-id=0, session-id=0, ns=0, nr=0
01:18:40 l2tp,debug,packet (M) Message-Type=SCCRQ
01:18:40 l2tp,debug,packet (M) Protocol-Version=0x01:00
01:18:40 l2tp,debug,packet (M) Framing-Capabilities=0x3
01:18:40 l2tp,debug,packet (M) Host-Name=0x69:50:61:64:2d:64:65:2d:4a:6f:61:71:75:69:6e:2d
01:18:40 l2tp,debug,packet 50:6f:6c:6f:2d:4d:6f:6c:65:72:6f:00
01:18:40 l2tp,debug,packet (M) Assigned-Tunnel-ID=7
01:18:40 l2tp,debug,packet (M) Receive-Window-Size=4
01:18:40 l2tp,debug,packet sent control message (ack) to 192.168.3.241:49836
01:18:40 l2tp,debug,packet tunnel-id=7, session-id=0, ns=1, nr=1
01:18:42 l2tp,debug,packet sent control message to 192.168.3.241:49836
01:18:42 l2tp,debug,packet tunnel-id=7, session-id=0, ns=0, nr=1
01:18:42 l2tp,debug,packet (M) Message-Type=SCCRP
01:18:42 l2tp,debug,packet (M) Protocol-Version=0x01:00
01:18:42 l2tp,debug,packet (M) Framing-Capabilities=0x1
01:18:42 l2tp,debug,packet (M) Bearer-Capabilities=0x0
01:18:42 l2tp,debug,packet Firmware-Revision=0x1
01:18:42 l2tp,debug,packet (M) Host-Name="MikroTik"
01:18:42 l2tp,debug,packet Vendor-Name="MikroTik"
01:18:42 l2tp,debug,packet (M) Assigned-Tunnel-ID=2
01:18:42 l2tp,debug,packet (M) Receive-Window-Size=4
01:18:44 l2tp,debug,packet rcvd control message from 192.168.3.241:49836
01:18:44 l2tp,debug,packet tunnel-id=0, session-id=0, ns=0, nr=0
01:18:44 l2tp,debug,packet (M) Message-Type=SCCRQ
01:18:44 l2tp,debug,packet (M) Protocol-Version=0x01:00
01:18:44 l2tp,debug,packet (M) Framing-Capabilities=0x3
01:18:44 l2tp,debug,packet (M) Host-Name=0x69:50:61:64:2d:64:65:2d:4a:6f:61:71:75:69:6e:2d
01:18:44 l2tp,debug,packet 50:6f:6c:6f:2d:4d:6f:6c:65:72:6f:00
01:18:44 l2tp,debug,packet (M) Assigned-Tunnel-ID=7
01:18:44 l2tp,debug,packet (M) Receive-Window-Size=4
01:18:44 l2tp,debug,packet sent control message (ack) to 192.168.3.241:49836
01:18:44 l2tp,debug,packet tunnel-id=7, session-id=0, ns=1, nr=1
01:18:48 l2tp,debug,packet rcvd control message from 192.168.3.241:49836
01:18:48 l2tp,debug,packet tunnel-id=0, session-id=0, ns=0, nr=0
01:18:48 l2tp,debug,packet (M) Message-Type=SCCRQ
01:18:48 l2tp,debug,packet (M) Protocol-Version=0x01:00
01:18:48 l2tp,debug,packet (M) Framing-Capabilities=0x3
01:18:48 l2tp,debug,packet (M) Host-Name=0x69:50:61:64:2d:64:65:2d:4a:6f:61:71:75:69:6e:2d
01:18:48 l2tp,debug,packet 50:6f:6c:6f:2d:4d:6f:6c:65:72:6f:00
01:18:48 l2tp,debug,packet (M) Assigned-Tunnel-ID=7
01:18:48 l2tp,debug,packet (M) Receive-Window-Size=4
01:18:48 l2tp,debug,packet sent control message (ack) to 192.168.3.241:49836
01:18:48 l2tp,debug,packet tunnel-id=7, session-id=0, ns=1, nr=1
01:18:50 l2tp,debug,packet sent control message to 192.168.3.241:49836
01:18:50 l2tp,debug,packet tunnel-id=7, session-id=0, ns=0, nr=1
01:18:50 l2tp,debug,packet (M) Message-Type=SCCRP
01:18:50 l2tp,debug,packet (M) Protocol-Version=0x01:00
01:18:50 l2tp,debug,packet (M) Framing-Capabilities=0x1
01:18:50 l2tp,debug,packet (M) Bearer-Capabilities=0x0
01:18:50 l2tp,debug,packet Firmware-Revision=0x1
01:18:50 l2tp,debug,packet (M) Host-Name="MikroTik"
01:18:50 l2tp,debug,packet Vendor-Name="MikroTik"
01:18:50 l2tp,debug,packet (M) Assigned-Tunnel-ID=2
01:18:50 l2tp,debug,packet (M) Receive-Window-Size=4
01:18:52 l2tp,debug,packet rcvd control message from 192.168.3.241:49836
01:18:52 l2tp,debug,packet tunnel-id=0, session-id=0, ns=0, nr=0
01:18:52 l2tp,debug,packet (M) Message-Type=SCCRQ
01:18:52 l2tp,debug,packet (M) Protocol-Version=0x01:00
01:18:52 l2tp,debug,packet (M) Framing-Capabilities=0x3
01:18:52 l2tp,debug,packet (M) Host-Name=0x69:50:61:64:2d:64:65:2d:4a:6f:61:71:75:69:6e:2d
01:18:52 l2tp,debug,packet 50:6f:6c:6f:2d:4d:6f:6c:65:72:6f:00
01:18:52 l2tp,debug,packet (M) Assigned-Tunnel-ID=7
01:18:52 l2tp,debug,packet (M) Receive-Window-Size=4
01:18:52 l2tp,debug,packet sent control message (ack) to 192.168.3.241:49836
01:18:52 l2tp,debug,packet tunnel-id=7, session-id=0, ns=1, nr=1
01:18:52 l2tp,debug tunnel 2 received no replies, disconnecting
01:18:52 l2tp,debug tunnel 2 entering state: dead
 
gsloop
Member Candidate
Member Candidate
Posts: 213
Joined: Wed Jan 04, 2012 11:34 pm
Contact:

Re: Problems VPN L2TP

Tue Oct 16, 2012 1:25 am

Have you removed all NAT/Firewall/Mangle rules that aren't absolutely required?

You are getting a full IPSec tunnel, where you were not before.
But it appears as though the L2TP tunnel dies for some reason. Again, the logs are hard to read, but at least you're getting to a L2TP tunnel - so try disabling all the rules in NAT/FW/Mangle that you don't absolutely have to have.

I'm not suggesting you to leave them off forever, just until you can determine if they are part of the issue.

-Greg

Who is online

Users browsing this forum: Amazon [Bot], bananaboy1101, emunt6, sjdurand, tangent and 101 guests