L2TP/IPSec issue works from android, but not from Windows

I honestly tied to find the solution on the forum, seen some similar issues but was not able to find a solution.
What I have:

• External IP
  
  
  
• Mikrotik 750G r3 with RouterOS 6.46.6

The issue
When I am trying to establish an L2TP connection from outside with my Android phone, everything seems to be working perfectly.
When I am trying to establish a connection from Windows 10 machine, using the same phone with the same 4G mobile connection as the NDIS device, I get an IPSec tunnel, but no L2DP. You would probably say, that something wrong with Windows, but I was able to establish a connection from the LAN network, managed by that Mikrotik device.
In addition, I have tried to connect from another machine with windows 7 in another location with no luck.

I see kind of a paradox: I can’t confirm that Filter or L2TP incorrectly configured, cause Android able to connect. But I can’t agree that something is wrong on the windows side, cause I was able to connect from the internal network.

Some highlights:
I have compared connection logs and want to share what I’ve found.
42.42.42.42 - external IP
69.69.69.69 - Mikrotik’s WAN IP

Here is an example of the Android connection:

23:56:30 ipsec,debug generating K1...K4 for KEYMAT.
23:56:30 ipsec,debug,packet hmac(hmac_sha1)
23:56:30 ipsec,debug,packet hmac(hmac_sha1)
23:56:30 ipsec,debug,packet hmac(hmac_sha1)
23:56:30 ipsec,debug 283371c9 55a79934 09b7e669 01325a27 8ff5bdf3 ec67c248 6dfbe863 c83a7197
23:56:30 ipsec,debug b63a85fa 1138138a 30d7d948 625bbb99 be16bd61 73d5ef3e f03cc2a7 706087c2
23:56:30 ipsec,debug 74370664 6da41533 65643bfe 284dd324
23:56:30 ipsec,debug KEYMAT computed.
23:56:30 ipsec,debug call pk_sendupdate
23:56:30 ipsec,debug encryption(aes-cbc)
23:56:30 ipsec,debug hmac(sha1)
23:56:30 ipsec,debug call pfkey_send_update_nat
23:56:30 ipsec,debug pfkey update sent.
23:56:30 ipsec,debug encryption(aes-cbc)
23:56:30 ipsec,debug hmac(sha1)
23:56:30 ipsec,debug call pfkey_send_add_nat
23:56:30 ipsec,debug pfkey add sent.
23:56:30 l2tp,debug,packet rcvd control message from 217.118.92.66:58005 to 69.69.69.69:1701
23:56:30 l2tp,debug,packet     tunnel-id=0, session-id=0, ns=0, nr=0
23:56:30 l2tp,debug,packet     (M) Message-Type=SCCRQ
23:56:30 l2tp,debug,packet     (M) Protocol-Version=0x01:00
23:56:30 l2tp,debug,packet     (M) Host-Name="anonymous"
23:56:30 l2tp,debug,packet     (M) Framing-Capabilities=0x3
23:56:30 l2tp,debug,packet     (M) Assigned-Tunnel-ID=62914
23:56:30 l2tp,debug,packet     (M) Receive-Window-Size=1
23:56:30 l2tp,info first L2TP UDP packet received from 217.118.92.66

As you may see IPSec tunnel has been configured and L2DP configuration has been started.

And here is the same cut but trying to connect from Windows, remember, it’s the same mobile network:

may/06 00:27:08 ipsec,debug generating K1...K4 for KEYMAT.
may/06 00:27:08 ipsec,debug,packet hmac(hmac_sha1)
may/06 00:27:08 ipsec,debug,packet hmac(hmac_sha1)
may/06 00:27:08 ipsec,debug,packet hmac(hmac_sha1)
may/06 00:27:08 ipsec,debug 6bdcbb0f fc8cc574 d7b35153 924d60b1 b2bdf2e0 61fbe823 7b7095e5 82471b52
may/06 00:27:08 ipsec,debug 04fc3e97 ce9250d6 1ae46c81 04036844 a37cf2d2 e664cd6d aaa7d391 ad343a4a
may/06 00:27:08 ipsec,debug 1d233d08 1ed000a3 381c8fdc 3f3c9f23
may/06 00:27:08 ipsec,debug KEYMAT computed.
may/06 00:27:08 ipsec,debug call pk_sendupdate
may/06 00:27:08 ipsec,debug encryption(aes-cbc)
may/06 00:27:08 ipsec,debug hmac(sha1)
may/06 00:27:08 ipsec,debug call pfkey_send_update_nat
may/06 00:27:08 ipsec,debug pfkey update sent.
may/06 00:27:08 ipsec,debug encryption(aes-cbc)
may/06 00:27:08 ipsec,debug hmac(sha1)
may/06 00:27:08 ipsec,debug call pfkey_send_add_nat
may/06 00:27:08 ipsec,debug pfkey add sent.
may/06 00:27:08 ipsec,debug ===== received 76 bytes from 217.118.92.66[60272] to 69.69.69.69[4500]
may/06 00:27:08 ipsec,debug,packet b7de46b9 3cf2d12f b25db37c e533a7be 08100501 b27c3ca2 0000004c 253c0206
may/06 00:27:08 ipsec,debug,packet 5f1f6b8d 9e99cf35 8b4430cb 537ffebe 3b27039a a134e37f c7b199b0 ca6e34ea
may/06 00:27:08 ipsec,debug,packet 094ff741 996c4d25 b6454f51
may/06 00:27:08 ipsec,debug receive Information.
may/06 00:27:08 ipsec,debug,packet compute IV for phase2
may/06 00:27:08 ipsec,debug,packet phase1 last IV:
may/06 00:27:08 ipsec,debug,packet 0bfef391 08e38f5d b27c3ca2

As you may see, it even does not trying to start establishing L2TP

And here, how it looks from the Windows side

[3108] 05-06 00:27:05:588: DeviceConnect: calling lineMakeCall for VPN3-1, address=42.42.42.42
[3108] 00:27:05: RasLineMakeCall...
[3108] 00:27:05: AsyncDriverRequest: Oid(MakeCall), devID(0x2), reqID(0x13b), hCall(0x0)
[4748] 00:27:05: AsyncEventsThread: Got a line event
[4748] 00:27:05: ProcessEvent: Event(000001B442E380F8), msg(0x2), ht_line(0x840000), ht_call(0x860002), p1(0000000000000200), p2(0000000000000000), p3(0000000000000100)
[4748] 00:27:05: ProcessEvent: Incomplete outbound call, saving state
[4748] 00:27:05: AsyncEventsThread: Got a completed request
[4748] 00:27:05: AsyncEventsThread: Request (000001B442E216A0) with reqID (0x13b) returned dwResult (0x0)
[4748] 00:27:05: RasLineMakeCall_postProcess called with dwRetCode (0x0)
[4748] 00:27:05: RasLineMakeCall_postProcess: Executing the pending LINE_CALLSTATE message 0x200
[4748] 00:27:05: AsyncEventsThread: Async call completed with ReqID (13b), dwResult (0)
[3108] 05-06 00:27:05:589: DeviceConnect: Changing state for VPN3-1 from 1 -> 4
[4748] 05-06 00:27:05:589: RasTapicallback: msg=12 , param1=315l , param2=0l
[4748] 05-06 00:27:05:589: LINE_REPLY. param1=0x13b
[4748] 00:27:05: AsyncEventsThread: Report back the saved call state
[4748] 00:27:05: AsyncEventsThread: LINE_CALLSTATE htline(0000000000840000), htcall(0000000000860002), p1(0000000000000200), p2(0000000000000000), p3(0000000000000100)
[4748] 05-06 00:27:05:589: RasTapicallback: msg=2 , param1=512l , param2=0l
[4748] 05-06 00:27:05:589: RasTapicallback: linecallstate=0x200
[6068] 05-06 00:27:10:410: PortDisconnect: VPN3-1
[6068] 05-06 00:27:10:410: InitiatePortDisconnection: VPN3-1
[6068] 00:27:10: RasLineDrop...
[6068] 00:27:10: AsyncDriverRequest: Oid(Drop), devID(0x2), reqID(0x13c), hCall(0x0)
[6068] 05-06 00:27:10:410: InitiatePortDisconnection: Changing state for VPN3-1 from 4 -> 5, id=0x13c
[4748] 00:27:10: AsyncEventsThread: Got a line event
[6068] 05-06 00:27:10:410:  
[4748] 00:27:10: ProcessEvent: Event(000001B442E380F8), msg(0x2), ht_line(0x840000), ht_call(0x860002), p1(0000000000004000), p2(0000000000000001), p3(0000000000000100)
[6068] 05-06 00:27:10:410:  
[4748] 05-06 00:27:10:411: RasTapicallback: msg=2 , param1=16384l , param2=1l
[4748] 05-06 00:27:10:411: RasTapicallback: linecallstate=0x4000
[4748] 05-06 00:27:10:411: RasTapiCallback: LINECALLSTATE - initiating Port Disconnect
[4748] 05-06 00:27:10:411: InitiatePortDisconnection: VPN3-1

Continue in the next post

Here is an example, when Windows was successful, connecting from the inside, you may notice local IPs:

may/06 00:40:58 ipsec,debug generating K1...K4 for KEYMAT.
may/06 00:40:58 ipsec,debug,packet hmac(hmac_sha1)
may/06 00:40:58 ipsec,debug,packet hmac(hmac_sha1)
may/06 00:40:58 ipsec,debug,packet hmac(hmac_sha1)
may/06 00:40:58 ipsec,debug 6564600c 741453f8 14267596 94c16867 025a1adc 81d29c4e 81b6e735 0d639525
may/06 00:40:58 ipsec,debug 113fca11 7d83ecc2 a176d3f7 d778890f 6e17a64f 0d8ef287 290016f7 c4e40986
may/06 00:40:58 ipsec,debug 9d4be069 9cd282c7 9d56cbb6 c79fa2d2
may/06 00:40:58 ipsec,debug KEYMAT computed.
may/06 00:40:58 ipsec,debug call pk_sendupdate
may/06 00:40:58 ipsec,debug encryption(aes-cbc)
may/06 00:40:58 ipsec,debug hmac(sha1)
may/06 00:40:58 ipsec,debug call pfkey_send_update_nat
may/06 00:40:58 ipsec,debug pfkey update sent.
may/06 00:40:58 ipsec,debug encryption(aes-cbc)
may/06 00:40:58 ipsec,debug hmac(sha1)
may/06 00:40:58 ipsec,debug call pfkey_send_add_nat
may/06 00:40:58 ipsec,debug pfkey add sent.
may/06 00:40:59 l2tp,debug,packet rcvd control message from 192.168.1.67:1701 to 192.168.1.1:1701
may/06 00:40:59 l2tp,debug,packet     tunnel-id=0, session-id=0, ns=0, nr=0
may/06 00:40:59 l2tp,debug,packet     (M) Message-Type=SCCRQ
may/06 00:40:59 l2tp,debug,packet     (M) Protocol-Version=0x01:00
may/06 00:40:59 l2tp,debug,packet     (M) Framing-Capabilities=0x1
may/06 00:40:59 l2tp,debug,packet     (M) Bearer-Capabilities=0x0
may/06 00:40:59 l2tp,debug,packet     Firmware-Revision=0xa00
may/06 00:40:59 l2tp,debug,packet     (M) Host-Name="Tuhlik"
may/06 00:40:59 l2tp,debug,packet     Vendor-Name="Microsoft"
may/06 00:40:59 l2tp,debug,packet     (M) Assigned-Tunnel-ID=6
may/06 00:40:59 l2tp,debug,packet     (M) Receive-Window-Size=8
may/06 00:40:59 l2tp,info first L2TP UDP packet received from 192.168.1.67

And from the Windows side:

[10532] 05-06 00:40:58:583: DeviceConnect: calling lineMakeCall for VPN3-1, address=192.168.1.1
[10532] 00:40:58: RasLineMakeCall...
[10532] 00:40:58: AsyncDriverRequest: Oid(MakeCall), devID(0x2), reqID(0x142), hCall(0x0)
[10532] 05-06 00:40:58:583: DeviceConnect: Changing state for VPN3-1 from 1 -> 4
[4748] 00:40:58: AsyncEventsThread: Got a line event
[4748] 00:40:58: ProcessEvent: Event(000001B442E380F8), msg(0x2), ht_line(0x880000), ht_call(0x8a0002), p1(0000000000000200), p2(0000000000000000), p3(0000000000000100)
[4748] 00:40:58: ProcessEvent: Incomplete outbound call, saving state
[4748] 00:40:58: AsyncEventsThread: Got a completed request
[4748] 00:40:58: AsyncEventsThread: Request (000001B443C49140) with reqID (0x142) returned dwResult (0x0)
[4748] 00:40:58: RasLineMakeCall_postProcess called with dwRetCode (0x0)
[4748] 00:40:58: RasLineMakeCall_postProcess: Executing the pending LINE_CALLSTATE message 0x200
[4748] 00:40:58: AsyncEventsThread: Async call completed with ReqID (142), dwResult (0)
[4748] 05-06 00:40:58:584: RasTapicallback: msg=12 , param1=322l , param2=0l
[4748] 05-06 00:40:58:584: LINE_REPLY. param1=0x142
[4748] 00:40:58: AsyncEventsThread: Report back the saved call state
[4748] 00:40:58: AsyncEventsThread: LINE_CALLSTATE htline(0000000000880000), htcall(00000000008A0002), p1(0000000000000200), p2(0000000000000000), p3(0000000000000100)
[4748] 05-06 00:40:58:584: RasTapicallback: msg=2 , param1=512l , param2=0l
[4748] 05-06 00:40:58:584: RasTapicallback: linecallstate=0x200
[4748] 00:40:59: AsyncEventsThread: Got a line event
[4748] 00:40:59: ProcessEvent: Event(000001B442E380F8), msg(0x2), ht_line(0x880000), ht_call(0x8a0002), p1(0000000000000100), p2(0000000000000000), p3(0000000000000100)
[4748] 05-06 00:40:59:591: RasTapicallback: msg=2 , param1=256l , param2=0l
[4748] 05-06 00:40:59:591: RasTapicallback: linecallstate=0x100
[4748] 00:40:59: SyncDriverRequest: Oid(GetCallInfo), devID(2), reqID(143), hCall(0000000000000005)
[4748] 05-06 00:40:59:591: DwGetConnectInfo
[4748] 05-06 00:40:59:591: DwGetIDInformation
[4748] 05-06 00:40:59:592: DwGetIDInformation. 0
[4748] 05-06 00:40:59:592: SizeRequired for CallID=0
[4748] 05-06 00:40:59:592: CallIDSize=ConnectResponseSize=0
[4748] 05-06 00:40:59:592: DwGetConnectInfo. 0x0
[4748] 05-06 00:40:59:592: RasTapiCallback: DwGetConnectInforeturned 0x0
[4748] 05-06 00:40:59:592: RasTapiCallback: Connected on VPN3-1
[4748] 05-06 00:40:59:592: RasTapiCallback: Outgoing call
[4540] 05-06 00:40:59:593: DeviceWork: VPN3-1. State = 4
[4540] 00:40:59: SyncDriverRequest: Oid(GetCallStatus), devID(2), reqID(144), hCall(0000000000000005)
[4540] 05-06 00:40:59:593: DeviceWork: Changing state for VPN3-1 from 4 -> 3
[4780] 05-06 00:40:59:598: PortConnect: VPN3-1
[4780] 00:40:59: SyncDriverRequest: Oid(GetCallInfo), devID(2), reqID(145), hCall(0000000000000005)
[4780] 00:40:59: SyncDriverRequest: Oid(GetID), devID(2), reqID(146), hLine(0000000000000000)

Router config
42.42.42.42 - external IP
69.69.69.69 - Mikrotik’s WAN IP

[admin@MikroTik] > /export hide-sensitive
# may/05/2020 23:40:06 by RouterOS 6.46.6
# software id = Y4D1-NEYX
#
# model = RouterBOARD 750G r3
# serial number = 6F380558E982
/interface bridge
add admin-mac=E4:8D:8C:B1:F9:1C arp=proxy-arp auto-mac=no comment=\
    "created from master port" name=LAN protocol-mode=none
/interface ethernet
set [ find default-name=ether1 ] mac-address=00:1A:92:31:5D:B0 speed=100Mbps
set [ find default-name=ether2 ] name=ether2-master speed=100Mbps
set [ find default-name=ether3 ] speed=100Mbps
set [ find default-name=ether4 ] speed=100Mbps
set [ find default-name=ether5 ] speed=100Mbps
/interface list
add exclude=dynamic name=discover
add name=mactel
add name=mac-winbox
add name=WAN
/ip hotspot profile
set [ find default=yes ] html-directory=flash/hotspot
/ip ipsec proposal
set [ find default=yes ] enc-algorithms=aes-256-cbc,aes-192-cbc,3des
/ip pool
add name=dhcp ranges=192.168.1.50-192.168.1.200
add name=L2TP_users ranges=192.168.1.202-192.168.1.210
/ip dhcp-server
add address-pool=dhcp disabled=no interface=LAN lease-time=2w10m name=dhcp1
/ppp profile
add change-tcp-mss=yes local-address=192.168.1.201 name=profile1-L2TP_users \
    remote-address=L2TP_users
/snmp community
set [ find default=yes ] addresses=0.0.0.0/0
/user group
set full policy="local,telnet,ssh,ftp,reboot,read,write,policy,test,winbox,pas\
    sword,web,sniff,sensitive,api,romon,dude,tikapp"
/interface bridge port
add bridge=LAN interface=ether3
add bridge=LAN interface=ether4
add bridge=LAN interface=ether5
add bridge=LAN interface=ether2-master
/ip neighbor discovery-settings
set discover-interface-list=discover
/interface l2tp-server server
set authentication=mschap2 default-profile=profile1-L2TP_users enabled=yes \
    use-ipsec=required
/interface list member
add interface=LAN list=discover
add interface=ether3 list=discover
add interface=ether4 list=discover
add interface=ether5 list=discover
add interface=LAN list=mactel
add interface=LAN list=mac-winbox
add interface=ether1 list=WAN
/ip address
add address=192.168.1.1/24 comment=defconf interface=ether3 network=\
    192.168.1.0
add address=69.69.69.69/22 interface=ether1 network=10.176.252.0
/ip dhcp-client
add comment=defconf interface=ether1
/ip dhcp-server lease
add address=192.168.1.20 client-id=NAS comment=Nas mac-address=\
    28:10:7B:43:7A:18
add address=192.168.1.30 client-id=1:0:11:32:3b:eb:a4 comment=SNAS \
    mac-address=00:11:32:3B:EB:A4 server=dhcp1
add address=192.168.1.10 client-id=1:d0:50:99:56:dd:40 comment=Station \
    mac-address=D0:50:99:56:DD:40 server=dhcp1
add address=192.168.1.40 client-id=1:0:12:16:b8:1f:4 comment=Camera \
    mac-address=00:12:16:B8:1F:04 server=dhcp1
add address=192.168.1.100 client-id=1:84:1b:5e:29:13:26 comment=Wireless \
    mac-address=84:1B:5E:29:13:26 server=dhcp1
add address=192.168.1.50 client-id=1:7c:1e:52:66:11:ab comment=XBox \
    mac-address=7C:1E:52:66:11:AB server=dhcp1
add address=192.168.1.60 mac-address=00:0C:29:3D:33:58 server=dhcp1
/ip dhcp-server network
add address=192.168.1.0/24 comment=defconf dns-server=192.168.248.21,8.8.8.8 \
    gateway=192.168.1.1 netmask=24
/ip dns
set allow-remote-requests=yes servers=192.168.248.21,8.8.8.8
/ip dns static
add address=192.168.88.1 name=router
/ip firewall filter
add action=accept chain=input comment="defconf: accept ICMP" protocol=icmp
add action=accept chain=input comment="defconf: accept established,related" \
    connection-state=established,related
add action=accept chain=forward comment="Allow L2TP" disabled=yes dst-port=\
    500,1701,4500 in-interface=ether1 log=yes log-prefix=L2tp protocol=udp
add action=accept chain=input comment=L2TP dst-port=500,1701,4500 \
    in-interface=ether1 log=yes log-prefix=VPN: protocol=udp
add action=accept chain=input comment="Allow L2TP" in-interface=ether1 \
    protocol=ipsec-esp
add action=accept chain=input comment="Allow L2TP" in-interface=ether1 \
    protocol=ipsec-ah
add action=accept chain=forward comment="Allow PPTP" disabled=yes dst-port=\
    1723 in-interface=ether1 log=yes log-prefix=PPTP protocol=tcp
add action=drop chain=input comment="defconf: drop all from WAN" \
    in-interface=ether1 log-prefix=Drop:
add action=drop chain=input comment="Drop remote management" disabled=yes \
    dst-port=80,443,8291 in-interface=ether1 log=yes protocol=tcp
add action=fasttrack-connection chain=forward comment="defconf: fasttrack" \
    connection-state=established,related
add action=accept chain=forward comment="defconf: accept established,related" \
    connection-state=established,related
add action=accept chain=forward comment="Allow VPN to LAN" in-interface=\
    !ether1 out-interface=LAN src-address=192.168.1.0/24
add action=drop chain=forward comment="defconf: drop invalid" \
    connection-state=invalid
add action=drop chain=forward comment=\
    "defconf:  drop all from WAN not DSTNATed" connection-nat-state=!dstnat \
    connection-state=new disabled=yes in-interface=ether1
/ip firewall nat
add action=masquerade chain=srcnat comment="defconf: masquerade" src-address=\
    192.168.1.0/24
add action=masquerade chain=srcnat out-interface=ether1
/ip route
add distance=1 gateway=10.176.252.1
add check-gateway=ping distance=1 dst-address=192.168.2.0/24 gateway=LAN \
    pref-src=192.168.1.1 scope=10
add check-gateway=ping distance=1 dst-address=192.168.3.0/24 gateway=LAN \
    pref-src=192.168.1.1 scope=10
/ip smb shares
set [ find default=yes ] directory=/pub
/ip ssh
set allow-none-crypto=yes forwarding-enabled=remote
/ip upnp
set enabled=yes
/ip upnp interfaces
add interface=ether1 type=external
add interface=LAN type=internal
/ppp secret
add name=Bass profile=profile1-L2TP_users service=l2tp
/system clock
set time-zone-name=Europe/Moscow
set time-zone-name=Europe/Moscow
/system leds
add leds=user-led type=off
/system logging
add topics=l2tp,debug
add topics=ipsec,debug
/system note
set show-at-login=no
/system resource irq rps
set ether1 disabled=no
set ether3 disabled=no
set ether4 disabled=no
set ether5 disabled=no
set ether2-master disabled=no
/system routerboard settings
set silent-boot=yes
/tool mac-server
set allowed-interface-list=mactel
/tool mac-server mac-winbox
set allowed-interface-list=mac-winbox

Windows by default don’t like the NAT on the server side, which is exactly your case where the public IP differs from Mikrotik’s WAN IP.

One solution is to change this in Windows’ registry, the other one is to do a dirty trick at Mikrotik side - put the public IP up also on the Mikrotik itself and use a dst-nat rule to port-forward requests coming to the WAN IP to this one. The problem with the second approach is that if the Windows client itself is on public IP and the router between the Mikrotik and the internet cannot forward ESP, the connections will fail.

Full successful Android connection log from LTE

[admin@MikroTik] /log> print
23:56:28 ipsec,debug seen nptype=20(nat-d) len=24
23:56:28 ipsec,debug succeed.
23:56:28 ipsec,debug hash(sha1)
23:56:28 ipsec,debug hash(sha1)
23:56:28 ipsec,debug ===
23:56:28 ipsec,debug dh(modp1024)
23:56:28 ipsec,debug,packet compute DH's private.
23:56:28 ipsec,debug,packet 6d5e2276 e3e359ca 9e7172cb dd8d612d f3a505aa adc31e4f 7d11b331 eb9a8b20
23:56:28 ipsec,debug,packet 686230ab 92102795 3f557f00 f9f0f95e 136d063b 270cf4d6 32598e2b 2b166dc8
23:56:28 ipsec,debug,packet a1f40594 e6baa499 e6036420 bdaba572 1addd8fe 3472231a cbbdb834 dca94d94
23:56:28 ipsec,debug,packet c95ac9cf 7dd0dd18 18f65399 6ef4d445 88f16964 334dcb1b 549544fc 72332523
23:56:28 ipsec,debug,packet compute DH's public.
23:56:28 ipsec,debug,packet 06f70215 0d4cfda2 37249595 fc459bcd ef803e54 25ef0331 f4a892ca 1ac7fd53
23:56:28 ipsec,debug,packet 43b644f8 53c59333 cc06df1f 742af7f6 2e91d67b 0d6951da eeed5c0c fc7f1c49
23:56:28 ipsec,debug,packet 8f5f248a 06ea34d6 751d8b84 3bc22833 d2f6f974 60ad94ae 372638fb e52aa8d0
23:56:28 ipsec,debug,packet 05392934 d77e3eec f5137c61 0f8c3a8c a237eec4 318d746a dc6e3846 cb5dc140
23:56:28 ipsec,debug hash(sha1)
23:56:28 ipsec,debug hash(sha1)
23:56:28 ipsec,debug add payload of len 128, next type 10
23:56:28 ipsec,debug add payload of len 24, next type 20
23:56:28 ipsec,debug add payload of len 20, next type 20
23:56:28 ipsec,debug add payload of len 20, next type 0
23:56:28 ipsec,debug 236 bytes from 69.69.69.69[500] to 217.118.92.66[54834]
23:56:28 ipsec,debug 1 times of 236 bytes message will be sent to 217.118.92.66[54834]
23:56:28 ipsec,debug,packet 1e1973d2 b9c07d61 5b331b45 5a6a8761 04100200 00000000 000000ec 0a000084
23:56:28 ipsec,debug,packet 06f70215 0d4cfda2 37249595 fc459bcd ef803e54 25ef0331 f4a892ca 1ac7fd53
23:56:28 ipsec,debug,packet 43b644f8 53c59333 cc06df1f 742af7f6 2e91d67b 0d6951da eeed5c0c fc7f1c49
23:56:28 ipsec,debug,packet 8f5f248a 06ea34d6 751d8b84 3bc22833 d2f6f974 60ad94ae 372638fb e52aa8d0
23:56:28 ipsec,debug,packet 05392934 d77e3eec f5137c61 0f8c3a8c a237eec4 318d746a dc6e3846 cb5dc140
23:56:28 ipsec,debug,packet 1400001c f1ce2433 d31e98eb 821844e2 452fc626 d141fcdc f0512a45 14000018
23:56:28 ipsec,debug,packet 0cc60f42 f5b1ce15 9ccc4baa c534215c df79a2a5 00000018 c303f4b7 168b90a1
23:56:28 ipsec,debug,packet 8d26afb5 0aba09b1 23325f1b
23:56:28 ipsec,debug dh(modp1024)
23:56:28 ipsec,debug,packet compute DH's shared.
23:56:28 ipsec,debug,packet
23:56:28 ipsec,debug,packet 99dfc335 b27405a3 7af1cf89 f0f69556 230f5b87 46c4423a 92809e28 6966a664
23:56:28 ipsec,debug,packet 81d605d6 0637a914 693b59a7 dfd0fb9b c240e109 65e9e01c 4014c6e4 2c6e8e75
23:56:28 ipsec,debug,packet 2b4546dc 425b7006 8b9c5ca6 7fd43c8f 8d5b8cbd 8edfec80 7fad3b99 c9d9d746
23:56:28 ipsec,debug,packet abfee0bb 5c3ed096 84e28860 ac29d8ed 3108a3f3 ceb5891e c95c903f 1ca4e7c9
23:56:28 ipsec,debug nonce 1:
23:56:28 ipsec,debug e3a41e0e 42cd5282 7b41b35a 78b6872d
23:56:28 ipsec,debug nonce 2:
23:56:28 ipsec,debug f1ce2433 d31e98eb 821844e2 452fc626 d141fcdc f0512a45
23:56:28 ipsec,debug,packet hmac(hmac_sha1)
23:56:28 ipsec,debug SKEYID computed:
23:56:28 ipsec,debug d7652acd ddcbb1d1 0e081c80 5ac53601 f5c802d0
23:56:28 ipsec,debug,packet hmac(hmac_sha1)
23:56:28 ipsec,debug SKEYID_d computed:
23:56:28 ipsec,debug bd175301 a5166538 cf7df709 da85bd92 cc10ad59
23:56:28 ipsec,debug,packet hmac(hmac_sha1)
23:56:28 ipsec,debug SKEYID_a computed:
23:56:28 ipsec,debug 06f7a7e0 b085cb7b b9a7a7d9 e7e1031d c2cd7cf1
23:56:28 ipsec,debug,packet hmac(hmac_sha1)
23:56:28 ipsec,debug SKEYID_e computed:
23:56:28 ipsec,debug 1572f315 8ab5f691 e3913de3 a415486b f69770cb
23:56:28 ipsec,debug,packet encryption(aes)
23:56:28 ipsec,debug hash(sha1)
23:56:28 ipsec,debug final encryption key computed:
23:56:28 ipsec,debug 1572f315 8ab5f691 e3913de3 a415486b
23:56:28 ipsec,debug hash(sha1)
23:56:28 ipsec,debug,packet encryption(aes)
23:56:28 ipsec,debug IV computed:
23:56:28 ipsec,debug 4cada442 399ba9eb 654ad68e 186e8293
23:56:28 ipsec,debug ===== received 92 bytes from 217.118.92.66[60266] to 69.69.69.69[4500]
23:56:28 ipsec,debug,packet 1e1973d2 b9c07d61 5b331b45 5a6a8761 05100201 00000000 0000005c 5661dfa2
23:56:28 ipsec,debug,packet dd925690 0b8f1dc4 e78a1c37 dd4acb14 5b5971d2 94beebc8 c4a0d177 de7cb73a
23:56:28 ipsec,debug,packet 18390519 36af0fbf cb1bd84f 1b479c6d 5aaebe78 caa4efde af991ad6
23:56:28 ipsec,debug,packet encryption(aes)
23:56:28 ipsec,debug,packet IV was saved for next processing:
23:56:28 ipsec,debug,packet 1b479c6d 5aaebe78 caa4efde af991ad6
23:56:28 ipsec,debug,packet encryption(aes)
23:56:28 ipsec,debug,packet with key:
23:56:28 ipsec,debug,packet 1572f315 8ab5f691 e3913de3 a415486b
23:56:28 ipsec,debug,packet decrypted payload by IV:
23:56:28 ipsec,debug,packet 4cada442 399ba9eb 654ad68e 186e8293
23:56:28 ipsec,debug,packet decrypted payload, but not trimed.
23:56:28 ipsec,debug,packet 0800000c 011101f4 0ae61fc4 00000018 01c0e07d 04459b63 34059505 4aee3f75
23:56:28 ipsec,debug,packet 70ea996b 93cfafbb d097e7ca ec89ecef f9fc9d91 dbea8eed ee9cf69b eed0f81b
23:56:28 ipsec,debug,packet padding len=28
23:56:28 ipsec,debug,packet skip to trim padding.
23:56:28 ipsec,debug,packet decrypted.
23:56:28 ipsec,debug,packet 1e1973d2 b9c07d61 5b331b45 5a6a8761 05100201 00000000 0000005c 0800000c
23:56:28 ipsec,debug,packet 011101f4 0ae61fc4 00000018 01c0e07d 04459b63 34059505 4aee3f75 70ea996b
23:56:28 ipsec,debug,packet 93cfafbb d097e7ca ec89ecef f9fc9d91 dbea8eed ee9cf69b eed0f81b
23:56:28 ipsec,debug begin.
23:56:28 ipsec,debug seen nptype=5(id) len=12
23:56:28 ipsec,debug seen nptype=8(hash) len=24
23:56:28 ipsec,debug succeed.
23:56:28 ipsec,debug HASH received:
23:56:28 ipsec,debug 01c0e07d 04459b63 34059505 4aee3f75 70ea996b
23:56:28 ipsec,debug,packet HASH with:
23:56:28 ipsec,debug,packet b629b899 a4e49f73 ed7e6453 99237b17 c13eed43 4036e135 4d704fa4 28c53f54
23:56:28 ipsec,debug,packet f5ac73cf 3e32295e 92e7b9aa 6fa2ca5d 7bb019ab e3a9f31f ff73008d 071e2776
23:56:28 ipsec,debug,packet 5926e3d1 a769af96 a95e1817 0774eaf4 a2057e52 86df8964 939b1c78 4659f8de
23:56:28 ipsec,debug,packet 6bbce83a 46973b35 e98a82cd f4afc1fd 30f0fc2a ec5da9f7 c02546cf bc51065a
23:56:28 ipsec,debug,packet 06f70215 0d4cfda2 37249595 fc459bcd ef803e54 25ef0331 f4a892ca 1ac7fd53
23:56:28 ipsec,debug,packet 43b644f8 53c59333 cc06df1f 742af7f6 2e91d67b 0d6951da eeed5c0c fc7f1c49
23:56:28 ipsec,debug,packet 8f5f248a 06ea34d6 751d8b84 3bc22833 d2f6f974 60ad94ae 372638fb e52aa8d0
23:56:28 ipsec,debug,packet 05392934 d77e3eec f5137c61 0f8c3a8c a237eec4 318d746a dc6e3846 cb5dc140
23:56:28 ipsec,debug,packet 1e1973d2 b9c07d61 5b331b45 5a6a8761 00000001 00000001 00000230 01010010
23:56:28 ipsec,debug,packet 03000024 01010000 800b0001 800c7080 80010007 800e0100 80030001 80020005
23:56:28 ipsec,debug,packet 80040002 03000024 02010000 800b0001 800c7080 80010007 800e0100 80030001
23:56:28 ipsec,debug,packet 80020004 80040002 03000024 03010000 800b0001 800c7080 80010007 800e0100
23:56:28 ipsec,debug,packet 80030001 80020006 80040002 03000024 04010000 800b0001 800c7080 80010007
23:56:28 ipsec,debug,packet 800e0100 80030001 80020002 80040002 03000024 05010000 800b0001 800c7080
23:56:28 ipsec,debug,packet 80010007 800e0100 80030001 80020001 80040002 03000024 06010000 800b0001
23:56:28 ipsec,debug,packet 800c7080 80010007 800e0080 80030001 80020006 80040002 03000024 07010000
23:56:28 ipsec,debug,packet 800b0001 800c7080 80010007 800e0080 80030001 80020005 80040002 03000024
23:56:28 ipsec,debug,packet 08010000 800b0001 800c7080 80010007 800e0080 80030001 80020004 80040002
23:56:28 ipsec,debug,packet 03000024 09010000 800b0001 800c7080 80010007 800e0080 80030001 80020002
23:56:28 ipsec,debug,packet 80040002 03000024 0a010000 800b0001 800c7080 80010007 800e0080 80030001
23:56:28 ipsec,debug,packet 80020001 80040002 03000020 0b010000 800b0001 800c7080 80010005 80030001
23:56:28 ipsec,debug,packet 80020004 80040002 03000020 0c010000 800b0001 800c7080 80010005 80030001
23:56:28 ipsec,debug,packet 80020002 80040002 03000020 0d010000 800b0001 800c7080 80010005 80030001
23:56:28 ipsec,debug,packet 80020001 80040002 03000020 0e010000 800b0001 800c7080 80010001 80030001
23:56:28 ipsec,debug,packet 80020004 80040002 03000020 0f010000 800b0001 800c7080 80010001 80030001
23:56:28 ipsec,debug,packet 80020002 80040002 00000020 10010000 800b0001 800c7080 80010001 80030001
23:56:28 ipsec,debug,packet 80020001 80040002 011101f4 0ae61fc4
23:56:28 ipsec,debug,packet hmac(hmac_sha1)
23:56:28 ipsec,debug,packet HASH computed:
23:56:28 ipsec,debug,packet 01c0e07d 04459b63 34059505 4aee3f75 70ea996b
23:56:28 ipsec,debug HASH for PSK validated.
23:56:28 ipsec,debug 217.118.92.66 peer's ID
23:56:28 ipsec,debug 011101f4 0ae61fc4
23:56:28 ipsec,debug ===
23:56:28 ipsec,debug use ID type of IPv4_address
23:56:28 ipsec,debug generate HASH_R
23:56:28 ipsec,debug,packet HASH with:
23:56:28 ipsec,debug,packet 06f70215 0d4cfda2 37249595 fc459bcd ef803e54 25ef0331 f4a892ca 1ac7fd53
23:56:28 ipsec,debug,packet 43b644f8 53c59333 cc06df1f 742af7f6 2e91d67b 0d6951da eeed5c0c fc7f1c49
23:56:28 ipsec,debug,packet 8f5f248a 06ea34d6 751d8b84 3bc22833 d2f6f974 60ad94ae 372638fb e52aa8d0
23:56:28 ipsec,debug,packet 05392934 d77e3eec f5137c61 0f8c3a8c a237eec4 318d746a dc6e3846 cb5dc140
23:56:28 ipsec,debug,packet b629b899 a4e49f73 ed7e6453 99237b17 c13eed43 4036e135 4d704fa4 28c53f54
23:56:28 ipsec,debug,packet f5ac73cf 3e32295e 92e7b9aa 6fa2ca5d 7bb019ab e3a9f31f ff73008d 071e2776
23:56:28 ipsec,debug,packet 5926e3d1 a769af96 a95e1817 0774eaf4 a2057e52 86df8964 939b1c78 4659f8de
23:56:28 ipsec,debug,packet 6bbce83a 46973b35 e98a82cd f4afc1fd 30f0fc2a ec5da9f7 c02546cf bc51065a
23:56:28 ipsec,debug,packet 5b331b45 5a6a8761 1e1973d2 b9c07d61 00000001 00000001 00000230 01010010
23:56:28 ipsec,debug,packet 03000024 01010000 800b0001 800c7080 80010007 800e0100 80030001 80020005
23:56:28 ipsec,debug,packet 80040002 03000024 02010000 800b0001 800c7080 80010007 800e0100 80030001
23:56:28 ipsec,debug,packet 80020004 80040002 03000024 03010000 800b0001 800c7080 80010007 800e0100
23:56:28 ipsec,debug,packet 80030001 80020006 80040002 03000024 04010000 800b0001 800c7080 80010007
23:56:28 ipsec,debug,packet 800e0100 80030001 80020002 80040002 03000024 05010000 800b0001 800c7080
23:56:28 ipsec,debug,packet 80010007 800e0100 80030001 80020001 80040002 03000024 06010000 800b0001
23:56:28 ipsec,debug,packet 800c7080 80010007 800e0080 80030001 80020006 80040002 03000024 07010000
23:56:28 ipsec,debug,packet 800b0001 800c7080 80010007 800e0080 80030001 80020005 80040002 03000024
23:56:28 ipsec,debug,packet 08010000 800b0001 800c7080 80010007 800e0080 80030001 80020004 80040002
23:56:28 ipsec,debug,packet 03000024 09010000 800b0001 800c7080 80010007 800e0080 80030001 80020002
23:56:28 ipsec,debug,packet 80040002 03000024 0a010000 800b0001 800c7080 80010007 800e0080 80030001
23:56:28 ipsec,debug,packet 80020001 80040002 03000020 0b010000 800b0001 800c7080 80010005 80030001
23:56:28 ipsec,debug,packet 80020004 80040002 03000020 0c010000 800b0001 800c7080 80010005 80030001
23:56:28 ipsec,debug,packet 80020002 80040002 03000020 0d010000 800b0001 800c7080 80010005 80030001
23:56:28 ipsec,debug,packet 80020001 80040002 03000020 0e010000 800b0001 800c7080 80010001 80030001
23:56:28 ipsec,debug,packet 80020004 80040002 03000020 0f010000 800b0001 800c7080 80010001 80030001
23:56:28 ipsec,debug,packet 80020002 80040002 00000020 10010000 800b0001 800c7080 80010001 80030001
23:56:28 ipsec,debug,packet 80020001 80040002 011101f4 0ab0fc76
23:56:28 ipsec,debug,packet hmac(hmac_sha1)
23:56:28 ipsec,debug,packet HASH computed:
23:56:28 ipsec,debug,packet 8139d0e9 b8a33a07 943d2ec2 a2b4c278 7d45a0ba
23:56:28 ipsec,debug add payload of len 8, next type 8
23:56:28 ipsec,debug add payload of len 20, next type 0
23:56:28 ipsec,debug,packet begin encryption.
23:56:28 ipsec,debug,packet encryption(aes)
23:56:28 ipsec,debug,packet pad length = 12
23:56:28 ipsec,debug,packet 0800000c 011101f4 0ab0fc76 00000018 8139d0e9 b8a33a07 943d2ec2 a2b4c278
23:56:28 ipsec,debug,packet 7d45a0ba d59dbbab 97e09bc8 8de2f30b
23:56:28 ipsec,debug,packet encryption(aes)
23:56:28 ipsec,debug,packet with key:
23:56:28 ipsec,debug,packet 1572f315 8ab5f691 e3913de3 a415486b
23:56:28 ipsec,debug,packet encrypted payload by IV:
23:56:28 ipsec,debug,packet 1b479c6d 5aaebe78 caa4efde af991ad6
23:56:28 ipsec,debug,packet save IV for next:
23:56:28 ipsec,debug,packet 542c2db6 4dfb8bff 071f20b3 46e931ad
23:56:28 ipsec,debug,packet encrypted.
23:56:28 ipsec,debug 76 bytes from 69.69.69.69[4500] to 217.118.92.66[60266]
23:56:28 ipsec,debug 1 times of 80 bytes message will be sent to 217.118.92.66[60266]
23:56:28 ipsec,debug,packet 1e1973d2 b9c07d61 5b331b45 5a6a8761 05100201 00000000 0000004c 8ffdf01c
23:56:28 ipsec,debug,packet 24c4b1d2 552b5c74 98a4adeb 330c8860 89b109c6 c6974895 f7b8b837 542c2db6
23:56:28 ipsec,debug,packet 4dfb8bff 071f20b3 46e931ad
23:56:28 ipsec,debug,packet compute IV for phase2
23:56:28 ipsec,debug,packet phase1 last IV:
23:56:28 ipsec,debug,packet 542c2db6 4dfb8bff 071f20b3 46e931ad f42c7bd7
23:56:28 ipsec,debug hash(sha1)
23:56:28 ipsec,debug,packet encryption(aes)
23:56:28 ipsec,debug,packet phase2 IV computed:
23:56:28 ipsec,debug,packet c20f5ffa 641a2135 bd87dd50 0de56862
23:56:28 ipsec,debug,packet HASH with:
23:56:28 ipsec,debug,packet f42c7bd7 0000001c 00000001 01106002 1e1973d2 b9c07d61 5b331b45 5a6a8761
23:56:28 ipsec,debug,packet hmac(hmac_sha1)
23:56:28 ipsec,debug,packet HASH computed:
23:56:28 ipsec,debug,packet c4e41ab9 81eef791 e30ad4f3 3a61002d 71c390f3
23:56:28 ipsec,debug,packet begin encryption.
23:56:28 ipsec,debug,packet encryption(aes)
23:56:28 ipsec,debug,packet pad length = 12
23:56:28 ipsec,debug,packet 0b000018 c4e41ab9 81eef791 e30ad4f3 3a61002d 71c390f3 0000001c 00000001
23:56:28 ipsec,debug,packet 01106002 1e1973d2 b9c07d61 5b331b45 5a6a8761 fdf8f3d8 9ab7b598 81b7a30b
23:56:28 ipsec,debug,packet encryption(aes)
23:56:28 ipsec,debug,packet with key:
23:56:28 ipsec,debug,packet 1572f315 8ab5f691 e3913de3 a415486b
23:56:28 ipsec,debug,packet encrypted payload by IV:
23:56:28 ipsec,debug,packet c20f5ffa 641a2135 bd87dd50 0de56862
23:56:28 ipsec,debug,packet save IV for next:
23:56:28 ipsec,debug,packet 6020e2f3 e41173dc 14aa3975 59b0abba
23:56:28 ipsec,debug,packet encrypted.
23:56:28 ipsec,debug 92 bytes from 69.69.69.69[4500] to 217.118.92.66[60266]
23:56:28 ipsec,debug 1 times of 96 bytes message will be sent to 217.118.92.66[60266]
23:56:28 ipsec,debug,packet 1e1973d2 b9c07d61 5b331b45 5a6a8761 08100501 f42c7bd7 0000005c 4ae899c1
23:56:28 ipsec,debug,packet 9943b7f6 c1f06740 3f6a0277 bea1a2d0 31255d2f 1d8ae04d 864d6a9a 87c0ee89
23:56:28 ipsec,debug,packet 2ffcc484 b73779ac 5fc542c4 6020e2f3 e41173dc 14aa3975 59b0abba
23:56:28 ipsec,debug sendto Information notify.
23:56:28 ipsec,info ISAKMP-SA established 69.69.69.69[4500]-217.118.92.66[60266] spi:1e1973d2b9c07d61:5b331b455a6a8761
23:56:28 ipsec,debug ===
23:56:28 firewall,info VPN: input: in:ether1 out:(unknown 0), src-mac 9c:37:f4:02:10:e7, proto UDP, 217.118.92.66:60266->69.69.69.69:4500, len 124
23:56:28 ipsec,debug ===== received 108 bytes from 217.118.92.66[60266] to 69.69.69.69[4500]
23:56:28 ipsec,debug,packet 1e1973d2 b9c07d61 5b331b45 5a6a8761 08100501 f899fba9 0000006c 9e7e9b5e
23:56:28 ipsec,debug,packet 6831953c 9e56c5f7 6ecc36ef 17fb13e7 f02c54b0 0c512402 d439dc3e 8121ebb2
23:56:28 ipsec,debug,packet ceb0fa29 8e9f4daf 51279bfa 0adc1228 03f2c6c3 c42fa8a5 8f4c5338 9fb870e8
23:56:28 ipsec,debug,packet 855e8497 083da244 52edfa22
23:56:28 ipsec,debug receive Information.
23:56:28 ipsec,debug,packet compute IV for phase2
23:56:28 ipsec,debug,packet phase1 last IV:
23:56:28 ipsec,debug,packet 542c2db6 4dfb8bff 071f20b3 46e931ad f899fba9
23:56:28 ipsec,debug hash(sha1)
23:56:28 ipsec,debug,packet encryption(aes)
23:56:28 ipsec,debug,packet phase2 IV computed:
23:56:28 ipsec,debug,packet 6d5ceed6 932e4db3 7ece641c cdab016d
23:56:28 ipsec,debug,packet encryption(aes)
23:56:28 ipsec,debug,packet IV was saved for next processing:
23:56:28 ipsec,debug,packet 9fb870e8 855e8497 083da244 52edfa22
23:56:28 ipsec,debug,packet encryption(aes)
23:56:28 ipsec,debug,packet with key:
23:56:28 ipsec,debug,packet 1572f315 8ab5f691 e3913de3 a415486b
23:56:28 ipsec,debug,packet decrypted payload by IV:
23:56:28 ipsec,debug,packet 6d5ceed6 932e4db3 7ece641c cdab016d
23:56:28 ipsec,debug,packet decrypted payload, but not trimed.
23:56:28 ipsec,debug,packet 0b000018 b83471dc 591d331d a6f3c92e 50b5842c d10580eb 0000001c 00000001
23:56:28 ipsec,debug,packet 01106002 1e1973d2 b9c07d61 5b331b45 5a6a8761 82f9bc82 f3cbf4f5 e4ccd1b4
23:56:28 ipsec,debug,packet fabce1fa 9a84df8f f7c08a92 88ffeb1b
23:56:28 ipsec,debug,packet padding len=28
23:56:28 ipsec,debug,packet skip to trim padding.
23:56:28 ipsec,debug,packet decrypted.
23:56:28 ipsec,debug,packet 1e1973d2 b9c07d61 5b331b45 5a6a8761 08100501 f899fba9 0000006c 0b000018
23:56:28 ipsec,debug,packet b83471dc 591d331d a6f3c92e 50b5842c d10580eb 0000001c 00000001 01106002
23:56:28 ipsec,debug,packet 1e1973d2 b9c07d61 5b331b45 5a6a8761 82f9bc82 f3cbf4f5 e4ccd1b4 fabce1fa
23:56:28 ipsec,debug,packet 9a84df8f f7c08a92 88ffeb1b
23:56:28 ipsec,debug,packet HASH with:
23:56:28 ipsec,debug,packet f899fba9 0000001c 00000001 01106002 1e1973d2 b9c07d61 5b331b45 5a6a8761
23:56:28 ipsec,debug,packet hmac(hmac_sha1)
23:56:28 ipsec,debug,packet HASH computed:
23:56:28 ipsec,debug,packet b83471dc 591d331d a6f3c92e 50b5842c d10580eb
23:56:28 ipsec,debug hash validated.
23:56:28 ipsec,debug begin.
23:56:28 ipsec,debug seen nptype=8(hash) len=24
23:56:28 ipsec,debug seen nptype=11(notify) len=28
23:56:28 ipsec,debug succeed.
23:56:28 ipsec,debug 217.118.92.66 notify: INITIAL-CONTACT
23:56:29 ipsec,debug KA: 69.69.69.69[4500]->217.118.92.66[60266]
23:56:29 ipsec,debug 1 times of 1 bytes message will be sent to 217.118.92.66[60266]
23:56:29 ipsec,debug,packet ff
23:56:29 ipsec,debug ===== received 668 bytes from 217.118.92.66[60266] to 69.69.69.69[4500]
23:56:29 ipsec,debug,packet 1e1973d2 b9c07d61 5b331b45 5a6a8761 08102001 d6626486 0000029c 6eed290a
23:56:29 ipsec,debug,packet 3ec01c05 d52808c4 025700c5 d9a34ef4 1827d15d bbbfdeb5 e77a441d 0151be92
23:56:29 ipsec,debug,packet 7c656e13 698b5ceb 3f5aa05a 30339607 e496b962 fe320285 7faa984a e513916f
23:56:29 ipsec,debug,packet 47256d21 fd118531 2ff51315 54b1cae6 ef29c057 850c26bc 51b43451 9f66964b
23:56:29 ipsec,debug,packet b9f2d3cc 16f2dd62 131ef939 8a82c290 c74ec8dd 4b8e0dec 663ecb66 e2f6b5fe
23:56:29 ipsec,debug,packet 98bc1432 e2b30fa3 fb301b27 e5e1e819 53bf0cf4 faa58144 bfdb3491 2df84688
23:56:29 ipsec,debug,packet fa6082c3 199fd351 c056f625 e5bf32f3 652ca37b f1dee98d beacf5c5 910b8290
23:56:29 ipsec,debug,packet 523c77d8 bcd773ab dab9be16 0375e2f4 c077a9ae 64b3fece 4a0203a0 a29fa8a1
23:56:29 ipsec,debug,packet 7274d2b7 717782ad f6bfdedd 5c6ad406 d09d7b53 9ac0829c 2e7732ff 0666a8b5
23:56:29 ipsec,debug,packet 0c3f2f45 a06e0a9e 0cd74c40 c4114b5a c6362352 03215788 b4981759 06594524
23:56:29 ipsec,debug,packet fe3f9da5 5b5f3ae1 53131fd8 23a3503e 25b19834 8396a427 4ad82648 ea66f961
23:56:29 ipsec,debug,packet eecd281d 80411c0c 97c597c2 6360915b 66466489 48d2c991 ba19fdc7 0cc93b1a
23:56:29 ipsec,debug,packet 12918b7a f7578c31 79644ffe c12c3a48 ffb3a49a 0b7b90f7 8bab9795 d3e9731f
23:56:29 ipsec,debug,packet b43ead44 5dba9f0b 90ee4370 e2525989 ef6faa82 ca0efddc 0f65fc26 b0c8ba98
23:56:29 ipsec,debug,packet cd58335a b595606b 454683d8 615b4e0b c930a840 6b64d8b2 2e80f6bb 994a7465
23:56:29 ipsec,debug,packet 16f0c573 6962c92d fe4b5555 e41fd802 2f73efb8 0ed44ef9 6468dc04 e0b8526a
23:56:29 ipsec,debug,packet 7b702c80 91e0f844 1e53f93b 34829334 056167f9 466cf9bf 87719f89 cd86b944
23:56:29 ipsec,debug,packet 596edfb1 4a0316a9 0abe3c78 edc1f0bc 6d0f4833 6d185506 f3f1d3e1 2b7af7fe
23:56:29 ipsec,debug,packet 7ff4c6ac 2e900c17 81ec0d10 236967e9 78f10e51 7f433640 a33bfd3f 852641d0
23:56:29 ipsec,debug,packet 4aaa30cc a7ca0074 4fee9da1 ab216479 a02ddba0 1bafe211 427fb93d 623923ae
23:56:29 ipsec,debug,packet 6ea41a97 f6804e94 0fcf38f0 27f8b725 8c6ccf0d 5ed87295 5adc2e48
23:56:29 ipsec,debug,packet compute IV for phase2
23:56:29 ipsec,debug,packet phase1 last IV:
23:56:29 ipsec,debug,packet 542c2db6 4dfb8bff 071f20b3 46e931ad d6626486
23:56:29 ipsec,debug hash(sha1)
23:56:29 ipsec,debug,packet encryption(aes)
23:56:29 ipsec,debug,packet phase2 IV computed:
23:56:29 ipsec,debug,packet 30ae8e90 bfee426e 14899384 285096e3
23:56:29 ipsec,debug ===
23:56:29 ipsec,debug,packet encryption(aes)
23:56:29 ipsec,debug,packet IV was saved for next processing:
23:56:29 ipsec,debug,packet 27f8b725 8c6ccf0d 5ed87295 5adc2e48
23:56:29 ipsec,debug,packet encryption(aes)
23:56:29 ipsec,debug,packet with key:
23:56:29 ipsec,debug,packet 1572f315 8ab5f691 e3913de3 a415486b
23:56:29 ipsec,debug,packet decrypted payload by IV:
23:56:29 ipsec,debug,packet 30ae8e90 bfee426e 14899384 285096e3
23:56:29 ipsec,debug,packet decrypted payload, but not trimed.
23:56:29 ipsec,debug,packet 01000018 ca9c6126 42898bf2 8c005b22 d3d52e8c eeb7aee0 0a000220 00000001
23:56:29 ipsec,debug,packet 00000001 00000214 01030414 0f48e257 0300001c 010c0000 80010001 80027080
23:56:29 ipsec,debug,packet 80040004 80060100 80050007 0300001c 020c0000 80010001 80027080 80040004
23:56:29 ipsec,debug,packet 80060100 80050006 0300001c 030c0000 80010001 80027080 80040004 80060100
23:56:29 ipsec,debug,packet 80050002 0300001c 040c0000 80010001 80027080 80040004 80060100 80050005
23:56:29 ipsec,debug,packet 0300001c 050c0000 80010001 80027080 80040004 80060100 80050001 0300001c
23:56:29 ipsec,debug,packet 060c0000 80010001 80027080 80040004 80060080 80050007 0300001c 070c0000
23:56:29 ipsec,debug,packet 80010001 80027080 80040004 80060080 80050006 0300001c 080c0000 80010001
23:56:29 ipsec,debug,packet 80027080 80040004 80060080 80050002 0300001c 090c0000 80010001 80027080
23:56:29 ipsec,debug,packet 80040004 80060080 80050005 0300001c 0a0c0000 80010001 80027080 80040004
23:56:29 ipsec,debug,packet 80060080 80050001 03000018 0b030000 80010001 80027080 80040004 80050007
23:56:29 ipsec,debug,packet 03000018 0c030000 80010001 80027080 80040004 80050006 03000018 0d030000
23:56:29 ipsec,debug,packet 80010001 80027080 80040004 80050002 03000018 0e030000 80010001 80027080
23:56:29 ipsec,debug,packet 80040004 80050005 03000018 0f030000 80010001 80027080 80040004 80050001
23:56:29 ipsec,debug,packet 03000018 10020000 80010001 80027080 80040004 80050007 03000018 11020000
23:56:29 ipsec,debug,packet 80010001 80027080 80040004 80050006 03000018 12020000 80010001 80027080
23:56:29 ipsec,debug,packet 80040004 80050002 03000018 13020000 80010001 80027080 80040004 80050005
23:56:29 ipsec,debug,packet 00000018 14020000 80010001 80027080 80040004 80050001 05000014 aca484dc
23:56:29 ipsec,debug,packet d437bfc0 c1296ae5 92eb5d69 0500000c 01110000 0ae61fc4 0000000c 011106a5
23:56:29 ipsec,debug,packet bc865147 b2eba9d3 defeef91 fda4e48a f18996c9 a683aaca f9b1ccc1 d398d41b
23:56:29 ipsec,debug,packet padding len=28
23:56:29 ipsec,debug,packet skip to trim padding.
23:56:29 ipsec,debug,packet decrypted.
23:56:29 ipsec,debug,packet 1e1973d2 b9c07d61 5b331b45 5a6a8761 08102001 d6626486 0000029c 01000018
23:56:29 ipsec,debug,packet ca9c6126 42898bf2 8c005b22 d3d52e8c eeb7aee0 0a000220 00000001 00000001
23:56:29 ipsec,debug,packet 00000214 01030414 0f48e257 0300001c 010c0000 80010001 80027080 80040004
23:56:29 ipsec,debug,packet 80060100 80050007 0300001c 020c0000 80010001 80027080 80040004 80060100
23:56:29 ipsec,debug,packet 80050006 0300001c 030c0000 80010001 80027080 80040004 80060100 80050002
23:56:29 ipsec,debug,packet 0300001c 040c0000 80010001 80027080 80040004 80060100 80050005 0300001c
23:56:29 ipsec,debug,packet 050c0000 80010001 80027080 80040004 80060100 80050001 0300001c 060c0000
23:56:29 ipsec,debug,packet 80010001 80027080 80040004 80060080 80050007 0300001c 070c0000 80010001
23:56:29 ipsec,debug,packet 80027080 80040004 80060080 80050006 0300001c 080c0000 80010001 80027080
23:56:29 ipsec,debug,packet 80040004 80060080 80050002 0300001c 090c0000 80010001 80027080 80040004
23:56:29 ipsec,debug,packet 80060080 80050005 0300001c 0a0c0000 80010001 80027080 80040004 80060080
23:56:29 ipsec,debug,packet 80050001 03000018 0b030000 80010001 80027080 80040004 80050007 03000018
23:56:29 ipsec,debug,packet 0c030000 80010001 80027080 80040004 80050006 03000018 0d030000 80010001
23:56:29 ipsec,debug,packet 80027080 80040004 80050002 03000018 0e030000 80010001 80027080 80040004
23:56:29 ipsec,debug,packet 80050005 03000018 0f030000 80010001 80027080 80040004 80050001 03000018
23:56:29 ipsec,debug,packet 10020000 80010001 80027080 80040004 80050007 03000018 11020000 80010001
23:56:29 ipsec,debug,packet 80027080 80040004 80050006 03000018 12020000 80010001 80027080 80040004
23:56:29 ipsec,debug,packet 80050002 03000018 13020000 80010001 80027080 80040004 80050005 00000018
23:56:29 ipsec,debug,packet 14020000 80010001 80027080 80040004 80050001 05000014 aca484dc d437bfc0
23:56:29 ipsec,debug,packet c1296ae5 92eb5d69 0500000c 01110000 0ae61fc4 0000000c 011106a5 bc865147
23:56:29 ipsec,debug,packet b2eba9d3 defeef91 fda4e48a f18996c9 a683aaca f9b1ccc1 d398d41b
23:56:29 ipsec,debug begin.
23:56:29 ipsec,debug seen nptype=8(hash) len=24
23:56:29 ipsec,debug seen nptype=1(sa) len=544
23:56:29 ipsec,debug seen nptype=10(nonce) len=20
23:56:29 ipsec,debug seen nptype=5(id) len=12
23:56:29 ipsec,debug seen nptype=5(id) len=12
23:56:29 ipsec,debug succeed.
23:56:29 ipsec,debug received IDci2:
23:56:29 ipsec,debug 01110000 0ae61fc4
23:56:29 ipsec,debug received IDcr2:
23:56:29 ipsec,debug 011106a5 bc865147
23:56:29 ipsec,debug HASH(1) validate:
23:56:29 ipsec,debug ca9c6126 42898bf2 8c005b22 d3d52e8c eeb7aee0
23:56:29 ipsec,debug,packet HASH with:
23:56:29 ipsec,debug,packet d6626486 0a000220 00000001 00000001 00000214 01030414 0f48e257 0300001c
23:56:29 ipsec,debug,packet 010c0000 80010001 80027080 80040004 80060100 80050007 0300001c 020c0000
23:56:29 ipsec,debug,packet 80010001 80027080 80040004 80060100 80050006 0300001c 030c0000 80010001
23:56:29 ipsec,debug,packet 80027080 80040004 80060100 80050002 0300001c 040c0000 80010001 80027080
23:56:29 ipsec,debug,packet 80040004 80060100 80050005 0300001c 050c0000 80010001 80027080 80040004
23:56:29 ipsec,debug,packet 80060100 80050001 0300001c 060c0000 80010001 80027080 80040004 80060080
23:56:29 ipsec,debug,packet 80050007 0300001c 070c0000 80010001 80027080 80040004 80060080 80050006
23:56:29 ipsec,debug,packet 0300001c 080c0000 80010001 80027080 80040004 80060080 80050002 0300001c
23:56:29 ipsec,debug,packet 090c0000 80010001 80027080 80040004 80060080 80050005 0300001c 0a0c0000
23:56:29 ipsec,debug,packet 80010001 80027080 80040004 80060080 80050001 03000018 0b030000 80010001
23:56:29 ipsec,debug,packet 80027080 80040004 80050007 03000018 0c030000 80010001 80027080 80040004
23:56:29 ipsec,debug,packet 80050006 03000018 0d030000 80010001 80027080 80040004 80050002 03000018
23:56:29 ipsec,debug,packet 0e030000 80010001 80027080 80040004 80050005 03000018 0f030000 80010001
23:56:29 ipsec,debug,packet 80027080 80040004 80050001 03000018 10020000 80010001 80027080 80040004
23:56:29 ipsec,debug,packet 80050007 03000018 11020000 80010001 80027080 80040004 80050006 03000018
23:56:29 ipsec,debug,packet 12020000 80010001 80027080 80040004 80050002 03000018 13020000 80010001
23:56:29 ipsec,debug,packet 80027080 80040004 80050005 00000018 14020000 80010001 80027080 80040004
23:56:29 ipsec,debug,packet 80050001 05000014 aca484dc d437bfc0 c1296ae5 92eb5d69 0500000c 01110000
23:56:29 ipsec,debug,packet 0ae61fc4 0000000c 011106a5 bc865147
23:56:29 ipsec,debug,packet hmac(hmac_sha1)
23:56:29 ipsec,debug,packet HASH computed:
23:56:29 ipsec,debug,packet ca9c6126 42898bf2 8c005b22 d3d52e8c eeb7aee0
23:56:29 ipsec,debug total SA len=540
23:56:29 ipsec,debug 00000001 00000001 00000214 01030414 0f48e257 0300001c 010c0000 80010001
23:56:29 ipsec,debug 80027080 80040004 80060100 80050007 0300001c 020c0000 80010001 80027080
23:56:29 ipsec,debug 80040004 80060100 80050006 0300001c 030c0000 80010001 80027080 80040004
23:56:29 ipsec,debug 80060100 80050002 0300001c 040c0000 80010001 80027080 80040004 80060100
23:56:29 ipsec,debug 80050005 0300001c 050c0000 80010001 80027080 80040004 80060100 80050001
23:56:29 ipsec,debug 0300001c 060c0000 80010001 80027080 80040004 80060080 80050007 0300001c
23:56:29 ipsec,debug 070c0000 80010001 80027080 80040004 80060080 80050006 0300001c 080c0000
23:56:29 ipsec,debug 80010001 80027080 80040004 80060080 80050002 0300001c 090c0000 80010001
23:56:29 ipsec,debug 80027080 80040004 80060080 80050005 0300001c 0a0c0000 80010001 80027080
23:56:29 ipsec,debug 80040004 80060080 80050001 03000018 0b030000 80010001 80027080 80040004
23:56:29 ipsec,debug 80050007 03000018 0c030000 80010001 80027080 80040004 80050006 03000018
23:56:29 ipsec,debug 0d030000 80010001 80027080 80040004 80050002 03000018 0e030000 80010001
23:56:29 ipsec,debug 80027080 80040004 80050005 03000018 0f030000 80010001 80027080 80040004
23:56:29 ipsec,debug 80050001 03000018 10020000 80010001 80027080 80040004 80050007 03000018
23:56:29 ipsec,debug 11020000 80010001 80027080 80040004 80050006 03000018 12020000 80010001
23:56:29 ipsec,debug 80027080 80040004 80050002 03000018 13020000 80010001 80027080 80040004
23:56:29 ipsec,debug 80050005 00000018 14020000 80010001 80027080 80040004 80050001
23:56:29 ipsec,debug begin.
23:56:29 ipsec,debug seen nptype=2(prop) len=532
23:56:29 ipsec,debug succeed.
23:56:29 ipsec,debug proposal #1 len=532
23:56:29 ipsec,debug begin.
23:56:29 ipsec,debug seen nptype=3(trns) len=28
23:56:29 ipsec,debug seen nptype=3(trns) len=28
23:56:29 ipsec,debug seen nptype=3(trns) len=28
23:56:29 ipsec,debug seen nptype=3(trns) len=28
23:56:29 ipsec,debug seen nptype=3(trns) len=28
23:56:29 ipsec,debug seen nptype=3(trns) len=28
23:56:29 ipsec,debug seen nptype=3(trns) len=28
23:56:29 ipsec,debug seen nptype=3(trns) len=28
23:56:29 ipsec,debug seen nptype=3(trns) len=28
23:56:29 ipsec,debug seen nptype=3(trns) len=28
23:56:29 ipsec,debug seen nptype=3(trns) len=24
23:56:29 ipsec,debug seen nptype=3(trns) len=24
23:56:29 ipsec,debug seen nptype=3(trns) len=24
23:56:29 ipsec,debug seen nptype=3(trns) len=24
23:56:29 ipsec,debug seen nptype=3(trns) len=24
23:56:29 ipsec,debug seen nptype=3(trns) len=24
23:56:29 ipsec,debug seen nptype=3(trns) len=24
23:56:29 ipsec,debug seen nptype=3(trns) len=24
23:56:29 ipsec,debug seen nptype=3(trns) len=24
23:56:29 ipsec,debug seen nptype=3(trns) len=24
23:56:29 ipsec,debug succeed.
23:56:29 ipsec,debug transform #1 len=28
23:56:29 ipsec,debug type=SA Life Type, flag=0x8000, lorv=seconds
23:56:29 ipsec,debug type=SA Life Duration, flag=0x8000, lorv=28800
23:56:29 ipsec,debug life duration was in TLV.
23:56:29 ipsec,debug type=Encryption Mode, flag=0x8000, lorv=UDP-Transport
23:56:29 ipsec,debug UDP encapsulation requested
23:56:29 ipsec,debug type=Key Length, flag=0x8000, lorv=256
23:56:29 ipsec,debug type=Authentication Algorithm, flag=0x8000, lorv=hmac-sha512
23:56:29 ipsec,debug transform #2 len=28
23:56:29 ipsec,debug type=SA Life Type, flag=0x8000, lorv=seconds
23:56:29 ipsec,debug type=SA Life Duration, flag=0x8000, lorv=28800
23:56:29 ipsec,debug life duration was in TLV.
23:56:29 ipsec,debug type=Encryption Mode, flag=0x8000, lorv=UDP-Transport
23:56:29 ipsec,debug UDP encapsulation requested
23:56:29 ipsec,debug type=Key Length, flag=0x8000, lorv=256
23:56:29 ipsec,debug type=Authentication Algorithm, flag=0x8000, lorv=6
23:56:29 ipsec,debug transform #3 len=28
23:56:29 ipsec,debug type=SA Life Type, flag=0x8000, lorv=seconds
23:56:29 ipsec,debug type=SA Life Duration, flag=0x8000, lorv=28800
23:56:29 ipsec,debug life duration was in TLV.
23:56:29 ipsec,debug type=Encryption Mode, flag=0x8000, lorv=UDP-Transport
23:56:29 ipsec,debug UDP encapsulation requested
23:56:29 ipsec,debug type=Key Length, flag=0x8000, lorv=256
23:56:29 ipsec,debug type=Authentication Algorithm, flag=0x8000, lorv=hmac-sha1
23:56:29 ipsec,debug transform #4 len=28
23:56:29 ipsec,debug type=SA Life Type, flag=0x8000, lorv=seconds
23:56:29 ipsec,debug type=SA Life Duration, flag=0x8000, lorv=28800
23:56:29 ipsec,debug life duration was in TLV.
23:56:29 ipsec,debug type=Encryption Mode, flag=0x8000, lorv=UDP-Transport
23:56:29 ipsec,debug UDP encapsulation requested
23:56:29 ipsec,debug type=Key Length, flag=0x8000, lorv=256
23:56:29 ipsec,debug type=Authentication Algorithm, flag=0x8000, lorv=hmac-sha256
23:56:29 ipsec,debug transform #5 len=28
23:56:29 ipsec,debug type=SA Life Type, flag=0x8000, lorv=seconds
23:56:29 ipsec,debug type=SA Life Duration, flag=0x8000, lorv=28800
23:56:29 ipsec,debug life duration was in TLV.
23:56:29 ipsec,debug type=Encryption Mode, flag=0x8000, lorv=UDP-Transport
23:56:29 ipsec,debug UDP encapsulation requested
23:56:29 ipsec,debug type=Key Length, flag=0x8000, lorv=256
23:56:29 ipsec,debug type=Authentication Algorithm, flag=0x8000, lorv=hmac-md5
23:56:29 ipsec,debug transform #6 len=28
23:56:29 ipsec,debug type=SA Life Type, flag=0x8000, lorv=seconds
23:56:29 ipsec,debug type=SA Life Duration, flag=0x8000, lorv=28800
23:56:29 ipsec,debug life duration was in TLV.
23:56:29 ipsec,debug type=Encryption Mode, flag=0x8000, lorv=UDP-Transport
23:56:29 ipsec,debug UDP encapsulation requested
23:56:29 ipsec,debug type=Key Length, flag=0x8000, lorv=128
23:56:29 ipsec,debug type=Authentication Algorithm, flag=0x8000, lorv=hmac-sha512
23:56:29 ipsec,debug transform #7 len=28
23:56:29 ipsec,debug type=SA Life Type, flag=0x8000, lorv=seconds
23:56:29 ipsec,debug type=SA Life Duration, flag=0x8000, lorv=28800
23:56:29 ipsec,debug life duration was in TLV.
23:56:29 ipsec,debug type=Encryption Mode, flag=0x8000, lorv=UDP-Transport
23:56:29 ipsec,debug UDP encapsulation requested
23:56:29 ipsec,debug type=Key Length, flag=0x8000, lorv=128
23:56:29 ipsec,debug type=Authentication Algorithm, flag=0x8000, lorv=6
23:56:29 ipsec,debug transform #8 len=28
23:56:29 ipsec,debug type=SA Life Type, flag=0x8000, lorv=seconds
23:56:29 ipsec,debug type=SA Life Duration, flag=0x8000, lorv=28800
23:56:29 ipsec,debug life duration was in TLV.
23:56:29 ipsec,debug type=Encryption Mode, flag=0x8000, lorv=UDP-Transport
23:56:29 ipsec,debug UDP encapsulation requested
23:56:29 ipsec,debug type=Key Length, flag=0x8000, lorv=128
23:56:29 ipsec,debug type=Authentication Algorithm, flag=0x8000, lorv=hmac-sha1
23:56:29 ipsec,debug transform #9 len=28
23:56:29 ipsec,debug type=SA Life Type, flag=0x8000, lorv=seconds
23:56:29 ipsec,debug type=SA Life Duration, flag=0x8000, lorv=28800
23:56:29 ipsec,debug life duration was in TLV.
23:56:29 ipsec,debug type=Encryption Mode, flag=0x8000, lorv=UDP-Transport
23:56:29 ipsec,debug UDP encapsulation requested
23:56:29 ipsec,debug type=Key Length, flag=0x8000, lorv=128
23:56:29 ipsec,debug type=Authentication Algorithm, flag=0x8000, lorv=hmac-sha256
23:56:29 ipsec,debug transform #10 len=28
23:56:29 ipsec,debug type=SA Life Type, flag=0x8000, lorv=seconds
23:56:29 ipsec,debug type=SA Life Duration, flag=0x8000, lorv=28800
23:56:29 ipsec,debug life duration was in TLV.
23:56:29 ipsec,debug type=Encryption Mode, flag=0x8000, lorv=UDP-Transport
23:56:29 ipsec,debug UDP encapsulation requested
23:56:29 ipsec,debug type=Key Length, flag=0x8000, lorv=128
23:56:29 ipsec,debug type=Authentication Algorithm, flag=0x8000, lorv=hmac-md5
23:56:29 ipsec,debug transform #11 len=24
23:56:29 ipsec,debug type=SA Life Type, flag=0x8000, lorv=seconds
23:56:29 ipsec,debug type=SA Life Duration, flag=0x8000, lorv=28800
23:56:29 ipsec,debug life duration was in TLV.
23:56:29 ipsec,debug type=Encryption Mode, flag=0x8000, lorv=UDP-Transport
23:56:29 ipsec,debug UDP encapsulation requested
23:56:29 ipsec,debug type=Authentication Algorithm, flag=0x8000, lorv=hmac-sha512
23:56:29 ipsec,debug transform #12 len=24
23:56:29 ipsec,debug type=SA Life Type, flag=0x8000, lorv=seconds
23:56:29 ipsec,debug type=SA Life Duration, flag=0x8000, lorv=28800
23:56:29 ipsec,debug life duration was in TLV.
23:56:29 ipsec,debug type=Encryption Mode, flag=0x8000, lorv=UDP-Transport
23:56:29 ipsec,debug UDP encapsulation requested
23:56:29 ipsec,debug type=Authentication Algorithm, flag=0x8000, lorv=6
23:56:29 ipsec,debug transform #13 len=24
23:56:29 ipsec,debug type=SA Life Type, flag=0x8000, lorv=seconds
23:56:29 ipsec,debug type=SA Life Duration, flag=0x8000, lorv=28800
23:56:29 ipsec,debug life duration was in TLV.
23:56:29 ipsec,debug type=Encryption Mode, flag=0x8000, lorv=UDP-Transport
23:56:29 ipsec,debug UDP encapsulation requested
23:56:29 ipsec,debug type=Authentication Algorithm, flag=0x8000, lorv=hmac-sha1
23:56:29 ipsec,debug transform #14 len=24
23:56:29 ipsec,debug type=SA Life Type, flag=0x8000, lorv=seconds
23:56:29 ipsec,debug type=SA Life Duration, flag=0x8000, lorv=28800
23:56:29 ipsec,debug life duration was in TLV.
23:56:29 ipsec,debug type=Encryption Mode, flag=0x8000, lorv=UDP-Transport
23:56:29 ipsec,debug UDP encapsulation requested
23:56:29 ipsec,debug type=Authentication Algorithm, flag=0x8000, lorv=hmac-sha256
23:56:29 ipsec,debug transform #15 len=24
23:56:29 ipsec,debug type=SA Life Type, flag=0x8000, lorv=seconds
23:56:29 ipsec,debug type=SA Life Duration, flag=0x8000, lorv=28800
23:56:29 ipsec,debug life duration was in TLV.
23:56:29 ipsec,debug type=Encryption Mode, flag=0x8000, lorv=UDP-Transport
23:56:29 ipsec,debug UDP encapsulation requested
23:56:29 ipsec,debug type=Authentication Algorithm, flag=0x8000, lorv=hmac-md5
23:56:29 ipsec,debug transform #16 len=24
23:56:29 ipsec,debug type=SA Life Type, flag=0x8000, lorv=seconds
23:56:29 ipsec,debug type=SA Life Duration, flag=0x8000, lorv=28800
23:56:29 ipsec,debug life duration was in TLV.
23:56:29 ipsec,debug type=Encryption Mode, flag=0x8000, lorv=UDP-Transport
23:56:29 ipsec,debug UDP encapsulation requested
23:56:29 ipsec,debug type=Authentication Algorithm, flag=0x8000, lorv=hmac-sha512
23:56:29 ipsec,debug transform #17 len=24
23:56:29 ipsec,debug type=SA Life Type, flag=0x8000, lorv=seconds
23:56:29 ipsec,debug type=SA Life Duration, flag=0x8000, lorv=28800
23:56:29 ipsec,debug life duration was in TLV.
23:56:29 ipsec,debug type=Encryption Mode, flag=0x8000, lorv=UDP-Transport
23:56:29 ipsec,debug UDP encapsulation requested
23:56:29 ipsec,debug type=Authentication Algorithm, flag=0x8000, lorv=6
23:56:29 ipsec,debug transform #18 len=24
23:56:29 ipsec,debug type=SA Life Type, flag=0x8000, lorv=seconds
23:56:29 ipsec,debug type=SA Life Duration, flag=0x8000, lorv=28800
23:56:29 ipsec,debug life duration was in TLV.
23:56:29 ipsec,debug type=Encryption Mode, flag=0x8000, lorv=UDP-Transport
23:56:29 ipsec,debug UDP encapsulation requested
23:56:29 ipsec,debug type=Authentication Algorithm, flag=0x8000, lorv=hmac-sha1
23:56:29 ipsec,debug transform #19 len=24
23:56:29 ipsec,debug type=SA Life Type, flag=0x8000, lorv=seconds
23:56:29 ipsec,debug type=SA Life Duration, flag=0x8000, lorv=28800
23:56:29 ipsec,debug life duration was in TLV.
23:56:29 ipsec,debug type=Encryption Mode, flag=0x8000, lorv=UDP-Transport
23:56:29 ipsec,debug UDP encapsulation requested
23:56:29 ipsec,debug type=Authentication Algorithm, flag=0x8000, lorv=hmac-sha256
23:56:29 ipsec,debug transform #20 len=24
23:56:29 ipsec,debug type=SA Life Type, flag=0x8000, lorv=seconds
23:56:29 ipsec,debug type=SA Life Duration, flag=0x8000, lorv=28800
23:56:30 ipsec,debug life duration was in TLV.
23:56:30 ipsec,debug type=Encryption Mode, flag=0x8000, lorv=UDP-Transport
23:56:30 ipsec,debug UDP encapsulation requested
23:56:30 ipsec,debug type=Authentication Algorithm, flag=0x8000, lorv=hmac-md5
23:56:30 ipsec,debug pair 1:
23:56:30 ipsec,debug  0x4a9a28: next=(nil) tnext=0x4a7238
23:56:30 ipsec,debug   0x4a7238: next=(nil) tnext=0x4a9b48
23:56:30 ipsec,debug    0x4a9b48: next=(nil) tnext=0x4a9b60
23:56:30 ipsec,debug     0x4a9b60: next=(nil) tnext=0x4a9b78
23:56:30 ipsec,debug      0x4a9b78: next=(nil) tnext=0x4a9b90
23:56:30 ipsec,debug       0x4a9b90: next=(nil) tnext=0x4a8588
23:56:30 ipsec,debug        0x4a8588: next=(nil) tnext=0x4a85a0
23:56:30 ipsec,debug         0x4a85a0: next=(nil) tnext=0x4a85b8
23:56:30 ipsec,debug          0x4a85b8: next=(nil) tnext=0x4a85d0
23:56:30 ipsec,debug           0x4a85d0: next=(nil) tnext=0x4a6908
23:56:30 ipsec,debug            0x4a6908: next=(nil) tnext=0x4a6920
23:56:30 ipsec,debug             0x4a6920: next=(nil) tnext=0x4a6938
23:56:30 ipsec,debug              0x4a6938: next=(nil) tnext=0x4a6950
23:56:30 ipsec,debug               0x4a6950: next=(nil) tnext=0x4a6968
23:56:30 ipsec,debug                0x4a6968: next=(nil) tnext=0x4a5dc0
23:56:30 ipsec,debug                 0x4a5dc0: next=(nil) tnext=(nil)
23:56:30 ipsec,debug proposal #1: 16 transform
23:56:30 ipsec,debug got the local address from ID payload 42.42.42.42[1701] prefixlen=32 ul_proto=17
23:56:30 ipsec,debug got the peer address from ID payload 10.230.31.196[0] prefixlen=32 ul_proto=17
23:56:30 ipsec,debug updating policy address because of NAT in transport mode
23:56:30 ipsec,debug new local address 69.69.69.69[1701]
23:56:30 ipsec,debug new peer address 217.118.92.66[0]
23:56:30 ipsec,debug  (proto_id=ESP spisize=4 spi=00000000 spi_p=00000000 encmode=UDP-Transport reqid=12:12)
23:56:30 ipsec,debug   (trns_id=AES-CBC encklen=256 authtype=hmac-sha1)
23:56:30 ipsec,debug   (trns_id=AES-CBC encklen=192 authtype=hmac-sha1)
23:56:30 ipsec,debug   (trns_id=3DES encklen=0 authtype=hmac-sha1)
23:56:30 ipsec,debug begin compare proposals.
23:56:30 ipsec,debug pair[1]: 0x4a9a28
23:56:30 ipsec,debug  0x4a9a28: next=(nil) tnext=0x4a7238
23:56:30 ipsec,debug   0x4a7238: next=(nil) tnext=0x4a9b48
23:56:30 ipsec,debug    0x4a9b48: next=(nil) tnext=0x4a9b60
23:56:30 ipsec,debug     0x4a9b60: next=(nil) tnext=0x4a9b78
23:56:30 ipsec,debug      0x4a9b78: next=(nil) tnext=0x4a9b90
23:56:30 ipsec,debug       0x4a9b90: next=(nil) tnext=0x4a8588
23:56:30 ipsec,debug        0x4a8588: next=(nil) tnext=0x4a85a0
23:56:30 ipsec,debug         0x4a85a0: next=(nil) tnext=0x4a85b8
23:56:30 ipsec,debug          0x4a85b8: next=(nil) tnext=0x4a85d0
23:56:30 ipsec,debug           0x4a85d0: next=(nil) tnext=0x4a6908
23:56:30 ipsec,debug            0x4a6908: next=(nil) tnext=0x4a6920
23:56:30 ipsec,debug             0x4a6920: next=(nil) tnext=0x4a6938
23:56:30 ipsec,debug              0x4a6938: next=(nil) tnext=0x4a6950
23:56:30 ipsec,debug               0x4a6950: next=(nil) tnext=0x4a6968
23:56:30 ipsec,debug                0x4a6968: next=(nil) tnext=0x4a5dc0
23:56:30 ipsec,debug                 0x4a5dc0: next=(nil) tnext=(nil)
23:56:30 ipsec,debug prop#=1 prot-id=ESP spi-size=4 #trns=20 trns#=1 trns-id=AES-CBC
23:56:30 ipsec,debug type=SA Life Type, flag=0x8000, lorv=seconds
23:56:30 ipsec,debug type=SA Life Duration, flag=0x8000, lorv=28800
23:56:30 ipsec,debug type=Encryption Mode, flag=0x8000, lorv=UDP-Transport
23:56:30 ipsec,debug type=Key Length, flag=0x8000, lorv=256
23:56:30 ipsec,debug type=Authentication Algorithm, flag=0x8000, lorv=hmac-sha512
23:56:30 ipsec,debug prop#=1 prot-id=ESP spi-size=4 #trns=20 trns#=3 trns-id=AES-CBC
23:56:30 ipsec,debug type=SA Life Type, flag=0x8000, lorv=seconds
23:56:30 ipsec,debug type=SA Life Duration, flag=0x8000, lorv=28800
23:56:30 ipsec,debug type=Encryption Mode, flag=0x8000, lorv=UDP-Transport
23:56:30 ipsec,debug type=Key Length, flag=0x8000, lorv=256
23:56:30 ipsec,debug type=Authentication Algorithm, flag=0x8000, lorv=hmac-sha1
23:56:30 ipsec,debug prop#=1 prot-id=ESP spi-size=4 #trns=20 trns#=4 trns-id=AES-CBC
23:56:30 ipsec,debug type=SA Life Type, flag=0x8000, lorv=seconds
23:56:30 ipsec,debug type=SA Life Duration, flag=0x8000, lorv=28800
23:56:30 ipsec,debug type=Encryption Mode, flag=0x8000, lorv=UDP-Transport
23:56:30 ipsec,debug type=Key Length, flag=0x8000, lorv=256
23:56:30 ipsec,debug type=Authentication Algorithm, flag=0x8000, lorv=hmac-sha256
23:56:30 ipsec,debug prop#=1 prot-id=ESP spi-size=4 #trns=20 trns#=5 trns-id=AES-CBC
23:56:30 ipsec,debug type=SA Life Type, flag=0x8000, lorv=seconds
23:56:30 ipsec,debug type=SA Life Duration, flag=0x8000, lorv=28800
23:56:30 ipsec,debug type=Encryption Mode, flag=0x8000, lorv=UDP-Transport
23:56:30 ipsec,debug type=Key Length, flag=0x8000, lorv=256
23:56:30 ipsec,debug type=Authentication Algorithm, flag=0x8000, lorv=hmac-md5
23:56:30 ipsec,debug prop#=1 prot-id=ESP spi-size=4 #trns=20 trns#=6 trns-id=AES-CBC
23:56:30 ipsec,debug type=SA Life Type, flag=0x8000, lorv=seconds
23:56:30 ipsec,debug type=SA Life Duration, flag=0x8000, lorv=28800
23:56:30 ipsec,debug type=Encryption Mode, flag=0x8000, lorv=UDP-Transport
23:56:30 ipsec,debug type=Key Length, flag=0x8000, lorv=128
23:56:30 ipsec,debug type=Authentication Algorithm, flag=0x8000, lorv=hmac-sha512
23:56:30 ipsec,debug prop#=1 prot-id=ESP spi-size=4 #trns=20 trns#=8 trns-id=AES-CBC
23:56:30 ipsec,debug type=SA Life Type, flag=0x8000, lorv=seconds
23:56:30 ipsec,debug type=SA Life Duration, flag=0x8000, lorv=28800
23:56:30 ipsec,debug type=Encryption Mode, flag=0x8000, lorv=UDP-Transport
23:56:30 ipsec,debug type=Key Length, flag=0x8000, lorv=128
23:56:30 ipsec,debug type=Authentication Algorithm, flag=0x8000, lorv=hmac-sha1
23:56:30 ipsec,debug prop#=1 prot-id=ESP spi-size=4 #trns=20 trns#=9 trns-id=AES-CBC
23:56:30 ipsec,debug type=SA Life Type, flag=0x8000, lorv=seconds
23:56:30 ipsec,debug type=SA Life Duration, flag=0x8000, lorv=28800
23:56:30 ipsec,debug type=Encryption Mode, flag=0x8000, lorv=UDP-Transport
23:56:30 ipsec,debug type=Key Length, flag=0x8000, lorv=128
23:56:30 ipsec,debug type=Authentication Algorithm, flag=0x8000, lorv=hmac-sha256
23:56:30 ipsec,debug prop#=1 prot-id=ESP spi-size=4 #trns=20 trns#=10 trns-id=AES-CBC
23:56:30 ipsec,debug type=SA Life Type, flag=0x8000, lorv=seconds
23:56:30 ipsec,debug type=SA Life Duration, flag=0x8000, lorv=28800
23:56:30 ipsec,debug type=Encryption Mode, flag=0x8000, lorv=UDP-Transport
23:56:30 ipsec,debug type=Key Length, flag=0x8000, lorv=128
23:56:30 ipsec,debug type=Authentication Algorithm, flag=0x8000, lorv=hmac-md5
23:56:30 ipsec,debug prop#=1 prot-id=ESP spi-size=4 #trns=20 trns#=11 trns-id=3DES
23:56:30 ipsec,debug type=SA Life Type, flag=0x8000, lorv=seconds
23:56:30 ipsec,debug type=SA Life Duration, flag=0x8000, lorv=28800
23:56:30 ipsec,debug type=Encryption Mode, flag=0x8000, lorv=UDP-Transport
23:56:30 ipsec,debug type=Authentication Algorithm, flag=0x8000, lorv=hmac-sha512
23:56:30 ipsec,debug prop#=1 prot-id=ESP spi-size=4 #trns=20 trns#=13 trns-id=3DES
23:56:30 ipsec,debug type=SA Life Type, flag=0x8000, lorv=seconds
23:56:30 ipsec,debug type=SA Life Duration, flag=0x8000, lorv=28800
23:56:30 ipsec,debug type=Encryption Mode, flag=0x8000, lorv=UDP-Transport
23:56:30 ipsec,debug type=Authentication Algorithm, flag=0x8000, lorv=hmac-sha1
23:56:30 ipsec,debug prop#=1 prot-id=ESP spi-size=4 #trns=20 trns#=14 trns-id=3DES
23:56:30 ipsec,debug type=SA Life Type, flag=0x8000, lorv=seconds
23:56:30 ipsec,debug type=SA Life Duration, flag=0x8000, lorv=28800
23:56:30 ipsec,debug type=Encryption Mode, flag=0x8000, lorv=UDP-Transport
23:56:30 ipsec,debug type=Authentication Algorithm, flag=0x8000, lorv=hmac-sha256
23:56:30 ipsec,debug prop#=1 prot-id=ESP spi-size=4 #trns=20 trns#=15 trns-id=3DES
23:56:30 ipsec,debug type=SA Life Type, flag=0x8000, lorv=seconds
23:56:30 ipsec,debug type=SA Life Duration, flag=0x8000, lorv=28800
23:56:30 ipsec,debug type=Encryption Mode, flag=0x8000, lorv=UDP-Transport
23:56:30 ipsec,debug type=Authentication Algorithm, flag=0x8000, lorv=hmac-md5
23:56:30 ipsec,debug prop#=1 prot-id=ESP spi-size=4 #trns=20 trns#=16 trns-id=DES
23:56:30 ipsec,debug type=SA Life Type, flag=0x8000, lorv=seconds
23:56:30 ipsec,debug type=SA Life Duration, flag=0x8000, lorv=28800
23:56:30 ipsec,debug type=Encryption Mode, flag=0x8000, lorv=UDP-Transport
23:56:30 ipsec,debug type=Authentication Algorithm, flag=0x8000, lorv=hmac-sha512
23:56:30 ipsec,debug prop#=1 prot-id=ESP spi-size=4 #trns=20 trns#=18 trns-id=DES
23:56:30 ipsec,debug type=SA Life Type, flag=0x8000, lorv=seconds
23:56:30 ipsec,debug type=SA Life Duration, flag=0x8000, lorv=28800
23:56:30 ipsec,debug type=Encryption Mode, flag=0x8000, lorv=UDP-Transport
23:56:30 ipsec,debug type=Authentication Algorithm, flag=0x8000, lorv=hmac-sha1
23:56:30 ipsec,debug prop#=1 prot-id=ESP spi-size=4 #trns=20 trns#=19 trns-id=DES
23:56:30 ipsec,debug type=SA Life Type, flag=0x8000, lorv=seconds
23:56:30 ipsec,debug type=SA Life Duration, flag=0x8000, lorv=28800
23:56:30 ipsec,debug type=Encryption Mode, flag=0x8000, lorv=UDP-Transport
23:56:30 ipsec,debug type=Authentication Algorithm, flag=0x8000, lorv=hmac-sha256
23:56:30 ipsec,debug prop#=1 prot-id=ESP spi-size=4 #trns=20 trns#=20 trns-id=DES
23:56:30 ipsec,debug type=SA Life Type, flag=0x8000, lorv=seconds
23:56:30 ipsec,debug type=SA Life Duration, flag=0x8000, lorv=28800
23:56:30 ipsec,debug type=Encryption Mode, flag=0x8000, lorv=UDP-Transport
23:56:30 ipsec,debug type=Authentication Algorithm, flag=0x8000, lorv=hmac-md5
23:56:30 ipsec,debug peer's single bundle:
23:56:30 ipsec,debug  (proto_id=ESP spisize=4 spi=0f48e257 spi_p=00000000 encmode=UDP-Transport reqid=0:0)
23:56:30 ipsec,debug   (trns_id=AES-CBC encklen=256 authtype=hmac-sha512)
23:56:30 ipsec,debug   (trns_id=AES-CBC encklen=256 authtype=hmac-sha1)
23:56:30 ipsec,debug   (trns_id=AES-CBC encklen=256 authtype=hmac-sha256)
23:56:30 ipsec,debug   (trns_id=AES-CBC encklen=256 authtype=hmac-md5)
23:56:30 ipsec,debug   (trns_id=AES-CBC encklen=128 authtype=hmac-sha512)
23:56:30 ipsec,debug   (trns_id=AES-CBC encklen=128 authtype=hmac-sha1)
23:56:30 ipsec,debug   (trns_id=AES-CBC encklen=128 authtype=hmac-sha256)
23:56:30 ipsec,debug   (trns_id=AES-CBC encklen=128 authtype=hmac-md5)
23:56:30 ipsec,debug   (trns_id=3DES encklen=0 authtype=hmac-sha512)
23:56:30 ipsec,debug   (trns_id=3DES encklen=0 authtype=hmac-sha1)
23:56:30 ipsec,debug   (trns_id=3DES encklen=0 authtype=hmac-sha256)
23:56:30 ipsec,debug   (trns_id=3DES encklen=0 authtype=hmac-md5)
23:56:30 ipsec,debug   (trns_id=DES encklen=0 authtype=hmac-sha512)
23:56:30 ipsec,debug   (trns_id=DES encklen=0 authtype=hmac-sha1)
23:56:30 ipsec,debug   (trns_id=DES encklen=0 authtype=hmac-sha256)
23:56:30 ipsec,debug   (trns_id=DES encklen=0 authtype=hmac-md5)
23:56:30 ipsec,debug my single bundle:
23:56:30 ipsec,debug  (proto_id=ESP spisize=4 spi=00000000 spi_p=00000000 encmode=UDP-Transport reqid=12:12)
23:56:30 ipsec,debug   (trns_id=AES-CBC encklen=256 authtype=hmac-sha1)
23:56:30 ipsec,debug   (trns_id=AES-CBC encklen=192 authtype=hmac-sha1)
23:56:30 ipsec,debug   (trns_id=3DES encklen=0 authtype=hmac-sha1)
23:56:30 ipsec,debug matched
23:56:30 ipsec,debug ===
23:56:30 ipsec,debug call pfkey_send_getspi 3b
23:56:30 ipsec,debug pfkey GETSPI sent: ESP/Transport 217.118.92.66[60266]->69.69.69.69[4500]
23:56:30 ipsec,debug pfkey getspi sent.
23:56:30 ipsec,debug total SA len=48
23:56:30 ipsec,debug 00000001 00000001 00000028 01030401 00000000 0000001c 030c0000 80010001
23:56:30 ipsec,debug 80027080 80040004 80060100 80050002
23:56:30 ipsec,debug begin.
23:56:30 ipsec,debug seen nptype=2(prop) len=40
23:56:30 ipsec,debug succeed.
23:56:30 ipsec,debug proposal #1 len=40
23:56:30 ipsec,debug begin.
23:56:30 ipsec,debug seen nptype=3(trns) len=28
23:56:30 ipsec,debug succeed.
23:56:30 ipsec,debug transform #3 len=28
23:56:30 ipsec,debug type=SA Life Type, flag=0x8000, lorv=seconds
23:56:30 ipsec,debug type=SA Life Duration, flag=0x8000, lorv=28800
23:56:30 ipsec,debug life duration was in TLV.
23:56:30 ipsec,debug type=Encryption Mode, flag=0x8000, lorv=UDP-Transport
23:56:30 ipsec,debug UDP encapsulation requested
23:56:30 ipsec,debug type=Key Length, flag=0x8000, lorv=256
23:56:30 ipsec,debug type=Authentication Algorithm, flag=0x8000, lorv=hmac-sha1
23:56:30 ipsec,debug pair 1:
23:56:30 ipsec,debug  0x4a9a28: next=(nil) tnext=(nil)
23:56:30 ipsec,debug proposal #1: 1 transform
23:56:30 ipsec,debug NAT-OAi:
23:56:30 ipsec,debug 01000000 d9765c42
23:56:30 ipsec,debug NAT-OAr:
23:56:30 ipsec,debug 01000000 0ab0fc76
23:56:30 ipsec,debug add payload of len 48, next type 10
23:56:30 ipsec,debug add payload of len 24, next type 5
23:56:30 ipsec,debug add payload of len 8, next type 5
23:56:30 ipsec,debug add payload of len 8, next type 21
23:56:30 ipsec,debug add payload of len 8, next type 21
23:56:30 ipsec,debug add payload of len 8, next type 0
23:56:30 ipsec,debug,packet HASH with:
23:56:30 ipsec,debug,packet d6626486 aca484dc d437bfc0 c1296ae5 92eb5d69 0a000034 00000001 00000001
23:56:30 ipsec,debug,packet 00000028 01030401 0b57ffe1 0000001c 030c0000 80010001 80027080 80040004
23:56:30 ipsec,debug,packet 80060100 80050002 0500001c b8b874b0 76a3833d cbf5f14c e98a0a8d da8ba93b
23:56:30 ipsec,debug,packet 398efbfc 0500000c 01110000 0ae61fc4 1500000c 011106a5 bc865147 1500000c
23:56:30 ipsec,debug,packet 01000000 d9765c42 0000000c 01000000 0ab0fc76
23:56:30 ipsec,debug,packet hmac(hmac_sha1)
23:56:30 ipsec,debug,packet HASH computed:
23:56:30 ipsec,debug,packet 961e567e 2767fbc2 4ba97b4b 93973016 ce0b451a
23:56:30 ipsec,debug add payload of len 20, next type 1
23:56:30 ipsec,debug,packet begin encryption.
23:56:30 ipsec,debug,packet encryption(aes)
23:56:30 ipsec,debug,packet pad length = 8
23:56:30 ipsec,debug,packet 01000018 961e567e 2767fbc2 4ba97b4b 93973016 ce0b451a 0a000034 00000001
23:56:30 ipsec,debug,packet 00000001 00000028 01030401 0b57ffe1 0000001c 030c0000 80010001 80027080
23:56:30 ipsec,debug,packet 80040004 80060100 80050002 0500001c b8b874b0 76a3833d cbf5f14c e98a0a8d
23:56:30 ipsec,debug,packet da8ba93b 398efbfc 0500000c 01110000 0ae61fc4 1500000c 011106a5 bc865147
23:56:30 ipsec,debug,packet 1500000c 01000000 d9765c42 0000000c 01000000 0ab0fc76 8ae19084 8a9cda07
23:56:30 ipsec,debug,packet encryption(aes)
23:56:30 ipsec,debug,packet with key:
23:56:30 ipsec,debug,packet 1572f315 8ab5f691 e3913de3 a415486b
23:56:30 ipsec,debug,packet encrypted payload by IV:
23:56:30 ipsec,debug,packet 27f8b725 8c6ccf0d 5ed87295 5adc2e48
23:56:30 ipsec,debug,packet save IV for next:
23:56:30 ipsec,debug,packet 1d9cf10c 2e3f7fc5 0522153a cdee3f9b
23:56:30 ipsec,debug,packet encrypted.
23:56:30 ipsec,debug 188 bytes from 69.69.69.69[4500] to 217.118.92.66[60266]
23:56:30 ipsec,debug 1 times of 192 bytes message will be sent to 217.118.92.66[60266]
23:56:30 ipsec,debug,packet 1e1973d2 b9c07d61 5b331b45 5a6a8761 08102001 d6626486 000000bc 728b79e0
23:56:30 ipsec,debug,packet fd85841c 08a77669 d6b601a9 f8077d06 a014de4e 17aea724 eb1396d3 bfd0167b
23:56:30 ipsec,debug,packet 1c11b2b8 2ec47f1c 0d16bb2e be6bbdce 0ef6e4f0 8ac773e7 5906d276 6964be13
23:56:30 ipsec,debug,packet 6bbfae0a e55e181c 40cf9329 6d8ed44a a3ddd395 dafe9d08 b69161b1 5313c1d7
23:56:30 ipsec,debug,packet f1558630 d272c515 78cda4b1 4c9f078b c68794f4 10a576f5 eeecbe9a c2c1c5df
23:56:30 ipsec,debug,packet 67b8769a 833c3ded 4462cf89 1d9cf10c 2e3f7fc5 0522153a cdee3f9b
23:56:30 ipsec,debug ===== received 76 bytes from 217.118.92.66[60266] to 69.69.69.69[4500]
23:56:30 ipsec,debug,packet 1e1973d2 b9c07d61 5b331b45 5a6a8761 08102001 d6626486 0000004c 4d4c3409
23:56:30 ipsec,debug,packet f9a42f71 d08dc9e1 03195dfb f0ffdb79 d0e94c4b 9bf6a355 7ddf696c e5f559f9
23:56:30 ipsec,debug,packet 45d7f421 8b8c5775 4c82f1d6
23:56:30 ipsec,debug,packet encryption(aes)
23:56:30 ipsec,debug,packet IV was saved for next processing:
23:56:30 ipsec,debug,packet e5f559f9 45d7f421 8b8c5775 4c82f1d6
23:56:30 ipsec,debug,packet encryption(aes)
23:56:30 ipsec,debug,packet with key:
23:56:30 ipsec,debug,packet 1572f315 8ab5f691 e3913de3 a415486b
23:56:30 ipsec,debug,packet decrypted payload by IV:
23:56:30 ipsec,debug,packet 1d9cf10c 2e3f7fc5 0522153a cdee3f9b
23:56:30 ipsec,debug,packet decrypted payload, but not trimed.
23:56:30 ipsec,debug,packet 00000018 5fd55688 3816dbef e559df26 bf32e4f8 6ddf2271 c2bac2a0 a3eb83bb
23:56:30 ipsec,debug,packet d1afa3a7 9ff692af dca7a7cc 9a83fb17
23:56:30 ipsec,debug,packet padding len=24
23:56:30 ipsec,debug,packet skip to trim padding.
23:56:30 ipsec,debug,packet decrypted.
23:56:30 ipsec,debug,packet 1e1973d2 b9c07d61 5b331b45 5a6a8761 08102001 d6626486 0000004c 00000018
23:56:30 ipsec,debug,packet 5fd55688 3816dbef e559df26 bf32e4f8 6ddf2271 c2bac2a0 a3eb83bb d1afa3a7
23:56:30 ipsec,debug,packet 9ff692af dca7a7cc 9a83fb17
23:56:30 ipsec,debug begin.
23:56:30 ipsec,debug seen nptype=8(hash) len=24
23:56:30 ipsec,debug succeed.
23:56:30 ipsec,debug HASH(3) validate:
23:56:30 ipsec,debug 5fd55688 3816dbef e559df26 bf32e4f8 6ddf2271
23:56:30 ipsec,debug,packet HASH with:
23:56:30 ipsec,debug,packet 00d66264 86aca484 dcd437bf c0c1296a e592eb5d 69b8b874 b076a383 3dcbf5f1
23:56:30 ipsec,debug,packet 4ce98a0a 8dda8ba9 3b398efb fc
23:56:30 ipsec,debug,packet hmac(hmac_sha1)
23:56:30 ipsec,debug,packet HASH computed:
23:56:30 ipsec,debug,packet 5fd55688 3816dbef e559df26 bf32e4f8 6ddf2271
23:56:30 ipsec,debug ===
23:56:30 ipsec,debug,packet KEYMAT compute with
23:56:30 ipsec,debug,packet 030b57ff e1aca484 dcd437bf c0c1296a e592eb5d 69b8b874 b076a383 3dcbf5f1
23:56:30 ipsec,debug,packet 4ce98a0a 8dda8ba9 3b398efb fc
23:56:30 ipsec,debug,packet hmac(hmac_sha1)
23:56:30 ipsec,debug encryption(aes-cbc)
23:56:30 ipsec,debug hmac(sha1)
23:56:30 ipsec,debug encklen=256 authklen=160
23:56:30 ipsec,debug generating 640 bits of key (dupkeymat=4)
23:56:30 ipsec,debug generating K1...K4 for KEYMAT.
23:56:30 ipsec,debug,packet hmac(hmac_sha1)
23:56:30 ipsec,debug,packet hmac(hmac_sha1)
23:56:30 ipsec,debug,packet hmac(hmac_sha1)
23:56:30 ipsec,debug f06a7362 b49157ea 059226de 3aace5a3 f11df7fa 5c6c8009 5746577b c0110603
23:56:30 ipsec,debug 21b3efcc a2abe5f9 f1ce20ea 54a86b47 343d9b35 7c879686 6c3d3ace 337c4ec3
23:56:30 ipsec,debug 7a81ff14 b96053e1 fb59fed4 a69695fe
23:56:30 ipsec,debug,packet KEYMAT compute with
23:56:30 ipsec,debug,packet 030f48e2 57aca484 dcd437bf c0c1296a e592eb5d 69b8b874 b076a383 3dcbf5f1
23:56:30 ipsec,debug,packet 4ce98a0a 8dda8ba9 3b398efb fc
23:56:30 ipsec,debug,packet hmac(hmac_sha1)
23:56:30 ipsec,debug encryption(aes-cbc)
23:56:30 ipsec,debug hmac(sha1)
23:56:30 ipsec,debug encklen=256 authklen=160
23:56:30 ipsec,debug generating 640 bits of key (dupkeymat=4)
23:56:30 ipsec,debug generating K1...K4 for KEYMAT.
23:56:30 ipsec,debug,packet hmac(hmac_sha1)
23:56:30 ipsec,debug,packet hmac(hmac_sha1)
23:56:30 ipsec,debug,packet hmac(hmac_sha1)
23:56:30 ipsec,debug 283371c9 55a79934 09b7e669 01325a27 8ff5bdf3 ec67c248 6dfbe863 c83a7197
23:56:30 ipsec,debug b63a85fa 1138138a 30d7d948 625bbb99 be16bd61 73d5ef3e f03cc2a7 706087c2
23:56:30 ipsec,debug 74370664 6da41533 65643bfe 284dd324
23:56:30 ipsec,debug KEYMAT computed.
23:56:30 ipsec,debug call pk_sendupdate
23:56:30 ipsec,debug encryption(aes-cbc)
23:56:30 ipsec,debug hmac(sha1)
23:56:30 ipsec,debug call pfkey_send_update_nat
23:56:30 ipsec,debug pfkey update sent.
23:56:30 ipsec,debug encryption(aes-cbc)
23:56:30 ipsec,debug hmac(sha1)
23:56:30 ipsec,debug call pfkey_send_add_nat
23:56:30 ipsec,debug pfkey add sent.
23:56:30 l2tp,debug,packet rcvd control message from 217.118.92.66:58005 to 69.69.69.69:1701
23:56:30 l2tp,debug,packet     tunnel-id=0, session-id=0, ns=0, nr=0
23:56:30 l2tp,debug,packet     (M) Message-Type=SCCRQ
23:56:30 l2tp,debug,packet     (M) Protocol-Version=0x01:00
23:56:30 l2tp,debug,packet     (M) Host-Name="anonymous"
23:56:30 l2tp,debug,packet     (M) Framing-Capabilities=0x3
23:56:30 l2tp,debug,packet     (M) Assigned-Tunnel-ID=62914
23:56:30 l2tp,debug,packet     (M) Receive-Window-Size=1
23:56:30 l2tp,info first L2TP UDP packet received from 217.118.92.66
23:56:30 l2tp,debug tunnel 5 entering state: wait-ctl-conn
23:56:30 l2tp,debug,packet sent control message to 217.118.92.66:58005 from 69.69.69.69:1701
23:56:30 l2tp,debug,packet     tunnel-id=62914, session-id=0, ns=0, nr=1
23:56:30 l2tp,debug,packet     (M) Message-Type=SCCRP
23:56:30 l2tp,debug,packet     (M) Protocol-Version=0x01:00
23:56:30 l2tp,debug,packet     (M) Framing-Capabilities=0x1
23:56:30 l2tp,debug,packet     (M) Bearer-Capabilities=0x0
23:56:30 l2tp,debug,packet     Firmware-Revision=0x1
23:56:30 l2tp,debug,packet     (M) Host-Name="MikroTik"
23:56:30 l2tp,debug,packet     Vendor-Name="MikroTik"
23:56:30 l2tp,debug,packet     (M) Assigned-Tunnel-ID=5
23:56:30 l2tp,debug,packet     (M) Receive-Window-Size=4
23:56:30 firewall,info VPN: input: in:ether1 out:(unknown 0), proto UDP, 217.118.92.66:58005->69.69.69.69:1701, len 97
23:56:30 l2tp,debug,packet rcvd control message from 217.118.92.66:58005 to 69.69.69.69:1701
23:56:30 l2tp,debug,packet     tunnel-id=5, session-id=0, ns=1, nr=1
23:56:30 l2tp,debug,packet     (M) Message-Type=SCCCN
23:56:30 l2tp,debug tunnel 5 entering state: estabilished
23:56:30 l2tp,debug,packet sent control message (ack) to 217.118.92.66:58005 from 69.69.69.69:1701
23:56:30 l2tp,debug,packet     tunnel-id=62914, session-id=0, ns=1, nr=2
23:56:30 l2tp,debug,packet rcvd control message from 217.118.92.66:58005 to 69.69.69.69:1701
23:56:30 l2tp,debug,packet     tunnel-id=5, session-id=0, ns=2, nr=1
23:56:30 l2tp,debug,packet     (M) Message-Type=ICRQ
23:56:30 l2tp,debug,packet     (M) Assigned-Session-ID=41103
23:56:30 l2tp,debug,packet     (M) Call-Serial-Number=2330295328
23:56:30 l2tp,debug session 1 entering state: wait-connect
23:56:30 l2tp,debug,packet sent control message to 217.118.92.66:58005 from 69.69.69.69:1701
23:56:30 l2tp,debug,packet     tunnel-id=62914, session-id=41103, ns=1, nr=3
23:56:30 l2tp,debug,packet     (M) Message-Type=ICRP
23:56:30 l2tp,debug,packet     (M) Assigned-Session-ID=1
23:56:30 l2tp,debug,packet rcvd control message from 217.118.92.66:58005 to 69.69.69.69:1701
23:56:30 l2tp,debug,packet     tunnel-id=5, session-id=1, ns=3, nr=2
23:56:30 l2tp,debug,packet     (M) Message-Type=ICCN
23:56:30 l2tp,debug,packet     (M) Tx-Connect-Speed-BPS=100000000
23:56:30 l2tp,debug,packet     (M) Framing-Type=0x3
23:56:30 l2tp,debug session 1 entering state: established
23:56:30 l2tp,debug,packet sent control message (ack) to 217.118.92.66:58005 from 69.69.69.69:1701
23:56:30 l2tp,debug,packet     tunnel-id=62914, session-id=0, ns=2, nr=4
23:56:30 l2tp,ppp,debug <217.118.92.66>: LCP lowerup
23:56:30 l2tp,ppp,debug <217.118.92.66>: LCP open
23:56:30 l2tp,ppp,debug,packet  <217.118.92.66>: rcvd LCP ConfReq id=0x1
23:56:30 l2tp,ppp,debug,packet    <mru 1300>
23:56:30 l2tp,ppp,debug,packet    <asyncmap 0x0>
23:56:30 l2tp,ppp,debug,packet    <magic 0xf9c2878>
23:56:30 l2tp,ppp,debug,packet    <pcomp>
23:56:30 l2tp,ppp,debug,packet    <accomp>
23:56:30 l2tp,ppp,debug,packet  <217.118.92.66>: sent LCP ConfReq id=0x1
23:56:30 l2tp,ppp,debug,packet    <mru 1450>
23:56:30 l2tp,ppp,debug,packet    <magic 0x6c4ef47e>
23:56:30 l2tp,ppp,debug,packet    <auth  mschap2>
23:56:30 l2tp,ppp,debug,packet  <217.118.92.66>: sent LCP ConfRej id=0x1
23:56:30 l2tp,ppp,debug,packet    <asyncmap 0x0>
23:56:30 l2tp,ppp,debug,packet    <pcomp>
23:56:30 l2tp,ppp,debug,packet    <accomp>
23:56:31 l2tp,ppp,debug,packet  <217.118.92.66>: rcvd LCP ConfReq id=0x2
23:56:31 l2tp,ppp,debug,packet    <mru 1300>
23:56:31 l2tp,ppp,debug,packet    <magic 0xf9c2878>
23:56:31 l2tp,ppp,debug,packet  <217.118.92.66>: sent LCP ConfAck id=0x2
23:56:31 l2tp,ppp,debug,packet    <mru 1300>
23:56:31 l2tp,ppp,debug,packet    <magic 0xf9c2878>
23:56:31 l2tp,ppp,debug,packet  <217.118.92.66>: rcvd LCP ConfAck id=0x1
23:56:31 l2tp,ppp,debug,packet    <mru 1450>
23:56:31 l2tp,ppp,debug,packet    <magic 0x6c4ef47e>
23:56:31 l2tp,ppp,debug,packet    <auth  mschap2>
23:56:31 l2tp,ppp,debug <217.118.92.66>: LCP opened
23:56:31 l2tp,ppp,debug,packet  <217.118.92.66>: sent CHAP Challenge id=0x1
23:56:31 l2tp,ppp,debug,packet     <challenge len=16>
23:56:31 l2tp,ppp,debug,packet     <name MikroTik>
23:56:31 l2tp,ppp,debug,packet  <217.118.92.66>: rcvd CHAP Response id=0x1
23:56:31 l2tp,ppp,debug,packet     <response len=49>
23:56:31 l2tp,ppp,debug,packet     <name Bass>
23:56:31 l2tp,ppp,info,account Bass logged in, 192.168.1.210
23:56:31 l2tp,ppp,debug,packet  <217.118.92.66>: sent CHAP Success id=0x1
23:56:31 l2tp,ppp,debug,packet     S=63A372E78807BD9B17D569A7DA51FB151C8C8B6F
23:56:31 l2tp,ppp,info <l2tp-Bass>: authenticated
23:56:31 l2tp,ppp,debug <217.118.92.66>: IPCP lowerup
23:56:31 l2tp,ppp,debug <217.118.92.66>: IPCP open
23:56:31 l2tp,ppp,debug,packet  <217.118.92.66>: sent IPCP ConfReq id=0x1
23:56:31 l2tp,ppp,debug,packet     <addr 192.168.1.201>
23:56:31 l2tp,ppp,debug <217.118.92.66>: IPV6CP open
23:56:31 l2tp,ppp,debug <217.118.92.66>: MPLSCP lowerup
23:56:31 l2tp,ppp,debug <217.118.92.66>: MPLSCP open
23:56:31 l2tp,ppp,debug,packet  <217.118.92.66>: sent MPLSCP ConfReq id=0x1
23:56:31 l2tp,ppp,debug <217.118.92.66>: BCP open
23:56:31 l2tp,ppp,debug <217.118.92.66>: CCP lowerup
23:56:31 l2tp,ppp,debug <217.118.92.66>: CCP open
23:56:31 l2tp,ppp,debug,packet  <217.118.92.66>: rcvd CCP ConfReq id=0x1
23:56:31 l2tp,ppp,debug,packet     <deflate 15>
23:56:31 l2tp,ppp,debug,packet     <deflate (old) 15>
23:56:31 l2tp,ppp,debug,packet     <0x15 03 2f>
23:56:31 l2tp,ppp,debug <217.118.92.66>: received unsupported protocol 0x80fd
23:56:31 l2tp,ppp,debug,packet  <217.118.92.66>: sent LCP ProtRej id=0x2
23:56:31 l2tp,ppp,debug,packet      80 fd 01 01 00 0f 1a 04 78 00 18 04 78 00 15 03...
23:56:31 l2tp,ppp,debug,packet  <217.118.92.66>: rcvd IPCP ConfReq id=0x1
23:56:31 l2tp,ppp,debug,packet     <addr 0.0.0.0>
23:56:31 l2tp,ppp,debug,packet     <comp VJ f 1>
23:56:31 l2tp,ppp,debug,packet     <ms-dns 0.0.0.0>
23:56:31 l2tp,ppp,debug,packet     <ms-dns 0.0.0.0>
23:56:31 l2tp,ppp,debug,packet  <217.118.92.66>: sent IPCP ConfRej id=0x1
23:56:31 l2tp,ppp,debug,packet     <comp VJ f 1>
23:56:31 l2tp,ppp,debug,packet  <217.118.92.66>: rcvd LCP ProtRej id=0x3
23:56:31 l2tp,ppp,debug,packet      82 81 01 01 00 04
23:56:31 l2tp,ppp,debug,packet  <217.118.92.66>: rcvd IPCP ConfAck id=0x1
23:56:31 l2tp,ppp,debug,packet     <addr 192.168.1.201>
23:56:31 l2tp,ppp,debug,packet  <217.118.92.66>: rcvd IPCP ConfReq id=0x2
23:56:31 l2tp,ppp,debug,packet     <addr 0.0.0.0>
23:56:31 l2tp,ppp,debug,packet     <ms-dns 0.0.0.0>
23:56:31 l2tp,ppp,debug,packet     <ms-dns 0.0.0.0>
23:56:31 l2tp,ppp,debug,packet  <217.118.92.66>: sent IPCP ConfNak id=0x2
23:56:31 l2tp,ppp,debug,packet     <addr 192.168.1.210>
23:56:31 l2tp,ppp,debug,packet     <ms-dns 192.168.1.201>
23:56:31 l2tp,ppp,debug,packet     <ms-dns 192.168.248.21>
23:56:31 l2tp,ppp,debug,packet  <217.118.92.66>: rcvd IPCP ConfReq id=0x3
23:56:31 l2tp,ppp,debug,packet     <addr 192.168.1.210>
23:56:31 l2tp,ppp,debug,packet     <ms-dns 192.168.1.201>
23:56:31 l2tp,ppp,debug,packet     <ms-dns 192.168.248.21>
23:56:31 l2tp,ppp,debug,packet  <217.118.92.66>: sent IPCP ConfAck id=0x3
23:56:31 l2tp,ppp,debug,packet     <addr 192.168.1.210>
23:56:31 l2tp,ppp,debug,packet     <ms-dns 192.168.1.201>
23:56:31 l2tp,ppp,debug,packet     <ms-dns 192.168.248.21>
23:56:31 l2tp,ppp,debug <217.118.92.66>: IPCP opened
23:56:31 l2tp,ppp,info <l2tp-Bass>: connected

Thanks a lot! I will try today!

Could you please, give a correct configuration for the second solution? I am not on the same page. Do you suggest to put WAN IP the same as public IP? How NAT rule will help to accept packages from ISP router?

http://forum.mikrotik.com/t/l2tp-vpn-can-not-connect-on-windows-10/131292/1

OMG!!! I can’t understand how this works, but it works! Thank you!