Děkuji za tvojí reakci, ale ani toto nezabralo, teď se nepřipojím ani z Androidu.
Aaricak
- Připojil se 14. zář 2017
- 0 nejlepších odpovědí
- V diskuzi: VPN L2PT - RB951
- V diskuzi: VPN L2PT - RB951
To nikdo neví čím to je nebo co s tim udělat?!
- V diskuzi: VPN L2PT - RB951
Windows mám nastavené podle tohoto: https://kb.iweb.com/hc/en-us/articles/230267328-Configuring-new-VPN-L2TP-IPSec-connections-in-Windows-7
- V diskuzi: VPN L2PT - RB951
IPsec nastavení
/ip ipsec proposal
set [ find default=yes ] enc-algorithms=aes-256-cbc,3des pfs-group=none
add enc-algorithms=aes-256-cbc,3des name="nastaveni proposal" pfs-group=none
/ip ipsec peer
add address=0.0.0.0/0 dh-group=modp1024 enc-algorithm=aes-256,3des \
exchange-mode=main-l2tp generate-policy=port-override secret=tajne-heslo-IPSEC
/ip ipsec policy
add proposal="nastaveni proposal" template=yes
- V diskuzi: VPN L2PT - RB951
L2TP server
/interface l2tp-server server
set authentication=mschap1,mschap2 default-profile="zakladni-sifrovani" \
enabled=yes ipsec-secret=tajne-heslo max-mru=1460 max-mtu=1460 \
one-session-per-host=yes use-ipsec=yes
- V diskuzi: VPN L2PT - RB951
Nastavení PPP
/ppp profile
add bridge=LAN_Bridge dns-server=192.168.10.254 local-address="DHCP - VPN" \
name="zakladni-sifrovani" remote-address="DHCP - VPN" \
use-encryption=yes
/ppp secret
add name=jakub password=tajneheslo profile="zakladni-sifrovani" \
remote-address=192.168.10.191 service=l2tp
- V diskuzi: VPN L2PT - RB951
Vypnul jsem v logu IPSEC a LPTP se v logách neobjeví, a to v případě, že se připojuji s windows.
09:15:24 ipsec,info respond new phase 1 (Identity Protection): 10.63.100.2[500]<=>46.23.51.28[500]
09:15:25 ipsec,info ISAKMP-SA established 10.63.100.2[4500]-46.23.51.28[4500] spi:19bbe633c4f96a23:51552a5c6f5b2633
09:16:00 ipsec,info purging ISAKMP-SA 10.63.100.2[4500]<=>46.23.51.28[4500] spi=19bbe633c4f96a23:51552a5c6f5b2633.
09:16:00 ipsec,info ISAKMP-SA deleted 10.63.100.2[4500]-46.23.51.28[4500] spi:19bbe633c4f96a23:51552a5c6f5b2633 rekey:1
Když se připojím z androidu tak se v logách l2pt objeví jako připojeno.
- V diskuzi: VPN L2PT - RB951
Zdravím, prosím o pomoc s nastavením VPN L2PT. Jde o to, že když se připojím přes mobil (android) tak se spojení vytvoří, ale přes Windows 7 ne. Zkoumal jsem všchno možné a nic.
Vím, tady se to probíralo Xkrát, ale nic jsem nenašel co by odpovídalo mému problému. Nevíte kde může být problém. Porty l2tp v firewallu jsou povolené.
Děkuji všem za rady
11:01:54 ipsec,debug type=SA Life Duration, flag=0x0000, lorv=4
11:01:54 ipsec,debug type=SA Life Type, flag=0x8000, lorv=kilobytes
11:01:54 ipsec,debug type=SA Life Duration, flag=0x0000, lorv=4
11:01:54 ipsec,debug peer's single bundle:
11:01:54 ipsec,debug (proto_id=ESP spisize=4 spi=38c3a5e1 spi_p=00000000 encmode=UDP-Transport reqid=0:0)
11:01:54 ipsec,debug (trns_id=AES-CBC encklen=256 authtype=hmac-sha1)
11:01:54 ipsec,debug my single bundle:
11:01:54 ipsec,debug (proto_id=ESP spisize=4 spi=00000000 spi_p=00000000 encmode=UDP-Transport reqid=36:36)
11:01:54 ipsec,debug (trns_id=AES-CBC encklen=256 authtype=hmac-sha1)
11:01:54 ipsec,debug (trns_id=3DES encklen=0 authtype=hmac-sha1)
11:01:54 ipsec Adjusting my encmode UDP-Transport->Transport
11:01:54 ipsec Adjusting peer's encmode UDP-Transport(4)->Transport(2)
11:01:54 ipsec,debug matched
11:01:54 ipsec,debug ===
11:01:54 ipsec,debug call pfkey_send_getspi 97
11:01:54 ipsec,debug pfkey GETSPI sent: ESP/Transport 46.23.51.28[4500]->10.63.100.2[4500]
11:01:54 ipsec,debug pfkey getspi sent.
11:01:54 ipsec,debug total SA len=64
11:01:54 ipsec,debug 00000001 00000001 00000038 01030401 00000000 0000002c 010c0000 80040004
11:01:54 ipsec,debug 80060100 80050002 80010001 00020004 00000e10 80010002 00020004 0003d090
11:01:54 ipsec,debug begin.
11:01:54 ipsec,debug seen nptype=2(prop) len=56
11:01:54 ipsec,debug succeed.
11:01:54 ipsec,debug proposal #1 len=56
11:01:54 ipsec,debug begin.
11:01:54 ipsec,debug seen nptype=3(trns) len=44
11:01:54 ipsec,debug succeed.
11:01:54 ipsec,debug transform #1 len=44
11:01:54 ipsec,debug type=Encryption Mode, flag=0x8000, lorv=UDP-Transport
11:01:54 ipsec,debug UDP encapsulation requested
11:01:54 ipsec,debug type=Key Length, flag=0x8000, lorv=256
11:01:54 ipsec,debug type=Authentication Algorithm, flag=0x8000, lorv=hmac-sha1
11:01:54 ipsec,debug type=SA Life Type, flag=0x8000, lorv=seconds
11:01:54 ipsec,debug type=SA Life Duration, flag=0x0000, lorv=4
11:01:54 ipsec,debug type=SA Life Type, flag=0x8000, lorv=kilobytes
11:01:54 ipsec,debug type=SA Life Duration, flag=0x0000, lorv=4
11:01:54 ipsec,debug pair 1:
11:01:54 ipsec,debug 0x497b20: next=(nil) tnext=(nil)
11:01:54 ipsec,debug proposal #1: 1 transform
11:01:54 ipsec,debug NAT-OAi:
11:01:54 ipsec,debug 01001194 2e17331c
11:01:54 ipsec,debug NAT-OAr:
11:01:54 ipsec,debug 01001194 0a3f6402
11:01:54 ipsec,debug add payload of len 64, next type 10
11:01:54 ipsec,debug add payload of len 24, next type 5
11:01:54 ipsec,debug add payload of len 8, next type 5
11:01:54 ipsec,debug add payload of len 8, next type 21
11:01:54 ipsec,debug add payload of len 8, next type 21
11:01:54 ipsec,debug add payload of len 8, next type 0
11:01:54 ipsec,debug HASH with:
11:01:54 ipsec,debug 00000004 eca7a7f8 557f20ef af25bf9a 4096daca 65640ed8 1d06f0fd 81b334b6
11:01:54 ipsec,debug 1a7bbe09 ef621273 b4a4aa84 0e479f8d 1cd2ec99 0a000044 00000001 00000001
11:01:54 ipsec,debug 00000038 01030401 0ef427a8 0000002c 010c0000 80040004 80060100 80050002
11:01:54 ipsec,debug 80010001 00020004 00000e10 80010002 00020004 0003d090 0500001c d3aae422
11:01:54 ipsec,debug 473b1b78 e4048a81 257a3122 d4f9a2fd 278bc6be 0500000c 011106a5 c0a8020c
11:01:54 ipsec,debug 1500000c 011106a5 2e173322 1500000c 01001194 2e17331c 0000000c 01001194
11:01:54 ipsec,debug 0a3f6402
11:01:54 ipsec,debug hmac(hmac_sha1)
11:01:54 ipsec,debug HASH computed:
11:01:54 ipsec,debug 9b93084a a86860e4 0c00cd83 cec2bc21 4fc75df6
11:01:54 ipsec,debug add payload of len 20, next type 1
11:01:54 ipsec,debug begin encryption.
11:01:54 ipsec,debug encryption(3des)
11:01:54 ipsec,debug pad length = 8
11:01:54 ipsec,debug 01000018 9b93084a a86860e4 0c00cd83 cec2bc21 4fc75df6 0a000044 00000001
11:01:54 ipsec,debug 00000001 00000038 01030401 0ef427a8 0000002c 010c0000 80040004 80060100
11:01:54 ipsec,debug 80050002 80010001 00020004 00000e10 80010002 00020004 0003d090 0500001c
11:01:54 ipsec,debug d3aae422 473b1b78 e4048a81 257a3122 d4f9a2fd 278bc6be 0500000c 011106a5
11:01:54 ipsec,debug c0a8020c 1500000c 011106a5 2e173322 1500000c 01001194 2e17331c 0000000c
11:01:54 ipsec,debug 01001194 0a3f6402 120629ac 67db4e07
11:01:54 ipsec,debug encryption(3des)
11:01:54 ipsec,debug with key:
11:01:54 ipsec,debug 1a0bea9a db95a283 c57c98a5 0c9a2a7e 78408b3b a95ae1d6
11:01:54 ipsec,debug encrypted payload by IV:
11:01:54 ipsec,debug dd001b88 5807f5af
11:01:54 ipsec,debug save IV for next:
11:01:54 ipsec,debug df5ad15a fc22dbbd
11:01:54 ipsec,debug encrypted.
11:01:54 ipsec,debug 204 bytes from 10.63.100.2[4500] to 46.23.51.28[4500]
11:01:54 ipsec,debug 1 times of 208 bytes message will be sent to 46.23.51.28[4500]
11:01:54 ipsec,debug,packet b50c2a17 cd0f8cc0 7e532323 b131e61a 08102001 00000004 000000cc 200f17b9
11:01:54 ipsec,debug,packet a0e2ddfd 0e5f4139 3c04ce8f 75e0ef6c cf443725 8c41d8f9 a389b140 32f9a4a6
11:01:54 ipsec,debug,packet 464a1332 815cf612 9428aa47 744b6f10 b6d826a5 33986c98 3857e399 62f33408
11:01:54 ipsec,debug,packet 14779378 5c08c276 c170e7b9 ce067054 d4b6a824 1eaec779 b61a338c 7c399fac
11:01:54 ipsec,debug,packet ebcc9db7 47ac9efd 428b561e 6a56367b cdabc008 9ad9c77c 5b0b0e2e 3371b1b2
11:01:54 ipsec,debug,packet 4a4bab82 52110d0b df401023 a628f1f8 7b68000b 05d43d89 764529dd eac9f67f
11:01:54 ipsec,debug,packet 8aac281b df5ad15a fc22dbbd
11:01:54 ipsec sent phase2 packet 10.63.100.2[4500]<=>46.23.51.28[4500] b50c2a17cd0f8cc0:7e532323b131e61a:00000004
11:01:54 ipsec,debug ===== received 60 bytes from 46.23.51.28[4500] to 10.63.100.2[4500]
11:01:54 ipsec,debug,packet b50c2a17 cd0f8cc0 7e532323 b131e61a 08102001 00000004 0000003c d6eb3d9f
11:01:54 ipsec,debug,packet 7c10f9ca 8043b720 0c1dd3d3 3ee87d93 d3edaaec d630b95f c7f1c49b
11:01:54 ipsec,debug encryption(3des)
11:01:54 ipsec,debug IV was saved for next processing:
11:01:54 ipsec,debug d630b95f c7f1c49b
11:01:54 ipsec,debug encryption(3des)
11:01:54 ipsec,debug with key:
11:01:54 ipsec,debug 1a0bea9a db95a283 c57c98a5 0c9a2a7e 78408b3b a95ae1d6
11:01:54 ipsec,debug decrypted payload by IV:
11:01:54 ipsec,debug df5ad15a fc22dbbd
11:01:54 ipsec,debug decrypted payload, but not trimed.
11:01:54 ipsec,debug 00000018 9354c680 8493caa0 37ab56d7 108219c2 ac5bfdc8 00000000 00000000
11:01:54 ipsec,debug padding len=1
11:01:54 ipsec,debug skip to trim padding.
11:01:54 ipsec,debug decrypted.
11:01:54 ipsec,debug b50c2a17 cd0f8cc0 7e532323 b131e61a 08102001 00000004 0000003c 00000018
11:01:54 ipsec,debug 9354c680 8493caa0 37ab56d7 108219c2 ac5bfdc8 00000000 00000000
11:01:54 ipsec,debug begin.
11:01:54 ipsec,debug seen nptype=8(hash) len=24
11:01:54 ipsec,debug succeed.
11:01:54 ipsec,debug HASH(3) validate:
11:01:54 ipsec,debug 9354c680 8493caa0 37ab56d7 108219c2 ac5bfdc8
11:01:54 ipsec,debug HASH with:
11:01:54 ipsec,debug 00000000 04eca7a7 f8557f20 efaf25bf 9a4096da ca65640e d81d06f0 fd81b334
11:01:54 ipsec,debug b61a7bbe 09ef6212 73b4a4aa 840e479f 8d1cd2ec 99d3aae4 22473b1b 78e4048a
11:01:54 ipsec,debug 81257a31 22d4f9a2 fd278bc6 be
11:01:54 ipsec,debug hmac(hmac_sha1)
11:01:54 ipsec,debug HASH computed:
11:01:54 ipsec,debug 9354c680 8493caa0 37ab56d7 108219c2 ac5bfdc8
11:01:54 ipsec,debug ===
11:01:54 ipsec,debug KEYMAT compute with
11:01:54 ipsec,debug 030ef427 a8eca7a7 f8557f20 efaf25bf 9a4096da ca65640e d81d06f0 fd81b334
11:01:54 ipsec,debug b61a7bbe 09ef6212 73b4a4aa 840e479f 8d1cd2ec 99d3aae4 22473b1b 78e4048a
11:01:54 ipsec,debug 81257a31 22d4f9a2 fd278bc6 be
11:01:54 ipsec,debug hmac(hmac_sha1)
11:01:54 ipsec,debug encryption(aes-cbc)
11:01:54 ipsec,debug hmac(sha1)
11:01:54 ipsec,debug encklen=256 authklen=160
11:01:54 ipsec,debug generating 640 bits of key (dupkeymat=4)
11:01:54 ipsec,debug generating K1...K4 for KEYMAT.
11:01:54 ipsec,debug hmac(hmac_sha1)
11:01:54 ipsec,debug hmac(hmac_sha1)
11:01:54 ipsec,debug hmac(hmac_sha1)
11:01:54 ipsec,debug b556bec8 0637e79a 4b8a54da ea3fee71 b298347f 76ba551c 9c34fb1f 898dfb5f
11:01:54 ipsec,debug 27400fa4 c9279cfa 60bf90bb 4b13a1fc 70d1cf67 73066c58 d3b5ccb5 6da86540
11:01:54 ipsec,debug 87df2e4b d71e4315 c35d6cbc caa16b23
11:01:54 ipsec,debug KEYMAT compute with
11:01:54 ipsec,debug 0338c3a5 e1eca7a7 f8557f20 efaf25bf 9a4096da ca65640e d81d06f0 fd81b334
11:01:54 ipsec,debug b61a7bbe 09ef6212 73b4a4aa 840e479f 8d1cd2ec 99d3aae4 22473b1b 78e4048a
11:01:54 ipsec,debug 81257a31 22d4f9a2 fd278bc6 be
11:01:54 ipsec,debug hmac(hmac_sha1)
11:01:54 ipsec,debug encryption(aes-cbc)
11:01:54 ipsec,debug hmac(sha1)
11:01:54 ipsec,debug encklen=256 authklen=160
11:01:54 ipsec,debug generating 640 bits of key (dupkeymat=4)
11:01:54 ipsec,debug generating K1...K4 for KEYMAT.
11:01:54 ipsec,debug hmac(hmac_sha1)
11:01:54 ipsec,debug hmac(hmac_sha1)
11:01:54 ipsec,debug hmac(hmac_sha1)
11:01:54 ipsec,debug 8b303301 cd69919f 6d8f955a 4baf99f1 33ec7890 854b5dae 0d6d481c ac23ba23
11:01:54 ipsec,debug b93f98f5 43ae055c 373abe13 ebd03cdc 095dbe76 0be27b7c 7515c342 f350eff6
11:01:54 ipsec,debug 438b9e42 c7ad3d31 36192bf7 032ebcc1
11:01:54 ipsec,debug KEYMAT computed.
11:01:54 ipsec,debug call pk_sendupdate
11:01:54 ipsec,debug encryption(aes-cbc)
11:01:54 ipsec,debug hmac(sha1)
11:01:54 ipsec,debug call pfkey_send_update_nat
11:01:54 ipsec IPsec-SA established: ESP/Transport 46.23.51.28[4500]->10.63.100.2[4500] spi=0xef427a8
11:01:54 ipsec,debug pfkey update sent.
11:01:54 ipsec,debug encryption(aes-cbc)
11:01:54 ipsec,debug hmac(sha1)
11:01:54 ipsec,debug call pfkey_send_add_nat
11:01:54 ipsec IPsec-SA established: ESP/Transport 10.63.100.2[4500]->46.23.51.28[4500] spi=0x38c3a5e1
11:01:54 ipsec,debug pfkey add sent.
11:01:54 ipsec,debug ===== received 76 bytes from 46.23.51.28[4500] to 10.63.100.2[4500]
11:01:54 ipsec,debug,packet b50c2a17 cd0f8cc0 7e532323 b131e61a 08100501 5ed33c72 0000004c f8e8c8de
11:01:54 ipsec,debug,packet 1c4987ae 35503216 7f4d3806 2bae4756 7b5fad5e 6aa914e7 39004c58 205987f3
11:01:54 ipsec,debug,packet ec0cfe80 2bb904c0 28a6bce6
11:01:54 ipsec,debug receive Information.
11:01:54 ipsec,debug compute IV for phase2
11:01:54 ipsec,debug phase1 last IV:
11:01:54 ipsec,debug b2c25614 409a1978 5ed33c72
11:01:54 ipsec,debug hash(sha1)
11:01:54 ipsec,debug encryption(3des)
11:01:54 ipsec,debug phase2 IV computed:
11:01:54 ipsec,debug a94317b4 49141294
11:01:54 ipsec,debug encryption(3des)
11:01:54 ipsec,debug IV was saved for next processing:
11:01:54 ipsec,debug 2bb904c0 28a6bce6
11:01:54 ipsec,debug encryption(3des)
11:01:54 ipsec,debug with key:
11:01:54 ipsec,debug 1a0bea9a db95a283 c57c98a5 0c9a2a7e 78408b3b a95ae1d6
11:01:54 ipsec,debug decrypted payload by IV:
11:01:54 ipsec,debug a94317b4 49141294
11:01:54 ipsec,debug decrypted payload, but not trimed.
11:01:54 ipsec,debug 0c000018 6adc7635 93261417 8fcc73a7 e5276614 4a760fd8 00000010 00000001
11:01:54 ipsec,debug 03040001 9896cc86 00000000 00000000
11:01:54 ipsec,debug padding len=1
11:01:54 ipsec,debug skip to trim padding.
11:01:54 ipsec,debug decrypted.
11:01:54 ipsec,debug b50c2a17 cd0f8cc0 7e532323 b131e61a 08100501 5ed33c72 0000004c 0c000018
11:01:54 ipsec,debug 6adc7635 93261417 8fcc73a7 e5276614 4a760fd8 00000010 00000001 03040001
11:01:54 ipsec,debug 9896cc86 00000000 00000000
11:01:54 ipsec,debug HASH with:
11:01:54 ipsec,debug 5ed33c72 00000010 00000001 03040001 9896cc86
11:01:54 ipsec,debug hmac(hmac_sha1)
11:01:54 ipsec,debug HASH computed:
11:01:54 ipsec,debug 6adc7635 93261417 8fcc73a7 e5276614 4a760fd8
11:01:54 ipsec,debug hash validated.
11:01:54 ipsec,debug begin.
11:01:54 ipsec,debug seen nptype=8(hash) len=24
11:01:54 ipsec,debug seen nptype=12(delete) len=16
11:01:54 ipsec,debug succeed.
11:01:54 ipsec,debug 46.23.51.28 delete payload for protocol ESP
11:01:54 ipsec purged IPsec-SA proto_id=ESP spi=0x9896cc86
11:01:54 ipsec purged IPsec-SA proto_id=ESP spi=0xe49b67c
11:01:54 ipsec,debug an undead schedule has been deleted.
11:01:54 ipsec,debug purged SAs.
11:02:02 ipsec,debug ===== received 276 bytes from 46.23.51.28[4500] to 10.63.100.2[4500]
11:02:02 ipsec,debug,packet b50c2a17 cd0f8cc0 7e532323 b131e61a 08102001 00000005 00000114 107a7c22
11:02:02 ipsec,debug,packet e17a1567 e3523192 5f03df94 2085b051 75b5c33f 7945f346 83ddff33 44f929b6
11:02:02 ipsec,debug,packet bdbb07b3 05082cd5 d7a673ce cc157fd3 85acb15b 70dfdd4e 155eef27 7989a1e8
11:02:02 ipsec,debug,packet ec4f7edf 43090e90 af34d974 b6312619 7931875f c62a1c19 4d9fa679 70a4dac8
11:02:02 ipsec,debug,packet eda93b80 ee12b723 68387d5a fee8ba82 2b4fa9b9 0fdd22d9 eb588fba fd0c27c1
11:02:02 ipsec,debug,packet 9f0f9280 730658d2 562165c3 af71cb9f 02e80486 f25f9100 4fdec518 fae0996b
11:02:02 ipsec,debug,packet bfa3a801 d8bcc0ba 78a6e5a7 751151be 5f7d4010 f89d3fad 6688bf1b 0ff1066d
11:02:02 ipsec,debug,packet 14671502 c2ec100a 96f2a7bb 1f156393 c7567c7b cd99ab53 256a244c b3290de4
11:02:02 ipsec,debug,packet 6a293039 a4c0995c 30add5d0 7543707f bb59ce75
11:02:02 ipsec,debug compute IV for phase2
11:02:02 ipsec,debug phase1 last IV:
11:02:02 ipsec,debug b2c25614 409a1978 00000005
11:02:02 ipsec,debug hash(sha1)
11:02:02 ipsec,debug encryption(3des)
11:02:02 ipsec,debug phase2 IV computed:
11:02:02 ipsec,debug 6263ad43 46e9858d
11:02:02 ipsec,debug ===
11:02:02 ipsec respond new phase 2 negotiation: 10.63.100.2[4500]<=>46.23.51.28[4500]
11:02:02 ipsec,debug encryption(3des)
11:02:02 ipsec,debug IV was saved for next processing:
11:02:02 ipsec,debug 7543707f bb59ce75
11:02:02 ipsec,debug encryption(3des)
11:02:02 ipsec,debug with key:
11:02:02 ipsec,debug 1a0bea9a db95a283 c57c98a5 0c9a2a7e 78408b3b a95ae1d6
11:02:02 ipsec,debug decrypted payload by IV:
11:02:02 ipsec,debug 6263ad43 46e9858d
11:02:02 ipsec,debug decrypted payload, but not trimed.
11:02:02 ipsec,debug 01000018 e1fcc3c7 0f99fa63 0720d1fd 3c99fe8d c97fdb33 0a000078 00000001
11:02:02 ipsec,debug 00000001 02000038 01030401 5d7bf4bd 0000002c 010c0000 80040004 80060100
11:02:02 ipsec,debug 80050002 80010001 00020004 00000e10 80010002 00020004 0003d090 00000034
11:02:02 ipsec,debug 02030401 5d7bf4bd 00000028 01030000 80040004 80050002 80010001 00020004
11:02:02 ipsec,debug 00000e10 80010002 00020004 0003d090 05000034 70d46d58 aa207f66 05257987
11:02:02 ipsec,debug 163d4da4 fa405b3b 070ee7c7 d5094271 2ed595e6 5c2db7ea 0cdc45f2 5272faba
11:02:02 ipsec,debug f6abf9bc 0500000c 011106a5 c0a8020c 1500000c 011106a5 2e173322 1500000c
11:02:02 ipsec,debug 01000000 c0a8020c 0000000c 01000000 2e173322 00000000
11:02:02 ipsec,debug padding len=1
11:02:02 ipsec,debug skip to trim padding.
11:02:02 ipsec,debug decrypted.
11:02:02 ipsec,debug b50c2a17 cd0f8cc0 7e532323 b131e61a 08102001 00000005 00000114 01000018
11:02:02 ipsec,debug e1fcc3c7 0f99fa63 0720d1fd 3c99fe8d c97fdb33 0a000078 00000001 00000001
11:02:02 ipsec,debug 02000038 01030401 5d7bf4bd 0000002c 010c0000 80040004 80060100 80050002
11:02:02 ipsec,debug 80010001 00020004 00000e10 80010002 00020004 0003d090 00000034 02030401
11:02:02 ipsec,debug 5d7bf4bd 00000028 01030000 80040004 80050002 80010001 00020004 00000e10
11:02:02 ipsec,debug 80010002 00020004 0003d090 05000034 70d46d58 aa207f66 05257987 163d4da4
11:02:02 ipsec,debug fa405b3b 070ee7c7 d5094271 2ed595e6 5c2db7ea 0cdc45f2 5272faba f6abf9bc
11:02:02 ipsec,debug 0500000c 011106a5 c0a8020c 1500000c 011106a5 2e173322 1500000c 01000000
11:02:02 ipsec,debug c0a8020c 0000000c 01000000 2e173322 00000000
11:02:02 ipsec,debug begin.
11:02:02 ipsec,debug seen nptype=8(hash) len=24
11:02:02 ipsec,debug seen nptype=1(sa) len=120
11:02:02 ipsec,debug seen nptype=10(nonce) len=52
11:02:02 ipsec,debug seen nptype=5(id) len=12
11:02:02 ipsec,debug seen nptype=5(id) len=12
11:02:02 ipsec,debug seen nptype=21(nat-oa) len=12
11:02:02 ipsec,debug seen nptype=21(nat-oa) len=12
11:02:02 ipsec,debug succeed.
11:02:02 ipsec,debug received IDci2:
11:02:02 ipsec,debug 011106a5 c0a8020c
11:02:02 ipsec,debug received IDcr2:
11:02:02 ipsec,debug 011106a5 2e173322
11:02:02 ipsec,debug HASH(1) validate:
11:02:02 ipsec,debug e1fcc3c7 0f99fa63 0720d1fd 3c99fe8d c97fdb33
11:02:02 ipsec,debug HASH with:
11:02:02 ipsec,debug 00000005 0a000078 00000001 00000001 02000038 01030401 5d7bf4bd 0000002c
11:02:02 ipsec,debug 010c0000 80040004 80060100 80050002 80010001 00020004 00000e10 80010002
11:02:02 ipsec,debug 00020004 0003d090 00000034 02030401 5d7bf4bd 00000028 01030000 80040004
11:02:02 ipsec,debug 80050002 80010001 00020004 00000e10 80010002 00020004 0003d090 05000034
11:02:02 ipsec,debug 70d46d58 aa207f66 05257987 163d4da4 fa405b3b 070ee7c7 d5094271 2ed595e6
11:02:02 ipsec,debug 5c2db7ea 0cdc45f2 5272faba f6abf9bc 0500000c 011106a5 c0a8020c 1500000c
11:02:02 ipsec,debug 011106a5 2e173322 1500000c 01000000 c0a8020c 0000000c 01000000 2e173322
11:02:02 ipsec,debug hmac(hmac_sha1)
11:02:02 ipsec,debug HASH computed:
11:02:02 ipsec,debug e1fcc3c7 0f99fa63 0720d1fd 3c99fe8d c97fdb33
11:02:02 ipsec,debug total SA len=116
11:02:02 ipsec,debug 00000001 00000001 02000038 01030401 5d7bf4bd 0000002c 010c0000 80040004
11:02:02 ipsec,debug 80060100 80050002 80010001 00020004 00000e10 80010002 00020004 0003d090
11:02:02 ipsec,debug 00000034 02030401 5d7bf4bd 00000028 01030000 80040004 80050002 80010001
11:02:02 ipsec,debug 00020004 00000e10 80010002 00020004 0003d090
11:02:02 ipsec,debug begin.
11:02:02 ipsec,debug seen nptype=2(prop) len=56
11:02:02 ipsec,debug seen nptype=2(prop) len=52
11:02:02 ipsec,debug succeed.
11:02:02 ipsec,debug proposal #1 len=56
11:02:02 ipsec,debug begin.
11:02:02 ipsec,debug seen nptype=3(trns) len=44
11:02:02 ipsec,debug succeed.
11:02:02 ipsec,debug transform #1 len=44
11:02:02 ipsec,debug type=Encryption Mode, flag=0x8000, lorv=UDP-Transport
11:02:02 ipsec,debug UDP encapsulation requested
11:02:02 ipsec,debug type=Key Length, flag=0x8000, lorv=256
11:02:02 ipsec,debug type=Authentication Algorithm, flag=0x8000, lorv=hmac-sha1
11:02:02 ipsec,debug type=SA Life Type, flag=0x8000, lorv=seconds
11:02:02 ipsec,debug type=SA Life Duration, flag=0x0000, lorv=4
11:02:02 ipsec,debug type=SA Life Type, flag=0x8000, lorv=kilobytes
11:02:02 ipsec,debug type=SA Life Duration, flag=0x0000, lorv=4
11:02:02 ipsec,debug proposal #2 len=52
11:02:02 ipsec,debug begin.
11:02:02 ipsec,debug seen nptype=3(trns) len=40
11:02:02 ipsec,debug succeed.
11:02:02 ipsec,debug transform #1 len=40
11:02:02 ipsec,debug type=Encryption Mode, flag=0x8000, lorv=UDP-Transport
11:02:02 ipsec,debug UDP encapsulation requested
11:02:02 ipsec,debug type=Authentication Algorithm, flag=0x8000, lorv=hmac-sha1
11:02:02 ipsec,debug type=SA Life Type, flag=0x8000, lorv=seconds
11:02:02 ipsec,debug type=SA Life Duration, flag=0x0000, lorv=4
11:02:02 ipsec,debug type=SA Life Type, flag=0x8000, lorv=kilobytes
11:02:02 ipsec,debug type=SA Life Duration, flag=0x0000, lorv=4
11:02:02 ipsec,debug pair 1:
11:02:02 ipsec,debug 0x48d048: next=(nil) tnext=(nil)
11:02:02 ipsec,debug proposal #1: 1 transform
11:02:02 ipsec,debug pair 2:
11:02:02 ipsec,debug 0x492ad0: next=(nil) tnext=(nil)
11:02:02 ipsec,debug proposal #2: 1 transform
11:02:02 ipsec,debug got the local address from ID payload 46.23.51.34[1701] prefixlen=32 ul_proto=17
11:02:02 ipsec,debug got the peer address from ID payload 192.168.2.12[1701] prefixlen=32 ul_proto=17
11:02:02 ipsec,debug updating policy address because of NAT in transport mode
11:02:02 ipsec,debug new local address 10.63.100.2[1701]
11:02:02 ipsec,debug new peer address 46.23.51.28[1701]
11:02:02 ipsec searching for policy for selector: 10.63.100.2:1701 ip-proto:17 <=> 46.23.51.28:1701 ip-proto:17
11:02:02 ipsec recorded wild match: 10.63.100.2 <=> 46.23.51.28 ip-proto:17
11:02:02 ipsec,debug (proto_id=ESP spisize=4 spi=00000000 spi_p=00000000 encmode=UDP-Transport reqid=36:36)
11:02:02 ipsec,debug (trns_id=AES-CBC encklen=256 authtype=hmac-sha1)
11:02:02 ipsec,debug (trns_id=3DES encklen=0 authtype=hmac-sha1)
11:02:02 ipsec,debug begin compare proposals.
11:02:02 ipsec,debug pair[1]: 0x48d048
11:02:02 ipsec,debug 0x48d048: next=(nil) tnext=(nil)
11:02:02 ipsec,debug prop#=1 prot-id=ESP spi-size=4 #trns=1 trns#=1 trns-id=AES-CBC
11:02:02 ipsec,debug type=Encryption Mode, flag=0x8000, lorv=UDP-Transport
11:02:02 ipsec,debug type=Key Length, flag=0x8000, lorv=256
11:02:02 ipsec,debug type=Authentication Algorithm, flag=0x8000, lorv=hmac-sha1
11:02:02 ipsec,debug type=SA Life Type, flag=0x8000, lorv=seconds
11:02:02 ipsec,debug type=SA Life Duration, flag=0x0000, lorv=4
11:02:02 ipsec,debug type=SA Life Type, flag=0x8000, lorv=kilobytes
11:02:02 ipsec,debug type=SA Life Duration, flag=0x0000, lorv=4
11:02:02 ipsec,debug peer's single bundle:
11:02:02 ipsec,debug (proto_id=ESP spisize=4 spi=5d7bf4bd spi_p=00000000 encmode=UDP-Transport reqid=0:0)
11:02:02 ipsec,debug (trns_id=AES-CBC encklen=256 authtype=hmac-sha1)
11:02:02 ipsec,debug my single bundle:
11:02:02 ipsec,debug (proto_id=ESP spisize=4 spi=00000000 spi_p=00000000 encmode=UDP-Transport reqid=36:36)
11:02:02 ipsec,debug (trns_id=AES-CBC encklen=256 authtype=hmac-sha1)
11:02:02 ipsec,debug (trns_id=3DES encklen=0 authtype=hmac-sha1)
11:02:02 ipsec Adjusting my encmode UDP-Transport->Transport
11:02:02 ipsec Adjusting peer's encmode UDP-Transport(4)->Transport(2)
11:02:02 ipsec,debug matched
11:02:02 ipsec,debug ===
11:02:02 ipsec,debug call pfkey_send_getspi 98
11:02:02 ipsec,debug pfkey GETSPI sent: ESP/Transport 46.23.51.28[4500]->10.63.100.2[4500]
11:02:02 ipsec,debug pfkey getspi sent.
11:02:02 ipsec,debug total SA len=64
11:02:02 ipsec,debug 00000001 00000001 00000038 01030401 00000000 0000002c 010c0000 80040004
11:02:02 ipsec,debug 80060100 80050002 80010001 00020004 00000e10 80010002 00020004 0003d090
11:02:02 ipsec,debug begin.
11:02:02 ipsec,debug seen nptype=2(prop) len=56
11:02:02 ipsec,debug succeed.
11:02:02 ipsec,debug proposal #1 len=56
11:02:02 ipsec,debug begin.
11:02:02 ipsec,debug seen nptype=3(trns) len=44
11:02:02 ipsec,debug succeed.
11:02:02 ipsec,debug transform #1 len=44
11:02:02 ipsec,debug type=Encryption Mode, flag=0x8000, lorv=UDP-Transport
11:02:02 ipsec,debug UDP encapsulation requested
11:02:02 ipsec,debug type=Key Length, flag=0x8000, lorv=256
11:02:02 ipsec,debug type=Authentication Algorithm, flag=0x8000, lorv=hmac-sha1
11:02:02 ipsec,debug type=SA Life Type, flag=0x8000, lorv=seconds
11:02:02 ipsec,debug type=SA Life Duration, flag=0x0000, lorv=4
11:02:02 ipsec,debug type=SA Life Type, flag=0x8000, lorv=kilobytes
11:02:02 ipsec,debug type=SA Life Duration, flag=0x0000, lorv=4
11:02:02 ipsec,debug pair 1:
11:02:02 ipsec,debug 0x491338: next=(nil) tnext=(nil)
11:02:02 ipsec,debug proposal #1: 1 transform
11:02:02 ipsec,debug NAT-OAi:
11:02:02 ipsec,debug 01001194 2e17331c
11:02:02 ipsec,debug NAT-OAr:
11:02:02 ipsec,debug 01001194 0a3f6402
11:02:02 ipsec,debug add payload of len 64, next type 10
11:02:02 ipsec,debug add payload of len 24, next type 5
11:02:02 ipsec,debug add payload of len 8, next type 5
11:02:02 ipsec,debug add payload of len 8, next type 21
11:02:02 ipsec,debug add payload of len 8, next type 21
11:02:02 ipsec,debug add payload of len 8, next type 0
11:02:02 ipsec,debug HASH with:
11:02:02 ipsec,debug 00000005 70d46d58 aa207f66 05257987 163d4da4 fa405b3b 070ee7c7 d5094271
11:02:02 ipsec,debug 2ed595e6 5c2db7ea 0cdc45f2 5272faba f6abf9bc 0a000044 00000001 00000001
11:02:02 ipsec,debug 00000038 01030401 0b554c97 0000002c 010c0000 80040004 80060100 80050002
11:02:02 ipsec,debug 80010001 00020004 00000e10 80010002 00020004 0003d090 0500001c bfd52a81
11:02:02 ipsec,debug 31a0f706 5744cac0 5134ded6 8aefe8a2 82e9757a 0500000c 011106a5 c0a8020c
11:02:02 ipsec,debug 1500000c 011106a5 2e173322 1500000c 01001194 2e17331c 0000000c 01001194
11:02:02 ipsec,debug 0a3f6402
11:02:02 ipsec,debug hmac(hmac_sha1)
11:02:02 ipsec,debug HASH computed:
11:02:02 ipsec,debug d4606eb1 c4dd53b5 8d88789c b1de4a7b 23f7dde4
11:02:02 ipsec,debug add payload of len 20, next type 1
11:02:02 ipsec,debug begin encryption.
11:02:02 ipsec,debug encryption(3des)
11:02:02 ipsec,debug pad length = 8
11:02:02 ipsec,debug 01000018 d4606eb1 c4dd53b5 8d88789c b1de4a7b 23f7dde4 0a000044 00000001
11:02:02 ipsec,debug 00000001 00000038 01030401 0b554c97 0000002c 010c0000 80040004 80060100
11:02:02 ipsec,debug 80050002 80010001 00020004 00000e10 80010002 00020004 0003d090 0500001c
11:02:02 ipsec,debug bfd52a81 31a0f706 5744cac0 5134ded6 8aefe8a2 82e9757a 0500000c 011106a5
11:02:02 ipsec,debug c0a8020c 1500000c 011106a5 2e173322 1500000c 01001194 2e17331c 0000000c
11:02:02 ipsec,debug 01001194 0a3f6402 b30ea95f 3d4dcb07
11:02:02 ipsec,debug encryption(3des)
11:02:02 ipsec,debug with key:
11:02:02 ipsec,debug 1a0bea9a db95a283 c57c98a5 0c9a2a7e 78408b3b a95ae1d6
11:02:02 ipsec,debug encrypted payload by IV:
11:02:02 ipsec,debug 7543707f bb59ce75
11:02:02 ipsec,debug save IV for next:
11:02:02 ipsec,debug b16b807f 33efbe00
11:02:02 ipsec,debug encrypted.
11:02:02 ipsec,debug 204 bytes from 10.63.100.2[4500] to 46.23.51.28[4500]
11:02:02 ipsec,debug 1 times of 208 bytes message will be sent to 46.23.51.28[4500]
11:02:02 ipsec,debug,packet b50c2a17 cd0f8cc0 7e532323 b131e61a 08102001 00000005 000000cc 7bf9bbd1
11:02:02 ipsec,debug,packet e2969438 231f33c6 9d274939 9a5bf5b3 474c8086 41eba551 325dfc03 6ed64490
11:02:02 ipsec,debug,packet 4bff9a3f 2e1497c3 eb2569a6 194cd261 c0edd9f6 0a46b39e 109b2ea2 300934e7
11:02:02 ipsec,debug,packet 2b9249b0 a3b281b5 52070ee6 97b716d8 c8ae4c86 fac2ebb2 ac80d851 53f8f689
11:02:02 ipsec,debug,packet c5fb9e1f 3bf1c06f 95d98f59 8101931b e3194ef5 76367c0f d91106a3 718136f1
11:02:02 ipsec,debug,packet dfca84da 666c0cb8 c85a2032 8495783b 029b11d1 51ac31eb 5b272efb 959025d0
11:02:02 ipsec,debug,packet 1d0f887e b16b807f 33efbe00
11:02:02 ipsec sent phase2 packet 10.63.100.2[4500]<=>46.23.51.28[4500] b50c2a17cd0f8cc0:7e532323b131e61a:00000005
11:02:02 ipsec,debug ===== received 60 bytes from 46.23.51.28[4500] to 10.63.100.2[4500]
11:02:02 ipsec,debug,packet b50c2a17 cd0f8cc0 7e532323 b131e61a 08102001 00000005 0000003c 502a3733
11:02:02 ipsec,debug,packet 9983ab00 b3b5a00a 6feabd46 6748f32a 85491d92 87415b11 4224ffa0
11:02:02 ipsec,debug encryption(3des)
11:02:02 ipsec,debug IV was saved for next processing:
11:02:02 ipsec,debug 87415b11 4224ffa0
11:02:02 ipsec,debug encryption(3des)
11:02:02 ipsec,debug with key:
11:02:02 ipsec,debug 1a0bea9a db95a283 c57c98a5 0c9a2a7e 78408b3b a95ae1d6
11:02:02 ipsec,debug decrypted payload by IV:
11:02:02 ipsec,debug b16b807f 33efbe00
11:02:02 ipsec,debug decrypted payload, but not trimed.
11:02:02 ipsec,debug 00000018 b97af82d 978bf9fc fae9d6c6 0017cf8c b464e34d 00000000 00000000
11:02:02 ipsec,debug padding len=1
11:02:02 ipsec,debug skip to trim padding.
11:02:02 ipsec,debug decrypted.
11:02:02 ipsec,debug b50c2a17 cd0f8cc0 7e532323 b131e61a 08102001 00000005 0000003c 00000018
11:02:02 ipsec,debug b97af82d 978bf9fc fae9d6c6 0017cf8c b464e34d 00000000 00000000
11:02:02 ipsec,debug begin.
11:02:02 ipsec,debug seen nptype=8(hash) len=24
11:02:02 ipsec,debug succeed.
11:02:02 ipsec,debug HASH(3) validate:
11:02:02 ipsec,debug b97af82d 978bf9fc fae9d6c6 0017cf8c b464e34d
11:02:02 ipsec,debug HASH with:
11:02:02 ipsec,debug 00000000 0570d46d 58aa207f 66052579 87163d4d a4fa405b 3b070ee7 c7d50942
11:02:02 ipsec,debug 712ed595 e65c2db7 ea0cdc45 f25272fa baf6abf9 bcbfd52a 8131a0f7 065744ca
11:02:02 ipsec,debug c05134de d68aefe8 a282e975 7a
11:02:02 ipsec,debug hmac(hmac_sha1)
11:02:02 ipsec,debug HASH computed:
11:02:02 ipsec,debug b97af82d 978bf9fc fae9d6c6 0017cf8c b464e34d
11:02:02 ipsec,debug ===
11:02:02 ipsec,debug KEYMAT compute with
11:02:02 ipsec,debug 030b554c 9770d46d 58aa207f 66052579 87163d4d a4fa405b 3b070ee7 c7d50942
11:02:02 ipsec,debug 712ed595 e65c2db7 ea0cdc45 f25272fa baf6abf9 bcbfd52a 8131a0f7 065744ca
11:02:02 ipsec,debug c05134de d68aefe8 a282e975 7a
11:02:02 ipsec,debug hmac(hmac_sha1)
11:02:02 ipsec,debug encryption(aes-cbc)
11:02:02 ipsec,debug hmac(sha1)
11:02:02 ipsec,debug encklen=256 authklen=160
11:02:02 ipsec,debug generating 640 bits of key (dupkeymat=4)
11:02:02 ipsec,debug generating K1...K4 for KEYMAT.
11:02:02 ipsec,debug hmac(hmac_sha1)
11:02:02 ipsec,debug hmac(hmac_sha1)
11:02:02 ipsec,debug hmac(hmac_sha1)
11:02:02 ipsec,debug 71c6d4fa d7a462b6 7dd03922 2da1b814 032b31dc e4460de6 c5e8b15a 86f47022
11:02:02 ipsec,debug 4f513c1e 7d140937 7ceadc65 64c656a5 db1c3fc3 6e8c3686 474b2952 680f4b2d
11:02:02 ipsec,debug 4493fa82 ab2c2c37 2fd06b0d 351de15b
11:02:02 ipsec,debug KEYMAT compute with
11:02:02 ipsec,debug 035d7bf4 bd70d46d 58aa207f 66052579 87163d4d a4fa405b 3b070ee7 c7d50942
11:02:02 ipsec,debug 712ed595 e65c2db7 ea0cdc45 f25272fa baf6abf9 bcbfd52a 8131a0f7 065744ca
11:02:02 ipsec,debug c05134de d68aefe8 a282e975 7a
11:02:02 ipsec,debug hmac(hmac_sha1)
11:02:02 ipsec,debug encryption(aes-cbc)
11:02:02 ipsec,debug hmac(sha1)
11:02:02 ipsec,debug encklen=256 authklen=160
11:02:02 ipsec,debug generating 640 bits of key (dupkeymat=4)
11:02:02 ipsec,debug generating K1...K4 for KEYMAT.
11:02:02 ipsec,debug hmac(hmac_sha1)
11:02:02 ipsec,debug hmac(hmac_sha1)
11:02:02 ipsec,debug hmac(hmac_sha1)
11:02:02 ipsec,debug 541ac1b2 cf6805b0 efdf48db 1ce765ad fddbb6c8 c2d37c10 d23fa198 9442ba7b
11:02:02 ipsec,debug aa315743 febf88b2 23e30f52 046964a4 1343fdff f1cde2fa e68412a9 8673b441
11:02:02 ipsec,debug b158b006 1721bad1 1c47fcd6 c224af06
11:02:02 ipsec,debug KEYMAT computed.
11:02:02 ipsec,debug call pk_sendupdate
11:02:02 ipsec,debug encryption(aes-cbc)
11:02:02 ipsec,debug hmac(sha1)
11:02:02 ipsec,debug call pfkey_send_update_nat
11:02:02 ipsec IPsec-SA established: ESP/Transport 46.23.51.28[4500]->10.63.100.2[4500] spi=0xb554c97
11:02:02 ipsec,debug pfkey update sent.
11:02:02 ipsec,debug encryption(aes-cbc)
11:02:02 ipsec,debug hmac(sha1)
11:02:02 ipsec,debug call pfkey_send_add_nat
11:02:02 ipsec IPsec-SA established: ESP/Transport 10.63.100.2[4500]->46.23.51.28[4500] spi=0x5d7bf4bd
11:02:02 ipsec,debug pfkey add sent.
11:02:02 ipsec,debug ===== received 76 bytes from 46.23.51.28[4500] to 10.63.100.2[4500]
11:02:02 ipsec,debug,packet b50c2a17 cd0f8cc0 7e532323 b131e61a 08100501 52937e43 0000004c 882c318c
11:02:02 ipsec,debug,packet f89454c6 a2568119 7d9499cb 273ba289 b29434d2 fba2eedf 28ddf979 0476824e
11:02:02 ipsec,debug,packet 91948ec9 52475b50 246fc0e0
11:02:02 ipsec,debug receive Information.
11:02:02 ipsec,debug compute IV for phase2
11:02:02 ipsec,debug phase1 last IV:
11:02:02 ipsec,debug b2c25614 409a1978 52937e43
11:02:02 ipsec,debug hash(sha1)
11:02:02 ipsec,debug encryption(3des)
11:02:02 ipsec,debug phase2 IV computed:
11:02:02 ipsec,debug 86762b0f 64dd84ca
11:02:02 ipsec,debug encryption(3des)
11:02:02 ipsec,debug IV was saved for next processing:
11:02:02 ipsec,debug 52475b50 246fc0e0
11:02:02 ipsec,debug encryption(3des)
11:02:02 ipsec,debug with key:
11:02:02 ipsec,debug 1a0bea9a db95a283 c57c98a5 0c9a2a7e 78408b3b a95ae1d6
11:02:02 ipsec,debug decrypted payload by IV:
11:02:02 ipsec,debug 86762b0f 64dd84ca
11:02:02 ipsec,debug decrypted payload, but not trimed.
11:02:02 ipsec,debug 0c000018 d7f8f61e 9f64e1f5 3e286a7d 2abe8706 6b17d714 00000010 00000001
11:02:02 ipsec,debug 03040001 38c3a5e1 00000000 00000000
11:02:02 ipsec,debug padding len=1
11:02:02 ipsec,debug skip to trim padding.
11:02:02 ipsec,debug decrypted.
11:02:02 ipsec,debug b50c2a17 cd0f8cc0 7e532323 b131e61a 08100501 52937e43 0000004c 0c000018
11:02:02 ipsec,debug d7f8f61e 9f64e1f5 3e286a7d 2abe8706 6b17d714 00000010 00000001 03040001
11:02:02 ipsec,debug 38c3a5e1 00000000 00000000
11:02:02 ipsec,debug HASH with:
11:02:02 ipsec,debug 52937e43 00000010 00000001 03040001 38c3a5e1
11:02:02 ipsec,debug hmac(hmac_sha1)
11:02:02 ipsec,debug HASH computed:
11:02:02 ipsec,debug d7f8f61e 9f64e1f5 3e286a7d 2abe8706 6b17d714
11:02:02 ipsec,debug hash validated.
11:02:02 ipsec,debug begin.
11:02:02 ipsec,debug seen nptype=8(hash) len=24
11:02:02 ipsec,debug seen nptype=12(delete) len=16
11:02:02 ipsec,debug succeed.
11:02:02 ipsec,debug 46.23.51.28 delete payload for protocol ESP
11:02:02 ipsec purged IPsec-SA proto_id=ESP spi=0x38c3a5e1
11:02:02 ipsec purged IPsec-SA proto_id=ESP spi=0xef427a8
11:02:02 ipsec,debug an undead schedule has been deleted.
11:02:02 ipsec,debug purged SAs.
11:02:04 ipsec,debug KA: 10.63.100.2[4500]->46.23.51.28[4500]
11:02:04 ipsec,debug 1 times of 1 bytes message will be sent to 46.23.51.28[4500]
11:02:04 ipsec,debug,packet ff
11:02:12 ipsec,debug ===== received 276 bytes from 46.23.51.28[4500] to 10.63.100.2[4500]
11:02:12 ipsec,debug,packet b50c2a17 cd0f8cc0 7e532323 b131e61a 08102001 00000006 00000114 9bd8c9b0
11:02:12 ipsec,debug,packet 848d04c2 6fba5e2c ab66880d 3ecb93d0 70fb1765 28a34e28 874bac0a 10c73978
11:02:12 ipsec,debug,packet b7dcc9db be114422 dd3895a1 8bf0be37 85bb7aa4 e990cad3 9f5247f1 6fe6f243
11:02:12 ipsec,debug,packet e4d5fb33 a4fa1a04 e8c8da32 592bbaea 4909cecd ea71154f 29988e6d 4199da19
11:02:12 ipsec,debug,packet f9a5b4d4 a9e5ffae bc44fca7 f0813ab2 9d2472c2 f1cc0e30 9ae5875d 868d49e8
11:02:12 ipsec,debug,packet 01eaf599 96eaadd4 7c5f9cf3 168e61e9 1fc26540 ff43ef2d 9509e3b6 b877e3dd
11:02:12 ipsec,debug,packet a4a403aa a180ee04 ac2517a7 c59c9730 9ab238c7 6bd6130c 640d2aff 593590ab
11:02:12 ipsec,debug,packet ea61324f fb20d897 4c2175cf 28e66a14 7d86b3fa ce30f350 414365db a51ef28b
11:02:12 ipsec,debug,packet ad42e033 e9c779ab bb80a6b6 95a380f1 87fb585e
11:02:12 ipsec,debug compute IV for phase2
11:02:12 ipsec,debug phase1 last IV:
11:02:12 ipsec,debug b2c25614 409a1978 00000006
11:02:12 ipsec,debug hash(sha1)
11:02:12 ipsec,debug encryption(3des)
11:02:12 ipsec,debug phase2 IV computed:
11:02:12 ipsec,debug e2f908dd 68c9db74
11:02:12 ipsec,debug ===
11:02:12 ipsec respond new phase 2 negotiation: 10.63.100.2[4500]<=>46.23.51.28[4500]
11:02:12 ipsec,debug encryption(3des)
11:02:12 ipsec,debug IV was saved for next processing:
11:02:12 ipsec,debug 95a380f1 87fb585e
11:02:12 ipsec,debug encryption(3des)
11:02:12 ipsec,debug with key:
11:02:12 ipsec,debug 1a0bea9a db95a283 c57c98a5 0c9a2a7e 78408b3b a95ae1d6
11:02:12 ipsec,debug decrypted payload by IV:
11:02:12 ipsec,debug e2f908dd 68c9db74
11:02:12 ipsec,debug decrypted payload, but not trimed.
11:02:12 ipsec,debug 01000018 317c15da 3ed1f671 ce6ef1c6 61f68802 349a7331 0a000078 00000001
11:02:12 ipsec,debug 00000001 02000038 01030401 d3a07518 0000002c 010c0000 80040004 80060100
11:02:12 ipsec,debug 80050002 80010001 00020004 00000e10 80010002 00020004 0003d090 00000034
11:02:12 ipsec,debug 02030401 d3a07518 00000028 01030000 80040004 80050002 80010001 00020004
11:02:12 ipsec,debug 00000e10 80010002 00020004 0003d090 05000034 9caaa6d7 ba979665 df4c9d82
11:02:12 ipsec,debug 361056f7 586f0c41 b222eb77 0e423d31 583fdd1d 05194429 6395d098 5f88582b
11:02:12 ipsec,debug 49995ab8 0500000c 011106a5 c0a8020c 1500000c 011106a5 2e173322 1500000c
11:02:12 ipsec,debug 01000000 c0a8020c 0000000c 01000000 2e173322 00000000
11:02:12 ipsec,debug padding len=1
11:02:12 ipsec,debug skip to trim padding.
11:02:12 ipsec,debug decrypted.
11:02:12 ipsec,debug b50c2a17 cd0f8cc0 7e532323 b131e61a 08102001 00000006 00000114 01000018
11:02:12 ipsec,debug 317c15da 3ed1f671 ce6ef1c6 61f68802 349a7331 0a000078 00000001 00000001
11:02:12 ipsec,debug 02000038 01030401 d3a07518 0000002c 010c0000 80040004 80060100 80050002
11:02:12 ipsec,debug 80010001 00020004 00000e10 80010002 00020004 0003d090 00000034 02030401
11:02:12 ipsec,debug d3a07518 00000028 01030000 80040004 80050002 80010001 00020004 00000e10
11:02:12 ipsec,debug 80010002 00020004 0003d090 05000034 9caaa6d7 ba979665 df4c9d82 361056f7
11:02:12 ipsec,debug 586f0c41 b222eb77 0e423d31 583fdd1d 05194429 6395d098 5f88582b 49995ab8
11:02:12 ipsec,debug 0500000c 011106a5 c0a8020c 1500000c 011106a5 2e173322 1500000c 01000000
11:02:12 ipsec,debug c0a8020c 0000000c 01000000 2e173322 00000000
11:02:12 ipsec,debug begin.
11:02:12 ipsec,debug seen nptype=8(hash) len=24
11:02:12 ipsec,debug seen nptype=1(sa) len=120
11:02:12 ipsec,debug seen nptype=10(nonce) len=52
11:02:12 ipsec,debug seen nptype=5(id) len=12
11:02:12 ipsec,debug seen nptype=5(id) len=12
11:02:12 ipsec,debug seen nptype=21(nat-oa) len=12
11:02:12 ipsec,debug seen nptype=21(nat-oa) len=12
11:02:12 ipsec,debug succeed.
11:02:12 ipsec,debug received IDci2:
11:02:12 ipsec,debug 011106a5 c0a8020c
11:02:12 ipsec,debug received IDcr2:
11:02:12 ipsec,debug 011106a5 2e173322
11:02:12 ipsec,debug HASH(1) validate:
11:02:12 ipsec,debug 317c15da 3ed1f671 ce6ef1c6 61f68802 349a7331
11:02:12 ipsec,debug HASH with:
11:02:12 ipsec,debug 00000006 0a000078 00000001 00000001 02000038 01030401 d3a07518 0000002c
11:02:12 ipsec,debug 010c0000 80040004 80060100 80050002 80010001 00020004 00000e10 80010002
11:02:12 ipsec,debug 00020004 0003d090 00000034 02030401 d3a07518 00000028 01030000 80040004
11:02:12 ipsec,debug 80050002 80010001 00020004 00000e10 80010002 00020004 0003d090 05000034
11:02:12 ipsec,debug 9caaa6d7 ba979665 df4c9d82 361056f7 586f0c41 b222eb77 0e423d31 583fdd1d
11:02:12 ipsec,debug 05194429 6395d098 5f88582b 49995ab8 0500000c 011106a5 c0a8020c 1500000c
11:02:12 ipsec,debug 011106a5 2e173322 1500000c 01000000 c0a8020c 0000000c 01000000 2e173322
11:02:12 ipsec,debug hmac(hmac_sha1)
11:02:12 ipsec,debug HASH computed:
11:02:12 ipsec,debug 317c15da 3ed1f671 ce6ef1c6 61f68802 349a7331
11:02:12 ipsec,debug total SA len=116
11:02:12 ipsec,debug 00000001 00000001 02000038 01030401 d3a07518 0000002c 010c0000 80040004
11:02:12 ipsec,debug 80060100 80050002 80010001 00020004 00000e10 80010002 00020004 0003d090
11:02:12 ipsec,debug 00000034 02030401 d3a07518 00000028 01030000 80040004 80050002 80010001
11:02:12 ipsec,debug 00020004 00000e10 80010002 00020004 0003d090
11:02:12 ipsec,debug begin.
11:02:12 ipsec,debug seen nptype=2(prop) len=56
11:02:12 ipsec,debug seen nptype=2(prop) len=52
11:02:12 ipsec,debug succeed.
11:02:12 ipsec,debug proposal #1 len=56
11:02:12 ipsec,debug begin.
11:02:12 ipsec,debug seen nptype=3(trns) len=44
11:02:12 ipsec,debug succeed.
11:02:12 ipsec,debug transform #1 len=44
11:02:12 ipsec,debug type=Encryption Mode, flag=0x8000, lorv=UDP-Transport
11:02:12 ipsec,debug UDP encapsulation requested
11:02:12 ipsec,debug type=Key Length, flag=0x8000, lorv=256
11:02:12 ipsec,debug type=Authentication Algorithm, flag=0x8000, lorv=hmac-sha1
11:02:12 ipsec,debug type=SA Life Type, flag=0x8000, lorv=seconds
11:02:12 ipsec,debug type=SA Life Duration, flag=0x0000, lorv=4
11:02:12 ipsec,debug type=SA Life Type, flag=0x8000, lorv=kilobytes
11:02:12 ipsec,debug type=SA Life Duration, flag=0x0000, lorv=4
11:02:12 ipsec,debug proposal #2 len=52
11:02:12 ipsec,debug begin.
11:02:12 ipsec,debug seen nptype=3(trns) len=40
11:02:12 ipsec,debug succeed.
11:02:12 ipsec,debug transform #1 len=40
11:02:12 ipsec,debug type=Encryption Mode, flag=0x8000, lorv=UDP-Transport
11:02:12 ipsec,debug UDP encapsulation requested
11:02:12 ipsec,debug type=Authentication Algorithm, flag=0x8000, lorv=hmac-sha1
11:02:12 ipsec,debug type=SA Life Type, flag=0x8000, lorv=seconds
11:02:12 ipsec,debug type=SA Life Duration, flag=0x0000, lorv=4
11:02:12 ipsec,debug type=SA Life Type, flag=0x8000, lorv=kilobytes
11:02:12 ipsec,debug type=SA Life Duration, flag=0x0000, lorv=4
11:02:12 ipsec,debug pair 1:
11:02:12 ipsec,debug 0x489c18: next=(nil) tnext=(nil)
11:02:12 ipsec,debug proposal #1: 1 transform
11:02:12 ipsec,debug pair 2:
11:02:12 ipsec,debug 0x489d10: next=(nil) tnext=(nil)
11:02:12 ipsec,debug proposal #2: 1 transform
11:02:12 ipsec,debug got the local address from ID payload 46.23.51.34[1701] prefixlen=32 ul_proto=17
11:02:12 ipsec,debug got the peer address from ID payload 192.168.2.12[1701] prefixlen=32 ul_proto=17
11:02:12 ipsec,debug updating policy address because of NAT in transport mode
11:02:12 ipsec,debug new local address 10.63.100.2[1701]
11:02:12 ipsec,debug new peer address 46.23.51.28[1701]
11:02:12 ipsec searching for policy for selector: 10.63.100.2:1701 ip-proto:17 <=> 46.23.51.28:1701 ip-proto:17
11:02:12 ipsec recorded wild match: 10.63.100.2 <=> 46.23.51.28 ip-proto:17
11:02:12 ipsec,debug (proto_id=ESP spisize=4 spi=00000000 spi_p=00000000 encmode=UDP-Transport reqid=36:36)
11:02:12 ipsec,debug (trns_id=AES-CBC encklen=256 authtype=hmac-sha1)
11:02:12 ipsec,debug (trns_id=3DES encklen=0 authtype=hmac-sha1)
11:02:12 ipsec,debug begin compare proposals.
11:02:12 ipsec,debug pair[1]: 0x489c18
11:02:12 ipsec,debug 0x489c18: next=(nil) tnext=(nil)
11:02:12 ipsec,debug prop#=1 prot-id=ESP spi-size=4 #trns=1 trns#=1 trns-id=AES-CBC
11:02:12 ipsec,debug type=Encryption Mode, flag=0x8000, lorv=UDP-Transport
11:02:12 ipsec,debug type=Key Length, flag=0x8000, lorv=256
11:02:12 ipsec,debug type=Authentication Algorithm, flag=0x8000, lorv=hmac-sha1
11:02:12 ipsec,debug type=SA Life Type, flag=0x8000, lorv=seconds
11:02:12 ipsec,debug type=SA Life Duration, flag=0x0000, lorv=4
11:02:12 ipsec,debug type=SA Life Type, flag=0x8000, lorv=kilobytes
11:02:12 ipsec,debug type=SA Life Duration, flag=0x0000, lorv=4
11:02:12 ipsec,debug peer's single bundle:
11:02:12 ipsec,debug (proto_id=ESP spisize=4 spi=d3a07518 spi_p=00000000 encmode=UDP-Transport reqid=0:0)
11:02:12 ipsec,debug (trns_id=AES-CBC encklen=256 authtype=hmac-sha1)
11:02:12 ipsec,debug my single bundle:
11:02:12 ipsec,debug (proto_id=ESP spisize=4 spi=00000000 spi_p=00000000 encmode=UDP-Transport reqid=36:36)
11:02:12 ipsec,debug (trns_id=AES-CBC encklen=256 authtype=hmac-sha1)
11:02:12 ipsec,debug (trns_id=3DES encklen=0 authtype=hmac-sha1)
11:02:12 ipsec Adjusting my encmode UDP-Transport->Transport
11:02:12 ipsec Adjusting peer's encmode UDP-Transport(4)->Transport(2)
11:02:12 ipsec,debug matched
11:02:12 ipsec,debug ===
11:02:12 ipsec,debug call pfkey_send_getspi 99
11:02:12 ipsec,debug pfkey GETSPI sent: ESP/Transport 46.23.51.28[4500]->10.63.100.2[4500]
11:02:12 ipsec,debug pfkey getspi sent.
11:02:12 ipsec,debug total SA len=64
11:02:12 ipsec,debug 00000001 00000001 00000038 01030401 00000000 0000002c 010c0000 80040004
11:02:12 ipsec,debug 80060100 80050002 80010001 00020004 00000e10 80010002 00020004 0003d090
11:02:12 ipsec,debug begin.
11:02:12 ipsec,debug seen nptype=2(prop) len=56
11:02:12 ipsec,debug succeed.
11:02:12 ipsec,debug proposal #1 len=56
11:02:12 ipsec,debug begin.
11:02:12 ipsec,debug seen nptype=3(trns) len=44
11:02:12 ipsec,debug succeed.
11:02:12 ipsec,debug transform #1 len=44
11:02:12 ipsec,debug type=Encryption Mode, flag=0x8000, lorv=UDP-Transport
11:02:12 ipsec,debug UDP encapsulation requested
11:02:12 ipsec,debug type=Key Length, flag=0x8000, lorv=256
11:02:12 ipsec,debug type=Authentication Algorithm, flag=0x8000, lorv=hmac-sha1
11:02:12 ipsec,debug type=SA Life Type, flag=0x8000, lorv=seconds
11:02:12 ipsec,debug type=SA Life Duration, flag=0x0000, lorv=4
11:02:12 ipsec,debug type=SA Life Type, flag=0x8000, lorv=kilobytes
11:02:12 ipsec,debug type=SA Life Duration, flag=0x0000, lorv=4
11:02:12 ipsec,debug pair 1:
11:02:12 ipsec,debug 0x493af8: next=(nil) tnext=(nil)
11:02:12 ipsec,debug proposal #1: 1 transform
11:02:12 ipsec,debug NAT-OAi:
11:02:12 ipsec,debug 01001194 2e17331c
11:02:12 ipsec,debug NAT-OAr:
11:02:12 ipsec,debug 01001194 0a3f6402
11:02:12 ipsec,debug add payload of len 64, next type 10
11:02:12 ipsec,debug add payload of len 24, next type 5
11:02:12 ipsec,debug add payload of len 8, next type 5
11:02:12 ipsec,debug add payload of len 8, next type 21
11:02:12 ipsec,debug add payload of len 8, next type 21
11:02:12 ipsec,debug add payload of len 8, next type 0
11:02:12 ipsec,debug HASH with:
11:02:12 ipsec,debug 00000006 9caaa6d7 ba979665 df4c9d82 361056f7 586f0c41 b222eb77 0e423d31
11:02:12 ipsec,debug 583fdd1d 05194429 6395d098 5f88582b 49995ab8 0a000044 00000001 00000001
11:02:12 ipsec,debug 00000038 01030401 09751131 0000002c 010c0000 80040004 80060100 80050002
11:02:12 ipsec,debug 80010001 00020004 00000e10 80010002 00020004 0003d090 0500001c ac13fc37
11:02:12 ipsec,debug b1a8fb80 f3401e9d 19d7a793 28cb4983 45b0ec08 0500000c 011106a5 c0a8020c
11:02:12 ipsec,debug 1500000c 011106a5 2e173322 1500000c 01001194 2e17331c 0000000c 01001194
11:02:12 ipsec,debug 0a3f6402
11:02:12 ipsec,debug hmac(hmac_sha1)
11:02:12 ipsec,debug HASH computed:
11:02:12 ipsec,debug f69bbc64 9bfd4826 998f055a 967b6832 0839158a
11:02:12 ipsec,debug add payload of len 20, next type 1
11:02:12 ipsec,debug begin encryption.
11:02:12 ipsec,debug encryption(3des)
11:02:12 ipsec,debug pad length = 8
11:02:12 ipsec,debug 01000018 f69bbc64 9bfd4826 998f055a 967b6832 0839158a 0a000044 00000001
11:02:12 ipsec,debug 00000001 00000038 01030401 09751131 0000002c 010c0000 80040004 80060100
11:02:12 ipsec,debug 80050002 80010001 00020004 00000e10 80010002 00020004 0003d090 0500001c
11:02:12 ipsec,debug ac13fc37 b1a8fb80 f3401e9d 19d7a793 28cb4983 45b0ec08 0500000c 011106a5
11:02:12 ipsec,debug c0a8020c 1500000c 011106a5 2e173322 1500000c 01001194 2e17331c 0000000c
11:02:12 ipsec,debug 01001194 0a3f6402 b8849a41 2d388807
11:02:12 ipsec,debug encryption(3des)
11:02:12 ipsec,debug with key:
11:02:12 ipsec,debug 1a0bea9a db95a283 c57c98a5 0c9a2a7e 78408b3b a95ae1d6
11:02:12 ipsec,debug encrypted payload by IV:
11:02:12 ipsec,debug 95a380f1 87fb585e
11:02:12 ipsec,debug save IV for next:
11:02:12 ipsec,debug dbfc025f 2b444e6c
11:02:12 ipsec,debug encrypted.
11:02:12 ipsec,debug 204 bytes from 10.63.100.2[4500] to 46.23.51.28[4500]
11:02:12 ipsec,debug 1 times of 208 bytes message will be sent to 46.23.51.28[4500]
11:02:12 ipsec,debug,packet b50c2a17 cd0f8cc0 7e532323 b131e61a 08102001 00000006 000000cc f0cb27c0
11:02:12 ipsec,debug,packet 0f2c4534 14a090c9 da1534bf e945c9a3 6522c357 7250d3b7 f0698a03 c2e3d374
11:02:12 ipsec,debug,packet a4766860 3f63ca12 bca809a8 0c12461a 21f28003 55d9ffaa 06e0ce27 a09fd3f0
11:02:12 ipsec,debug,packet 66a8010f 4fc1797c eaa8acd4 d8c8e9a2 f786ae92 bff7719d 69b4b616 05da1971
11:02:12 ipsec,debug,packet bfe7448e e71d81fc 9228c129 945b35bf 9c95cc93 78644a72 d56c7af1 c0640772
11:02:12 ipsec,debug,packet d6d90d78 44be6ecc 927eac52 16c358ef 1015026a 53090845 295a4d08 e56a41fd
11:02:12 ipsec,debug,packet 75b1a379 dbfc025f 2b444e6c
11:02:12 ipsec sent phase2 packet 10.63.100.2[4500]<=>46.23.51.28[4500] b50c2a17cd0f8cc0:7e532323b131e61a:00000006
11:02:12 ipsec,debug ===== received 60 bytes from 46.23.51.28[4500] to 10.63.100.2[4500]
11:02:12 ipsec,debug,packet b50c2a17 cd0f8cc0 7e532323 b131e61a 08102001 00000006 0000003c af7665c0
11:02:12 ipsec,debug,packet 01f5dc14 6d9e3b45 6cc2a3ee ad5e67e4 9600f4b6 88c9ffe0 a2184868
11:02:12 ipsec,debug encryption(3des)
11:02:12 ipsec,debug IV was saved for next processing:
11:02:12 ipsec,debug 88c9ffe0 a2184868
11:02:12 ipsec,debug encryption(3des)
11:02:12 ipsec,debug with key:
11:02:12 ipsec,debug 1a0bea9a db95a283 c57c98a5 0c9a2a7e 78408b3b a95ae1d6
11:02:12 ipsec,debug decrypted payload by IV:
11:02:12 ipsec,debug dbfc025f 2b444e6c
11:02:12 ipsec,debug decrypted payload, but not trimed.
11:02:12 ipsec,debug 00000018 9e19c2d3 65130dda 14aa2010 254d2947 dd3d8ccd 00000000 00000000
11:02:12 ipsec,debug padding len=1
11:02:12 ipsec,debug skip to trim padding.
11:02:12 ipsec,debug decrypted.
11:02:12 ipsec,debug b50c2a17 cd0f8cc0 7e532323 b131e61a 08102001 00000006 0000003c 00000018
11:02:12 ipsec,debug 9e19c2d3 65130dda 14aa2010 254d2947 dd3d8ccd 00000000 00000000
11:02:12 ipsec,debug begin.
11:02:12 ipsec,debug seen nptype=8(hash) len=24
11:02:12 ipsec,debug succeed.
11:02:12 ipsec,debug HASH(3) validate:
11:02:12 ipsec,debug 9e19c2d3 65130dda 14aa2010 254d2947 dd3d8ccd
11:02:12 ipsec,debug HASH with:
11:02:12 ipsec,debug 00000000 069caaa6 d7ba9796 65df4c9d 82361056 f7586f0c 41b222eb 770e423d
11:02:12 ipsec,debug 31583fdd 1d051944 296395d0 985f8858 2b49995a b8ac13fc 37b1a8fb 80f3401e
11:02:12 ipsec,debug 9d19d7a7 9328cb49 8345b0ec 08
11:02:12 ipsec,debug hmac(hmac_sha1)
11:02:12 ipsec,debug HASH computed:
11:02:12 ipsec,debug 9e19c2d3 65130dda 14aa2010 254d2947 dd3d8ccd
11:02:12 ipsec,debug ===
11:02:12 ipsec,debug KEYMAT compute with
11:02:12 ipsec,debug 03097511 319caaa6 d7ba9796 65df4c9d 82361056 f7586f0c 41b222eb 770e423d
11:02:12 ipsec,debug 31583fdd 1d051944 296395d0 985f8858 2b49995a b8ac13fc 37b1a8fb 80f3401e
11:02:12 ipsec,debug 9d19d7a7 9328cb49 8345b0ec 08
11:02:12 ipsec,debug hmac(hmac_sha1)
11:02:12 ipsec,debug encryption(aes-cbc)
11:02:12 ipsec,debug hmac(sha1)
11:02:12 ipsec,debug encklen=256 authklen=160
11:02:12 ipsec,debug generating 640 bits of key (dupkeymat=4)
11:02:12 ipsec,debug generating K1...K4 for KEYMAT.
11:02:12 ipsec,debug hmac(hmac_sha1)
11:02:12 ipsec,debug hmac(hmac_sha1)
11:02:12 ipsec,debug hmac(hmac_sha1)
11:02:12 ipsec,debug 0d9f352a c4caca66 b8db7fe3 89ab438d 68fa7523 633f109c f6ead9f9 f1297e62
11:02:12 ipsec,debug 1b435e99 9000aa2d 9bdc5be5 854405c6 ab9c852c 60d4ab97 9ac057ca e3b334d5
11:02:12 ipsec,debug 2b1bb06e 440096de 60a06b2d 79ec222a
11:02:12 ipsec,debug KEYMAT compute with
11:02:12 ipsec,debug 03d3a075 189caaa6 d7ba9796 65df4c9d 82361056 f7586f0c 41b222eb 770e423d
11:02:12 ipsec,debug 31583fdd 1d051944 296395d0 985f8858 2b49995a b8ac13fc 37b1a8fb 80f3401e
11:02:12 ipsec,debug 9d19d7a7 9328cb49 8345b0ec 08
11:02:12 ipsec,debug hmac(hmac_sha1)
11:02:12 ipsec,debug encryption(aes-cbc)
11:02:12 ipsec,debug hmac(sha1)
11:02:12 ipsec,debug encklen=256 authklen=160
11:02:12 ipsec,debug generating 640 bits of key (dupkeymat=4)
11:02:12 ipsec,debug generating K1...K4 for KEYMAT.
11:02:12 ipsec,debug hmac(hmac_sha1)
11:02:12 ipsec,debug hmac(hmac_sha1)
11:02:12 ipsec,debug hmac(hmac_sha1)
11:02:12 ipsec,debug 6526f063 513718c4 bb80ff42 441b244e e99c1088 4322e8e3 e5a7709a b8492670
11:02:12 ipsec,debug d9822a95 260daec8 d057307a 5244d92b 9abe32db 1896178e f9d2d7ed aa25a19b
11:02:12 ipsec,debug 57b0c8fb c798b0ca df55666f 52bda0cf
11:02:12 ipsec,debug KEYMAT computed.
11:02:12 ipsec,debug call pk_sendupdate
11:02:12 ipsec,debug encryption(aes-cbc)
11:02:12 ipsec,debug hmac(sha1)
11:02:12 ipsec,debug call pfkey_send_update_nat
11:02:12 ipsec IPsec-SA established: ESP/Transport 46.23.51.28[4500]->10.63.100.2[4500] spi=0x9751131
11:02:12 ipsec,debug pfkey update sent.
11:02:12 ipsec,debug encryption(aes-cbc)
11:02:12 ipsec,debug hmac(sha1)
11:02:12 ipsec,debug call pfkey_send_add_nat
11:02:12 ipsec IPsec-SA established: ESP/Transport 10.63.100.2[4500]->46.23.51.28[4500] spi=0xd3a07518
11:02:12 ipsec,debug pfkey add sent.
11:02:12 ipsec,debug ===== received 76 bytes from 46.23.51.28[4500] to 10.63.100.2[4500]
11:02:12 ipsec,debug,packet b50c2a17 cd0f8cc0 7e532323 b131e61a 08100501 e73bf6dd 0000004c 09ca8a88
11:02:12 ipsec,debug,packet a67f21a2 66bacad2 04b6768d 7fc81c20 849e2888 a99153c4 6968907a 8afbc790
11:02:12 ipsec,debug,packet 193fa114 c5d66c01 fd9d3758
11:02:12 ipsec,debug receive Information.
11:02:12 ipsec,debug compute IV for phase2
11:02:12 ipsec,debug phase1 last IV:
11:02:12 ipsec,debug b2c25614 409a1978 e73bf6dd
11:02:12 ipsec,debug hash(sha1)
11:02:12 ipsec,debug encryption(3des)
11:02:12 ipsec,debug phase2 IV computed:
11:02:12 ipsec,debug fe3dc824 c354d01b
11:02:12 ipsec,debug encryption(3des)
11:02:12 ipsec,debug IV was saved for next processing:
11:02:12 ipsec,debug c5d66c01 fd9d3758
11:02:12 ipsec,debug encryption(3des)
11:02:12 ipsec,debug with key:
11:02:12 ipsec,debug 1a0bea9a db95a283 c57c98a5 0c9a2a7e 78408b3b a95ae1d6
11:02:12 ipsec,debug decrypted payload by IV:
11:02:12 ipsec,debug fe3dc824 c354d01b
11:02:12 ipsec,debug decrypted payload, but not trimed.
11:02:12 ipsec,debug 0c000018 dbfc4c80 97aebb98 3c9d7309 c96186ca 5733e4a9 00000010 00000001
11:02:12 ipsec,debug 03040001 5d7bf4bd 00000000 00000000
11:02:12 ipsec,debug padding len=1
11:02:12 ipsec,debug skip to trim padding.
11:02:12 ipsec,debug decrypted.
11:02:12 ipsec,debug b50c2a17 cd0f8cc0 7e532323 b131e61a 08100501 e73bf6dd 0000004c 0c000018
11:02:12 ipsec,debug dbfc4c80 97aebb98 3c9d7309 c96186ca 5733e4a9 00000010 00000001 03040001
11:02:12 ipsec,debug 5d7bf4bd 00000000 00000000
11:02:12 ipsec,debug HASH with:
11:02:12 ipsec,debug e73bf6dd 00000010 00000001 03040001 5d7bf4bd
11:02:12 ipsec,debug hmac(hmac_sha1)
11:02:12 ipsec,debug HASH computed:
11:02:12 ipsec,debug dbfc4c80 97aebb98 3c9d7309 c96186ca 5733e4a9
11:02:12 ipsec,debug hash validated.
11:02:12 ipsec,debug begin.
11:02:12 ipsec,debug seen nptype=8(hash) len=24
11:02:12 ipsec,debug seen nptype=12(delete) len=16
11:02:12 ipsec,debug succeed.
11:02:12 ipsec,debug 46.23.51.28 delete payload for protocol ESP
11:02:12 ipsec purged IPsec-SA proto_id=ESP spi=0x5d7bf4bd
11:02:12 ipsec purged IPsec-SA proto_id=ESP spi=0xb554c97
11:02:12 ipsec,debug an undead schedule has been deleted.
11:02:12 ipsec,debug purged SAs.
11:02:22 ipsec,debug ===== received 76 bytes from 46.23.51.28[4500] to 10.63.100.2[4500]
11:02:22 ipsec,debug,packet b50c2a17 cd0f8cc0 7e532323 b131e61a 08100501 9eb1f172 0000004c 2fa10f4b
11:02:22 ipsec,debug,packet b04e3240 974b3aff dcf1bab5 dfab7dcf 78414cf4 2ae25630 b9e3a7d7 83c72cda
11:02:22 ipsec,debug,packet 2fadba35 9dc11156 697d1a11
11:02:22 ipsec,debug receive Information.
11:02:22 ipsec,debug compute IV for phase2
11:02:22 ipsec,debug phase1 last IV:
11:02:22 ipsec,debug b2c25614 409a1978 9eb1f172
11:02:22 ipsec,debug hash(sha1)
11:02:22 ipsec,debug encryption(3des)
11:02:22 ipsec,debug phase2 IV computed:
11:02:22 ipsec,debug 7a5b9764 fe5b83fe
11:02:22 ipsec,debug encryption(3des)
11:02:22 ipsec,debug IV was saved for next processing:
11:02:22 ipsec,debug 9dc11156 697d1a11
11:02:22 ipsec,debug encryption(3des)
11:02:22 ipsec,debug with key:
11:02:22 ipsec,debug 1a0bea9a db95a283 c57c98a5 0c9a2a7e 78408b3b a95ae1d6
11:02:22 ipsec,debug decrypted payload by IV:
11:02:22 ipsec,debug 7a5b9764 fe5b83fe
11:02:22 ipsec,debug decrypted payload, but not trimed.
11:02:22 ipsec,debug 0c000018 2003705a 2deb9a73 e86c3f44 ef16e3e2 a8773b93 00000010 00000001
11:02:22 ipsec,debug 03040001 d3a07518 00000000 00000000
11:02:22 ipsec,debug padding len=1
11:02:22 ipsec,debug skip to trim padding.
11:02:22 ipsec,debug decrypted.
11:02:22 ipsec,debug b50c2a17 cd0f8cc0 7e532323 b131e61a 08100501 9eb1f172 0000004c 0c000018
11:02:22 ipsec,debug 2003705a 2deb9a73 e86c3f44 ef16e3e2 a8773b93 00000010 00000001 03040001
11:02:22 ipsec,debug d3a07518 00000000 00000000
11:02:22 ipsec,debug HASH with:
11:02:22 ipsec,debug 9eb1f172 00000010 00000001 03040001 d3a07518
11:02:22 ipsec,debug hmac(hmac_sha1)
11:02:22 ipsec,debug HASH computed:
11:02:22 ipsec,debug 2003705a 2deb9a73 e86c3f44 ef16e3e2 a8773b93
11:02:22 ipsec,debug hash validated.
11:02:22 ipsec,debug begin.
11:02:22 ipsec,debug seen nptype=8(hash) len=24
11:02:22 ipsec,debug seen nptype=12(delete) len=16
11:02:22 ipsec,debug succeed.
11:02:22 ipsec,debug 46.23.51.28 delete payload for protocol ESP
11:02:22 ipsec purged IPsec-SA proto_id=ESP spi=0xd3a07518
11:02:22 ipsec purged IPsec-SA proto_id=ESP spi=0x9751131
11:02:22 ipsec,debug an undead schedule has been deleted.
11:02:22 ipsec removing generated policy
11:02:22 ipsec,debug purged SAs.
11:02:22 ipsec,debug ===== received 84 bytes from 46.23.51.28[4500] to 10.63.100.2[4500]
11:02:22 ipsec,debug,packet b50c2a17 cd0f8cc0 7e532323 b131e61a 08100501 c6c68b56 00000054 16762676
11:02:22 ipsec,debug,packet a5c66be1 a0fc0035 3616ce18 0b8feb93 cf0fd07b 77b37f61 893b362b b2477ce2
11:02:22 ipsec,debug,packet 871a31a6 62afea89 f514dc30 95aef531 c6c921cd
11:02:22 ipsec,debug receive Information.
11:02:22 ipsec,debug compute IV for phase2
11:02:22 ipsec,debug phase1 last IV:
11:02:22 ipsec,debug b2c25614 409a1978 c6c68b56
11:02:22 ipsec,debug hash(sha1)
11:02:22 ipsec,debug encryption(3des)
11:02:22 ipsec,debug phase2 IV computed:
11:02:22 ipsec,debug 806902e2 14902bf5
11:02:22 ipsec,debug encryption(3des)
11:02:22 ipsec,debug IV was saved for next processing:
11:02:22 ipsec,debug 95aef531 c6c921cd
11:02:22 ipsec,debug encryption(3des)
11:02:22 ipsec,debug with key:
11:02:22 ipsec,debug 1a0bea9a db95a283 c57c98a5 0c9a2a7e 78408b3b a95ae1d6
11:02:22 ipsec,debug decrypted payload by IV:
11:02:22 ipsec,debug 806902e2 14902bf5
11:02:22 ipsec,debug decrypted payload, but not trimed.
11:02:22 ipsec,debug 0c000018 05624e7a 1883a3fb 1d7f1e43 27395396 65dacd71 0000001c 00000001
11:02:22 ipsec,debug 01100001 b50c2a17 cd0f8cc0 7e532323 b131e61a 00000000
11:02:22 ipsec,debug padding len=1
11:02:22 ipsec,debug skip to trim padding.
11:02:22 ipsec,debug decrypted.
11:02:22 ipsec,debug b50c2a17 cd0f8cc0 7e532323 b131e61a 08100501 c6c68b56 00000054 0c000018
11:02:22 ipsec,debug 05624e7a 1883a3fb 1d7f1e43 27395396 65dacd71 0000001c 00000001 01100001
11:02:22 ipsec,debug b50c2a17 cd0f8cc0 7e532323 b131e61a 00000000
11:02:22 ipsec,debug HASH with:
11:02:22 ipsec,debug c6c68b56 0000001c 00000001 01100001 b50c2a17 cd0f8cc0 7e532323 b131e61a
11:02:22 ipsec,debug hmac(hmac_sha1)
11:02:22 ipsec,debug HASH computed:
11:02:22 ipsec,debug 05624e7a 1883a3fb 1d7f1e43 27395396 65dacd71
11:02:22 ipsec,debug hash validated.
11:02:22 ipsec,debug begin.
11:02:22 ipsec,debug seen nptype=8(hash) len=24
11:02:22 ipsec,debug seen nptype=12(delete) len=28
11:02:22 ipsec,debug succeed.
11:02:22 ipsec,debug 46.23.51.28 delete payload for protocol ISAKMP
11:02:22 ipsec,info purging ISAKMP-SA 10.63.100.2[4500]<=>46.23.51.28[4500] spi=b50c2a17cd0f8cc0:7e532323b131e61a.
11:02:22 ipsec purged ISAKMP-SA 10.63.100.2[4500]<=>46.23.51.28[4500] spi=b50c2a17cd0f8cc0:7e532323b131e61a.
11:02:22 ipsec,debug purged SAs.
11:02:22 ipsec,info ISAKMP-SA deleted 10.63.100.2[4500]-46.23.51.28[4500] spi:b50c2a17cd0f8cc0:7e532323b131e61a rekey:1
11:02:22 ipsec KA remove: 10.63.100.2[4500]->46.23.51.28[4500]
11:02:22 ipsec,debug KA tree dump: 10.63.100.2[4500]->46.23.51.28[4500] (in_use=1)
11:02:22 ipsec,debug KA removing this one...
Děkuji za odpověď. Access list mám vypnutý. Asi jsem na to přišel a již APčka běží tak jak mají, ve verzi 6.41.3 jsem musel nejprve vyresetovat bez nastaveni a druhym krokem vyresetovat s CAPsMANen to jsem udělal na jedno, zařízení 2x na druhem asi 3x a teď to snad běží tak jak má. Mockrát děkuji za reakce Jakub
To jsem naspal otázku nesrozumitelně? To tu není nikdo kdo se s tím setkal?
Dobrý den, potýkám se s problémem, nastavil jsem na hlavním routeru CAPsMANagera, jednotlivé AP body jsem k němu připojil přes certifikat, rozdělil jsem si sít, a mám dvě WIFI jedná FREE (jsou ve slave virtualcapx) a druhá pod heslem (pod heslem jsou všechy capX interface). Teď ten problém. Když se připojím na FREE wifi tak se připojím správně na silný signal virtualcap4, ale jakmile na stejném místě (ap hAP je hned vedle mě) tak se připoji k horšímu signálu na cap1 jak mám donutit aby se připojil správně k cap4 a né k cap1 ?
Doufám, že jsem vše vysvětlil nějak normálně a ne chosálně. přikládám obrázky situace...
- V diskuzi: Automatický update RB750GL
sorry blbost, funkčnost je to že přijde mail...
- V diskuzi: Automatický update RB750GL
Děkuji za odpověď.
Mám verzi 6.40.3, protože jsem ji manuálně updatoval...
Ale nevím jak vyzkouším funkčnost...
- V diskuzi: Automatický update RB750GL
/system package update check-for-update
:delay 10
:local identity [/system identity get name]
:local current [/system package update get installed-version]
:local latest [/system package update get latest-version]
:if ([:tostr $latest] != "" && $current != $latest) do={
/system package update download
:delay 50
:local mailbody ("Identity: " . $identity . "\r\nBoard name: " . [/system resource get board-name] . "\r\nFrom version: " . $current . "\r\nTo version: " . $latest)
/tool e-mail send to=aricak@tiscali.cz subject=($identity . " - RouterOS has been upgraded") body=$mailbody
:delay 3
/system reboot
} - V diskuzi: Automatický update RB750GL
Dobrý den, prosím o pomc s tímto skriptem, procházel jsem forum, a našel jsem jen zmíňky, ale ne řešení.
Zkoušel jsem nasadit tento skritp dle návodu:
https://www.dasm.cz/clanek/automatizace-upgrade-a-zalohy-mikrotiku, vše funguje, ale neudělá se mi automatická aktualizace.
Zde je můj zoufalý pokus, který nefunguje.
/system package update check-for-update
:delay 10
:local identity [/system identity get name]
:local current [/system package update get installed-version]
:local latest [/system package update get latest-version]
:if ([:tostr $latest] != "" && $current != $latest) do={
/system package update download
:delay 50
:local mailbody ("Identity: " . $identity . "\r\nBoard name: " . [/system resource get board-name] . "\r\nFrom version: " . $current . "\r\nTo version: " . $latest)
/tool e-mail send to=aricak@xxxxxx.cz subject=($identity . " - RouterOS has been upgraded") body=$mailbody
:delay 3
/system reboot
}Mohu vás poprosit, o pomoc. Děkuji