- Mitglied seit
- 10 Mai 2006
- Beiträge
- 15,157
- Punkte für Reaktionen
- 1,707
- Punkte
- 113
Da immer wieder Probleme mit dem AVM-VPN und "ungefähr einer Stunde" bzw. manchmal auch nur "55 Minuten" auftauchen, habe ich das einmal etwas näher betrachtet. Dazu verwendete ich eine FRITZ!Box 7490 mit FRITZ!OS 06.23 - also nicht die aktuelle 06.24, die will ich nicht haben ... es wäre also denkbar, daß die 06.24 oder auch die Labor-Versionen schon anders arbeiten. Als Gegenstelle kommt ein Linux-Server mit 'racoon' zum Einsatz, da man dort ein sehr ausführliches Debug-Log einstellen kann. Die VPN-Verbindung wurde zuerst in der FRITZ!Box aktiviert und dann der racoon-Service auf dem Server gestartet. Die FRITZ!Box ist der Initiator, der Server nur passiver Responder, d.h. er baut seinerseits keine Verbindung zur FRITZ!Box auf, wenn keine besteht.
Das oben ist das Protokoll des 'avmike' auf der FRITZ!Box.
Hier das ziemlich ausführliche und sehr lange Protokoll des "racoon" (log debug2), auch mal als Referenz für das, was eine FRITZ!Box bei Einstellung von
der Gegenseite tatsächlich an Proposals anbietet, die wirklich relevanten Stellen sind irgendwie bunt:
Ein paar Anmerkungen zum Debug-Log:
- die AVM-Implementierung kennt bei Kompression offenbar nur "keine", "deflate" (ID 2) oder "lzjh" (nach RFC 3051, IANA-ID 4) und keine "lzs"-Kompression (ID 3) -> da mein 'racoon' (wie einige andere Linux-Implementierungen meines Wissens auch, wie das bei Android oder anderen Clients am Ende aussieht, weiß ich nicht - ist für mich nicht relevant) keine "lzjh"-Kompression kennt, kommen die "invalid transform-id=4 in IPCOMP."-Fehler im Protokoll zustande => erster Tipp meinerseits bei Problemen: immer erst mal ein "Set" ohne Kompression verwenden, die zusätzliche Pakettransformation schafft u.U. Probleme, die man immer noch angehen kann, wenn es ohne Kompression erst mal läuft
- man sieht, daß der AVM-Daemon für Phase1 eigentlich 3600 Sekunden ansagt, genauso wie für jeden einzelnen in Phase2 gemachten Vorschlag
- die FRITZ!Box sendet insgesamt (bei den gewählten Einstellungen) 30 Proposals für Phase2, damit kommt u.U. auch nicht jede Implementierung klar, es ist auch eher ungewöhnlich, solche eine große Auswahl zuzulassen als "Initiator" (es ist bei mir als Initiator-Responder mit eindeutiger Richtung (Box zum Server) konfiguriert) anzubieten => es kann sich auch hier lohnen, auf ein etwas spezielleres Set zu setzen, wenn die Verhandlungen in Phase2 scheitern wegen zu vieler Proposals; außerdem will hoffentlich kein Mensch wirklich DES mit MD5 verwenden, also sollte man das bei AVM auch aus dem Set herausnehmen und wirklich nur für absolute Spezialfälle, die nichts anderes können, anbieten ... ob DES/MD5 tatsächlich besser ist als unverschlüsselt, hängt von Einsatzszenario ab
- ich habe extra noch 2 DPD-Versuche ("dead peer detection" in 20 Sekunden-Intervallen nach Abschluß von Phase1) im Log belassen ... so vergewissert sich der 'racoon', daß die Gegenseite auch noch antwortet
Wenn jetzt eine Seite schon wesentlich eher auf ein neues Schlüsselset umschalten will, dann kriegt das die andere Seite nicht zwangsläufig mit ... es gibt eigentlich keinen passenden Mechanismus zur Benachrichtigung in so einen Fall. Im Ergebnis reden beide quasi aneinander vorbei, weil die andere Seite die Pakete nicht mit dem erwarteten Key verschlüsselt und somit eine Entschlüsselung einfach scheitert; das sieht dann aus einer höheren Warte eben so aus, als ob die andere Seite gar nicht mehr antworten würde, denn nur korrekt entschlüsselte Pakete können auch der richtigen IPSec-Verbindung zugeordnet werden. Somit klappt dann auch keine DPD mehr und es kommt zu einem "timeout".
Und siehe da, es kommt dann tatsächlich 54 Minuten nach dem Abschluß der Phase2 oben (das war 10:48:19) zu einer weiteren Verbindung seitens der FRITZ!Box mit dem Server (für den 'racoon' ist die andere eigentlich noch aktiv):
Nun kann zwar der 'racoon' damit umgehen, wenn einfach eine Verbindung (im Stillen, das sollten wir nicht vergessen) gekappt wird und stattdessen eine neue aufgebaut wird. Das muß aber noch lange nicht jeder IPSec-Implementierung auch so gehen und - auch wenn das hier Tunnel-Mode mit der FRITZ!Box als Initiator ist - bei Transport-Mode kann das bei "besetzter Adresse", weil aus Sicht der Gegenseite die andere Verbindung noch besteht, schon zu Problemen führen, erst recht dann, wenn da "on demand" beide Seiten die Verbindung aufbauen können und es zu "Kollisionen" (oder auch "race conditions") kommt, weil eine von der anderen Seite erfolgreich aufgebaute Verbindung durch ein Timeout für die selbst aufgebaute Verbindung von der FRITZ!Box wohl ebenfalls abgeschossen wird, soweit man das den spärlichen Protokollen der FRITZ!Box entnehmen kann.
Und dann wird es auch noch richtig gruselig, wenn ich es richtig interpretiere:
Ich lese da (ich lasse mich aber gerne korrigieren) einen Rekeying-Request (gleich Phase2, bei neuer Verbindung müßte Phase1 neu starten) der FRITZ!Box nach den oben im FRITZ!Box-Protokoll aufgetauchten 3540 Sekunden. Das würde dann für mich eigentlich darauf hindeuten, daß da seitens der FRITZ!Box zwei unabhängige Timer arbeiten ... einmal der für die 54 Minuten (keine Ahnung, worauf der wirklich basiert, ich halte den für das Phase1-Timeout für die KLT) und dann tatsächlich noch einmal der für das Rekeying nach 3540 Sekunden (was auch nicht dem ursprünglichen Vorschlag entspricht, aber das ignorieren wir mal hier). Nun weiß man zwar nicht, wie das AVM intern realisiert (ob da z.B. IPSec-Pakete ggf. eine "Kette" von SAs abklappern, bis sie entschlüsselt werden können oder diese Liste zu Ende ist) ... aber wenn da andere Implementierungen auch mal "verwirrt" werden, ist das für mich nicht wirklich überraschend. Ich vermute mal, hier hat der zuständige Programmierer etwas den Überblick verloren oder es sind mehrere, die sich nicht richtig abstimmen und auch keinen "Beobachter" haben, der da koordiniert.
Jedenfalls aktualisiert der 'racoon' dann in der Folge seine SAs (Policies) für diese LAN-Adressen (genauer, er fügt sie hinzu) und damit bleibt die Verbindung intakt, so sehr der avmike da auch "Amok läuft". Oben kann man dann auch sehen, daß seitens des 'racoon' die alte SA dann tatsächlich erst 3600 Sekunden nach dem Erstellen invalidiert wird (um 11:48:19). Am Ende kommt er eigentlich nur mit dem Verhalten der FRITZ!Box klar, weil er mehrere mögliche SA für diese Verbindung verwaltet. Wenn jetzt irgendeine Seite (wie das der "avmike" nach meiner Interpretation macht) nicht in der Lage ist, mehrere SA zu verwenden, dann ersetzt eben eine neue SA die vorhergehende und solange die Gegenseite diese nicht mehr vorhandene SA zur Verschlüsselung benutzt, kann es nur schief gehen. Warum da nach 54 Minuten die neue Verbindung aufgebaut wird, ist wohl "Betriebsgeheimnis" von AVM.
Wenn man der 'racoon'-Implementierung glauben will, sendet die FRITZ!Box beim ersten Verbindungsversuch um 10:48:18 eine "INITIAL_CONTACT"-Message, die aber ignoriert wird (im ersten 'racoon'-Log auch zu sehen, ich doppele das aber mal, weil es für mich eine wichtige Stelle ist):
So eine INITIAL_CONTACT-Nachricht soll eigentlich dazu dienen (meines Wissens ist es für IKEv1 aber nirgendwo tatsächlich standardisiert, das wurde von IKEv2 übernommen), nach einem Absturz auf einer der beiden Seiten alle noch gültigen SA zu invalidieren und praktisch von vorne zu beginnen, damit die beiden Seiten eben gerade nicht aneinander vorbei reden, weil eine von ihnen noch eine alte SA hat.
So eine "Notify Message" taucht im Log aber später nicht mehr auf (ich meine die erste Zeile, die zweite ist ja eine Warnung und keine Debug-Message) ... ich würde daraus schließen wollen, daß auch der 'avmike' bei der neuen Verbindung um 11:42:18 dann keine INITIAL_CONTACT-Message sendet.
Wenn dann die Gegenseite die alten SAs weiter verwendet (noch einmal, es gibt keine "INITIAL_CONTACT"-Nachricht von der FRITZ!Box), ist das nur folgerichtig.
Für mich funktioniert da das SA-Management (was früher m.E. durchaus klappte) nicht mehr, seitdem man wild dem Android-Problem hinterher läuft. Ob das am Ende daran liegt, daß da ein anderer MA den Code des ursprünglichen Autoren jetzt erst einmal verstehen muß oder ob der Autor da tatsächlich selbst so durcheinander gekommen ist (nur meine Meinung, die ich versucht habe zu belegen), weiß man ja auch nicht ... jedenfalls wird da offenbar einiges eher verschlimmert als verbessert.
In der Summe würde ich schon deutlich mehr Merkwürdigkeiten im Verhalten des 'avmike' sehen als in dem der Gegenstelle. Der Vollständigkeit halber noch das parallele Protokoll der FRITZ!Box um 11:42:18:
Man sieht deutlich, daß die FRITZ!Box gar nicht die Absicht hat, eine "embedded initial contact message" zu senden, wie sie es um 10:48:18 getan hat. Das Protokoll umfaßt dann natürlich auch noch die Zeit ab 11:47:18:
So sieht dann also das "Rekeying" aus (11:47:19) und ob da am Ende um 11:48:18 tatsächlich noch SAs vorhanden sind, die nach den 3600 Sekunden freigegeben werden können, würde ich - ausgehend von den Symptomen - eher bezweifeln. Ich tippe einfach mal, daß das nur die "Absicht" für "FreeIPsecSA" protokolliert und nicht den tatsächlichen Erfolg, weil ein nicht mehr existierender SPI als "Index" verwendet wird. Aber das ist nur geraten ... ist halt alles "closed source". Jedoch wäre das dann tatsächlich ein Segen, denn wenn das FreeIPsecSA am Ende den nur 59 Sekunden alten SPI löschen würde, wäre die Verbindung ja wieder tot.
Fazit:
Ist das also bei jemandem der Fall, daß da kein Rekeying nach 60 Minuten erfolgt, sondern schlicht ein neuer Verbindungsaufbau und zusätzlich erneutes Rekeying nach 59 Minuten und dann am Ende nichts mehr klappt, als eine solche Verbindung zu stoppen und neu aufzubauen, sollte man das meiner Meinung nach einfach immer wieder publizieren, daß das mit dem AVM-VPN so nicht funktioniert und - wenn möglich - die genauen Umstände schildern.
Ich will auch nicht die AVM-Implementierung alleine für alle Probleme verantwortlich machen, aber dieses Verhalten ist einfach absolut ungewöhnlich und merkwürdig, wenn eigentlich 3600 Sekunden "ausgemacht" waren. Wenn da andere Clients dann nicht mitspielen wollen, kann ich das auch nachvollziehen ... AVM ist nun nicht unbedingt ein Riese im internationalen Markt und die wenigsten Hersteller von IPSec-Lösungen interessieren sich für diese Nische, da sollte der Schwanz nicht versuchen, mit dem Hund zu wedeln. Wenn AVM keine Kompatibilität zu anderen Herstellern will, kann sie aber wohl auch niemand dazu zwingen ... es ist ja immer noch eine "IPSec-ähnliche" Implementierung.
Die parallele (einmalige, man muß sich ja nicht pausenlos vera****en lassen) Meldung des Problems an AVM hilft sicherlich auch, ich habe jedoch eher nicht den Eindruck, daß die vom Hersteller dort bisher investierten Bemühungen zu einer merklichen Verbesserung geführt hätten. Das Problem trat ja ursprünglich wohl nur bei Transport-Mode mit Android-Clients auf, scheint sich aber eher "verschärft" zu haben und inzwischen auf andere Gegenstellen auszuweiten, nur FRITZ!Box zu FRITZ!Box funktioniert noch einigermaßen, das ist m.W. auch das einzige, was AVM offiziell unterstützt (mal FRITZ!Fernzugang nicht beachtet, ob der immer geht, wäre die nächste Frage).
Ob das dann am Ende tatsächlich noch ein IPSec-VPN ist, was die entsprechenden Standards (es gibt ja RFCs dazu) umsetzt oder ob es mehr in die Richtung einer proprietären Lösung tendiert, könnte man nur dann verifizieren, wenn es eine "offizielle" Testsuite dafür gäbe. Ich kenne leider keine ... vielleicht ja jemand anderes? Das müßte natürlich eine "allseits" akzeptierte sein, selbst die allgemein als Referenz genommene Cisco-Implementierung ist ja nur die Sicht eines einzelnen Herstellers (auch wenn der schon historisch bedingt erhebliche Anteile an den RFCs hat - neben Nortel Networks).
Code:
2015-05-03 10:47:35 avmike:< cb_sa_create_failed(name=Source,reason=IKE-Error 0x2027) <== normal, der Service auf dem Server mußte erst gestartet werden
2015-05-03 10:48:12 avmike:Source: Phase 1 failed (initiator): IKE-Error 0x2027
2015-05-03 10:48:12 avmike:< cb_sa_create_failed(name=Source,reason=IKE-Error 0x2027)
[COLOR="#FF0000"]2015-05-03 10:48:18 avmike:mainmode Source: selected lifetime: 3600 sec(no notify)
[/COLOR]2015-05-03 10:48:18 avmike:mainmode Source: add SA 2
2015-05-03 10:48:18 avmike:Source remote peer supported XAUTH
2015-05-03 10:48:18 avmike:Source remote peer supported NAT-T RFC 3947
2015-05-03 10:48:18 avmike:Source remote peer supported DPD
2015-05-03 10:48:18 avmike:Source: sending embedded inital contact message (0,85.123.234.12,85.123.234.12)
2015-05-03 10:48:18 avmike:Source: switching to NAT-T (Initiator)
2015-05-03 10:48:18 avmike:Source: Phase 1 ready
2015-05-03 10:48:18 avmike:Source: current=85.123.234.12 new=85.123.234.12:4500
2015-05-03 10:48:18 avmike:Source: local is behind a nat
2015-05-03 10:48:18 avmike:Source: remote is behind a nat
2015-05-03 10:48:18 avmike:Source: start waiting connections
2015-05-03 10:48:18 avmike:Source: Phase 2 starting (start waiting)
2015-05-03 10:48:18 avmike:Source: inital contact message received
2015-05-03 10:48:18 avmike:Source: inital contact message ignored
2015-05-03 10:48:19 avmike:Source: Phase 2 ready
2015-05-03 10:48:19 avmike:< cb_sa_created(name=Source,id=2,...,flags=0x00032101)
2015-05-03 10:48:19 avmike:Source stop_vpn_keepalive to 192.168.xxx.1
[COLOR="#0000FF"]2015-05-03 10:48:19 avmike:Source start_keepalive_timer 3540 sec[/COLOR] <== keine Ahnung, was das am Ende sein soll, sind aber auch 59 Minuten und keine 54
2015-05-03 10:48:19 avmike:Source: start waiting connections
2015-05-03 10:48:19 avmike:Source: NO waiting connections
2015-05-03 10:48:29 avmike:>>>4500 nat-t-keepalive[85.123.234.12:4500]Hier das ziemlich ausführliche und sehr lange Protokoll des "racoon" (log debug2), auch mal als Referenz für das, was eine FRITZ!Box bei Einstellung von
Code:
[...]
phase1ss = "all/all/all";
[...]
phase2ss = "esp-all-all/ah-none/comp-all/pfs";
[...]
Code:
May 3 10:48:17 source racoon[10375]: Setting up IPsec policies..done
May 3 10:48:17 source racoon: ERROR: racoon: MLS support is not enabled.
May 3 10:48:17 source racoon: INFO: @(#)ipsec-tools 0.7.3 (http://ipsec-tools.sourceforge.net)
May 3 10:48:17 source racoon: INFO: @(#)This product linked OpenSSL 1.0.1j 15 Oct 2014 (http://www.openssl.org/)
May 3 10:48:17 source racoon: INFO: Reading configuration from "/etc/racoon/racoon.conf"
May 3 10:48:17 source racoon: INFO: Resize address pool from 0 to 6
May 3 10:48:17 source racoon: DEBUG: compression algorithm can not be checked because sadb message doesn't support it.
May 3 10:48:17 source racoon: DEBUG: getsainfo params: loc='ANONYMOUS', rmt='ANONYMOUS', peer='NULL', id=0
May 3 10:48:17 source racoon: DEBUG: getsainfo pass #2
[COLOR="#0000FF"]May 3 10:48:17 source racoon: DEBUG2: lifetime = 3600 <== das ist der einzige Vorschlag seitens des 'racoon' [/COLOR]
May 3 10:48:17 source racoon: DEBUG2: lifebyte = 0
May 3 10:48:17 source racoon: DEBUG2: encklen=256
May 3 10:48:17 source racoon: DEBUG2: p:1 t:1
May 3 10:48:17 source racoon: DEBUG2: AES-CBC(7)
May 3 10:48:17 source racoon: DEBUG2: SHA(2)
May 3 10:48:17 source racoon: DEBUG2: 1024-bit MODP group(2)
May 3 10:48:17 source racoon: DEBUG2: pre-shared key(1)
May 3 10:48:17 source racoon: DEBUG2:
May 3 10:48:17 source racoon: DEBUG: hmac(modp1024)
May 3 10:48:17 source racoon: DEBUG2: parse successed.
May 3 10:48:17 source racoon: DEBUG: open /var/run/racoon/racoon.sock as racoon management.
May 3 10:48:17 source racoon: INFO: 2a01:cafe:cafe:cafe::1[500] used as isakmp port (fd=7)
May 3 10:48:17 source racoon: INFO: 81.123.234.12[4500] used as isakmp port (fd=8)
May 3 10:48:17 source racoon: INFO: 81.123.234.12[4500] used for NAT-T
May 3 10:48:17 source racoon: INFO: 85.123.234.12[4500] used as isakmp port (fd=9)
May 3 10:48:17 source racoon: INFO: 85.123.234.12[4500] used for NAT-T
May 3 10:48:17 source racoon: INFO: 81.123.234.12[500] used as isakmp port (fd=10)
May 3 10:48:17 source racoon: INFO: 81.123.234.12[500] used for NAT-T
May 3 10:48:17 source racoon: INFO: 85.123.234.12[500] used as isakmp port (fd=11)
May 3 10:48:17 source racoon: INFO: 85.123.234.12[500] used for NAT-T
May 3 10:48:17 source racoon: DEBUG: pk_recv: retry[0] recv()
May 3 10:48:17 source racoon: DEBUG: get pfkey X_SPDDUMP message
May 3 10:48:17 source racoon: DEBUG2:
May 3 10:48:17 source racoon: DEBUG: pfkey X_SPDDUMP failed: No such file or directory
May 3 10:48:17 source racoon[10375]: Starting IPsec IKE daemon (racoon) ..done
May 3 10:48:18 source racoon: DEBUG: ===
May 3 10:48:18 source racoon: DEBUG: 670 bytes message received from 217.123.234.12[500] to 85.123.234.12[500]
May 3 10:48:18 source racoon: DEBUG:
May 3 10:48:18 source racoon: DEBUG: anonymous configuration selected for 217.123.234.12.
May 3 10:48:18 source racoon: DEBUG: ===
May 3 10:48:18 source racoon: INFO: respond new phase 1 negotiation: 85.123.234.12[500]<=>217.123.234.12[500]
May 3 10:48:18 source racoon: INFO: begin Aggressive mode.
May 3 10:48:18 source racoon: DEBUG: begin.
May 3 10:48:18 source racoon: DEBUG: seen nptype=1(sa)
May 3 10:48:18 source racoon: DEBUG: seen nptype=4(ke)
May 3 10:48:18 source racoon: DEBUG: seen nptype=10(nonce)
May 3 10:48:18 source racoon: DEBUG: seen nptype=5(id)
May 3 10:48:18 source racoon: DEBUG: seen nptype=13(vid)
May 3 10:48:18 source racoon: DEBUG: seen nptype=13(vid)
May 3 10:48:18 source racoon: DEBUG: seen nptype=13(vid)
May 3 10:48:18 source racoon: DEBUG: seen nptype=13(vid)
May 3 10:48:18 source racoon: DEBUG: seen nptype=13(vid)
May 3 10:48:18 source racoon: DEBUG: succeed.
May 3 10:48:18 source racoon: DEBUG: received payload of type ke
May 3 10:48:18 source racoon: DEBUG: received payload of type nonce
May 3 10:48:18 source racoon: DEBUG: received payload of type id
May 3 10:48:18 source racoon: DEBUG: received payload of type vid
May 3 10:48:18 source racoon: INFO: received Vendor ID: draft-ietf-ipsra-isakmp-xauth-06.txt
May 3 10:48:18 source racoon: DEBUG: received payload of type vid
May 3 10:48:18 source racoon: INFO: received Vendor ID: DPD
May 3 10:48:18 source racoon: DEBUG: remote supports DPD
May 3 10:48:18 source racoon: DEBUG: received payload of type vid
May 3 10:48:18 source racoon: INFO: received Vendor ID: RFC 3947
May 3 10:48:18 source racoon: DEBUG: received payload of type vid
May 3 10:48:18 source racoon: INFO: received Vendor ID: draft-ietf-ipsec-nat-t-ike-03
May 3 10:48:18 source racoon: DEBUG: received payload of type vid
May 3 10:48:18 source racoon: DEBUG: received unknown Vendor ID
May 3 10:48:18 source racoon: DEBUG:
May 3 10:48:18 source racoon: INFO: Selected NAT-T version: RFC 3947
May 3 10:48:18 source racoon: DEBUG: total SA len=352
May 3 10:48:18 source racoon: DEBUG:
May 3 10:48:18 source racoon: DEBUG: begin.
May 3 10:48:18 source racoon: DEBUG: seen nptype=2(prop)
May 3 10:48:18 source racoon: DEBUG: succeed.
May 3 10:48:18 source racoon: DEBUG: proposal #1 len=344
May 3 10:48:18 source racoon: DEBUG: begin.
May 3 10:48:18 source racoon: DEBUG: seen nptype=3(trns)
May 3 10:48:18 source racoon: DEBUG: seen nptype=3(trns)
May 3 10:48:18 source racoon: DEBUG: seen nptype=3(trns)
May 3 10:48:18 source racoon: DEBUG: seen nptype=3(trns)
May 3 10:48:18 source racoon: DEBUG: seen nptype=3(trns)
May 3 10:48:18 source racoon: DEBUG: seen nptype=3(trns)
May 3 10:48:18 source racoon: DEBUG: seen nptype=3(trns)
May 3 10:48:18 source racoon: DEBUG: seen nptype=3(trns)
May 3 10:48:18 source racoon: DEBUG: seen nptype=3(trns)
May 3 10:48:18 source racoon: DEBUG: seen nptype=3(trns)
May 3 10:48:18 source racoon: DEBUG: succeed.
May 3 10:48:18 source racoon: DEBUG: transform #1 len=36
May 3 10:48:18 source racoon: DEBUG: type=Encryption Algorithm, flag=0x8000, lorv=AES-CBC
May 3 10:48:18 source racoon: DEBUG: encryption(aes)
May 3 10:48:18 source racoon: DEBUG: type=Key Length, flag=0x8000, lorv=256
May 3 10:48:18 source racoon: DEBUG: type=Hash Algorithm, flag=0x8000, lorv=SHA
May 3 10:48:18 source racoon: DEBUG: hash(sha1)
May 3 10:48:18 source racoon: DEBUG: type=Authentication Method, flag=0x8000, lorv=pre-shared key
May 3 10:48:18 source racoon: DEBUG: type=Group Description, flag=0x8000, lorv=1024-bit MODP group
May 3 10:48:18 source racoon: DEBUG: hmac(modp1024)
May 3 10:48:18 source racoon: DEBUG: type=Life Type, flag=0x8000, lorv=seconds
May 3 10:48:18 source racoon: DEBUG: type=Life Duration, flag=0x8000, lorv=3600
May 3 10:48:18 source racoon: DEBUG: transform #2 len=36
May 3 10:48:18 source racoon: DEBUG: type=Encryption Algorithm, flag=0x8000, lorv=AES-CBC
May 3 10:48:18 source racoon: DEBUG: encryption(aes)
May 3 10:48:18 source racoon: DEBUG: type=Key Length, flag=0x8000, lorv=192
May 3 10:48:18 source racoon: DEBUG: type=Hash Algorithm, flag=0x8000, lorv=SHA
May 3 10:48:18 source racoon: DEBUG: hash(sha1)
May 3 10:48:18 source racoon: DEBUG: type=Authentication Method, flag=0x8000, lorv=pre-shared key
May 3 10:48:18 source racoon: DEBUG: type=Group Description, flag=0x8000, lorv=1024-bit MODP group
May 3 10:48:18 source racoon: DEBUG: hmac(modp1024)
May 3 10:48:18 source racoon: DEBUG: type=Life Type, flag=0x8000, lorv=seconds
May 3 10:48:18 source racoon: DEBUG: type=Life Duration, flag=0x8000, lorv=3600
May 3 10:48:18 source racoon: DEBUG: transform #3 len=32
May 3 10:48:18 source racoon: DEBUG: type=Encryption Algorithm, flag=0x8000, lorv=AES-CBC
May 3 10:48:18 source racoon: DEBUG: encryption(aes)
May 3 10:48:18 source racoon: DEBUG: type=Hash Algorithm, flag=0x8000, lorv=SHA
May 3 10:48:18 source racoon: DEBUG: hash(sha1)
May 3 10:48:18 source racoon: DEBUG: type=Authentication Method, flag=0x8000, lorv=pre-shared key
May 3 10:48:18 source racoon: DEBUG: type=Group Description, flag=0x8000, lorv=1024-bit MODP group
May 3 10:48:18 source racoon: DEBUG: hmac(modp1024)
May 3 10:48:18 source racoon: DEBUG: type=Life Type, flag=0x8000, lorv=seconds
May 3 10:48:18 source racoon: DEBUG: type=Life Duration, flag=0x8000, lorv=3600
May 3 10:48:18 source racoon: DEBUG: transform #4 len=32
May 3 10:48:18 source racoon: DEBUG: type=Encryption Algorithm, flag=0x8000, lorv=3DES-CBC
May 3 10:48:18 source racoon: DEBUG: encryption(3des)
May 3 10:48:18 source racoon: DEBUG: type=Hash Algorithm, flag=0x8000, lorv=SHA
May 3 10:48:18 source racoon: DEBUG: hash(sha1)
May 3 10:48:18 source racoon: DEBUG: type=Authentication Method, flag=0x8000, lorv=pre-shared key
May 3 10:48:18 source racoon: DEBUG: type=Group Description, flag=0x8000, lorv=1024-bit MODP group
May 3 10:48:18 source racoon: DEBUG: hmac(modp1024)
May 3 10:48:18 source racoon: DEBUG: type=Life Type, flag=0x8000, lorv=seconds
May 3 10:48:18 source racoon: DEBUG: type=Life Duration, flag=0x8000, lorv=3600
May 3 10:48:18 source racoon: DEBUG: transform #5 len=32
May 3 10:48:18 source racoon: DEBUG: type=Encryption Algorithm, flag=0x8000, lorv=DES-CBC
May 3 10:48:18 source racoon: DEBUG: encryption(des)
May 3 10:48:18 source racoon: DEBUG: type=Hash Algorithm, flag=0x8000, lorv=SHA
May 3 10:48:18 source racoon: DEBUG: hash(sha1)
May 3 10:48:18 source racoon: DEBUG: type=Authentication Method, flag=0x8000, lorv=pre-shared key
May 3 10:48:18 source racoon: DEBUG: type=Group Description, flag=0x8000, lorv=1024-bit MODP group
May 3 10:48:18 source racoon: DEBUG: hmac(modp1024)
May 3 10:48:18 source racoon: DEBUG: type=Life Type, flag=0x8000, lorv=seconds
May 3 10:48:18 source racoon: DEBUG: type=Life Duration, flag=0x8000, lorv=3600
May 3 10:48:18 source racoon: DEBUG: transform #6 len=36
May 3 10:48:18 source racoon: DEBUG: type=Encryption Algorithm, flag=0x8000, lorv=AES-CBC
May 3 10:48:18 source racoon: DEBUG: encryption(aes)
May 3 10:48:18 source racoon: DEBUG: type=Key Length, flag=0x8000, lorv=256
May 3 10:48:18 source racoon: DEBUG: type=Hash Algorithm, flag=0x8000, lorv=MD5
May 3 10:48:18 source racoon: DEBUG: hash(md5)
May 3 10:48:18 source racoon: DEBUG: type=Authentication Method, flag=0x8000, lorv=pre-shared key
May 3 10:48:18 source racoon: DEBUG: type=Group Description, flag=0x8000, lorv=1024-bit MODP group
May 3 10:48:18 source racoon: DEBUG: hmac(modp1024)
May 3 10:48:18 source racoon: DEBUG: type=Life Type, flag=0x8000, lorv=seconds
May 3 10:48:18 source racoon: DEBUG: type=Life Duration, flag=0x8000, lorv=3600
May 3 10:48:18 source racoon: DEBUG: transform #7 len=36
May 3 10:48:18 source racoon: DEBUG: type=Encryption Algorithm, flag=0x8000, lorv=AES-CBC
May 3 10:48:18 source racoon: DEBUG: encryption(aes)
May 3 10:48:18 source racoon: DEBUG: type=Key Length, flag=0x8000, lorv=192
May 3 10:48:18 source racoon: DEBUG: type=Hash Algorithm, flag=0x8000, lorv=MD5
May 3 10:48:18 source racoon: DEBUG: hash(md5)
May 3 10:48:18 source racoon: DEBUG: type=Authentication Method, flag=0x8000, lorv=pre-shared key
May 3 10:48:18 source racoon: DEBUG: type=Group Description, flag=0x8000, lorv=1024-bit MODP group
May 3 10:48:18 source racoon: DEBUG: hmac(modp1024)
May 3 10:48:18 source racoon: DEBUG: type=Life Type, flag=0x8000, lorv=seconds
May 3 10:48:18 source racoon: DEBUG: type=Life Duration, flag=0x8000, lorv=3600
May 3 10:48:18 source racoon: DEBUG: transform #8 len=32
May 3 10:48:18 source racoon: DEBUG: type=Encryption Algorithm, flag=0x8000, lorv=AES-CBC
May 3 10:48:18 source racoon: DEBUG: encryption(aes)
May 3 10:48:18 source racoon: DEBUG: type=Hash Algorithm, flag=0x8000, lorv=MD5
May 3 10:48:18 source racoon: DEBUG: hash(md5)
May 3 10:48:18 source racoon: DEBUG: type=Authentication Method, flag=0x8000, lorv=pre-shared key
May 3 10:48:18 source racoon: DEBUG: type=Group Description, flag=0x8000, lorv=1024-bit MODP group
May 3 10:48:18 source racoon: DEBUG: hmac(modp1024)
May 3 10:48:18 source racoon: DEBUG: type=Life Type, flag=0x8000, lorv=seconds
May 3 10:48:18 source racoon: DEBUG: type=Life Duration, flag=0x8000, lorv=3600
May 3 10:48:18 source racoon: DEBUG: transform #9 len=32
May 3 10:48:18 source racoon: DEBUG: type=Encryption Algorithm, flag=0x8000, lorv=3DES-CBC
May 3 10:48:18 source racoon: DEBUG: encryption(3des)
May 3 10:48:18 source racoon: DEBUG: type=Hash Algorithm, flag=0x8000, lorv=MD5
May 3 10:48:18 source racoon: DEBUG: hash(md5)
May 3 10:48:18 source racoon: DEBUG: type=Authentication Method, flag=0x8000, lorv=pre-shared key
May 3 10:48:18 source racoon: DEBUG: type=Group Description, flag=0x8000, lorv=1024-bit MODP group
May 3 10:48:18 source racoon: DEBUG: hmac(modp1024)
May 3 10:48:18 source racoon: DEBUG: type=Life Type, flag=0x8000, lorv=seconds
May 3 10:48:18 source racoon: DEBUG: type=Life Duration, flag=0x8000, lorv=3600
May 3 10:48:18 source racoon: DEBUG: transform #10 len=32
May 3 10:48:18 source racoon: DEBUG: type=Encryption Algorithm, flag=0x8000, lorv=DES-CBC
May 3 10:48:18 source racoon: DEBUG: encryption(des)
May 3 10:48:18 source racoon: DEBUG: type=Hash Algorithm, flag=0x8000, lorv=MD5
May 3 10:48:18 source racoon: DEBUG: hash(md5)
May 3 10:48:18 source racoon: DEBUG: type=Authentication Method, flag=0x8000, lorv=pre-shared key
May 3 10:48:18 source racoon: DEBUG: type=Group Description, flag=0x8000, lorv=1024-bit MODP group
May 3 10:48:18 source racoon: DEBUG: hmac(modp1024)
May 3 10:48:18 source racoon: DEBUG: type=Life Type, flag=0x8000, lorv=seconds
May 3 10:48:18 source racoon: DEBUG: type=Life Duration, flag=0x8000, lorv=3600
May 3 10:48:18 source racoon: DEBUG: pair 1:
May 3 10:48:18 source racoon: DEBUG: 0xd42ee0: next=(nil) tnext=0xd42f10
May 3 10:48:18 source racoon: DEBUG: 0xd42f10: next=(nil) tnext=0xd42f40
May 3 10:48:18 source racoon: DEBUG: 0xd42f40: next=(nil) tnext=0xd42f70
May 3 10:48:18 source racoon: DEBUG: 0xd42f70: next=(nil) tnext=0xd459d0
May 3 10:48:18 source racoon: DEBUG: 0xd459d0: next=(nil) tnext=0xd45a00
May 3 10:48:18 source racoon: DEBUG: 0xd45a00: next=(nil) tnext=0xd45a30
May 3 10:48:18 source racoon: DEBUG: 0xd45a30: next=(nil) tnext=0xd45a60
May 3 10:48:18 source racoon: DEBUG: 0xd45a60: next=(nil) tnext=0xd45a90
May 3 10:48:18 source racoon: DEBUG: 0xd45a90: next=(nil) tnext=0xd45ac0
May 3 10:48:18 source racoon: DEBUG: 0xd45ac0: next=(nil) tnext=(nil)
May 3 10:48:18 source racoon: DEBUG: proposal #1: 10 transform
May 3 10:48:18 source racoon: DEBUG: prop#=1, prot-id=ISAKMP, spi-size=0, #trns=10
May 3 10:48:18 source racoon: DEBUG: trns#=1, trns-id=IKE
May 3 10:48:18 source racoon: DEBUG: type=Encryption Algorithm, flag=0x8000, lorv=AES-CBC
May 3 10:48:18 source racoon: DEBUG: type=Key Length, flag=0x8000, lorv=256
May 3 10:48:18 source racoon: DEBUG: type=Hash Algorithm, flag=0x8000, lorv=SHA
May 3 10:48:18 source racoon: DEBUG: type=Authentication Method, flag=0x8000, lorv=pre-shared key
May 3 10:48:18 source racoon: DEBUG: type=Group Description, flag=0x8000, lorv=1024-bit MODP group
May 3 10:48:18 source racoon: DEBUG: type=Life Type, flag=0x8000, lorv=seconds
May 3 10:48:18 source racoon: DEBUG: type=Life Duration, flag=0x8000, lorv=3600
May 3 10:48:18 source racoon: DEBUG: Compared: DB:Peer
[COLOR="#0000FF"]May 3 10:48:18 source racoon: DEBUG: (lifetime = 3600:3600) <== der Vorschlag der FRITZ!Box paßt[/COLOR]
May 3 10:48:18 source racoon: DEBUG: (lifebyte = 0:0)
May 3 10:48:18 source racoon: DEBUG: enctype = AES-CBC:AES-CBC
May 3 10:48:18 source racoon: DEBUG: (encklen = 256:256)
May 3 10:48:18 source racoon: DEBUG: hashtype = SHA:SHA
May 3 10:48:18 source racoon: DEBUG: authmethod = pre-shared key:pre-shared key
May 3 10:48:18 source racoon: DEBUG: dh_group = 1024-bit MODP group:1024-bit MODP group
May 3 10:48:18 source racoon: DEBUG: an acceptable proposal found.
May 3 10:48:18 source racoon: DEBUG: hmac(modp1024)
[COLOR="#0000FF"]May 3 10:48:18 source racoon: DEBUG: agreed on pre-shared key auth.[/COLOR]
May 3 10:48:18 source racoon: DEBUG: ===
May 3 10:48:18 source racoon: DEBUG: new cookie:
May 3 10:48:18 source racoon: DEBUG: use ID type of FQDN
May 3 10:48:18 source racoon: oakley_dh_generate(MODP1024): 0.003069
May 3 10:48:18 source racoon: DEBUG: compute DH's private.
May 3 10:48:18 source racoon: DEBUG:
May 3 10:48:18 source racoon: DEBUG: compute DH's public.
May 3 10:48:18 source racoon: DEBUG:
May 3 10:48:18 source racoon: oakley_dh_compute(MODP1024): 0.000868
May 3 10:48:18 source racoon: DEBUG: compute DH's shared.
May 3 10:48:18 source racoon: DEBUG:
May 3 10:48:18 source racoon: DEBUG: the psk found.
May 3 10:48:18 source racoon: DEBUG2: psk:
May 3 10:48:18 source racoon: DEBUG2:
May 3 10:48:18 source racoon: DEBUG: nonce 1:
May 3 10:48:18 source racoon: DEBUG:
May 3 10:48:18 source racoon: DEBUG: nonce 2:
May 3 10:48:18 source racoon: DEBUG:
May 3 10:48:18 source racoon: DEBUG: hmac(hmac_sha1)
May 3 10:48:18 source racoon: alg_oakley_hmacdef_one(hmac_sha1 size=32): 0.000027
May 3 10:48:18 source racoon: DEBUG: SKEYID computed:
May 3 10:48:18 source racoon: DEBUG:
May 3 10:48:18 source racoon: DEBUG: hmac(hmac_sha1)
May 3 10:48:18 source racoon: alg_oakley_hmacdef_one(hmac_sha1 size=145): 0.000009
May 3 10:48:18 source racoon: DEBUG: SKEYID_d computed:
May 3 10:48:18 source racoon: DEBUG:
May 3 10:48:18 source racoon: DEBUG: hmac(hmac_sha1)
May 3 10:48:18 source racoon: alg_oakley_hmacdef_one(hmac_sha1 size=165): 0.000007
May 3 10:48:18 source racoon: DEBUG: SKEYID_a computed:
May 3 10:48:18 source racoon: DEBUG:
May 3 10:48:18 source racoon: DEBUG: hmac(hmac_sha1)
May 3 10:48:18 source racoon: alg_oakley_hmacdef_one(hmac_sha1 size=165): 0.000005
May 3 10:48:18 source racoon: DEBUG: SKEYID_e computed:
May 3 10:48:18 source racoon: DEBUG:
May 3 10:48:18 source racoon: DEBUG: encryption(aes)
May 3 10:48:18 source racoon: DEBUG: hash(sha1)
May 3 10:48:18 source racoon: DEBUG: len(SKEYID_e) < len(Ka) (20 < 32), generating long key (Ka = K1 | K2 | ...)
May 3 10:48:18 source racoon: DEBUG: hmac(hmac_sha1)
May 3 10:48:18 source racoon: alg_oakley_hmacdef_one(hmac_sha1 size=1): 0.000005
May 3 10:48:18 source racoon: DEBUG: compute intermediate encryption key K1
May 3 10:48:18 source racoon: DEBUG:
May 3 10:48:18 source racoon: DEBUG:
May 3 10:48:18 source racoon: DEBUG: hmac(hmac_sha1)
May 3 10:48:18 source racoon: alg_oakley_hmacdef_one(hmac_sha1 size=20): 0.000005
May 3 10:48:18 source racoon: DEBUG: compute intermediate encryption key K2
May 3 10:48:18 source racoon: DEBUG:
May 3 10:48:18 source racoon: DEBUG:
May 3 10:48:18 source racoon: DEBUG: final encryption key computed:
May 3 10:48:18 source racoon: DEBUG:
May 3 10:48:18 source racoon: DEBUG: hash(sha1)
May 3 10:48:18 source racoon: DEBUG: encryption(aes)
May 3 10:48:18 source racoon: DEBUG: IV computed:
May 3 10:48:18 source racoon: DEBUG:
May 3 10:48:18 source racoon: DEBUG: generate HASH_R
May 3 10:48:18 source racoon: DEBUG: HASH with:
May 3 10:48:18 source racoon: DEBUG:
May 3 10:48:18 source racoon: DEBUG: hmac(hmac_sha1)
May 3 10:48:18 source racoon: alg_oakley_hmacdef_one(hmac_sha1 size=649): 0.000010
May 3 10:48:18 source racoon: DEBUG: HASH (resp) computed:
May 3 10:48:18 source racoon: DEBUG:
May 3 10:48:18 source racoon: INFO: Adding remote and local NAT-D payloads.
May 3 10:48:18 source racoon: INFO: Hashing 217.123.234.12[500] with algo #2 (NAT-T forced)
May 3 10:48:18 source racoon: DEBUG: hash(sha1)
May 3 10:48:18 source racoon: INFO: Hashing 85.123.234.12[500] with algo #2 (NAT-T forced)
May 3 10:48:18 source racoon: DEBUG: hash(sha1)
May 3 10:48:18 source racoon: INFO: Adding xauth VID payload.
May 3 10:48:18 source racoon: DEBUG: add payload of len 52, next type 4
May 3 10:48:18 source racoon: DEBUG: add payload of len 128, next type 10
May 3 10:48:18 source racoon: DEBUG: add payload of len 16, next type 5
May 3 10:48:18 source racoon: DEBUG: add payload of len 25, next type 8
May 3 10:48:18 source racoon: DEBUG: add payload of len 20, next type 13
May 3 10:48:18 source racoon: DEBUG: add payload of len 8, next type 13
May 3 10:48:18 source racoon: DEBUG: add payload of len 16, next type 20
May 3 10:48:18 source racoon: DEBUG: add payload of len 20, next type 20
May 3 10:48:18 source racoon: DEBUG: add payload of len 20, next type 13
May 3 10:48:18 source racoon: DEBUG: add payload of len 16, next type 0
May 3 10:48:18 source racoon: DEBUG: 389 bytes from 85.123.234.12[500] to 217.123.234.12[500]
May 3 10:48:18 source racoon: DEBUG: sockname 85.123.234.12[500]
May 3 10:48:18 source racoon: DEBUG: send packet from 85.123.234.12[500]
May 3 10:48:18 source racoon: DEBUG: send packet to 217.123.234.12[500]
May 3 10:48:18 source racoon: DEBUG: src4 85.123.234.12[500]
May 3 10:48:18 source racoon: DEBUG: dst4 217.123.234.12[500]
May 3 10:48:18 source racoon: DEBUG: 1 times of 389 bytes message will be sent to 217.123.234.12[500]
May 3 10:48:18 source racoon: DEBUG:
May 3 10:48:18 source racoon: DEBUG: resend phase1 packet 74dd0c0ddf4c2c25:9ebbd53515db1f0a
May 3 10:48:18 source racoon: phase1(agg R msg1): 0.116032
May 3 10:48:18 source racoon: DEBUG: ===
May 3 10:48:18 source racoon: DEBUG: 140 bytes message received from 217.123.234.12[4500] to 85.123.234.12[4500]
May 3 10:48:18 source racoon: DEBUG:
May 3 10:48:18 source racoon: INFO: NAT-T: ports changed to: 217.123.234.12[4500]<->85.123.234.12[4500]
May 3 10:48:18 source racoon: DEBUG: begin decryption.
May 3 10:48:18 source racoon: DEBUG: encryption(aes)
May 3 10:48:18 source racoon: DEBUG: IV was saved for next processing:
May 3 10:48:18 source racoon: DEBUG:
May 3 10:48:18 source racoon: DEBUG: encryption(aes)
May 3 10:48:18 source racoon: alg_oakley_encdef_decrypt(aes klen=256 size=112): 0.000073
May 3 10:48:18 source racoon: DEBUG: with key:
May 3 10:48:18 source racoon: DEBUG:
May 3 10:48:18 source racoon: DEBUG: decrypted payload by IV:
May 3 10:48:18 source racoon: DEBUG:
May 3 10:48:18 source racoon: DEBUG: decrypted payload, but not trimed.
May 3 10:48:18 source racoon: DEBUG:
May 3 10:48:18 source racoon: DEBUG: padding len=0
May 3 10:48:18 source racoon: DEBUG: skip to trim padding.
May 3 10:48:18 source racoon: DEBUG: decrypted.
May 3 10:48:18 source racoon: DEBUG:
May 3 10:48:18 source racoon: DEBUG: begin.
May 3 10:48:18 source racoon: DEBUG: seen nptype=8(hash)
May 3 10:48:18 source racoon: DEBUG: seen nptype=20(nat-d)
May 3 10:48:18 source racoon: DEBUG: seen nptype=20(nat-d)
May 3 10:48:18 source racoon: DEBUG: seen nptype=11(notify)
May 3 10:48:18 source racoon: DEBUG: succeed.
May 3 10:48:18 source racoon: INFO: NAT-D payload #0 doesn't match
May 3 10:48:18 source racoon: INFO: NAT-D payload #1 doesn't match
[COLOR="#00FF00"]May 3 10:48:18 source racoon: DEBUG: Notify Message received
May 3 10:48:18 source racoon: WARNING: ignore INITIAL-CONTACT notification, because it is only accepted after phase1.[/COLOR]
May 3 10:48:18 source racoon: INFO: NAT detected: ME PEER
May 3 10:48:18 source racoon: DEBUG: HASH received:
May 3 10:48:18 source racoon: DEBUG:
May 3 10:48:18 source racoon: DEBUG: HASH with:
May 3 10:48:18 source racoon: DEBUG:
May 3 10:48:18 source racoon: DEBUG: hmac(hmac_sha1)
May 3 10:48:18 source racoon: alg_oakley_hmacdef_one(hmac_sha1 size=662): 0.000022
May 3 10:48:18 source racoon: DEBUG: HASH (resp) computed:
May 3 10:48:18 source racoon: DEBUG:
May 3 10:48:18 source racoon: DEBUG: HASH for PSK validated.
May 3 10:48:18 source racoon: oakley_validate_auth(pre-shared key): 0.002942
May 3 10:48:18 source racoon: DEBUG: ===
May 3 10:48:18 source racoon: phase1(???): 0.008522
May 3 10:48:18 source racoon: phase1(Aggressive): 0.450012
May 3 10:48:18 source racoon: DEBUG: compute IV for phase2
May 3 10:48:18 source racoon: DEBUG: phase1 last IV:
May 3 10:48:18 source racoon: DEBUG:
May 3 10:48:18 source racoon: DEBUG: hash(sha1)
May 3 10:48:18 source racoon: DEBUG: encryption(aes)
May 3 10:48:18 source racoon: DEBUG: phase2 IV computed:
May 3 10:48:18 source racoon: DEBUG:
May 3 10:48:18 source racoon: DEBUG: HASH with:
May 3 10:48:18 source racoon: DEBUG:
May 3 10:48:18 source racoon: DEBUG: hmac(hmac_sha1)
May 3 10:48:18 source racoon: alg_oakley_hmacdef_one(hmac_sha1 size=32): 0.000018
May 3 10:48:18 source racoon: DEBUG: HASH computed:
May 3 10:48:18 source racoon: DEBUG:
May 3 10:48:18 source racoon: DEBUG: begin encryption.
May 3 10:48:18 source racoon: DEBUG: encryption(aes)
May 3 10:48:18 source racoon: DEBUG: pad length = 12
May 3 10:48:18 source racoon: DEBUG:
May 3 10:48:18 source racoon: DEBUG: encryption(aes)
May 3 10:48:18 source racoon: alg_oakley_encdef_encrypt(aes klen=256 size=64): 0.000015
May 3 10:48:18 source racoon: DEBUG: with key:
May 3 10:48:18 source racoon: DEBUG:
May 3 10:48:18 source racoon: DEBUG: encrypted payload by IV:
May 3 10:48:18 source racoon: DEBUG:
May 3 10:48:18 source racoon: DEBUG: save IV for next:
May 3 10:48:18 source racoon: DEBUG:
May 3 10:48:18 source racoon: DEBUG: encrypted.
May 3 10:48:18 source racoon: DEBUG: Adding NON-ESP marker
May 3 10:48:18 source racoon: DEBUG: 96 bytes from 85.123.234.12[4500] to 217.123.234.12[4500]
May 3 10:48:18 source racoon: DEBUG: sockname 85.123.234.12[4500]
May 3 10:48:18 source racoon: DEBUG: send packet from 85.123.234.12[4500]
May 3 10:48:18 source racoon: DEBUG: send packet to 217.123.234.12[4500]
May 3 10:48:18 source racoon: DEBUG: src4 85.123.234.12[4500]
May 3 10:48:18 source racoon: DEBUG: dst4 217.123.234.12[4500]
May 3 10:48:18 source racoon: DEBUG: 1 times of 96 bytes message will be sent to 217.123.234.12[4500]
May 3 10:48:18 source racoon: DEBUG:
May 3 10:48:18 source racoon: DEBUG: sendto Information notify.
May 3 10:48:18 source racoon: DEBUG: IV freed
May 3 10:48:18 source racoon: INFO: ISAKMP-SA established 85.123.234.12[4500]-217.123.234.12[4500] spi:74dd0c0ddf4c2c25:9ebbd53515db1f0a
May 3 10:48:18 source racoon: DEBUG: ===
May 3 10:48:19 source racoon: DEBUG: ===
May 3 10:48:19 source racoon: DEBUG: 2108 bytes message received from 217.123.234.12[4500] to 85.123.234.12[4500]
May 3 10:48:19 source racoon: DEBUG:
May 3 10:48:19 source racoon: DEBUG: compute IV for phase2
May 3 10:48:19 source racoon: DEBUG: phase1 last IV:
May 3 10:48:19 source racoon: DEBUG:
May 3 10:48:19 source racoon: DEBUG: hash(sha1)
May 3 10:48:19 source racoon: DEBUG: encryption(aes)
May 3 10:48:19 source racoon: DEBUG: phase2 IV computed:
May 3 10:48:19 source racoon: DEBUG:
May 3 10:48:19 source racoon: DEBUG: ===
[COLOR="#0000FF"]May 3 10:48:19 source racoon: INFO: respond new phase 2 negotiation: 85.123.234.12[4500]<=>217.123.234.12[4500]
[/COLOR]May 3 10:48:19 source racoon: DEBUG: begin decryption.
May 3 10:48:19 source racoon: DEBUG: encryption(aes)
May 3 10:48:19 source racoon: DEBUG: IV was saved for next processing:
May 3 10:48:19 source racoon: DEBUG:
May 3 10:48:19 source racoon: DEBUG: encryption(aes)
May 3 10:48:19 source racoon: alg_oakley_encdef_decrypt(aes klen=256 size=2080): 0.000055
May 3 10:48:19 source racoon: DEBUG: with key:
May 3 10:48:19 source racoon: DEBUG:
May 3 10:48:19 source racoon: DEBUG: decrypted payload by IV:
May 3 10:48:19 source racoon: DEBUG:
May 3 10:48:19 source racoon: DEBUG: decrypted payload, but not trimed.
May 3 10:48:19 source racoon: DEBUG:
May 3 10:48:19 source racoon: DEBUG: padding len=0
May 3 10:48:19 source racoon: DEBUG:
May 3 10:48:19 source racoon: DEBUG: begin.
May 3 10:48:19 source racoon: DEBUG: seen nptype=8(hash)
May 3 10:48:19 source racoon: DEBUG: seen nptype=1(sa)
May 3 10:48:19 source racoon: DEBUG: seen nptype=10(nonce)
May 3 10:48:19 source racoon: DEBUG: seen nptype=4(ke)
May 3 10:48:19 source racoon: DEBUG: seen nptype=5(id)
May 3 10:48:19 source racoon: DEBUG: seen nptype=5(id)
May 3 10:48:19 source racoon: DEBUG: succeed.
May 3 10:48:19 source racoon: DEBUG: received IDci2:
May 3 10:48:19 source racoon: DEBUG:
May 3 10:48:19 source racoon: DEBUG: received IDcr2:
May 3 10:48:19 source racoon: DEBUG:
May 3 10:48:19 source racoon: DEBUG: HASH(1) validate:
May 3 10:48:19 source racoon: DEBUG:
May 3 10:48:19 source racoon: DEBUG: HASH with:
May 3 10:48:19 source racoon: DEBUG:
May 3 10:48:19 source racoon: DEBUG: hmac(hmac_sha1)
May 3 10:48:19 source racoon: alg_oakley_hmacdef_one(hmac_sha1 size=2048): 0.000034
May 3 10:48:19 source racoon: DEBUG: HASH computed:
May 3 10:48:19 source racoon: DEBUG:
May 3 10:48:19 source racoon: DEBUG: anonymous configuration selected for 217.123.234.12.
May 3 10:48:19 source racoon: DEBUG: getsainfo params: loc='192.168.123.0/28', rmt='192.168.234.0/28', peer='fritzbox-dyndns-name', id=0
May 3 10:48:19 source racoon: DEBUG: getsainfo pass #1
May 3 10:48:19 source racoon: DEBUG: evaluating sainfo: loc='ANONYMOUS', rmt='ANONYMOUS', peer='ANY', id=0
May 3 10:48:19 source racoon: DEBUG: getsainfo pass #2
May 3 10:48:19 source racoon: DEBUG: evaluating sainfo: loc='ANONYMOUS', rmt='ANONYMOUS', peer='ANY', id=0
May 3 10:48:19 source racoon: DEBUG: selected sainfo: loc='ANONYMOUS', rmt='ANONYMOUS', peer='ANY', id=0
May 3 10:48:19 source racoon: DEBUG: get a src address from ID payload 192.168.234.0[0] prefixlen=28 ul_proto=255
May 3 10:48:19 source racoon: DEBUG: get dst address from ID payload 192.168.123.0[0] prefixlen=28 ul_proto=255
May 3 10:48:19 source racoon: DEBUG: begin.
May 3 10:48:19 source racoon: DEBUG: seen nptype=2(prop)
May 3 10:48:19 source racoon: DEBUG: seen nptype=2(prop)
May 3 10:48:19 source racoon: DEBUG: seen nptype=2(prop)
May 3 10:48:19 source racoon: DEBUG: seen nptype=2(prop)
May 3 10:48:19 source racoon: DEBUG: seen nptype=2(prop)
May 3 10:48:19 source racoon: DEBUG: seen nptype=2(prop)
May 3 10:48:19 source racoon: DEBUG: seen nptype=2(prop)
May 3 10:48:19 source racoon: DEBUG: seen nptype=2(prop)
May 3 10:48:19 source racoon: DEBUG: seen nptype=2(prop)
May 3 10:48:19 source racoon: DEBUG: seen nptype=2(prop)
May 3 10:48:19 source racoon: DEBUG: seen nptype=2(prop)
May 3 10:48:19 source racoon: DEBUG: seen nptype=2(prop)
May 3 10:48:19 source racoon: DEBUG: seen nptype=2(prop)
May 3 10:48:19 source racoon: DEBUG: seen nptype=2(prop)
May 3 10:48:19 source racoon: DEBUG: seen nptype=2(prop)
May 3 10:48:19 source racoon: DEBUG: seen nptype=2(prop)
May 3 10:48:19 source racoon: DEBUG: seen nptype=2(prop)
May 3 10:48:19 source racoon: DEBUG: seen nptype=2(prop)
May 3 10:48:19 source racoon: DEBUG: seen nptype=2(prop)
May 3 10:48:19 source racoon: DEBUG: seen nptype=2(prop)
May 3 10:48:19 source racoon: DEBUG: seen nptype=2(prop)
May 3 10:48:19 source racoon: DEBUG: seen nptype=2(prop)
May 3 10:48:19 source racoon: DEBUG: seen nptype=2(prop)
May 3 10:48:19 source racoon: DEBUG: seen nptype=2(prop)
May 3 10:48:19 source racoon: DEBUG: seen nptype=2(prop)
May 3 10:48:19 source racoon: DEBUG: seen nptype=2(prop)
May 3 10:48:19 source racoon: DEBUG: seen nptype=2(prop)
May 3 10:48:19 source racoon: DEBUG: seen nptype=2(prop)
May 3 10:48:19 source racoon: DEBUG: seen nptype=2(prop)
May 3 10:48:19 source racoon: DEBUG: seen nptype=2(prop)
May 3 10:48:19 source racoon: DEBUG: seen nptype=2(prop)
May 3 10:48:19 source racoon: DEBUG: seen nptype=2(prop)
May 3 10:48:19 source racoon: DEBUG: seen nptype=2(prop)
May 3 10:48:19 source racoon: DEBUG: seen nptype=2(prop)
May 3 10:48:19 source racoon: DEBUG: seen nptype=2(prop)
May 3 10:48:19 source racoon: DEBUG: seen nptype=2(prop)
May 3 10:48:19 source racoon: DEBUG: seen nptype=2(prop)
May 3 10:48:19 source racoon: DEBUG: seen nptype=2(prop)
May 3 10:48:19 source racoon: DEBUG: seen nptype=2(prop)
May 3 10:48:19 source racoon: DEBUG: seen nptype=2(prop)
May 3 10:48:19 source racoon: DEBUG: seen nptype=2(prop)
May 3 10:48:19 source racoon: DEBUG: seen nptype=2(prop)
May 3 10:48:19 source racoon: DEBUG: seen nptype=2(prop)
May 3 10:48:19 source racoon: DEBUG: seen nptype=2(prop)
May 3 10:48:19 source racoon: DEBUG: seen nptype=2(prop)
May 3 10:48:19 source racoon: DEBUG: seen nptype=2(prop)
May 3 10:48:19 source racoon: DEBUG: seen nptype=2(prop)
May 3 10:48:19 source racoon: DEBUG: seen nptype=2(prop)
May 3 10:48:19 source racoon: DEBUG: seen nptype=2(prop)
May 3 10:48:19 source racoon: DEBUG: seen nptype=2(prop)
May 3 10:48:19 source racoon: DEBUG: succeed.
May 3 10:48:19 source racoon: DEBUG: begin.
May 3 10:48:19 source racoon: DEBUG: seen nptype=3(trns)
May 3 10:48:19 source racoon: DEBUG: succeed.
May 3 10:48:19 source racoon: INFO: no policy found, try to generate the policy : 192.168.234.0/28[0] 192.168.123.0/28[0] proto=any dir=in
May 3 10:48:19 source racoon: DEBUG: total SA len=1856
May 3 10:48:19 source racoon: DEBUG:
May 3 10:48:19 source racoon: DEBUG: begin.
May 3 10:48:19 source racoon: DEBUG: seen nptype=2(prop)
May 3 10:48:19 source racoon: DEBUG: seen nptype=2(prop)
May 3 10:48:19 source racoon: DEBUG: seen nptype=2(prop)
May 3 10:48:19 source racoon: DEBUG: seen nptype=2(prop)
May 3 10:48:19 source racoon: DEBUG: seen nptype=2(prop)
May 3 10:48:19 source racoon: DEBUG: seen nptype=2(prop)
May 3 10:48:19 source racoon: DEBUG: seen nptype=2(prop)
May 3 10:48:19 source racoon: DEBUG: seen nptype=2(prop)
May 3 10:48:19 source racoon: DEBUG: seen nptype=2(prop)
May 3 10:48:19 source racoon: DEBUG: seen nptype=2(prop)
May 3 10:48:19 source racoon: DEBUG: seen nptype=2(prop)
May 3 10:48:19 source racoon: DEBUG: seen nptype=2(prop)
May 3 10:48:19 source racoon: DEBUG: seen nptype=2(prop)
May 3 10:48:19 source racoon: DEBUG: seen nptype=2(prop)
May 3 10:48:19 source racoon: DEBUG: seen nptype=2(prop)
May 3 10:48:19 source racoon: DEBUG: seen nptype=2(prop)
May 3 10:48:19 source racoon: DEBUG: seen nptype=2(prop)
May 3 10:48:19 source racoon: DEBUG: seen nptype=2(prop)
May 3 10:48:19 source racoon: DEBUG: seen nptype=2(prop)
May 3 10:48:19 source racoon: DEBUG: seen nptype=2(prop)
May 3 10:48:19 source racoon: DEBUG: seen nptype=2(prop)
May 3 10:48:19 source racoon: DEBUG: seen nptype=2(prop)
May 3 10:48:19 source racoon: DEBUG: seen nptype=2(prop)
May 3 10:48:19 source racoon: DEBUG: seen nptype=2(prop)
May 3 10:48:19 source racoon: DEBUG: seen nptype=2(prop)
May 3 10:48:19 source racoon: DEBUG: seen nptype=2(prop)
May 3 10:48:19 source racoon: DEBUG: seen nptype=2(prop)
May 3 10:48:19 source racoon: DEBUG: seen nptype=2(prop)
May 3 10:48:19 source racoon: DEBUG: seen nptype=2(prop)
May 3 10:48:19 source racoon: DEBUG: seen nptype=2(prop)
May 3 10:48:19 source racoon: DEBUG: seen nptype=2(prop)
May 3 10:48:19 source racoon: DEBUG: seen nptype=2(prop)
May 3 10:48:19 source racoon: DEBUG: seen nptype=2(prop)
May 3 10:48:19 source racoon: DEBUG: seen nptype=2(prop)
May 3 10:48:19 source racoon: DEBUG: seen nptype=2(prop)
May 3 10:48:19 source racoon: DEBUG: seen nptype=2(prop)
May 3 10:48:19 source racoon: DEBUG: seen nptype=2(prop)
May 3 10:48:19 source racoon: DEBUG: seen nptype=2(prop)
May 3 10:48:19 source racoon: DEBUG: seen nptype=2(prop)
May 3 10:48:19 source racoon: DEBUG: seen nptype=2(prop)
May 3 10:48:19 source racoon: DEBUG: seen nptype=2(prop)
May 3 10:48:19 source racoon: DEBUG: seen nptype=2(prop)
May 3 10:48:19 source racoon: DEBUG: seen nptype=2(prop)
May 3 10:48:19 source racoon: DEBUG: seen nptype=2(prop)
May 3 10:48:19 source racoon: DEBUG: seen nptype=2(prop)
May 3 10:48:19 source racoon: DEBUG: seen nptype=2(prop)
May 3 10:48:19 source racoon: DEBUG: seen nptype=2(prop)
May 3 10:48:19 source racoon: DEBUG: seen nptype=2(prop)
May 3 10:48:19 source racoon: DEBUG: seen nptype=2(prop)
May 3 10:48:19 source racoon: DEBUG: seen nptype=2(prop)
May 3 10:48:19 source racoon: DEBUG: succeed.
May 3 10:48:19 source racoon: DEBUG: proposal #1 len=44
May 3 10:48:19 source racoon: DEBUG: begin.
May 3 10:48:19 source racoon: DEBUG: seen nptype=3(trns)
May 3 10:48:19 source racoon: DEBUG: succeed.
May 3 10:48:19 source racoon: DEBUG: transform #1 len=32
May 3 10:48:19 source racoon: DEBUG: type=Key Length, flag=0x8000, lorv=256
May 3 10:48:19 source racoon: DEBUG: type=Authentication Algorithm, flag=0x8000, lorv=hmac-sha
May 3 10:48:19 source racoon: DEBUG: type=Group Description, flag=0x8000, lorv=2
May 3 10:48:19 source racoon: DEBUG: hmac(modp1024)
May 3 10:48:19 source racoon: DEBUG: type=SA Life Type, flag=0x8000, lorv=seconds
May 3 10:48:19 source racoon: DEBUG: type=SA Life Duration, flag=0x8000, lorv=3600
May 3 10:48:19 source racoon: DEBUG: life duration was in TLV.
May 3 10:48:19 source racoon: DEBUG: type=Encryption Mode, flag=0x8000, lorv=UDP-Tunnel
May 3 10:48:19 source racoon: DEBUG: UDP encapsulation requested
May 3 10:48:19 source racoon: DEBUG: proposal #1 len=30
May 3 10:48:19 source racoon: DEBUG: begin.
May 3 10:48:19 source racoon: DEBUG: seen nptype=3(trns)
May 3 10:48:19 source racoon: DEBUG: succeed.
May 3 10:48:19 source racoon: DEBUG: transform #1 len=20
May 3 10:48:19 source racoon: ERROR: invalid transform-id=4 in IPCOMP.
May 3 10:48:19 source racoon: DEBUG: proposal #2 len=44
May 3 10:48:19 source racoon: DEBUG: begin.
May 3 10:48:19 source racoon: DEBUG: seen nptype=3(trns)
May 3 10:48:19 source racoon: DEBUG: succeed.
May 3 10:48:19 source racoon: DEBUG: transform #1 len=32
May 3 10:48:19 source racoon: DEBUG: type=Key Length, flag=0x8000, lorv=256
May 3 10:48:19 source racoon: DEBUG: type=Authentication Algorithm, flag=0x8000, lorv=hmac-sha
May 3 10:48:19 source racoon: DEBUG: type=Group Description, flag=0x8000, lorv=2
May 3 10:48:19 source racoon: DEBUG: hmac(modp1024)
May 3 10:48:19 source racoon: DEBUG: type=SA Life Type, flag=0x8000, lorv=seconds
May 3 10:48:19 source racoon: DEBUG: type=SA Life Duration, flag=0x8000, lorv=3600
May 3 10:48:19 source racoon: DEBUG: life duration was in TLV.
May 3 10:48:19 source racoon: DEBUG: type=Encryption Mode, flag=0x8000, lorv=UDP-Tunnel
May 3 10:48:19 source racoon: DEBUG: UDP encapsulation requested
May 3 10:48:19 source racoon: DEBUG: proposal #2 len=30
May 3 10:48:19 source racoon: DEBUG: begin.
May 3 10:48:19 source racoon: DEBUG: seen nptype=3(trns)
May 3 10:48:19 source racoon: DEBUG: succeed.
May 3 10:48:19 source racoon: DEBUG: transform #1 len=20
May 3 10:48:19 source racoon: DEBUG: type=1, flag=0x8000, lorv=0x0001
May 3 10:48:19 source racoon: DEBUG: type=2, flag=0x8000, lorv=0x0e10
May 3 10:48:19 source racoon: DEBUG: life duration was in TLV.
May 3 10:48:19 source racoon: DEBUG: type=4, flag=0x8000, lorv=0x0003
May 3 10:48:19 source racoon: DEBUG: UDP encapsulation requested
May 3 10:48:19 source racoon: DEBUG: proposal #3 len=44
May 3 10:48:19 source racoon: DEBUG: begin.
May 3 10:48:19 source racoon: DEBUG: seen nptype=3(trns)
May 3 10:48:19 source racoon: DEBUG: succeed.
May 3 10:48:19 source racoon: DEBUG: transform #1 len=32
May 3 10:48:19 source racoon: DEBUG: type=Key Length, flag=0x8000, lorv=256
May 3 10:48:19 source racoon: DEBUG: type=Authentication Algorithm, flag=0x8000, lorv=hmac-sha
May 3 10:48:19 source racoon: DEBUG: type=Group Description, flag=0x8000, lorv=2
May 3 10:48:19 source racoon: DEBUG: hmac(modp1024)
May 3 10:48:19 source racoon: DEBUG: type=SA Life Type, flag=0x8000, lorv=seconds
May 3 10:48:19 source racoon: DEBUG: type=SA Life Duration, flag=0x8000, lorv=3600
May 3 10:48:19 source racoon: DEBUG: life duration was in TLV.
May 3 10:48:19 source racoon: DEBUG: type=Encryption Mode, flag=0x8000, lorv=UDP-Tunnel
May 3 10:48:19 source racoon: DEBUG: UDP encapsulation requested
May 3 10:48:19 source racoon: DEBUG: proposal #4 len=44
May 3 10:48:19 source racoon: DEBUG: begin.
May 3 10:48:19 source racoon: DEBUG: seen nptype=3(trns)
May 3 10:48:19 source racoon: DEBUG: succeed.
May 3 10:48:19 source racoon: DEBUG: transform #1 len=32
May 3 10:48:19 source racoon: DEBUG: type=Key Length, flag=0x8000, lorv=192
May 3 10:48:19 source racoon: DEBUG: type=Authentication Algorithm, flag=0x8000, lorv=hmac-sha
May 3 10:48:19 source racoon: DEBUG: type=Group Description, flag=0x8000, lorv=2
May 3 10:48:19 source racoon: DEBUG: hmac(modp1024)
May 3 10:48:19 source racoon: DEBUG: type=SA Life Type, flag=0x8000, lorv=seconds
May 3 10:48:19 source racoon: DEBUG: type=SA Life Duration, flag=0x8000, lorv=3600
May 3 10:48:19 source racoon: DEBUG: life duration was in TLV.
May 3 10:48:19 source racoon: DEBUG: type=Encryption Mode, flag=0x8000, lorv=UDP-Tunnel
May 3 10:48:19 source racoon: DEBUG: UDP encapsulation requested
May 3 10:48:19 source racoon: DEBUG: proposal #4 len=30
May 3 10:48:19 source racoon: DEBUG: begin.
May 3 10:48:19 source racoon: DEBUG: seen nptype=3(trns)
May 3 10:48:19 source racoon: DEBUG: succeed.
May 3 10:48:19 source racoon: DEBUG: transform #1 len=20
May 3 10:48:19 source racoon: ERROR: invalid transform-id=4 in IPCOMP.
May 3 10:48:19 source racoon: DEBUG: proposal #5 len=44
May 3 10:48:19 source racoon: DEBUG: begin.
May 3 10:48:19 source racoon: DEBUG: seen nptype=3(trns)
May 3 10:48:19 source racoon: DEBUG: succeed.
May 3 10:48:19 source racoon: DEBUG: transform #1 len=32
May 3 10:48:19 source racoon: DEBUG: type=Key Length, flag=0x8000, lorv=192
May 3 10:48:19 source racoon: DEBUG: type=Authentication Algorithm, flag=0x8000, lorv=hmac-sha
May 3 10:48:19 source racoon: DEBUG: type=Group Description, flag=0x8000, lorv=2
May 3 10:48:19 source racoon: DEBUG: hmac(modp1024)
May 3 10:48:19 source racoon: DEBUG: type=SA Life Type, flag=0x8000, lorv=seconds
May 3 10:48:19 source racoon: DEBUG: type=SA Life Duration, flag=0x8000, lorv=3600
May 3 10:48:19 source racoon: DEBUG: life duration was in TLV.
May 3 10:48:19 source racoon: DEBUG: type=Encryption Mode, flag=0x8000, lorv=UDP-Tunnel
May 3 10:48:19 source racoon: DEBUG: UDP encapsulation requested
May 3 10:48:19 source racoon: DEBUG: proposal #5 len=30
May 3 10:48:19 source racoon: DEBUG: begin.
May 3 10:48:19 source racoon: DEBUG: seen nptype=3(trns)
May 3 10:48:19 source racoon: DEBUG: succeed.
May 3 10:48:19 source racoon: DEBUG: transform #1 len=20
May 3 10:48:19 source racoon: DEBUG: type=1, flag=0x8000, lorv=0x0001
May 3 10:48:19 source racoon: DEBUG: type=2, flag=0x8000, lorv=0x0e10
May 3 10:48:19 source racoon: DEBUG: life duration was in TLV.
May 3 10:48:19 source racoon: DEBUG: type=4, flag=0x8000, lorv=0x0003
May 3 10:48:19 source racoon: DEBUG: UDP encapsulation requested
May 3 10:48:19 source racoon: DEBUG: proposal #6 len=44
May 3 10:48:19 source racoon: DEBUG: begin.
May 3 10:48:19 source racoon: DEBUG: seen nptype=3(trns)
May 3 10:48:19 source racoon: DEBUG: succeed.
May 3 10:48:19 source racoon: DEBUG: transform #1 len=32
May 3 10:48:19 source racoon: DEBUG: type=Key Length, flag=0x8000, lorv=192
May 3 10:48:19 source racoon: DEBUG: type=Authentication Algorithm, flag=0x8000, lorv=hmac-sha
May 3 10:48:19 source racoon: DEBUG: type=Group Description, flag=0x8000, lorv=2
May 3 10:48:19 source racoon: DEBUG: hmac(modp1024)
May 3 10:48:19 source racoon: DEBUG: type=SA Life Type, flag=0x8000, lorv=seconds
May 3 10:48:19 source racoon: DEBUG: type=SA Life Duration, flag=0x8000, lorv=3600
May 3 10:48:19 source racoon: DEBUG: life duration was in TLV.
May 3 10:48:19 source racoon: DEBUG: type=Encryption Mode, flag=0x8000, lorv=UDP-Tunnel
May 3 10:48:19 source racoon: DEBUG: UDP encapsulation requested
May 3 10:48:19 source racoon: DEBUG: proposal #7 len=40
May 3 10:48:19 source racoon: DEBUG: begin.
May 3 10:48:19 source racoon: DEBUG: seen nptype=3(trns)
May 3 10:48:19 source racoon: DEBUG: succeed.
May 3 10:48:19 source racoon: DEBUG: transform #1 len=28
May 3 10:48:19 source racoon: DEBUG: type=Authentication Algorithm, flag=0x8000, lorv=hmac-sha
May 3 10:48:19 source racoon: DEBUG: type=Group Description, flag=0x8000, lorv=2
May 3 10:48:19 source racoon: DEBUG: hmac(modp1024)
May 3 10:48:19 source racoon: DEBUG: type=SA Life Type, flag=0x8000, lorv=seconds
May 3 10:48:19 source racoon: DEBUG: type=SA Life Duration, flag=0x8000, lorv=3600
May 3 10:48:19 source racoon: DEBUG: life duration was in TLV.
May 3 10:48:19 source racoon: DEBUG: type=Encryption Mode, flag=0x8000, lorv=UDP-Tunnel
May 3 10:48:19 source racoon: DEBUG: UDP encapsulation requested
May 3 10:48:19 source racoon: DEBUG: proposal #7 len=30
May 3 10:48:19 source racoon: DEBUG: begin.
May 3 10:48:19 source racoon: DEBUG: seen nptype=3(trns)
May 3 10:48:19 source racoon: DEBUG: succeed.
May 3 10:48:19 source racoon: DEBUG: transform #1 len=20
May 3 10:48:19 source racoon: ERROR: invalid transform-id=4 in IPCOMP.
May 3 10:48:19 source racoon: DEBUG: proposal #8 len=40
May 3 10:48:19 source racoon: DEBUG: begin.
May 3 10:48:19 source racoon: DEBUG: seen nptype=3(trns)
May 3 10:48:19 source racoon: DEBUG: succeed.
May 3 10:48:19 source racoon: DEBUG: transform #1 len=28
May 3 10:48:19 source racoon: DEBUG: type=Authentication Algorithm, flag=0x8000, lorv=hmac-sha
May 3 10:48:19 source racoon: DEBUG: type=Group Description, flag=0x8000, lorv=2
May 3 10:48:19 source racoon: DEBUG: hmac(modp1024)
May 3 10:48:19 source racoon: DEBUG: type=SA Life Type, flag=0x8000, lorv=seconds
May 3 10:48:19 source racoon: DEBUG: type=SA Life Duration, flag=0x8000, lorv=3600
May 3 10:48:19 source racoon: DEBUG: life duration was in TLV.
May 3 10:48:19 source racoon: DEBUG: type=Encryption Mode, flag=0x8000, lorv=UDP-Tunnel
May 3 10:48:19 source racoon: DEBUG: UDP encapsulation requested
May 3 10:48:19 source racoon: DEBUG: proposal #8 len=30
May 3 10:48:19 source racoon: DEBUG: begin.
May 3 10:48:19 source racoon: DEBUG: seen nptype=3(trns)
May 3 10:48:19 source racoon: DEBUG: succeed.
May 3 10:48:19 source racoon: DEBUG: transform #1 len=20
May 3 10:48:19 source racoon: DEBUG: type=1, flag=0x8000, lorv=0x0001
May 3 10:48:19 source racoon: DEBUG: type=2, flag=0x8000, lorv=0x0e10
May 3 10:48:19 source racoon: DEBUG: life duration was in TLV.
May 3 10:48:19 source racoon: DEBUG: type=4, flag=0x8000, lorv=0x0003
May 3 10:48:19 source racoon: DEBUG: UDP encapsulation requested
May 3 10:48:19 source racoon: DEBUG: proposal #9 len=40
May 3 10:48:19 source racoon: DEBUG: begin.
May 3 10:48:19 source racoon: DEBUG: seen nptype=3(trns)
May 3 10:48:19 source racoon: DEBUG: succeed.
May 3 10:48:19 source racoon: DEBUG: transform #1 len=28
May 3 10:48:19 source racoon: DEBUG: type=Authentication Algorithm, flag=0x8000, lorv=hmac-sha
May 3 10:48:19 source racoon: DEBUG: type=Group Description, flag=0x8000, lorv=2
May 3 10:48:19 source racoon: DEBUG: hmac(modp1024)
May 3 10:48:19 source racoon: DEBUG: type=SA Life Type, flag=0x8000, lorv=seconds
May 3 10:48:19 source racoon: DEBUG: type=SA Life Duration, flag=0x8000, lorv=3600
May 3 10:48:19 source racoon: DEBUG: life duration was in TLV.
May 3 10:48:19 source racoon: DEBUG: type=Encryption Mode, flag=0x8000, lorv=UDP-Tunnel
May 3 10:48:19 source racoon: DEBUG: UDP encapsulation requested
May 3 10:48:19 source racoon: DEBUG: proposal #10 len=40
May 3 10:48:19 source racoon: DEBUG: begin.
May 3 10:48:19 source racoon: DEBUG: seen nptype=3(trns)
May 3 10:48:19 source racoon: DEBUG: succeed.
May 3 10:48:19 source racoon: DEBUG: transform #1 len=28
May 3 10:48:19 source racoon: DEBUG: type=Authentication Algorithm, flag=0x8000, lorv=hmac-sha
May 3 10:48:19 source racoon: DEBUG: type=Group Description, flag=0x8000, lorv=2
May 3 10:48:19 source racoon: DEBUG: hmac(modp1024)
May 3 10:48:19 source racoon: DEBUG: type=SA Life Type, flag=0x8000, lorv=seconds
May 3 10:48:19 source racoon: DEBUG: type=SA Life Duration, flag=0x8000, lorv=3600
May 3 10:48:19 source racoon: DEBUG: life duration was in TLV.
May 3 10:48:19 source racoon: DEBUG: type=Encryption Mode, flag=0x8000, lorv=UDP-Tunnel
May 3 10:48:19 source racoon: DEBUG: UDP encapsulation requested
May 3 10:48:19 source racoon: DEBUG: proposal #10 len=30
May 3 10:48:19 source racoon: DEBUG: begin.
May 3 10:48:19 source racoon: DEBUG: seen nptype=3(trns)
May 3 10:48:19 source racoon: DEBUG: succeed.
May 3 10:48:19 source racoon: DEBUG: transform #1 len=20
May 3 10:48:19 source racoon: ERROR: invalid transform-id=4 in IPCOMP.
May 3 10:48:19 source racoon: DEBUG: proposal #11 len=40
May 3 10:48:19 source racoon: DEBUG: begin.
May 3 10:48:19 source racoon: DEBUG: seen nptype=3(trns)
May 3 10:48:19 source racoon: DEBUG: succeed.
May 3 10:48:19 source racoon: DEBUG: transform #1 len=28
May 3 10:48:19 source racoon: DEBUG: type=Authentication Algorithm, flag=0x8000, lorv=hmac-sha
May 3 10:48:19 source racoon: DEBUG: type=Group Description, flag=0x8000, lorv=2
May 3 10:48:19 source racoon: DEBUG: hmac(modp1024)
May 3 10:48:19 source racoon: DEBUG: type=SA Life Type, flag=0x8000, lorv=seconds
May 3 10:48:19 source racoon: DEBUG: type=SA Life Duration, flag=0x8000, lorv=3600
May 3 10:48:19 source racoon: DEBUG: life duration was in TLV.
May 3 10:48:19 source racoon: DEBUG: type=Encryption Mode, flag=0x8000, lorv=UDP-Tunnel
May 3 10:48:19 source racoon: DEBUG: UDP encapsulation requested
May 3 10:48:19 source racoon: DEBUG: proposal #11 len=30
May 3 10:48:19 source racoon: DEBUG: begin.
May 3 10:48:19 source racoon: DEBUG: seen nptype=3(trns)
May 3 10:48:19 source racoon: DEBUG: succeed.
May 3 10:48:19 source racoon: DEBUG: transform #1 len=20
May 3 10:48:19 source racoon: DEBUG: type=1, flag=0x8000, lorv=0x0001
May 3 10:48:19 source racoon: DEBUG: type=2, flag=0x8000, lorv=0x0e10
May 3 10:48:19 source racoon: DEBUG: life duration was in TLV.
May 3 10:48:19 source racoon: DEBUG: type=4, flag=0x8000, lorv=0x0003
May 3 10:48:19 source racoon: DEBUG: UDP encapsulation requested
May 3 10:48:19 source racoon: DEBUG: proposal #12 len=40
May 3 10:48:19 source racoon: DEBUG: begin.
May 3 10:48:19 source racoon: DEBUG: seen nptype=3(trns)
May 3 10:48:19 source racoon: DEBUG: succeed.
May 3 10:48:19 source racoon: DEBUG: transform #1 len=28
May 3 10:48:19 source racoon: DEBUG: type=Authentication Algorithm, flag=0x8000, lorv=hmac-sha
May 3 10:48:19 source racoon: DEBUG: type=Group Description, flag=0x8000, lorv=2
May 3 10:48:19 source racoon: DEBUG: hmac(modp1024)
May 3 10:48:19 source racoon: DEBUG: type=SA Life Type, flag=0x8000, lorv=seconds
May 3 10:48:19 source racoon: DEBUG: type=SA Life Duration, flag=0x8000, lorv=3600
May 3 10:48:19 source racoon: DEBUG: life duration was in TLV.
May 3 10:48:19 source racoon: DEBUG: type=Encryption Mode, flag=0x8000, lorv=UDP-Tunnel
May 3 10:48:19 source racoon: DEBUG: UDP encapsulation requested
May 3 10:48:19 source racoon: DEBUG: proposal #13 len=40
May 3 10:48:19 source racoon: DEBUG: begin.
May 3 10:48:19 source racoon: DEBUG: seen nptype=3(trns)
May 3 10:48:19 source racoon: DEBUG: succeed.
May 3 10:48:19 source racoon: DEBUG: transform #1 len=28
May 3 10:48:19 source racoon: DEBUG: type=Authentication Algorithm, flag=0x8000, lorv=hmac-sha
May 3 10:48:19 source racoon: DEBUG: type=Group Description, flag=0x8000, lorv=2
May 3 10:48:19 source racoon: DEBUG: hmac(modp1024)
May 3 10:48:19 source racoon: DEBUG: type=SA Life Type, flag=0x8000, lorv=seconds
May 3 10:48:19 source racoon: DEBUG: type=SA Life Duration, flag=0x8000, lorv=3600
May 3 10:48:19 source racoon: DEBUG: life duration was in TLV.
May 3 10:48:19 source racoon: DEBUG: type=Encryption Mode, flag=0x8000, lorv=UDP-Tunnel
May 3 10:48:19 source racoon: DEBUG: UDP encapsulation requested
May 3 10:48:19 source racoon: DEBUG: proposal #13 len=30
May 3 10:48:19 source racoon: DEBUG: begin.
May 3 10:48:19 source racoon: DEBUG: seen nptype=3(trns)
May 3 10:48:19 source racoon: DEBUG: succeed.
May 3 10:48:19 source racoon: DEBUG: transform #1 len=20
May 3 10:48:19 source racoon: ERROR: invalid transform-id=4 in IPCOMP.
May 3 10:48:19 source racoon: DEBUG: proposal #14 len=40
May 3 10:48:19 source racoon: DEBUG: begin.
May 3 10:48:19 source racoon: DEBUG: seen nptype=3(trns)
May 3 10:48:19 source racoon: DEBUG: succeed.
May 3 10:48:19 source racoon: DEBUG: transform #1 len=28
May 3 10:48:19 source racoon: DEBUG: type=Authentication Algorithm, flag=0x8000, lorv=hmac-sha
May 3 10:48:19 source racoon: DEBUG: type=Group Description, flag=0x8000, lorv=2
May 3 10:48:19 source racoon: DEBUG: hmac(modp1024)
May 3 10:48:19 source racoon: DEBUG: type=SA Life Type, flag=0x8000, lorv=seconds
May 3 10:48:19 source racoon: DEBUG: type=SA Life Duration, flag=0x8000, lorv=3600
May 3 10:48:19 source racoon: DEBUG: life duration was in TLV.
May 3 10:48:19 source racoon: DEBUG: type=Encryption Mode, flag=0x8000, lorv=UDP-Tunnel
May 3 10:48:19 source racoon: DEBUG: UDP encapsulation requested
May 3 10:48:19 source racoon: DEBUG: proposal #14 len=30
May 3 10:48:19 source racoon: DEBUG: begin.
May 3 10:48:19 source racoon: DEBUG: seen nptype=3(trns)
May 3 10:48:19 source racoon: DEBUG: succeed.
May 3 10:48:19 source racoon: DEBUG: transform #1 len=20
May 3 10:48:19 source racoon: DEBUG: type=1, flag=0x8000, lorv=0x0001
May 3 10:48:19 source racoon: DEBUG: type=2, flag=0x8000, lorv=0x0e10
May 3 10:48:19 source racoon: DEBUG: life duration was in TLV.
May 3 10:48:19 source racoon: DEBUG: type=4, flag=0x8000, lorv=0x0003
May 3 10:48:19 source racoon: DEBUG: UDP encapsulation requested
May 3 10:48:19 source racoon: DEBUG: proposal #15 len=40
May 3 10:48:19 source racoon: DEBUG: begin.
May 3 10:48:19 source racoon: DEBUG: seen nptype=3(trns)
May 3 10:48:19 source racoon: DEBUG: succeed.
May 3 10:48:19 source racoon: DEBUG: transform #1 len=28
May 3 10:48:19 source racoon: DEBUG: type=Authentication Algorithm, flag=0x8000, lorv=hmac-sha
May 3 10:48:19 source racoon: DEBUG: type=Group Description, flag=0x8000, lorv=2
May 3 10:48:19 source racoon: DEBUG: hmac(modp1024)
May 3 10:48:19 source racoon: DEBUG: type=SA Life Type, flag=0x8000, lorv=seconds
May 3 10:48:19 source racoon: DEBUG: type=SA Life Duration, flag=0x8000, lorv=3600
May 3 10:48:19 source racoon: DEBUG: life duration was in TLV.
May 3 10:48:19 source racoon: DEBUG: type=Encryption Mode, flag=0x8000, lorv=UDP-Tunnel
May 3 10:48:19 source racoon: DEBUG: UDP encapsulation requested
May 3 10:48:19 source racoon: DEBUG: proposal #16 len=44
May 3 10:48:19 source racoon: DEBUG: begin.
May 3 10:48:19 source racoon: DEBUG: seen nptype=3(trns)
May 3 10:48:19 source racoon: DEBUG: succeed.
May 3 10:48:19 source racoon: DEBUG: transform #1 len=32
May 3 10:48:19 source racoon: DEBUG: type=Key Length, flag=0x8000, lorv=256
May 3 10:48:19 source racoon: DEBUG: type=Authentication Algorithm, flag=0x8000, lorv=hmac-md5
May 3 10:48:19 source racoon: DEBUG: type=Group Description, flag=0x8000, lorv=2
May 3 10:48:19 source racoon: DEBUG: hmac(modp1024)
May 3 10:48:19 source racoon: DEBUG: type=SA Life Type, flag=0x8000, lorv=seconds
May 3 10:48:19 source racoon: DEBUG: type=SA Life Duration, flag=0x8000, lorv=3600
May 3 10:48:19 source racoon: DEBUG: life duration was in TLV.
May 3 10:48:19 source racoon: DEBUG: type=Encryption Mode, flag=0x8000, lorv=UDP-Tunnel
May 3 10:48:19 source racoon: DEBUG: UDP encapsulation requested
May 3 10:48:19 source racoon: DEBUG: proposal #16 len=30
May 3 10:48:19 source racoon: DEBUG: begin.
May 3 10:48:19 source racoon: DEBUG: seen nptype=3(trns)
May 3 10:48:19 source racoon: DEBUG: succeed.
May 3 10:48:19 source racoon: DEBUG: transform #1 len=20
May 3 10:48:19 source racoon: ERROR: invalid transform-id=4 in IPCOMP.
May 3 10:48:19 source racoon: DEBUG: proposal #17 len=44
May 3 10:48:19 source racoon: DEBUG: begin.
May 3 10:48:19 source racoon: DEBUG: seen nptype=3(trns)
May 3 10:48:19 source racoon: DEBUG: succeed.
May 3 10:48:19 source racoon: DEBUG: transform #1 len=32
May 3 10:48:19 source racoon: DEBUG: type=Key Length, flag=0x8000, lorv=256
May 3 10:48:19 source racoon: DEBUG: type=Authentication Algorithm, flag=0x8000, lorv=hmac-md5
May 3 10:48:19 source racoon: DEBUG: type=Group Description, flag=0x8000, lorv=2
May 3 10:48:19 source racoon: DEBUG: hmac(modp1024)
May 3 10:48:19 source racoon: DEBUG: type=SA Life Type, flag=0x8000, lorv=seconds
May 3 10:48:19 source racoon: DEBUG: type=SA Life Duration, flag=0x8000, lorv=3600
May 3 10:48:19 source racoon: DEBUG: life duration was in TLV.
May 3 10:48:19 source racoon: DEBUG: type=Encryption Mode, flag=0x8000, lorv=UDP-Tunnel
May 3 10:48:19 source racoon: DEBUG: UDP encapsulation requested
May 3 10:48:19 source racoon: DEBUG: proposal #17 len=30
May 3 10:48:19 source racoon: DEBUG: begin.
May 3 10:48:19 source racoon: DEBUG: seen nptype=3(trns)
May 3 10:48:19 source racoon: DEBUG: succeed.
May 3 10:48:19 source racoon: DEBUG: transform #1 len=20
May 3 10:48:19 source racoon: DEBUG: type=1, flag=0x8000, lorv=0x0001
May 3 10:48:19 source racoon: DEBUG: type=2, flag=0x8000, lorv=0x0e10
May 3 10:48:19 source racoon: DEBUG: life duration was in TLV.
May 3 10:48:19 source racoon: DEBUG: type=4, flag=0x8000, lorv=0x0003
May 3 10:48:19 source racoon: DEBUG: UDP encapsulation requested
May 3 10:48:19 source racoon: DEBUG: proposal #18 len=44
May 3 10:48:19 source racoon: DEBUG: begin.
May 3 10:48:19 source racoon: DEBUG: seen nptype=3(trns)
May 3 10:48:19 source racoon: DEBUG: succeed.
May 3 10:48:19 source racoon: DEBUG: transform #1 len=32
May 3 10:48:19 source racoon: DEBUG: type=Key Length, flag=0x8000, lorv=256
May 3 10:48:19 source racoon: DEBUG: type=Authentication Algorithm, flag=0x8000, lorv=hmac-md5
May 3 10:48:19 source racoon: DEBUG: type=Group Description, flag=0x8000, lorv=2
May 3 10:48:19 source racoon: DEBUG: hmac(modp1024)
May 3 10:48:19 source racoon: DEBUG: type=SA Life Type, flag=0x8000, lorv=seconds
May 3 10:48:19 source racoon: DEBUG: type=SA Life Duration, flag=0x8000, lorv=3600
May 3 10:48:19 source racoon: DEBUG: life duration was in TLV.
May 3 10:48:19 source racoon: DEBUG: type=Encryption Mode, flag=0x8000, lorv=UDP-Tunnel
May 3 10:48:19 source racoon: DEBUG: UDP encapsulation requested
May 3 10:48:19 source racoon: DEBUG: proposal #19 len=44
May 3 10:48:19 source racoon: DEBUG: begin.
May 3 10:48:19 source racoon: DEBUG: seen nptype=3(trns)
May 3 10:48:19 source racoon: DEBUG: succeed.
May 3 10:48:19 source racoon: DEBUG: transform #1 len=32
May 3 10:48:19 source racoon: DEBUG: type=Key Length, flag=0x8000, lorv=192
May 3 10:48:19 source racoon: DEBUG: type=Authentication Algorithm, flag=0x8000, lorv=hmac-md5
May 3 10:48:19 source racoon: DEBUG: type=Group Description, flag=0x8000, lorv=2
May 3 10:48:19 source racoon: DEBUG: hmac(modp1024)
May 3 10:48:19 source racoon: DEBUG: type=SA Life Type, flag=0x8000, lorv=seconds
May 3 10:48:19 source racoon: DEBUG: type=SA Life Duration, flag=0x8000, lorv=3600
May 3 10:48:19 source racoon: DEBUG: life duration was in TLV.
May 3 10:48:19 source racoon: DEBUG: type=Encryption Mode, flag=0x8000, lorv=UDP-Tunnel
May 3 10:48:19 source racoon: DEBUG: UDP encapsulation requested
May 3 10:48:19 source racoon: DEBUG: proposal #19 len=30
May 3 10:48:19 source racoon: DEBUG: begin.
May 3 10:48:19 source racoon: DEBUG: seen nptype=3(trns)
May 3 10:48:19 source racoon: DEBUG: succeed.
May 3 10:48:19 source racoon: DEBUG: transform #1 len=20
May 3 10:48:19 source racoon: ERROR: invalid transform-id=4 in IPCOMP.
May 3 10:48:19 source racoon: DEBUG: proposal #20 len=44
May 3 10:48:19 source racoon: DEBUG: begin.
May 3 10:48:19 source racoon: DEBUG: seen nptype=3(trns)
May 3 10:48:19 source racoon: DEBUG: succeed.
May 3 10:48:19 source racoon: DEBUG: transform #1 len=32
May 3 10:48:19 source racoon: DEBUG: type=Key Length, flag=0x8000, lorv=192
May 3 10:48:19 source racoon: DEBUG: type=Authentication Algorithm, flag=0x8000, lorv=hmac-md5
May 3 10:48:19 source racoon: DEBUG: type=Group Description, flag=0x8000, lorv=2
May 3 10:48:19 source racoon: DEBUG: hmac(modp1024)
May 3 10:48:19 source racoon: DEBUG: type=SA Life Type, flag=0x8000, lorv=seconds
May 3 10:48:19 source racoon: DEBUG: type=SA Life Duration, flag=0x8000, lorv=3600
May 3 10:48:19 source racoon: DEBUG: life duration was in TLV.
May 3 10:48:19 source racoon: DEBUG: type=Encryption Mode, flag=0x8000, lorv=UDP-Tunnel
May 3 10:48:19 source racoon: DEBUG: UDP encapsulation requested
May 3 10:48:19 source racoon: DEBUG: proposal #20 len=30
May 3 10:48:19 source racoon: DEBUG: begin.
May 3 10:48:19 source racoon: DEBUG: seen nptype=3(trns)
May 3 10:48:19 source racoon: DEBUG: succeed.
May 3 10:48:19 source racoon: DEBUG: transform #1 len=20
May 3 10:48:19 source racoon: DEBUG: type=1, flag=0x8000, lorv=0x0001
May 3 10:48:19 source racoon: DEBUG: type=2, flag=0x8000, lorv=0x0e10
May 3 10:48:19 source racoon: DEBUG: life duration was in TLV.
May 3 10:48:19 source racoon: DEBUG: type=4, flag=0x8000, lorv=0x0003
May 3 10:48:19 source racoon: DEBUG: UDP encapsulation requested
May 3 10:48:19 source racoon: DEBUG: proposal #21 len=44
May 3 10:48:19 source racoon: DEBUG: begin.
May 3 10:48:19 source racoon: DEBUG: seen nptype=3(trns)
May 3 10:48:19 source racoon: DEBUG: succeed.
May 3 10:48:19 source racoon: DEBUG: transform #1 len=32
May 3 10:48:19 source racoon: DEBUG: type=Key Length, flag=0x8000, lorv=192
May 3 10:48:19 source racoon: DEBUG: type=Authentication Algorithm, flag=0x8000, lorv=hmac-md5
May 3 10:48:19 source racoon: DEBUG: type=Group Description, flag=0x8000, lorv=2
May 3 10:48:19 source racoon: DEBUG: hmac(modp1024)
May 3 10:48:19 source racoon: DEBUG: type=SA Life Type, flag=0x8000, lorv=seconds
May 3 10:48:19 source racoon: DEBUG: type=SA Life Duration, flag=0x8000, lorv=3600
May 3 10:48:19 source racoon: DEBUG: life duration was in TLV.
May 3 10:48:19 source racoon: DEBUG: type=Encryption Mode, flag=0x8000, lorv=UDP-Tunnel
May 3 10:48:19 source racoon: DEBUG: UDP encapsulation requested
May 3 10:48:19 source racoon: DEBUG: proposal #22 len=40
May 3 10:48:19 source racoon: DEBUG: begin.
May 3 10:48:19 source racoon: DEBUG: seen nptype=3(trns)
May 3 10:48:19 source racoon: DEBUG: succeed.
May 3 10:48:19 source racoon: DEBUG: transform #1 len=28
May 3 10:48:19 source racoon: DEBUG: type=Authentication Algorithm, flag=0x8000, lorv=hmac-md5
May 3 10:48:19 source racoon: DEBUG: type=Group Description, flag=0x8000, lorv=2
May 3 10:48:19 source racoon: DEBUG: hmac(modp1024)
May 3 10:48:19 source racoon: DEBUG: type=SA Life Type, flag=0x8000, lorv=seconds
May 3 10:48:19 source racoon: DEBUG: type=SA Life Duration, flag=0x8000, lorv=3600
May 3 10:48:19 source racoon: DEBUG: life duration was in TLV.
May 3 10:48:19 source racoon: DEBUG: type=Encryption Mode, flag=0x8000, lorv=UDP-Tunnel
May 3 10:48:19 source racoon: DEBUG: UDP encapsulation requested
May 3 10:48:19 source racoon: DEBUG: proposal #22 len=30
May 3 10:48:19 source racoon: DEBUG: begin.
May 3 10:48:19 source racoon: DEBUG: seen nptype=3(trns)
May 3 10:48:19 source racoon: DEBUG: succeed.
May 3 10:48:19 source racoon: DEBUG: transform #1 len=20
May 3 10:48:19 source racoon: ERROR: invalid transform-id=4 in IPCOMP.
May 3 10:48:19 source racoon: DEBUG: proposal #23 len=40
May 3 10:48:19 source racoon: DEBUG: begin.
May 3 10:48:19 source racoon: DEBUG: seen nptype=3(trns)
May 3 10:48:19 source racoon: DEBUG: succeed.
May 3 10:48:19 source racoon: DEBUG: transform #1 len=28
May 3 10:48:19 source racoon: DEBUG: type=Authentication Algorithm, flag=0x8000, lorv=hmac-md5
May 3 10:48:19 source racoon: DEBUG: type=Group Description, flag=0x8000, lorv=2
May 3 10:48:19 source racoon: DEBUG: hmac(modp1024)
May 3 10:48:19 source racoon: DEBUG: type=SA Life Type, flag=0x8000, lorv=seconds
May 3 10:48:19 source racoon: DEBUG: type=SA Life Duration, flag=0x8000, lorv=3600
May 3 10:48:19 source racoon: DEBUG: life duration was in TLV.
May 3 10:48:19 source racoon: DEBUG: type=Encryption Mode, flag=0x8000, lorv=UDP-Tunnel
May 3 10:48:19 source racoon: DEBUG: UDP encapsulation requested
May 3 10:48:19 source racoon: DEBUG: proposal #23 len=30
May 3 10:48:19 source racoon: DEBUG: begin.
May 3 10:48:19 source racoon: DEBUG: seen nptype=3(trns)
May 3 10:48:19 source racoon: DEBUG: succeed.
May 3 10:48:19 source racoon: DEBUG: transform #1 len=20
May 3 10:48:19 source racoon: DEBUG: type=1, flag=0x8000, lorv=0x0001
May 3 10:48:19 source racoon: DEBUG: type=2, flag=0x8000, lorv=0x0e10
May 3 10:48:19 source racoon: DEBUG: life duration was in TLV.
May 3 10:48:19 source racoon: DEBUG: type=4, flag=0x8000, lorv=0x0003
May 3 10:48:19 source racoon: DEBUG: UDP encapsulation requested
May 3 10:48:19 source racoon: DEBUG: proposal #24 len=40
May 3 10:48:19 source racoon: DEBUG: begin.
May 3 10:48:19 source racoon: DEBUG: seen nptype=3(trns)
May 3 10:48:19 source racoon: DEBUG: succeed.
May 3 10:48:19 source racoon: DEBUG: transform #1 len=28
May 3 10:48:19 source racoon: DEBUG: type=Authentication Algorithm, flag=0x8000, lorv=hmac-md5
May 3 10:48:19 source racoon: DEBUG: type=Group Description, flag=0x8000, lorv=2
May 3 10:48:19 source racoon: DEBUG: hmac(modp1024)
May 3 10:48:19 source racoon: DEBUG: type=SA Life Type, flag=0x8000, lorv=seconds
May 3 10:48:19 source racoon: DEBUG: type=SA Life Duration, flag=0x8000, lorv=3600
May 3 10:48:19 source racoon: DEBUG: life duration was in TLV.
May 3 10:48:19 source racoon: DEBUG: type=Encryption Mode, flag=0x8000, lorv=UDP-Tunnel
May 3 10:48:19 source racoon: DEBUG: UDP encapsulation requested
May 3 10:48:19 source racoon: DEBUG: proposal #25 len=40
May 3 10:48:19 source racoon: DEBUG: begin.
May 3 10:48:19 source racoon: DEBUG: seen nptype=3(trns)
May 3 10:48:19 source racoon: DEBUG: succeed.
May 3 10:48:19 source racoon: DEBUG: transform #1 len=28
May 3 10:48:19 source racoon: DEBUG: type=Authentication Algorithm, flag=0x8000, lorv=hmac-md5
May 3 10:48:19 source racoon: DEBUG: type=Group Description, flag=0x8000, lorv=2
May 3 10:48:19 source racoon: DEBUG: hmac(modp1024)
May 3 10:48:19 source racoon: DEBUG: type=SA Life Type, flag=0x8000, lorv=seconds
May 3 10:48:19 source racoon: DEBUG: type=SA Life Duration, flag=0x8000, lorv=3600
May 3 10:48:19 source racoon: DEBUG: life duration was in TLV.
May 3 10:48:19 source racoon: DEBUG: type=Encryption Mode, flag=0x8000, lorv=UDP-Tunnel
May 3 10:48:19 source racoon: DEBUG: UDP encapsulation requested
May 3 10:48:19 source racoon: DEBUG: proposal #25 len=30
May 3 10:48:19 source racoon: DEBUG: begin.
May 3 10:48:19 source racoon: DEBUG: seen nptype=3(trns)
May 3 10:48:19 source racoon: DEBUG: succeed.
May 3 10:48:19 source racoon: DEBUG: transform #1 len=20
May 3 10:48:19 source racoon: ERROR: invalid transform-id=4 in IPCOMP.
May 3 10:48:19 source racoon: DEBUG: proposal #26 len=40
May 3 10:48:19 source racoon: DEBUG: begin.
May 3 10:48:19 source racoon: DEBUG: seen nptype=3(trns)
May 3 10:48:19 source racoon: DEBUG: succeed.
May 3 10:48:19 source racoon: DEBUG: transform #1 len=28
May 3 10:48:19 source racoon: DEBUG: type=Authentication Algorithm, flag=0x8000, lorv=hmac-md5
May 3 10:48:19 source racoon: DEBUG: type=Group Description, flag=0x8000, lorv=2
May 3 10:48:19 source racoon: DEBUG: hmac(modp1024)
May 3 10:48:19 source racoon: DEBUG: type=SA Life Type, flag=0x8000, lorv=seconds
May 3 10:48:19 source racoon: DEBUG: type=SA Life Duration, flag=0x8000, lorv=3600
May 3 10:48:19 source racoon: DEBUG: life duration was in TLV.
May 3 10:48:19 source racoon: DEBUG: type=Encryption Mode, flag=0x8000, lorv=UDP-Tunnel
May 3 10:48:19 source racoon: DEBUG: UDP encapsulation requested
May 3 10:48:19 source racoon: DEBUG: proposal #26 len=30
May 3 10:48:19 source racoon: DEBUG: begin.
May 3 10:48:19 source racoon: DEBUG: seen nptype=3(trns)
May 3 10:48:19 source racoon: DEBUG: succeed.
May 3 10:48:19 source racoon: DEBUG: transform #1 len=20
May 3 10:48:19 source racoon: DEBUG: type=1, flag=0x8000, lorv=0x0001
May 3 10:48:19 source racoon: DEBUG: type=2, flag=0x8000, lorv=0x0e10
May 3 10:48:19 source racoon: DEBUG: life duration was in TLV.
May 3 10:48:19 source racoon: DEBUG: type=4, flag=0x8000, lorv=0x0003
May 3 10:48:19 source racoon: DEBUG: UDP encapsulation requested
May 3 10:48:19 source racoon: DEBUG: proposal #27 len=40
May 3 10:48:19 source racoon: DEBUG: begin.
May 3 10:48:19 source racoon: DEBUG: seen nptype=3(trns)
May 3 10:48:19 source racoon: DEBUG: succeed.
May 3 10:48:19 source racoon: DEBUG: transform #1 len=28
May 3 10:48:19 source racoon: DEBUG: type=Authentication Algorithm, flag=0x8000, lorv=hmac-md5
May 3 10:48:19 source racoon: DEBUG: type=Group Description, flag=0x8000, lorv=2
May 3 10:48:19 source racoon: DEBUG: hmac(modp1024)
May 3 10:48:19 source racoon: DEBUG: type=SA Life Type, flag=0x8000, lorv=seconds
May 3 10:48:19 source racoon: DEBUG: type=SA Life Duration, flag=0x8000, lorv=3600
May 3 10:48:19 source racoon: DEBUG: life duration was in TLV.
May 3 10:48:19 source racoon: DEBUG: type=Encryption Mode, flag=0x8000, lorv=UDP-Tunnel
May 3 10:48:19 source racoon: DEBUG: UDP encapsulation requested
May 3 10:48:19 source racoon: DEBUG: proposal #28 len=40
May 3 10:48:19 source racoon: DEBUG: begin.
May 3 10:48:19 source racoon: DEBUG: seen nptype=3(trns)
May 3 10:48:19 source racoon: DEBUG: succeed.
May 3 10:48:19 source racoon: DEBUG: transform #1 len=28
May 3 10:48:19 source racoon: DEBUG: type=Authentication Algorithm, flag=0x8000, lorv=hmac-md5
May 3 10:48:19 source racoon: DEBUG: type=Group Description, flag=0x8000, lorv=2
May 3 10:48:19 source racoon: DEBUG: hmac(modp1024)
May 3 10:48:19 source racoon: DEBUG: type=SA Life Type, flag=0x8000, lorv=seconds
May 3 10:48:19 source racoon: DEBUG: type=SA Life Duration, flag=0x8000, lorv=3600
May 3 10:48:19 source racoon: DEBUG: life duration was in TLV.
May 3 10:48:19 source racoon: DEBUG: type=Encryption Mode, flag=0x8000, lorv=UDP-Tunnel
May 3 10:48:19 source racoon: DEBUG: UDP encapsulation requested
May 3 10:48:19 source racoon: DEBUG: proposal #28 len=30
May 3 10:48:19 source racoon: DEBUG: begin.
May 3 10:48:19 source racoon: DEBUG: seen nptype=3(trns)
May 3 10:48:19 source racoon: DEBUG: succeed.
May 3 10:48:19 source racoon: DEBUG: transform #1 len=20
May 3 10:48:19 source racoon: ERROR: invalid transform-id=4 in IPCOMP.
May 3 10:48:19 source racoon: DEBUG: proposal #29 len=40
May 3 10:48:19 source racoon: DEBUG: begin.
May 3 10:48:19 source racoon: DEBUG: seen nptype=3(trns)
May 3 10:48:19 source racoon: DEBUG: succeed.
May 3 10:48:19 source racoon: DEBUG: transform #1 len=28
May 3 10:48:19 source racoon: DEBUG: type=Authentication Algorithm, flag=0x8000, lorv=hmac-md5
May 3 10:48:19 source racoon: DEBUG: type=Group Description, flag=0x8000, lorv=2
May 3 10:48:19 source racoon: DEBUG: hmac(modp1024)
May 3 10:48:19 source racoon: DEBUG: type=SA Life Type, flag=0x8000, lorv=seconds
May 3 10:48:19 source racoon: DEBUG: type=SA Life Duration, flag=0x8000, lorv=3600
May 3 10:48:19 source racoon: DEBUG: life duration was in TLV.
May 3 10:48:19 source racoon: DEBUG: type=Encryption Mode, flag=0x8000, lorv=UDP-Tunnel
May 3 10:48:19 source racoon: DEBUG: UDP encapsulation requested
May 3 10:48:19 source racoon: DEBUG: proposal #29 len=30
May 3 10:48:19 source racoon: DEBUG: begin.
May 3 10:48:19 source racoon: DEBUG: seen nptype=3(trns)
May 3 10:48:19 source racoon: DEBUG: succeed.
May 3 10:48:19 source racoon: DEBUG: transform #1 len=20
May 3 10:48:19 source racoon: DEBUG: type=1, flag=0x8000, lorv=0x0001
May 3 10:48:19 source racoon: DEBUG: type=2, flag=0x8000, lorv=0x0e10
May 3 10:48:19 source racoon: DEBUG: life duration was in TLV.
May 3 10:48:19 source racoon: DEBUG: type=4, flag=0x8000, lorv=0x0003
May 3 10:48:19 source racoon: DEBUG: UDP encapsulation requested
May 3 10:48:19 source racoon: DEBUG: proposal #30 len=40
May 3 10:48:19 source racoon: DEBUG: begin.
May 3 10:48:19 source racoon: DEBUG: seen nptype=3(trns)
May 3 10:48:19 source racoon: DEBUG: succeed.
May 3 10:48:19 source racoon: DEBUG: transform #1 len=28
May 3 10:48:19 source racoon: DEBUG: type=Authentication Algorithm, flag=0x8000, lorv=hmac-md5
May 3 10:48:19 source racoon: DEBUG: type=Group Description, flag=0x8000, lorv=2
May 3 10:48:19 source racoon: DEBUG: hmac(modp1024)
May 3 10:48:19 source racoon: DEBUG: type=SA Life Type, flag=0x8000, lorv=seconds
May 3 10:48:19 source racoon: DEBUG: type=SA Life Duration, flag=0x8000, lorv=3600
May 3 10:48:19 source racoon: DEBUG: life duration was in TLV.
May 3 10:48:19 source racoon: DEBUG: type=Encryption Mode, flag=0x8000, lorv=UDP-Tunnel
May 3 10:48:19 source racoon: DEBUG: UDP encapsulation requested
May 3 10:48:19 source racoon: DEBUG: pair 1:
May 3 10:48:19 source racoon: DEBUG: 0xd43bf0: next=(nil) tnext=(nil)
May 3 10:48:19 source racoon: DEBUG: proposal #1: 1 transform
May 3 10:48:19 source racoon: DEBUG: pair 2:
May 3 10:48:19 source racoon: DEBUG: 0xd43c40: next=0xd49660 tnext=(nil)
May 3 10:48:19 source racoon: DEBUG: 0xd49660: next=(nil) tnext=(nil)
May 3 10:48:19 source racoon: DEBUG: proposal #2: 2 transform
May 3 10:48:19 source racoon: DEBUG: pair 3:
May 3 10:48:19 source racoon: DEBUG: 0xd49690: next=(nil) tnext=(nil)
May 3 10:48:19 source racoon: DEBUG: proposal #3: 1 transform
May 3 10:48:19 source racoon: DEBUG: pair 4:
May 3 10:48:19 source racoon: DEBUG: 0xd496c0: next=(nil) tnext=(nil)
May 3 10:48:19 source racoon: DEBUG: proposal #4: 1 transform
May 3 10:48:19 source racoon: DEBUG: pair 5:
May 3 10:48:19 source racoon: DEBUG: 0xd496f0: next=0xd43b70 tnext=(nil)
May 3 10:48:19 source racoon: DEBUG: 0xd43b70: next=(nil) tnext=(nil)
May 3 10:48:19 source racoon: DEBUG: proposal #5: 2 transform
May 3 10:48:19 source racoon: DEBUG: pair 6:
May 3 10:48:19 source racoon: DEBUG: 0xd43ba0: next=(nil) tnext=(nil)
May 3 10:48:19 source racoon: DEBUG: proposal #6: 1 transform
May 3 10:48:19 source racoon: DEBUG: pair 7:
May 3 10:48:19 source racoon: DEBUG: 0xd4a9d0: next=(nil) tnext=(nil)
May 3 10:48:19 source racoon: DEBUG: proposal #7: 1 transform
May 3 10:48:19 source racoon: DEBUG: pair 8:
May 3 10:48:19 source racoon: DEBUG: 0xd4aa00: next=0xd4aa30 tnext=(nil)
May 3 10:48:19 source racoon: DEBUG: 0xd4aa30: next=(nil) tnext=(nil)
May 3 10:48:19 source racoon: DEBUG: proposal #8: 2 transform
May 3 10:48:19 source racoon: DEBUG: pair 9:
May 3 10:48:19 source racoon: DEBUG: 0xd4aa60: next=(nil) tnext=(nil)
May 3 10:48:19 source racoon: DEBUG: proposal #9: 1 transform
May 3 10:48:19 source racoon: DEBUG: pair 10:
May 3 10:48:19 source racoon: DEBUG: 0xd4aa90: next=(nil) tnext=(nil)
May 3 10:48:19 source racoon: DEBUG: proposal #10: 1 transform
May 3 10:48:19 source racoon: DEBUG: pair 11:
May 3 10:48:19 source racoon: DEBUG: 0xd4aac0: next=0xd4aaf0 tnext=(nil)
May 3 10:48:19 source racoon: DEBUG: 0xd4aaf0: next=(nil) tnext=(nil)
May 3 10:48:19 source racoon: DEBUG: proposal #11: 2 transform
May 3 10:48:19 source racoon: DEBUG: pair 12:
May 3 10:48:19 source racoon: DEBUG: 0xd4ab20: next=(nil) tnext=(nil)
May 3 10:48:19 source racoon: DEBUG: proposal #12: 1 transform
May 3 10:48:19 source racoon: DEBUG: pair 13:
May 3 10:48:19 source racoon: DEBUG: 0xd4ab50: next=(nil) tnext=(nil)
May 3 10:48:19 source racoon: DEBUG: proposal #13: 1 transform
May 3 10:48:19 source racoon: DEBUG: pair 14:
May 3 10:48:19 source racoon: DEBUG: 0xd4ab80: next=0xd4abb0 tnext=(nil)
May 3 10:48:19 source racoon: DEBUG: 0xd4abb0: next=(nil) tnext=(nil)
May 3 10:48:19 source racoon: DEBUG: proposal #14: 2 transform
May 3 10:48:19 source racoon: DEBUG: pair 15:
May 3 10:48:19 source racoon: DEBUG: 0xd4abe0: next=(nil) tnext=(nil)
May 3 10:48:19 source racoon: DEBUG: proposal #15: 1 transform
May 3 10:48:19 source racoon: DEBUG: pair 16:
May 3 10:48:19 source racoon: DEBUG: 0xd4ac10: next=(nil) tnext=(nil)
May 3 10:48:19 source racoon: DEBUG: proposal #16: 1 transform
May 3 10:48:19 source racoon: DEBUG: pair 17:
May 3 10:48:19 source racoon: DEBUG: 0xd4ac40: next=0xd4ac70 tnext=(nil)
May 3 10:48:19 source racoon: DEBUG: 0xd4ac70: next=(nil) tnext=(nil)
May 3 10:48:19 source racoon: DEBUG: proposal #17: 2 transform
May 3 10:48:19 source racoon: DEBUG: pair 18:
May 3 10:48:19 source racoon: DEBUG: 0xd4aca0: next=(nil) tnext=(nil)
May 3 10:48:19 source racoon: DEBUG: proposal #18: 1 transform
May 3 10:48:19 source racoon: DEBUG: pair 19:
May 3 10:48:19 source racoon: DEBUG: 0xd4acd0: next=(nil) tnext=(nil)
May 3 10:48:19 source racoon: DEBUG: proposal #19: 1 transform
May 3 10:48:19 source racoon: DEBUG: pair 20:
May 3 10:48:19 source racoon: DEBUG: 0xd4ad00: next=0xd4ad30 tnext=(nil)
May 3 10:48:19 source racoon: DEBUG: 0xd4ad30: next=(nil) tnext=(nil)
May 3 10:48:19 source racoon: DEBUG: proposal #20: 2 transform
May 3 10:48:19 source racoon: DEBUG: pair 21:
May 3 10:48:19 source racoon: DEBUG: 0xd4ad60: next=(nil) tnext=(nil)
May 3 10:48:19 source racoon: DEBUG: proposal #21: 1 transform
May 3 10:48:19 source racoon: DEBUG: pair 22:
May 3 10:48:19 source racoon: DEBUG: 0xd4ad90: next=(nil) tnext=(nil)
May 3 10:48:19 source racoon: DEBUG: proposal #22: 1 transform
May 3 10:48:19 source racoon: DEBUG: pair 23:
May 3 10:48:19 source racoon: DEBUG: 0xd4adc0: next=0xd4adf0 tnext=(nil)
May 3 10:48:19 source racoon: DEBUG: 0xd4adf0: next=(nil) tnext=(nil)
May 3 10:48:19 source racoon: DEBUG: proposal #23: 2 transform
May 3 10:48:19 source racoon: DEBUG: pair 24:
May 3 10:48:19 source racoon: DEBUG: 0xd4ae20: next=(nil) tnext=(nil)
May 3 10:48:19 source racoon: DEBUG: proposal #24: 1 transform
May 3 10:48:19 source racoon: DEBUG: pair 25:
May 3 10:48:19 source racoon: DEBUG: 0xd4ae50: next=(nil) tnext=(nil)
May 3 10:48:19 source racoon: DEBUG: proposal #25: 1 transform
May 3 10:48:19 source racoon: DEBUG: pair 26:
May 3 10:48:19 source racoon: DEBUG: 0xd4ae80: next=0xd4aeb0 tnext=(nil)
May 3 10:48:19 source racoon: DEBUG: 0xd4aeb0: next=(nil) tnext=(nil)
May 3 10:48:19 source racoon: DEBUG: proposal #26: 2 transform
May 3 10:48:19 source racoon: DEBUG: pair 27:
May 3 10:48:19 source racoon: DEBUG: 0xd4aee0: next=(nil) tnext=(nil)
May 3 10:48:19 source racoon: DEBUG: proposal #27: 1 transform
May 3 10:48:19 source racoon: DEBUG: pair 28:
May 3 10:48:19 source racoon: DEBUG: 0xd4af10: next=(nil) tnext=(nil)
May 3 10:48:19 source racoon: DEBUG: proposal #28: 1 transform
May 3 10:48:19 source racoon: DEBUG: pair 29:
May 3 10:48:19 source racoon: DEBUG: 0xd4af40: next=0xd4af70 tnext=(nil)
May 3 10:48:19 source racoon: DEBUG: 0xd4af70: next=(nil) tnext=(nil)
May 3 10:48:19 source racoon: DEBUG: proposal #29: 2 transform
May 3 10:48:19 source racoon: DEBUG: pair 30:
May 3 10:48:19 source racoon: DEBUG: 0xd4afa0: next=(nil) tnext=(nil)
May 3 10:48:19 source racoon: DEBUG: proposal #30: 1 transform
May 3 10:48:19 source racoon: DEBUG: prop#=1 prot-id=ESP spi-size=4 #trns=1 trns#=1 trns-id=AES
May 3 10:48:19 source racoon: DEBUG: type=Key Length, flag=0x8000, lorv=256
May 3 10:48:19 source racoon: DEBUG: type=Authentication Algorithm, flag=0x8000, lorv=hmac-sha
May 3 10:48:19 source racoon: DEBUG: type=Group Description, flag=0x8000, lorv=2
May 3 10:48:19 source racoon: DEBUG: type=SA Life Type, flag=0x8000, lorv=seconds
May 3 10:48:19 source racoon: DEBUG: type=SA Life Duration, flag=0x8000, lorv=3600
May 3 10:48:19 source racoon: DEBUG: type=Encryption Mode, flag=0x8000, lorv=UDP-Tunnel
May 3 10:48:19 source racoon: DEBUG: anonymous configuration selected for 217.123.234.12.
May 3 10:48:19 source racoon: DEBUG: prop#=2 prot-id=ESP spi-size=4 #trns=1 trns#=1 trns-id=AES
May 3 10:48:19 source racoon: DEBUG: type=Key Length, flag=0x8000, lorv=256
May 3 10:48:19 source racoon: DEBUG: type=Authentication Algorithm, flag=0x8000, lorv=hmac-sha
May 3 10:48:19 source racoon: DEBUG: type=Group Description, flag=0x8000, lorv=2
May 3 10:48:19 source racoon: DEBUG: type=SA Life Type, flag=0x8000, lorv=seconds
May 3 10:48:19 source racoon: DEBUG: type=SA Life Duration, flag=0x8000, lorv=3600
May 3 10:48:19 source racoon: DEBUG: type=Encryption Mode, flag=0x8000, lorv=UDP-Tunnel
May 3 10:48:19 source racoon: DEBUG: prop#=2 prot-id=IPCOMP spi-size=2 #trns=1 trns#=1 trns-id=DEFLATE
May 3 10:48:19 source racoon: DEBUG: type=SA Life Type, flag=0x8000, lorv=seconds
May 3 10:48:19 source racoon: DEBUG: type=SA Life Duration, flag=0x8000, lorv=3600
May 3 10:48:19 source racoon: DEBUG: type=Encryption Mode, flag=0x8000, lorv=UDP-Tunnel
May 3 10:48:19 source racoon: DEBUG: anonymous configuration selected for 217.123.234.12.
May 3 10:48:19 source racoon: DEBUG: anonymous configuration selected for 217.123.234.12.
May 3 10:48:19 source racoon: DEBUG: prop#=3 prot-id=ESP spi-size=4 #trns=1 trns#=1 trns-id=AES
May 3 10:48:19 source racoon: DEBUG: type=Key Length, flag=0x8000, lorv=256
May 3 10:48:19 source racoon: DEBUG: type=Authentication Algorithm, flag=0x8000, lorv=hmac-sha
May 3 10:48:19 source racoon: DEBUG: type=Group Description, flag=0x8000, lorv=2
May 3 10:48:19 source racoon: DEBUG: type=SA Life Type, flag=0x8000, lorv=seconds
May 3 10:48:19 source racoon: DEBUG: type=SA Life Duration, flag=0x8000, lorv=3600
May 3 10:48:19 source racoon: DEBUG: type=Encryption Mode, flag=0x8000, lorv=UDP-Tunnel
May 3 10:48:19 source racoon: DEBUG: anonymous configuration selected for 217.123.234.12.
May 3 10:48:19 source racoon: DEBUG: prop#=4 prot-id=ESP spi-size=4 #trns=1 trns#=1 trns-id=AES
May 3 10:48:19 source racoon: DEBUG: type=Key Length, flag=0x8000, lorv=192
May 3 10:48:19 source racoon: DEBUG: type=Authentication Algorithm, flag=0x8000, lorv=hmac-sha
May 3 10:48:19 source racoon: DEBUG: type=Group Description, flag=0x8000, lorv=2
May 3 10:48:19 source racoon: DEBUG: type=SA Life Type, flag=0x8000, lorv=seconds
May 3 10:48:19 source racoon: DEBUG: type=SA Life Duration, flag=0x8000, lorv=3600
May 3 10:48:19 source racoon: DEBUG: type=Encryption Mode, flag=0x8000, lorv=UDP-Tunnel
May 3 10:48:19 source racoon: DEBUG: anonymous configuration selected for 217.123.234.12.
May 3 10:48:19 source racoon: DEBUG: prop#=5 prot-id=ESP spi-size=4 #trns=1 trns#=1 trns-id=AES
May 3 10:48:19 source racoon: DEBUG: type=Key Length, flag=0x8000, lorv=192
May 3 10:48:19 source racoon: DEBUG: type=Authentication Algorithm, flag=0x8000, lorv=hmac-sha
May 3 10:48:19 source racoon: DEBUG: type=Group Description, flag=0x8000, lorv=2
May 3 10:48:19 source racoon: DEBUG: type=SA Life Type, flag=0x8000, lorv=seconds
May 3 10:48:19 source racoon: DEBUG: type=SA Life Duration, flag=0x8000, lorv=3600
May 3 10:48:19 source racoon: DEBUG: type=Encryption Mode, flag=0x8000, lorv=UDP-Tunnel
May 3 10:48:19 source racoon: DEBUG: prop#=5 prot-id=IPCOMP spi-size=2 #trns=1 trns#=1 trns-id=DEFLATE
May 3 10:48:19 source racoon: DEBUG: type=SA Life Type, flag=0x8000, lorv=seconds
May 3 10:48:19 source racoon: DEBUG: type=SA Life Duration, flag=0x8000, lorv=3600
May 3 10:48:19 source racoon: DEBUG: type=Encryption Mode, flag=0x8000, lorv=UDP-Tunnel
May 3 10:48:19 source racoon: DEBUG: anonymous configuration selected for 217.123.234.12.
May 3 10:48:19 source racoon: DEBUG: anonymous configuration selected for 217.123.234.12.
May 3 10:48:19 source racoon: DEBUG: prop#=6 prot-id=ESP spi-size=4 #trns=1 trns#=1 trns-id=AES
May 3 10:48:19 source racoon: DEBUG: type=Key Length, flag=0x8000, lorv=192
May 3 10:48:19 source racoon: DEBUG: type=Authentication Algorithm, flag=0x8000, lorv=hmac-sha
May 3 10:48:19 source racoon: DEBUG: type=Group Description, flag=0x8000, lorv=2
May 3 10:48:19 source racoon: DEBUG: type=SA Life Type, flag=0x8000, lorv=seconds
May 3 10:48:19 source racoon: DEBUG: type=SA Life Duration, flag=0x8000, lorv=3600
May 3 10:48:19 source racoon: DEBUG: type=Encryption Mode, flag=0x8000, lorv=UDP-Tunnel
May 3 10:48:19 source racoon: DEBUG: anonymous configuration selected for 217.123.234.12.
May 3 10:48:19 source racoon: DEBUG: prop#=7 prot-id=ESP spi-size=4 #trns=1 trns#=1 trns-id=AES
May 3 10:48:19 source racoon: DEBUG: type=Authentication Algorithm, flag=0x8000, lorv=hmac-sha
May 3 10:48:19 source racoon: DEBUG: type=Group Description, flag=0x8000, lorv=2
May 3 10:48:19 source racoon: DEBUG: type=SA Life Type, flag=0x8000, lorv=seconds
May 3 10:48:19 source racoon: DEBUG: type=SA Life Duration, flag=0x8000, lorv=3600
May 3 10:48:19 source racoon: DEBUG: type=Encryption Mode, flag=0x8000, lorv=UDP-Tunnel
May 3 10:48:19 source racoon: DEBUG: anonymous configuration selected for 217.123.234.12.
May 3 10:48:19 source racoon: DEBUG: prop#=8 prot-id=ESP spi-size=4 #trns=1 trns#=1 trns-id=AES
May 3 10:48:19 source racoon: DEBUG: type=Authentication Algorithm, flag=0x8000, lorv=hmac-sha
May 3 10:48:19 source racoon: DEBUG: type=Group Description, flag=0x8000, lorv=2
May 3 10:48:19 source racoon: DEBUG: type=SA Life Type, flag=0x8000, lorv=seconds
May 3 10:48:19 source racoon: DEBUG: type=SA Life Duration, flag=0x8000, lorv=3600
May 3 10:48:19 source racoon: DEBUG: type=Encryption Mode, flag=0x8000, lorv=UDP-Tunnel
May 3 10:48:19 source racoon: DEBUG: prop#=8 prot-id=IPCOMP spi-size=2 #trns=1 trns#=1 trns-id=DEFLATE
May 3 10:48:19 source racoon: DEBUG: type=SA Life Type, flag=0x8000, lorv=seconds
May 3 10:48:19 source racoon: DEBUG: type=SA Life Duration, flag=0x8000, lorv=3600
May 3 10:48:19 source racoon: DEBUG: type=Encryption Mode, flag=0x8000, lorv=UDP-Tunnel
May 3 10:48:19 source racoon: DEBUG: anonymous configuration selected for 217.123.234.12.
May 3 10:48:19 source racoon: DEBUG: anonymous configuration selected for 217.123.234.12.
May 3 10:48:19 source racoon: DEBUG: prop#=9 prot-id=ESP spi-size=4 #trns=1 trns#=1 trns-id=AES
May 3 10:48:19 source racoon: DEBUG: type=Authentication Algorithm, flag=0x8000, lorv=hmac-sha
May 3 10:48:19 source racoon: DEBUG: type=Group Description, flag=0x8000, lorv=2
May 3 10:48:19 source racoon: DEBUG: type=SA Life Type, flag=0x8000, lorv=seconds
May 3 10:48:19 source racoon: DEBUG: type=SA Life Duration, flag=0x8000, lorv=3600
May 3 10:48:19 source racoon: DEBUG: type=Encryption Mode, flag=0x8000, lorv=UDP-Tunnel
May 3 10:48:19 source racoon: DEBUG: anonymous configuration selected for 217.123.234.12.
May 3 10:48:19 source racoon: DEBUG: prop#=10 prot-id=ESP spi-size=4 #trns=1 trns#=1 trns-id=3DES
May 3 10:48:19 source racoon: DEBUG: type=Authentication Algorithm, flag=0x8000, lorv=hmac-sha
May 3 10:48:19 source racoon: DEBUG: type=Group Description, flag=0x8000, lorv=2
May 3 10:48:19 source racoon: DEBUG: type=SA Life Type, flag=0x8000, lorv=seconds
May 3 10:48:19 source racoon: DEBUG: type=SA Life Duration, flag=0x8000, lorv=3600
May 3 10:48:19 source racoon: DEBUG: type=Encryption Mode, flag=0x8000, lorv=UDP-Tunnel
May 3 10:48:19 source racoon: DEBUG: anonymous configuration selected for 217.123.234.12.
May 3 10:48:19 source racoon: DEBUG: prop#=11 prot-id=ESP spi-size=4 #trns=1 trns#=1 trns-id=3DES
May 3 10:48:19 source racoon: DEBUG: type=Authentication Algorithm, flag=0x8000, lorv=hmac-sha
May 3 10:48:19 source racoon: DEBUG: type=Group Description, flag=0x8000, lorv=2
May 3 10:48:19 source racoon: DEBUG: type=SA Life Type, flag=0x8000, lorv=seconds
May 3 10:48:19 source racoon: DEBUG: type=SA Life Duration, flag=0x8000, lorv=3600
May 3 10:48:19 source racoon: DEBUG: type=Encryption Mode, flag=0x8000, lorv=UDP-Tunnel
May 3 10:48:19 source racoon: DEBUG: prop#=11 prot-id=IPCOMP spi-size=2 #trns=1 trns#=1 trns-id=DEFLATE
May 3 10:48:19 source racoon: DEBUG: type=SA Life Type, flag=0x8000, lorv=seconds
May 3 10:48:19 source racoon: DEBUG: type=SA Life Duration, flag=0x8000, lorv=3600
May 3 10:48:19 source racoon: DEBUG: type=Encryption Mode, flag=0x8000, lorv=UDP-Tunnel
May 3 10:48:19 source racoon: DEBUG: anonymous configuration selected for 217.123.234.12.
May 3 10:48:19 source racoon: DEBUG: anonymous configuration selected for 217.123.234.12.
May 3 10:48:19 source racoon: DEBUG: prop#=12 prot-id=ESP spi-size=4 #trns=1 trns#=1 trns-id=3DES
May 3 10:48:19 source racoon: DEBUG: type=Authentication Algorithm, flag=0x8000, lorv=hmac-sha
May 3 10:48:19 source racoon: DEBUG: type=Group Description, flag=0x8000, lorv=2
May 3 10:48:19 source racoon: DEBUG: type=SA Life Type, flag=0x8000, lorv=seconds
May 3 10:48:19 source racoon: DEBUG: type=SA Life Duration, flag=0x8000, lorv=3600
May 3 10:48:19 source racoon: DEBUG: type=Encryption Mode, flag=0x8000, lorv=UDP-Tunnel
May 3 10:48:19 source racoon: DEBUG: anonymous configuration selected for 217.123.234.12.
May 3 10:48:19 source racoon: DEBUG: prop#=13 prot-id=ESP spi-size=4 #trns=1 trns#=1 trns-id=DES
May 3 10:48:19 source racoon: DEBUG: type=Authentication Algorithm, flag=0x8000, lorv=hmac-sha
May 3 10:48:19 source racoon: DEBUG: type=Group Description, flag=0x8000, lorv=2
May 3 10:48:19 source racoon: DEBUG: type=SA Life Type, flag=0x8000, lorv=seconds
May 3 10:48:19 source racoon: DEBUG: type=SA Life Duration, flag=0x8000, lorv=3600
May 3 10:48:19 source racoon: DEBUG: type=Encryption Mode, flag=0x8000, lorv=UDP-Tunnel
May 3 10:48:19 source racoon: DEBUG: anonymous configuration selected for 217.123.234.12.
May 3 10:48:19 source racoon: DEBUG: prop#=14 prot-id=ESP spi-size=4 #trns=1 trns#=1 trns-id=DES
May 3 10:48:19 source racoon: DEBUG: type=Authentication Algorithm, flag=0x8000, lorv=hmac-sha
May 3 10:48:19 source racoon: DEBUG: type=Group Description, flag=0x8000, lorv=2
May 3 10:48:19 source racoon: DEBUG: type=SA Life Type, flag=0x8000, lorv=seconds
May 3 10:48:19 source racoon: DEBUG: type=SA Life Duration, flag=0x8000, lorv=3600
May 3 10:48:19 source racoon: DEBUG: type=Encryption Mode, flag=0x8000, lorv=UDP-Tunnel
May 3 10:48:19 source racoon: DEBUG: prop#=14 prot-id=IPCOMP spi-size=2 #trns=1 trns#=1 trns-id=DEFLATE
May 3 10:48:19 source racoon: DEBUG: type=SA Life Type, flag=0x8000, lorv=seconds
May 3 10:48:19 source racoon: DEBUG: type=SA Life Duration, flag=0x8000, lorv=3600
May 3 10:48:19 source racoon: DEBUG: type=Encryption Mode, flag=0x8000, lorv=UDP-Tunnel
May 3 10:48:19 source racoon: DEBUG: anonymous configuration selected for 217.123.234.12.
May 3 10:48:19 source racoon: DEBUG: anonymous configuration selected for 217.123.234.12.
May 3 10:48:19 source racoon: DEBUG: prop#=15 prot-id=ESP spi-size=4 #trns=1 trns#=1 trns-id=DES
May 3 10:48:19 source racoon: DEBUG: type=Authentication Algorithm, flag=0x8000, lorv=hmac-sha
May 3 10:48:19 source racoon: DEBUG: type=Group Description, flag=0x8000, lorv=2
May 3 10:48:19 source racoon: DEBUG: type=SA Life Type, flag=0x8000, lorv=seconds
May 3 10:48:19 source racoon: DEBUG: type=SA Life Duration, flag=0x8000, lorv=3600
May 3 10:48:19 source racoon: DEBUG: type=Encryption Mode, flag=0x8000, lorv=UDP-Tunnel
May 3 10:48:19 source racoon: DEBUG: anonymous configuration selected for 217.123.234.12.
May 3 10:48:19 source racoon: DEBUG: prop#=16 prot-id=ESP spi-size=4 #trns=1 trns#=1 trns-id=AES
May 3 10:48:19 source racoon: DEBUG: type=Key Length, flag=0x8000, lorv=256
May 3 10:48:19 source racoon: DEBUG: type=Authentication Algorithm, flag=0x8000, lorv=hmac-md5
May 3 10:48:19 source racoon: DEBUG: type=Group Description, flag=0x8000, lorv=2
May 3 10:48:19 source racoon: DEBUG: type=SA Life Type, flag=0x8000, lorv=seconds
May 3 10:48:19 source racoon: DEBUG: type=SA Life Duration, flag=0x8000, lorv=3600
May 3 10:48:19 source racoon: DEBUG: type=Encryption Mode, flag=0x8000, lorv=UDP-Tunnel
May 3 10:48:19 source racoon: DEBUG: anonymous configuration selected for 217.123.234.12.
May 3 10:48:19 source racoon: DEBUG: prop#=17 prot-id=ESP spi-size=4 #trns=1 trns#=1 trns-id=AES
May 3 10:48:19 source racoon: DEBUG: type=Key Length, flag=0x8000, lorv=256
May 3 10:48:19 source racoon: DEBUG: type=Authentication Algorithm, flag=0x8000, lorv=hmac-md5
May 3 10:48:19 source racoon: DEBUG: type=Group Description, flag=0x8000, lorv=2
May 3 10:48:19 source racoon: DEBUG: type=SA Life Type, flag=0x8000, lorv=seconds
May 3 10:48:19 source racoon: DEBUG: type=SA Life Duration, flag=0x8000, lorv=3600
May 3 10:48:19 source racoon: DEBUG: type=Encryption Mode, flag=0x8000, lorv=UDP-Tunnel
May 3 10:48:19 source racoon: DEBUG: prop#=17 prot-id=IPCOMP spi-size=2 #trns=1 trns#=1 trns-id=DEFLATE
May 3 10:48:19 source racoon: DEBUG: type=SA Life Type, flag=0x8000, lorv=seconds
May 3 10:48:19 source racoon: DEBUG: type=SA Life Duration, flag=0x8000, lorv=3600
May 3 10:48:19 source racoon: DEBUG: type=Encryption Mode, flag=0x8000, lorv=UDP-Tunnel
May 3 10:48:19 source racoon: DEBUG: anonymous configuration selected for 217.123.234.12.
May 3 10:48:19 source racoon: DEBUG: anonymous configuration selected for 217.123.234.12.
May 3 10:48:19 source racoon: DEBUG: prop#=18 prot-id=ESP spi-size=4 #trns=1 trns#=1 trns-id=AES
May 3 10:48:19 source racoon: DEBUG: type=Key Length, flag=0x8000, lorv=256
May 3 10:48:19 source racoon: DEBUG: type=Authentication Algorithm, flag=0x8000, lorv=hmac-md5
May 3 10:48:19 source racoon: DEBUG: type=Group Description, flag=0x8000, lorv=2
May 3 10:48:19 source racoon: DEBUG: type=SA Life Type, flag=0x8000, lorv=seconds
May 3 10:48:19 source racoon: DEBUG: type=SA Life Duration, flag=0x8000, lorv=3600
May 3 10:48:19 source racoon: DEBUG: type=Encryption Mode, flag=0x8000, lorv=UDP-Tunnel
May 3 10:48:19 source racoon: DEBUG: anonymous configuration selected for 217.123.234.12.
May 3 10:48:19 source racoon: DEBUG: prop#=19 prot-id=ESP spi-size=4 #trns=1 trns#=1 trns-id=AES
May 3 10:48:19 source racoon: DEBUG: type=Key Length, flag=0x8000, lorv=192
May 3 10:48:19 source racoon: DEBUG: type=Authentication Algorithm, flag=0x8000, lorv=hmac-md5
May 3 10:48:19 source racoon: DEBUG: type=Group Description, flag=0x8000, lorv=2
May 3 10:48:19 source racoon: DEBUG: type=SA Life Type, flag=0x8000, lorv=seconds
May 3 10:48:19 source racoon: DEBUG: type=SA Life Duration, flag=0x8000, lorv=3600
May 3 10:48:19 source racoon: DEBUG: type=Encryption Mode, flag=0x8000, lorv=UDP-Tunnel
May 3 10:48:19 source racoon: DEBUG: anonymous configuration selected for 217.123.234.12.
May 3 10:48:19 source racoon: DEBUG: prop#=20 prot-id=ESP spi-size=4 #trns=1 trns#=1 trns-id=AES
May 3 10:48:19 source racoon: DEBUG: type=Key Length, flag=0x8000, lorv=192
May 3 10:48:19 source racoon: DEBUG: type=Authentication Algorithm, flag=0x8000, lorv=hmac-md5
May 3 10:48:19 source racoon: DEBUG: type=Group Description, flag=0x8000, lorv=2
May 3 10:48:19 source racoon: DEBUG: type=SA Life Type, flag=0x8000, lorv=seconds
May 3 10:48:19 source racoon: DEBUG: type=SA Life Duration, flag=0x8000, lorv=3600
May 3 10:48:19 source racoon: DEBUG: type=Encryption Mode, flag=0x8000, lorv=UDP-Tunnel
May 3 10:48:19 source racoon: DEBUG: prop#=20 prot-id=IPCOMP spi-size=2 #trns=1 trns#=1 trns-id=DEFLATE
May 3 10:48:19 source racoon: DEBUG: type=SA Life Type, flag=0x8000, lorv=seconds
May 3 10:48:19 source racoon: DEBUG: type=SA Life Duration, flag=0x8000, lorv=3600
May 3 10:48:19 source racoon: DEBUG: type=Encryption Mode, flag=0x8000, lorv=UDP-Tunnel
May 3 10:48:19 source racoon: DEBUG: anonymous configuration selected for 217.123.234.12.
May 3 10:48:19 source racoon: DEBUG: anonymous configuration selected for 217.123.234.12.
May 3 10:48:19 source racoon: DEBUG: prop#=21 prot-id=ESP spi-size=4 #trns=1 trns#=1 trns-id=AES
May 3 10:48:19 source racoon: DEBUG: type=Key Length, flag=0x8000, lorv=192
May 3 10:48:19 source racoon: DEBUG: type=Authentication Algorithm, flag=0x8000, lorv=hmac-md5
May 3 10:48:19 source racoon: DEBUG: type=Group Description, flag=0x8000, lorv=2
May 3 10:48:19 source racoon: DEBUG: type=SA Life Type, flag=0x8000, lorv=seconds
May 3 10:48:19 source racoon: DEBUG: type=SA Life Duration, flag=0x8000, lorv=3600
May 3 10:48:19 source racoon: DEBUG: type=Encryption Mode, flag=0x8000, lorv=UDP-Tunnel
May 3 10:48:19 source racoon: DEBUG: anonymous configuration selected for 217.123.234.12.
May 3 10:48:19 source racoon: DEBUG: prop#=22 prot-id=ESP spi-size=4 #trns=1 trns#=1 trns-id=AES
May 3 10:48:19 source racoon: DEBUG: type=Authentication Algorithm, flag=0x8000, lorv=hmac-md5
May 3 10:48:19 source racoon: DEBUG: type=Group Description, flag=0x8000, lorv=2
May 3 10:48:19 source racoon: DEBUG: type=SA Life Type, flag=0x8000, lorv=seconds
May 3 10:48:19 source racoon: DEBUG: type=SA Life Duration, flag=0x8000, lorv=3600
May 3 10:48:19 source racoon: DEBUG: type=Encryption Mode, flag=0x8000, lorv=UDP-Tunnel
May 3 10:48:19 source racoon: DEBUG: anonymous configuration selected for 217.123.234.12.
May 3 10:48:19 source racoon: DEBUG: prop#=23 prot-id=ESP spi-size=4 #trns=1 trns#=1 trns-id=AES
May 3 10:48:19 source racoon: DEBUG: type=Authentication Algorithm, flag=0x8000, lorv=hmac-md5
May 3 10:48:19 source racoon: DEBUG: type=Group Description, flag=0x8000, lorv=2
May 3 10:48:19 source racoon: DEBUG: type=SA Life Type, flag=0x8000, lorv=seconds
May 3 10:48:19 source racoon: DEBUG: type=SA Life Duration, flag=0x8000, lorv=3600
May 3 10:48:19 source racoon: DEBUG: type=Encryption Mode, flag=0x8000, lorv=UDP-Tunnel
May 3 10:48:19 source racoon: DEBUG: prop#=23 prot-id=IPCOMP spi-size=2 #trns=1 trns#=1 trns-id=DEFLATE
May 3 10:48:19 source racoon: DEBUG: type=SA Life Type, flag=0x8000, lorv=seconds
May 3 10:48:19 source racoon: DEBUG: type=SA Life Duration, flag=0x8000, lorv=3600
May 3 10:48:19 source racoon: DEBUG: type=Encryption Mode, flag=0x8000, lorv=UDP-Tunnel
May 3 10:48:19 source racoon: DEBUG: anonymous configuration selected for 217.123.234.12.
May 3 10:48:19 source racoon: DEBUG: anonymous configuration selected for 217.123.234.12.
May 3 10:48:19 source racoon: DEBUG: prop#=24 prot-id=ESP spi-size=4 #trns=1 trns#=1 trns-id=AES
May 3 10:48:19 source racoon: DEBUG: type=Authentication Algorithm, flag=0x8000, lorv=hmac-md5
May 3 10:48:19 source racoon: DEBUG: type=Group Description, flag=0x8000, lorv=2
May 3 10:48:19 source racoon: DEBUG: type=SA Life Type, flag=0x8000, lorv=seconds
May 3 10:48:19 source racoon: DEBUG: type=SA Life Duration, flag=0x8000, lorv=3600
May 3 10:48:19 source racoon: DEBUG: type=Encryption Mode, flag=0x8000, lorv=UDP-Tunnel
May 3 10:48:19 source racoon: DEBUG: anonymous configuration selected for 217.123.234.12.
May 3 10:48:19 source racoon: DEBUG: prop#=25 prot-id=ESP spi-size=4 #trns=1 trns#=1 trns-id=3DES
May 3 10:48:19 source racoon: DEBUG: type=Authentication Algorithm, flag=0x8000, lorv=hmac-md5
May 3 10:48:19 source racoon: DEBUG: type=Group Description, flag=0x8000, lorv=2
May 3 10:48:19 source racoon: DEBUG: type=SA Life Type, flag=0x8000, lorv=seconds
May 3 10:48:19 source racoon: DEBUG: type=SA Life Duration, flag=0x8000, lorv=3600
May 3 10:48:19 source racoon: DEBUG: type=Encryption Mode, flag=0x8000, lorv=UDP-Tunnel
May 3 10:48:19 source racoon: DEBUG: anonymous configuration selected for 217.123.234.12.
May 3 10:48:19 source racoon: DEBUG: prop#=26 prot-id=ESP spi-size=4 #trns=1 trns#=1 trns-id=3DES
May 3 10:48:19 source racoon: DEBUG: type=Authentication Algorithm, flag=0x8000, lorv=hmac-md5
May 3 10:48:19 source racoon: DEBUG: type=Group Description, flag=0x8000, lorv=2
May 3 10:48:19 source racoon: DEBUG: type=SA Life Type, flag=0x8000, lorv=seconds
May 3 10:48:19 source racoon: DEBUG: type=SA Life Duration, flag=0x8000, lorv=3600
May 3 10:48:19 source racoon: DEBUG: type=Encryption Mode, flag=0x8000, lorv=UDP-Tunnel
May 3 10:48:19 source racoon: DEBUG: prop#=26 prot-id=IPCOMP spi-size=2 #trns=1 trns#=1 trns-id=DEFLATE
May 3 10:48:19 source racoon: DEBUG: type=SA Life Type, flag=0x8000, lorv=seconds
May 3 10:48:19 source racoon: DEBUG: type=SA Life Duration, flag=0x8000, lorv=3600
May 3 10:48:19 source racoon: DEBUG: type=Encryption Mode, flag=0x8000, lorv=UDP-Tunnel
May 3 10:48:19 source racoon: DEBUG: anonymous configuration selected for 217.123.234.12.
May 3 10:48:19 source racoon: DEBUG: anonymous configuration selected for 217.123.234.12.
May 3 10:48:19 source racoon: DEBUG: prop#=27 prot-id=ESP spi-size=4 #trns=1 trns#=1 trns-id=3DES
May 3 10:48:19 source racoon: DEBUG: type=Authentication Algorithm, flag=0x8000, lorv=hmac-md5
May 3 10:48:19 source racoon: DEBUG: type=Group Description, flag=0x8000, lorv=2
May 3 10:48:19 source racoon: DEBUG: type=SA Life Type, flag=0x8000, lorv=seconds
May 3 10:48:19 source racoon: DEBUG: type=SA Life Duration, flag=0x8000, lorv=3600
May 3 10:48:19 source racoon: DEBUG: type=Encryption Mode, flag=0x8000, lorv=UDP-Tunnel
May 3 10:48:19 source racoon: DEBUG: anonymous configuration selected for 217.123.234.12.
[COLOR="#FF0000"]May 3 10:48:19 source racoon: DEBUG: prop#=28 prot-id=ESP spi-size=4 #trns=1 trns#=1 trns-id=DES <== schlechter kann man bei IPSec nach Standard eigentlich nicht verschlüsseln[/COLOR]
May 3 10:48:19 source racoon: DEBUG: type=Authentication Algorithm, flag=0x8000, lorv=hmac-md5
May 3 10:48:19 source racoon: DEBUG: type=Group Description, flag=0x8000, lorv=2
May 3 10:48:19 source racoon: DEBUG: type=SA Life Type, flag=0x8000, lorv=seconds
May 3 10:48:19 source racoon: DEBUG: type=SA Life Duration, flag=0x8000, lorv=3600
May 3 10:48:19 source racoon: DEBUG: type=Encryption Mode, flag=0x8000, lorv=UDP-Tunnel
May 3 10:48:19 source racoon: DEBUG: anonymous configuration selected for 217.123.234.12.
May 3 10:48:19 source racoon: DEBUG: prop#=29 prot-id=ESP spi-size=4 #trns=1 trns#=1 trns-id=DES
May 3 10:48:19 source racoon: DEBUG: type=Authentication Algorithm, flag=0x8000, lorv=hmac-md5
May 3 10:48:19 source racoon: DEBUG: type=Group Description, flag=0x8000, lorv=2
May 3 10:48:19 source racoon: DEBUG: type=SA Life Type, flag=0x8000, lorv=seconds
May 3 10:48:19 source racoon: DEBUG: type=SA Life Duration, flag=0x8000, lorv=3600
May 3 10:48:19 source racoon: DEBUG: type=Encryption Mode, flag=0x8000, lorv=UDP-Tunnel
May 3 10:48:19 source racoon: DEBUG: prop#=29 prot-id=IPCOMP spi-size=2 #trns=1 trns#=1 trns-id=DEFLATE
May 3 10:48:19 source racoon: DEBUG: type=SA Life Type, flag=0x8000, lorv=seconds
May 3 10:48:19 source racoon: DEBUG: type=SA Life Duration, flag=0x8000, lorv=3600
May 3 10:48:19 source racoon: DEBUG: type=Encryption Mode, flag=0x8000, lorv=UDP-Tunnel
May 3 10:48:19 source racoon: DEBUG: anonymous configuration selected for 217.123.234.12.
May 3 10:48:19 source racoon: DEBUG: anonymous configuration selected for 217.123.234.12.
May 3 10:48:19 source racoon: DEBUG: prop#=30 prot-id=ESP spi-size=4 #trns=1 trns#=1 trns-id=DES
May 3 10:48:19 source racoon: DEBUG: type=Authentication Algorithm, flag=0x8000, lorv=hmac-md5
May 3 10:48:19 source racoon: DEBUG: type=Group Description, flag=0x8000, lorv=2
May 3 10:48:19 source racoon: DEBUG: type=SA Life Type, flag=0x8000, lorv=seconds
May 3 10:48:19 source racoon: DEBUG: type=SA Life Duration, flag=0x8000, lorv=3600
May 3 10:48:19 source racoon: DEBUG: type=Encryption Mode, flag=0x8000, lorv=UDP-Tunnel
May 3 10:48:19 source racoon: DEBUG: anonymous configuration selected for 217.123.234.12.
May 3 10:48:19 source racoon: DEBUG: make a proposal from peer's:
May 3 10:48:19 source racoon: DEBUG: (proto_id=ESP spisize=4 spi=00000000 spi_p=9721368b encmode=UDP-Tunnel reqid=0:0)
May 3 10:48:19 source racoon: DEBUG: (trns_id=AES encklen=256 authtype=hmac-sha)
May 3 10:48:19 source racoon: DEBUG: total SA len=1856
May 3 10:48:19 source racoon: DEBUG:
May 3 10:48:19 source racoon: DEBUG: begin.
May 3 10:48:19 source racoon: DEBUG: seen nptype=2(prop)
May 3 10:48:19 source racoon: DEBUG: seen nptype=2(prop)
May 3 10:48:19 source racoon: DEBUG: seen nptype=2(prop)
May 3 10:48:19 source racoon: DEBUG: seen nptype=2(prop)
May 3 10:48:19 source racoon: DEBUG: seen nptype=2(prop)
May 3 10:48:19 source racoon: DEBUG: seen nptype=2(prop)
May 3 10:48:19 source racoon: DEBUG: seen nptype=2(prop)
May 3 10:48:19 source racoon: DEBUG: seen nptype=2(prop)
May 3 10:48:19 source racoon: DEBUG: seen nptype=2(prop)
May 3 10:48:19 source racoon: DEBUG: seen nptype=2(prop)
May 3 10:48:19 source racoon: DEBUG: seen nptype=2(prop)
May 3 10:48:19 source racoon: DEBUG: seen nptype=2(prop)
May 3 10:48:19 source racoon: DEBUG: seen nptype=2(prop)
May 3 10:48:19 source racoon: DEBUG: seen nptype=2(prop)
May 3 10:48:19 source racoon: DEBUG: seen nptype=2(prop)
May 3 10:48:19 source racoon: DEBUG: seen nptype=2(prop)
May 3 10:48:19 source racoon: DEBUG: seen nptype=2(prop)
May 3 10:48:19 source racoon: DEBUG: seen nptype=2(prop)
May 3 10:48:19 source racoon: DEBUG: seen nptype=2(prop)
May 3 10:48:19 source racoon: DEBUG: seen nptype=2(prop)
May 3 10:48:19 source racoon: DEBUG: seen nptype=2(prop)
May 3 10:48:19 source racoon: DEBUG: seen nptype=2(prop)
May 3 10:48:19 source racoon: DEBUG: seen nptype=2(prop)
May 3 10:48:19 source racoon: DEBUG: seen nptype=2(prop)
May 3 10:48:19 source racoon: DEBUG: seen nptype=2(prop)
May 3 10:48:19 source racoon: DEBUG: seen nptype=2(prop)
May 3 10:48:19 source racoon: DEBUG: seen nptype=2(prop)
May 3 10:48:19 source racoon: DEBUG: seen nptype=2(prop)
May 3 10:48:19 source racoon: DEBUG: seen nptype=2(prop)
May 3 10:48:19 source racoon: DEBUG: seen nptype=2(prop)
May 3 10:48:19 source racoon: DEBUG: seen nptype=2(prop)
May 3 10:48:19 source racoon: DEBUG: seen nptype=2(prop)
May 3 10:48:19 source racoon: DEBUG: seen nptype=2(prop)
May 3 10:48:19 source racoon: DEBUG: seen nptype=2(prop)
May 3 10:48:19 source racoon: DEBUG: seen nptype=2(prop)
May 3 10:48:19 source racoon: DEBUG: seen nptype=2(prop)
May 3 10:48:19 source racoon: DEBUG: seen nptype=2(prop)
May 3 10:48:19 source racoon: DEBUG: seen nptype=2(prop)
May 3 10:48:19 source racoon: DEBUG: seen nptype=2(prop)
May 3 10:48:19 source racoon: DEBUG: seen nptype=2(prop)
May 3 10:48:19 source racoon: DEBUG: seen nptype=2(prop)
May 3 10:48:19 source racoon: DEBUG: seen nptype=2(prop)
May 3 10:48:19 source racoon: DEBUG: seen nptype=2(prop)
May 3 10:48:19 source racoon: DEBUG: seen nptype=2(prop)
May 3 10:48:19 source racoon: DEBUG: seen nptype=2(prop)
May 3 10:48:19 source racoon: DEBUG: seen nptype=2(prop)
May 3 10:48:19 source racoon: DEBUG: seen nptype=2(prop)
May 3 10:48:19 source racoon: DEBUG: seen nptype=2(prop)
May 3 10:48:19 source racoon: DEBUG: seen nptype=2(prop)
May 3 10:48:19 source racoon: DEBUG: seen nptype=2(prop)
May 3 10:48:19 source racoon: DEBUG: succeed.
May 3 10:48:19 source racoon: DEBUG: proposal #1 len=44
May 3 10:48:19 source racoon: DEBUG: begin.
May 3 10:48:19 source racoon: DEBUG: seen nptype=3(trns)
May 3 10:48:19 source racoon: DEBUG: succeed.
May 3 10:48:19 source racoon: DEBUG: transform #1 len=32
May 3 10:48:19 source racoon: DEBUG: type=Key Length, flag=0x8000, lorv=256
May 3 10:48:19 source racoon: DEBUG: type=Authentication Algorithm, flag=0x8000, lorv=hmac-sha
May 3 10:48:19 source racoon: DEBUG: type=Group Description, flag=0x8000, lorv=2
May 3 10:48:19 source racoon: DEBUG: hmac(modp1024)
May 3 10:48:19 source racoon: DEBUG: type=SA Life Type, flag=0x8000, lorv=seconds
May 3 10:48:19 source racoon: DEBUG: type=SA Life Duration, flag=0x8000, lorv=3600
May 3 10:48:19 source racoon: DEBUG: life duration was in TLV.
May 3 10:48:19 source racoon: DEBUG: type=Encryption Mode, flag=0x8000, lorv=UDP-Tunnel
May 3 10:48:19 source racoon: DEBUG: UDP encapsulation requested
May 3 10:48:19 source racoon: DEBUG: proposal #1 len=30
May 3 10:48:19 source racoon: DEBUG: begin.
May 3 10:48:19 source racoon: DEBUG: seen nptype=3(trns)
May 3 10:48:19 source racoon: DEBUG: succeed.
May 3 10:48:19 source racoon: DEBUG: transform #1 len=20
May 3 10:48:19 source racoon: ERROR: invalid transform-id=4 in IPCOMP.
May 3 10:48:19 source racoon: DEBUG: proposal #2 len=44
May 3 10:48:19 source racoon: DEBUG: begin.
May 3 10:48:19 source racoon: DEBUG: seen nptype=3(trns)
May 3 10:48:19 source racoon: DEBUG: succeed.
May 3 10:48:19 source racoon: DEBUG: transform #1 len=32
May 3 10:48:19 source racoon: DEBUG: type=Key Length, flag=0x8000, lorv=256
May 3 10:48:19 source racoon: DEBUG: type=Authentication Algorithm, flag=0x8000, lorv=hmac-sha
May 3 10:48:19 source racoon: DEBUG: type=Group Description, flag=0x8000, lorv=2
May 3 10:48:19 source racoon: DEBUG: hmac(modp1024)
May 3 10:48:19 source racoon: DEBUG: type=SA Life Type, flag=0x8000, lorv=seconds
May 3 10:48:19 source racoon: DEBUG: type=SA Life Duration, flag=0x8000, lorv=3600
May 3 10:48:19 source racoon: DEBUG: life duration was in TLV.
May 3 10:48:19 source racoon: DEBUG: type=Encryption Mode, flag=0x8000, lorv=UDP-Tunnel
May 3 10:48:19 source racoon: DEBUG: UDP encapsulation requested
May 3 10:48:19 source racoon: DEBUG: proposal #2 len=30
May 3 10:48:19 source racoon: DEBUG: begin.
May 3 10:48:19 source racoon: DEBUG: seen nptype=3(trns)
May 3 10:48:19 source racoon: DEBUG: succeed.
May 3 10:48:19 source racoon: DEBUG: transform #1 len=20
May 3 10:48:19 source racoon: DEBUG: type=1, flag=0x8000, lorv=0x0001
May 3 10:48:19 source racoon: DEBUG: type=2, flag=0x8000, lorv=0x0e10
May 3 10:48:19 source racoon: DEBUG: life duration was in TLV.
May 3 10:48:19 source racoon: DEBUG: type=4, flag=0x8000, lorv=0x0003
May 3 10:48:19 source racoon: DEBUG: UDP encapsulation requested
May 3 10:48:19 source racoon: DEBUG: proposal #3 len=44
May 3 10:48:19 source racoon: DEBUG: begin.
May 3 10:48:19 source racoon: DEBUG: seen nptype=3(trns)
May 3 10:48:19 source racoon: DEBUG: succeed.
May 3 10:48:19 source racoon: DEBUG: transform #1 len=32
May 3 10:48:19 source racoon: DEBUG: type=Key Length, flag=0x8000, lorv=256
May 3 10:48:19 source racoon: DEBUG: type=Authentication Algorithm, flag=0x8000, lorv=hmac-sha
May 3 10:48:19 source racoon: DEBUG: type=Group Description, flag=0x8000, lorv=2
May 3 10:48:19 source racoon: DEBUG: hmac(modp1024)
May 3 10:48:19 source racoon: DEBUG: type=SA Life Type, flag=0x8000, lorv=seconds
May 3 10:48:19 source racoon: DEBUG: type=SA Life Duration, flag=0x8000, lorv=3600
May 3 10:48:19 source racoon: DEBUG: life duration was in TLV.
May 3 10:48:19 source racoon: DEBUG: type=Encryption Mode, flag=0x8000, lorv=UDP-Tunnel
May 3 10:48:19 source racoon: DEBUG: UDP encapsulation requested
May 3 10:48:19 source racoon: DEBUG: proposal #4 len=44
May 3 10:48:19 source racoon: DEBUG: begin.
May 3 10:48:19 source racoon: DEBUG: seen nptype=3(trns)
May 3 10:48:19 source racoon: DEBUG: succeed.
May 3 10:48:19 source racoon: DEBUG: transform #1 len=32
May 3 10:48:19 source racoon: DEBUG: type=Key Length, flag=0x8000, lorv=192
May 3 10:48:19 source racoon: DEBUG: type=Authentication Algorithm, flag=0x8000, lorv=hmac-sha
May 3 10:48:19 source racoon: DEBUG: type=Group Description, flag=0x8000, lorv=2
May 3 10:48:19 source racoon: DEBUG: hmac(modp1024)
May 3 10:48:19 source racoon: DEBUG: type=SA Life Type, flag=0x8000, lorv=seconds
May 3 10:48:19 source racoon: DEBUG: type=SA Life Duration, flag=0x8000, lorv=3600
May 3 10:48:19 source racoon: DEBUG: life duration was in TLV.
May 3 10:48:19 source racoon: DEBUG: type=Encryption Mode, flag=0x8000, lorv=UDP-Tunnel
May 3 10:48:19 source racoon: DEBUG: UDP encapsulation requested
May 3 10:48:19 source racoon: DEBUG: proposal #4 len=30
May 3 10:48:19 source racoon: DEBUG: begin.
May 3 10:48:19 source racoon: DEBUG: seen nptype=3(trns)
May 3 10:48:19 source racoon: DEBUG: succeed.
May 3 10:48:19 source racoon: DEBUG: transform #1 len=20
May 3 10:48:19 source racoon: ERROR: invalid transform-id=4 in IPCOMP.
May 3 10:48:19 source racoon: DEBUG: proposal #5 len=44
May 3 10:48:19 source racoon: DEBUG: begin.
May 3 10:48:19 source racoon: DEBUG: seen nptype=3(trns)
May 3 10:48:19 source racoon: DEBUG: succeed.
May 3 10:48:19 source racoon: DEBUG: transform #1 len=32
May 3 10:48:19 source racoon: DEBUG: type=Key Length, flag=0x8000, lorv=192
May 3 10:48:19 source racoon: DEBUG: type=Authentication Algorithm, flag=0x8000, lorv=hmac-sha
May 3 10:48:19 source racoon: DEBUG: type=Group Description, flag=0x8000, lorv=2
May 3 10:48:19 source racoon: DEBUG: hmac(modp1024)
May 3 10:48:19 source racoon: DEBUG: type=SA Life Type, flag=0x8000, lorv=seconds
May 3 10:48:19 source racoon: DEBUG: type=SA Life Duration, flag=0x8000, lorv=3600
May 3 10:48:19 source racoon: DEBUG: life duration was in TLV.
May 3 10:48:19 source racoon: DEBUG: type=Encryption Mode, flag=0x8000, lorv=UDP-Tunnel
May 3 10:48:19 source racoon: DEBUG: UDP encapsulation requested
May 3 10:48:19 source racoon: DEBUG: proposal #5 len=30
May 3 10:48:19 source racoon: DEBUG: begin.
May 3 10:48:19 source racoon: DEBUG: seen nptype=3(trns)
May 3 10:48:19 source racoon: DEBUG: succeed.
May 3 10:48:19 source racoon: DEBUG: transform #1 len=20
May 3 10:48:19 source racoon: DEBUG: type=1, flag=0x8000, lorv=0x0001
May 3 10:48:19 source racoon: DEBUG: type=2, flag=0x8000, lorv=0x0e10
May 3 10:48:19 source racoon: DEBUG: life duration was in TLV.
May 3 10:48:19 source racoon: DEBUG: type=4, flag=0x8000, lorv=0x0003
May 3 10:48:19 source racoon: DEBUG: UDP encapsulation requested
May 3 10:48:19 source racoon: DEBUG: proposal #6 len=44
May 3 10:48:19 source racoon: DEBUG: begin.
May 3 10:48:19 source racoon: DEBUG: seen nptype=3(trns)
May 3 10:48:19 source racoon: DEBUG: succeed.
May 3 10:48:19 source racoon: DEBUG: transform #1 len=32
May 3 10:48:19 source racoon: DEBUG: type=Key Length, flag=0x8000, lorv=192
May 3 10:48:19 source racoon: DEBUG: type=Authentication Algorithm, flag=0x8000, lorv=hmac-sha
May 3 10:48:19 source racoon: DEBUG: type=Group Description, flag=0x8000, lorv=2
May 3 10:48:19 source racoon: DEBUG: hmac(modp1024)
May 3 10:48:19 source racoon: DEBUG: type=SA Life Type, flag=0x8000, lorv=seconds
May 3 10:48:19 source racoon: DEBUG: type=SA Life Duration, flag=0x8000, lorv=3600
May 3 10:48:19 source racoon: DEBUG: life duration was in TLV.
May 3 10:48:19 source racoon: DEBUG: type=Encryption Mode, flag=0x8000, lorv=UDP-Tunnel
May 3 10:48:19 source racoon: DEBUG: UDP encapsulation requested
May 3 10:48:19 source racoon: DEBUG: proposal #7 len=40
May 3 10:48:19 source racoon: DEBUG: begin.
May 3 10:48:19 source racoon: DEBUG: seen nptype=3(trns)
May 3 10:48:19 source racoon: DEBUG: succeed.
May 3 10:48:19 source racoon: DEBUG: transform #1 len=28
May 3 10:48:19 source racoon: DEBUG: type=Authentication Algorithm, flag=0x8000, lorv=hmac-sha
May 3 10:48:19 source racoon: DEBUG: type=Group Description, flag=0x8000, lorv=2
May 3 10:48:19 source racoon: DEBUG: hmac(modp1024)
May 3 10:48:19 source racoon: DEBUG: type=SA Life Type, flag=0x8000, lorv=seconds
May 3 10:48:19 source racoon: DEBUG: type=SA Life Duration, flag=0x8000, lorv=3600
May 3 10:48:19 source racoon: DEBUG: life duration was in TLV.
May 3 10:48:19 source racoon: DEBUG: type=Encryption Mode, flag=0x8000, lorv=UDP-Tunnel
May 3 10:48:19 source racoon: DEBUG: UDP encapsulation requested
May 3 10:48:19 source racoon: DEBUG: proposal #7 len=30
May 3 10:48:19 source racoon: DEBUG: begin.
May 3 10:48:19 source racoon: DEBUG: seen nptype=3(trns)
May 3 10:48:19 source racoon: DEBUG: succeed.
May 3 10:48:19 source racoon: DEBUG: transform #1 len=20
May 3 10:48:19 source racoon: ERROR: invalid transform-id=4 in IPCOMP.
May 3 10:48:19 source racoon: DEBUG: proposal #8 len=40
May 3 10:48:19 source racoon: DEBUG: begin.
May 3 10:48:19 source racoon: DEBUG: seen nptype=3(trns)
May 3 10:48:19 source racoon: DEBUG: succeed.
May 3 10:48:19 source racoon: DEBUG: transform #1 len=28
May 3 10:48:19 source racoon: DEBUG: type=Authentication Algorithm, flag=0x8000, lorv=hmac-sha
May 3 10:48:19 source racoon: DEBUG: type=Group Description, flag=0x8000, lorv=2
May 3 10:48:19 source racoon: DEBUG: hmac(modp1024)
May 3 10:48:19 source racoon: DEBUG: type=SA Life Type, flag=0x8000, lorv=seconds
May 3 10:48:19 source racoon: DEBUG: type=SA Life Duration, flag=0x8000, lorv=3600
May 3 10:48:19 source racoon: DEBUG: life duration was in TLV.
May 3 10:48:19 source racoon: DEBUG: type=Encryption Mode, flag=0x8000, lorv=UDP-Tunnel
May 3 10:48:19 source racoon: DEBUG: UDP encapsulation requested
May 3 10:48:19 source racoon: DEBUG: proposal #8 len=30
May 3 10:48:19 source racoon: DEBUG: begin.
May 3 10:48:19 source racoon: DEBUG: seen nptype=3(trns)
May 3 10:48:19 source racoon: DEBUG: succeed.
May 3 10:48:19 source racoon: DEBUG: transform #1 len=20
May 3 10:48:19 source racoon: DEBUG: type=1, flag=0x8000, lorv=0x0001
May 3 10:48:19 source racoon: DEBUG: type=2, flag=0x8000, lorv=0x0e10
May 3 10:48:19 source racoon: DEBUG: life duration was in TLV.
May 3 10:48:19 source racoon: DEBUG: type=4, flag=0x8000, lorv=0x0003
May 3 10:48:19 source racoon: DEBUG: UDP encapsulation requested
May 3 10:48:19 source racoon: DEBUG: proposal #9 len=40
May 3 10:48:19 source racoon: DEBUG: begin.
May 3 10:48:19 source racoon: DEBUG: seen nptype=3(trns)
May 3 10:48:19 source racoon: DEBUG: succeed.
May 3 10:48:19 source racoon: DEBUG: transform #1 len=28
May 3 10:48:19 source racoon: DEBUG: type=Authentication Algorithm, flag=0x8000, lorv=hmac-sha
May 3 10:48:19 source racoon: DEBUG: type=Group Description, flag=0x8000, lorv=2
May 3 10:48:19 source racoon: DEBUG: hmac(modp1024)
May 3 10:48:19 source racoon: DEBUG: type=SA Life Type, flag=0x8000, lorv=seconds
May 3 10:48:19 source racoon: DEBUG: type=SA Life Duration, flag=0x8000, lorv=3600
May 3 10:48:19 source racoon: DEBUG: life duration was in TLV.
May 3 10:48:19 source racoon: DEBUG: type=Encryption Mode, flag=0x8000, lorv=UDP-Tunnel
May 3 10:48:19 source racoon: DEBUG: UDP encapsulation requested
May 3 10:48:19 source racoon: DEBUG: proposal #10 len=40
May 3 10:48:19 source racoon: DEBUG: begin.
May 3 10:48:19 source racoon: DEBUG: seen nptype=3(trns)
May 3 10:48:19 source racoon: DEBUG: succeed.
May 3 10:48:19 source racoon: DEBUG: transform #1 len=28
May 3 10:48:19 source racoon: DEBUG: type=Authentication Algorithm, flag=0x8000, lorv=hmac-sha
May 3 10:48:19 source racoon: DEBUG: type=Group Description, flag=0x8000, lorv=2
May 3 10:48:19 source racoon: DEBUG: hmac(modp1024)
May 3 10:48:19 source racoon: DEBUG: type=SA Life Type, flag=0x8000, lorv=seconds
May 3 10:48:19 source racoon: DEBUG: type=SA Life Duration, flag=0x8000, lorv=3600
May 3 10:48:19 source racoon: DEBUG: life duration was in TLV.
May 3 10:48:19 source racoon: DEBUG: type=Encryption Mode, flag=0x8000, lorv=UDP-Tunnel
May 3 10:48:19 source racoon: DEBUG: UDP encapsulation requested
May 3 10:48:19 source racoon: DEBUG: proposal #10 len=30
May 3 10:48:19 source racoon: DEBUG: begin.
May 3 10:48:19 source racoon: DEBUG: seen nptype=3(trns)
May 3 10:48:19 source racoon: DEBUG: succeed.
May 3 10:48:19 source racoon: DEBUG: transform #1 len=20
May 3 10:48:19 source racoon: ERROR: invalid transform-id=4 in IPCOMP.
May 3 10:48:19 source racoon: DEBUG: proposal #11 len=40
May 3 10:48:19 source racoon: DEBUG: begin.
May 3 10:48:19 source racoon: DEBUG: seen nptype=3(trns)
May 3 10:48:19 source racoon: DEBUG: succeed.
May 3 10:48:19 source racoon: DEBUG: transform #1 len=28
May 3 10:48:19 source racoon: DEBUG: type=Authentication Algorithm, flag=0x8000, lorv=hmac-sha
May 3 10:48:19 source racoon: DEBUG: type=Group Description, flag=0x8000, lorv=2
May 3 10:48:19 source racoon: DEBUG: hmac(modp1024)
May 3 10:48:19 source racoon: DEBUG: type=SA Life Type, flag=0x8000, lorv=seconds
May 3 10:48:19 source racoon: DEBUG: type=SA Life Duration, flag=0x8000, lorv=3600
May 3 10:48:19 source racoon: DEBUG: life duration was in TLV.
May 3 10:48:19 source racoon: DEBUG: type=Encryption Mode, flag=0x8000, lorv=UDP-Tunnel
May 3 10:48:19 source racoon: DEBUG: UDP encapsulation requested
May 3 10:48:19 source racoon: DEBUG: proposal #11 len=30
May 3 10:48:19 source racoon: DEBUG: begin.
May 3 10:48:19 source racoon: DEBUG: seen nptype=3(trns)
May 3 10:48:19 source racoon: DEBUG: succeed.
May 3 10:48:19 source racoon: DEBUG: transform #1 len=20
May 3 10:48:19 source racoon: DEBUG: type=1, flag=0x8000, lorv=0x0001
May 3 10:48:19 source racoon: DEBUG: type=2, flag=0x8000, lorv=0x0e10
May 3 10:48:19 source racoon: DEBUG: life duration was in TLV.
May 3 10:48:19 source racoon: DEBUG: type=4, flag=0x8000, lorv=0x0003
May 3 10:48:19 source racoon: DEBUG: UDP encapsulation requested
May 3 10:48:19 source racoon: DEBUG: proposal #12 len=40
May 3 10:48:19 source racoon: DEBUG: begin.
May 3 10:48:19 source racoon: DEBUG: seen nptype=3(trns)
May 3 10:48:19 source racoon: DEBUG: succeed.
May 3 10:48:19 source racoon: DEBUG: transform #1 len=28
May 3 10:48:19 source racoon: DEBUG: type=Authentication Algorithm, flag=0x8000, lorv=hmac-sha
May 3 10:48:19 source racoon: DEBUG: type=Group Description, flag=0x8000, lorv=2
May 3 10:48:19 source racoon: DEBUG: hmac(modp1024)
May 3 10:48:19 source racoon: DEBUG: type=SA Life Type, flag=0x8000, lorv=seconds
May 3 10:48:19 source racoon: DEBUG: type=SA Life Duration, flag=0x8000, lorv=3600
May 3 10:48:19 source racoon: DEBUG: life duration was in TLV.
May 3 10:48:19 source racoon: DEBUG: type=Encryption Mode, flag=0x8000, lorv=UDP-Tunnel
May 3 10:48:19 source racoon: DEBUG: UDP encapsulation requested
May 3 10:48:19 source racoon: DEBUG: proposal #13 len=40
May 3 10:48:19 source racoon: DEBUG: begin.
May 3 10:48:19 source racoon: DEBUG: seen nptype=3(trns)
May 3 10:48:19 source racoon: DEBUG: succeed.
May 3 10:48:19 source racoon: DEBUG: transform #1 len=28
May 3 10:48:19 source racoon: DEBUG: type=Authentication Algorithm, flag=0x8000, lorv=hmac-sha
May 3 10:48:19 source racoon: DEBUG: type=Group Description, flag=0x8000, lorv=2
May 3 10:48:19 source racoon: DEBUG: hmac(modp1024)
May 3 10:48:19 source racoon: DEBUG: type=SA Life Type, flag=0x8000, lorv=seconds
May 3 10:48:19 source racoon: DEBUG: type=SA Life Duration, flag=0x8000, lorv=3600
May 3 10:48:19 source racoon: DEBUG: life duration was in TLV.
May 3 10:48:19 source racoon: DEBUG: type=Encryption Mode, flag=0x8000, lorv=UDP-Tunnel
May 3 10:48:19 source racoon: DEBUG: UDP encapsulation requested
May 3 10:48:19 source racoon: DEBUG: proposal #13 len=30
May 3 10:48:19 source racoon: DEBUG: begin.
May 3 10:48:19 source racoon: DEBUG: seen nptype=3(trns)
May 3 10:48:19 source racoon: DEBUG: succeed.
May 3 10:48:19 source racoon: DEBUG: transform #1 len=20
May 3 10:48:19 source racoon: ERROR: invalid transform-id=4 in IPCOMP.
May 3 10:48:19 source racoon: DEBUG: proposal #14 len=40
May 3 10:48:19 source racoon: DEBUG: begin.
May 3 10:48:19 source racoon: DEBUG: seen nptype=3(trns)
May 3 10:48:19 source racoon: DEBUG: succeed.
May 3 10:48:19 source racoon: DEBUG: transform #1 len=28
May 3 10:48:19 source racoon: DEBUG: type=Authentication Algorithm, flag=0x8000, lorv=hmac-sha
May 3 10:48:19 source racoon: DEBUG: type=Group Description, flag=0x8000, lorv=2
May 3 10:48:19 source racoon: DEBUG: hmac(modp1024)
May 3 10:48:19 source racoon: DEBUG: type=SA Life Type, flag=0x8000, lorv=seconds
May 3 10:48:19 source racoon: DEBUG: type=SA Life Duration, flag=0x8000, lorv=3600
May 3 10:48:19 source racoon: DEBUG: life duration was in TLV.
May 3 10:48:19 source racoon: DEBUG: type=Encryption Mode, flag=0x8000, lorv=UDP-Tunnel
May 3 10:48:19 source racoon: DEBUG: UDP encapsulation requested
May 3 10:48:19 source racoon: DEBUG: proposal #14 len=30
May 3 10:48:19 source racoon: DEBUG: begin.
May 3 10:48:19 source racoon: DEBUG: seen nptype=3(trns)
May 3 10:48:19 source racoon: DEBUG: succeed.
May 3 10:48:19 source racoon: DEBUG: transform #1 len=20
May 3 10:48:19 source racoon: DEBUG: type=1, flag=0x8000, lorv=0x0001
May 3 10:48:19 source racoon: DEBUG: type=2, flag=0x8000, lorv=0x0e10
May 3 10:48:19 source racoon: DEBUG: life duration was in TLV.
May 3 10:48:19 source racoon: DEBUG: type=4, flag=0x8000, lorv=0x0003
May 3 10:48:19 source racoon: DEBUG: UDP encapsulation requested
May 3 10:48:19 source racoon: DEBUG: proposal #15 len=40
May 3 10:48:19 source racoon: DEBUG: begin.
May 3 10:48:19 source racoon: DEBUG: seen nptype=3(trns)
May 3 10:48:19 source racoon: DEBUG: succeed.
May 3 10:48:19 source racoon: DEBUG: transform #1 len=28
May 3 10:48:19 source racoon: DEBUG: type=Authentication Algorithm, flag=0x8000, lorv=hmac-sha
May 3 10:48:19 source racoon: DEBUG: type=Group Description, flag=0x8000, lorv=2
May 3 10:48:19 source racoon: DEBUG: hmac(modp1024)
May 3 10:48:19 source racoon: DEBUG: type=SA Life Type, flag=0x8000, lorv=seconds
May 3 10:48:19 source racoon: DEBUG: type=SA Life Duration, flag=0x8000, lorv=3600
May 3 10:48:19 source racoon: DEBUG: life duration was in TLV.
May 3 10:48:19 source racoon: DEBUG: type=Encryption Mode, flag=0x8000, lorv=UDP-Tunnel
May 3 10:48:19 source racoon: DEBUG: UDP encapsulation requested
May 3 10:48:19 source racoon: DEBUG: proposal #16 len=44
May 3 10:48:19 source racoon: DEBUG: begin.
May 3 10:48:19 source racoon: DEBUG: seen nptype=3(trns)
May 3 10:48:19 source racoon: DEBUG: succeed.
May 3 10:48:19 source racoon: DEBUG: transform #1 len=32
May 3 10:48:19 source racoon: DEBUG: type=Key Length, flag=0x8000, lorv=256
May 3 10:48:19 source racoon: DEBUG: type=Authentication Algorithm, flag=0x8000, lorv=hmac-md5
May 3 10:48:19 source racoon: DEBUG: type=Group Description, flag=0x8000, lorv=2
May 3 10:48:19 source racoon: DEBUG: hmac(modp1024)
May 3 10:48:19 source racoon: DEBUG: type=SA Life Type, flag=0x8000, lorv=seconds
May 3 10:48:19 source racoon: DEBUG: type=SA Life Duration, flag=0x8000, lorv=3600
May 3 10:48:19 source racoon: DEBUG: life duration was in TLV.
May 3 10:48:19 source racoon: DEBUG: type=Encryption Mode, flag=0x8000, lorv=UDP-Tunnel
May 3 10:48:19 source racoon: DEBUG: UDP encapsulation requested
May 3 10:48:19 source racoon: DEBUG: proposal #16 len=30
May 3 10:48:19 source racoon: DEBUG: begin.
May 3 10:48:19 source racoon: DEBUG: seen nptype=3(trns)
May 3 10:48:19 source racoon: DEBUG: succeed.
May 3 10:48:19 source racoon: DEBUG: transform #1 len=20
May 3 10:48:19 source racoon: ERROR: invalid transform-id=4 in IPCOMP.
May 3 10:48:19 source racoon: DEBUG: proposal #17 len=44
May 3 10:48:19 source racoon: DEBUG: begin.
May 3 10:48:19 source racoon: DEBUG: seen nptype=3(trns)
May 3 10:48:19 source racoon: DEBUG: succeed.
May 3 10:48:19 source racoon: DEBUG: transform #1 len=32
May 3 10:48:19 source racoon: DEBUG: type=Key Length, flag=0x8000, lorv=256
May 3 10:48:19 source racoon: DEBUG: type=Authentication Algorithm, flag=0x8000, lorv=hmac-md5
May 3 10:48:19 source racoon: DEBUG: type=Group Description, flag=0x8000, lorv=2
May 3 10:48:19 source racoon: DEBUG: hmac(modp1024)
May 3 10:48:19 source racoon: DEBUG: type=SA Life Type, flag=0x8000, lorv=seconds
May 3 10:48:19 source racoon: DEBUG: type=SA Life Duration, flag=0x8000, lorv=3600
May 3 10:48:19 source racoon: DEBUG: life duration was in TLV.
May 3 10:48:19 source racoon: DEBUG: type=Encryption Mode, flag=0x8000, lorv=UDP-Tunnel
May 3 10:48:19 source racoon: DEBUG: UDP encapsulation requested
May 3 10:48:19 source racoon: DEBUG: proposal #17 len=30
May 3 10:48:19 source racoon: DEBUG: begin.
May 3 10:48:19 source racoon: DEBUG: seen nptype=3(trns)
May 3 10:48:19 source racoon: DEBUG: succeed.
May 3 10:48:19 source racoon: DEBUG: transform #1 len=20
May 3 10:48:19 source racoon: DEBUG: type=1, flag=0x8000, lorv=0x0001
May 3 10:48:19 source racoon: DEBUG: type=2, flag=0x8000, lorv=0x0e10
May 3 10:48:19 source racoon: DEBUG: life duration was in TLV.
May 3 10:48:19 source racoon: DEBUG: type=4, flag=0x8000, lorv=0x0003
May 3 10:48:19 source racoon: DEBUG: UDP encapsulation requested
May 3 10:48:19 source racoon: DEBUG: proposal #18 len=44
May 3 10:48:19 source racoon: DEBUG: begin.
May 3 10:48:19 source racoon: DEBUG: seen nptype=3(trns)
May 3 10:48:19 source racoon: DEBUG: succeed.
May 3 10:48:19 source racoon: DEBUG: transform #1 len=32
May 3 10:48:19 source racoon: DEBUG: type=Key Length, flag=0x8000, lorv=256
May 3 10:48:19 source racoon: DEBUG: type=Authentication Algorithm, flag=0x8000, lorv=hmac-md5
May 3 10:48:19 source racoon: DEBUG: type=Group Description, flag=0x8000, lorv=2
May 3 10:48:19 source racoon: DEBUG: hmac(modp1024)
May 3 10:48:19 source racoon: DEBUG: type=SA Life Type, flag=0x8000, lorv=seconds
May 3 10:48:19 source racoon: DEBUG: type=SA Life Duration, flag=0x8000, lorv=3600
May 3 10:48:19 source racoon: DEBUG: life duration was in TLV.
May 3 10:48:19 source racoon: DEBUG: type=Encryption Mode, flag=0x8000, lorv=UDP-Tunnel
May 3 10:48:19 source racoon: DEBUG: UDP encapsulation requested
May 3 10:48:19 source racoon: DEBUG: proposal #19 len=44
May 3 10:48:19 source racoon: DEBUG: begin.
May 3 10:48:19 source racoon: DEBUG: seen nptype=3(trns)
May 3 10:48:19 source racoon: DEBUG: succeed.
May 3 10:48:19 source racoon: DEBUG: transform #1 len=32
May 3 10:48:19 source racoon: DEBUG: type=Key Length, flag=0x8000, lorv=192
May 3 10:48:19 source racoon: DEBUG: type=Authentication Algorithm, flag=0x8000, lorv=hmac-md5
May 3 10:48:19 source racoon: DEBUG: type=Group Description, flag=0x8000, lorv=2
May 3 10:48:19 source racoon: DEBUG: hmac(modp1024)
May 3 10:48:19 source racoon: DEBUG: type=SA Life Type, flag=0x8000, lorv=seconds
May 3 10:48:19 source racoon: DEBUG: type=SA Life Duration, flag=0x8000, lorv=3600
May 3 10:48:19 source racoon: DEBUG: life duration was in TLV.
May 3 10:48:19 source racoon: DEBUG: type=Encryption Mode, flag=0x8000, lorv=UDP-Tunnel
May 3 10:48:19 source racoon: DEBUG: UDP encapsulation requested
May 3 10:48:19 source racoon: DEBUG: proposal #19 len=30
May 3 10:48:19 source racoon: DEBUG: begin.
May 3 10:48:19 source racoon: DEBUG: seen nptype=3(trns)
May 3 10:48:19 source racoon: DEBUG: succeed.
May 3 10:48:19 source racoon: DEBUG: transform #1 len=20
May 3 10:48:19 source racoon: ERROR: invalid transform-id=4 in IPCOMP.
May 3 10:48:19 source racoon: DEBUG: proposal #20 len=44
May 3 10:48:19 source racoon: DEBUG: begin.
May 3 10:48:19 source racoon: DEBUG: seen nptype=3(trns)
May 3 10:48:19 source racoon: DEBUG: succeed.
May 3 10:48:19 source racoon: DEBUG: transform #1 len=32
May 3 10:48:19 source racoon: DEBUG: type=Key Length, flag=0x8000, lorv=192
May 3 10:48:19 source racoon: DEBUG: type=Authentication Algorithm, flag=0x8000, lorv=hmac-md5
May 3 10:48:19 source racoon: DEBUG: type=Group Description, flag=0x8000, lorv=2
May 3 10:48:19 source racoon: DEBUG: hmac(modp1024)
May 3 10:48:19 source racoon: DEBUG: type=SA Life Type, flag=0x8000, lorv=seconds
May 3 10:48:19 source racoon: DEBUG: type=SA Life Duration, flag=0x8000, lorv=3600
May 3 10:48:19 source racoon: DEBUG: life duration was in TLV.
May 3 10:48:19 source racoon: DEBUG: type=Encryption Mode, flag=0x8000, lorv=UDP-Tunnel
May 3 10:48:19 source racoon: DEBUG: UDP encapsulation requested
May 3 10:48:19 source racoon: DEBUG: proposal #20 len=30
May 3 10:48:19 source racoon: DEBUG: begin.
May 3 10:48:19 source racoon: DEBUG: seen nptype=3(trns)
May 3 10:48:19 source racoon: DEBUG: succeed.
May 3 10:48:19 source racoon: DEBUG: transform #1 len=20
May 3 10:48:19 source racoon: DEBUG: type=1, flag=0x8000, lorv=0x0001
May 3 10:48:19 source racoon: DEBUG: type=2, flag=0x8000, lorv=0x0e10
May 3 10:48:19 source racoon: DEBUG: life duration was in TLV.
May 3 10:48:19 source racoon: DEBUG: type=4, flag=0x8000, lorv=0x0003
May 3 10:48:19 source racoon: DEBUG: UDP encapsulation requested
May 3 10:48:19 source racoon: DEBUG: proposal #21 len=44
May 3 10:48:19 source racoon: DEBUG: begin.
May 3 10:48:19 source racoon: DEBUG: seen nptype=3(trns)
May 3 10:48:19 source racoon: DEBUG: succeed.
May 3 10:48:19 source racoon: DEBUG: transform #1 len=32
May 3 10:48:19 source racoon: DEBUG: type=Key Length, flag=0x8000, lorv=192
May 3 10:48:19 source racoon: DEBUG: type=Authentication Algorithm, flag=0x8000, lorv=hmac-md5
May 3 10:48:19 source racoon: DEBUG: type=Group Description, flag=0x8000, lorv=2
May 3 10:48:19 source racoon: DEBUG: hmac(modp1024)
May 3 10:48:19 source racoon: DEBUG: type=SA Life Type, flag=0x8000, lorv=seconds
May 3 10:48:19 source racoon: DEBUG: type=SA Life Duration, flag=0x8000, lorv=3600
May 3 10:48:19 source racoon: DEBUG: life duration was in TLV.
May 3 10:48:19 source racoon: DEBUG: type=Encryption Mode, flag=0x8000, lorv=UDP-Tunnel
May 3 10:48:19 source racoon: DEBUG: UDP encapsulation requested
May 3 10:48:19 source racoon: DEBUG: proposal #22 len=40
May 3 10:48:19 source racoon: DEBUG: begin.
May 3 10:48:19 source racoon: DEBUG: seen nptype=3(trns)
May 3 10:48:19 source racoon: DEBUG: succeed.
May 3 10:48:19 source racoon: DEBUG: transform #1 len=28
May 3 10:48:19 source racoon: DEBUG: type=Authentication Algorithm, flag=0x8000, lorv=hmac-md5
May 3 10:48:19 source racoon: DEBUG: type=Group Description, flag=0x8000, lorv=2
May 3 10:48:19 source racoon: DEBUG: hmac(modp1024)
May 3 10:48:19 source racoon: DEBUG: type=SA Life Type, flag=0x8000, lorv=seconds
May 3 10:48:19 source racoon: DEBUG: type=SA Life Duration, flag=0x8000, lorv=3600
May 3 10:48:19 source racoon: DEBUG: life duration was in TLV.
May 3 10:48:19 source racoon: DEBUG: type=Encryption Mode, flag=0x8000, lorv=UDP-Tunnel
May 3 10:48:19 source racoon: DEBUG: UDP encapsulation requested
May 3 10:48:19 source racoon: DEBUG: proposal #22 len=30
May 3 10:48:19 source racoon: DEBUG: begin.
May 3 10:48:19 source racoon: DEBUG: seen nptype=3(trns)
May 3 10:48:19 source racoon: DEBUG: succeed.
May 3 10:48:19 source racoon: DEBUG: transform #1 len=20
May 3 10:48:19 source racoon: ERROR: invalid transform-id=4 in IPCOMP.
May 3 10:48:19 source racoon: DEBUG: proposal #23 len=40
May 3 10:48:19 source racoon: DEBUG: begin.
May 3 10:48:19 source racoon: DEBUG: seen nptype=3(trns)
May 3 10:48:19 source racoon: DEBUG: succeed.
May 3 10:48:19 source racoon: DEBUG: transform #1 len=28
May 3 10:48:19 source racoon: DEBUG: type=Authentication Algorithm, flag=0x8000, lorv=hmac-md5
May 3 10:48:19 source racoon: DEBUG: type=Group Description, flag=0x8000, lorv=2
May 3 10:48:19 source racoon: DEBUG: hmac(modp1024)
May 3 10:48:19 source racoon: DEBUG: type=SA Life Type, flag=0x8000, lorv=seconds
May 3 10:48:19 source racoon: DEBUG: type=SA Life Duration, flag=0x8000, lorv=3600
May 3 10:48:19 source racoon: DEBUG: life duration was in TLV.
May 3 10:48:19 source racoon: DEBUG: type=Encryption Mode, flag=0x8000, lorv=UDP-Tunnel
May 3 10:48:19 source racoon: DEBUG: UDP encapsulation requested
May 3 10:48:19 source racoon: DEBUG: proposal #23 len=30
May 3 10:48:19 source racoon: DEBUG: begin.
May 3 10:48:19 source racoon: DEBUG: seen nptype=3(trns)
May 3 10:48:19 source racoon: DEBUG: succeed.
May 3 10:48:19 source racoon: DEBUG: transform #1 len=20
May 3 10:48:19 source racoon: DEBUG: type=1, flag=0x8000, lorv=0x0001
May 3 10:48:19 source racoon: DEBUG: type=2, flag=0x8000, lorv=0x0e10
May 3 10:48:19 source racoon: DEBUG: life duration was in TLV.
May 3 10:48:19 source racoon: DEBUG: type=4, flag=0x8000, lorv=0x0003
May 3 10:48:19 source racoon: DEBUG: UDP encapsulation requested
May 3 10:48:19 source racoon: DEBUG: proposal #24 len=40
May 3 10:48:19 source racoon: DEBUG: begin.
May 3 10:48:19 source racoon: DEBUG: seen nptype=3(trns)
May 3 10:48:19 source racoon: DEBUG: succeed.
May 3 10:48:19 source racoon: DEBUG: transform #1 len=28
May 3 10:48:19 source racoon: DEBUG: type=Authentication Algorithm, flag=0x8000, lorv=hmac-md5
May 3 10:48:19 source racoon: DEBUG: type=Group Description, flag=0x8000, lorv=2
May 3 10:48:19 source racoon: DEBUG: hmac(modp1024)
May 3 10:48:19 source racoon: DEBUG: type=SA Life Type, flag=0x8000, lorv=seconds
May 3 10:48:19 source racoon: DEBUG: type=SA Life Duration, flag=0x8000, lorv=3600
May 3 10:48:19 source racoon: DEBUG: life duration was in TLV.
May 3 10:48:19 source racoon: DEBUG: type=Encryption Mode, flag=0x8000, lorv=UDP-Tunnel
May 3 10:48:19 source racoon: DEBUG: UDP encapsulation requested
May 3 10:48:19 source racoon: DEBUG: proposal #25 len=40
May 3 10:48:19 source racoon: DEBUG: begin.
May 3 10:48:19 source racoon: DEBUG: seen nptype=3(trns)
May 3 10:48:19 source racoon: DEBUG: succeed.
May 3 10:48:19 source racoon: DEBUG: transform #1 len=28
May 3 10:48:19 source racoon: DEBUG: type=Authentication Algorithm, flag=0x8000, lorv=hmac-md5
May 3 10:48:19 source racoon: DEBUG: type=Group Description, flag=0x8000, lorv=2
May 3 10:48:19 source racoon: DEBUG: hmac(modp1024)
May 3 10:48:19 source racoon: DEBUG: type=SA Life Type, flag=0x8000, lorv=seconds
May 3 10:48:19 source racoon: DEBUG: type=SA Life Duration, flag=0x8000, lorv=3600
May 3 10:48:19 source racoon: DEBUG: life duration was in TLV.
May 3 10:48:19 source racoon: DEBUG: type=Encryption Mode, flag=0x8000, lorv=UDP-Tunnel
May 3 10:48:19 source racoon: DEBUG: UDP encapsulation requested
May 3 10:48:19 source racoon: DEBUG: proposal #25 len=30
May 3 10:48:19 source racoon: DEBUG: begin.
May 3 10:48:19 source racoon: DEBUG: seen nptype=3(trns)
May 3 10:48:19 source racoon: DEBUG: succeed.
May 3 10:48:19 source racoon: DEBUG: transform #1 len=20
May 3 10:48:19 source racoon: ERROR: invalid transform-id=4 in IPCOMP.
May 3 10:48:19 source racoon: DEBUG: proposal #26 len=40
May 3 10:48:19 source racoon: DEBUG: begin.
May 3 10:48:19 source racoon: DEBUG: seen nptype=3(trns)
May 3 10:48:19 source racoon: DEBUG: succeed.
May 3 10:48:19 source racoon: DEBUG: transform #1 len=28
May 3 10:48:19 source racoon: DEBUG: type=Authentication Algorithm, flag=0x8000, lorv=hmac-md5
May 3 10:48:19 source racoon: DEBUG: type=Group Description, flag=0x8000, lorv=2
May 3 10:48:19 source racoon: DEBUG: hmac(modp1024)
May 3 10:48:19 source racoon: DEBUG: type=SA Life Type, flag=0x8000, lorv=seconds
May 3 10:48:19 source racoon: DEBUG: type=SA Life Duration, flag=0x8000, lorv=3600
May 3 10:48:19 source racoon: DEBUG: life duration was in TLV.
May 3 10:48:19 source racoon: DEBUG: type=Encryption Mode, flag=0x8000, lorv=UDP-Tunnel
May 3 10:48:19 source racoon: DEBUG: UDP encapsulation requested
May 3 10:48:19 source racoon: DEBUG: proposal #26 len=30
May 3 10:48:19 source racoon: DEBUG: begin.
May 3 10:48:19 source racoon: DEBUG: seen nptype=3(trns)
May 3 10:48:19 source racoon: DEBUG: succeed.
May 3 10:48:19 source racoon: DEBUG: transform #1 len=20
May 3 10:48:19 source racoon: DEBUG: type=1, flag=0x8000, lorv=0x0001
May 3 10:48:19 source racoon: DEBUG: type=2, flag=0x8000, lorv=0x0e10
May 3 10:48:19 source racoon: DEBUG: life duration was in TLV.
May 3 10:48:19 source racoon: DEBUG: type=4, flag=0x8000, lorv=0x0003
May 3 10:48:19 source racoon: DEBUG: UDP encapsulation requested
May 3 10:48:19 source racoon: DEBUG: proposal #27 len=40
May 3 10:48:19 source racoon: DEBUG: begin.
May 3 10:48:19 source racoon: DEBUG: seen nptype=3(trns)
May 3 10:48:19 source racoon: DEBUG: succeed.
May 3 10:48:19 source racoon: DEBUG: transform #1 len=28
May 3 10:48:19 source racoon: DEBUG: type=Authentication Algorithm, flag=0x8000, lorv=hmac-md5
May 3 10:48:19 source racoon: DEBUG: type=Group Description, flag=0x8000, lorv=2
May 3 10:48:19 source racoon: DEBUG: hmac(modp1024)
May 3 10:48:19 source racoon: DEBUG: type=SA Life Type, flag=0x8000, lorv=seconds
May 3 10:48:19 source racoon: DEBUG: type=SA Life Duration, flag=0x8000, lorv=3600
May 3 10:48:19 source racoon: DEBUG: life duration was in TLV.
May 3 10:48:19 source racoon: DEBUG: type=Encryption Mode, flag=0x8000, lorv=UDP-Tunnel
May 3 10:48:19 source racoon: DEBUG: UDP encapsulation requested
May 3 10:48:19 source racoon: DEBUG: proposal #28 len=40
May 3 10:48:19 source racoon: DEBUG: begin.
May 3 10:48:19 source racoon: DEBUG: seen nptype=3(trns)
May 3 10:48:19 source racoon: DEBUG: succeed.
May 3 10:48:19 source racoon: DEBUG: transform #1 len=28
May 3 10:48:19 source racoon: DEBUG: type=Authentication Algorithm, flag=0x8000, lorv=hmac-md5
May 3 10:48:19 source racoon: DEBUG: type=Group Description, flag=0x8000, lorv=2
May 3 10:48:19 source racoon: DEBUG: hmac(modp1024)
May 3 10:48:19 source racoon: DEBUG: type=SA Life Type, flag=0x8000, lorv=seconds
May 3 10:48:19 source racoon: DEBUG: type=SA Life Duration, flag=0x8000, lorv=3600
May 3 10:48:19 source racoon: DEBUG: life duration was in TLV.
May 3 10:48:19 source racoon: DEBUG: type=Encryption Mode, flag=0x8000, lorv=UDP-Tunnel
May 3 10:48:19 source racoon: DEBUG: UDP encapsulation requested
May 3 10:48:19 source racoon: DEBUG: proposal #28 len=30
May 3 10:48:19 source racoon: DEBUG: begin.
May 3 10:48:19 source racoon: DEBUG: seen nptype=3(trns)
May 3 10:48:19 source racoon: DEBUG: succeed.
May 3 10:48:19 source racoon: DEBUG: transform #1 len=20
May 3 10:48:19 source racoon: ERROR: invalid transform-id=4 in IPCOMP.
May 3 10:48:19 source racoon: DEBUG: proposal #29 len=40
May 3 10:48:19 source racoon: DEBUG: begin.
May 3 10:48:19 source racoon: DEBUG: seen nptype=3(trns)
May 3 10:48:19 source racoon: DEBUG: succeed.
May 3 10:48:19 source racoon: DEBUG: transform #1 len=28
May 3 10:48:19 source racoon: DEBUG: type=Authentication Algorithm, flag=0x8000, lorv=hmac-md5
May 3 10:48:19 source racoon: DEBUG: type=Group Description, flag=0x8000, lorv=2
May 3 10:48:19 source racoon: DEBUG: hmac(modp1024)
May 3 10:48:19 source racoon: DEBUG: type=SA Life Type, flag=0x8000, lorv=seconds
May 3 10:48:19 source racoon: DEBUG: type=SA Life Duration, flag=0x8000, lorv=3600
May 3 10:48:19 source racoon: DEBUG: life duration was in TLV.
May 3 10:48:19 source racoon: DEBUG: type=Encryption Mode, flag=0x8000, lorv=UDP-Tunnel
May 3 10:48:19 source racoon: DEBUG: UDP encapsulation requested
May 3 10:48:19 source racoon: DEBUG: proposal #29 len=30
May 3 10:48:19 source racoon: DEBUG: begin.
May 3 10:48:19 source racoon: DEBUG: seen nptype=3(trns)
May 3 10:48:19 source racoon: DEBUG: succeed.
May 3 10:48:19 source racoon: DEBUG: transform #1 len=20
May 3 10:48:19 source racoon: DEBUG: type=1, flag=0x8000, lorv=0x0001
May 3 10:48:19 source racoon: DEBUG: type=2, flag=0x8000, lorv=0x0e10
May 3 10:48:19 source racoon: DEBUG: life duration was in TLV.
May 3 10:48:19 source racoon: DEBUG: type=4, flag=0x8000, lorv=0x0003
May 3 10:48:19 source racoon: DEBUG: UDP encapsulation requested
May 3 10:48:19 source racoon: DEBUG: proposal #30 len=40
May 3 10:48:19 source racoon: DEBUG: begin.
May 3 10:48:19 source racoon: DEBUG: seen nptype=3(trns)
May 3 10:48:19 source racoon: DEBUG: succeed.
May 3 10:48:19 source racoon: DEBUG: transform #1 len=28
May 3 10:48:19 source racoon: DEBUG: type=Authentication Algorithm, flag=0x8000, lorv=hmac-md5
May 3 10:48:19 source racoon: DEBUG: type=Group Description, flag=0x8000, lorv=2
May 3 10:48:19 source racoon: DEBUG: hmac(modp1024)
May 3 10:48:19 source racoon: DEBUG: type=SA Life Type, flag=0x8000, lorv=seconds
May 3 10:48:19 source racoon: DEBUG: type=SA Life Duration, flag=0x8000, lorv=3600
May 3 10:48:19 source racoon: DEBUG: life duration was in TLV.
May 3 10:48:19 source racoon: DEBUG: type=Encryption Mode, flag=0x8000, lorv=UDP-Tunnel
May 3 10:48:19 source racoon: DEBUG: UDP encapsulation requested
May 3 10:48:19 source racoon: DEBUG: pair 1:
May 3 10:48:19 source racoon: DEBUG: 0xd43bf0: next=(nil) tnext=(nil)
May 3 10:48:19 source racoon: DEBUG: proposal #1: 1 transform
May 3 10:48:19 source racoon: DEBUG: pair 2:
May 3 10:48:19 source racoon: DEBUG: 0xd43b70: next=0xd43c40 tnext=(nil)
May 3 10:48:19 source racoon: DEBUG: 0xd43c40: next=(nil) tnext=(nil)
May 3 10:48:19 source racoon: DEBUG: proposal #2: 2 transform
May 3 10:48:19 source racoon: DEBUG: pair 3:
May 3 10:48:19 source racoon: DEBUG: 0xd4a590: next=(nil) tnext=(nil)
May 3 10:48:19 source racoon: DEBUG: proposal #3: 1 transform
May 3 10:48:19 source racoon: DEBUG: pair 4:
May 3 10:48:19 source racoon: DEBUG: 0xd4a5c0: next=(nil) tnext=(nil)
May 3 10:48:19 source racoon: DEBUG: proposal #4: 1 transform
May 3 10:48:19 source racoon: DEBUG: pair 5:
May 3 10:48:19 source racoon: DEBUG: 0xd49660: next=0xd49690 tnext=(nil)
May 3 10:48:19 source racoon: DEBUG: 0xd49690: next=(nil) tnext=(nil)
May 3 10:48:19 source racoon: DEBUG: proposal #5: 2 transform
May 3 10:48:19 source racoon: DEBUG: pair 6:
May 3 10:48:19 source racoon: DEBUG: 0xd4ccf0: next=(nil) tnext=(nil)
May 3 10:48:19 source racoon: DEBUG: proposal #6: 1 transform
May 3 10:48:19 source racoon: DEBUG: pair 7:
May 3 10:48:19 source racoon: DEBUG: 0xd43ba0: next=(nil) tnext=(nil)
May 3 10:48:19 source racoon: DEBUG: proposal #7: 1 transform
May 3 10:48:19 source racoon: DEBUG: pair 8:
May 3 10:48:19 source racoon: DEBUG: 0xd4aee0: next=0xd4af10 tnext=(nil)
May 3 10:48:19 source racoon: DEBUG: 0xd4af10: next=(nil) tnext=(nil)
May 3 10:48:19 source racoon: DEBUG: proposal #8: 2 transform
May 3 10:48:19 source racoon: DEBUG: pair 9:
May 3 10:48:19 source racoon: DEBUG: 0xd4af40: next=(nil) tnext=(nil)
May 3 10:48:19 source racoon: DEBUG: proposal #9: 1 transform
May 3 10:48:19 source racoon: DEBUG: pair 10:
May 3 10:48:19 source racoon: DEBUG: 0xd496c0: next=(nil) tnext=(nil)
May 3 10:48:19 source racoon: DEBUG: proposal #10: 1 transform
May 3 10:48:19 source racoon: DEBUG: pair 11:
May 3 10:48:19 source racoon: DEBUG: 0xd496f0: next=0xd4c920 tnext=(nil)
May 3 10:48:19 source racoon: DEBUG: 0xd4c920: next=(nil) tnext=(nil)
May 3 10:48:19 source racoon: DEBUG: proposal #11: 2 transform
May 3 10:48:19 source racoon: DEBUG: pair 12:
May 3 10:48:19 source racoon: DEBUG: 0xd4c950: next=(nil) tnext=(nil)
May 3 10:48:19 source racoon: DEBUG: proposal #12: 1 transform
May 3 10:48:19 source racoon: DEBUG: pair 13:
May 3 10:48:19 source racoon: DEBUG: 0xd4c980: next=(nil) tnext=(nil)
May 3 10:48:19 source racoon: DEBUG: proposal #13: 1 transform
May 3 10:48:19 source racoon: DEBUG: pair 14:
May 3 10:48:19 source racoon: DEBUG: 0xd4c9b0: next=0xd4c9e0 tnext=(nil)
May 3 10:48:19 source racoon: DEBUG: 0xd4c9e0: next=(nil) tnext=(nil)
May 3 10:48:19 source racoon: DEBUG: proposal #14: 2 transform
May 3 10:48:19 source racoon: DEBUG: pair 15:
May 3 10:48:19 source racoon: DEBUG: 0xd4ca10: next=(nil) tnext=(nil)
May 3 10:48:19 source racoon: DEBUG: proposal #15: 1 transform
May 3 10:48:19 source racoon: DEBUG: pair 16:
May 3 10:48:19 source racoon: DEBUG: 0xd4ca40: next=(nil) tnext=(nil)
May 3 10:48:19 source racoon: DEBUG: proposal #16: 1 transform
May 3 10:48:19 source racoon: DEBUG: pair 17:
May 3 10:48:19 source racoon: DEBUG: 0xd4ca70: next=0xd4caa0 tnext=(nil)
May 3 10:48:19 source racoon: DEBUG: 0xd4caa0: next=(nil) tnext=(nil)
May 3 10:48:19 source racoon: DEBUG: proposal #17: 2 transform
May 3 10:48:19 source racoon: DEBUG: pair 18:
May 3 10:48:19 source racoon: DEBUG: 0xd4cad0: next=(nil) tnext=(nil)
May 3 10:48:19 source racoon: DEBUG: proposal #18: 1 transform
May 3 10:48:19 source racoon: DEBUG: pair 19:
May 3 10:48:19 source racoon: DEBUG: 0xd4cb00: next=(nil) tnext=(nil)
May 3 10:48:19 source racoon: DEBUG: proposal #19: 1 transform
May 3 10:48:19 source racoon: DEBUG: pair 20:
May 3 10:48:19 source racoon: DEBUG: 0xd4cb30: next=0xd4ce70 tnext=(nil)
May 3 10:48:19 source racoon: DEBUG: 0xd4ce70: next=(nil) tnext=(nil)
May 3 10:48:19 source racoon: DEBUG: proposal #20: 2 transform
May 3 10:48:19 source racoon: DEBUG: pair 21:
May 3 10:48:19 source racoon: DEBUG: 0xd4cea0: next=(nil) tnext=(nil)
May 3 10:48:19 source racoon: DEBUG: proposal #21: 1 transform
May 3 10:48:19 source racoon: DEBUG: pair 22:
May 3 10:48:19 source racoon: DEBUG: 0xd4ced0: next=(nil) tnext=(nil)
May 3 10:48:19 source racoon: DEBUG: proposal #22: 1 transform
May 3 10:48:19 source racoon: DEBUG: pair 23:
May 3 10:48:19 source racoon: DEBUG: 0xd4cf00: next=0xd4cf30 tnext=(nil)
May 3 10:48:19 source racoon: DEBUG: 0xd4cf30: next=(nil) tnext=(nil)
May 3 10:48:19 source racoon: DEBUG: proposal #23: 2 transform
May 3 10:48:19 source racoon: DEBUG: pair 24:
May 3 10:48:19 source racoon: DEBUG: 0xd4cf60: next=(nil) tnext=(nil)
May 3 10:48:19 source racoon: DEBUG: proposal #24: 1 transform
May 3 10:48:19 source racoon: DEBUG: pair 25:
May 3 10:48:19 source racoon: DEBUG: 0xd4cf90: next=(nil) tnext=(nil)
May 3 10:48:19 source racoon: DEBUG: proposal #25: 1 transform
May 3 10:48:19 source racoon: DEBUG: pair 26:
May 3 10:48:19 source racoon: DEBUG: 0xd4cfc0: next=0xd4cff0 tnext=(nil)
May 3 10:48:19 source racoon: DEBUG: 0xd4cff0: next=(nil) tnext=(nil)
May 3 10:48:19 source racoon: DEBUG: proposal #26: 2 transform
May 3 10:48:19 source racoon: DEBUG: pair 27:
May 3 10:48:19 source racoon: DEBUG: 0xd4d020: next=(nil) tnext=(nil)
May 3 10:48:19 source racoon: DEBUG: proposal #27: 1 transform
May 3 10:48:19 source racoon: DEBUG: pair 28:
May 3 10:48:19 source racoon: DEBUG: 0xd4d050: next=(nil) tnext=(nil)
May 3 10:48:19 source racoon: DEBUG: proposal #28: 1 transform
May 3 10:48:19 source racoon: DEBUG: pair 29:
May 3 10:48:19 source racoon: DEBUG: 0xd4d080: next=0xd4d0b0 tnext=(nil)
May 3 10:48:19 source racoon: DEBUG: 0xd4d0b0: next=(nil) tnext=(nil)
May 3 10:48:19 source racoon: DEBUG: proposal #29: 2 transform
May 3 10:48:19 source racoon: DEBUG: pair 30:
May 3 10:48:19 source racoon: DEBUG: 0xd4d0e0: next=(nil) tnext=(nil)
May 3 10:48:19 source racoon: DEBUG: proposal #30: 1 transform
May 3 10:48:19 source racoon: DEBUG: begin compare proposals.
May 3 10:48:19 source racoon: DEBUG: pair[1]: 0xd43bf0
May 3 10:48:19 source racoon: DEBUG: 0xd43bf0: next=(nil) tnext=(nil)
May 3 10:48:19 source racoon: DEBUG: prop#=1 prot-id=ESP spi-size=4 #trns=1 trns#=1 trns-id=AES
May 3 10:48:19 source racoon: DEBUG: type=Key Length, flag=0x8000, lorv=256
May 3 10:48:19 source racoon: DEBUG: type=Authentication Algorithm, flag=0x8000, lorv=hmac-sha
May 3 10:48:19 source racoon: DEBUG: type=Group Description, flag=0x8000, lorv=2
May 3 10:48:19 source racoon: DEBUG: type=SA Life Type, flag=0x8000, lorv=seconds
May 3 10:48:19 source racoon: DEBUG: type=SA Life Duration, flag=0x8000, lorv=3600
May 3 10:48:19 source racoon: DEBUG: type=Encryption Mode, flag=0x8000, lorv=UDP-Tunnel
May 3 10:48:19 source racoon: DEBUG: peer's single bundle:
May 3 10:48:19 source racoon: DEBUG: (proto_id=ESP spisize=4 spi=9721368b spi_p=00000000 encmode=UDP-Tunnel reqid=0:0)
May 3 10:48:19 source racoon: DEBUG: (trns_id=AES encklen=256 authtype=hmac-sha)
May 3 10:48:19 source racoon: DEBUG: my single bundle:
May 3 10:48:19 source racoon: DEBUG: (proto_id=ESP spisize=4 spi=00000000 spi_p=9721368b encmode=UDP-Tunnel reqid=0:0)
May 3 10:48:19 source racoon: DEBUG: (trns_id=AES encklen=256 authtype=hmac-sha)
May 3 10:48:19 source racoon: INFO: Adjusting my encmode UDP-Tunnel->Tunnel
May 3 10:48:19 source racoon: INFO: Adjusting peer's encmode UDP-Tunnel(3)->Tunnel(1)
May 3 10:48:19 source racoon: DEBUG: matched
May 3 10:48:19 source racoon: DEBUG: ===
May 3 10:48:19 source racoon: DEBUG: call pfkey_send_getspi
May 3 10:48:19 source racoon: DEBUG: pfkey GETSPI sent: ESP/Tunnel 217.123.234.12[4500]->85.123.234.12[4500]
May 3 10:48:19 source racoon: DEBUG: pfkey getspi sent.
May 3 10:48:19 source racoon: phase2(???): 0.083904
May 3 10:48:19 source racoon: DEBUG: pk_recv: retry[0] recv()
May 3 10:48:19 source racoon: DEBUG: get pfkey GETSPI message
May 3 10:48:19 source racoon: DEBUG2:
May 3 10:48:19 source racoon: DEBUG: pfkey GETSPI succeeded: ESP/Tunnel 217.123.234.12[4500]->85.123.234.12[4500] spi=214911528(0xccf4a28)
May 3 10:48:19 source racoon: DEBUG: total SA len=52
May 3 10:48:19 source racoon: DEBUG:
May 3 10:48:19 source racoon: DEBUG: begin.
May 3 10:48:19 source racoon: DEBUG: seen nptype=2(prop)
May 3 10:48:19 source racoon: DEBUG: succeed.
May 3 10:48:19 source racoon: DEBUG: proposal #1 len=44
May 3 10:48:19 source racoon: DEBUG: begin.
May 3 10:48:19 source racoon: DEBUG: seen nptype=3(trns)
May 3 10:48:19 source racoon: DEBUG: succeed.
May 3 10:48:19 source racoon: DEBUG: transform #1 len=32
May 3 10:48:19 source racoon: DEBUG: type=Key Length, flag=0x8000, lorv=256
May 3 10:48:19 source racoon: DEBUG: type=Authentication Algorithm, flag=0x8000, lorv=hmac-sha
May 3 10:48:19 source racoon: DEBUG: type=Group Description, flag=0x8000, lorv=2
May 3 10:48:19 source racoon: DEBUG: hmac(modp1024)
May 3 10:48:19 source racoon: DEBUG: type=SA Life Type, flag=0x8000, lorv=seconds
[COLOR="#FF0000"]May 3 10:48:19 source racoon: DEBUG: type=SA Life Duration, flag=0x8000, lorv=3600 <== hier wird die 1 Stunde für ISAKMP festgeklopft
May 3 10:48:19 source racoon: DEBUG: life duration was in TLV.[/COLOR]
May 3 10:48:19 source racoon: DEBUG: type=Encryption Mode, flag=0x8000, lorv=UDP-Tunnel
May 3 10:48:19 source racoon: DEBUG: UDP encapsulation requested
May 3 10:48:19 source racoon: DEBUG: pair 1:
May 3 10:48:19 source racoon: DEBUG: 0xd43c40: next=(nil) tnext=(nil)
May 3 10:48:19 source racoon: DEBUG: proposal #1: 1 transform
May 3 10:48:19 source racoon: DEBUG: hmac(modp1024)
May 3 10:48:19 source racoon: oakley_dh_generate(MODP1024): 0.001588
May 3 10:48:19 source racoon: DEBUG: compute DH's private.
May 3 10:48:19 source racoon: DEBUG:
May 3 10:48:19 source racoon: DEBUG: compute DH's public.
May 3 10:48:19 source racoon: DEBUG:
May 3 10:48:19 source racoon: DEBUG: add payload of len 52, next type 10
May 3 10:48:19 source racoon: DEBUG: add payload of len 16, next type 4
May 3 10:48:19 source racoon: DEBUG: add payload of len 128, next type 5
May 3 10:48:19 source racoon: DEBUG: add payload of len 12, next type 5
May 3 10:48:19 source racoon: DEBUG: add payload of len 12, next type 0
May 3 10:48:19 source racoon: DEBUG: HASH with:
May 3 10:48:19 source racoon: DEBUG:
May 3 10:48:19 source racoon: DEBUG: hmac(hmac_sha1)
May 3 10:48:19 source racoon: alg_oakley_hmacdef_one(hmac_sha1 size=260): 0.000008
May 3 10:48:19 source racoon: DEBUG: HASH computed:
May 3 10:48:19 source racoon: DEBUG:
May 3 10:48:19 source racoon: DEBUG: add payload of len 20, next type 1
May 3 10:48:19 source racoon: DEBUG: begin encryption.
May 3 10:48:19 source racoon: DEBUG: encryption(aes)
May 3 10:48:19 source racoon: DEBUG: pad length = 8
May 3 10:48:19 source racoon: DEBUG:
May 3 10:48:19 source racoon: DEBUG: encryption(aes)
May 3 10:48:19 source racoon: alg_oakley_encdef_encrypt(aes klen=256 size=272): 0.000014
May 3 10:48:19 source racoon: DEBUG: with key:
May 3 10:48:19 source racoon: DEBUG:
May 3 10:48:19 source racoon: DEBUG: encrypted payload by IV:
May 3 10:48:19 source racoon: DEBUG:
May 3 10:48:19 source racoon: DEBUG: save IV for next:
May 3 10:48:19 source racoon: DEBUG:
May 3 10:48:19 source racoon: DEBUG: encrypted.
May 3 10:48:19 source racoon: DEBUG: Adding NON-ESP marker
May 3 10:48:19 source racoon: DEBUG: 304 bytes from 85.123.234.12[4500] to 217.123.234.12[4500]
May 3 10:48:19 source racoon: DEBUG: sockname 85.123.234.12[4500]
May 3 10:48:19 source racoon: DEBUG: send packet from 85.123.234.12[4500]
May 3 10:48:19 source racoon: DEBUG: send packet to 217.123.234.12[4500]
May 3 10:48:19 source racoon: DEBUG: src4 85.123.234.12[4500]
May 3 10:48:19 source racoon: DEBUG: dst4 217.123.234.12[4500]
May 3 10:48:19 source racoon: DEBUG: 1 times of 304 bytes message will be sent to 217.123.234.12[4500]
May 3 10:48:19 source racoon: DEBUG:
May 3 10:48:19 source racoon: DEBUG: resend phase2 packet 74dd0c0ddf4c2c25:9ebbd53515db1f0a:000026d1
May 3 10:48:19 source racoon: phase2(quick R msg1): 0.005150
May 3 10:48:19 source racoon: DEBUG: ===
May 3 10:48:19 source racoon: DEBUG: 60 bytes message received from 217.123.234.12[4500] to 85.123.234.12[4500]
May 3 10:48:19 source racoon: DEBUG:
May 3 10:48:19 source racoon: DEBUG: begin decryption.
May 3 10:48:19 source racoon: DEBUG: encryption(aes)
May 3 10:48:19 source racoon: DEBUG: IV was saved for next processing:
May 3 10:48:19 source racoon: DEBUG:
May 3 10:48:19 source racoon: DEBUG: encryption(aes)
May 3 10:48:19 source racoon: alg_oakley_encdef_decrypt(aes klen=256 size=32): 0.000013
May 3 10:48:19 source racoon: DEBUG: with key:
May 3 10:48:19 source racoon: DEBUG:
May 3 10:48:19 source racoon: DEBUG: decrypted payload by IV:
May 3 10:48:19 source racoon: DEBUG:
May 3 10:48:19 source racoon: DEBUG: decrypted payload, but not trimed.
May 3 10:48:19 source racoon: DEBUG:
May 3 10:48:19 source racoon: DEBUG: padding len=0
May 3 10:48:19 source racoon: DEBUG: skip to trim padding.
May 3 10:48:19 source racoon: DEBUG: decrypted.
May 3 10:48:19 source racoon: DEBUG:
May 3 10:48:19 source racoon: DEBUG: begin.
May 3 10:48:19 source racoon: DEBUG: seen nptype=8(hash)
May 3 10:48:19 source racoon: DEBUG: succeed.
May 3 10:48:19 source racoon: DEBUG: HASH(3) validate:
May 3 10:48:19 source racoon: DEBUG:
May 3 10:48:19 source racoon: DEBUG: HASH with:
May 3 10:48:19 source racoon: DEBUG:
May 3 10:48:19 source racoon: DEBUG: hmac(hmac_sha1)
May 3 10:48:19 source racoon: alg_oakley_hmacdef_one(hmac_sha1 size=37): 0.000018
May 3 10:48:19 source racoon: DEBUG: HASH computed:
May 3 10:48:19 source racoon: DEBUG:
May 3 10:48:19 source racoon: DEBUG: ===
May 3 10:48:19 source racoon: oakley_dh_compute(MODP1024): 0.002927
May 3 10:48:19 source racoon: DEBUG: compute DH's shared.
May 3 10:48:19 source racoon: DEBUG:
May 3 10:48:19 source racoon: DEBUG: KEYMAT compute with
May 3 10:48:19 source racoon: DEBUG:
May 3 10:48:19 source racoon: DEBUG: hmac(hmac_sha1)
May 3 10:48:19 source racoon: alg_oakley_hmacdef_one(hmac_sha1 size=165): 0.000012
May 3 10:48:19 source racoon: DEBUG: encryption(aes)
May 3 10:48:19 source racoon: DEBUG: hmac(sha1)
May 3 10:48:19 source racoon: DEBUG: encklen=256 authklen=160
May 3 10:48:19 source racoon: DEBUG: generating 640 bits of key (dupkeymat=4)
May 3 10:48:19 source racoon: DEBUG: generating K1...K4 for KEYMAT.
May 3 10:48:19 source racoon: DEBUG: hmac(hmac_sha1)
May 3 10:48:19 source racoon: alg_oakley_hmacdef_one(hmac_sha1 size=185): 0.000019
May 3 10:48:19 source racoon: DEBUG: hmac(hmac_sha1)
May 3 10:48:19 source racoon: alg_oakley_hmacdef_one(hmac_sha1 size=185): 0.000012
May 3 10:48:19 source racoon: DEBUG: hmac(hmac_sha1)
May 3 10:48:19 source racoon: alg_oakley_hmacdef_one(hmac_sha1 size=185): 0.000012
May 3 10:48:19 source racoon: DEBUG:
May 3 10:48:19 source racoon: DEBUG: KEYMAT compute with
May 3 10:48:19 source racoon: DEBUG:
May 3 10:48:19 source racoon: DEBUG: hmac(hmac_sha1)
May 3 10:48:19 source racoon: alg_oakley_hmacdef_one(hmac_sha1 size=165): 0.000011
May 3 10:48:19 source racoon: DEBUG: encryption(aes)
May 3 10:48:19 source racoon: DEBUG: hmac(sha1)
May 3 10:48:19 source racoon: DEBUG: encklen=256 authklen=160
May 3 10:48:19 source racoon: DEBUG: generating 640 bits of key (dupkeymat=4)
May 3 10:48:19 source racoon: DEBUG: generating K1...K4 for KEYMAT.
May 3 10:48:19 source racoon: DEBUG: hmac(hmac_sha1)
May 3 10:48:19 source racoon: alg_oakley_hmacdef_one(hmac_sha1 size=185): 0.000011
May 3 10:48:19 source racoon: DEBUG: hmac(hmac_sha1)
May 3 10:48:19 source racoon: alg_oakley_hmacdef_one(hmac_sha1 size=185): 0.000011
May 3 10:48:19 source racoon: DEBUG: hmac(hmac_sha1)
May 3 10:48:19 source racoon: alg_oakley_hmacdef_one(hmac_sha1 size=185): 0.000011
May 3 10:48:19 source racoon: DEBUG:
May 3 10:48:19 source racoon: DEBUG: KEYMAT computed.
May 3 10:48:19 source racoon: DEBUG: call pk_sendupdate
May 3 10:48:19 source racoon: DEBUG: encryption(aes)
May 3 10:48:19 source racoon: DEBUG: hmac(sha1)
May 3 10:48:19 source racoon: DEBUG: call pfkey_send_update2
May 3 10:48:19 source racoon: DEBUG: pfkey update sent.
May 3 10:48:19 source racoon: DEBUG: encryption(aes)
May 3 10:48:19 source racoon: DEBUG: hmac(sha1)
May 3 10:48:19 source racoon: DEBUG: call pfkey_send_add2 (NAT flavor)
May 3 10:48:19 source racoon: DEBUG: call pfkey_send_add2
May 3 10:48:19 source racoon: DEBUG: pfkey add sent.
May 3 10:48:19 source racoon: DEBUG: call pfkey_send_spdupdate2
May 3 10:48:19 source racoon: DEBUG: pfkey spdupdate2(inbound) sent.
May 3 10:48:19 source racoon: DEBUG: call pfkey_send_spdupdate2
May 3 10:48:19 source racoon: DEBUG: pfkey spdupdate2(forward) sent.
May 3 10:48:19 source racoon: DEBUG: call pfkey_send_spdupdate2
May 3 10:48:19 source racoon: DEBUG: pfkey spdupdate2(outbound) sent.
May 3 10:48:19 source racoon: phase2(???): 0.011545
May 3 10:48:19 source racoon: DEBUG: ===
May 3 10:48:19 source racoon: DEBUG: 92 bytes message received from 217.123.234.12[4500] to 85.123.234.12[4500]
May 3 10:48:19 source racoon: DEBUG:
May 3 10:48:19 source racoon: DEBUG: receive Information.
May 3 10:48:19 source racoon: DEBUG: compute IV for phase2
May 3 10:48:19 source racoon: DEBUG: phase1 last IV:
May 3 10:48:19 source racoon: DEBUG:
May 3 10:48:19 source racoon: DEBUG: hash(sha1)
May 3 10:48:19 source racoon: DEBUG: encryption(aes)
May 3 10:48:19 source racoon: DEBUG: phase2 IV computed:
May 3 10:48:19 source racoon: DEBUG:
May 3 10:48:19 source racoon: DEBUG: begin decryption.
May 3 10:48:19 source racoon: DEBUG: encryption(aes)
May 3 10:48:19 source racoon: DEBUG: IV was saved for next processing:
May 3 10:48:19 source racoon: DEBUG:
May 3 10:48:19 source racoon: DEBUG: encryption(aes)
May 3 10:48:19 source racoon: alg_oakley_encdef_decrypt(aes klen=256 size=64): 0.000004
May 3 10:48:19 source racoon: DEBUG: with key:
May 3 10:48:19 source racoon: DEBUG:
May 3 10:48:19 source racoon: DEBUG: decrypted payload by IV:
May 3 10:48:19 source racoon: DEBUG:
May 3 10:48:19 source racoon: DEBUG: decrypted payload, but not trimed.
May 3 10:48:19 source racoon: DEBUG:
May 3 10:48:19 source racoon: DEBUG: padding len=0
May 3 10:48:19 source racoon: DEBUG: skip to trim padding.
May 3 10:48:19 source racoon: DEBUG: decrypted.
May 3 10:48:19 source racoon: DEBUG:
May 3 10:48:19 source racoon: DEBUG: IV freed
May 3 10:48:19 source racoon: DEBUG: HASH with:
May 3 10:48:19 source racoon: DEBUG:
May 3 10:48:19 source racoon: DEBUG: hmac(hmac_sha1)
May 3 10:48:19 source racoon: alg_oakley_hmacdef_one(hmac_sha1 size=36): 0.000003
May 3 10:48:19 source racoon: DEBUG: HASH computed:
May 3 10:48:19 source racoon: DEBUG:
May 3 10:48:19 source racoon: DEBUG: hash validated.
May 3 10:48:19 source racoon: DEBUG: begin.
May 3 10:48:19 source racoon: DEBUG: seen nptype=8(hash)
May 3 10:48:19 source racoon: DEBUG: seen nptype=11(notify)
May 3 10:48:19 source racoon: DEBUG: succeed.
May 3 10:48:19 source racoon: DEBUG: DPD R-U-There received
May 3 10:48:19 source racoon: DEBUG: compute IV for phase2
May 3 10:48:19 source racoon: DEBUG: phase1 last IV:
May 3 10:48:19 source racoon: DEBUG:
May 3 10:48:19 source racoon: DEBUG: hash(sha1)
May 3 10:48:19 source racoon: DEBUG: encryption(aes)
May 3 10:48:19 source racoon: DEBUG: phase2 IV computed:
May 3 10:48:19 source racoon: DEBUG:
May 3 10:48:19 source racoon: DEBUG: HASH with:
May 3 10:48:19 source racoon: DEBUG:
May 3 10:48:19 source racoon: DEBUG: hmac(hmac_sha1)
May 3 10:48:19 source racoon: alg_oakley_hmacdef_one(hmac_sha1 size=36): 0.000003
May 3 10:48:19 source racoon: DEBUG: HASH computed:
May 3 10:48:19 source racoon: DEBUG:
May 3 10:48:19 source racoon: DEBUG: begin encryption.
May 3 10:48:19 source racoon: DEBUG: encryption(aes)
May 3 10:48:19 source racoon: DEBUG: pad length = 8
May 3 10:48:19 source racoon: DEBUG:
May 3 10:48:19 source racoon: DEBUG: encryption(aes)
May 3 10:48:19 source racoon: alg_oakley_encdef_encrypt(aes klen=256 size=64): 0.000003
May 3 10:48:19 source racoon: DEBUG: with key:
May 3 10:48:19 source racoon: DEBUG:
May 3 10:48:19 source racoon: DEBUG: encrypted payload by IV:
May 3 10:48:19 source racoon: DEBUG:
May 3 10:48:19 source racoon: DEBUG: save IV for next:
May 3 10:48:19 source racoon: DEBUG:
May 3 10:48:19 source racoon: DEBUG: encrypted.
May 3 10:48:19 source racoon: DEBUG: Adding NON-ESP marker
May 3 10:48:19 source racoon: DEBUG: 96 bytes from 85.123.234.12[4500] to 217.123.234.12[4500]
May 3 10:48:19 source racoon: DEBUG: sockname 85.123.234.12[4500]
May 3 10:48:19 source racoon: DEBUG: send packet from 85.123.234.12[4500]
May 3 10:48:19 source racoon: DEBUG: send packet to 217.123.234.12[4500]
May 3 10:48:19 source racoon: DEBUG: src4 85.123.234.12[4500]
May 3 10:48:19 source racoon: DEBUG: dst4 217.123.234.12[4500]
May 3 10:48:19 source racoon: DEBUG: 1 times of 96 bytes message will be sent to 217.123.234.12[4500]
May 3 10:48:19 source racoon: DEBUG:
May 3 10:48:19 source racoon: DEBUG: sendto Information notify.
May 3 10:48:19 source racoon: DEBUG: IV freed
May 3 10:48:19 source racoon: DEBUG: received a valid R-U-THERE, ACK sent
May 3 10:48:19 source racoon: DEBUG: pk_recv: retry[0] recv()
May 3 10:48:19 source racoon: DEBUG: get pfkey UPDATE message
May 3 10:48:19 source racoon: DEBUG2:
May 3 10:48:19 source racoon: DEBUG: pfkey UPDATE succeeded: ESP/Tunnel 217.123.234.12[4500]->85.123.234.12[4500] spi=214911528(0xccf4a28)
May 3 10:48:19 source racoon: INFO: IPsec-SA established: ESP/Tunnel 217.123.234.12[4500]->85.123.234.12[4500] spi=214911528(0xccf4a28)
May 3 10:48:19 source racoon: phase2(quick): 1430642899.314662
May 3 10:48:19 source racoon: DEBUG: ===
May 3 10:48:19 source racoon: DEBUG: pk_recv: retry[0] recv()
May 3 10:48:19 source racoon: DEBUG: get pfkey ADD message
May 3 10:48:19 source racoon: DEBUG2:
May 3 10:48:19 source racoon: INFO: IPsec-SA established: ESP/Tunnel 85.123.234.12[4500]->217.123.234.12[4500] spi=2535536267(0x9721368b)
May 3 10:48:19 source racoon: DEBUG: ===
May 3 10:48:19 source racoon: DEBUG: pk_recv: retry[0] recv()
May 3 10:48:19 source racoon: DEBUG: get pfkey X_SPDUPDATE message
May 3 10:48:19 source racoon: DEBUG2:
May 3 10:48:19 source racoon: ERROR: such policy does not already exist: "192.168.234.0/28[0] 192.168.123.0/28[0] proto=any dir=in"
May 3 10:48:19 source racoon: DEBUG: pk_recv: retry[0] recv()
May 3 10:48:19 source racoon: DEBUG: get pfkey X_SPDUPDATE message
May 3 10:48:19 source racoon: DEBUG2:
May 3 10:48:19 source racoon: DEBUG: sub:0x7fff4403c030: 192.168.234.0/28[0] 192.168.123.0/28[0] proto=any dir=fwd
May 3 10:48:19 source racoon: DEBUG: db :0xd4c930: 192.168.234.0/28[0] 192.168.123.0/28[0] proto=any dir=in
May 3 10:48:19 source racoon: ERROR: such policy does not already exist: "192.168.234.0/28[0] 192.168.123.0/28[0] proto=any dir=fwd"
May 3 10:48:19 source racoon: DEBUG: pk_recv: retry[0] recv()
May 3 10:48:19 source racoon: DEBUG: get pfkey X_SPDUPDATE message
May 3 10:48:19 source racoon: DEBUG2:
May 3 10:48:19 source racoon: DEBUG: sub:0x7fff4403c030: 192.168.123.0/28[0] 192.168.234.0/28[0] proto=any dir=out
May 3 10:48:19 source racoon: DEBUG: db :0xd4c930: 192.168.234.0/28[0] 192.168.123.0/28[0] proto=any dir=in
May 3 10:48:19 source racoon: DEBUG: sub:0x7fff4403c030: 192.168.123.0/28[0] 192.168.234.0/28[0] proto=any dir=out
May 3 10:48:19 source racoon: DEBUG: db :0xd49cc0: 192.168.234.0/28[0] 192.168.123.0/28[0] proto=any dir=fwd
May 3 10:48:19 source racoon: ERROR: such policy does not already exist: "192.168.123.0/28[0] 192.168.234.0/28[0] proto=any dir=out"
May 3 10:48:38 source racoon: DEBUG: DPD monitoring....
May 3 10:48:38 source racoon: DEBUG: compute IV for phase2
May 3 10:48:38 source racoon: DEBUG: phase1 last IV:
May 3 10:48:38 source racoon: DEBUG:
May 3 10:48:38 source racoon: DEBUG: hash(sha1)
May 3 10:48:38 source racoon: DEBUG: encryption(aes)
May 3 10:48:38 source racoon: DEBUG: phase2 IV computed:
May 3 10:48:38 source racoon: DEBUG:
May 3 10:48:38 source racoon: DEBUG: HASH with:
May 3 10:48:38 source racoon: DEBUG:
May 3 10:48:38 source racoon: DEBUG: hmac(hmac_sha1)
May 3 10:48:38 source racoon: alg_oakley_hmacdef_one(hmac_sha1 size=36): 0.000012
May 3 10:48:38 source racoon: DEBUG: HASH computed:
May 3 10:48:38 source racoon: DEBUG:
May 3 10:48:38 source racoon: DEBUG: begin encryption.
May 3 10:48:38 source racoon: DEBUG: encryption(aes)
May 3 10:48:38 source racoon: DEBUG: pad length = 8
May 3 10:48:38 source racoon: DEBUG:
May 3 10:48:38 source racoon: DEBUG: encryption(aes)
May 3 10:48:38 source racoon: alg_oakley_encdef_encrypt(aes klen=256 size=64): 0.000019
May 3 10:48:38 source racoon: DEBUG: with key:
May 3 10:48:38 source racoon: DEBUG:
May 3 10:48:38 source racoon: DEBUG: encrypted payload by IV:
May 3 10:48:38 source racoon: DEBUG:
May 3 10:48:38 source racoon: DEBUG: save IV for next:
May 3 10:48:38 source racoon: DEBUG:
May 3 10:48:38 source racoon: DEBUG: encrypted.
May 3 10:48:38 source racoon: DEBUG: Adding NON-ESP marker
May 3 10:48:38 source racoon: DEBUG: 96 bytes from 85.123.234.12[4500] to 217.123.234.12[4500]
May 3 10:48:38 source racoon: DEBUG: sockname 85.123.234.12[4500]
May 3 10:48:38 source racoon: DEBUG: send packet from 85.123.234.12[4500]
May 3 10:48:38 source racoon: DEBUG: send packet to 217.123.234.12[4500]
May 3 10:48:38 source racoon: DEBUG: src4 85.123.234.12[4500]
May 3 10:48:38 source racoon: DEBUG: dst4 217.123.234.12[4500]
May 3 10:48:38 source racoon: DEBUG: 1 times of 96 bytes message will be sent to 217.123.234.12[4500]
May 3 10:48:38 source racoon: DEBUG:
May 3 10:48:38 source racoon: DEBUG: sendto Information notify.
May 3 10:48:38 source racoon: DEBUG: IV freed
May 3 10:48:38 source racoon: DEBUG: DPD R-U-There sent (0)
May 3 10:48:38 source racoon: DEBUG: rescheduling send_r_u (5).
May 3 10:48:38 source racoon: DEBUG: ===
May 3 10:48:38 source racoon: DEBUG: 92 bytes message received from 217.123.234.12[4500] to 85.123.234.12[4500]
May 3 10:48:38 source racoon: DEBUG:
May 3 10:48:38 source racoon: DEBUG: receive Information.
May 3 10:48:38 source racoon: DEBUG: compute IV for phase2
May 3 10:48:38 source racoon: DEBUG: phase1 last IV:
May 3 10:48:38 source racoon: DEBUG:
May 3 10:48:38 source racoon: DEBUG: hash(sha1)
May 3 10:48:38 source racoon: DEBUG: encryption(aes)
May 3 10:48:38 source racoon: DEBUG: phase2 IV computed:
May 3 10:48:38 source racoon: DEBUG:
May 3 10:48:38 source racoon: DEBUG: begin decryption.
May 3 10:48:38 source racoon: DEBUG: encryption(aes)
May 3 10:48:38 source racoon: DEBUG: IV was saved for next processing:
May 3 10:48:38 source racoon: DEBUG:
May 3 10:48:38 source racoon: DEBUG: encryption(aes)
May 3 10:48:38 source racoon: alg_oakley_encdef_decrypt(aes klen=256 size=64): 0.000020
May 3 10:48:38 source racoon: DEBUG: with key:
May 3 10:48:38 source racoon: DEBUG:
May 3 10:48:38 source racoon: DEBUG: decrypted payload by IV:
May 3 10:48:38 source racoon: DEBUG:
May 3 10:48:38 source racoon: DEBUG: decrypted payload, but not trimed.
May 3 10:48:38 source racoon: DEBUG:
May 3 10:48:38 source racoon: DEBUG: padding len=0
May 3 10:48:38 source racoon: DEBUG: skip to trim padding.
May 3 10:48:38 source racoon: DEBUG: decrypted.
May 3 10:48:38 source racoon: DEBUG:
May 3 10:48:38 source racoon: DEBUG: IV freed
May 3 10:48:38 source racoon: DEBUG: HASH with:
May 3 10:48:38 source racoon: DEBUG:
May 3 10:48:38 source racoon: DEBUG: hmac(hmac_sha1)
May 3 10:48:38 source racoon: alg_oakley_hmacdef_one(hmac_sha1 size=36): 0.000007
May 3 10:48:38 source racoon: DEBUG: HASH computed:
May 3 10:48:38 source racoon: DEBUG:
May 3 10:48:38 source racoon: DEBUG: hash validated.
May 3 10:48:38 source racoon: DEBUG: begin.
May 3 10:48:38 source racoon: DEBUG: seen nptype=8(hash)
May 3 10:48:38 source racoon: DEBUG: seen nptype=11(notify)
May 3 10:48:38 source racoon: DEBUG: succeed.
May 3 10:48:38 source racoon: DEBUG: DPD R-U-There-Ack received
May 3 10:48:38 source racoon: DEBUG: received an R-U-THERE-ACK
May 3 10:48:58 source racoon: DEBUG: DPD monitoring....
[...]- die AVM-Implementierung kennt bei Kompression offenbar nur "keine", "deflate" (ID 2) oder "lzjh" (nach RFC 3051, IANA-ID 4) und keine "lzs"-Kompression (ID 3) -> da mein 'racoon' (wie einige andere Linux-Implementierungen meines Wissens auch, wie das bei Android oder anderen Clients am Ende aussieht, weiß ich nicht - ist für mich nicht relevant) keine "lzjh"-Kompression kennt, kommen die "invalid transform-id=4 in IPCOMP."-Fehler im Protokoll zustande => erster Tipp meinerseits bei Problemen: immer erst mal ein "Set" ohne Kompression verwenden, die zusätzliche Pakettransformation schafft u.U. Probleme, die man immer noch angehen kann, wenn es ohne Kompression erst mal läuft
- man sieht, daß der AVM-Daemon für Phase1 eigentlich 3600 Sekunden ansagt, genauso wie für jeden einzelnen in Phase2 gemachten Vorschlag
- die FRITZ!Box sendet insgesamt (bei den gewählten Einstellungen) 30 Proposals für Phase2, damit kommt u.U. auch nicht jede Implementierung klar, es ist auch eher ungewöhnlich, solche eine große Auswahl zuzulassen als "Initiator" (es ist bei mir als Initiator-Responder mit eindeutiger Richtung (Box zum Server) konfiguriert) anzubieten => es kann sich auch hier lohnen, auf ein etwas spezielleres Set zu setzen, wenn die Verhandlungen in Phase2 scheitern wegen zu vieler Proposals; außerdem will hoffentlich kein Mensch wirklich DES mit MD5 verwenden, also sollte man das bei AVM auch aus dem Set herausnehmen und wirklich nur für absolute Spezialfälle, die nichts anderes können, anbieten ... ob DES/MD5 tatsächlich besser ist als unverschlüsselt, hängt von Einsatzszenario ab
- ich habe extra noch 2 DPD-Versuche ("dead peer detection" in 20 Sekunden-Intervallen nach Abschluß von Phase1) im Log belassen ... so vergewissert sich der 'racoon', daß die Gegenseite auch noch antwortet
Wenn jetzt eine Seite schon wesentlich eher auf ein neues Schlüsselset umschalten will, dann kriegt das die andere Seite nicht zwangsläufig mit ... es gibt eigentlich keinen passenden Mechanismus zur Benachrichtigung in so einen Fall. Im Ergebnis reden beide quasi aneinander vorbei, weil die andere Seite die Pakete nicht mit dem erwarteten Key verschlüsselt und somit eine Entschlüsselung einfach scheitert; das sieht dann aus einer höheren Warte eben so aus, als ob die andere Seite gar nicht mehr antworten würde, denn nur korrekt entschlüsselte Pakete können auch der richtigen IPSec-Verbindung zugeordnet werden. Somit klappt dann auch keine DPD mehr und es kommt zu einem "timeout".
Und siehe da, es kommt dann tatsächlich 54 Minuten nach dem Abschluß der Phase2 oben (das war 10:48:19) zu einer weiteren Verbindung seitens der FRITZ!Box mit dem Server (für den 'racoon' ist die andere eigentlich noch aktiv):
Code:
[...]
[COLOR="#0000FF"]May 3 11:42:08 source racoon: DEBUG: DPD R-U-There-Ack received <== das ist noch "normales" DPD
May 3 11:42:08 source racoon: DEBUG: received an R-U-THERE-ACK[/COLOR]
May 3 11:42:19 source racoon: DEBUG: ===
May 3 11:42:19 source racoon: DEBUG: 670 bytes message received from 217.123.234.12[4500] to 85.123.234.12[4500]
May 3 11:42:19 source racoon: DEBUG:
May 3 11:42:19 source racoon: DEBUG: anonymous configuration selected for 217.123.234.12.
May 3 11:42:19 source racoon: DEBUG: Marking ports as changed
May 3 11:42:19 source racoon: DEBUG: ===
[COLOR="#FF0000"]May 3 11:42:19 source racoon: INFO: respond new phase 1 negotiation: 85.123.234.12[4500]<=>217.123.234.12[4500] <== und hier kommt eben der Request für eine zusätzliche Verbindung[/COLOR]
May 3 11:42:19 source racoon: INFO: begin Aggressive mode.
May 3 11:42:19 source racoon: DEBUG: begin.
May 3 11:42:19 source racoon: DEBUG: seen nptype=1(sa)
May 3 11:42:19 source racoon: DEBUG: seen nptype=4(ke)
May 3 11:42:19 source racoon: DEBUG: seen nptype=10(nonce)
May 3 11:42:19 source racoon: DEBUG: seen nptype=5(id)
May 3 11:42:19 source racoon: DEBUG: seen nptype=13(vid)
May 3 11:42:19 source racoon: DEBUG: seen nptype=13(vid)
May 3 11:42:19 source racoon: DEBUG: seen nptype=13(vid)
May 3 11:42:19 source racoon: DEBUG: seen nptype=13(vid)
May 3 11:42:19 source racoon: DEBUG: seen nptype=13(vid)
May 3 11:42:19 source racoon: DEBUG: succeed.
May 3 11:42:19 source racoon: DEBUG: received payload of type ke
May 3 11:42:19 source racoon: DEBUG: received payload of type nonce
May 3 11:42:19 source racoon: DEBUG: received payload of type id
May 3 11:42:19 source racoon: DEBUG: received payload of type vid
May 3 11:42:19 source racoon: INFO: received Vendor ID: draft-ietf-ipsra-isakmp-xauth-06.txt
May 3 11:42:19 source racoon: DEBUG: received payload of type vid
May 3 11:42:19 source racoon: INFO: received Vendor ID: DPD
May 3 11:42:19 source racoon: DEBUG: remote supports DPD
May 3 11:42:19 source racoon: DEBUG: received payload of type vid
May 3 11:42:19 source racoon: INFO: received Vendor ID: RFC 3947
May 3 11:42:19 source racoon: DEBUG: received payload of type vid
May 3 11:42:19 source racoon: INFO: received Vendor ID: draft-ietf-ipsec-nat-t-ike-03
May 3 11:42:19 source racoon: DEBUG: received payload of type vid
May 3 11:42:19 source racoon: DEBUG: received unknown Vendor ID
May 3 11:42:19 source racoon: DEBUG:
May 3 11:42:19 source racoon: INFO: Selected NAT-T version: RFC 3947
May 3 11:42:19 source racoon: DEBUG: total SA len=352
[...]
May 3 11:42:19 source racoon: phase1(???): 0.004082
May 3 11:42:19 source racoon: phase1(Aggressive): 0.282496
[COLOR="#FF0000"]May 3 11:42:19 source racoon: INFO: ISAKMP-SA established 85.123.234.12[4500]-217.123.234.12[4500] spi:c86a5801aef71262:387042b78eb0600f <== hier haben wir eine neue(!) Verbindung, nicht nur einen neuen Schlüssel
[/COLOR]May 3 11:42:19 source racoon: DEBUG: ===
May 3 11:42:28 source racoon: DEBUG: DPD monitoring....
May 3 11:42:28 source racoon: DEBUG: compute IV for phase2Und dann wird es auch noch richtig gruselig, wenn ich es richtig interpretiere:
Code:
May 3 11:47:19 source racoon: DEBUG: ===
May 3 11:47:19 source racoon: DEBUG: 2108 bytes message received from 217.123.234.12[4500] to 85.123.234.12[4500]
May 3 11:47:19 source racoon: DEBUG:
May 3 11:47:19 source racoon: DEBUG: compute IV for phase2
May 3 11:47:19 source racoon: DEBUG: phase1 last IV:
May 3 11:47:19 source racoon: DEBUG:
May 3 11:47:19 source racoon: DEBUG: hash(sha1)
May 3 11:47:19 source racoon: DEBUG: encryption(aes)
May 3 11:47:19 source racoon: DEBUG: phase2 IV computed:
May 3 11:47:19 source racoon: DEBUG:
May 3 11:47:19 source racoon: DEBUG: ===
[COLOR="#FF0000"]May 3 11:47:19 source racoon: INFO: respond new phase 2 negotiation: 85.123.234.12[4500]<=>217.123.234.12[4500][/COLOR]
May 3 11:47:19 source racoon: DEBUG: begin decryption.
May 3 11:47:19 source racoon: DEBUG: encryption(aes)
May 3 11:47:19 source racoon: DEBUG: IV was saved for next processing:
May 3 11:47:19 source racoon: DEBUG:
May 3 11:47:19 source racoon: DEBUG: encryption(aes)
May 3 11:47:19 source racoon: alg_oakley_encdef_decrypt(aes klen=256 size=2080): 0.000069
May 3 11:47:19 source racoon: DEBUG: with key:
May 3 11:47:19 source racoon: DEBUG:
May 3 11:47:19 source racoon: DEBUG: decrypted payload by IV:
May 3 11:47:19 source racoon: DEBUG:
May 3 11:47:19 source racoon: DEBUG: decrypted payload, but not trimed.
May 3 11:47:19 source racoon: DEBUG:
May 3 11:47:19 source racoon: DEBUG: padding len=0
May 3 11:47:19 source racoon: DEBUG: skip to trim padding.
May 3 11:47:19 source racoon: DEBUG: decrypted.
May 3 11:47:19 source racoon: DEBUG:
May 3 11:47:19 source racoon: DEBUG: begin.
May 3 11:47:19 source racoon: DEBUG: seen nptype=8(hash)
May 3 11:47:19 source racoon: DEBUG: seen nptype=1(sa)
May 3 11:47:19 source racoon: DEBUG: seen nptype=10(nonce)
May 3 11:47:19 source racoon: DEBUG: seen nptype=4(ke)
May 3 11:47:19 source racoon: DEBUG: seen nptype=5(id)
May 3 11:47:19 source racoon: DEBUG: seen nptype=5(id)
May 3 11:47:19 source racoon: DEBUG: succeed.
May 3 11:47:19 source racoon: DEBUG: received IDci2:
May 3 11:47:19 source racoon: DEBUG:
May 3 11:47:19 source racoon: DEBUG: received IDcr2:
May 3 11:47:19 source racoon: DEBUG:
May 3 11:47:19 source racoon: DEBUG: HASH(1) validate:
May 3 11:47:19 source racoon: DEBUG:
May 3 11:47:19 source racoon: DEBUG: HASH with:
May 3 11:47:19 source racoon: DEBUG:
May 3 11:47:19 source racoon: DEBUG: hmac(hmac_sha1)
May 3 11:47:19 source racoon: alg_oakley_hmacdef_one(hmac_sha1 size=2048): 0.000034
May 3 11:47:19 source racoon: DEBUG: HASH computed:
May 3 11:47:19 source racoon: DEBUG:
May 3 11:47:19 source racoon: DEBUG: anonymous configuration selected for 217.123.234.12.
May 3 11:47:19 source racoon: DEBUG: getsainfo params: loc='192.168.234.0/28', rmt='192.168.123.0/28', peer='dyndns steht hier', id=0
May 3 11:47:19 source racoon: DEBUG: getsainfo pass #1
May 3 11:47:19 source racoon: DEBUG: evaluating sainfo: loc='ANONYMOUS', rmt='ANONYMOUS', peer='ANY', id=0
May 3 11:47:19 source racoon: DEBUG: getsainfo pass #2
May 3 11:47:19 source racoon: DEBUG: evaluating sainfo: loc='ANONYMOUS', rmt='ANONYMOUS', peer='ANY', id=0
May 3 11:47:19 source racoon: DEBUG: selected sainfo: loc='ANONYMOUS', rmt='ANONYMOUS', peer='ANY', id=0
May 3 11:47:19 source racoon: DEBUG: get a src address from ID payload 192.168.123.0[0] prefixlen=28 ul_proto=255
May 3 11:47:19 source racoon: DEBUG: get dst address from ID payload 192.168.234.0[0] prefixlen=28 ul_proto=255
[...]
May 3 11:48:11 source racoon: DEBUG: DPD R-U-There-Ack received
May 3 11:48:11 source racoon: DEBUG: received an R-U-THERE-ACK
[COLOR="#FF0000"]May 3 11:48:18 source racoon: INFO: ISAKMP-SA expired 85.123.234.12[4500]-217.123.234.12[4500] spi:74dd0c0ddf4c2c25:9ebbd53515db1f0a <== bis hier besteht die ursprüngliche erste SA weiter[/COLOR]
May 3 11:48:19 source racoon: DEBUG: DPD monitoring....
May 3 11:48:19 source racoon: DEBUG: compute IV for phase2Jedenfalls aktualisiert der 'racoon' dann in der Folge seine SAs (Policies) für diese LAN-Adressen (genauer, er fügt sie hinzu) und damit bleibt die Verbindung intakt, so sehr der avmike da auch "Amok läuft". Oben kann man dann auch sehen, daß seitens des 'racoon' die alte SA dann tatsächlich erst 3600 Sekunden nach dem Erstellen invalidiert wird (um 11:48:19). Am Ende kommt er eigentlich nur mit dem Verhalten der FRITZ!Box klar, weil er mehrere mögliche SA für diese Verbindung verwaltet. Wenn jetzt irgendeine Seite (wie das der "avmike" nach meiner Interpretation macht) nicht in der Lage ist, mehrere SA zu verwenden, dann ersetzt eben eine neue SA die vorhergehende und solange die Gegenseite diese nicht mehr vorhandene SA zur Verschlüsselung benutzt, kann es nur schief gehen. Warum da nach 54 Minuten die neue Verbindung aufgebaut wird, ist wohl "Betriebsgeheimnis" von AVM.
Wenn man der 'racoon'-Implementierung glauben will, sendet die FRITZ!Box beim ersten Verbindungsversuch um 10:48:18 eine "INITIAL_CONTACT"-Message, die aber ignoriert wird (im ersten 'racoon'-Log auch zu sehen, ich doppele das aber mal, weil es für mich eine wichtige Stelle ist):
Code:
May 3 10:48:18 source racoon: DEBUG: begin.
May 3 10:48:18 source racoon: DEBUG: seen nptype=8(hash)
May 3 10:48:18 source racoon: DEBUG: seen nptype=20(nat-d)
May 3 10:48:18 source racoon: DEBUG: seen nptype=20(nat-d)
May 3 10:48:18 source racoon: DEBUG: seen nptype=11(notify)
May 3 10:48:18 source racoon: DEBUG: succeed.
May 3 10:48:18 source racoon: INFO: NAT-D payload #0 doesn't match
May 3 10:48:18 source racoon: INFO: NAT-D payload #1 doesn't match
[COLOR="#00FF00"]May 3 10:48:18 source racoon: DEBUG: Notify Message received
May 3 10:48:18 source racoon: WARNING: ignore INITIAL-CONTACT notification, because it is only accepted after phase1.[/COLOR]
May 3 10:48:18 source racoon: INFO: NAT detected: ME PEERSo eine "Notify Message" taucht im Log aber später nicht mehr auf (ich meine die erste Zeile, die zweite ist ja eine Warnung und keine Debug-Message) ... ich würde daraus schließen wollen, daß auch der 'avmike' bei der neuen Verbindung um 11:42:18 dann keine INITIAL_CONTACT-Message sendet.
Wenn dann die Gegenseite die alten SAs weiter verwendet (noch einmal, es gibt keine "INITIAL_CONTACT"-Nachricht von der FRITZ!Box), ist das nur folgerichtig.
Für mich funktioniert da das SA-Management (was früher m.E. durchaus klappte) nicht mehr, seitdem man wild dem Android-Problem hinterher läuft. Ob das am Ende daran liegt, daß da ein anderer MA den Code des ursprünglichen Autoren jetzt erst einmal verstehen muß oder ob der Autor da tatsächlich selbst so durcheinander gekommen ist (nur meine Meinung, die ich versucht habe zu belegen), weiß man ja auch nicht ... jedenfalls wird da offenbar einiges eher verschlimmert als verbessert.
In der Summe würde ich schon deutlich mehr Merkwürdigkeiten im Verhalten des 'avmike' sehen als in dem der Gegenstelle. Der Vollständigkeit halber noch das parallele Protokoll der FRITZ!Box um 11:42:18:
Code:
2015-05-03 10:48:19 avmike:Source: NO waiting connections
2015-05-03 10:48:29 avmike:>>>4500 nat-t-keepalive[85.123.234.12:4500]
2015-05-03 11:42:18 avmike:wolke_neighbour_renew_sa 1 SAs
2015-05-03 11:42:18 avmike:wolke_neighbour_renew_sa 1 SAs RENEW
2015-05-03 11:42:18 avmike:Source: Phase 1 starting (renew)
2015-05-03 11:42:19 avmike:mainmode Source: selected lifetime: 3600 sec(no notify)
2015-05-03 11:42:19 avmike:mainmode Source: add SA 3
2015-05-03 11:42:19 avmike:Source remote peer supported XAUTH
2015-05-03 11:42:19 avmike:Source remote peer supported NAT-T RFC 3947
2015-05-03 11:42:19 avmike:Source remote peer supported DPD
2015-05-03 11:42:19 avmike:Source: Phase 1 ready
2015-05-03 11:42:19 avmike:Source: current=85.123.234.12:4500 new=85.123.234.12:4500
2015-05-03 11:42:19 avmike:Source: local is behind a nat
2015-05-03 11:42:19 avmike:Source: remote is behind a nat
2015-05-03 11:42:19 avmike:Source: start waiting connections
2015-05-03 11:42:19 avmike:Source: NO waiting connections
Code:
2015-05-03 11:47:19 avmike:Source start_keep_alive_timer_func to 192.168.234.1
2015-05-03 11:47:19 avmike:Source start_vpn_keepalive 192.168.234.1
2015-05-03 11:47:19 avmike:Source: Phase 2 ready
2015-05-03 11:47:19 avmike:< cb_sa_created(name=Source,id=3,...,flags=0x00032101)
2015-05-03 11:47:19 avmike:Source stop_vpn_keepalive to 192.168.234.1
2015-05-03 11:47:19 avmike:Source start_keepalive_timer 3540 sec
2015-05-03 11:47:19 avmike:Source: start waiting connections
2015-05-03 11:47:19 avmike:Source: NO waiting connections
2015-05-03 11:47:29 avmike:>>>4500 nat-t-keepalive[85.123.234.12:4500]
2015-05-03 11:48:18 avmike:FreeIPsecSA: spi=a42fb9e6 protocol=3 iotype=1
2015-05-03 11:48:18 avmike:FreeIPsecSA: spi=ccf4a28 protocol=3 iotype=2
2015-05-03 11:48:18 avmike:mainmode Source: del SA 2Fazit:
Ist das also bei jemandem der Fall, daß da kein Rekeying nach 60 Minuten erfolgt, sondern schlicht ein neuer Verbindungsaufbau und zusätzlich erneutes Rekeying nach 59 Minuten und dann am Ende nichts mehr klappt, als eine solche Verbindung zu stoppen und neu aufzubauen, sollte man das meiner Meinung nach einfach immer wieder publizieren, daß das mit dem AVM-VPN so nicht funktioniert und - wenn möglich - die genauen Umstände schildern.
Ich will auch nicht die AVM-Implementierung alleine für alle Probleme verantwortlich machen, aber dieses Verhalten ist einfach absolut ungewöhnlich und merkwürdig, wenn eigentlich 3600 Sekunden "ausgemacht" waren. Wenn da andere Clients dann nicht mitspielen wollen, kann ich das auch nachvollziehen ... AVM ist nun nicht unbedingt ein Riese im internationalen Markt und die wenigsten Hersteller von IPSec-Lösungen interessieren sich für diese Nische, da sollte der Schwanz nicht versuchen, mit dem Hund zu wedeln. Wenn AVM keine Kompatibilität zu anderen Herstellern will, kann sie aber wohl auch niemand dazu zwingen ... es ist ja immer noch eine "IPSec-ähnliche" Implementierung.
Die parallele (einmalige, man muß sich ja nicht pausenlos vera****en lassen) Meldung des Problems an AVM hilft sicherlich auch, ich habe jedoch eher nicht den Eindruck, daß die vom Hersteller dort bisher investierten Bemühungen zu einer merklichen Verbesserung geführt hätten. Das Problem trat ja ursprünglich wohl nur bei Transport-Mode mit Android-Clients auf, scheint sich aber eher "verschärft" zu haben und inzwischen auf andere Gegenstellen auszuweiten, nur FRITZ!Box zu FRITZ!Box funktioniert noch einigermaßen, das ist m.W. auch das einzige, was AVM offiziell unterstützt (mal FRITZ!Fernzugang nicht beachtet, ob der immer geht, wäre die nächste Frage).
Ob das dann am Ende tatsächlich noch ein IPSec-VPN ist, was die entsprechenden Standards (es gibt ja RFCs dazu) umsetzt oder ob es mehr in die Richtung einer proprietären Lösung tendiert, könnte man nur dann verifizieren, wenn es eine "offizielle" Testsuite dafür gäbe. Ich kenne leider keine ... vielleicht ja jemand anderes? Das müßte natürlich eine "allseits" akzeptierte sein, selbst die allgemein als Referenz genommene Cisco-Implementierung ist ja nur die Sicht eines einzelnen Herstellers (auch wenn der schon historisch bedingt erhebliche Anteile an den RFCs hat - neben Nortel Networks).
Zuletzt bearbeitet:
