Hi,
I'm trying to set up a ipsec vpn for my iPhone. I tried with both iked
and ipsec/isakmpd + npppd. They both work for 10/15 minutes then it
dies. This mail is only about the iked problem (at least for now).
The server runs 6.1 -stable and isn't behind any nat. Client runs
ios 10.3.1 and use the included ipsec client (and is behind nat).
The iked.conf file I use is
ikev2 "ios10" passive esp from 0.0.0.0/0 to 192.168.222.0/24 \
local egress peer any \
ikesa enc aes-256 auth hmac-sha2-256 group modp2048 \
childsa enc aes-256 auth hmac-sha2-256 group modp2048 \
psk "whatever" config address 192.168.222.0/24 \
config name-server 192.168.222.254 config access-server 192.168.222.1
I run iked -dvvv (full log attached) it seems to close nicely:
ikev2_msg_send: INFORMATIONAL response from 159.100.249.61:4500 to
198.48.213.186:58457 msgid 1, 80 bytes, NAT-T
sa_state: ESTABLISHED -> CLOSED from 198.48.213.186:58457 to
159.100.249.61:4500 policy 'ios10'
and I'm not sure why.
Any idea?
Cheers,
Daniel
OpenBSD 6.1 (GENERIC) #6: Sat May 6 09:33:26 CEST 2017
rob...@syspatch-61-amd64.openbsd.org:/usr/src/sys/arch/amd64/compile/GENERIC
real mem = 519962624 (495MB)
avail mem = 499658752 (476MB)
mpath0 at root
scsibus0 at mpath0: 256 targets
mainbus0 at root
bios0 at mainbus0: SMBIOS rev. 2.8 @ 0xf63a0 (9 entries)
bios0: vendor SeaBIOS version "Ubuntu-1.8.2-1ubuntu1~precise0+exo1" date
04/01/2014
bios0: QEMU Standard PC (i440FX + PIIX, 1996)
acpi0 at bios0: rev 0
acpi0: sleep states S3 S4 S5
acpi0: tables DSDT FACP SSDT APIC HPET
acpi0: wakeup devices
acpitimer0 at acpi0: 3579545 Hz, 24 bits
acpimadt0 at acpi0 addr 0xfee00000: PC-AT compat
cpu0 at mainbus0: apid 0 (boot processor)
cpu0: Intel Xeon E312xx (Sandy Bridge), 2594.10 MHz
cpu0:
FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,MMX,FXSR,SSE,SSE2,SSE3,PCLMUL,VMX,SSSE3,CX16,SSE4.1,SSE4.2,x2APIC,POPCNT,DEADLINE,AES,XSAVE,AVX,HV,NXE,RDTSCP,LONG,LAHF
cpu0: 64KB 64b/line 2-way I-cache, 64KB 64b/line 2-way D-cache, 512KB 64b/line
16-way L2 cache
cpu0: ITLB 255 4KB entries direct-mapped, 255 4MB entries direct-mapped
cpu0: DTLB 255 4KB entries direct-mapped, 255 4MB entries direct-mapped
cpu0: smt 0, core 0, package 0
mtrr: Pentium Pro MTRR support, 8 var ranges, 88 fixed ranges
cpu0: apic clock running at 1000MHz
ioapic0 at mainbus0: apid 0 pa 0xfec00000, version 11, 24 pins
acpihpet0 at acpi0: 100000000 Hz
acpiprt0 at acpi0: bus 0 (PCI0)
acpicpu0 at acpi0: C1(@1 halt!)
"ACPI0006" at acpi0 not configured
"PNP0303" at acpi0 not configured
"PNP0F13" at acpi0 not configured
"PNP0700" at acpi0 not configured
"PNP0501" at acpi0 not configured
"PNP0A06" at acpi0 not configured
"PNP0A06" at acpi0 not configured
"PNP0A06" at acpi0 not configured
pvbus0 at mainbus0: KVM
pci0 at mainbus0 bus 0
pchb0 at pci0 dev 0 function 0 "Intel 82441FX" rev 0x02
pcib0 at pci0 dev 1 function 0 "Intel 82371SB ISA" rev 0x00
pciide0 at pci0 dev 1 function 1 "Intel 82371SB IDE" rev 0x00: DMA, channel 0
wired to compatibility, channel 1 wired to compatibility
pciide0: channel 0 disabled (no drives)
atapiscsi0 at pciide0 channel 1 drive 0
scsibus1 at atapiscsi0: 2 targets
cd0 at scsibus1 targ 0 lun 0: <QEMU, QEMU DVD-ROM, 2.3.> ATAPI 5/cdrom removable
cd0(pciide0:1:0): using PIO mode 4, DMA mode 2
uhci0 at pci0 dev 1 function 2 "Intel 82371SB USB" rev 0x01: apic 0 int 11
piixpm0 at pci0 dev 1 function 3 "Intel 82371AB Power" rev 0x03: apic 0 int 9
iic0 at piixpm0
vga1 at pci0 dev 2 function 0 "Cirrus Logic CL-GD5446" rev 0x00
wsdisplay0 at vga1 mux 1: console (80x25, vt100 emulation)
wsdisplay0: screen 1-5 added (80x25, vt100 emulation)
virtio0 at pci0 dev 3 function 0 "Qumranet Virtio Network" rev 0x00
vio0 at virtio0: address 06:eb:fa:00:01:45
virtio0: msix shared
virtio1 at pci0 dev 4 function 0 "Qumranet Virtio Storage" rev 0x00
vioblk0 at virtio1
scsibus2 at vioblk0: 2 targets
sd0 at scsibus2 targ 0 lun 0: <VirtIO, Block Device, > SCSI3 0/direct fixed
sd0: 51200MB, 512 bytes/sector, 104857600 sectors
virtio1: msix shared
isa0 at pcib0
isadma0 at isa0
fdc0 at isa0 port 0x3f0/6 irq 6 drq 2
fd0 at fdc0 drive 1: density unknown
com0 at isa0 port 0x3f8/8 irq 4: ns16550a, 16 byte fifo
pckbc0 at isa0 port 0x60/5 irq 1 irq 12
pckbd0 at pckbc0 (kbd slot)
wskbd0 at pckbd0: console keyboard, using wsdisplay0
pms0 at pckbc0 (aux slot)
wsmouse0 at pms0 mux 0
pcppi0 at isa0 port 0x61
spkr0 at pcppi0
usb0 at uhci0: USB revision 1.0
uhub0 at usb0 configuration 1 interface 0 "Intel UHCI root hub" rev 1.00/1.00
addr 1
vmm0 at mainbus0: VMX/EPT
uhidev0 at uhub0 port 1 configuration 1 interface 0 "QEMU QEMU USB Tablet" rev
2.00/0.00 addr 2
uhidev0: iclass 3/0
ums0 at uhidev0: 3 buttons, Z dir
wsmouse1 at ums0 mux 0
vscsi0 at root
scsibus3 at vscsi0: 256 targets
softraid0 at root
scsibus4 at softraid0: 256 targets
root on sd0a (bfd80eba6139c686.a) swap on sd0b dump on sd0b
ikev2 "ios10" passive esp inet from 0.0.0.0/0 to 192.168.222.0/24 local 159.100.249.61 peer any ikesa enc aes-256 prf hmac-sha2-256,hmac-sha1 auth hmac-sha2-256 group modp2048 childsa enc aes-256 auth hmac-sha2-256 group modp2048 lifetime 10800 bytes 536870912 psk whatever config address 192.168.222.0 config name-server 192.168.222.254 config access-server 192.168.222.1
/etc/iked.conf: loaded 1 configuration rules
ca_privkey_serialize: type RSA_KEY length 1192
ca_pubkey_serialize: type RSA_KEY length 270
ca_privkey_to_method: type RSA_KEY method RSA_SIG
ca_getkey: received private key type RSA_KEY length 1192
ca_getkey: received public key type RSA_KEY length 270
ca_dispatch_parent: config reset
ca_reload: local cert type RSA_KEY
config_getocsp: ocsp_url none
ikev2_dispatch_cert: updated local CERTREQ type RSA_KEY length 0
config_getpolicy: received policy
config_getpfkey: received pfkey fd 3
config_getcompile: compilation done
config_getsocket: received socket fd 4
config_getsocket: received socket fd 5
config_getsocket: received socket fd 6
config_getsocket: received socket fd 7
ikev2_recv: IKE_SA_INIT request from initiator 198.48.213.186:55500 to 159.100.249.61:500 policy 'ios10' id 0, 604 bytes
ikev2_recv: ispi 0x1e6e9d8c7451ec2f rspi 0x0000000000000000
ikev2_policy2id: srcid FQDN/novosibirsk.chown.me length 24
ikev2_pld_parse: header ispi 0x1e6e9d8c7451ec2f rspi 0x0000000000000000 nextpayload SA version 0x20 exchange IKE_SA_INIT flags 0x08 msgid 0 length 604 response 0
ikev2_pld_payloads: payload SA nextpayload KE critical 0x00 length 220
ikev2_pld_sa: more than one proposal specified
ikev2_pld_sa: more 2 reserved 0 length 44 proposal #1 protoid IKE spisize 0 xforms 4 spi 0
ikev2_pld_xform: more 3 reserved 0 length 12 type ENCR id AES_CBC
ikev2_pld_attr: attribute type KEY_LENGTH length 256 total 4
ikev2_pld_xform: more 3 reserved 0 length 8 type PRF id HMAC_SHA2_256
ikev2_pld_xform: more 3 reserved 0 length 8 type INTEGR id HMAC_SHA2_256_128
ikev2_pld_xform: more 0 reserved 0 length 8 type DH id MODP_2048
ikev2_pld_payloads: payload KE nextpayload NONCE critical 0x00 length 264
ikev2_pld_ke: dh group MODP_2048 reserved 0
9324a4ea d62c8bae 72bc59a3 3783eb3c 1d54790d e427dacc 1deeaf30 b482f3d4
d62224a1 2c8addd9 a366fb9f 7eec4f75 c302def3 61950fd5 f24e8ec4 e8e6c5a2
59c47387 650f8654 37cb5563 d40a0327 3d92c7a8 a8d71cba 3e9aef82 52dffae4
208dc052 19948076 e7cddaae 84ffa6d2 dd8098fb 81d21305 185fa9d0 b1086982
99ad2166 31c6d6ff 2213fbdc 1e1a39dc e266cac0 04762576 961de4b9 af5b9b29
640058ed e764327b 2658f912 30a5b12a 56006ac0 9c314eda e4ce3d47 9a8d24b6
6db2dab2 208617ec f9ece928 cde08b9b 0c8754bd a6c5f3ce 739bfaf1 9dd80abc
9e2867b0 79063905 f584649c 86f5635c 8f0edb1e 4b4273fc 8256b9ca ca7fc9a6
ikev2_pld_payloads: payload NONCE nextpayload NOTIFY critical 0x00 length 20
12d19591 f37b97cd 70cc3812 61b28263
ikev2_pld_payloads: payload NOTIFY nextpayload NOTIFY critical 0x00 length 8
ikev2_pld_notify: protoid NONE spisize 0 type REDIRECT_SUPPORTED
ikev2_pld_payloads: payload NOTIFY nextpayload NOTIFY critical 0x00 length 28
ikev2_pld_notify: protoid NONE spisize 0 type NAT_DETECTION_SOURCE_IP
bf5cf840 b039a732 a82852f3 b697b7ea 955c7086
ikev2_nat_detection: peer source 0x1e6e9d8c7451ec2f 0x0000000000000000 198.48.213.186:55500
ikev2_pld_notify: NAT_DETECTION_SOURCE_IP detected NAT, enabling UDP encapsulation
5fb48d4d 73da34bf 8361ab29 1aa44330 0b9bdda0
ikev2_pld_payloads: payload NOTIFY nextpayload NOTIFY critical 0x00 length 28
ikev2_pld_notify: protoid NONE spisize 0 type NAT_DETECTION_DESTINATION_IP
a135e68a 11f85ce4 d2f773d9 42781465 f4677d95
ikev2_nat_detection: peer destination 0x1e6e9d8c7451ec2f 0x0000000000000000 159.100.249.61:500
a135e68a 11f85ce4 d2f773d9 42781465 f4677d95
ikev2_pld_payloads: payload NOTIFY nextpayload NONE critical 0x00 length 8
ikev2_pld_notify: protoid NONE spisize 0 type FRAGMENTATION_SUPPORTED
sa_state: INIT -> SA_INIT
ikev2_match_proposals: xform 1 <-> 1 (1): ENCR AES_CBC (keylength 256 <-> 256) 256
ikev2_match_proposals: xform 1 <-> 1 (1): PRF HMAC_SHA2_256 (keylength 0 <-> 0)
ikev2_match_proposals: xform 1 <-> 1 (1): INTEGR HMAC_SHA2_256_128 (keylength 0 <-> 256)
ikev2_match_proposals: xform 1 <-> 1 (1): DH MODP_2048 (keylength 0 <-> 0)
ikev2_sa_negotiate: score 4
ikev2_sa_negotiate: score 1: ENCR AES_CBC 256
ikev2_sa_negotiate: score 1: PRF HMAC_SHA2_256
ikev2_sa_negotiate: score 1: INTEGR HMAC_SHA2_256_128
ikev2_sa_negotiate: score 1: DH MODP_2048
sa_stateok: SA_INIT flags 0x0000, require 0x0000
sa_stateflags: 0x0000 -> 0x0020 sa (required 0x0000 )
ikev2_sa_keys: SKEYSEED with 32 bytes
4948281b 4bfcbb7e 0c79575f 1d94696c 31648b67 7bfa72ec 86de473e e58a740d
ikev2_sa_keys: S with 64 bytes
12d19591 f37b97cd 70cc3812 61b28263 24a6e80f f65b1302 5e2e5a5b ab21b302
1db48169 2f26ed34 aac8b966 f329cf1e 1e6e9d8c 7451ec2f cd9fff65 dfabfff9
ikev2_prfplus: T1 with 32 bytes
e74d7baa 9b92b3b0 69d1303a 99efd1be 808e282d bbd17d32 afce5af0 1c497086
ikev2_prfplus: T2 with 32 bytes
c73a6666 0ec6477b 72c88357 02063c71 5ad3aa0b 091022ca 6087863b 41440219
ikev2_prfplus: T3 with 32 bytes
1ff212fc 444ae415 c6f39eef ef645360 1da8075a 67f7fd0e 2f5573c5 ab65bbb9
ikev2_prfplus: T4 with 32 bytes
9c0e7a57 a9777b6c e752dc4a 38a8cb5f d4646982 47d88e5c 63c57e99 50b99fde
ikev2_prfplus: T5 with 32 bytes
d2149fb3 37df5de0 5bc6ede8 4ab01b4a 9c9a2691 86d8fe44 59b1ebf6 3ebf982f
ikev2_prfplus: T6 with 32 bytes
ca435471 d34772da be407f4b eb1e07e6 ab1edafd 98273980 c1867faf d2a91030
ikev2_prfplus: T7 with 32 bytes
9d7cc394 9bdd8951 efb06965 2908b21b 645a1c8f e6093143 af140727 f58d94a4
ikev2_prfplus: Tn with 224 bytes
e74d7baa 9b92b3b0 69d1303a 99efd1be 808e282d bbd17d32 afce5af0 1c497086
c73a6666 0ec6477b 72c88357 02063c71 5ad3aa0b 091022ca 6087863b 41440219
1ff212fc 444ae415 c6f39eef ef645360 1da8075a 67f7fd0e 2f5573c5 ab65bbb9
9c0e7a57 a9777b6c e752dc4a 38a8cb5f d4646982 47d88e5c 63c57e99 50b99fde
d2149fb3 37df5de0 5bc6ede8 4ab01b4a 9c9a2691 86d8fe44 59b1ebf6 3ebf982f
ca435471 d34772da be407f4b eb1e07e6 ab1edafd 98273980 c1867faf d2a91030
9d7cc394 9bdd8951 efb06965 2908b21b 645a1c8f e6093143 af140727 f58d94a4
ikev2_sa_keys: SK_d with 32 bytes
e74d7baa 9b92b3b0 69d1303a 99efd1be 808e282d bbd17d32 afce5af0 1c497086
ikev2_sa_keys: SK_ai with 32 bytes
c73a6666 0ec6477b 72c88357 02063c71 5ad3aa0b 091022ca 6087863b 41440219
ikev2_sa_keys: SK_ar with 32 bytes
1ff212fc 444ae415 c6f39eef ef645360 1da8075a 67f7fd0e 2f5573c5 ab65bbb9
ikev2_sa_keys: SK_ei with 32 bytes
9c0e7a57 a9777b6c e752dc4a 38a8cb5f d4646982 47d88e5c 63c57e99 50b99fde
ikev2_sa_keys: SK_er with 32 bytes
d2149fb3 37df5de0 5bc6ede8 4ab01b4a 9c9a2691 86d8fe44 59b1ebf6 3ebf982f
ikev2_sa_keys: SK_pi with 32 bytes
ca435471 d34772da be407f4b eb1e07e6 ab1edafd 98273980 c1867faf d2a91030
ikev2_sa_keys: SK_pr with 32 bytes
9d7cc394 9bdd8951 efb06965 2908b21b 645a1c8f e6093143 af140727 f58d94a4
ikev2_add_proposals: length 44
ikev2_next_payload: length 48 nextpayload KE
ikev2_next_payload: length 264 nextpayload NONCE
ikev2_next_payload: length 36 nextpayload NOTIFY
ikev2_nat_detection: local source 0x1e6e9d8c7451ec2f 0xcd9fff65dfabfff9 159.100.249.61:500
ikev2_next_payload: length 28 nextpayload NOTIFY
ikev2_nat_detection: local destination 0x1e6e9d8c7451ec2f 0xcd9fff65dfabfff9 198.48.213.186:55500
ikev2_next_payload: length 28 nextpayload NONE
ikev2_pld_parse: header ispi 0x1e6e9d8c7451ec2f rspi 0xcd9fff65dfabfff9 nextpayload SA version 0x20 exchange IKE_SA_INIT flags 0x20 msgid 0 length 432 response 1
ikev2_pld_payloads: payload SA nextpayload KE critical 0x00 length 48
ikev2_pld_sa: more 0 reserved 0 length 44 proposal #1 protoid IKE spisize 0 xforms 4 spi 0
ikev2_pld_xform: more 3 reserved 0 length 12 type ENCR id AES_CBC
ikev2_pld_attr: attribute type KEY_LENGTH length 256 total 4
ikev2_pld_xform: more 3 reserved 0 length 8 type PRF id HMAC_SHA2_256
ikev2_pld_xform: more 3 reserved 0 length 8 type INTEGR id HMAC_SHA2_256_128
ikev2_pld_xform: more 0 reserved 0 length 8 type DH id MODP_2048
ikev2_pld_payloads: payload KE nextpayload NONCE critical 0x00 length 264
ikev2_pld_ke: dh group MODP_2048 reserved 0
70c7ab25 4d8dea82 45a998a1 4430d06c 7beb5cc6 4cb7589b b32a3d20 691b1b55
80f3331b f9264255 ddf9857e f03a35f0 e94bed7b 82a51e2b 01cf1c36 00e5faff
ee2d706c dc67a32a 5dc6cfb8 d4610e9f 1837d6f5 cf4772af f1e84166 6167220d
c990bce4 5dfac16f ab79ccee 1b864167 66058901 b61141b7 fc476208 4527bf5a
ac2e1cc3 bc04ed31 42589d53 635d6a47 266fb24e 4e87c48e 042c6f52 d8224c2f
52b87d1c c906d61f aa9b021e 950adce5 40c627bd 4090f2a2 c564374c 5b0ce0c2
5e088a19 70224b16 f9fcd79d 3b2f9e8f 960b71b8 bb085d3a 5c0acd3c 0cad46d8
0adc4df2 59161920 3b0e8ed5 1f9a0304 f118318d a2f7570c 08f8924a 2b2ce441
ikev2_pld_payloads: payload NONCE nextpayload NOTIFY critical 0x00 length 36
24a6e80f f65b1302 5e2e5a5b ab21b302 1db48169 2f26ed34 aac8b966 f329cf1e
ikev2_pld_payloads: payload NOTIFY nextpayload NOTIFY critical 0x00 length 28
ikev2_pld_notify: protoid NONE spisize 0 type NAT_DETECTION_SOURCE_IP
9be25123 e94c2601 79a7408c fa5f5df1 4be62d53
ikev2_pld_payloads: payload NOTIFY nextpayload NONE critical 0x00 length 28
ikev2_pld_notify: protoid NONE spisize 0 type NAT_DETECTION_DESTINATION_IP
11c68cad c25bffa9 fa6d2594 dc9c341a e7835703
ikev2_msg_send: IKE_SA_INIT response from 159.100.249.61:500 to 198.48.213.186:55500 msgid 0, 432 bytes
config_free_proposals: free 0x1c31e3715e80
ikev2_recv: IKE_AUTH request from initiator 198.48.213.186:58457 to 159.100.249.61:4500 policy 'ios10' id 1, 544 bytes
ikev2_recv: ispi 0x1e6e9d8c7451ec2f rspi 0xcd9fff65dfabfff9
ikev2_recv: updated SA to peer 198.48.213.186:58457 local 159.100.249.61:4500
ikev2_pld_parse: header ispi 0x1e6e9d8c7451ec2f rspi 0xcd9fff65dfabfff9 nextpayload SK version 0x20 exchange IKE_AUTH flags 0x08 msgid 1 length 544 response 0
ikev2_pld_payloads: payload SK nextpayload IDi critical 0x00 length 516
ikev2_msg_decrypt: IV length 16
813793cc 27cf51ae 6eb48956 eb9d37c2
ikev2_msg_decrypt: encrypted payload length 480
18651a50 1c627df9 04aa8194 7e8bf8d4 b056bca2 53b9950d ee467687 33dd7037
3cebdace 34cba7a7 5401bda7 d9a8c552 ab158713 70e683d4 e7e1cb33 ee009d0e
47a16ba1 50ad78e5 6f31b697 009bc6f9 98845526 daa4d3d0 5fdeb209 5b700c8f
d6d72810 63cb1269 adbd54be 35432f5e 868b075a 293bbeee 286942c9 e75b4cda
90273bd5 d0a0c989 98ea1a7f f2895dba ec8a9736 6f88e187 08596bf1 9b187eaa
03078c2a 1f275268 99ff46cf 79bc73dc de1b004a 012ce83f 9224869e 6264bdd3
c47c10f0 12f0c1b7 662aa5d0 f29a3704 2fe3f5c7 0d26b4a3 ccd2c482 07a24f80
fe8ce2e6 29454b59 5af882ec e603067f 49731404 8bff9457 dc03541a c7bb14b3
1dceba11 f8236432 e06b3456 d265f48c dbf11914 32124291 5f83fa51 55447aaa
cfccb58b ad4e6e82 7e6332a7 82768a2e 6a1dd4c3 f21648f2 86489c73 fc57a9ba
9ee56e25 479d6a03 869bd0de 1d43c259 d3493b91 49f7a25c f4a8d067 f22af584
f8d7d77a 4fc9b65d bb4932f6 8581ac1d 6c8c49fc f033c98c 0bc339e4 27d04d1a
a7d03307 f62b9d4f b5de4530 86c278c9 d1cc1870 c8af9d94 baa9d3fb 72010701
2e98e3fc c32245c0 3f44ee32 1cfa091b ad3733e4 d35bab86 661c2bfe 796084b1
293a1598 e5009426 f7c561bc 5bb370e2 60c6d50e 818b92cb 724aa829 389028fc
ikev2_msg_decrypt: integrity checksum length 16
87588186 f37a23f8 598784d6 814b5b19
ikev2_msg_decrypt: integrity check succeeded
87588186 f37a23f8 598784d6 814b5b19
ikev2_msg_decrypt: decrypted payload length 480/480 padding 14
2900000c 01000000 0a0a0ae1 29000008 00004000 24000008 0000400c 2700000d
02000000 696f7331 302f0000 28020000 0029508c 998d30fd f8814690 e6e5ed04
4d8afa2a 0e00db05 754dbb19 c3525089 a0290000 28010000 00000100 00000600
00000300 00000200 00000800 00000c00 00000a00 00001900 00290000 08000040
0a210000 08000040 0b2c0000 c8020000 28010304 030ec819 0f030000 0c010000
0c800e01 00030000 08030000 0c000000 08050000 00020000 28020304 030dcd28
9f030000 0c010000 0c800e01 00030000 08030000 0c000000 08050000 00020000
28030304 0307699c 3f030000 0c010000 0c800e01 00030000 08030000 0c000000
08050000 00020000 28040304 030161da 11030000 0c010000 0c800e00 80030000
08030000 02000000 08050000 00000000 24050304 03092f0d dc030000 08010000
03030000 08030000 02000000 08050000 002d0000 40020000 00070000 100000ff
ff000000 00ffffff ff080000 280000ff ff000000 00000000 00000000 00000000
00ffffff ffffffff ffffffff ffffffff ff000000 40020000 00070000 100000ff
ff000000 00ffffff ff080000 280000ff ff000000 00000000 00000000 00000000
00ffffff ffffffff ffffffff ffffffff ff3b560a 37ce01b4 01aeca66 babd730e
ikev2_pld_payloads: decrypted payload IDi nextpayload NOTIFY critical 0x00 length 12
ikev2_pld_id: id IPV4/10.10.10.225 length 8
ikev2_pld_payloads: decrypted payload NOTIFY nextpayload NOTIFY critical 0x00 length 8
ikev2_pld_notify: protoid NONE spisize 0 type INITIAL_CONTACT
ikev2_pld_payloads: decrypted payload NOTIFY nextpayload IDr critical 0x00 length 8
ikev2_pld_notify: protoid NONE spisize 0 type MOBIKE_SUPPORTED
ikev2_pld_payloads: decrypted payload IDr nextpayload AUTH critical 0x00 length 13
ikev2_pld_id: id FQDN/ios10 length 9
ikev2_pld_id: unexpected id payload
ikev2_pld_payloads: decrypted payload AUTH nextpayload CP critical 0x00 length 40
ikev2_pld_auth: method SHARED_KEY_MIC length 32
29508c99 8d30fdf8 814690e6 e5ed044d 8afa2a0e 00db0575 4dbb19c3 525089a0
sa_state: SA_INIT -> AUTH_REQUEST
ikev2_pld_payloads: decrypted payload CP nextpayload NOTIFY critical 0x00 length 40
ikev2_pld_cp: type REQUEST length 32
00010000 00060000 00030000 00020000 00080000 000c0000 000a0000 00190000
ikev2_pld_cp: INTERNAL_IP4_ADDRESS 0x0001 length 0
ikev2_pld_cp: INTERNAL_IP4_DHCP 0x0006 length 0
ikev2_pld_cp: INTERNAL_IP4_DNS 0x0003 length 0
ikev2_pld_cp: INTERNAL_IP4_NETMASK 0x0002 length 0
ikev2_pld_cp: INTERNAL_IP6_ADDRESS 0x0008 length 0
ikev2_pld_cp: INTERNAL_IP6_DHCP 0x000c length 0
ikev2_pld_cp: INTERNAL_IP6_DNS 0x000a length 0
ikev2_pld_cp: <UNKNOWN:25> 0x0019 length 0
ikev2_pld_payloads: decrypted payload NOTIFY nextpayload NOTIFY critical 0x00 length 8
ikev2_pld_notify: protoid NONE spisize 0 type ESP_TFC_PADDING_NOT_SUPPORTED
ikev2_pld_payloads: decrypted payload NOTIFY nextpayload SA critical 0x00 length 8
ikev2_pld_notify: protoid NONE spisize 0 type NON_FIRST_FRAGMENTS_ALSO
ikev2_pld_payloads: decrypted payload SA nextpayload TSi critical 0x00 length 200
ikev2_pld_sa: more than one proposal specified
ikev2_pld_sa: more 2 reserved 0 length 40 proposal #1 protoid ESP spisize 4 xforms 3 spi 0x0ec8190f
ikev2_pld_xform: more 3 reserved 0 length 12 type ENCR id AES_CBC
ikev2_pld_attr: attribute type KEY_LENGTH length 256 total 4
ikev2_pld_xform: more 3 reserved 0 length 8 type INTEGR id HMAC_SHA2_256_128
ikev2_pld_xform: more 0 reserved 0 length 8 type ESN id NONE
ikev2_pld_payloads: decrypted payload TSi nextpayload TSr critical 0x00 length 64
ikev2_pld_ts: count 2 length 56
ikev2_pld_ts: type IPV4_ADDR_RANGE protoid 0 length 16 startport 0 endport 65535
ikev2_pld_ts: start 0.0.0.0 end 255.255.255.255
ikev2_pld_ts: type IPV6_ADDR_RANGE protoid 0 length 40 startport 0 endport 65535
ikev2_pld_ts: start :: end ffff:ffff:ffff:ffff:ffff:ffff:ffff:ffff
ikev2_pld_payloads: decrypted payload TSr nextpayload NONE critical 0x00 length 64
ikev2_pld_ts: count 2 length 56
ikev2_pld_ts: type IPV4_ADDR_RANGE protoid 0 length 16 startport 0 endport 65535
ikev2_pld_ts: start 0.0.0.0 end 255.255.255.255
ikev2_pld_ts: type IPV6_ADDR_RANGE protoid 0 length 40 startport 0 endport 65535
ikev2_pld_ts: start :: end ffff:ffff:ffff:ffff:ffff:ffff:ffff:ffff
ikev2_resp_recv: NAT-T message received, updated SA
sa_stateok: SA_INIT flags 0x0000, require 0x0000
policy_lookup: peerid '10.10.10.225'
ikev2_msg_auth: responder auth data length 480
1e6e9d8c 7451ec2f cd9fff65 dfabfff9 21202220 00000000 000001b0 22000030
0000002c 01010004 0300000c 0100000c 800e0100 03000008 02000005 03000008
0300000c 00000008 0400000e 28000108 000e0000 70c7ab25 4d8dea82 45a998a1
4430d06c 7beb5cc6 4cb7589b b32a3d20 691b1b55 80f3331b f9264255 ddf9857e
f03a35f0 e94bed7b 82a51e2b 01cf1c36 00e5faff ee2d706c dc67a32a 5dc6cfb8
d4610e9f 1837d6f5 cf4772af f1e84166 6167220d c990bce4 5dfac16f ab79ccee
1b864167 66058901 b61141b7 fc476208 4527bf5a ac2e1cc3 bc04ed31 42589d53
635d6a47 266fb24e 4e87c48e 042c6f52 d8224c2f 52b87d1c c906d61f aa9b021e
950adce5 40c627bd 4090f2a2 c564374c 5b0ce0c2 5e088a19 70224b16 f9fcd79d
3b2f9e8f 960b71b8 bb085d3a 5c0acd3c 0cad46d8 0adc4df2 59161920 3b0e8ed5
1f9a0304 f118318d a2f7570c 08f8924a 2b2ce441 29000024 24a6e80f f65b1302
5e2e5a5b ab21b302 1db48169 2f26ed34 aac8b966 f329cf1e 2900001c 00004004
9be25123 e94c2601 79a7408c fa5f5df1 4be62d53 0000001c 00004005 11c68cad
c25bffa9 fa6d2594 dc9c341a e7835703 12d19591 f37b97cd 70cc3812 61b28263
c3c5221e c8ea9920 db72d65b c6b1c352 fcdc8111 5b20e2b8 de0686db 76d030cb
ikev2_msg_auth: initiator auth data length 668
1e6e9d8c 7451ec2f 00000000 00000000 21202208 00000000 0000025c 220000dc
0200002c 01010004 0300000c 0100000c 800e0100 03000008 02000005 03000008
0300000c 00000008 0400000e 0200002c 02010004 0300000c 0100000c 800e0100
03000008 02000005 03000008 0300000c 00000008 04000013 0200002c 03010004
0300000c 0100000c 800e0100 03000008 02000005 03000008 0300000c 00000008
04000005 0200002c 04010004 0300000c 0100000c 800e0080 03000008 02000002
03000008 03000002 00000008 04000002 00000028 05010004 03000008 01000003
03000008 02000002 03000008 03000002 00000008 04000002 28000108 000e0000
9324a4ea d62c8bae 72bc59a3 3783eb3c 1d54790d e427dacc 1deeaf30 b482f3d4
d62224a1 2c8addd9 a366fb9f 7eec4f75 c302def3 61950fd5 f24e8ec4 e8e6c5a2
59c47387 650f8654 37cb5563 d40a0327 3d92c7a8 a8d71cba 3e9aef82 52dffae4
208dc052 19948076 e7cddaae 84ffa6d2 dd8098fb 81d21305 185fa9d0 b1086982
99ad2166 31c6d6ff 2213fbdc 1e1a39dc e266cac0 04762576 961de4b9 af5b9b29
640058ed e764327b 2658f912 30a5b12a 56006ac0 9c314eda e4ce3d47 9a8d24b6
6db2dab2 208617ec f9ece928 cde08b9b 0c8754bd a6c5f3ce 739bfaf1 9dd80abc
9e2867b0 79063905 f584649c 86f5635c 8f0edb1e 4b4273fc 8256b9ca ca7fc9a6
29000014 12d19591 f37b97cd 70cc3812 61b28263 29000008 00004016 2900001c
00004004 bf5cf840 b039a732 a82852f3 b697b7ea 955c7086 2900001c 00004005
a135e68a 11f85ce4 d2f773d9 42781465 f4677d95 00000008 0000402e 24a6e80f
f65b1302 5e2e5a5b ab21b302 1db48169 2f26ed34 aac8b966 f329cf1e c6ad8d76
76b9d383 1c79edc7 bf85a0c1 e8c0540a 2b533d2a 89188a52 f7cf8c83
ikev2_msg_authverify: method SHARED_KEY_MIC keylen 32 type NONE
ikev2_msg_authverify: authentication successful
sa_state: AUTH_REQUEST -> AUTH_SUCCESS
sa_stateflags: 0x0028 -> 0x0038 auth,authvalid,sa (required 0x0038 auth,authvalid,sa)
ikev2_match_proposals: xform 1 <-> 2 (1): ENCR AES_CBC (keylength 256 <-> 256) 256
ikev2_match_proposals: xform 1 <-> 2 (1): INTEGR HMAC_SHA2_256_128 (keylength 0 <-> 256)
ikev2_match_proposals: xform 1 <-> 2 (2): ESN NONE (keylength 0 <-> 0)
ikev2_sa_negotiate: score 4
ikev2_sa_negotiate: score 1: ENCR AES_CBC 256
ikev2_sa_negotiate: score 1: INTEGR HMAC_SHA2_256_128
ikev2_sa_negotiate: score 2: ESN NONE
sa_stateflags: 0x0038 -> 0x0038 auth,authvalid,sa (required 0x0038 auth,authvalid,sa)
sa_stateok: VALID flags 0x0038, require 0x0038 auth,authvalid,sa
sa_state: AUTH_SUCCESS -> VALID
sa_stateok: VALID flags 0x0038, require 0x0038 auth,authvalid,sa
ikev2_cp_setaddr: mask ffffff start a6 lower 1 host a6 upper ff
sa_stateok: VALID flags 0x0038, require 0x0038 auth,authvalid,sa
ikev2_sa_tag: (0)
ikev2_childsa_negotiate: proposal 1
ikev2_childsa_negotiate: key material length 128
ikev2_prfplus: T1 with 32 bytes
14ff9adc f2da33d2 8ba8d513 272fd0d9 3c09b571 4730a86c 3ef317e4 87098e3f
ikev2_prfplus: T2 with 32 bytes
b5b99f19 71f790cd 22c3a56f 87ea754e a2a5eb1c 3b23bd16 b35f5b2f c98a8c8e
ikev2_prfplus: T3 with 32 bytes
a731e950 5738bda2 d2e83184 25ecdcaf 71351e4a 8274cd64 529e965d eda4e813
ikev2_prfplus: T4 with 32 bytes
ecc38abb 4dbc50a3 c46e14b5 f50dbd2b 06379e5e bc9a6dd1 f936b557 5e3cc481
ikev2_prfplus: Tn with 128 bytes
14ff9adc f2da33d2 8ba8d513 272fd0d9 3c09b571 4730a86c 3ef317e4 87098e3f
b5b99f19 71f790cd 22c3a56f 87ea754e a2a5eb1c 3b23bd16 b35f5b2f c98a8c8e
a731e950 5738bda2 d2e83184 25ecdcaf 71351e4a 8274cd64 529e965d eda4e813
ecc38abb 4dbc50a3 c46e14b5 f50dbd2b 06379e5e bc9a6dd1 f936b557 5e3cc481
pfkey_sa_getspi: spi 0x2e3fef46
pfkey_sa_init: new spi 0x2e3fef46
ikev2_next_payload: length 28 nextpayload AUTH
ikev2_next_payload: length 40 nextpayload CP
ikev2_next_payload: length 32 nextpayload SA
ikev2_add_proposals: length 40
ikev2_next_payload: length 44 nextpayload TSi
ikev2_next_payload: length 24 nextpayload TSr
ikev2_next_payload: length 24 nextpayload NONE
ikev2_msg_encrypt: decrypted length 192
2700001c 02000000 6e6f766f 73696269 72736b2e 63686f77 6e2e6d65 2f000028
02000000 f8d66fcc b5374867 22fa5500 51455693 14de1381 1bad1f60 a562c816
be11dd2b 21000020 02000000 00010004 c0a8dea6 00030004 c0a8defe 5ba00004
c0a8de01 2c00002c 00000028 01030403 2e3fef46 0300000c 0100000c 800e0100
03000008 0300000c 00000008 05000000 2d000018 01000000 07000010 0000ffff
c0a8de00 c0a8deff 00000018 01000000 07000010 0000ffff 00000000 ffffffff
ikev2_msg_encrypt: padded length 208
2700001c 02000000 6e6f766f 73696269 72736b2e 63686f77 6e2e6d65 2f000028
02000000 f8d66fcc b5374867 22fa5500 51455693 14de1381 1bad1f60 a562c816
be11dd2b 21000020 02000000 00010004 c0a8dea6 00030004 c0a8defe 5ba00004
c0a8de01 2c00002c 00000028 01030403 2e3fef46 0300000c 0100000c 800e0100
03000008 0300000c 00000008 05000000 2d000018 01000000 07000010 0000ffff
c0a8de00 c0a8deff 00000018 01000000 07000010 0000ffff 00000000 ffffffff
9dcd13ed b2eabc91 88c5b3bc 1f2ff40f
ikev2_msg_encrypt: length 193, padding 15, output length 240
3904ea2f a505662a 1ec1f7f6 e6bff7b9 4d0309f5 b7fb240a ca1014d2 ec370aa0
595a5adb 6c2abd1b 78702cbf 493a65f0 767edfb4 37016c74 52d89eba 657a18b4
3844fc41 d5dfdbd7 3afef041 4d60e886 251baf6e bc7a31fb 1c5affde 81a093ff
2c9d76a9 e93143a9 7d814499 3dcae677 329c4a4e 08726b8b 08ef9470 40e840be
1137842d 80070b0a eca3ba13 0b1645bf 3b177ba0 11ae4fae 67fcb890 02fa5f40
80a2fe47 63d7ac3f b469b973 79889138 245138f0 1d63e6ec b6b81148 eab87c08
c4fa2e86 1297e6eb 431b3b3f 4be7446d 5eb9e520 c7dcac5d d32b7fa1 76f91757
00000000 00000000 00000000 00000000
ikev2_next_payload: length 244 nextpayload IDr
ikev2_msg_integr: message length 272
1e6e9d8c 7451ec2f cd9fff65 dfabfff9 2e202320 00000001 00000110 240000f4
3904ea2f a505662a 1ec1f7f6 e6bff7b9 4d0309f5 b7fb240a ca1014d2 ec370aa0
595a5adb 6c2abd1b 78702cbf 493a65f0 767edfb4 37016c74 52d89eba 657a18b4
3844fc41 d5dfdbd7 3afef041 4d60e886 251baf6e bc7a31fb 1c5affde 81a093ff
2c9d76a9 e93143a9 7d814499 3dcae677 329c4a4e 08726b8b 08ef9470 40e840be
1137842d 80070b0a eca3ba13 0b1645bf 3b177ba0 11ae4fae 67fcb890 02fa5f40
80a2fe47 63d7ac3f b469b973 79889138 245138f0 1d63e6ec b6b81148 eab87c08
c4fa2e86 1297e6eb 431b3b3f 4be7446d 5eb9e520 c7dcac5d d32b7fa1 76f91757
00000000 00000000 00000000 00000000
ikev2_msg_integr: integrity checksum length 16
5687a4f1 812285f0 219c4ddf 6d5fc36a 48d1d0a4 35a0fa78 230054e3 7a9a4d74
ikev2_pld_parse: header ispi 0x1e6e9d8c7451ec2f rspi 0xcd9fff65dfabfff9 nextpayload SK version 0x20 exchange IKE_AUTH flags 0x20 msgid 1 length 272 response 1
ikev2_pld_payloads: payload SK nextpayload IDr critical 0x00 length 244
ikev2_msg_decrypt: IV length 16
3904ea2f a505662a 1ec1f7f6 e6bff7b9
ikev2_msg_decrypt: encrypted payload length 208
4d0309f5 b7fb240a ca1014d2 ec370aa0 595a5adb 6c2abd1b 78702cbf 493a65f0
767edfb4 37016c74 52d89eba 657a18b4 3844fc41 d5dfdbd7 3afef041 4d60e886
251baf6e bc7a31fb 1c5affde 81a093ff 2c9d76a9 e93143a9 7d814499 3dcae677
329c4a4e 08726b8b 08ef9470 40e840be 1137842d 80070b0a eca3ba13 0b1645bf
3b177ba0 11ae4fae 67fcb890 02fa5f40 80a2fe47 63d7ac3f b469b973 79889138
245138f0 1d63e6ec b6b81148 eab87c08 c4fa2e86 1297e6eb 431b3b3f 4be7446d
5eb9e520 c7dcac5d d32b7fa1 76f91757
ikev2_msg_decrypt: integrity checksum length 16
5687a4f1 812285f0 219c4ddf 6d5fc36a
ikev2_msg_decrypt: integrity check succeeded
5687a4f1 812285f0 219c4ddf 6d5fc36a
ikev2_msg_decrypt: decrypted payload length 208/208 padding 15
2700001c 02000000 6e6f766f 73696269 72736b2e 63686f77 6e2e6d65 2f000028
02000000 f8d66fcc b5374867 22fa5500 51455693 14de1381 1bad1f60 a562c816
be11dd2b 21000020 02000000 00010004 c0a8dea6 00030004 c0a8defe 5ba00004
c0a8de01 2c00002c 00000028 01030403 2e3fef46 0300000c 0100000c 800e0100
03000008 0300000c 00000008 05000000 2d000018 01000000 07000010 0000ffff
c0a8de00 c0a8deff 00000018 01000000 07000010 0000ffff 00000000 ffffffff
9dcd13ed b2eabc91 88c5b3bc 1f2ff40f
ikev2_pld_payloads: decrypted payload IDr nextpayload AUTH critical 0x00 length 28
ikev2_pld_id: id FQDN/novosibirsk.chown.me length 24
ikev2_pld_payloads: decrypted payload AUTH nextpayload CP critical 0x00 length 40
ikev2_pld_auth: method SHARED_KEY_MIC length 32
f8d66fcc b5374867 22fa5500 51455693 14de1381 1bad1f60 a562c816 be11dd2b
ikev2_pld_payloads: decrypted payload CP nextpayload SA critical 0x00 length 32
ikev2_pld_cp: type REPLY length 24
00010004 c0a8dea6 00030004 c0a8defe 5ba00004 c0a8de01
ikev2_pld_cp: INTERNAL_IP4_ADDRESS 0x0001 length 4
ikev2_pld_cp: INTERNAL_IP4_DNS 0x0003 length 4
ikev2_pld_cp: INTERNAL_IP4_SERVER 0x5ba0 length 4
ikev2_pld_payloads: decrypted payload SA nextpayload TSi critical 0x00 length 44
ikev2_pld_sa: more 0 reserved 0 length 40 proposal #1 protoid ESP spisize 4 xforms 3 spi 0x2e3fef46
ikev2_pld_xform: more 3 reserved 0 length 12 type ENCR id AES_CBC
ikev2_pld_attr: attribute type KEY_LENGTH length 256 total 4
ikev2_pld_xform: more 3 reserved 0 length 8 type INTEGR id HMAC_SHA2_256_128
ikev2_pld_xform: more 0 reserved 0 length 8 type ESN id NONE
ikev2_pld_payloads: decrypted payload TSi nextpayload TSr critical 0x00 length 24
ikev2_pld_ts: count 1 length 16
ikev2_pld_ts: type IPV4_ADDR_RANGE protoid 0 length 16 startport 0 endport 65535
ikev2_pld_ts: start 192.168.222.0 end 192.168.222.255
ikev2_pld_payloads: decrypted payload TSr nextpayload NONE critical 0x00 length 24
ikev2_pld_ts: count 1 length 16
ikev2_pld_ts: type IPV4_ADDR_RANGE protoid 0 length 16 startport 0 endport 65535
ikev2_pld_ts: start 0.0.0.0 end 255.255.255.255
ikev2_msg_send: IKE_AUTH response from 159.100.249.61:4500 to 198.48.213.186:58457 msgid 1, 272 bytes, NAT-T
pfkey_sa_add: update spi 0x2e3fef46
pfkey_sa: udpencap port 58457
ikev2_childsa_enable: loaded CHILD SA spi 0x2e3fef46
pfkey_sa_add: add spi 0x0ec8190f
pfkey_sa: udpencap port 58457
ikev2_childsa_enable: loaded CHILD SA spi 0x0ec8190f
ikev2_childsa_enable: loaded flow 0x1c315193ac00
ikev2_childsa_enable: loaded flow 0x1c315193a400
sa_state: VALID -> ESTABLISHED from 198.48.213.186:58457 to 159.100.249.61:4500 policy 'ios10'
config_free_proposals: free 0x1c31e3715880
pfkey_sa_last_used: last_used 1494195465
ikev2_ike_sa_alive: incoming CHILD SA spi 0x2e3fef46 last used 0 second(s) ago
pfkey_sa_last_used: last_used 1494195518
ikev2_ike_sa_alive: incoming CHILD SA spi 0x2e3fef46 last used 7 second(s) ago
pfkey_sa_last_used: last_used 1494195580
ikev2_ike_sa_alive: incoming CHILD SA spi 0x2e3fef46 last used 5 second(s) ago
pfkey_sa_last_used: last_used 1494195642
ikev2_ike_sa_alive: incoming CHILD SA spi 0x2e3fef46 last used 3 second(s) ago
pfkey_sa_last_used: last_used 1494195705
ikev2_ike_sa_alive: incoming CHILD SA spi 0x2e3fef46 last used 0 second(s) ago
pfkey_sa_last_used: last_used 1494195760
ikev2_ike_sa_alive: incoming CHILD SA spi 0x2e3fef46 last used 5 second(s) ago
pfkey_sa_last_used: last_used 1494195820
ikev2_ike_sa_alive: incoming CHILD SA spi 0x2e3fef46 last used 5 second(s) ago
pfkey_sa_last_used: last_used 1494195883
ikev2_ike_sa_alive: incoming CHILD SA spi 0x2e3fef46 last used 2 second(s) ago
ikev2_recv: CREATE_CHILD_SA request from initiator 198.48.213.186:58457 to 159.100.249.61:4500 policy 'ios10' id 2, 416 bytes
ikev2_recv: ispi 0x1e6e9d8c7451ec2f rspi 0xcd9fff65dfabfff9
ikev2_recv: updated SA to peer 198.48.213.186:58457 local 159.100.249.61:4500
ikev2_pld_parse: header ispi 0x1e6e9d8c7451ec2f rspi 0xcd9fff65dfabfff9 nextpayload SK version 0x20 exchange CREATE_CHILD_SA flags 0x08 msgid 2 length 416 response 0
ikev2_pld_payloads: payload SK nextpayload SA critical 0x00 length 388
ikev2_msg_decrypt: IV length 16
f0f63ac3 118cb336 f1bbd248 b8ff4f32
ikev2_msg_decrypt: encrypted payload length 352
69ae6724 335d5765 74b9ab0c 410a002e 55dd85f4 b869f85e baece9d7 bd89fa1b
2d9199b1 af910e2b 56361709 161dfbdd fb19fc1e 5d2ac7ea e75b6aeb 10c65fd1
a3a868ff f7188bb2 1e77045e 0d12efda 6340da35 eb64de25 1614c086 79f97ed4
7c73d773 7cc4bf9d 642701ec 0fff4183 622dcb1b 3267ad24 51e61c02 0e24c46f
821fd202 b081ee29 965fc0f4 3de4ff6b b107a11c 157fd445 f10dce3a 5699a96a
17f05d0d 92adf7e7 1e6f693f 876ba162 616c3e2d 748d6a8c dd113f7e eb362a11
c9ed66f9 cac2b05a 718f0d5a 7a9476da 10125cba 70daa7ef c52b778f b5ddb688
3bec8377 fbd2f35c 933a25b6 6cc8cffd a9cb12f1 ae921f5a 9580caad 0654e61a
fa92932b 64e3ec37 8273280a a030aeab 8c765019 1458679b 26a538f6 f8599b14
62ff5381 84101c29 b953f674 a4e1f13b 158c8ef1 b4267b0d 80f0a1a3 ddf3a1d1
65210175 de28875b 9a3ace64 497f1a8a 5e153794 3b33124a 28e0ce41 59646418
ikev2_msg_decrypt: integrity checksum length 16
6e4207c9 b55aabc1 ee6ee0ed 48baa0ed
ikev2_msg_decrypt: integrity check succeeded
6e4207c9 b55aabc1 ee6ee0ed 48baa0ed
ikev2_msg_decrypt: decrypted payload length 352/352 padding 11
28000038 00000034 01010804 e920cdaf 57b6d060 0300000c 0100000c 800e0100
03000008 02000005 03000008 0300000c 00000008 0400000e 22000014 d81a218b
e19562d2 f0147c46 d68dfbe2 00000108 000e0000 d3ddc4ca 7733dcb8 af7ddb6b
225dc9e2 5667f4f5 d479e0c8 a9094b64 0daf7121 abaea201 bb88ce36 d80cec1a
391f107b 99bb170f 19670e98 fd15d6ae 84261fdc e235029b 59d93d69 25323612
6d64e9aa 639f3ed9 0485a9e3 226091d4 f0b75060 95eae79b 4b7a34fc ddcaedd6
c2d0cd90 19c4ba46 45236e36 9b381ea1 5914005c 36f667a9 203ccaca 51a70e9e
17c6208b a039d698 dc068623 a0385e4d d4dfb621 00d0cb63 3fc8180a e9d91a47
691c4470 6becc0ce b55a801f cc48ef8f 6ec599b6 659e42f6 19b5c4ed 1522eb3e
3b113f57 2582e874 9ac0c3de 3ae6e005 42691237 44ababbf 36a82769 8f367c2f
d5df7eff 3b756045 9b53ee18 eacb8e13 c164f428 ba74c014 1a032316 0943870b
ikev2_pld_payloads: decrypted payload SA nextpayload NONCE critical 0x00 length 56
ikev2_pld_sa: more 0 reserved 0 length 52 proposal #1 protoid IKE spisize 8 xforms 4 spi 0xe920cdaf57b6d060
ikev2_pld_xform: more 3 reserved 0 length 12 type ENCR id AES_CBC
ikev2_pld_attr: attribute type KEY_LENGTH length 256 total 4
ikev2_pld_xform: more 3 reserved 0 length 8 type PRF id HMAC_SHA2_256
ikev2_pld_xform: more 3 reserved 0 length 8 type INTEGR id HMAC_SHA2_256_128
ikev2_pld_xform: more 0 reserved 0 length 8 type DH id MODP_2048
ikev2_pld_payloads: decrypted payload NONCE nextpayload KE critical 0x00 length 20
d81a218b e19562d2 f0147c46 d68dfbe2
ikev2_pld_payloads: decrypted payload KE nextpayload NONE critical 0x00 length 264
ikev2_pld_ke: dh group MODP_2048 reserved 0
d3ddc4ca 7733dcb8 af7ddb6b 225dc9e2 5667f4f5 d479e0c8 a9094b64 0daf7121
abaea201 bb88ce36 d80cec1a 391f107b 99bb170f 19670e98 fd15d6ae 84261fdc
e235029b 59d93d69 25323612 6d64e9aa 639f3ed9 0485a9e3 226091d4 f0b75060
95eae79b 4b7a34fc ddcaedd6 c2d0cd90 19c4ba46 45236e36 9b381ea1 5914005c
36f667a9 203ccaca 51a70e9e 17c6208b a039d698 dc068623 a0385e4d d4dfb621
00d0cb63 3fc8180a e9d91a47 691c4470 6becc0ce b55a801f cc48ef8f 6ec599b6
659e42f6 19b5c4ed 1522eb3e 3b113f57 2582e874 9ac0c3de 3ae6e005 42691237
44ababbf 36a82769 8f367c2f d5df7eff 3b756045 9b53ee18 eacb8e13 c164f428
ikev2_resp_create_child_sa: rekey IKE spi 0x1e6e9d8c7451ec2f
ikev2_policy2id: srcid FQDN/novosibirsk.chown.me length 24
sa_state: INIT -> SA_INIT
ikev2_match_proposals: xform 1 <-> 1 (1): ENCR AES_CBC (keylength 256 <-> 256) 256
ikev2_match_proposals: xform 1 <-> 1 (1): PRF HMAC_SHA2_256 (keylength 0 <-> 0)
ikev2_match_proposals: xform 1 <-> 1 (1): INTEGR HMAC_SHA2_256_128 (keylength 0 <-> 256)
ikev2_match_proposals: xform 1 <-> 1 (1): DH MODP_2048 (keylength 0 <-> 0)
ikev2_sa_negotiate: score 4
ikev2_sa_negotiate: score 1: ENCR AES_CBC 256
ikev2_sa_negotiate: score 1: PRF HMAC_SHA2_256
ikev2_sa_negotiate: score 1: INTEGR HMAC_SHA2_256_128
ikev2_sa_negotiate: score 1: DH MODP_2048
sa_stateok: SA_INIT flags 0x0000, require 0x0000
sa_stateflags: 0x0000 -> 0x0020 sa (required 0x0000 )
ikev2_sa_keys: SKEYSEED with 32 bytes
7e1e14c1 7a4dfa8e 584ef4af d7398bed cbc60f00 61796fd5 98d76c35 a814920f
ikev2_sa_keys: S with 64 bytes
d81a218b e19562d2 f0147c46 d68dfbe2 27c7e0af 29215581 40d824d0 3deda679
106fd0a4 e39a333a 584d66c7 295d4ea3 e920cdaf 57b6d060 2be28168 4e985433
ikev2_prfplus: T1 with 32 bytes
3088f0e8 2c3060d2 e886cbae de98b23a e04bbd63 c640b236 4196fc2c ed1099d2
ikev2_prfplus: T2 with 32 bytes
61d241db 012d21f4 720f5b91 67241a77 2f74795b b19799d7 94666ea1 31f75e07
ikev2_prfplus: T3 with 32 bytes
969d679c 9e51e2ee 631769f5 b101d60d 67392afe 31927e05 f29b4ba1 71cf4bb7
ikev2_prfplus: T4 with 32 bytes
81b4f6d7 1b97f82b 10ed3b89 528c1bf7 7dcf6bf4 1b3fec37 37d39923 ce97a2f5
ikev2_prfplus: T5 with 32 bytes
57c279f6 0b7df2f2 74411c61 fea6b30f a1833f24 8bebd011 6a9e9586 67ff556d
ikev2_prfplus: T6 with 32 bytes
829b2f56 179c950e 1fc58346 c6db37cf f3db7410 a740ed8e 45829f19 010ca1c6
ikev2_prfplus: T7 with 32 bytes
89a2a091 7db1b26d 0b010698 39e4bf58 a7ef007f 3b860de4 5712ece7 4755ba70
ikev2_prfplus: Tn with 224 bytes
3088f0e8 2c3060d2 e886cbae de98b23a e04bbd63 c640b236 4196fc2c ed1099d2
61d241db 012d21f4 720f5b91 67241a77 2f74795b b19799d7 94666ea1 31f75e07
969d679c 9e51e2ee 631769f5 b101d60d 67392afe 31927e05 f29b4ba1 71cf4bb7
81b4f6d7 1b97f82b 10ed3b89 528c1bf7 7dcf6bf4 1b3fec37 37d39923 ce97a2f5
57c279f6 0b7df2f2 74411c61 fea6b30f a1833f24 8bebd011 6a9e9586 67ff556d
829b2f56 179c950e 1fc58346 c6db37cf f3db7410 a740ed8e 45829f19 010ca1c6
89a2a091 7db1b26d 0b010698 39e4bf58 a7ef007f 3b860de4 5712ece7 4755ba70
ikev2_sa_keys: SK_d with 32 bytes
3088f0e8 2c3060d2 e886cbae de98b23a e04bbd63 c640b236 4196fc2c ed1099d2
ikev2_sa_keys: SK_ai with 32 bytes
61d241db 012d21f4 720f5b91 67241a77 2f74795b b19799d7 94666ea1 31f75e07
ikev2_sa_keys: SK_ar with 32 bytes
969d679c 9e51e2ee 631769f5 b101d60d 67392afe 31927e05 f29b4ba1 71cf4bb7
ikev2_sa_keys: SK_ei with 32 bytes
81b4f6d7 1b97f82b 10ed3b89 528c1bf7 7dcf6bf4 1b3fec37 37d39923 ce97a2f5
ikev2_sa_keys: SK_er with 32 bytes
57c279f6 0b7df2f2 74411c61 fea6b30f a1833f24 8bebd011 6a9e9586 67ff556d
ikev2_sa_keys: SK_pi with 32 bytes
829b2f56 179c950e 1fc58346 c6db37cf f3db7410 a740ed8e 45829f19 010ca1c6
ikev2_sa_keys: SK_pr with 32 bytes
89a2a091 7db1b26d 0b010698 39e4bf58 a7ef007f 3b860de4 5712ece7 4755ba70
sa_state: SA_INIT -> AUTH_SUCCESS
ikev2_add_proposals: length 52
ikev2_next_payload: length 56 nextpayload NONCE
ikev2_next_payload: length 36 nextpayload KE
ikev2_next_payload: length 264 nextpayload NONE
ikev2_msg_encrypt: decrypted length 356
28000038 00000034 01010804 2be28168 4e985433 0300000c 0100000c 800e0100
03000008 02000005 03000008 0300000c 00000008 0400000e 22000024 27c7e0af
29215581 40d824d0 3deda679 106fd0a4 e39a333a 584d66c7 295d4ea3 00000108
000e0000 55370b4a 8a1bc757 a236a48d ac2625fd 0dc6f66a 3116e043 ddeb8dd9
70c81998 4919165b 5cad6cbe 57c689f7 96845e7d 10eb3152 061ff371 c6fc3092
abe4744e 255f6e01 29f2b1e9 50045ba2 46c2bdf6 caf9a237 2f0c998d 13828ff7
e02d9297 be5e83de 1a530721 6e2ac1cb a54dc8fe 1f022e06 a0b8aaf2 3014b755
e7573faf ff18f403 30cfa6cb 94ceb155 7f3d515d e2f2c2de 8ccf9398 d69c72e2
be2d45ee 7e78f2e4 ae494ecb 7d34fb17 3a86036e 77c207ca 3c9d9977 d014f3f0
8c89319d 960b1924 aef2836d ba663260 645f6c22 cff71343 63454ef7 758d00f8
6ce36235 1ddc3074 39c96d91 63afda8b 57dd7f93 b95c1ce5 063754ae 24e8b9c6
98abb73c
ikev2_msg_encrypt: padded length 368
28000038 00000034 01010804 2be28168 4e985433 0300000c 0100000c 800e0100
03000008 02000005 03000008 0300000c 00000008 0400000e 22000024 27c7e0af
29215581 40d824d0 3deda679 106fd0a4 e39a333a 584d66c7 295d4ea3 00000108
000e0000 55370b4a 8a1bc757 a236a48d ac2625fd 0dc6f66a 3116e043 ddeb8dd9
70c81998 4919165b 5cad6cbe 57c689f7 96845e7d 10eb3152 061ff371 c6fc3092
abe4744e 255f6e01 29f2b1e9 50045ba2 46c2bdf6 caf9a237 2f0c998d 13828ff7
e02d9297 be5e83de 1a530721 6e2ac1cb a54dc8fe 1f022e06 a0b8aaf2 3014b755
e7573faf ff18f403 30cfa6cb 94ceb155 7f3d515d e2f2c2de 8ccf9398 d69c72e2
be2d45ee 7e78f2e4 ae494ecb 7d34fb17 3a86036e 77c207ca 3c9d9977 d014f3f0
8c89319d 960b1924 aef2836d ba663260 645f6c22 cff71343 63454ef7 758d00f8
6ce36235 1ddc3074 39c96d91 63afda8b 57dd7f93 b95c1ce5 063754ae 24e8b9c6
98abb73c dd9bb856 8ea463b7 7c450d0b
ikev2_msg_encrypt: length 357, padding 11, output length 400
d07e1a96 f5a34890 4fc71686 3e9e2476 f3c45ef0 773cda21 f9bb496d 5e0fa716
fb1286e7 9af8e613 f9a7ca76 bb5c89af b87ba0a3 06d29905 09aabf03 60a3a9bc
d119a323 cffecd4d 46b9c645 d6588731 43f4de15 ddd17f16 d31dbf21 1fd63e49
e5cf5fc9 4a3af32c 001a9efa 10eb812c e4e5fcc9 64ba2c05 3f0b46a9 4364084d
cf59fea7 a955678e fe1c9276 df9fe4b7 c8c2085a 329d66a7 a310ccf9 d8cee169
82b16eaf 1829e24f b6bde8e8 5b9ff626 767d37f6 60800f98 d1a4737d fe5078e9
bbf7f66c b92a9234 a4d7cd93 af5a080b e0d4084d 05683e08 8631d81b 884563ca
8719a2ce c507e5a1 99aec81b 7f5a5e2b 6a4ee84b 972e777d dea9ac76 f94197ec
bb534174 65a488d9 b35f5141 72ceea49 c46146ee 4bf84211 3dd78216 8ef79f3d
b382b8a7 918786db 7c9179c1 3b456a55 9f2492bd 3fefaa2f 496b36a5 27f61f54
2912ebe1 214b0ec4 eabafe0f 638ec92a 67be78ff 94f56153 1d62cc20 22f8e718
3c6e9214 81b412b5 381aab77 193cfef6 12ca9e39 ca9be282 a0f817a0 4294a2bb
00000000 00000000 00000000 00000000
ikev2_next_payload: length 404 nextpayload SA
ikev2_msg_integr: message length 432
1e6e9d8c 7451ec2f cd9fff65 dfabfff9 2e202420 00000002 000001b0 21000194
d07e1a96 f5a34890 4fc71686 3e9e2476 f3c45ef0 773cda21 f9bb496d 5e0fa716
fb1286e7 9af8e613 f9a7ca76 bb5c89af b87ba0a3 06d29905 09aabf03 60a3a9bc
d119a323 cffecd4d 46b9c645 d6588731 43f4de15 ddd17f16 d31dbf21 1fd63e49
e5cf5fc9 4a3af32c 001a9efa 10eb812c e4e5fcc9 64ba2c05 3f0b46a9 4364084d
cf59fea7 a955678e fe1c9276 df9fe4b7 c8c2085a 329d66a7 a310ccf9 d8cee169
82b16eaf 1829e24f b6bde8e8 5b9ff626 767d37f6 60800f98 d1a4737d fe5078e9
bbf7f66c b92a9234 a4d7cd93 af5a080b e0d4084d 05683e08 8631d81b 884563ca
8719a2ce c507e5a1 99aec81b 7f5a5e2b 6a4ee84b 972e777d dea9ac76 f94197ec
bb534174 65a488d9 b35f5141 72ceea49 c46146ee 4bf84211 3dd78216 8ef79f3d
b382b8a7 918786db 7c9179c1 3b456a55 9f2492bd 3fefaa2f 496b36a5 27f61f54
2912ebe1 214b0ec4 eabafe0f 638ec92a 67be78ff 94f56153 1d62cc20 22f8e718
3c6e9214 81b412b5 381aab77 193cfef6 12ca9e39 ca9be282 a0f817a0 4294a2bb
00000000 00000000 00000000 00000000
ikev2_msg_integr: integrity checksum length 16
83b51d9c 39629279 fd255697 1696c3a1 6784862a caf9ac70 e0e4e80c 4834884c
ikev2_pld_parse: header ispi 0x1e6e9d8c7451ec2f rspi 0xcd9fff65dfabfff9 nextpayload SK version 0x20 exchange CREATE_CHILD_SA flags 0x20 msgid 2 length 432 response 1
ikev2_pld_payloads: payload SK nextpayload SA critical 0x00 length 404
ikev2_msg_decrypt: IV length 16
d07e1a96 f5a34890 4fc71686 3e9e2476
ikev2_msg_decrypt: encrypted payload length 368
f3c45ef0 773cda21 f9bb496d 5e0fa716 fb1286e7 9af8e613 f9a7ca76 bb5c89af
b87ba0a3 06d29905 09aabf03 60a3a9bc d119a323 cffecd4d 46b9c645 d6588731
43f4de15 ddd17f16 d31dbf21 1fd63e49 e5cf5fc9 4a3af32c 001a9efa 10eb812c
e4e5fcc9 64ba2c05 3f0b46a9 4364084d cf59fea7 a955678e fe1c9276 df9fe4b7
c8c2085a 329d66a7 a310ccf9 d8cee169 82b16eaf 1829e24f b6bde8e8 5b9ff626
767d37f6 60800f98 d1a4737d fe5078e9 bbf7f66c b92a9234 a4d7cd93 af5a080b
e0d4084d 05683e08 8631d81b 884563ca 8719a2ce c507e5a1 99aec81b 7f5a5e2b
6a4ee84b 972e777d dea9ac76 f94197ec bb534174 65a488d9 b35f5141 72ceea49
c46146ee 4bf84211 3dd78216 8ef79f3d b382b8a7 918786db 7c9179c1 3b456a55
9f2492bd 3fefaa2f 496b36a5 27f61f54 2912ebe1 214b0ec4 eabafe0f 638ec92a
67be78ff 94f56153 1d62cc20 22f8e718 3c6e9214 81b412b5 381aab77 193cfef6
12ca9e39 ca9be282 a0f817a0 4294a2bb
ikev2_msg_decrypt: integrity checksum length 16
83b51d9c 39629279 fd255697 1696c3a1
ikev2_msg_decrypt: integrity check succeeded
83b51d9c 39629279 fd255697 1696c3a1
ikev2_msg_decrypt: decrypted payload length 368/368 padding 11
28000038 00000034 01010804 2be28168 4e985433 0300000c 0100000c 800e0100
03000008 02000005 03000008 0300000c 00000008 0400000e 22000024 27c7e0af
29215581 40d824d0 3deda679 106fd0a4 e39a333a 584d66c7 295d4ea3 00000108
000e0000 55370b4a 8a1bc757 a236a48d ac2625fd 0dc6f66a 3116e043 ddeb8dd9
70c81998 4919165b 5cad6cbe 57c689f7 96845e7d 10eb3152 061ff371 c6fc3092
abe4744e 255f6e01 29f2b1e9 50045ba2 46c2bdf6 caf9a237 2f0c998d 13828ff7
e02d9297 be5e83de 1a530721 6e2ac1cb a54dc8fe 1f022e06 a0b8aaf2 3014b755
e7573faf ff18f403 30cfa6cb 94ceb155 7f3d515d e2f2c2de 8ccf9398 d69c72e2
be2d45ee 7e78f2e4 ae494ecb 7d34fb17 3a86036e 77c207ca 3c9d9977 d014f3f0
8c89319d 960b1924 aef2836d ba663260 645f6c22 cff71343 63454ef7 758d00f8
6ce36235 1ddc3074 39c96d91 63afda8b 57dd7f93 b95c1ce5 063754ae 24e8b9c6
98abb73c dd9bb856 8ea463b7 7c450d0b
ikev2_pld_payloads: decrypted payload SA nextpayload NONCE critical 0x00 length 56
ikev2_pld_sa: more 0 reserved 0 length 52 proposal #1 protoid IKE spisize 8 xforms 4 spi 0x2be281684e985433
ikev2_pld_xform: more 3 reserved 0 length 12 type ENCR id AES_CBC
ikev2_pld_attr: attribute type KEY_LENGTH length 256 total 4
ikev2_pld_xform: more 3 reserved 0 length 8 type PRF id HMAC_SHA2_256
ikev2_pld_xform: more 3 reserved 0 length 8 type INTEGR id HMAC_SHA2_256_128
ikev2_pld_xform: more 0 reserved 0 length 8 type DH id MODP_2048
ikev2_pld_payloads: decrypted payload NONCE nextpayload KE critical 0x00 length 36
27c7e0af 29215581 40d824d0 3deda679 106fd0a4 e39a333a 584d66c7 295d4ea3
ikev2_pld_payloads: decrypted payload KE nextpayload NONE critical 0x00 length 264
ikev2_pld_ke: dh group MODP_2048 reserved 0
55370b4a 8a1bc757 a236a48d ac2625fd 0dc6f66a 3116e043 ddeb8dd9 70c81998
4919165b 5cad6cbe 57c689f7 96845e7d 10eb3152 061ff371 c6fc3092 abe4744e
255f6e01 29f2b1e9 50045ba2 46c2bdf6 caf9a237 2f0c998d 13828ff7 e02d9297
be5e83de 1a530721 6e2ac1cb a54dc8fe 1f022e06 a0b8aaf2 3014b755 e7573faf
ff18f403 30cfa6cb 94ceb155 7f3d515d e2f2c2de 8ccf9398 d69c72e2 be2d45ee
7e78f2e4 ae494ecb 7d34fb17 3a86036e 77c207ca 3c9d9977 d014f3f0 8c89319d
960b1924 aef2836d ba663260 645f6c22 cff71343 63454ef7 758d00f8 6ce36235
1ddc3074 39c96d91 63afda8b 57dd7f93 b95c1ce5 063754ae 24e8b9c6 98abb73c
ikev2_msg_send: CREATE_CHILD_SA response from 159.100.249.61:4500 to 198.48.213.186:58457 msgid 2, 432 bytes, NAT-T
ikev2_ikesa_enable: IKE SA 0x1c322380a000 ispi 0x1e6e9d8c7451ec2f rspi 0xcd9fff65dfabfff9 replaced by SA 0x1c31e3719800 ispi 0xe920cdaf57b6d060 rspi 0x2be281684e985433
ikev2_ikesa_enable: activating new IKE SA
sa_state: AUTH_SUCCESS -> ESTABLISHED from 198.48.213.186:58457 to 159.100.249.61:4500 policy 'ios10'
sa_state: ESTABLISHED -> CLOSING
config_free_proposals: free 0x1c31ca837300
ikev2_recv: INFORMATIONAL request from initiator 198.48.213.186:58457 to 159.100.249.61:4500 policy 'ios10' id 3, 80 bytes
ikev2_recv: ispi 0x1e6e9d8c7451ec2f rspi 0xcd9fff65dfabfff9
ikev2_recv: updated SA to peer 198.48.213.186:58457 local 159.100.249.61:4500
ikev2_pld_parse: header ispi 0x1e6e9d8c7451ec2f rspi 0xcd9fff65dfabfff9 nextpayload SK version 0x20 exchange INFORMATIONAL flags 0x08 msgid 3 length 80 response 0
ikev2_pld_payloads: payload SK nextpayload DELETE critical 0x00 length 52
ikev2_msg_decrypt: IV length 16
a7ded7f9 e4064467 8b285ddf af0aa502
ikev2_msg_decrypt: encrypted payload length 16
6605e6b6 deb816c6 02c21e3f ac9fb84f
ikev2_msg_decrypt: integrity checksum length 16
249f3d29 1556a4d1 e5c65000 f0d561d9
ikev2_msg_decrypt: integrity check succeeded
249f3d29 1556a4d1 e5c65000 f0d561d9
ikev2_msg_decrypt: decrypted payload length 16/16 padding 7
00000008 01000000 21c2a906 f349f807
ikev2_pld_payloads: decrypted payload DELETE nextpayload NONE critical 0x00 length 8
ikev2_pld_delete: proto IKE spisize 0 nspi 0
ikev2_next_payload: length 4 nextpayload NONE
ikev2_msg_encrypt: decrypted length 4
00000004
ikev2_msg_encrypt: padded length 16
00000004 98b521d9 cb46dc71 4c1d790b
ikev2_msg_encrypt: length 5, padding 11, output length 48
d154ea38 285862f4 e0e24bbc 1fc3438b c615c60e 4150cfaf 458ea08a 0cbed4f8
00000000 00000000 00000000 00000000
ikev2_next_payload: length 52 nextpayload NONE
ikev2_msg_integr: message length 80
1e6e9d8c 7451ec2f cd9fff65 dfabfff9 2e202520 00000003 00000050 00000034
d154ea38 285862f4 e0e24bbc 1fc3438b c615c60e 4150cfaf 458ea08a 0cbed4f8
00000000 00000000 00000000 00000000
ikev2_msg_integr: integrity checksum length 16
579a43b3 e809fb09 6aefebc8 95f60981 0a98dd34 4eb33f5c 3bdf24f7 98bc648a
ikev2_pld_parse: header ispi 0x1e6e9d8c7451ec2f rspi 0xcd9fff65dfabfff9 nextpayload SK version 0x20 exchange INFORMATIONAL flags 0x20 msgid 3 length 80 response 1
ikev2_pld_payloads: payload SK nextpayload NONE critical 0x00 length 52
ikev2_msg_decrypt: IV length 16
d154ea38 285862f4 e0e24bbc 1fc3438b
ikev2_msg_decrypt: encrypted payload length 16
c615c60e 4150cfaf 458ea08a 0cbed4f8
ikev2_msg_decrypt: integrity checksum length 16
579a43b3 e809fb09 6aefebc8 95f60981
ikev2_msg_decrypt: integrity check succeeded
579a43b3 e809fb09 6aefebc8 95f60981
ikev2_msg_decrypt: decrypted payload length 16/16 padding 11
00000004 98b521d9 cb46dc71 4c1d790b
ikev2_msg_send: INFORMATIONAL response from 159.100.249.61:4500 to 198.48.213.186:58457 msgid 3, 80 bytes, NAT-T
sa_state: CLOSING -> CLOSED from 198.48.213.186:58457 to 159.100.249.61:4500 policy 'ios10'
ikev2_recv: closing SA
sa_free: ispi 0x1e6e9d8c7451ec2f rspi 0xcd9fff65dfabfff9
config_free_proposals: free 0x1c31d8d49c80
ikev2_recv: CREATE_CHILD_SA request from initiator 198.48.213.186:58457 to 159.100.249.61:4500 policy 'ios10' id 0, 192 bytes
ikev2_recv: ispi 0xe920cdaf57b6d060 rspi 0x2be281684e985433
ikev2_recv: updated SA to peer 198.48.213.186:58457 local 159.100.249.61:4500
ikev2_pld_parse: header ispi 0xe920cdaf57b6d060 rspi 0x2be281684e985433 nextpayload SK version 0x20 exchange CREATE_CHILD_SA flags 0x08 msgid 0 length 192 response 0
ikev2_pld_payloads: payload SK nextpayload NOTIFY critical 0x00 length 164
ikev2_msg_decrypt: IV length 16
e6cd4f76 a0f1603b 48105534 6ba2d250
ikev2_msg_decrypt: encrypted payload length 128
dd5c61a4 ed71a531 943e10e4 9fa2f0a0 22351d7b e46b45d5 a8f9878d d5b357f2
973b5dbf bdf79617 70647936 8c13e7fb ebc2e23f 41a919a3 fa72921f 831d5f88
ee357888 4b36d9ef 828138a9 15e51fcc 445bb0eb b02fda44 754dc34f b2e8a3b9
50359b35 35cceaf0 deaa4263 94bdf719 7ee32b51 a849f6b3 282c572b 4289c0a7
ikev2_msg_decrypt: integrity checksum length 16
8a0ae341 990753a0 1e1b7360 e90affb6
ikev2_msg_decrypt: integrity check succeeded
8a0ae341 990753a0 1e1b7360 e90affb6
ikev2_msg_decrypt: decrypted payload length 128/128 padding 3
2100000c 03044009 0ec8190f 2800002c 00000028 01030403 08a266cb 0300000c
0100000c 800e0100 03000008 0300000c 00000008 05000000 2c000014 a5d4efe8
7cd6a2d9 2981b5cd 44463667 2d000018 01000000 07000010 0000ffff c0a8de00
c0a8deff 00000018 01000000 07000010 0000ffff 00000000 ffffffff 66753503
ikev2_pld_payloads: decrypted payload NOTIFY nextpayload SA critical 0x00 length 12
ikev2_pld_notify: protoid ESP spisize 4 type REKEY_SA
0ec8190f
ikev2_pld_notify: rekey ESP spi 0x0ec8190f
ikev2_pld_payloads: decrypted payload SA nextpayload NONCE critical 0x00 length 44
ikev2_pld_sa: more 0 reserved 0 length 40 proposal #1 protoid ESP spisize 4 xforms 3 spi 0x08a266cb
ikev2_pld_xform: more 3 reserved 0 length 12 type ENCR id AES_CBC
ikev2_pld_attr: attribute type KEY_LENGTH length 256 total 4
ikev2_pld_xform: more 3 reserved 0 length 8 type INTEGR id HMAC_SHA2_256_128
ikev2_pld_xform: more 0 reserved 0 length 8 type ESN id NONE
ikev2_pld_payloads: decrypted payload NONCE nextpayload TSi critical 0x00 length 20
a5d4efe8 7cd6a2d9 2981b5cd 44463667
ikev2_pld_payloads: decrypted payload TSi nextpayload TSr critical 0x00 length 24
ikev2_pld_ts: count 1 length 16
ikev2_pld_ts: type IPV4_ADDR_RANGE protoid 0 length 16 startport 0 endport 65535
ikev2_pld_ts: start 192.168.222.0 end 192.168.222.255
ikev2_pld_payloads: decrypted payload TSr nextpayload NONE critical 0x00 length 24
ikev2_pld_ts: count 1 length 16
ikev2_pld_ts: type IPV4_ADDR_RANGE protoid 0 length 16 startport 0 endport 65535
ikev2_pld_ts: start 0.0.0.0 end 255.255.255.255
ikev2_resp_create_child_sa: rekey ESP spi 0x0ec8190f
ikev2_match_proposals: xform 1 <-> 2 (1): ENCR AES_CBC (keylength 256 <-> 256) 256
ikev2_match_proposals: xform 1 <-> 2 (1): INTEGR HMAC_SHA2_256_128 (keylength 0 <-> 256)
ikev2_match_proposals: xform 1 <-> 2 (2): ESN NONE (keylength 0 <-> 0)
ikev2_sa_negotiate: score 0
ikev2_resp_create_child_sa: no proposal chosen
ikev2_next_payload: length 8 nextpayload NONE
ikev2_msg_encrypt: decrypted length 8
00000008 0000000e
ikev2_msg_encrypt: padded length 16
00000008 0000000e acfa3803 83f6d807
ikev2_msg_encrypt: length 9, padding 7, output length 48
18fa987b 483ba69b 6c33a939 898e1e1b 0090edde e1b5579f 46f0a67d 07b93553
00000000 00000000 00000000 00000000
ikev2_next_payload: length 52 nextpayload NOTIFY
ikev2_msg_integr: message length 80
e920cdaf 57b6d060 2be28168 4e985433 2e202420 00000000 00000050 29000034
18fa987b 483ba69b 6c33a939 898e1e1b 0090edde e1b5579f 46f0a67d 07b93553
00000000 00000000 00000000 00000000
ikev2_msg_integr: integrity checksum length 16
793dcba5 cc2d01e9 e9170a93 31a5392e 864a66f3 fab3de8d ff43f1b1 69093ab8
ikev2_pld_parse: header ispi 0xe920cdaf57b6d060 rspi 0x2be281684e985433 nextpayload SK version 0x20 exchange CREATE_CHILD_SA flags 0x20 msgid 0 length 80 response 1
ikev2_pld_payloads: payload SK nextpayload NOTIFY critical 0x00 length 52
ikev2_msg_decrypt: IV length 16
18fa987b 483ba69b 6c33a939 898e1e1b
ikev2_msg_decrypt: encrypted payload length 16
0090edde e1b5579f 46f0a67d 07b93553
ikev2_msg_decrypt: integrity checksum length 16
793dcba5 cc2d01e9 e9170a93 31a5392e
ikev2_msg_decrypt: integrity check succeeded
793dcba5 cc2d01e9 e9170a93 31a5392e
ikev2_msg_decrypt: decrypted payload length 16/16 padding 7
00000008 0000000e acfa3803 83f6d807
ikev2_pld_payloads: decrypted payload NOTIFY nextpayload NONE critical 0x00 length 8
ikev2_pld_notify: protoid NONE spisize 0 type NO_PROPOSAL_CHOSEN
ikev2_msg_send: CREATE_CHILD_SA response from 159.100.249.61:4500 to 198.48.213.186:58457 msgid 0, 80 bytes, NAT-T
config_free_proposals: free 0x1c31e3715e80
ikev2_recv: INFORMATIONAL request from initiator 198.48.213.186:58457 to 159.100.249.61:4500 policy 'ios10' id 1, 80 bytes
ikev2_recv: ispi 0xe920cdaf57b6d060 rspi 0x2be281684e985433
ikev2_recv: updated SA to peer 198.48.213.186:58457 local 159.100.249.61:4500
ikev2_pld_parse: header ispi 0xe920cdaf57b6d060 rspi 0x2be281684e985433 nextpayload SK version 0x20 exchange INFORMATIONAL flags 0x08 msgid 1 length 80 response 0
ikev2_pld_payloads: payload SK nextpayload DELETE critical 0x00 length 52
ikev2_msg_decrypt: IV length 16
f49ac0cc 2c4c98b2 27bb18fa f6212760
ikev2_msg_decrypt: encrypted payload length 16
3572e6fe 325e6a64 7578fbcb 4f8479f5
ikev2_msg_decrypt: integrity checksum length 16
f0de7293 f7e85bbd 94e78a30 2673da41
ikev2_msg_decrypt: integrity check succeeded
f0de7293 f7e85bbd 94e78a30 2673da41
ikev2_msg_decrypt: decrypted payload length 16/16 padding 7
00000008 01000000 be0cea22 b6717a07
ikev2_pld_payloads: decrypted payload DELETE nextpayload NONE critical 0x00 length 8
ikev2_pld_delete: proto IKE spisize 0 nspi 0
ikev2_next_payload: length 4 nextpayload NONE
ikev2_msg_encrypt: decrypted length 4
00000004
ikev2_msg_encrypt: padded length 16
00000004 536364e7 29fcedd7 266ed20b
ikev2_msg_encrypt: length 5, padding 11, output length 48
f8233df0 c5e3905a a6080877 dd506fee 55f8aff2 7fe47eb9 14439557 774b89ba
00000000 00000000 00000000 00000000
ikev2_next_payload: length 52 nextpayload NONE
ikev2_msg_integr: message length 80
e920cdaf 57b6d060 2be28168 4e985433 2e202520 00000001 00000050 00000034
f8233df0 c5e3905a a6080877 dd506fee 55f8aff2 7fe47eb9 14439557 774b89ba
00000000 00000000 00000000 00000000
ikev2_msg_integr: integrity checksum length 16
b326a1d9 aebfbcad 5e24471b 9861b2a7 07e97269 81a02230 0215cd56 e6bbeb3d
ikev2_pld_parse: header ispi 0xe920cdaf57b6d060 rspi 0x2be281684e985433 nextpayload SK version 0x20 exchange INFORMATIONAL flags 0x20 msgid 1 length 80 response 1
ikev2_pld_payloads: payload SK nextpayload NONE critical 0x00 length 52
ikev2_msg_decrypt: IV length 16
f8233df0 c5e3905a a6080877 dd506fee
ikev2_msg_decrypt: encrypted payload length 16
55f8aff2 7fe47eb9 14439557 774b89ba
ikev2_msg_decrypt: integrity checksum length 16
b326a1d9 aebfbcad 5e24471b 9861b2a7
ikev2_msg_decrypt: integrity check succeeded
b326a1d9 aebfbcad 5e24471b 9861b2a7
ikev2_msg_decrypt: decrypted payload length 16/16 padding 11
00000004 536364e7 29fcedd7 266ed20b
ikev2_msg_send: INFORMATIONAL response from 159.100.249.61:4500 to 198.48.213.186:58457 msgid 1, 80 bytes, NAT-T
sa_state: ESTABLISHED -> CLOSED from 198.48.213.186:58457 to 159.100.249.61:4500 policy 'ios10'
ikev2_recv: closing SA
sa_free: ispi 0xe920cdaf57b6d060 rspi 0x2be281684e985433
config_free_proposals: free 0x1c31ef8b7300
config_free_proposals: free 0x1c31e3715f00
config_free_childsas: free 0x1c31e3716500
config_free_childsas: free 0x1c3236fdbe00
sa_free_flows: free 0x1c315193ac00
sa_free_flows: free 0x1c315193a400
control exiting, pid 41841
ikev2 exiting, pid 20443
ca exiting, pid 46977
parent terminating
