= Сообщение: 8637 из 10753 ===================================== RU.UNIX.BSD = От : Sergey Anokhin 2:5034/10.999 12 Feb 19 10:20:01 Кому : All 12 Feb 19 10:20:01 Тема : Re: дебаг FGHI : area://RU.UNIX.BSD?msgid=2:5034/10.999+1226ac53 На : area://RU.UNIX.BSD?msgid=grosbein.net+3038e73c = Кодировка сообщения определена как: CP866 ================================== Ответ: area://RU.UNIX.BSD?msgid=grosbein.net+a3766fa6 ============================================================================== > Паникует на отладочной выдаче из-за options IPSEC_DEBUG в ядре. > Убери пока её из ядра и паниковать перестанет при остановке ракуна > по этой причине перестанет.
попробовать можно, но как дебажить? оно не заводилось все равно:
(pts/2)[root@server:/usr/obj/usr/src/amd64.amd64/sys/SERVER]# cat /var/log/racoon.log 2019-02-11 11:29:04: INFO: @(#)ipsec-tools 0.8.2 (http://ipsec-tools.sourceforge.net) 2019-02-11 11:29:04: INFO: @(#)This product linked OpenSSL 1.1.1a-freebsd 20 Nov 2018 (http://www.openssl.org/) 2019-02-11 11:29:04: INFO: Reading configuration from "/usr/local/etc/racoon/racoon.conf" 2019-02-11 11:29:04: INFO: 85.113.221.175[4500] used for NAT-T 2019-02-11 11:29:04: INFO: 85.113.221.175[4500] used as isakmp port (fd=4) 2019-02-11 11:29:04: INFO: 85.113.221.175[500] used as isakmp port (fd=5) 2019-02-11 11:29:32: INFO: respond new phase 1 negotiation: 85.113.221.175[500]<=>2.94.40.126[500] 2019-02-11 11:29:32: INFO: begin Identity Protection mode. 2019-02-11 11:29:32: INFO: received broken Microsoft ID: MS NT5 ISAKMPOAKLEY 2019-02-11 11:29:32: INFO: received Vendor ID: RFC 3947 2019-02-11 11:29:32: INFO: received Vendor ID: draft-ietf-ipsec-nat-t-ike-02
2019-02-11 11:29:32: INFO: received Vendor ID: FRAGMENTATION 2019-02-11 11:29:32: [2.94.40.126] INFO: Selected NAT-T version: RFC 3947 2019-02-11 11:29:32: ERROR: invalid DH group 20. 2019-02-11 11:29:32: ERROR: invalid DH group 19. Feb 11 11:29:32 server racoon[11786]: phase1(ident R msg1): 0.000773 2019-02-11 11:29:34: NOTIFY: the packet is retransmitted by 2.94.40.126[500] (1). 2019-02-11 11:29:34: [85.113.221.175] INFO: Hashing 85.113.221.175[500] with algo #2 2019-02-11 11:29:34: INFO: NAT-D payload #0 verified 2019-02-11 11:29:34: [2.94.40.126] INFO: Hashing 2.94.40.126[500] with algo #2 2019-02-11 11:29:34: INFO: NAT-D payload #1 doesn't match 2019-02-11 11:29:34: INFO: NAT detected: PEER 2019-02-11 11:29:34: [2.94.40.126] INFO: Hashing 2.94.40.126[500] with algo #2 Feb 11 11:29:34 server racoon[11786]: oakley_dh_generate(MODP2048): 0.009921 2019-02-11 11:29:34: [85.113.221.175] INFO: Hashing 85.113.221.175[500] with algo #2 2019-02-11 11:29:34: INFO: Adding remote and local NAT-D payloads. Feb 11 11:29:34 server racoon[11786]: oakley_dh_compute(MODP2048): 0.009789 Feb 11 11:29:34 server racoon[11786]: alg_oakley_hmacdef_one(hmac_sha1 size=64): 0.000034 Feb 11 11:29:34 server racoon[11786]: alg_oakley_hmacdef_one(hmac_sha1 size=273): 0.000007 2019-02-11 11:29:34: INFO: NAT-T: ports changed to: 2.94.40.126[4500]<->85.113.221.175[4500] Feb 11 11:29:34 server racoon[11786]: alg_oakley_hmacdef_one(hmac_sha1 size=293): 0.000007 Feb 11 11:29:34 server syslogd: last message repeated 1 times Feb 11 11:29:34 server racoon[11786]: alg_oakley_hmacdef_one(hmac_sha1 size=1): 0.000005 Feb 11 11:29:34 server racoon[11786]: alg_oakley_hmacdef_one(hmac_sha1 size=20): 0.000004 Feb 11 11:29:34 server racoon[11786]: phase1(ident R msg2): 0.072129 Feb 11 11:29:34 server racoon[11786]: alg_oakley_encdef_decrypt(aes klen=256 size=48): 0.000024 Feb 11 11:29:34 server racoon[11786]: alg_oakley_hmacdef_one(hmac_sha1 size=744): 0.000007 Feb 11 11:29:34 server racoon[11786]: oakley_validate_auth(pre-shared key): 0.000024 2019-02-11 11:29:34: INFO: ISAKMP-SA established 85.113.221.175[4500]-2.94.40.126[4500] spi:db59961a6b1ec965:4050be33b9ea5086 Feb 11 11:29:34 server racoon[11786]: alg_oakley_hmacdef_one(hmac_sha1 size=744): 0.000006 Feb 11 11:29:34 server racoon[11786]: alg_oakley_encdef_encrypt(aes klen=256 size=48): 0.000002 Feb 11 11:29:34 server racoon[11786]: phase1(ident R msg3): 0.000215 Feb 11 11:29:34 server racoon[11786]: phase1(Identity Protection): 2.207223 Feb 11 11:29:34 server racoon[11786]: alg_oakley_hmacdef_one(hmac_sha1 size=32): 0.000003 Feb 11 11:29:34 server racoon[11786]: alg_oakley_encdef_encrypt(aes klen=256 size=64): 0.000002 2019-02-11 11:29:34: INFO: respond new phase 2 negotiation: 85.113.221.175[4500]<=>2.94.40.126[4500] 2019-02-11 11:29:34: INFO: no policy found, try to generate the policy : 2.94.40.126/32[1701] 85.113.221.175/32[1701] proto=udp dir=in reqid=0 Feb 11 11:29:34 server racoon[11786]: alg_oakley_encdef_decrypt(aes klen=256 size=304): 0.000009 2019-02-11 11:29:34: INFO: Adjusting my encmode UDP-Transport->Transport Feb 11 11:29:34 server racoon[11786]: alg_oakley_hmacdef_one(hmac_sha1 size=276): 0.000008 2019-02-11 11:29:34: INFO: Adjusting peer's encmode UDP-Transport(4)->Transport(2) 2019-02-11 11:29:34: WARNING: authtype mismatched: my:hmac-md5 peer:hmac-sha Feb 11 11:29:34 server racoon[11786]: phase2(???): 0.000463 Feb 11 11:29:34 server racoon[11786]: alg_oakley_hmacdef_one(hmac_sha1 size=188): 0.000005 Feb 11 11:29:34 server racoon[11786]: alg_oakley_encdef_encrypt(aes klen=256 size=176): 0.000003 Feb 11 11:29:34 server racoon[11786]: phase2(quick R msg1): 0.000167 2019-02-11 11:29:34: ERROR: pfkey UPDATE failed: No such process 2019-02-11 11:29:34: INFO: IPsec-SA established: ESP 85.113.221.175[4500]->2.94.40.126[4500] spi=3498292410(0xd083b4ba) Feb 11 11:29:34 server racoon[11786]: alg_oakley_encdef_decrypt(aes klen=256 size=32): 0.000018 Feb 11 11:29:34 server racoon[11786]: alg_oakley_hmacdef_one(hmac_sha1 size=69): 0.000005 Feb 11 11:29:34 server racoon[11786]: alg_oakley_hmacdef_one(hmac_sha1 size=69): 0.000004 Feb 11 11:29:34 server racoon[11786]: alg_oakley_hmacdef_one(hmac_sha1 size=89): 0.000004 Feb 11 11:29:34 server syslogd: last message repeated 1 times Feb 11 11:29:34 server racoon[11786]: alg_oakley_hmacdef_one(hmac_sha1 size=69): 0.000004 Feb 11 11:29:34 server racoon[11786]: alg_oakley_hmacdef_one(hmac_sha1 size=89): 0.000003 Feb 11 11:29:34 server racoon[11786]: alg_oakley_hmacdef_one(hmac_sha1 size=89): 0.000004 Feb 11 11:29:34 server racoon[11786]: phase2(???): 0.000260 2019-02-11 11:30:04: ERROR: 2.94.40.126 give up to get IPsec-SA due to time up to wait. 2019-02-11 11:30:09: INFO: purged IPsec-SA proto_id=ESP spi=3498292410. Feb 11 11:30:09 server racoon[11786]: alg_oakley_encdef_decrypt(aes klen=256 size=48): 0.000008 Feb 11 11:30:09 server racoon[11786]: alg_oakley_hmacdef_one(hmac_sha1 size=20): 0.000007 2019-02-11 11:30:09: INFO: ISAKMP-SA expired 85.113.221.175[4500]-2.94.40.126[4500] spi:db59961a6b1ec965:4050be33b9ea5086 Feb 11 11:30:09 server racoon[11786]: alg_oakley_encdef_decrypt(aes klen=256 size=64): 0.000004 2019-02-11 11:30:09: INFO: ISAKMP-SA deleted 85.113.221.175[4500]-2.94.40.126[4500] spi:db59961a6b1ec965:4050be33b9ea5086 Feb 11 11:30:09 server racoon[11786]: alg_oakley_hmacdef_one(hmac_sha1 size=32): 0.000004 2019-02-11 11:30:42: INFO: respond new phase 1 negotiation: 85.113.221.175[500]<=>2.94.40.126[500] 2019-02-11 11:30:42: INFO: begin Identity Protection mode. 2019-02-11 11:30:42: INFO: received broken Microsoft ID: MS NT5 ISAKMPOAKLEY 2019-02-11 11:30:42: INFO: received Vendor ID: RFC 3947 2019-02-11 11:30:42: INFO: received Vendor ID: draft-ietf-ipsec-nat-t-ike-02
2019-02-11 11:30:42: INFO: received Vendor ID: FRAGMENTATION 2019-02-11 11:30:42: [2.94.40.126] INFO: Selected NAT-T version: RFC 3947 2019-02-11 11:30:42: ERROR: invalid DH group 20. 2019-02-11 11:30:42: ERROR: invalid DH group 19. Feb 11 11:30:42 server racoon[11786]: phase1(ident R msg1): 0.000404 2019-02-11 11:30:44: NOTIFY: the packet is retransmitted by 2.94.40.126[500] (1). 2019-02-11 11:30:44: [85.113.221.175] INFO: Hashing 85.113.221.175[500] with algo #2 2019-02-11 11:30:44: INFO: NAT-D payload #0 verified 2019-02-11 11:30:44: [2.94.40.126] INFO: Hashing 2.94.40.126[500] with algo #2 2019-02-11 11:30:44: INFO: NAT-D payload #1 doesn't match 2019-02-11 11:30:44: INFO: NAT detected: PEER 2019-02-11 11:30:44: [2.94.40.126] INFO: Hashing 2.94.40.126[500] with algo #2 Feb 11 11:30:44 server racoon[11786]: oakley_dh_generate(MODP2048): 0.009808 2019-02-11 11:30:44: [85.113.221.175] INFO: Hashing 85.113.221.175[500] with algo #2 2019-02-11 11:30:44: INFO: Adding remote and local NAT-D payloads. Feb 11 11:30:44 server racoon[11786]: oakley_dh_compute(MODP2048): 0.009764 Feb 11 11:30:44 server racoon[11786]: alg_oakley_hmacdef_one(hmac_sha1 size=64): 0.000008 Feb 11 11:30:44 server racoon[11786]: alg_oakley_hmacdef_one(hmac_sha1 size=273): 0.000005 Feb 11 11:30:44 server racoon[11786]: alg_oakley_hmacdef_one(hmac_sha1 size=293): 0.000005 Feb 11 11:30:44 server racoon[11786]: alg_oakley_hmacdef_one(hmac_sha1 size=293): 0.000004 Feb 11 11:30:44 server racoon[11786]: alg_oakley_hmacdef_one(hmac_sha1 size=1): 0.000004 Feb 11 11:30:44 server racoon[11786]: alg_oakley_hmacdef_one(hmac_sha1 size=20): 0.000003 Feb 11 11:30:44 server racoon[11786]: phase1(ident R msg2): 0.020479 2019-02-11 11:30:45: INFO: NAT-T: ports changed to: 2.94.40.126[4500]<->85.113.221.175[4500] Feb 11 11:30:45 server racoon[11786]: alg_oakley_encdef_decrypt(aes klen=256 size=48): 0.000008 Feb 11 11:30:45 server racoon[11786]: alg_oakley_hmacdef_one(hmac_sha1 size=744): 0.000012 Feb 11 11:30:45 server racoon[11786]: oakley_validate_auth(pre-shared key): 0.000028 2019-02-11 11:30:45: INFO: ISAKMP-SA established 85.113.221.175[4500]-2.94.40.126[4500] spi:1b913044ad40a821:f0c1fde17e81f519 Feb 11 11:30:45 server racoon[11786]: alg_oakley_hmacdef_one(hmac_sha1 size=744): 0.000006 Feb 11 11:30:45 server racoon[11786]: alg_oakley_encdef_encrypt(aes klen=256 size=48): 0.000002 Feb 11 11:30:45 server racoon[11786]: phase1(ident R msg3): 0.000217 Feb 11 11:30:45 server racoon[11786]: phase1(Identity Protection): 2.208631 2019-02-11 11:30:45: INFO: respond new phase 2 negotiation: 85.113.221.175[4500]<=>2.94.40.126[4500] Feb 11 11:30:45 server racoon[11786]: alg_oakley_encdef_decrypt(aes klen=256 size=304): 0.000006 2019-02-11 11:30:45: INFO: Update the generated policy : 2.94.40.126/32[1701] 85.113.221.175/32[1701] proto=udp dir=in reqid=0 Feb 11 11:30:45 server racoon[11786]: alg_oakley_hmacdef_one(hmac_sha1 size=276): 0.000005 2019-02-11 11:30:45: INFO: Adjusting my encmode UDP-Transport->Transport 2019-02-11 11:30:45: INFO: Adjusting peer's encmode UDP-Transport(4)->Transport(2) 2019-02-11 11:30:45: WARNING: authtype mismatched: my:hmac-md5 peer:hmac-sha Feb 11 11:30:45 server racoon[11786]: phase2(???): 0.000380 Feb 11 11:30:45 server racoon[11786]: alg_oakley_hmacdef_one(hmac_sha1 size=188): 0.000004 Feb 11 11:30:45 server racoon[11786]: alg_oakley_encdef_encrypt(aes klen=256 size=176): 0.000002 Feb 11 11:30:45 server racoon[11786]: phase2(quick R msg1): 0.000150 Feb 11 11:30:45 server racoon[11786]: alg_oakley_encdef_decrypt(aes klen=256 size=32): 0.000004 Feb 11 11:30:45 server racoon[11786]: alg_oakley_hmacdef_one(hmac_sha1 size=69): 0.000007 2019-02-11 11:30:45: ERROR: pfkey UPDATE failed: No such process 2019-02-11 11:30:45: INFO: IPsec-SA established: ESP 85.113.221.175[4500]->2.94.40.126[4500] spi=2527207140(0x96a21ee4) Feb 11 11:30:45 server racoon[11786]: alg_oakley_hmacdef_one(hmac_sha1 size=69): 0.000006 Feb 11 11:30:45 server racoon[11786]: alg_oakley_hmacdef_one(hmac_sha1 size=89): 0.000004 Feb 11 11:30:45 server syslogd: last message repeated 1 times Feb 11 11:30:45 server racoon[11786]: alg_oakley_hmacdef_one(hmac_sha1 size=69): 0.000004 Feb 11 11:30:45 server racoon[11786]: alg_oakley_hmacdef_one(hmac_sha1 size=89): 0.000004 Feb 11 11:30:45 server syslogd: last message repeated 1 times Feb 11 11:30:45 server racoon[11786]: phase2(???): 0.000255 Feb 11 11:31:03 server racoon[11786]: alg_oakley_encdef_decrypt(aes klen=256 size=48): 0.000008 2019-02-11 11:31:03: INFO: deleting a generated policy. Feb 11 11:31:03 server racoon[11786]: alg_oakley_hmacdef_one(hmac_sha1 size=20): 0.000006 2019-02-11 11:31:03: INFO: purged IPsec-SA proto_id=ESP spi=2527207140. 2019-02-11 11:31:03: ERROR: pfkey X_SPDDELETE failed: Invalid argument 2019-02-11 11:31:03: ERROR: pfkey X_SPDDELETE failed: Invalid argument 2019-02-11 11:31:03: INFO: ISAKMP-SA expired 85.113.221.175[4500]-2.94.40.126[4500] spi:1b913044ad40a821:f0c1fde17e81f519 2019-02-11 11:31:03: INFO: ISAKMP-SA deleted 85.113.221.175[4500]-2.94.40.126[4500] spi:1b913044ad40a821:f0c1fde17e81f519 Feb 11 11:31:03 server racoon[11786]: alg_oakley_encdef_decrypt(aes klen=256 size=64): 0.000004 Feb 11 11:31:03 server racoon[11786]: alg_oakley_hmacdef_one(hmac_sha1 size=32): 0.000005 2019-02-11 11:31:10: INFO: respond new phase 1 negotiation: 85.113.221.175[500]<=>2.94.40.126[500] 2019-02-11 11:31:10: INFO: begin Identity Protection mode. 2019-02-11 11:31:10: INFO: received broken Microsoft ID: MS NT5 ISAKMPOAKLEY 2019-02-11 11:31:10: INFO: received Vendor ID: RFC 3947 2019-02-11 11:31:10: INFO: received Vendor ID: draft-ietf-ipsec-nat-t-ike-02
2019-02-11 11:31:10: INFO: received Vendor ID: FRAGMENTATION 2019-02-11 11:31:10: [2.94.40.126] INFO: Selected NAT-T version: RFC 3947 2019-02-11 11:31:10: ERROR: invalid DH group 20. 2019-02-11 11:31:10: ERROR: invalid DH group 19. Feb 11 11:31:10 server racoon[11786]: phase1(ident R msg1): 0.000603 2019-02-11 11:31:10: [85.113.221.175] INFO: Hashing 85.113.221.175[500] with algo #2 2019-02-11 11:31:10: INFO: NAT-D payload #0 verified 2019-02-11 11:31:10: [2.94.40.126] INFO: Hashing 2.94.40.126[500] with algo #2 2019-02-11 11:31:10: INFO: NAT-D payload #1 doesn't match 2019-02-11 11:31:10: INFO: NAT detected: PEER 2019-02-11 11:31:10: [2.94.40.126] INFO: Hashing 2.94.40.126[500] with algo #2 Feb 11 11:31:10 server racoon[11786]: oakley_dh_generate(MODP2048): 0.009807 2019-02-11 11:31:10: [85.113.221.175] INFO: Hashing 85.113.221.175[500] with algo #2 2019-02-11 11:31:10: INFO: Adding remote and local NAT-D payloads. Feb 11 11:31:10 server racoon[11786]: oakley_dh_compute(MODP2048): 0.009781 Feb 11 11:31:10 server racoon[11786]: alg_oakley_hmacdef_one(hmac_sha1 size=64): 0.000007 Feb 11 11:31:10 server racoon[11786]: alg_oakley_hmacdef_one(hmac_sha1 size=273): 0.000005 Feb 11 11:31:10 server racoon[11786]: alg_oakley_hmacdef_one(hmac_sha1 size=293): 0.000005 Feb 11 11:31:10 server syslogd: last message repeated 1 times Feb 11 11:31:10 server racoon[11786]: alg_oakley_hmacdef_one(hmac_sha1 size=1): 0.000003 Feb 11 11:31:10 server racoon[11786]: alg_oakley_hmacdef_one(hmac_sha1 size=20): 0.000004 Feb 11 11:31:10 server racoon[11786]: phase1(ident R msg2): 0.020556 2019-02-11 11:31:10: INFO: NAT-T: ports changed to: 2.94.40.126[4500]<->85.113.221.175[4500] Feb 11 11:31:10 server racoon[11786]: alg_oakley_encdef_decrypt(aes klen=256 size=48): 0.000020 Feb 11 11:31:10 server racoon[11786]: alg_oakley_hmacdef_one(hmac_sha1 size=744): 0.000007 Feb 11 11:31:10 server racoon[11786]: oakley_validate_auth(pre-shared key): 0.000020 2019-02-11 11:31:10: INFO: ISAKMP-SA established 85.113.221.175[4500]-2.94.40.126[4500] spi:396a8f2099229364:6abcad2086dfc52b Feb 11 11:31:10 server racoon[11786]: alg_oakley_hmacdef_one(hmac_sha1 size=744): 0.000005 Feb 11 11:31:10 server racoon[11786]: alg_oakley_encdef_encrypt(aes klen=256 size=48): 0.000002 Feb 11 11:31:10 server racoon[11786]: phase1(ident R msg3): 0.000193 Feb 11 11:31:10 server racoon[11786]: phase1(Identity Protection): 0.213493 2019-02-11 11:31:10: INFO: respond new phase 2 negotiation: 85.113.221.175[4500]<=>2.94.40.126[4500] Feb 11 11:31:10 server racoon[11786]: alg_oakley_encdef_decrypt(aes klen=256 size=304): 0.000009 2019-02-11 11:31:10: INFO: Update the generated policy : 2.94.40.126/32[1701] 85.113.221.175/32[1701] proto=udp dir=in reqid=0 Feb 11 11:31:10 server racoon[11786]: alg_oakley_hmacdef_one(hmac_sha1 size=276): 0.000008 2019-02-11 11:31:10: INFO: Adjusting my encmode UDP-Transport->Transport 2019-02-11 11:31:10: INFO: Adjusting peer's encmode UDP-Transport(4)->Transport(2) 2019-02-11 11:31:10: WARNING: authtype mismatched: my:hmac-md5 peer:hmac-sha Feb 11 11:31:10 server racoon[11786]: phase2(???): 0.000528 Feb 11 11:31:10 server racoon[11786]: alg_oakley_hmacdef_one(hmac_sha1 size=188): 0.000005 Feb 11 11:31:10 server racoon[11786]: alg_oakley_encdef_encrypt(aes klen=256 size=176): 0.000003 Feb 11 11:31:10 server racoon[11786]: phase2(quick R msg1): 0.000166 Feb 11 11:31:10 server racoon[11786]: alg_oakley_encdef_decrypt(aes klen=256 size=32): 0.000005 Feb 11 11:31:10 server racoon[11786]: alg_oakley_hmacdef_one(hmac_sha1 size=69): 0.000007 2019-02-11 11:31:10: ERROR: pfkey UPDATE failed: No such process Feb 11 11:31:10 server racoon[11786]: alg_oakley_hmacdef_one(hmac_sha1 size=69): 0.000006 2019-02-11 11:31:10: INFO: IPsec-SA established: ESP 85.113.221.175[4500]->2.94.40.126[4500] spi=2227569773(0x84c6046d) Feb 11 11:31:10 server racoon[11786]: alg_oakley_hmacdef_one(hmac_sha1 size=89): 0.000006 Feb 11 11:31:10 server racoon[11786]: alg_oakley_hmacdef_one(hmac_sha1 size=89): 0.000004 Feb 11 11:31:10 server racoon[11786]: alg_oakley_hmacdef_one(hmac_sha1 size=69): 0.000004 Feb 11 11:31:10 server racoon[11786]: alg_oakley_hmacdef_one(hmac_sha1 size=89): 0.000004 Feb 11 11:31:10 server racoon[11786]: alg_oakley_hmacdef_one(hmac_sha1 size=89): 0.000003 Feb 11 11:31:10 server racoon[11786]: phase2(???): 0.000238 Feb 11 11:31:19 server racoon[11786]: alg_oakley_encdef_decrypt(aes klen=256 size=48): 0.000010 2019-02-11 11:31:19: INFO: deleting a generated policy. Feb 11 11:31:19 server racoon[11786]: alg_oakley_hmacdef_one(hmac_sha1 size=20): 0.000007 2019-02-11 11:31:19: INFO: purged IPsec-SA proto_id=ESP spi=2227569773. 2019-02-11 11:31:19: ERROR: pfkey X_SPDDELETE failed: Invalid argument 2019-02-11 11:31:19: ERROR: pfkey X_SPDDELETE failed: Invalid argument 2019-02-11 11:31:19: INFO: ISAKMP-SA expired 85.113.221.175[4500]-2.94.40.126[4500] spi:396a8f2099229364:6abcad2086dfc52b 2019-02-11 11:31:19: INFO: ISAKMP-SA deleted 85.113.221.175[4500]-2.94.40.126[4500] spi:396a8f2099229364:6abcad2086dfc52b Feb 11 11:31:19 server racoon[11786]: alg_oakley_encdef_decrypt(aes klen=256 size=64): 0.000004 Feb 11 11:31:19 server racoon[11786]: alg_oakley_hmacdef_one(hmac_sha1 size=32): 0.000004 2019-02-11 11:31:42: INFO: respond new phase 1 negotiation: 85.113.221.175[500]<=>2.94.40.126[500] 2019-02-11 11:31:42: INFO: begin Identity Protection mode. 2019-02-11 11:31:42: INFO: received broken Microsoft ID: MS NT5 ISAKMPOAKLEY 2019-02-11 11:31:42: INFO: received Vendor ID: RFC 3947 2019-02-11 11:31:42: INFO: received Vendor ID: draft-ietf-ipsec-nat-t-ike-02
2019-02-11 11:31:42: INFO: received Vendor ID: FRAGMENTATION 2019-02-11 11:31:42: [2.94.40.126] INFO: Selected NAT-T version: RFC 3947 2019-02-11 11:31:42: ERROR: invalid DH group 20. 2019-02-11 11:31:42: ERROR: invalid DH group 19. Feb 11 11:31:42 server racoon[11786]: phase1(ident R msg1): 0.000423 2019-02-11 11:31:42: [85.113.221.175] INFO: Hashing 85.113.221.175[500] with algo #2 2019-02-11 11:31:42: INFO: NAT-D payload #0 verified 2019-02-11 11:31:42: [2.94.40.126] INFO: Hashing 2.94.40.126[500] with algo #2 2019-02-11 11:31:42: INFO: NAT-D payload #1 doesn't match 2019-02-11 11:31:42: INFO: NAT detected: PEER 2019-02-11 11:31:42: [2.94.40.126] INFO: Hashing 2.94.40.126[500] with algo #2 Feb 11 11:31:42 server racoon[11786]: oakley_dh_generate(MODP2048): 0.009807 2019-02-11 11:31:42: [85.113.221.175] INFO: Hashing 85.113.221.175[500] with algo #2 2019-02-11 11:31:42: INFO: Adding remote and local NAT-D payloads. Feb 11 11:31:42 server racoon[11786]: oakley_dh_compute(MODP2048): 0.009782 Feb 11 11:31:42 server racoon[11786]: alg_oakley_hmacdef_one(hmac_sha1 size=64): 0.000006 Feb 11 11:31:42 server racoon[11786]: alg_oakley_hmacdef_one(hmac_sha1 size=273): 0.000005 Feb 11 11:31:42 server racoon[11786]: alg_oakley_hmacdef_one(hmac_sha1 size=293): 0.000005 Feb 11 11:31:42 server syslogd: last message repeated 1 times Feb 11 11:31:42 server racoon[11786]: alg_oakley_hmacdef_one(hmac_sha1 size=1): 0.000004 Feb 11 11:31:42 server racoon[11786]: alg_oakley_hmacdef_one(hmac_sha1 size=20): 0.000004 Feb 11 11:31:42 server racoon[11786]: phase1(ident R msg2): 0.020327 2019-02-11 11:31:44: NOTIFY: the packet is retransmitted by 2.94.40.126[500] (1). 2019-02-11 11:31:44: INFO: NAT-T: ports changed to: 2.94.40.126[4500]<->85.113.221.175[4500] Feb 11 11:31:44 server racoon[11786]: alg_oakley_encdef_decrypt(aes klen=256 size=48): 0.000017 Feb 11 11:31:44 server racoon[11786]: alg_oakley_hmacdef_one(hmac_sha1 size=744): 0.000013 Feb 11 11:31:44 server racoon[11786]: oakley_validate_auth(pre-shared key): 0.000036 2019-02-11 11:31:44: INFO: ISAKMP-SA established 85.113.221.175[4500]-2.94.40.126[4500] spi:6b717a38b85d9d20:07657bc7f113e209 Feb 11 11:31:44 server racoon[11786]: alg_oakley_hmacdef_one(hmac_sha1 size=744): 0.000009 Feb 11 11:31:44 server racoon[11786]: alg_oakley_encdef_encrypt(aes klen=256 size=48): 0.000002 Feb 11 11:31:44 server racoon[11786]: phase1(ident R msg3): 0.000269 Feb 11 11:31:44 server racoon[11786]: phase1(Identity Protection): 2.208778 2019-02-11 11:31:44: INFO: respond new phase 2 negotiation: 85.113.221.175[4500]<=>2.94.40.126[4500] Feb 11 11:31:44 server racoon[11786]: alg_oakley_encdef_decrypt(aes klen=256 size=304): 0.000011 2019-02-11 11:31:44: INFO: Update the generated policy : 2.94.40.126/32[1701] 85.113.221.175/32[1701] proto=udp dir=in reqid=0 Feb 11 11:31:44 server racoon[11786]: alg_oakley_hmacdef_one(hmac_sha1 size=276): 0.000005 2019-02-11 11:31:44: INFO: Adjusting my encmode UDP-Transport->Transport 2019-02-11 11:31:44: INFO: Adjusting peer's encmode UDP-Transport(4)->Transport(2) 2019-02-11 11:31:44: WARNING: authtype mismatched: my:hmac-md5 peer:hmac-sha Feb 11 11:31:44 server racoon[11786]: phase2(???): 0.000426 Feb 11 11:31:44 server racoon[11786]: alg_oakley_hmacdef_one(hmac_sha1 size=188): 0.000005 Feb 11 11:31:44 server racoon[11786]: alg_oakley_encdef_encrypt(aes klen=256 size=176): 0.000002 Feb 11 11:31:44 server racoon[11786]: phase2(quick R msg1): 0.000147 2019-02-11 11:31:44: ERROR: pfkey UPDATE failed: No such process 2019-02-11 11:31:44: INFO: IPsec-SA established: ESP 85.113.221.175[4500]->2.94.40.126[4500] spi=3083749385(0xb7ce4809) Feb 11 11:31:44 server racoon[11786]: alg_oakley_encdef_decrypt(aes klen=256 size=32): 0.000004 Feb 11 11:31:44 server racoon[11786]: alg_oakley_hmacdef_one(hmac_sha1 size=69): 0.000007 Feb 11 11:31:44 server racoon[11786]: alg_oakley_hmacdef_one(hmac_sha1 size=69): 0.000006 Feb 11 11:31:44 server racoon[11786]: alg_oakley_hmacdef_one(hmac_sha1 size=89): 0.000006 Feb 11 11:31:44 server racoon[11786]: alg_oakley_hmacdef_one(hmac_sha1 size=89): 0.000004 Feb 11 11:31:44 server racoon[11786]: alg_oakley_hmacdef_one(hmac_sha1 size=69): 0.000004 Feb 11 11:31:44 server racoon[11786]: alg_oakley_hmacdef_one(hmac_sha1 size=89): 0.000003 Feb 11 11:31:44 server racoon[11786]: alg_oakley_hmacdef_one(hmac_sha1 size=89): 0.000004 Feb 11 11:31:44 server racoon[11786]: phase2(???): 0.000271 Feb 11 11:31:57 server racoon[11786]: alg_oakley_encdef_decrypt(aes klen=256 size=48): 0.000010 2019-02-11 11:31:57: INFO: deleting a generated policy. Feb 11 11:31:57 server racoon[11786]: alg_oakley_hmacdef_one(hmac_sha1 size=20): 0.000009 2019-02-11 11:31:57: INFO: purged IPsec-SA proto_id=ESP spi=3083749385. 2019-02-11 11:31:57: ERROR: pfkey X_SPDDELETE failed: Invalid argument 2019-02-11 11:31:57: ERROR: pfkey X_SPDDELETE failed: Invalid argument 2019-02-11 11:31:57: INFO: ISAKMP-SA expired 85.113.221.175[4500]-2.94.40.126[4500] spi:6b717a38b85d9d20:07657bc7f113e209 2019-02-11 11:31:57: INFO: ISAKMP-SA deleted 85.113.221.175[4500]-2.94.40.126[4500] spi:6b717a38b85d9d20:07657bc7f113e209 Feb 11 11:31:57 server racoon[11786]: alg_oakley_encdef_decrypt(aes klen=256 size=64): 0.000004 Feb 11 11:31:57 server racoon[11786]: alg_oakley_hmacdef_one(hmac_sha1 size=32): 0.000004 2019-02-11 11:32:15: INFO: respond new phase 1 negotiation: 85.113.221.175[500]<=>2.94.40.126[500] 2019-02-11 11:32:15: INFO: begin Identity Protection mode. 2019-02-11 11:32:15: INFO: received broken Microsoft ID: MS NT5 ISAKMPOAKLEY 2019-02-11 11:32:15: INFO: received Vendor ID: RFC 3947 2019-02-11 11:32:15: INFO: received Vendor ID: draft-ietf-ipsec-nat-t-ike-02
2019-02-11 11:32:15: INFO: received Vendor ID: FRAGMENTATION 2019-02-11 11:32:15: [2.94.40.126] INFO: Selected NAT-T version: RFC 3947 2019-02-11 11:32:15: ERROR: invalid DH group 20. 2019-02-11 11:32:15: ERROR: invalid DH group 19. Feb 11 11:32:15 server racoon[11786]: phase1(ident R msg1): 0.000556 2019-02-11 11:32:15: [85.113.221.175] INFO: Hashing 85.113.221.175[500] with algo #2 2019-02-11 11:32:15: INFO: NAT-D payload #0 verified 2019-02-11 11:32:15: [2.94.40.126] INFO: Hashing 2.94.40.126[500] with algo #2 2019-02-11 11:32:15: INFO: NAT-D payload #1 doesn't match 2019-02-11 11:32:15: INFO: NAT detected: PEER Feb 11 11:32:15 server racoon[11786]: oakley_dh_generate(MODP2048): 0.009822 2019-02-11 11:32:15: [2.94.40.126] INFO: Hashing 2.94.40.126[500] with algo #2 2019-02-11 11:32:15: [85.113.221.175] INFO: Hashing 85.113.221.175[500] with algo #2 2019-02-11 11:32:15: INFO: Adding remote and local NAT-D payloads. Feb 11 11:32:15 server racoon[11786]: oakley_dh_compute(MODP2048): 0.009736 Feb 11 11:32:15 server racoon[11786]: alg_oakley_hmacdef_one(hmac_sha1 size=64): 0.000007 Feb 11 11:32:15 server racoon[11786]: alg_oakley_hmacdef_one(hmac_sha1 size=273): 0.000005 Feb 11 11:32:15 server racoon[11786]: alg_oakley_hmacdef_one(hmac_sha1 size=293): 0.000004 Feb 11 11:32:15 server syslogd: last message repeated 1 times Feb 11 11:32:15 server racoon[11786]: alg_oakley_hmacdef_one(hmac_sha1 size=1): 0.000003 Feb 11 11:32:15 server racoon[11786]: alg_oakley_hmacdef_one(hmac_sha1 size=20): 0.000004 Feb 11 11:32:15 server racoon[11786]: phase1(ident R msg2): 0.020514 2019-02-11 11:32:15: INFO: NAT-T: ports changed to: 2.94.40.126[4500]<->85.113.221.175[4500] Feb 11 11:32:15 server racoon[11786]: alg_oakley_encdef_decrypt(aes klen=256 size=48): 0.000007 Feb 11 11:32:15 server racoon[11786]: alg_oakley_hmacdef_one(hmac_sha1 size=744): 0.000006 Feb 11 11:32:15 server racoon[11786]: oakley_validate_auth(pre-shared key): 0.000021 2019-02-11 11:32:15: INFO: ISAKMP-SA established 85.113.221.175[4500]-2.94.40.126[4500] spi:df512cd375223f7f:09e602cd766b8b28 Feb 11 11:32:15 server racoon[11786]: alg_oakley_hmacdef_one(hmac_sha1 size=744): 0.000006 Feb 11 11:32:15 server racoon[11786]: alg_oakley_encdef_encrypt(aes klen=256 size=48): 0.000002 Feb 11 11:32:15 server racoon[11786]: phase1(ident R msg3): 0.000189 Feb 11 11:32:15 server racoon[11786]: phase1(Identity Protection): 0.212391 2019-02-11 11:32:15: INFO: respond new phase 2 negotiation: 85.113.221.175[4500]<=>2.94.40.126[4500] Feb 11 11:32:15 server racoon[11786]: alg_oakley_encdef_decrypt(aes klen=256 size=304): 0.000007 2019-02-11 11:32:15: INFO: Update the generated policy : 2.94.40.126/32[1701] 85.113.221.175/32[1701] proto=udp dir=in reqid=0 Feb 11 11:32:15 server racoon[11786]: alg_oakley_hmacdef_one(hmac_sha1 size=276): 0.000006 2019-02-11 11:32:15: INFO: Adjusting my encmode UDP-Transport->Transport 2019-02-11 11:32:15: INFO: Adjusting peer's encmode UDP-Transport(4)->Transport(2) 2019-02-11 11:32:15: WARNING: authtype mismatched: my:hmac-md5 peer:hmac-sha Feb 11 11:32:15 server racoon[11786]: phase2(???): 0.000606 Feb 11 11:32:15 server racoon[11786]: alg_oakley_hmacdef_one(hmac_sha1 size=188): 0.000005 Feb 11 11:32:15 server racoon[11786]: alg_oakley_encdef_encrypt(aes klen=256 size=176): 0.000002 Feb 11 11:32:15 server racoon[11786]: phase2(quick R msg1): 0.000176 2019-02-11 11:32:15: ERROR: pfkey UPDATE failed: No such process 2019-02-11 11:32:15: INFO: IPsec-SA established: ESP 85.113.221.175[4500]->2.94.40.126[4500] spi=1313920295(0x4e50d527) Feb 11 11:32:15 server racoon[11786]: alg_oakley_encdef_decrypt(aes klen=256 size=32): 0.000005 Feb 11 11:32:15 server racoon[11786]: alg_oakley_hmacdef_one(hmac_sha1 size=69): 0.000008 Feb 11 11:32:15 server racoon[11786]: alg_oakley_hmacdef_one(hmac_sha1 size=69): 0.000006 Feb 11 11:32:15 server racoon[11786]: alg_oakley_hmacdef_one(hmac_sha1 size=89): 0.000006 Feb 11 11:32:15 server racoon[11786]: alg_oakley_hmacdef_one(hmac_sha1 size=89): 0.000008 Feb 11 11:32:15 server racoon[11786]: alg_oakley_hmacdef_one(hmac_sha1 size=69): 0.000004 Feb 11 11:32:15 server racoon[11786]: alg_oakley_hmacdef_one(hmac_sha1 size=89): 0.000004 Feb 11 11:32:15 server syslogd: last message repeated 1 times Feb 11 11:32:15 server racoon[11786]: phase2(???): 0.000295 Feb 11 11:32:34 server racoon[11786]: alg_oakley_encdef_decrypt(aes klen=256 size=48): 0.000009 2019-02-11 11:32:34: INFO: deleting a generated policy. Feb 11 11:32:34 server racoon[11786]: alg_oakley_hmacdef_one(hmac_sha1 size=20): 0.000008 2019-02-11 11:32:34: INFO: purged IPsec-SA proto_id=ESP spi=1313920295. 2019-02-11 11:32:34: ERROR: pfkey X_SPDDELETE failed: Invalid argument 2019-02-11 11:32:34: ERROR: pfkey X_SPDDELETE failed: Invalid argument 2019-02-11 11:32:34: INFO: ISAKMP-SA expired 85.113.221.175[4500]-2.94.40.126[4500] spi:df512cd375223f7f:09e602cd766b8b28 2019-02-11 11:32:34: INFO: ISAKMP-SA deleted 85.113.221.175[4500]-2.94.40.126[4500] spi:df512cd375223f7f:09e602cd766b8b28 Feb 11 11:32:34 server racoon[11786]: alg_oakley_encdef_decrypt(aes klen=256 size=64): 0.000004 Feb 11 11:32:34 server racoon[11786]: alg_oakley_hmacdef_one(hmac_sha1 size=32): 0.000005 2019-02-11 11:32:45: INFO: respond new phase 1 negotiation: 85.113.221.175[500]<=>2.94.40.126[1] 2019-02-11 11:32:45: INFO: begin Identity Protection mode. 2019-02-11 11:32:45: INFO: received broken Microsoft ID: MS NT5 ISAKMPOAKLEY 2019-02-11 11:32:45: INFO: received Vendor ID: RFC 3947 2019-02-11 11:32:45: INFO: received Vendor ID: draft-ietf-ipsec-nat-t-ike-02
2019-02-11 11:32:45: INFO: received Vendor ID: FRAGMENTATION 2019-02-11 11:32:45: [2.94.40.126] INFO: Selected NAT-T version: RFC 3947 2019-02-11 11:32:45: ERROR: invalid DH group 20. 2019-02-11 11:32:45: ERROR: invalid DH group 19. Feb 11 11:32:45 server racoon[11786]: phase1(ident R msg1): 0.000577 2019-02-11 11:32:45: [85.113.221.175] INFO: Hashing 85.113.221.175[500] with algo #2 2019-02-11 11:32:45: INFO: NAT-D payload #0 verified 2019-02-11 11:32:45: [2.94.40.126] INFO: Hashing 2.94.40.126[1] with algo #2 2019-02-11 11:32:45: INFO: NAT-D payload #1 doesn't match 2019-02-11 11:32:45: INFO: NAT detected: PEER 2019-02-11 11:32:45: [2.94.40.126] INFO: Hashing 2.94.40.126[1] with algo #2 Feb 11 11:32:45 server racoon[11786]: oakley_dh_generate(MODP2048): 0.009763 2019-02-11 11:32:45: [85.113.221.175] INFO: Hashing 85.113.221.175[500] with algo #2 2019-02-11 11:32:45: INFO: Adding remote and local NAT-D payloads. Feb 11 11:32:45 server racoon[11786]: oakley_dh_compute(MODP2048): 0.009711 Feb 11 11:32:45 server racoon[11786]: alg_oakley_hmacdef_one(hmac_sha1 size=64): 0.000006 Feb 11 11:32:45 server racoon[11786]: alg_oakley_hmacdef_one(hmac_sha1 size=273): 0.000005 Feb 11 11:32:45 server racoon[11786]: alg_oakley_hmacdef_one(hmac_sha1 size=293): 0.000005 Feb 11 11:32:45 server syslogd: last message repeated 1 times Feb 11 11:32:45 server racoon[11786]: alg_oakley_hmacdef_one(hmac_sha1 size=1): 0.000003 Feb 11 11:32:45 server racoon[11786]: alg_oakley_hmacdef_one(hmac_sha1 size=20): 0.000004 Feb 11 11:32:45 server racoon[11786]: phase1(ident R msg2): 0.020326 2019-02-11 11:32:45: INFO: NAT-T: ports changed to: 2.94.40.126[1024]<->85.113.221.175[4500] Feb 11 11:32:45 server racoon[11786]: alg_oakley_encdef_decrypt(aes klen=256 size=48): 0.000009 Feb 11 11:32:45 server racoon[11786]: alg_oakley_hmacdef_one(hmac_sha1 size=744): 0.000010 Feb 11 11:32:45 server racoon[11786]: oakley_validate_auth(pre-shared key): 0.000031 Feb 11 11:32:45 server racoon[11786]: alg_oakley_hmacdef_one(hmac_sha1 size=744): 0.000009 Feb 11 11:32:45 server racoon[11786]: alg_oakley_encdef_encrypt(aes klen=256 size=48): 0.000002 2019-02-11 11:32:45: INFO: ISAKMP-SA established 85.113.221.175[4500]-2.94.40.126[1024] spi:44bca54d00362454:6269f502fdc9e976 Feb 11 11:32:45 server racoon[11786]: phase1(ident R msg3): 0.000233 Feb 11 11:32:45 server racoon[11786]: phase1(Identity Protection): 0.156706 Feb 11 11:32:45 server racoon[11786]: alg_oakley_hmacdef_one(hmac_sha1 size=32): 0.000003 Feb 11 11:32:45 server racoon[11786]: alg_oakley_encdef_encrypt(aes klen=256 size=64): 0.000002 2019-02-11 11:32:45: INFO: respond new phase 2 negotiation: 85.113.221.175[4500]<=>2.94.40.126[1024] Feb 11 11:32:45 server racoon[11786]: alg_oakley_encdef_decrypt(aes klen=256 size=304): 0.000006 2019-02-11 11:32:45: INFO: Update the generated policy : 2.94.40.126/32[1701] 85.113.221.175/32[1701] proto=udp dir=in reqid=0 Feb 11 11:32:45 server racoon[11786]: alg_oakley_hmacdef_one(hmac_sha1 size=276): 0.000005 2019-02-11 11:32:45: INFO: Adjusting my encmode UDP-Transport->Transport 2019-02-11 11:32:45: INFO: Adjusting peer's encmode UDP-Transport(4)->Transport(2) 2019-02-11 11:32:45: WARNING: authtype mismatched: my:hmac-md5 peer:hmac-sha Feb 11 11:32:45 server racoon[11786]: phase2(???): 0.000558 Feb 11 11:32:45 server racoon[11786]: alg_oakley_hmacdef_one(hmac_sha1 size=188): 0.000011 Feb 11 11:32:45 server racoon[11786]: alg_oakley_encdef_encrypt(aes klen=256 size=176): 0.000004 Feb 11 11:32:45 server racoon[11786]: phase2(quick R msg1): 0.000182 2019-02-11 11:32:45: ERROR: pfkey UPDATE failed: No such process 2019-02-11 11:32:45: INFO: IPsec-SA established: ESP 85.113.221.175[4500]->2.94.40.126[1024] spi=2103813879(0x7d65a6f7) Feb 11 11:32:45 server racoon[11786]: alg_oakley_encdef_decrypt(aes klen=256 size=32): 0.000005 Feb 11 11:32:45 server racoon[11786]: alg_oakley_hmacdef_one(hmac_sha1 size=69): 0.000008 Feb 11 11:32:45 server racoon[11786]: alg_oakley_hmacdef_one(hmac_sha1 size=69): 0.000006 Feb 11 11:32:45 server racoon[11786]: alg_oakley_hmacdef_one(hmac_sha1 size=89): 0.000006 Feb 11 11:32:45 server syslogd: last message repeated 1 times Feb 11 11:32:45 server racoon[11786]: alg_oakley_hmacdef_one(hmac_sha1 size=69): 0.000006 Feb 11 11:32:45 server racoon[11786]: alg_oakley_hmacdef_one(hmac_sha1 size=89): 0.000005 Feb 11 11:32:45 server racoon[11786]: alg_oakley_hmacdef_one(hmac_sha1 size=89): 0.000006 Feb 11 11:32:45 server racoon[11786]: phase2(???): 0.000322 Feb 11 11:32:54 server racoon[11786]: alg_oakley_encdef_decrypt(aes klen=256 size=48): 0.000009 2019-02-11 11:32:54: INFO: deleting a generated policy. Feb 11 11:32:54 server racoon[11786]: alg_oakley_hmacdef_one(hmac_sha1 size=20): 0.000016 2019-02-11 11:32:54: INFO: purged IPsec-SA proto_id=ESP spi=2103813879. 2019-02-11 11:32:54: ERROR: pfkey X_SPDDELETE failed: Invalid argument 2019-02-11 11:32:54: ERROR: pfkey X_SPDDELETE failed: Invalid argument 2019-02-11 11:32:54: INFO: ISAKMP-SA expired 85.113.221.175[4500]-2.94.40.126[1024] spi:44bca54d00362454:6269f502fdc9e976 2019-02-11 11:32:54: INFO: ISAKMP-SA deleted 85.113.221.175[4500]-2.94.40.126[1024] spi:44bca54d00362454:6269f502fdc9e976 Feb 11 11:32:54 server racoon[11786]: alg_oakley_encdef_decrypt(aes klen=256 size=64): 0.000003 Feb 11 11:32:54 server racoon[11786]: alg_oakley_hmacdef_one(hmac_sha1 size=32): 0.000004 2019-02-11 11:34:20: INFO: respond new phase 1 negotiation: 85.113.221.175[500]<=>2.94.40.126[500] 2019-02-11 11:34:20: INFO: begin Identity Protection mode. 2019-02-11 11:34:20: INFO: received broken Microsoft ID: MS NT5 ISAKMPOAKLEY 2019-02-11 11:34:20: INFO: received Vendor ID: RFC 3947 2019-02-11 11:34:20: INFO: received Vendor ID: draft-ietf-ipsec-nat-t-ike-02
2019-02-11 11:34:20: INFO: received Vendor ID: FRAGMENTATION 2019-02-11 11:34:20: [2.94.40.126] INFO: Selected NAT-T version: RFC 3947 2019-02-11 11:34:20: ERROR: invalid DH group 20. 2019-02-11 11:34:20: ERROR: invalid DH group 19. Feb 11 11:34:20 server racoon[11786]: phase1(ident R msg1): 0.000701 2019-02-11 11:34:21: [85.113.221.175] INFO: Hashing 85.113.221.175[500] with algo #2 2019-02-11 11:34:21: INFO: NAT-D payload #0 verified 2019-02-11 11:34:21: [2.94.40.126] INFO: Hashing 2.94.40.126[500] with algo #2 2019-02-11 11:34:21: INFO: NAT-D payload #1 doesn't match 2019-02-11 11:34:21: INFO: NAT detected: PEER 2019-02-11 11:34:21: [2.94.40.126] INFO: Hashing 2.94.40.126[500] with algo #2 Feb 11 11:34:21 server racoon[11786]: oakley_dh_generate(MODP2048): 0.009809 2019-02-11 11:34:21: [85.113.221.175] INFO: Hashing 85.113.221.175[500] with algo #2 2019-02-11 11:34:21: INFO: Adding remote and local NAT-D payloads. Feb 11 11:34:21 server racoon[11786]: oakley_dh_compute(MODP2048): 0.009806 Feb 11 11:34:21 server racoon[11786]: alg_oakley_hmacdef_one(hmac_sha1 size=64): 0.000007 Feb 11 11:34:21 server racoon[11786]: alg_oakley_hmacdef_one(hmac_sha1 size=273): 0.000004 Feb 11 11:34:21 server racoon[11786]: alg_oakley_hmacdef_one(hmac_sha1 size=293): 0.000005 Feb 11 11:34:21 server racoon[11786]: alg_oakley_hmacdef_one(hmac_sha1 size=293): 0.000004 Feb 11 11:34:21 server racoon[11786]: alg_oakley_hmacdef_one(hmac_sha1 size=1): 0.000004 Feb 11 11:34:21 server racoon[11786]: alg_oakley_hmacdef_one(hmac_sha1 size=20): 0.000004 Feb 11 11:34:21 server racoon[11786]: phase1(ident R msg2): 0.020767 2019-02-11 11:34:21: INFO: NAT-T: ports changed to: 2.94.40.126[4500]<->85.113.221.175[4500] Feb 11 11:34:21 server racoon[11786]: alg_oakley_encdef_decrypt(aes klen=256 size=48): 0.000015 Feb 11 11:34:21 server racoon[11786]: alg_oakley_hmacdef_one(hmac_sha1 size=744): 0.000007 Feb 11 11:34:21 server racoon[11786]: oakley_validate_auth(pre-shared key): 0.000022 Feb 11 11:34:21 server racoon[11786]: alg_oakley_hmacdef_one(hmac_sha1 size=744): 0.000006 Feb 11 11:34:21 server racoon[11786]: alg_oakley_encdef_encrypt(aes klen=256 size=48): 0.000002 Feb 11 11:34:21 server racoon[11786]: phase1(ident R msg3): 0.000190 Feb 11 11:34:21 server racoon[11786]: phase1(Identity Protection): 0.310649 2019-02-11 11:34:21: INFO: ISAKMP-SA established 85.113.221.175[4500]-2.94.40.126[4500] spi:8d0b739f3c0fc13b:81da7670150730c3 2019-02-11 11:34:21: INFO: respond new phase 2 negotiation: 85.113.221.175[4500]<=>2.94.40.126[4500] Feb 11 11:34:21 server racoon[11786]: alg_oakley_encdef_decrypt(aes klen=256 size=304): 0.000007 Feb 11 11:34:21 server racoon[11786]: alg_oakley_hmacdef_one(hmac_sha1 size=276): 0.000006 2019-02-11 11:34:21: INFO: Update the generated policy : 2.94.40.126/32[1701] 85.113.221.175/32[1701] proto=udp dir=in reqid=0 2019-02-11 11:34:21: INFO: Adjusting my encmode UDP-Transport->Transport 2019-02-11 11:34:21: INFO: Adjusting peer's encmode UDP-Transport(4)->Transport(2) 2019-02-11 11:34:21: WARNING: authtype mismatched: my:hmac-md5 peer:hmac-sha Feb 11 11:34:21 server racoon[11786]: phase2(???): 0.000487 Feb 11 11:34:21 server racoon[11786]: alg_oakley_hmacdef_one(hmac_sha1 size=188): 0.000006 Feb 11 11:34:21 server racoon[11786]: alg_oakley_encdef_encrypt(aes klen=256 size=176): 0.000002 Feb 11 11:34:21 server racoon[11786]: phase2(quick R msg1): 0.000182 Feb 11 11:34:21 server racoon[11786]: alg_oakley_encdef_decrypt(aes klen=256 size=32): 0.000004 Feb 11 11:34:21 server racoon[11786]: alg_oakley_hmacdef_one(hmac_sha1 size=69): 0.000005 Feb 11 11:34:21 server racoon[11786]: alg_oakley_hmacdef_one(hmac_sha1 size=69): 0.000004 Feb 11 11:34:21 server racoon[11786]: alg_oakley_hmacdef_one(hmac_sha1 size=89): 0.000005 Feb 11 11:34:21 server syslogd: last message repeated 1 times Feb 11 11:34:21 server racoon[11786]: alg_oakley_hmacdef_one(hmac_sha1 size=69): 0.000004 2019-02-11 11:34:21: ERROR: pfkey UPDATE failed: No such process 2019-02-11 11:34:21: INFO: IPsec-SA established: ESP 85.113.221.175[4500]->2.94.40.126[4500] spi=3000062578(0xb2d15272) Feb 11 11:34:21 server racoon[11786]: alg_oakley_hmacdef_one(hmac_sha1 size=89): 0.000006 Feb 11 11:34:21 server racoon[11786]: alg_oakley_hmacdef_one(hmac_sha1 size=89): 0.000004 Feb 11 11:34:21 server racoon[11786]: phase2(???): 0.000494 2019-02-11 11:34:51: ERROR: 2.94.40.126 give up to get IPsec-SA due to time up to wait. Feb 11 11:34:56 server racoon[11786]: alg_oakley_encdef_decrypt(aes klen=256 size=48): 0.000009 2019-02-11 11:34:56: INFO: purged IPsec-SA proto_id=ESP spi=3000062578. Feb 11 11:34:56 server racoon[11786]: alg_oakley_hmacdef_one(hmac_sha1 size=20): 0.000008 Feb 11 11:34:56 server racoon[11786]: alg_oakley_encdef_decrypt(aes klen=256 size=64): 0.000003 2019-02-11 11:34:56: INFO: ISAKMP-SA expired 85.113.221.175[4500]-2.94.40.126[4500] spi:8d0b739f3c0fc13b:81da7670150730c3 Feb 11 11:34:56 server racoon[11786]: alg_oakley_hmacdef_one(hmac_sha1 size=32): 0.000005