[Ipsec-tools-devel] Newbie racoon problem

SourceForge Headquarters 1320 Columbia Street Suite 310 San Diego, CA 92101 +1 (858) 422-6466

I'm trying to link with a Juniper appliance and failing in phase 1.

Ultimately the error is:
Mar 21 13:57:35 <daemon.info> fw racoon: ERROR: ignore information
because ISAKMP-SA has not been established yet.

Up until that error, it all looks good (to my inexperienced eye).

Thanks for your time.

racoon.conf:

remote 1.2.3.4
{
	# Phase 1 config for Alliance Core (Credit Services)

	#exchange_mode main,aggressive,base;
	#exchange_mode main,base;
	exchange_mode main;

	my_identifier fqdn 4.3.2.1;

	lifetime time 24 hour ;	# sec,min,hour

	nonce_size 16;
	initial_contact on;
	# the configuration makes racoon (as a responder) to obey the
	# initiator's lifetime and PFS group proposal.  this makes
	# testing so much easier.
	proposal_check obey;

	proposal {
		encryption_algorithm 3des;
		hash_algorithm sha1;
		authentication_method pre_shared_key ;
		dh_group 2 ;
	}
}

# phase 2 proposal (for IPsec SA).
# actual phase 2 proposal will obey the following items:
# - kernel IPsec policy configuration (like "esp/transport//use)
# - permutation of the crypto/hash/compression algorithms presented below
#sainfo address 1.2.3.4 any address 4.3.2.1 any
sainfo anonymous
{
	# Phase 2 config for Alliance Core (Credit Services)

	pfs_group 2;
	lifetime time 12 hour ;
	encryption_algorithm 3des;
	authentication_algorithm hmac_sha1, hmac_md5 ;
	compression_algorithm deflate ;
}

Debug log:

Mar 21 13:57:28 <daemon.info> fw racoon: INFO: @(#)ipsec-tools 0.6.3
(http://ipsec-tools.sourceforge.net)
Mar 21 13:57:28 <daemon.info> fw racoon: INFO: @(#)This product linked
OpenSSL 0.9.7d 17 Mar 2004 (http://www.openssl.org/)
Mar 21 13:57:28 <daemon.debug> fw racoon: DEBUG: compression algorithm
can not be checked because sadb message doesn't support it.
Mar 21 13:57:28 <daemon.info> fw racoon: INFO: 4.3.2.1[500] used as
isakmp port (fd=6)
Mar 21 13:57:28 <daemon.debug> fw racoon: DEBUG: get pfkey X_SPDDUMP message
Mar 21 13:57:28 <daemon.debug> fw racoon: DEBUG: get pfkey X_SPDDUMP message
Mar 21 13:57:28 <daemon.debug> fw racoon: DEBUG: sub:0xbfbfe440:
192.168.10.0/24[0] 10.0.0.0/24[0] proto=any dir=out
Mar 21 13:57:28 <daemon.debug> fw racoon: DEBUG: db :0x80b0408:
10.0.0.0/24[0] 192.168.10.0/24[0] proto=any dir=in
Mar 21 13:57:35 <daemon.debug> fw racoon: DEBUG: get pfkey ACQUIRE message
Mar 21 13:57:35 <daemon.debug> fw racoon: DEBUG: suitable outbound SP
found: 192.168.10.0/24[0] 10.0.0.0/24[0] proto=any dir=out.
Mar 21 13:57:35 <daemon.debug> fw racoon: DEBUG: sub:0xbfbfe420:
10.0.0.0/24[0] 192.168.10.0/24[0] proto=any dir=in
Mar 21 13:57:35 <daemon.debug> fw racoon: DEBUG: db :0x80b0408:
10.0.0.0/24[0] 192.168.10.0/24[0] proto=any dir=in
Mar 21 13:57:35 <daemon.debug> fw racoon: DEBUG: suitable inbound SP
found: 10.0.0.0/24[0] 192.168.10.0/24[0] proto=any dir=in.
Mar 21 13:57:35 <daemon.debug> fw racoon: DEBUG: new acquire
192.168.10.0/24[0] 10.0.0.0/24[0] proto=any dir=out
Mar 21 13:57:35 <daemon.debug> fw racoon: DEBUG: anonymous sainfo selected.
Mar 21 13:57:35 <daemon.debug> fw racoon: DEBUG:  (proto_id=ESP
spisize=4 spi=00000000 spi_p=00000000 encmode=Tunnel reqid=0:0)
Mar 21 13:57:35 <daemon.debug> fw racoon: DEBUG:   (trns_id=3DES
encklen=0 authtype=hmac-sha)
Mar 21 13:57:35 <daemon.debug> fw racoon: DEBUG:   (trns_id=3DES
encklen=0 authtype=hmac-md5)
Mar 21 13:57:35 <daemon.debug> fw racoon: DEBUG: configuration found for
1.2.3.4.
Mar 21 13:57:35 <daemon.info> fw racoon: INFO: IPsec-SA request for
1.2.3.4 queued due to no phase1 found.
Mar 21 13:57:35 <daemon.debug> fw racoon: DEBUG: ===
Mar 21 13:57:35 <daemon.info> fw racoon: INFO: initiate new phase 1
negotiation: 4.3.2.1[500]<=>1.2.3.4[500]
Mar 21 13:57:35 <daemon.info> fw racoon: INFO: begin Identity Protection
mode.
Mar 21 13:57:35 <daemon.debug> fw racoon: DEBUG: new cookie:
2ce928b9a3273043
Mar 21 13:57:35 <daemon.debug> fw racoon: DEBUG: add payload of len 52,
next type 13
Mar 21 13:57:35 <daemon.debug> fw racoon: DEBUG: add payload of len 16,
next type 0
Mar 21 13:57:35 <daemon.debug> fw racoon: DEBUG: 104 bytes from
4.3.2.1[500] to 1.2.3.4[500]
Mar 21 13:57:35 <daemon.debug> fw racoon: DEBUG: sockname 4.3.2.1[500]
Mar 21 13:57:35 <daemon.debug> fw racoon: DEBUG: send packet from
4.3.2.1[500]
Mar 21 13:57:35 <daemon.debug> fw racoon: DEBUG: send packet to 1.2.3.4[500]
Mar 21 13:57:35 <daemon.debug> fw racoon: DEBUG: 1 times of 104 bytes
message will be sent to 1.2.3.4[500]
Mar 21 13:57:35 <daemon.debug> fw racoon: DEBUG:  2ce928b9 a3273043
00000000 00000000 01100200 00000000 00000068 0d000038 00000001 00000001
0000002c 01010001 00000024 01010000 800b0001 000c0004 00015180 80010005
80030001 80020002 80040002 00000014 afcad713 68a1f1c9 6b8696fc 77570100
Mar 21 13:57:35 <daemon.debug> fw racoon: DEBUG: resend phase1 packet
2ce928b9a3273043:0000000000000000
Mar 21 13:57:35 <daemon.debug> fw racoon: DEBUG: ===
Mar 21 13:57:35 <daemon.debug> fw racoon: DEBUG: 160 bytes message
received from 1.2.3.4[500] to 4.3.2.1[500]
Mar 21 13:57:35 <daemon.debug> fw racoon: DEBUG:  2ce928b9 a3273043
8b58180a bfaa4b1e 01100200 00000000 000000a0 0d000038 00000001 00000001
0000002c 01010001 00000024 01010000 80010005 80020002 80040002 80030001
800b0001 000c0004 00015180 0d000020 958e6fa1 7f3c18a7 45a954ce 892b8760
81eab308 00000010 00000400 0d000014 4485152d 18b6bbcd 0be8a846 9579ddcc
00000018 48656172 74426561 745f4e6f 74696679 386b0100
Mar 21 13:57:35 <daemon.debug> fw racoon: DEBUG: begin.
Mar 21 13:57:35 <daemon.debug> fw racoon: DEBUG: seen nptype=1(sa)
Mar 21 13:57:35 <daemon.debug> fw racoon: DEBUG: seen nptype=13(vid)
Mar 21 13:57:35 <daemon.debug> fw last message repeated 2 times
Mar 21 13:57:35 <daemon.debug> fw racoon: DEBUG: succeed.
Mar 21 13:57:35 <daemon.debug> fw racoon: DEBUG: received unknown Vendor ID
Mar 21 13:57:35 <daemon.info> fw racoon: INFO: received Vendor ID:
draft-ietf-ipsec-nat-t-ike-00
Mar 21 13:57:35 <daemon.debug> fw racoon: DEBUG: received unknown Vendor ID
Mar 21 13:57:35 <daemon.debug> fw racoon: DEBUG: total SA len=52
Mar 21 13:57:35 <daemon.debug> fw racoon: DEBUG:  00000001 00000001
0000002c 01010001 00000024 01010000 80010005 80020002 80040002 80030001
800b0001 000c0004 00015180
Mar 21 13:57:35 <daemon.debug> fw racoon: DEBUG: begin.
Mar 21 13:57:35 <daemon.debug> fw racoon: DEBUG: seen nptype=2(prop)
Mar 21 13:57:35 <daemon.debug> fw racoon: DEBUG: succeed.
Mar 21 13:57:35 <daemon.debug> fw racoon: DEBUG: proposal #1 len=44
Mar 21 13:57:35 <daemon.debug> fw racoon: DEBUG: begin.
Mar 21 13:57:35 <daemon.debug> fw racoon: DEBUG: seen nptype=3(trns)
Mar 21 13:57:35 <daemon.debug> fw racoon: DEBUG: succeed.
Mar 21 13:57:35 <daemon.debug> fw racoon: DEBUG: transform #1 len=36
Mar 21 13:57:35 <daemon.debug> fw racoon: DEBUG: type=Encryption
Algorithm, flag=0x8000, lorv=3DES-CBC
Mar 21 13:57:35 <daemon.debug> fw racoon: DEBUG: encryption(3des)
Mar 21 13:57:35 <daemon.debug> fw racoon: DEBUG: type=Hash Algorithm,
flag=0x8000, lorv=SHA
Mar 21 13:57:35 <daemon.debug> fw racoon: DEBUG: hash(sha1)
Mar 21 13:57:35 <daemon.debug> fw racoon: DEBUG: type=Group Description,
flag=0x8000, lorv=1024-bit MODP group
Mar 21 13:57:35 <daemon.debug> fw racoon: DEBUG: hmac(modp1024)
Mar 21 13:57:35 <daemon.debug> fw racoon: DEBUG: type=Authentication
Method, flag=0x8000, lorv=pre-shared key
Mar 21 13:57:35 <daemon.debug> fw racoon: DEBUG: type=Life Type,
flag=0x8000, lorv=seconds
Mar 21 13:57:35 <daemon.debug> fw racoon: DEBUG: type=Life Duration,
flag=0x0000, lorv=4
Mar 21 13:57:35 <daemon.debug> fw racoon: DEBUG: pair 1:
Mar 21 13:57:35 <daemon.debug> fw racoon: DEBUG:  0x80b3f70: next=0x0
tnext=0x0
Mar 21 13:57:35 <daemon.debug> fw racoon: DEBUG: proposal #1: 1 transform
Mar 21 13:57:35 <daemon.debug> fw racoon: DEBUG: prop#=1,
prot-id=ISAKMP, spi-size=0, #trns=1
Mar 21 13:57:35 <daemon.debug> fw racoon: DEBUG: trns#=1, trns-id=IKE
Mar 21 13:57:35 <daemon.debug> fw racoon: DEBUG: type=Encryption
Algorithm, flag=0x8000, lorv=3DES-CBC
Mar 21 13:57:35 <daemon.debug> fw racoon: DEBUG: type=Hash Algorithm,
flag=0x8000, lorv=SHA
Mar 21 13:57:35 <daemon.debug> fw racoon: DEBUG: type=Group Description,
flag=0x8000, lorv=1024-bit MODP group
Mar 21 13:57:35 <daemon.debug> fw racoon: DEBUG: type=Authentication
Method, flag=0x8000, lorv=pre-shared key
Mar 21 13:57:35 <daemon.debug> fw racoon: DEBUG: type=Life Type,
flag=0x8000, lorv=seconds
Mar 21 13:57:35 <daemon.debug> fw racoon: DEBUG: type=Life Duration,
flag=0x0000, lorv=4
Mar 21 13:57:35 <daemon.debug> fw racoon: DEBUG: Compared: DB:Peer
Mar 21 13:57:35 <daemon.debug> fw racoon: DEBUG: (lifetime = 86400:86400)
Mar 21 13:57:35 <daemon.debug> fw racoon: DEBUG: (lifebyte = 0:0)
Mar 21 13:57:35 <daemon.debug> fw racoon: DEBUG: enctype = 3DES-CBC:3DES-CBC
Mar 21 13:57:35 <daemon.debug> fw racoon: DEBUG: (encklen = 0:0)
Mar 21 13:57:35 <daemon.debug> fw racoon: DEBUG: hashtype = SHA:SHA
Mar 21 13:57:35 <daemon.debug> fw racoon: DEBUG: authmethod = pre-shared
key:pre-shared key
Mar 21 13:57:35 <daemon.debug> fw racoon: DEBUG: dh_group = 1024-bit
MODP group:1024-bit MODP group
Mar 21 13:57:35 <daemon.debug> fw racoon: DEBUG: an acceptable proposal
found.
Mar 21 13:57:35 <daemon.debug> fw racoon: DEBUG: hmac(modp1024)
Mar 21 13:57:35 <daemon.debug> fw racoon: DEBUG: ===
Mar 21 13:57:35 <daemon.debug> fw racoon: DEBUG: compute DH's private.
Mar 21 13:57:35 <daemon.debug> fw racoon: DEBUG:  6b9fc8e2 9aeb4e23
023cb578 cce31e46 4e5f532f f3e7cdfd 91adaa32 d805ae3b b5bde9f2 8a3893a8
0e525428 372c4771 acdd1caa 86bc789d 0cbca063 295f51f6 76089b3b 7a785e14
d74259f2 d1b282e8 e5aa0c37 39612b40 5fe585cd f9b922aa 6a84e0db dc5dab53
6566f2f2 f70d1060 d942e7ce 15d271d1 007c4f4b 9942a6a1
Mar 21 13:57:35 <daemon.debug> fw racoon: DEBUG: compute DH's public.
Mar 21 13:57:35 <daemon.debug> fw racoon: DEBUG:  d35a1cc5 05a88513
74217cc0 76072048 782cebb5 7eb41fc8 178fdc22 06b2afb5 1fc49194 255e1896
9674fa70 47ce4572 3da8a5ee d328867c e4d3e033 84e11e66 e131ee23 53a45018
a2e4bd04 94a032c8 e1a31c0c bb5b83ec 4d9adac5 a518cbae 048f7587 8b0c6e65
6605ed6b 1906b7f1 855496a4 2d036206 afb85bdf 2328a0ec
Mar 21 13:57:35 <daemon.debug> fw racoon: DEBUG: add payload of len 128,
next type 10
Mar 21 13:57:35 <daemon.debug> fw racoon: DEBUG: add payload of len 16,
next type 0
Mar 21 13:57:35 <daemon.debug> fw racoon: DEBUG: 180 bytes from
4.3.2.1[500] to 1.2.3.4[500]
Mar 21 13:57:35 <daemon.debug> fw racoon: DEBUG: sockname 4.3.2.1[500]
Mar 21 13:57:35 <daemon.debug> fw racoon: DEBUG: send packet from
4.3.2.1[500]
Mar 21 13:57:35 <daemon.debug> fw racoon: DEBUG: send packet to 1.2.3.4[500]
Mar 21 13:57:35 <daemon.debug> fw racoon: DEBUG: 1 times of 180 bytes
message will be sent to 1.2.3.4[500]
Mar 21 13:57:35 <daemon.debug> fw racoon: DEBUG:  2ce928b9 a3273043
8b58180a bfaa4b1e 04100200 00000000 000000b4 0a000084 d35a1cc5 05a88513
74217cc0 76072048 782cebb5 7eb41fc8 178fdc22 06b2afb5 1fc49194 255e1896
9674fa70 47ce4572 3da8a5ee d328867c e4d3e033 84e11e66 e131ee23 53a45018
a2e4bd04 94a032c8 e1a31c0c bb5b83ec 4d9adac5 a518cbae 048f7587 8b0c6e65
6605ed6b 1906b7f1 855496a4 2d036206 afb85bdf 2328a0ec 00000014 f6029f6e
2e5e2485 1b0a7eb3 60d1f03c
Mar 21 13:57:35 <daemon.debug> fw racoon: DEBUG: resend phase1 packet
2ce928b9a3273043:8b58180abfaa4b1e
Mar 21 13:57:35 <daemon.debug> fw racoon: DEBUG: ===
Mar 21 13:57:35 <daemon.debug> fw racoon: DEBUG: 184 bytes message
received from 1.2.3.4[500] to 4.3.2.1[500]
Mar 21 13:57:35 <daemon.debug> fw racoon: DEBUG:  2ce928b9 a3273043
8b58180a bfaa4b1e 04100200 00000000 000000b8 0a000084 61521182 587120fb
88f15dc9 5f431f58 d5a3e871 0a6500f5 607daf7f 8e4629fe f576379b ad9db799
b4fa22a2 7fa20755 3ec97606 8814e434 dcf242c1 f1eb83eb 05ad6d73 316addb6
7e731c67 d5467aa5 56561e9b e5458d49 ed4d44d4 1c0defbd b33c1b79 122a9075
a64fc133 e8240a1b 3a53f911 3f74654d ed0df5c1 20a2b17b 00000018 aa99fa0e
a5766f01 bc6b0006 0fdefbd9 ccd2916c
Mar 21 13:57:35 <daemon.debug> fw racoon: DEBUG: begin.
Mar 21 13:57:35 <daemon.debug> fw racoon: DEBUG: seen nptype=4(ke)
Mar 21 13:57:35 <daemon.debug> fw racoon: DEBUG: seen nptype=10(nonce)
Mar 21 13:57:35 <daemon.debug> fw racoon: DEBUG: succeed.
Mar 21 13:57:35 <daemon.debug> fw racoon: DEBUG: ===
Mar 21 13:57:35 <daemon.debug> fw racoon: DEBUG: compute DH's shared.
Mar 21 13:57:35 <daemon.debug> fw racoon: DEBUG:  deb4b778 6be28d46
7722a7df 0e231116 11e0dbef a7304063 a4b6fbf4 0c146a9e 69c24b06 634c6eba
5bff3f3e 509cddcf ba5853ce e90cc56f b0412e0d 7f7da199 e0b3104f ba630e00
238f013d 6d92033c 7089b37c 19781fe1 a7d8714d c771be1b fd18e657 b38b373d
f3bf7f15 3d9bb74d 553ca720 70fdf22f 8e99f386 71972b42
Mar 21 13:57:35 <daemon.debug> fw racoon: DEBUG: the psk found.
Mar 21 13:57:35 <daemon.debug> fw racoon: DEBUG: nonce 1:
Mar 21 13:57:35 <daemon.debug> fw racoon: DEBUG:  f6029f6e 2e5e2485
1b0a7eb3 60d1f03c
Mar 21 13:57:35 <daemon.debug> fw racoon: DEBUG: nonce 2:
Mar 21 13:57:35 <daemon.debug> fw racoon: DEBUG:  aa99fa0e a5766f01
bc6b0006 0fdefbd9 ccd2916c
Mar 21 13:57:35 <daemon.debug> fw racoon: DEBUG: hmac(hmac_sha1)
Mar 21 13:57:35 <daemon.debug> fw racoon: DEBUG: SKEYID computed:
Mar 21 13:57:35 <daemon.debug> fw racoon: DEBUG:  114a1552 42ac94de
9b20b81a f9b987dc 20d11a93
Mar 21 13:57:35 <daemon.debug> fw racoon: DEBUG: hmac(hmac_sha1)
Mar 21 13:57:35 <daemon.debug> fw racoon: DEBUG: SKEYID_d computed:
Mar 21 13:57:35 <daemon.debug> fw racoon: DEBUG:  26f381cf 5d4b6f0b
afc361e5 d5955cf6 ed5304b9
Mar 21 13:57:35 <daemon.debug> fw racoon: DEBUG: hmac(hmac_sha1)
Mar 21 13:57:35 <daemon.debug> fw racoon: DEBUG: SKEYID_a computed:
Mar 21 13:57:35 <daemon.debug> fw racoon: DEBUG:  aa51e2c7 9b43ccb6
923e4c45 d03bd6cf c6e6dae7
Mar 21 13:57:35 <daemon.debug> fw racoon: DEBUG: hmac(hmac_sha1)
Mar 21 13:57:35 <daemon.debug> fw racoon: DEBUG: SKEYID_e computed:
Mar 21 13:57:35 <daemon.debug> fw racoon: DEBUG:  e5248de2 8747046b
e370cfc9 3329d598 fd16f988
Mar 21 13:57:35 <daemon.debug> fw racoon: DEBUG: encryption(3des)
Mar 21 13:57:35 <daemon.debug> fw racoon: DEBUG: hash(sha1)
Mar 21 13:57:35 <daemon.debug> fw racoon: DEBUG: len(SKEYID_e) < len(Ka)
(20 < 24), generating long key (Ka = K1 | K2 | ...)
Mar 21 13:57:35 <daemon.debug> fw racoon: DEBUG: hmac(hmac_sha1)
Mar 21 13:57:35 <daemon.debug> fw racoon: DEBUG: compute intermediate
encryption key K1
Mar 21 13:57:35 <daemon.debug> fw racoon: DEBUG:  00
Mar 21 13:57:35 <daemon.debug> fw racoon: DEBUG:  3c7d8c73 b83442d7
51fd94a1 390e203c 5b4c5999
Mar 21 13:57:35 <daemon.debug> fw racoon: DEBUG: hmac(hmac_sha1)
Mar 21 13:57:35 <daemon.debug> fw racoon: DEBUG: compute intermediate
encryption key K2
Mar 21 13:57:35 <daemon.debug> fw racoon: DEBUG:  3c7d8c73 b83442d7
51fd94a1 390e203c 5b4c5999
Mar 21 13:57:35 <daemon.debug> fw racoon: DEBUG:  9aa7a8c9 f3e363f2
c130ace9 a16c0f6f cfcd7ab4
Mar 21 13:57:35 <daemon.debug> fw racoon: DEBUG: final encryption key
computed:
Mar 21 13:57:35 <daemon.debug> fw racoon: DEBUG:  3c7d8c73 b83442d7
51fd94a1 390e203c 5b4c5999 9aa7a8c9
Mar 21 13:57:35 <daemon.debug> fw racoon: DEBUG: hash(sha1)
Mar 21 13:57:35 <daemon.debug> fw racoon: DEBUG: encryption(3des)
Mar 21 13:57:35 <daemon.debug> fw racoon: DEBUG: IV computed:
Mar 21 13:57:35 <daemon.debug> fw racoon: DEBUG:  c9ee51ad 29e5abc0
Mar 21 13:57:35 <daemon.debug> fw racoon: DEBUG: use ID type of FQDN
Mar 21 13:57:35 <daemon.debug> fw racoon: DEBUG: HASH with:
Mar 21 13:57:35 <daemon.debug> fw racoon: DEBUG:  d35a1cc5 05a88513
74217cc0 76072048 782cebb5 7eb41fc8 178fdc22 06b2afb5 1fc49194 255e1896
9674fa70 47ce4572 3da8a5ee d328867c e4d3e033 84e11e66 e131ee23 53a45018
a2e4bd04 94a032c8 e1a31c0c bb5b83ec 4d9adac5 a518cbae 048f7587 8b0c6e65
6605ed6b 1906b7f1 855496a4 2d036206 afb85bdf 2328a0ec 61521182 587120fb
88f15dc9 5f431f58 d5a3e871 0a6500f5 607daf7f 8e4629fe f576379b ad9db799
b4fa22a2 7fa20755 3ec97606 8814e434 dcf242c1 f1eb83eb 05ad6d73 316addb6
7e731c67 d5467aa5 56561e9b e5458d49 ed4d44d4 1c0defbd b33c1b79 122a9075
a64fc133 e8240a1b 3a53f911 3f74654d ed0df5c1 20a2b17b 2ce928b9 a3273043
8b58180a bfaa4b1e 00000001 00000001 0000002c 01010001 00000024 01010000
800b0001 000c0004 00015180 80010005 80030001 80020002 80040002 02000000
36362e31 30312e36 352e3232 36
Mar 21 13:57:35 <daemon.debug> fw racoon: DEBUG: hmac(hmac_sha1)
Mar 21 13:57:35 <daemon.debug> fw racoon: DEBUG: HASH computed:
Mar 21 13:57:35 <daemon.debug> fw racoon: DEBUG:  c6cdfd6d 42d30a6e
50d20794 46eafd5e bf0eff64
Mar 21 13:57:35 <daemon.debug> fw racoon: DEBUG: add payload of len 17,
next type 8
Mar 21 13:57:35 <daemon.debug> fw racoon: DEBUG: add payload of len 20,
next type 0
Mar 21 13:57:35 <daemon.debug> fw racoon: DEBUG: begin encryption.
Mar 21 13:57:35 <daemon.debug> fw racoon: DEBUG: encryption(3des)
Mar 21 13:57:35 <daemon.debug> fw racoon: DEBUG: pad length = 3
Mar 21 13:57:35 <daemon.debug> fw racoon: DEBUG:  08000015 02000000
36362e31 30312e36 352e3232 36000000 18c6cdfd 6d42d30a 6e50d207 9446eafd
5ebf0eff 64000003
Mar 21 13:57:35 <daemon.debug> fw racoon: DEBUG: encryption(3des)
Mar 21 13:57:35 <daemon.debug> fw racoon: DEBUG: with key:
Mar 21 13:57:35 <daemon.debug> fw racoon: DEBUG:  3c7d8c73 b83442d7
51fd94a1 390e203c 5b4c5999 9aa7a8c9
Mar 21 13:57:35 <daemon.debug> fw racoon: DEBUG: encrypted payload by IV:
Mar 21 13:57:35 <daemon.debug> fw racoon: DEBUG:  c9ee51ad 29e5abc0
Mar 21 13:57:35 <daemon.debug> fw racoon: DEBUG: save IV for next:
Mar 21 13:57:35 <daemon.debug> fw racoon: DEBUG:  0b98b2ec 1b07a0b9
Mar 21 13:57:35 <daemon.debug> fw racoon: DEBUG: encrypted.
Mar 21 13:57:35 <daemon.debug> fw racoon: DEBUG: 76 bytes from
4.3.2.1[500] to 1.2.3.4[500]
Mar 21 13:57:35 <daemon.debug> fw racoon: DEBUG: sockname 4.3.2.1[500]
Mar 21 13:57:35 <daemon.debug> fw racoon: DEBUG: send packet from
4.3.2.1[500]
Mar 21 13:57:35 <daemon.debug> fw racoon: DEBUG: send packet to 1.2.3.4[500]
Mar 21 13:57:35 <daemon.debug> fw racoon: DEBUG: 1 times of 76 bytes
message will be sent to 1.2.3.4[500]
Mar 21 13:57:35 <daemon.debug> fw racoon: DEBUG:  2ce928b9 a3273043
8b58180a bfaa4b1e 05100201 00000000 0000004c 55c0f51c 3aa36120 a017b67a
b10814f9 062fb3ef 6d8768fd 11d1b198 da3f44f1 6027b609 caa0121f 0b98b2ec
1b07a0b9
Mar 21 13:57:35 <daemon.debug> fw racoon: DEBUG: resend phase1 packet
2ce928b9a3273043:8b58180abfaa4b1e
Mar 21 13:57:35 <daemon.debug> fw racoon: DEBUG: ===
Mar 21 13:57:35 <daemon.debug> fw racoon: DEBUG: 92 bytes message
received from 1.2.3.4[500] to 4.3.2.1[500]
Mar 21 13:57:35 <daemon.debug> fw racoon: DEBUG:  2ce928b9 a3273043
8b58180a bfaa4b1e 08100501 33fc2922 0000005c 565bdc0e 355d6531 81aa6252
ccdfcefe 54f7f19a 807cabf0 c47f4291 e8c2b2df 5312e167 ffcc6fcb 1b2edde0
c31a2d26 5aaee7cd 11b26bc2 6c428a7b f08763fd
Mar 21 13:57:35 <daemon.debug> fw racoon: DEBUG: receive Information.
Mar 21 13:57:35 <daemon.debug> fw racoon: DEBUG: compute IV for phase2
Mar 21 13:57:35 <daemon.debug> fw racoon: DEBUG: phase1 last IV:
Mar 21 13:57:35 <daemon.debug> fw racoon: DEBUG:  0b98b2ec 1b07a0b9 33fc2922
Mar 21 13:57:35 <daemon.debug> fw racoon: DEBUG: hash(sha1)
Mar 21 13:57:35 <daemon.debug> fw racoon: DEBUG: encryption(3des)
Mar 21 13:57:35 <daemon.debug> fw racoon: DEBUG: phase2 IV computed:
Mar 21 13:57:35 <daemon.debug> fw racoon: DEBUG:  3f57b460 12cc4fad
Mar 21 13:57:35 <daemon.debug> fw racoon: DEBUG: begin decryption.
Mar 21 13:57:35 <daemon.debug> fw racoon: DEBUG: encryption(3des)
Mar 21 13:57:35 <daemon.debug> fw racoon: DEBUG: IV was saved for next
processing:
Mar 21 13:57:35 <daemon.debug> fw racoon: DEBUG:  6c428a7b f08763fd
Mar 21 13:57:35 <daemon.debug> fw racoon: DEBUG: encryption(3des)
Mar 21 13:57:35 <daemon.debug> fw racoon: DEBUG: with key:
Mar 21 13:57:35 <daemon.debug> fw racoon: DEBUG:  3c7d8c73 b83442d7
51fd94a1 390e203c 5b4c5999 9aa7a8c9
Mar 21 13:57:35 <daemon.debug> fw racoon: DEBUG: decrypted payload by IV:
Mar 21 13:57:35 <daemon.debug> fw racoon: DEBUG:  3f57b460 12cc4fad
Mar 21 13:57:35 <daemon.debug> fw racoon: DEBUG: decrypted payload, but
not trimed.
Mar 21 13:57:35 <daemon.debug> fw racoon: DEBUG:  e82ce17c 4e0f2eea
986521c1 4feaf24b 99154d2e 9998cb67 7dde9b52 2e0e7e06 3db30518 65b3e87e
fcc3caf1 9c6f3354 2c16c21d 0ca9e443 12b2db74 0433c011
Mar 21 13:57:35 <daemon.debug> fw racoon: DEBUG: padding len=17
Mar 21 13:57:35 <daemon.debug> fw racoon: DEBUG: skip to trim padding.
Mar 21 13:57:35 <daemon.debug> fw racoon: DEBUG: decrypted.
Mar 21 13:57:35 <daemon.debug> fw racoon: DEBUG:  2ce928b9 a3273043
8b58180a bfaa4b1e 08100501 33fc2922 0000005c e82ce17c 4e0f2eea 986521c1
4feaf24b 99154d2e 9998cb67 7dde9b52 2e0e7e06 3db30518 65b3e87e fcc3caf1
9c6f3354 2c16c21d 0ca9e443 12b2db74 0433c011
Mar 21 13:57:35 <daemon.info> fw racoon: ERROR: ignore information
because ISAKMP-SA has not been established yet.
Mar 21 13:57:39 <daemon.debug> fw racoon: DEBUG: ===
Mar 21 13:57:39 <daemon.debug> fw racoon: DEBUG: 184 bytes message
received from 1.2.3.4[500] to 4.3.2.1[500]
Mar 21 13:57:39 <daemon.debug> fw racoon: DEBUG:  2ce928b9 a3273043
8b58180a bfaa4b1e 04100200 00000000 000000b8 0a000084 61521182 587120fb
88f15dc9 5f431f58 d5a3e871 0a6500f5 607daf7f 8e4629fe f576379b ad9db799
b4fa22a2 7fa20755 3ec97606 8814e434 dcf242c1 f1eb83eb 05ad6d73 316addb6
7e731c67 d5467aa5 56561e9b e5458d49 ed4d44d4 1c0defbd b33c1b79 122a9075
a64fc133 e8240a1b 3a53f911 3f74654d ed0df5c1 20a2b17b 00000018 aa99fa0e
a5766f01 bc6b0006 0fdefbd9 ccd2916c
Mar 21 13:57:39 <daemon.debug> fw racoon: DEBUG: sockname 4.3.2.1[500]
Mar 21 13:57:39 <daemon.debug> fw racoon: DEBUG: send packet from
4.3.2.1[500]
Mar 21 13:57:39 <daemon.debug> fw racoon: DEBUG: send packet to 1.2.3.4[500]
Mar 21 13:57:39 <daemon.debug> fw racoon: DEBUG: 1 times of 76 bytes
message will be sent to 1.2.3.4[500]
Mar 21 13:57:39 <daemon.debug> fw racoon: DEBUG:  2ce928b9 a3273043
8b58180a bfaa4b1e 05100201 00000000 0000004c 55c0f51c 3aa36120 a017b67a
b10814f9 062fb3ef 6d8768fd 11d1b198 da3f44f1 6027b609 caa0121f 0b98b2ec
1b07a0b9
Mar 21 13:57:39 <daemon.info> fw racoon: NOTIFY: the packet is
retransmitted by 1.2.3.4[500].
Mar 21 13:57:43 <daemon.debug> fw racoon: DEBUG: ===
Mar 21 13:57:43 <daemon.debug> fw racoon: DEBUG: 184 bytes message
received from 1.2.3.4[500] to 4.3.2.1[500]
Mar 21 13:57:43 <daemon.debug> fw racoon: DEBUG:  2ce928b9 a3273043
8b58180a bfaa4b1e 04100200 00000000 000000b8 0a000084 61521182 587120fb
88f15dc9 5f431f58 d5a3e871 0a6500f5 607daf7f 8e4629fe f576379b ad9db799
b4fa22a2 7fa20755 3ec97606 8814e434 dcf242c1 f1eb83eb 05ad6d73 316addb6
7e731c67 d5467aa5 56561e9b e5458d49 ed4d44d4 1c0defbd b33c1b79 122a9075
a64fc133 e8240a1b 3a53f911 3f74654d ed0df5c1 20a2b17b 00000018 aa99fa0e
a5766f01 bc6b0006 0fdefbd9 ccd2916c
Mar 21 13:57:43 <daemon.debug> fw racoon: DEBUG: sockname 4.3.2.1[500]
Mar 21 13:57:43 <daemon.debug> fw racoon: DEBUG: send packet from
4.3.2.1[500]
Mar 21 13:57:43 <daemon.debug> fw racoon: DEBUG: send packet to 1.2.3.4[500]
Mar 21 13:57:43 <daemon.debug> fw racoon: DEBUG: 1 times of 76 bytes
message will be sent to 1.2.3.4[500]
Mar 21 13:57:43 <daemon.debug> fw racoon: DEBUG:  2ce928b9 a3273043
8b58180a bfaa4b1e 05100201 00000000 0000004c 55c0f51c 3aa36120 a017b67a
b10814f9 062fb3ef 6d8768fd 11d1b198 da3f44f1 6027b609 caa0121f 0b98b2ec
1b07a0b9
Mar 21 13:57:43 <daemon.info> fw racoon: NOTIFY: the packet is
retransmitted by 1.2.3.4[500].
Mar 21 13:57:44 <daemon.debug> fw racoon: DEBUG: get pfkey ACQUIRE message
Mar 21 13:57:44 <daemon.debug> fw racoon: DEBUG: ignore the acquire
because ph2 found
Mar 21 13:57:47 <daemon.debug> fw racoon: DEBUG: ===
Mar 21 13:57:47 <daemon.debug> fw racoon: DEBUG: 184 bytes message
received from 1.2.3.4[500] to 4.3.2.1[500]
Mar 21 13:57:47 <daemon.debug> fw racoon: DEBUG:  2ce928b9 a3273043
8b58180a bfaa4b1e 04100200 00000000 000000b8 0a000084 61521182 587120fb
88f15dc9 5f431f58 d5a3e871 0a6500f5 607daf7f 8e4629fe f576379b ad9db799
b4fa22a2 7fa20755 3ec97606 8814e434 dcf242c1 f1eb83eb 05ad6d73 316addb6
7e731c67 d5467aa5 56561e9b e5458d49 ed4d44d4 1c0defbd b33c1b79 122a9075
a64fc133 e8240a1b 3a53f911 3f74654d ed0df5c1 20a2b17b 00000018 aa99fa0e
a5766f01 bc6b0006 0fdefbd9 ccd2916c
Mar 21 13:57:47 <daemon.debug> fw racoon: DEBUG: sockname 4.3.2.1[500]
Mar 21 13:57:47 <daemon.debug> fw racoon: DEBUG: send packet from
4.3.2.1[500]
Mar 21 13:57:47 <daemon.debug> fw racoon: DEBUG: send packet to 1.2.3.4[500]
Mar 21 13:57:47 <daemon.debug> fw racoon: DEBUG: 1 times of 76 bytes
message will be sent to 1.2.3.4[500]
Mar 21 13:57:47 <daemon.debug> fw racoon: DEBUG:  2ce928b9 a3273043
8b58180a bfaa4b1e 05100201 00000000 0000004c 55c0f51c 3aa36120 a017b67a
b10814f9 062fb3ef 6d8768fd 11d1b198 da3f44f1 6027b609 caa0121f 0b98b2ec
1b07a0b9
Mar 21 13:57:47 <daemon.info> fw racoon: NOTIFY: the packet is
retransmitted by 1.2.3.4[500].
Mar 21 13:57:51 <daemon.debug> fw racoon: DEBUG: ===
Mar 21 13:57:51 <daemon.debug> fw racoon: DEBUG: 184 bytes message
received from 1.2.3.4[500] to 4.3.2.1[500]
Mar 21 13:57:51 <daemon.debug> fw racoon: DEBUG:  2ce928b9 a3273043
8b58180a bfaa4b1e 04100200 00000000 000000b8 0a000084 61521182 587120fb
88f15dc9 5f431f58 d5a3e871 0a6500f5 607daf7f 8e4629fe f576379b ad9db799
b4fa22a2 7fa20755 3ec97606 8814e434 dcf242c1 f1eb83eb 05ad6d73 316addb6
7e731c67 d5467aa5 56561e9b e5458d49 ed4d44d4 1c0defbd b33c1b79 122a9075
a64fc133 e8240a1b 3a53f911 3f74654d ed0df5c1 20a2b17b 00000018 aa99fa0e
a5766f01 bc6b0006 0fdefbd9 ccd2916c
Mar 21 13:57:51 <daemon.debug> fw racoon: DEBUG: sockname 4.3.2.1[500]
Mar 21 13:57:51 <daemon.debug> fw racoon: DEBUG: send packet from
4.3.2.1[500]
Mar 21 13:57:51 <daemon.debug> fw racoon: DEBUG: send packet to 1.2.3.4[500]
Mar 21 13:57:51 <daemon.debug> fw racoon: DEBUG: 1 times of 76 bytes
message will be sent to 1.2.3.4[500]
Mar 21 13:57:51 <daemon.debug> fw racoon: DEBUG:  2ce928b9 a3273043
8b58180a bfaa4b1e 05100201 00000000 0000004c 55c0f51c 3aa36120 a017b67a
b10814f9 062fb3ef 6d8768fd 11d1b198 da3f44f1 6027b609 caa0121f 0b98b2ec
1b07a0b9
Mar 21 13:57:51 <daemon.info> fw racoon: NOTIFY: the packet is
retransmitted by 1.2.3.4[500].