Project

General

Profile

StrongSwan ipsec logs2.txt

Logging from StrongSwan with 3 different tests - Pi Ba, 12/20/2014 05:16 PM

 
1
IPSEC.1- VPN con12 Supports 'Cisco Unity', 3x P2 in rightsubnet works.
2
IPSEC.2- VPN with 2 conn sections defined in ipsec.conf con7 & con14, to same site, same psk, same id's, different P2,reqid.. works
3
IPSEC.3- VPN con7 fails for second host when only 1 conn section is defined.
4

    
5
pfSense WAN-ip: 1.2.3.203
6

    
7
Site1 ip: 2.3.4.22 (supports: Cisco Unity)
8
Site1-P2: (con12) 10.10.0.144 /  10.10.0.145 /  10.10.0.146 << these 3 work ok
9

    
10
Site2 ip: 3.4.5.58 (uses NAT-T)
11
Site2-P2: (con7) 10.40.0.33 / 10.40.0.191  << only the first works
12
Site2-P2: (con14) 10.40.0.67 << this does work
13

    
14
##############################################################################
15
### IPSEC.1- VPN con12 Supports 'Cisco Unity', 3x P2 in rightsubnet works. ###
16
##############################################################################
17
2014-12-20 16:37:00	Daemon.Info	192.168.8.3	Dec 20 16:37:00 charon: 12[KNL] creating acquire job for policy 1.2.3.203/32|/0 === 2.3.4.22/32|/0 with reqid {12}
18
2014-12-20 16:37:00	System0.Inf	192.168.8.3	Dec 20 16:37:00 charon: 11[IKE] <con12|9> initiating Main Mode IKE_SA con12[9] to 2.3.4.22
19
2014-12-20 16:37:00	Daemon.Info	192.168.8.3	Dec 20 16:37:00 charon: 11[IKE] initiating Main Mode IKE_SA con12[9] to 2.3.4.22
20
2014-12-20 16:37:00	Daemon.Info	192.168.8.3	Dec 20 16:37:00 charon: 11[ENC] generating ID_PROT request 0 [ SA V V V V V V ]
21
2014-12-20 16:37:00	Daemon.Info	192.168.8.3	Dec 20 16:37:00 charon: 11[NET] sending packet: from 1.2.3.203[500] to 2.3.4.22[500] (200 bytes)
22
2014-12-20 16:37:00	Daemon.Info	192.168.8.3	Dec 20 16:37:00 charon: 11[NET] received packet: from 2.3.4.22[500] to 1.2.3.203[500] (180 bytes)
23
2014-12-20 16:37:00	Daemon.Info	192.168.8.3	Dec 20 16:37:00 charon: 11[ENC] parsed ID_PROT response 0 [ SA V V V V V ]
24
2014-12-20 16:37:00	System0.Inf	192.168.8.3	Dec 20 16:37:00 charon: 11[IKE] <con12|9> received XAuth vendor ID
25
2014-12-20 16:37:00	Daemon.Info	192.168.8.3	Dec 20 16:37:00 charon: 11[IKE] received XAuth vendor ID
26
2014-12-20 16:37:00	System0.Inf	192.168.8.3	Dec 20 16:37:00 charon: 11[IKE] <con12|9> received Cisco Unity vendor ID
27
2014-12-20 16:37:00	Daemon.Info	192.168.8.3	Dec 20 16:37:00 charon: 11[IKE] received Cisco Unity vendor ID
28
2014-12-20 16:37:00	System0.Inf	192.168.8.3	Dec 20 16:37:00 charon: 11[IKE] <con12|9> received DPD vendor ID
29
2014-12-20 16:37:00	Daemon.Info	192.168.8.3	Dec 20 16:37:00 charon: 11[IKE] received DPD vendor ID
30
2014-12-20 16:37:00	System0.Inf	192.168.8.3	Dec 20 16:37:00 charon: 11[IKE] <con12|9> received FRAGMENTATION vendor ID
31
2014-12-20 16:37:00	Daemon.Info	192.168.8.3	Dec 20 16:37:00 charon: 11[IKE] received FRAGMENTATION vendor ID
32
2014-12-20 16:37:00	Daemon.Info	192.168.8.3	Dec 20 16:37:00 charon: 11[ENC] received unknown vendor ID: a9:b9:b1:03:4f:7e:50:a2:51:3b:47:b1:00:bb:85:a9
33
2014-12-20 16:37:00	Daemon.Info	192.168.8.3	Dec 20 16:37:00 charon: 11[ENC] generating ID_PROT request 0 [ KE No ]
34
2014-12-20 16:37:00	Daemon.Info	192.168.8.3	Dec 20 16:37:00 charon: 11[NET] sending packet: from 1.2.3.203[500] to 2.3.4.22[500] (260 bytes)
35
2014-12-20 16:37:00	Daemon.Info	192.168.8.3	Dec 20 16:37:00 charon: 11[NET] received packet: from 2.3.4.22[500] to 1.2.3.203[500] (244 bytes)
36
2014-12-20 16:37:00	Daemon.Info	192.168.8.3	Dec 20 16:37:00 charon: 11[ENC] parsed ID_PROT response 0 [ KE No ]
37
2014-12-20 16:37:00	Daemon.Info	192.168.8.3	Dec 20 16:37:00 charon: 11[ENC] generating ID_PROT request 0 [ ID HASH ]
38
2014-12-20 16:37:00	Daemon.Info	192.168.8.3	Dec 20 16:37:00 charon: 11[NET] sending packet: from 1.2.3.203[500] to 2.3.4.22[500] (76 bytes)
39
2014-12-20 16:37:00	Daemon.Info	192.168.8.3	Dec 20 16:37:00 charon: 11[NET] received packet: from 2.3.4.22[500] to 1.2.3.203[500] (76 bytes)
40
2014-12-20 16:37:00	Daemon.Info	192.168.8.3	Dec 20 16:37:00 charon: 11[ENC] parsed ID_PROT response 0 [ ID HASH ]
41
2014-12-20 16:37:00	System0.Inf	192.168.8.3	Dec 20 16:37:00 charon: 11[IKE] <con12|9> IKE_SA con12[9] established between 1.2.3.203[1.2.3.203]...2.3.4.22[2.3.4.22]
42
2014-12-20 16:37:00	Daemon.Info	192.168.8.3	Dec 20 16:37:00 charon: 11[IKE] IKE_SA con12[9] established between 1.2.3.203[1.2.3.203]...2.3.4.22[2.3.4.22]
43
2014-12-20 16:37:00	System0.Inf	192.168.8.3	Dec 20 16:37:00 charon: 11[IKE] <con12|9> scheduling reauthentication in 27776s
44
2014-12-20 16:37:00	Daemon.Info	192.168.8.3	Dec 20 16:37:00 charon: 11[IKE] scheduling reauthentication in 27776s
45
2014-12-20 16:37:00	System0.Inf	192.168.8.3	Dec 20 16:37:00 charon: 11[IKE] <con12|9> maximum IKE_SA lifetime 28316s
46
2014-12-20 16:37:00	Daemon.Info	192.168.8.3	Dec 20 16:37:00 charon: 11[IKE] maximum IKE_SA lifetime 28316s
47
## --P1 done--
48
2014-12-20 16:37:00	Daemon.Info	192.168.8.3	Dec 20 16:37:00 charon: 11[ENC] generating QUICK_MODE request 3434393421 [ HASH SA No KE ID ID ]
49
2014-12-20 16:37:00	Daemon.Info	192.168.8.3	Dec 20 16:37:00 charon: 11[NET] sending packet: from 1.2.3.203[500] to 2.3.4.22[500] (380 bytes)
50
2014-12-20 16:37:00	Daemon.Info	192.168.8.3	Dec 20 16:37:00 charon: 11[NET] received packet: from 2.3.4.22[500] to 1.2.3.203[500] (364 bytes)
51
2014-12-20 16:37:00	Daemon.Info	192.168.8.3	Dec 20 16:37:00 charon: 11[ENC] parsed QUICK_MODE response 3434393421 [ HASH SA No KE ID ID ]
52
2014-12-20 16:37:00	System0.Inf	192.168.8.3	Dec 20 16:37:00 charon: 11[IKE] <con12|9> CHILD_SA con12{12} established with SPIs c98b7a36_i ed19ad07_o and TS 192.168.8.0/24|/0 === 10.10.0.144/32|/0 
53
2014-12-20 16:37:00	Daemon.Info	192.168.8.3	Dec 20 16:37:00 charon: 11[IKE] CHILD_SA con12{12} established with SPIs c98b7a36_i ed19ad07_o and TS 192.168.8.0/24|/0 === 10.10.0.144/32|/0 
54
2014-12-20 16:37:00	Daemon.Info	192.168.8.3	Dec 20 16:37:00 charon: 11[ENC] generating QUICK_MODE request 3434393421 [ HASH ]
55
2014-12-20 16:37:00	Daemon.Info	192.168.8.3	Dec 20 16:37:00 charon: 11[NET] sending packet: from 1.2.3.203[500] to 2.3.4.22[500] (60 bytes)
56
## ping .144 works
57
2014-12-20 16:37:28	Daemon.Info	192.168.8.3	Dec 20 16:37:27 charon: 12[NET] received packet: from 2.3.4.22[500] to 1.2.3.203[500] (364 bytes)
58
2014-12-20 16:37:28	Daemon.Info	192.168.8.3	Dec 20 16:37:27 charon: 12[ENC] parsed QUICK_MODE request 2980998030 [ HASH SA No KE ID ID ]
59
2014-12-20 16:37:28	Daemon.Info	192.168.8.3	Dec 20 16:37:27 charon: 12[ENC] generating QUICK_MODE response 2980998030 [ HASH SA No KE ID ID ]
60
2014-12-20 16:37:28	Daemon.Info	192.168.8.3	Dec 20 16:37:27 charon: 12[NET] sending packet: from 1.2.3.203[500] to 2.3.4.22[500] (380 bytes)
61
2014-12-20 16:37:28	Daemon.Info	192.168.8.3	Dec 20 16:37:27 charon: 11[NET] received packet: from 2.3.4.22[500] to 1.2.3.203[500] (60 bytes)
62
2014-12-20 16:37:28	Daemon.Info	192.168.8.3	Dec 20 16:37:27 charon: 11[ENC] parsed QUICK_MODE request 2980998030 [ HASH ]
63
2014-12-20 16:37:28	System0.Inf	192.168.8.3	Dec 20 16:37:27 charon: 11[IKE] <con12|9> CHILD_SA con12{12} established with SPIs ced4e00c_i e3000bc3_o and TS 192.168.8.0/24|/0 === 10.10.0.145/32|/0 
64
2014-12-20 16:37:28	Daemon.Info	192.168.8.3	Dec 20 16:37:27 charon: 11[IKE] CHILD_SA con12{12} established with SPIs ced4e00c_i e3000bc3_o and TS 192.168.8.0/24|/0 === 10.10.0.145/32|/0 
65
## ping .145 works
66
2014-12-20 16:38:01	Daemon.Info	192.168.8.3	Dec 20 16:38:00 charon: 13[NET] received packet: from 2.3.4.22[500] to 1.2.3.203[500] (364 bytes)
67
2014-12-20 16:38:01	Daemon.Info	192.168.8.3	Dec 20 16:38:00 charon: 13[ENC] parsed QUICK_MODE request 3538110311 [ HASH SA No KE ID ID ]
68
2014-12-20 16:38:02	Daemon.Info	192.168.8.3	Dec 20 16:38:00 charon: 13[ENC] generating QUICK_MODE response 3538110311 [ HASH SA No KE ID ID ]
69
2014-12-20 16:38:02	Daemon.Info	192.168.8.3	Dec 20 16:38:00 charon: 13[NET] sending packet: from 1.2.3.203[500] to 2.3.4.22[500] (380 bytes)
70
2014-12-20 16:38:02	Daemon.Info	192.168.8.3	Dec 20 16:38:00 charon: 13[NET] received packet: from 2.3.4.22[500] to 1.2.3.203[500] (60 bytes)
71
2014-12-20 16:38:02	Daemon.Info	192.168.8.3	Dec 20 16:38:00 charon: 13[ENC] parsed QUICK_MODE request 3538110311 [ HASH ]
72
2014-12-20 16:38:02	System0.Inf	192.168.8.3	Dec 20 16:38:00 charon: 13[IKE] <con12|9> CHILD_SA con12{12} established with SPIs cc49fc37_i d7dd63b3_o and TS 192.168.8.0/24|/0 === 10.10.0.146/32|/0 
73
2014-12-20 16:38:02	Daemon.Info	192.168.8.3	Dec 20 16:38:00 charon: 13[IKE] CHILD_SA con12{12} established with SPIs cc49fc37_i d7dd63b3_o and TS 192.168.8.0/24|/0 === 10.10.0.146/32|/0 
74
## ping .146 works
75

    
76
##############################################################################
77
### IPSEC.2- VPN with 2 conn sections defined in ipsec.conf con7 & con14, to same site, same psk, same id's, different P2,reqid.. works ###
78
##############################################################################
79
2014-12-20 16:31:43	Daemon.Info	192.168.8.3	Dec 20 16:31:43 charon: 09[KNL] creating acquire job for policy 1.2.3.203/32|/0 === 3.4.5.58/32|/0 with reqid {7}
80
2014-12-20 16:31:43	System0.Inf	192.168.8.3	Dec 20 16:31:43 charon: 08[IKE] <con7|5> initiating Main Mode IKE_SA con7[5] to 3.4.5.58
81
2014-12-20 16:31:43	Daemon.Info	192.168.8.3	Dec 20 16:31:43 charon: 08[IKE] initiating Main Mode IKE_SA con7[5] to 3.4.5.58
82
2014-12-20 16:31:43	Daemon.Info	192.168.8.3	Dec 20 16:31:43 charon: 08[ENC] generating ID_PROT request 0 [ SA V V V V V V ]
83
2014-12-20 16:31:43	Daemon.Info	192.168.8.3	Dec 20 16:31:43 charon: 08[NET] sending packet: from 1.2.3.203[500] to 3.4.5.58[500] (204 bytes)
84
2014-12-20 16:31:43	Daemon.Info	192.168.8.3	Dec 20 16:31:43 charon: 08[NET] received packet: from 3.4.5.58[500] to 1.2.3.203[500] (120 bytes)
85
2014-12-20 16:31:43	Daemon.Info	192.168.8.3	Dec 20 16:31:43 charon: 08[ENC] parsed ID_PROT response 0 [ SA V V ]
86
2014-12-20 16:31:43	Daemon.Info	192.168.8.3	Dec 20 16:31:43 charon: 08[ENC] received unknown vendor ID: 5b:36:2b:c8:20:f6:00:07
87
2014-12-20 16:31:43	System0.Inf	192.168.8.3	Dec 20 16:31:43 charon: 08[IKE] <con7|5> received NAT-T (RFC 3947) vendor ID
88
2014-12-20 16:31:43	Daemon.Info	192.168.8.3	Dec 20 16:31:43 charon: 08[IKE] received NAT-T (RFC 3947) vendor ID
89
2014-12-20 16:31:43	Daemon.Info	192.168.8.3	Dec 20 16:31:43 charon: 08[ENC] generating ID_PROT request 0 [ KE No NAT-D NAT-D ]
90
2014-12-20 16:31:43	Daemon.Info	192.168.8.3	Dec 20 16:31:43 charon: 08[NET] sending packet: from 1.2.3.203[500] to 3.4.5.58[500] (244 bytes)
91
2014-12-20 16:31:43	Daemon.Info	192.168.8.3	Dec 20 16:31:43 charon: 08[NET] received packet: from 3.4.5.58[500] to 1.2.3.203[500] (276 bytes)
92
2014-12-20 16:31:43	Daemon.Info	192.168.8.3	Dec 20 16:31:43 charon: 08[ENC] parsed ID_PROT response 0 [ KE NAT-D NAT-D No V V V ]
93
2014-12-20 16:31:43	Daemon.Info	192.168.8.3	Dec 20 16:31:43 charon: 08[ENC] received unknown vendor ID: 40:4b:f4:39:52:2c:a3:f6
94
2014-12-20 16:31:43	System0.Inf	192.168.8.3	Dec 20 16:31:43 charon: 08[IKE] <con7|5> received XAuth vendor ID
95
2014-12-20 16:31:43	Daemon.Info	192.168.8.3	Dec 20 16:31:43 charon: 08[IKE] received XAuth vendor ID
96
2014-12-20 16:31:43	System0.Inf	192.168.8.3	Dec 20 16:31:43 charon: 08[IKE] <con7|5> received DPD vendor ID
97
2014-12-20 16:31:43	Daemon.Info	192.168.8.3	Dec 20 16:31:43 charon: 08[IKE] received DPD vendor ID
98
2014-12-20 16:31:43	System0.Inf	192.168.8.3	Dec 20 16:31:43 charon: 08[IKE] <con7|5> local host is behind NAT, sending keep alives
99
2014-12-20 16:31:43	Daemon.Info	192.168.8.3	Dec 20 16:31:43 charon: 08[IKE] local host is behind NAT, sending keep alives
100
2014-12-20 16:31:43	Daemon.Info	192.168.8.3	Dec 20 16:31:43 charon: 08[ENC] generating ID_PROT request 0 [ ID HASH ]
101
2014-12-20 16:31:43	Daemon.Info	192.168.8.3	Dec 20 16:31:43 charon: 08[NET] sending packet: from 1.2.3.203[4500] to 3.4.5.58[4500] (76 bytes)
102
2014-12-20 16:31:43	Daemon.Info	192.168.8.3	Dec 20 16:31:43 charon: 08[NET] received packet: from 3.4.5.58[4500] to 1.2.3.203[4500] (76 bytes)
103
2014-12-20 16:31:43	Daemon.Info	192.168.8.3	Dec 20 16:31:43 charon: 08[ENC] parsed ID_PROT response 0 [ ID HASH ]
104
2014-12-20 16:31:43	System0.Inf	192.168.8.3	Dec 20 16:31:43 charon: 08[IKE] <con7|5> IKE_SA con7[5] established between 1.2.3.203[1.2.3.203]...3.4.5.58[3.4.5.58]
105
2014-12-20 16:31:43	Daemon.Info	192.168.8.3	Dec 20 16:31:43 charon: 08[IKE] IKE_SA con7[5] established between 1.2.3.203[1.2.3.203]...3.4.5.58[3.4.5.58]
106
2014-12-20 16:31:43	System0.Inf	192.168.8.3	Dec 20 16:31:43 charon: 08[IKE] <con7|5> scheduling reauthentication in 85813s
107
2014-12-20 16:31:43	Daemon.Info	192.168.8.3	Dec 20 16:31:43 charon: 08[IKE] scheduling reauthentication in 85813s
108
2014-12-20 16:31:43	System0.Inf	192.168.8.3	Dec 20 16:31:43 charon: 08[IKE] <con7|5> maximum IKE_SA lifetime 86353s
109
2014-12-20 16:31:43	Daemon.Info	192.168.8.3	Dec 20 16:31:43 charon: 08[IKE] maximum IKE_SA lifetime 86353s
110
## --P1 done--
111
2014-12-20 16:31:43	Daemon.Info	192.168.8.3	Dec 20 16:31:43 charon: 08[ENC] generating QUICK_MODE request 1048692260 [ HASH SA No KE ID ID ]
112
2014-12-20 16:31:43	Daemon.Info	192.168.8.3	Dec 20 16:31:43 charon: 08[NET] sending packet: from 1.2.3.203[4500] to 3.4.5.58[4500] (316 bytes)
113
2014-12-20 16:31:43	Daemon.Info	192.168.8.3	Dec 20 16:31:43 charon: 08[NET] received packet: from 3.4.5.58[4500] to 1.2.3.203[4500] (300 bytes)
114
2014-12-20 16:31:43	Daemon.Info	192.168.8.3	Dec 20 16:31:43 charon: 08[ENC] parsed QUICK_MODE response 1048692260 [ HASH SA No KE ID ID ]
115
2014-12-20 16:31:43	System0.Inf	192.168.8.3	Dec 20 16:31:43 charon: 08[IKE] <con7|5> CHILD_SA con7{7} established with SPIs c5bb0965_i 27ca498e_o and TS 192.168.8.0/24|/0 === 10.40.0.33/32|/0 
116
2014-12-20 16:31:43	Daemon.Info	192.168.8.3	Dec 20 16:31:43 charon: 08[IKE] CHILD_SA con7{7} established with SPIs c5bb0965_i 27ca498e_o and TS 192.168.8.0/24|/0 === 10.40.0.33/32|/0 
117
2014-12-20 16:31:43	Daemon.Info	192.168.8.3	Dec 20 16:31:43 charon: 08[ENC] generating QUICK_MODE request 1048692260 [ HASH ]
118
2014-12-20 16:31:43	Daemon.Info	192.168.8.3	Dec 20 16:31:43 charon: 08[NET] sending packet: from 1.2.3.203[4500] to 3.4.5.58[4500] (60 bytes)
119
## ping 10.40.0.33 works
120
2014-12-20 16:32:29	Daemon.Info	192.168.8.3	Dec 20 16:32:29 charon: 08[KNL] creating acquire job for policy 1.2.3.203/32|/0 === 3.4.5.58/32|/0 with reqid {14}
121
2014-12-20 16:32:29	Daemon.Info	192.168.8.3	Dec 20 16:32:29 charon: 06[ENC] generating QUICK_MODE request 539705231 [ HASH SA No KE ID ID ]
122
2014-12-20 16:32:29	Daemon.Info	192.168.8.3	Dec 20 16:32:29 charon: 06[NET] sending packet: from 1.2.3.203[4500] to 3.4.5.58[4500] (316 bytes)
123
2014-12-20 16:32:29	Daemon.Info	192.168.8.3	Dec 20 16:32:29 charon: 06[NET] received packet: from 3.4.5.58[4500] to 1.2.3.203[4500] (300 bytes)
124
2014-12-20 16:32:29	Daemon.Info	192.168.8.3	Dec 20 16:32:29 charon: 06[ENC] parsed QUICK_MODE response 539705231 [ HASH SA No KE ID ID ]
125
2014-12-20 16:32:29	System0.Inf	192.168.8.3	Dec 20 16:32:29 charon: 06[IKE] <con7|5> CHILD_SA con14{14} established with SPIs cad306d2_i d8c3be7b_o and TS 192.168.8.0/24|/0 === 10.40.0.67/32|/0 
126
2014-12-20 16:32:29	Daemon.Info	192.168.8.3	Dec 20 16:32:29 charon: 06[IKE] CHILD_SA con14{14} established with SPIs cad306d2_i d8c3be7b_o and TS 192.168.8.0/24|/0 === 10.40.0.67/32|/0 
127
2014-12-20 16:32:29	Daemon.Info	192.168.8.3	Dec 20 16:32:29 charon: 06[ENC] generating QUICK_MODE request 539705231 [ HASH ]
128
2014-12-20 16:32:29	Daemon.Info	192.168.8.3	Dec 20 16:32:29 charon: 06[NET] sending packet: from 1.2.3.203[4500] to 3.4.5.58[4500] (60 bytes)
129
## ping 10.40.0.67 works
130

    
131
##############################################################################
132
### IPSEC.3- VPN con7 fails for second subnet when only 1 conn section is defined.
133
##############################################################################
134
2014-12-20 23:50:42	Daemon.Info	192.168.8.3	Dec 20 23:50:41 charon: 13[KNL] creating acquire job for policy 1.2.3.203/32|/0 === 3.4.5.58/32|/0 with reqid {7}
135
2014-12-20 23:50:42	System0.Inf	192.168.8.3	Dec 20 23:50:41 charon: 16[IKE] <con7|1> initiating Main Mode IKE_SA con7[1] to 3.4.5.58
136
2014-12-20 23:50:42	Daemon.Info	192.168.8.3	Dec 20 23:50:41 charon: 16[IKE] initiating Main Mode IKE_SA con7[1] to 3.4.5.58
137
2014-12-20 23:50:42	Daemon.Info	192.168.8.3	Dec 20 23:50:41 charon: 16[ENC] generating ID_PROT request 0 [ SA V V V V V V ]
138
2014-12-20 23:50:42	Daemon.Info	192.168.8.3	Dec 20 23:50:41 charon: 16[NET] sending packet: from 1.2.3.203[500] to 3.4.5.58[500] (204 bytes)
139
2014-12-20 23:50:42	Daemon.Info	192.168.8.3	Dec 20 23:50:41 charon: 16[NET] received packet: from 3.4.5.58[500] to 1.2.3.203[500] (120 bytes)
140
2014-12-20 23:50:42	Daemon.Info	192.168.8.3	Dec 20 23:50:41 charon: 16[ENC] parsed ID_PROT response 0 [ SA V V ]
141
2014-12-20 23:50:42	Daemon.Info	192.168.8.3	Dec 20 23:50:41 charon: 16[ENC] received unknown vendor ID: 5b:36:2b:c8:20:f6:00:07
142
2014-12-20 23:50:42	System0.Inf	192.168.8.3	Dec 20 23:50:41 charon: 16[IKE] <con7|1> received NAT-T (RFC 3947) vendor ID
143
2014-12-20 23:50:42	Daemon.Info	192.168.8.3	Dec 20 23:50:41 charon: 16[IKE] received NAT-T (RFC 3947) vendor ID
144
2014-12-20 23:50:42	Daemon.Info	192.168.8.3	Dec 20 23:50:41 charon: 16[ENC] generating ID_PROT request 0 [ KE No NAT-D NAT-D ]
145
2014-12-20 23:50:42	Daemon.Info	192.168.8.3	Dec 20 23:50:41 charon: 16[NET] sending packet: from 1.2.3.203[500] to 3.4.5.58[500] (244 bytes)
146
2014-12-20 23:50:42	Daemon.Info	192.168.8.3	Dec 20 23:50:41 charon: 16[NET] received packet: from 3.4.5.58[500] to 1.2.3.203[500] (276 bytes)
147
2014-12-20 23:50:42	Daemon.Info	192.168.8.3	Dec 20 23:50:41 charon: 16[ENC] parsed ID_PROT response 0 [ KE NAT-D NAT-D No V V V ]
148
2014-12-20 23:50:42	Daemon.Info	192.168.8.3	Dec 20 23:50:41 charon: 16[ENC] received unknown vendor ID: 40:4b:f4:39:52:2c:a3:f6
149
2014-12-20 23:50:42	System0.Inf	192.168.8.3	Dec 20 23:50:41 charon: 16[IKE] <con7|1> received XAuth vendor ID
150
2014-12-20 23:50:42	Daemon.Info	192.168.8.3	Dec 20 23:50:41 charon: 16[IKE] received XAuth vendor ID
151
2014-12-20 23:50:42	System0.Inf	192.168.8.3	Dec 20 23:50:41 charon: 16[IKE] <con7|1> received DPD vendor ID
152
2014-12-20 23:50:42	Daemon.Info	192.168.8.3	Dec 20 23:50:41 charon: 16[IKE] received DPD vendor ID
153
2014-12-20 23:50:42	System0.Inf	192.168.8.3	Dec 20 23:50:41 charon: 16[IKE] <con7|1> local host is behind NAT, sending keep alives
154
2014-12-20 23:50:42	Daemon.Info	192.168.8.3	Dec 20 23:50:41 charon: 16[IKE] local host is behind NAT, sending keep alives
155
2014-12-20 23:50:42	Daemon.Info	192.168.8.3	Dec 20 23:50:41 charon: 16[ENC] generating ID_PROT request 0 [ ID HASH ]
156
2014-12-20 23:50:42	Daemon.Info	192.168.8.3	Dec 20 23:50:41 charon: 16[NET] sending packet: from 1.2.3.203[4500] to 3.4.5.58[4500] (76 bytes)
157
2014-12-20 23:50:42	Daemon.Info	192.168.8.3	Dec 20 23:50:41 charon: 16[NET] received packet: from 3.4.5.58[4500] to 1.2.3.203[4500] (76 bytes)
158
2014-12-20 23:50:42	Daemon.Info	192.168.8.3	Dec 20 23:50:41 charon: 16[ENC] parsed ID_PROT response 0 [ ID HASH ]
159
2014-12-20 23:50:42	System0.Inf	192.168.8.3	Dec 20 23:50:41 charon: 16[IKE] <con7|1> IKE_SA con7[1] established between 1.2.3.203[1.2.3.203]...3.4.5.58[3.4.5.58]
160
2014-12-20 23:50:42	Daemon.Info	192.168.8.3	Dec 20 23:50:41 charon: 16[IKE] IKE_SA con7[1] established between 1.2.3.203[1.2.3.203]...3.4.5.58[3.4.5.58]
161
2014-12-20 23:50:42	System0.Inf	192.168.8.3	Dec 20 23:50:41 charon: 16[IKE] <con7|1> scheduling reauthentication in 85510s
162
2014-12-20 23:50:42	Daemon.Info	192.168.8.3	Dec 20 23:50:41 charon: 16[IKE] scheduling reauthentication in 85510s
163
2014-12-20 23:50:42	System0.Inf	192.168.8.3	Dec 20 23:50:41 charon: 16[IKE] <con7|1> maximum IKE_SA lifetime 86050s
164
2014-12-20 23:50:42	Daemon.Info	192.168.8.3	Dec 20 23:50:41 charon: 16[IKE] maximum IKE_SA lifetime 86050s
165
## --P1 done--
166
2014-12-20 23:50:42	Daemon.Info	192.168.8.3	Dec 20 23:50:41 charon: 16[ENC] generating QUICK_MODE request 3177465872 [ HASH SA No KE ID ID ]
167
2014-12-20 23:50:42	Daemon.Info	192.168.8.3	Dec 20 23:50:41 charon: 16[NET] sending packet: from 1.2.3.203[4500] to 3.4.5.58[4500] (316 bytes)
168
2014-12-20 23:50:42	Daemon.Info	192.168.8.3	Dec 20 23:50:41 charon: 16[NET] received packet: from 3.4.5.58[4500] to 1.2.3.203[4500] (108 bytes)
169
2014-12-20 23:50:42	Daemon.Info	192.168.8.3	Dec 20 23:50:41 charon: 16[ENC] parsed INFORMATIONAL_V1 request 433438160 [ HASH N(NO_PROP) ]
170
2014-12-20 23:50:42	System0.Inf	192.168.8.3	Dec 20 23:50:41 charon: 16[IKE] <con7|1> received NO_PROPOSAL_CHOSEN error notify
171
2014-12-20 23:50:42	Daemon.Info	192.168.8.3	Dec 20 23:50:41 charon: 16[IKE] received NO_PROPOSAL_CHOSEN error notify
172
## fails to ping .191