Title | Test IKEv2.EN.I.1.1.3.2: State Synchronization with IKE message |
CommandLine | ./1-EN-I/IKEv2-EN-I-1-1-3-2-A.seq -log 10.html -ti Test IKEv2.EN.I.1.1.3.2: State Synchronization with IKE message |
TestVersion | REL_1_0_3 |
ToolVersion | REL_2_1_6 |
Start | 2010/03/09 03:40:30 |
Tn | /usr/local/koi//etc//tn.def |
Nu | /usr/local/koi//etc//nut.def |
03:40:30 | Start | ||||||||||||||||||||||||||||||
TEST SETUP | |||||||||||||||||||||||||||||||
initializing IKEv2 module ... | |||||||||||||||||||||||||||||||
configuring Common Topology for End-Node: End-Node to End-Node ... | |||||||||||||||||||||||||||||||
parsing ./config.pl ... | |||||||||||||||||||||||||||||||
| |||||||||||||||||||||||||||||||
setting up TN ... | |||||||||||||||||||||||||||||||
03:40:30 |
ikev2Local("/sbin/sysctl -w net.inet6.ip6.forwarding=1")net.inet6.ip6.forwarding: 0 -> 1 |
||||||||||||||||||||||||||||||
03:40:30 |
ikev2Local("/sbin/ifconfig -a")em0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500 options=19b<RXCSUM,TXCSUM,VLAN_MTU,VLAN_HWTAGGING,VLAN_HWCSUM,TSO4> ether 00:23:ae:9d:94:70 inet6 fe80::223:aeff:fe9d:9470%em0 prefixlen 64 scopeid 0x1 inet 10.66.70.72 netmask 0xffffff00 broadcast 10.66.70.255 media: Ethernet autoselect (1000baseT <full-duplex>) status: active rl0: flags=8943<UP,BROADCAST,RUNNING,PROMISC,SIMPLEX,MULTICAST> metric 0 mtu 1500 options=8<VLAN_MTU> ether 00:e0:4c:0d:51:49 inet 192.168.0.20 netmask 0xffffff00 broadcast 192.168.0.255 inet6 fe80::2e0:4cff:fe0d:5149%rl0 prefixlen 64 scopeid 0x2 media: Ethernet autoselect (100baseTX <full-duplex>) status: active rl1: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500 options=8<VLAN_MTU> ether 00:1d:0f:0f:be:4e inet6 fe80::21d:fff:fe0f:be4e%rl1 prefixlen 64 scopeid 0x3 media: Ethernet autoselect (none) status: no carrier plip0: flags=8810<POINTOPOINT,SIMPLEX,MULTICAST> metric 0 mtu 1500 lo0: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> metric 0 mtu 16384 options=3<RXCSUM,TXCSUM> inet 127.0.0.1 netmask 0xff000000 inet6 ::1 prefixlen 128 inet6 fe80::1%lo0 prefixlen 64 scopeid 0x5 |
||||||||||||||||||||||||||||||
03:40:30 |
ikev2Local("/sbin/ifconfig rl0 inet6 fe80::f%rl0/64") |
||||||||||||||||||||||||||||||
03:40:30 |
ikev2Local("/sbin/ifconfig rl0 inet6 2001:0db8:0001:0001::f/64") |
||||||||||||||||||||||||||||||
03:40:30 |
ikev2Local("/sbin/ifconfig lo1 create") |
||||||||||||||||||||||||||||||
03:40:30 |
ikev2Local("/sbin/ifconfig lo1 up") |
||||||||||||||||||||||||||||||
03:40:30 |
ikev2Local("/sbin/ifconfig lo1 inet6 2001:0db8:000f:0001::1/64") |
||||||||||||||||||||||||||||||
03:40:33 |
ikev2Local("/sbin/ifconfig -a")em0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500 options=19b<RXCSUM,TXCSUM,VLAN_MTU,VLAN_HWTAGGING,VLAN_HWCSUM,TSO4> ether 00:23:ae:9d:94:70 inet6 fe80::223:aeff:fe9d:9470%em0 prefixlen 64 scopeid 0x1 inet 10.66.70.72 netmask 0xffffff00 broadcast 10.66.70.255 media: Ethernet autoselect (1000baseT <full-duplex>) status: active rl0: flags=8943<UP,BROADCAST,RUNNING,PROMISC,SIMPLEX,MULTICAST> metric 0 mtu 1500 options=8<VLAN_MTU> ether 00:e0:4c:0d:51:49 inet 192.168.0.20 netmask 0xffffff00 broadcast 192.168.0.255 inet6 fe80::2e0:4cff:fe0d:5149%rl0 prefixlen 64 scopeid 0x2 inet6 fe80::f%rl0 prefixlen 64 scopeid 0x2 inet6 2001:db8:1:1::f prefixlen 64 media: Ethernet autoselect (100baseTX <full-duplex>) status: active rl1: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500 options=8<VLAN_MTU> ether 00:1d:0f:0f:be:4e inet6 fe80::21d:fff:fe0f:be4e%rl1 prefixlen 64 scopeid 0x3 media: Ethernet autoselect (none) status: no carrier plip0: flags=8810<POINTOPOINT,SIMPLEX,MULTICAST> metric 0 mtu 1500 lo0: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> metric 0 mtu 16384 options=3<RXCSUM,TXCSUM> inet 127.0.0.1 netmask 0xff000000 inet6 ::1 prefixlen 128 inet6 fe80::1%lo0 prefixlen 64 scopeid 0x5 lo1: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> metric 0 mtu 16384 options=3<RXCSUM,TXCSUM> inet6 2001:db8:f:1::1 prefixlen 64 |
||||||||||||||||||||||||||||||
03:40:33 |
ikev2Local("/sbin/setkey -D")No SAD entries. |
||||||||||||||||||||||||||||||
03:40:33 |
ikev2Local("/sbin/setkey -F") |
||||||||||||||||||||||||||||||
03:40:36 |
ikev2Local("/sbin/setkey -D")No SAD entries. |
||||||||||||||||||||||||||||||
03:40:36 |
ikev2Local("/sbin/setkey -DP")No SPD entries. |
||||||||||||||||||||||||||||||
03:40:36 |
ikev2Local("/sbin/setkey -FP") |
||||||||||||||||||||||||||||||
03:40:40 |
ikev2Local("/sbin/setkey -DP")No SPD entries. |
||||||||||||||||||||||||||||||
setting up NUT ... | |||||||||||||||||||||||||||||||
03:40:40 |
kRemote(ifconfig.rmt) ``/usr/local/koi/bin/remotes/manual//ifconfig.rmt ifconfig.address=2001:0db8:0001:0001::1234/64 ifconfig.address_family=inet6 ifconfig.interface=eth0'' kRemote()... /usr/local/koi/bin/remotes/manual//ifconfig.rmt ifconfig.address=2001:0db8:0001:0001::1234/64 ifconfig.address_family=inet6 ifconfig.interface=eth0 ifconfig> ifconfig> ifconfig.address: 2001:0db8:0001:0001::1234/64 ifconfig> ifconfig.address_family: inet6 ifconfig> ifconfig.interface: eth0 ifconfig> ifconfig> Press Enter key for continue. ifconfig> | ||||||||||||||||||||||||||||||
03:40:42 |
kRemote(route.rmt) ``/usr/local/koi/bin/remotes/manual//route.rmt route.0.address_family=inet6 route.0.gateway=fe80::f%eth0 route.0.interface=eth0 route.0.network=2001:0db8:000f:0001::/64 route.num=1'' kRemote()... /usr/local/koi/bin/remotes/manual//route.rmt route.0.address_family=inet6 route.0.gateway=fe80::f%eth0 route.0.interface=eth0 route.0.network=2001:0db8:000f:0001::/64 route.num=1 route> route> route.0.address_family: inet6 route> route.0.gateway: fe80::f%eth0 route> route.0.interface: eth0 route> route.0.network: 2001:0db8:000f:0001::/64 route> route.num: 1 route> route> Press Enter key for continue. route> | ||||||||||||||||||||||||||||||
03:40:42 |
kRemote(ikev2.rmt) ``/usr/local/koi/bin/remotes/manual//ikev2.rmt operation=stop'' kRemote()... /usr/local/koi/bin/remotes/manual//ikev2.rmt operation=stop ikev2> ikev2> operation: stop ikev2> ikev2> Press Enter key for continue. ikev2> | ||||||||||||||||||||||||||||||
03:40:45 |
kRemote(ikev2.rmt) ``/usr/local/koi/bin/remotes/manual//ikev2.rmt ikev2.addresspool.0.eaddr= ikev2.addresspool.0.saddr= ikev2.addresspool.num=1 ikev2.interface.ike.0.address=2001:0db8:0001:0001::1234 ikev2.interface.ike.0.port=500 ikev2.interface.ike.num=1 ikev2.ipsec.0.ext_sequence=off ikev2.ipsec.0.ipsec_index=common_ipsec_index ikev2.ipsec.0.ipsec_sa_lifetime_time=128 ikev2.ipsec.0.sa_index.0=common_sa_index ikev2.ipsec.0.sa_index.num=1 ikev2.ipsec.num=1 ikev2.policy.0.ipsec_index.0=common_ipsec_index ikev2.policy.0.ipsec_index.num=1 ikev2.policy.0.ipsec_mode=transport ikev2.policy.0.policy_index=common_policy_index ikev2.policy.0.remote_index=common_remote_index ikev2.policy.num=1 ikev2.remote.0.ikev2.initial_contact.initial_contact=off ikev2.remote.0.ikev2.kmp_auth_method.0=psk ikev2.remote.0.ikev2.kmp_auth_method.num=1 ikev2.remote.0.ikev2.kmp_dh_group.0=modp1024 ikev2.remote.0.ikev2.kmp_dh_group.num=1 ikev2.remote.0.ikev2.kmp_enc_alg.0=3des_cbc ikev2.remote.0.ikev2.kmp_enc_alg.num=1 ikev2.remote.0.ikev2.kmp_hash_alg.0=hmac_sha1 ikev2.remote.0.ikev2.kmp_hash_alg.num=1 ikev2.remote.0.ikev2.kmp_prf_alg.0=hmac_sha1 ikev2.remote.0.ikev2.kmp_prf_alg.num=1 ikev2.remote.0.ikev2.kmp_sa_lifetime_time=64 ikev2.remote.0.ikev2.my_id.fqdn.num=0 ikev2.remote.0.ikev2.my_id.ipaddr.0=2001:0db8:0001:0001::1234 ikev2.remote.0.ikev2.my_id.ipaddr.num=1 ikev2.remote.0.ikev2.my_id.keyid.num=0 ikev2.remote.0.ikev2.my_id.rfc822addr.num=0 ikev2.remote.0.ikev2.need_pfs=off ikev2.remote.0.ikev2.peers_id.fqdn.num=0 ikev2.remote.0.ikev2.peers_id.ipaddr.0=2001:0db8:000f:0001::1 ikev2.remote.0.ikev2.peers_id.ipaddr.num=1 ikev2.remote.0.ikev2.peers_id.keyid.num=0 ikev2.remote.0.ikev2.peers_id.rfc822addr.num=0 ikev2.remote.0.ikev2.peers_ipaddr.address=2001:0db8:000f:0001::1 ikev2.remote.0.ikev2.peers_ipaddr.port=500 ikev2.remote.0.ikev2.pre_shared_key.local=IKETEST12345678! ikev2.remote.0.ikev2.pre_shared_key.remote=IKETEST12345678! ikev2.remote.0.ikev2.send_cert_req.send_cert_req=on ikev2.remote.0.remote_index=common_remote_index ikev2.remote.num=1 ikev2.sa.0.esp_auth_alg.0=hmac_sha1 ikev2.sa.0.esp_auth_alg.num=1 ikev2.sa.0.esp_enc_alg.0=3des_cbc ikev2.sa.0.esp_enc_alg.num=1 ikev2.sa.0.sa_index=common_sa_index ikev2.sa.0.sa_protocol=esp ikev2.sa.num=1 ikev2.selector.0.direction=outbound ikev2.selector.0.dst.address=2001:0db8:000f:0001::1 ikev2.selector.0.dst.address_family=inet6 ikev2.selector.0.policy_index=common_policy_index ikev2.selector.0.selector_index=common_selector_index_outbound ikev2.selector.0.src.address=2001:0db8:0001:0001::1234 ikev2.selector.0.src.address_family=inet6 ikev2.selector.0.upper_layer_protocol.protocol=any ikev2.selector.1.direction=inbound ikev2.selector.1.dst.address=2001:0db8:0001:0001::1234 ikev2.selector.1.dst.address_family=inet6 ikev2.selector.1.policy_index=common_policy_index ikev2.selector.1.selector_index=common_selector_index_inbound ikev2.selector.1.src.address=2001:0db8:000f:0001::1 ikev2.selector.1.src.address_family=inet6 ikev2.selector.1.upper_layer_protocol.protocol=any ikev2.selector.num=2'' kRemote()... /usr/local/koi/bin/remotes/manual//ikev2.rmt ikev2.addresspool.0.eaddr= ikev2.addresspool.0.saddr= ikev2.addresspool.num=1 ikev2.interface.ike.0.address=2001:0db8:0001:0001::1234 ikev2.interface.ike.0.port=500 ikev2.interface.ike.num=1 ikev2.ipsec.0.ext_sequence=off ikev2.ipsec.0.ipsec_index=common_ipsec_index ikev2.ipsec.0.ipsec_sa_lifetime_time=128 ikev2.ipsec.0.sa_index.0=common_sa_index ikev2.ipsec.0.sa_index.num=1 ikev2.ipsec.num=1 ikev2.policy.0.ipsec_index.0=common_ipsec_index ikev2.policy.0.ipsec_index.num=1 ikev2.policy.0.ipsec_mode=transport ikev2.policy.0.policy_index=common_policy_index ikev2.policy.0.remote_index=common_remote_index ikev2.policy.num=1 ikev2.remote.0.ikev2.initial_contact.initial_contact=off ikev2.remote.0.ikev2.kmp_auth_method.0=psk ikev2.remote.0.ikev2.kmp_auth_method.num=1 ikev2.remote.0.ikev2.kmp_dh_group.0=modp1024 ikev2.remote.0.ikev2.kmp_dh_group.num=1 ikev2.remote.0.ikev2.kmp_enc_alg.0=3des_cbc ikev2.remote.0.ikev2.kmp_enc_alg.num=1 ikev2.remote.0.ikev2.kmp_hash_alg.0=hmac_sha1 ikev2.remote.0.ikev2.kmp_hash_alg.num=1 ikev2.remote.0.ikev2.kmp_prf_alg.0=hmac_sha1 ikev2.remote.0.ikev2.kmp_prf_alg.num=1 ikev2.remote.0.ikev2.kmp_sa_lifetime_time=64 ikev2.remote.0.ikev2.my_id.fqdn.num=0 ikev2.remote.0.ikev2.my_id.ipaddr.0=2001:0db8:0001:0001::1234 ikev2.remote.0.ikev2.my_id.ipaddr.num=1 ikev2.remote.0.ikev2.my_id.keyid.num=0 ikev2.remote.0.ikev2.my_id.rfc822addr.num=0 ikev2.remote.0.ikev2.need_pfs=off ikev2.remote.0.ikev2.peers_id.fqdn.num=0 ikev2.remote.0.ikev2.peers_id.ipaddr.0=2001:0db8:000f:0001::1 ikev2.remote.0.ikev2.peers_id.ipaddr.num=1 ikev2.remote.0.ikev2.peers_id.keyid.num=0 ikev2.remote.0.ikev2.peers_id.rfc822addr.num=0 ikev2.remote.0.ikev2.peers_ipaddr.address=2001:0db8:000f:0001::1 ikev2.remote.0.ikev2.peers_ipaddr.port=500 ikev2.remote.0.ikev2.pre_shared_key.local=IKETEST12345678! ikev2.remote.0.ikev2.pre_shared_key.remote=IKETEST12345678! ikev2.remote.0.ikev2.send_cert_req.send_cert_req=on ikev2.remote.0.remote_index=common_remote_index ikev2.remote.num=1 ikev2.sa.0.esp_auth_alg.0=hmac_sha1 ikev2.sa.0.esp_auth_alg.num=1 ikev2.sa.0.esp_enc_alg.0=3des_cbc ikev2.sa.0.esp_enc_alg.num=1 ikev2.sa.0.sa_index=common_sa_index ikev2.sa.0.sa_protocol=esp ikev2.sa.num=1 ikev2.selector.0.direction=outbound ikev2.selector.0.dst.address=2001:0db8:000f:0001::1 ikev2.selector.0.dst.address_family=inet6 ikev2.selector.0.policy_index=common_policy_index ikev2.selector.0.selector_index=common_selector_index_outbound ikev2.selector.0.src.address=2001:0db8:0001:0001::1234 ikev2.selector.0.src.address_family=inet6 ikev2.selector.0.upper_layer_protocol.protocol=any ikev2.selector.1.direction=inbound ikev2.selector.1.dst.address=2001:0db8:0001:0001::1234 ikev2.selector.1.dst.address_family=inet6 ikev2.selector.1.policy_index=common_policy_index ikev2.selector.1.selector_index=common_selector_index_inbound ikev2.selector.1.src.address=2001:0db8:000f:0001::1 ikev2.selector.1.src.address_family=inet6 ikev2.selector.1.upper_layer_protocol.protocol=any ikev2.selector.num=2 ikev2> ikev2> ikev2.addresspool.0.eaddr: 1 ikev2> ikev2.addresspool.0.saddr: 1 ikev2> ikev2.addresspool.num: 1 ikev2> ikev2.interface.ike.0.address: 2001:0db8:0001:0001::1234 ikev2> ikev2.interface.ike.0.port: 500 ikev2> ikev2.interface.ike.num: 1 ikev2> ikev2.ipsec.0.ext_sequence: off ikev2> ikev2.ipsec.0.ipsec_index: common_ipsec_index ikev2> ikev2.ipsec.0.ipsec_sa_lifetime_time: 128 ikev2> ikev2.ipsec.0.sa_index.0: common_sa_index ikev2> ikev2.ipsec.0.sa_index.num: 1 ikev2> ikev2.ipsec.num: 1 ikev2> ikev2.policy.0.ipsec_index.0: common_ipsec_index ikev2> ikev2.policy.0.ipsec_index.num: 1 ikev2> ikev2.policy.0.ipsec_mode: transport ikev2> ikev2.policy.0.policy_index: common_policy_index ikev2> ikev2.policy.0.remote_index: common_remote_index ikev2> ikev2.policy.num: 1 ikev2> ikev2.remote.0.ikev2.initial_contact.initial_contact: off ikev2> ikev2.remote.0.ikev2.kmp_auth_method.0: psk ikev2> ikev2.remote.0.ikev2.kmp_auth_method.num: 1 ikev2> ikev2.remote.0.ikev2.kmp_dh_group.0: modp1024 ikev2> ikev2.remote.0.ikev2.kmp_dh_group.num: 1 ikev2> ikev2.remote.0.ikev2.kmp_enc_alg.0: 3des_cbc ikev2> ikev2.remote.0.ikev2.kmp_enc_alg.num: 1 ikev2> ikev2.remote.0.ikev2.kmp_hash_alg.0: hmac_sha1 ikev2> ikev2.remote.0.ikev2.kmp_hash_alg.num: 1 ikev2> ikev2.remote.0.ikev2.kmp_prf_alg.0: hmac_sha1 ikev2> ikev2.remote.0.ikev2.kmp_prf_alg.num: 1 ikev2> ikev2.remote.0.ikev2.kmp_sa_lifetime_time: 64 ikev2> ikev2.remote.0.ikev2.my_id.fqdn.num: 0 ikev2> ikev2.remote.0.ikev2.my_id.ipaddr.0: 2001:0db8:0001:0001::1234 ikev2> ikev2.remote.0.ikev2.my_id.ipaddr.num: 1 ikev2> ikev2.remote.0.ikev2.my_id.keyid.num: 0 ikev2> ikev2.remote.0.ikev2.my_id.rfc822addr.num: 0 ikev2> ikev2.remote.0.ikev2.need_pfs: off ikev2> ikev2.remote.0.ikev2.peers_id.fqdn.num: 0 ikev2> ikev2.remote.0.ikev2.peers_id.ipaddr.0: 2001:0db8:000f:0001::1 ikev2> ikev2.remote.0.ikev2.peers_id.ipaddr.num: 1 ikev2> ikev2.remote.0.ikev2.peers_id.keyid.num: 0 ikev2> ikev2.remote.0.ikev2.peers_id.rfc822addr.num: 0 ikev2> ikev2.remote.0.ikev2.peers_ipaddr.address: 2001:0db8:000f:0001::1 ikev2> ikev2.remote.0.ikev2.peers_ipaddr.port: 500 ikev2> ikev2.remote.0.ikev2.pre_shared_key.local: IKETEST12345678! ikev2> ikev2.remote.0.ikev2.pre_shared_key.remote: IKETEST12345678! ikev2> ikev2.remote.0.ikev2.send_cert_req.send_cert_req: on ikev2> ikev2.remote.0.remote_index: common_remote_index ikev2> ikev2.remote.num: 1 ikev2> ikev2.sa.0.esp_auth_alg.0: hmac_sha1 ikev2> ikev2.sa.0.esp_auth_alg.num: 1 ikev2> ikev2.sa.0.esp_enc_alg.0: 3des_cbc ikev2> ikev2.sa.0.esp_enc_alg.num: 1 ikev2> ikev2.sa.0.sa_index: common_sa_index ikev2> ikev2.sa.0.sa_protocol: esp ikev2> ikev2.sa.num: 1 ikev2> ikev2.selector.0.direction: outbound ikev2> ikev2.selector.0.dst.address: 2001:0db8:000f:0001::1 ikev2> ikev2.selector.0.dst.address_family: inet6 ikev2> ikev2.selector.0.policy_index: common_policy_index ikev2> ikev2.selector.0.selector_index: common_selector_index_outbound ikev2> ikev2.selector.0.src.address: 2001:0db8:0001:0001::1234 ikev2> ikev2.selector.0.src.address_family: inet6 ikev2> ikev2.selector.0.upper_layer_protocol.protocol: any ikev2> ikev2.selector.1.direction: inbound ikev2> ikev2.selector.1.dst.address: 2001:0db8:0001:0001::1234 ikev2> ikev2.selector.1.dst.address_family: inet6 ikev2> ikev2.selector.1.policy_index: common_policy_index ikev2> ikev2.selector.1.selector_index: common_selector_index_inbound ikev2> ikev2.selector.1.src.address: 2001:0db8:000f:0001::1 ikev2> ikev2.selector.1.src.address_family: inet6 ikev2> ikev2.selector.1.upper_layer_protocol.protocol: any ikev2> ikev2.selector.num: 2 ikev2> ikev2> Press Enter key for continue. ikev2> | ||||||||||||||||||||||||||||||
TEST PROCEDURE | |||||||||||||||||||||||||||||||
(I) (R) NUT TN1 | | |-------------->| IKE_SA_INIT request (HDR, SAi1, KEi, Ni) | | V V | |||||||||||||||||||||||||||||||
03:40:56 |
Clear Buffer done |
||||||||||||||||||||||||||||||
03:40:56 |
kRemoteAsync(ikev2.rmt) ``/usr/local/koi/bin/remotes/manual//ikev2.rmt selector.direction=outbound selector.dst.address=2001:0db8:000f:0001::1 selector.dst.address_family=inet6 selector.policy_index=common_policy_index selector.selector_index=common_selector_index_outbound selector.src.address=2001:0db8:0001:0001::1234 selector.src.address_family=inet6 selector.upper_layer_protocol.protocol=any target=2001:0db8:000f:0001::1 operation=initiate'' kRemoteAsync()... /usr/local/koi/bin/remotes/manual//ikev2.rmt selector.direction=outbound selector.dst.address=2001:0db8:000f:0001::1 selector.dst.address_family=inet6 selector.policy_index=common_policy_index selector.selector_index=common_selector_index_outbound selector.src.address=2001:0db8:0001:0001::1234 selector.src.address_family=inet6 selector.upper_layer_protocol.protocol=any target=2001:0db8:000f:0001::1 operation=initiate Link to remote control log |
||||||||||||||||||||||||||||||
03:40:56 |
Listen SrcAddr:2001:0db8:000f:0001::1 SrcPort:500 done listening at SocketID:3 |
||||||||||||||||||||||||||||||
03:40:56 |
Receive SrcAddr:2001:db8:1:1::1234 SrcPort:500 DstAddr:2001:db8:f:1::1 DstPort:500 done received from SocketID:4 receive 1st packet |
||||||||||||||||||||||||||||||
compare the received packet with packets('common_remote_index') | |||||||||||||||||||||||||||||||
03:41:03 | Checking Payload Order ... | ||||||||||||||||||||||||||||||
OK: Payload Order ('HDR', 'SA', 'KE', 'Ni, Nr', 'V') | |||||||||||||||||||||||||||||||
03:41:03 | Preparing Expected Packet ... | ||||||||||||||||||||||||||||||
OK: Added Payloads:Added#0 vendorID = 24533135371380597343774798968 inserted = 4 added = 1 self = V critical = 0 length = 16 nexttype = 0 reserved = 0 offset = 228OK: Modified Payloads: Modified#0 critical = 0 length = ARRAY(0x8a7c904) length_comparator = range nexttype = V self = Ni, Nr nonce = NaN reserved = 0 modified = nexttype(0 -> V) | |||||||||||||||||||||||||||||||
03:41:03 | Checking Fields ... | ||||||||||||||||||||||||||||||
IKE Header OK initSPI: (received: 6bc2bc18126922fb, expected: 0000000000000000, comp: ne) OK respSPI: (received: 0000000000000000, expected: 0000000000000000, comp: eq) OK nexttype: (received: SA, expected: SA, comp: eq) OK major: (received: 2, expected: 2, comp: eq) OK minor: (received: 0, expected: 0, comp: eq) OK exchType: (received: IKE_SA_INIT, expected: IKE_SA_INIT, comp: eq) OK reserved1: (received: 0, expected: 0, comp: eq) OK initiator: (received: 1, expected: 1, comp: eq) OK higher: (received: 0, expected: 0, comp: eq) OK response: (received: 0, expected: 0, comp: eq) OK reserved2: (received: 0, expected: 0, comp: eq) OK messID: (received: 0, expected: 0, comp: eq) OK length: (received: 244, expected: any, comp: eq) | |||||||||||||||||||||||||||||||
SA Proposal Comparison OK ENCR: (received:ENCR_3DES, expected:ENCR_3DES) OK PRF: (received:PRF_HMAC_SHA1, expected:PRF_HMAC_SHA1) OK INTEG: (received:INTEG_HMAC_SHA1_96, expected:INTEG_HMAC_SHA1_96) OK D-H: (received:D-H_1024 MODP Group, expected:D-H_1024 MODP Group) OK ESN: (received:, expected:) | |||||||||||||||||||||||||||||||
Security Association Payload OK nexttype: (received:KE, expected:KE, comp: ne) OK reserved: (received:0, expected:0, comp: eq) OK critical: (received:0, expected:0, comp: eq) OK length: (received:44, expected:44, comp: eq) | |||||||||||||||||||||||||||||||
Proposal Substructure OK nexttype: (received:0, expected:0, comp: eq) OK reserved: (received:0, expected:0, comp: eq) OK number: (received:1, expected:1, comp: eq) OK proposalLen: (received:40, expected:40, comp: eq) OK transformCount: (received:4, expected:4, comp: eq) OK id: (received:IKE, expected:IKE, comp: eq) OK spiSize: (received:0, expected:0, comp: eq) | |||||||||||||||||||||||||||||||
Transform Substructure OK nexttype: (received:3, expected:3, comp: eq) OK reserved1: (received:0, expected:0, comp: eq) OK transformLen: (received:8, expected:8, comp: eq) OK type: (received:ENCR, expected:ENCR, comp: eq) OK reserved2: (received:0, expected:0, comp: eq) OK id: (received:3DES, expected:3DES, comp: eq) | |||||||||||||||||||||||||||||||
Transform Substructure OK nexttype: (received:3, expected:3, comp: eq) OK reserved1: (received:0, expected:0, comp: eq) OK transformLen: (received:8, expected:8, comp: eq) OK type: (received:INTEG, expected:INTEG, comp: eq) OK reserved2: (received:0, expected:0, comp: eq) OK id: (received:HMAC_SHA1_96, expected:HMAC_SHA1_96, comp: eq) | |||||||||||||||||||||||||||||||
Transform Substructure OK nexttype: (received:3, expected:3, comp: eq) OK reserved1: (received:0, expected:0, comp: eq) OK transformLen: (received:8, expected:8, comp: eq) OK type: (received:PRF, expected:PRF, comp: eq) OK reserved2: (received:0, expected:0, comp: eq) OK id: (received:HMAC_SHA1, expected:HMAC_SHA1, comp: eq) | |||||||||||||||||||||||||||||||
Transform Substructure OK nexttype: (received:0, expected:0, comp: eq) OK reserved1: (received:0, expected:0, comp: eq) OK transformLen: (received:8, expected:8, comp: eq) OK type: (received:D-H, expected:D-H, comp: eq) OK reserved2: (received:0, expected:0, comp: eq) OK id: (received:1024 MODP Group, expected:1024 MODP Group, comp: eq) | |||||||||||||||||||||||||||||||
Key Exchange Payload OK nexttype: (received: Ni, Nr, expected: Ni, Nr, comp: eq) OK critical: (received: 0, expected: 0, comp: eq) OK reserved: (received: 0, expected: 0, comp: eq) OK length: (received: 136, expected: 136, comp: eq) OK group: (received: 2, expected: 2, comp: eq) OK reserved1: (received: 0, expected: 0, comp: eq) OK publicKey: (received: 0x2af2fc48563853a949531a10aa36fae3616fa2e4564515962b916073fe1aa11c13b00cb2fe5a8587f11c60310c6d39663996715ceb9d4c9e449a6e56d3bf3cc8856687c4355c36a4b5bfc0285a067f90cc7fe6b653c753d65687f67b89ed5532495f0d9f22c4052db287258a370c53d565d884ddb2ccb16bb0b12ebb202d0ff6, expected: any, comp: eq) | |||||||||||||||||||||||||||||||
Nonce Payload OK nexttype: (received: V, expected: V, comp: eq) OK critical: (received: 0, expected: 0, comp: eq) OK reserved: (received: 0, expected: 0, comp: eq) OK length: (received: 20, expected: [20-260], comp: range) OK nonce: (received: 0x28f8ce4ce4bfb5554b0496240b92d0e0, expected: any, comp: eq) | |||||||||||||||||||||||||||||||
Vendor Payload OK nexttype: (received: 0, expected: 0, comp: eq) OK critical: (received: 0, expected: 0, comp: eq) OK reserved: (received: 0, expected: 0, comp: eq) OK length: (received: 16, expected: 16, comp: eq) OK vendorID: (received: 24533135371380597343774798968, expected: 24533135371380597343774798968, comp: eq) | |||||||||||||||||||||||||||||||
Match with packet('common_remote_index') | |||||||||||||||||||||||||||||||
(I) (R) NUT TN1 | | |<--------------| IKE_SA_INIT response (HDR, SAr1, KEr, Nr) | | V V | |||||||||||||||||||||||||||||||
03:41:03 |
Clear Buffer done |
||||||||||||||||||||||||||||||
03:41:03 |
Send done sent to SocketID:4 send 2nd packet |
||||||||||||||||||||||||||||||
| |||||||||||||||||||||||||||||||
(I) (R) NUT TN1 | | |-------------->| IKE_AUTH request (HDR, SK {IDi, AUTH, N(USE_TRANSPORT_MODE), SAi2, TSi, TSr}) | | V V | |||||||||||||||||||||||||||||||
03:41:03 |
Receive SrcAddr:2001:db8:1:1::1234 SrcPort:500 DstAddr:2001:db8:f:1::1 DstPort:500 done received from SocketID:4 receive 3rd packet |
||||||||||||||||||||||||||||||
Authentication Success. expected(64d9fea1b40b76ab15328a42e3a89932390991ef) received(64d9fea1b40b76ab15328a42e3a89932390991ef) | |||||||||||||||||||||||||||||||
compare the received packet with packets('common_remote_index') | |||||||||||||||||||||||||||||||
03:41:03 | Checking Payload Order ... | ||||||||||||||||||||||||||||||
OK: Payload Order ('HDR', 'E', 'IDi', 'AUTH', 'SA', 'TSi', 'TSr', 'N') | |||||||||||||||||||||||||||||||
03:41:03 | Preparing Expected Packet ... | ||||||||||||||||||||||||||||||
OK: Added Payloads:Added#0 paylen = 4 inserted = 6 added = 1 self = N spi = data = critical = 0 length = 8 nexttype = 0 spiSize = 0 id = 0 type = USE_TRANSPORT_MODE reserved = 0 offset = 304OK: Modified Payloads: Modified#0 count = 1 self = TSr modified = nexttype(0 -> N) selectors = ARRAY(0x8ab6c54) critical = 0 reserved1 = 0 length = 48 nexttype = N reserved = 0 | |||||||||||||||||||||||||||||||
03:41:03 | Checking Fields ... | ||||||||||||||||||||||||||||||
IKE Header OK initSPI: (received: 6bc2bc18126922fb, expected: 6bc2bc18126922fb, comp: eq) OK respSPI: (received: c054693cefd56477, expected: c054693cefd56477, comp: eq) OK nexttype: (received: E, expected: E, comp: eq) OK major: (received: 2, expected: 2, comp: eq) OK minor: (received: 0, expected: 0, comp: eq) OK exchType: (received: IKE_AUTH, expected: IKE_AUTH, comp: eq) OK reserved1: (received: 0, expected: 0, comp: eq) OK initiator: (received: 1, expected: 1, comp: eq) OK higher: (received: 0, expected: 0, comp: eq) OK response: (received: 0, expected: 0, comp: eq) OK reserved2: (received: 0, expected: 0, comp: eq) OK messID: (received: 1, expected: 1, comp: eq) OK length: (received: 372, expected: any, comp: eq) | |||||||||||||||||||||||||||||||
Encrypted Payload OK innerType: (received: IDi, expected: IDi, comp: eq) OK critical: (received: 0, expected: 0, comp: eq) OK reserved: (received: 0, expected: 0, comp: eq) OK length: (received: 32, expected: any, comp: eq) OK iv: (received: 4E3CE884 253778A2, expected: any, comp: eq) OK checksum: (received: 501EAC54 B7FBC7B8 0D898BD8, expected: any, comp: eq) | |||||||||||||||||||||||||||||||
Identification Payload - Initiator OK nexttype: (received: AUTH, expected: AUTH, comp: eq) OK critical: (received: 0, expected: 0, comp: eq) OK reserved: (received: 0, expected: 0, comp: eq) OK length: (received: 24, expected: 24, comp: eq) OK type: (received: IPV6_ADDR, expected: IPV6_ADDR, comp: eq) OK reserved1: (received: 0, expected: 0, comp: eq) OK value: (received: 20010DB8 00010001 00000000 00001234, expected: 20010DB8 00010001 00000000 00001234, comp: eq) | |||||||||||||||||||||||||||||||
Authentication Payload OK nexttype: (received: SA, expected: SA, comp: eq) OK critical: (received: 0, expected: 0, comp: eq) OK reserved: (received: 0, expected: 0, comp: eq) OK length: (received: 28, expected: any, comp: eq) OK method: (received: SK_MIC, expected: SK_MIC, comp: eq) OK reserved1: (received: 0, expected: 0, comp: eq) OK data: (received: 64d9fea1b40b76ab15328a42e3a89932390991ef, expected: any, comp: eq) | |||||||||||||||||||||||||||||||
SA Proposal Comparison OK ENCR: (received:ENCR_3DES, expected:ENCR_3DES) OK PRF: (received:, expected:) OK INTEG: (received:INTEG_HMAC_SHA1_96, expected:INTEG_HMAC_SHA1_96) OK D-H: (received:, expected:) OK ESN: (received:ESN_No ESN, expected:ESN_No ESN) | |||||||||||||||||||||||||||||||
Security Association Payload OK nexttype: (received:TSi, expected:TSi, comp: ne) OK reserved: (received:0, expected:0, comp: eq) OK critical: (received:0, expected:0, comp: eq) OK length: (received:156, expected:156, comp: eq) | |||||||||||||||||||||||||||||||
Proposal Substructure OK nexttype: (received:2, expected:2, comp: eq) OK reserved: (received:0, expected:0, comp: eq) OK number: (received:1, expected:1, comp: eq) OK id: (received:ESP, expected:ESP, comp: eq) OK proposalLen: (received:40, expected:40, comp: eq) OK transformCount: (received:3, expected:3, comp: eq) OK spiSize: (received:4, expected:4, comp: eq) OK spi: (received:cf1e028a, expected:any, comp: eq) | |||||||||||||||||||||||||||||||
Transform Substructure OK nexttype: (received:3, expected:3, comp: eq) OK reserved1: (received:0, expected:0, comp: eq) OK transformLen: (received:12, expected:12, comp: eq) OK type: (received:ENCR, expected:ENCR, comp: eq) OK reserved2: (received:0, expected:0, comp: eq) OK id: (received:AES_CBC, expected:AES_CBC, comp: eq) | |||||||||||||||||||||||||||||||
Transform Attribute OK type: (received:Key Length, expected:Key Length, comp: eq) OK value: (received:128, expected:128, comp: eq) | |||||||||||||||||||||||||||||||
Transform Substructure OK nexttype: (received:3, expected:3, comp: eq) OK reserved1: (received:0, expected:0, comp: eq) OK transformLen: (received:8, expected:8, comp: eq) OK type: (received:INTEG, expected:INTEG, comp: eq) OK reserved2: (received:0, expected:0, comp: eq) OK id: (received:HMAC_SHA1_96, expected:HMAC_SHA1_96, comp: eq) | |||||||||||||||||||||||||||||||
Transform Substructure OK nexttype: (received:0, expected:0, comp: eq) OK reserved1: (received:0, expected:0, comp: eq) OK transformLen: (received:8, expected:8, comp: eq) OK type: (received:ESN, expected:ESN, comp: eq) OK reserved2: (received:0, expected:0, comp: eq) OK id: (received:No ESN, expected:No ESN, comp: eq) | |||||||||||||||||||||||||||||||
Proposal Substructure OK nexttype: (received:2, expected:2, comp: eq) OK reserved: (received:0, expected:0, comp: eq) OK number: (received:2, expected:0, comp: ne) OK id: (received:ESP, expected:ESP, comp: eq) OK proposalLen: (received:40, expected:40, comp: eq) OK transformCount: (received:3, expected:3, comp: eq) OK spiSize: (received:4, expected:4, comp: eq) OK spi: (received:cf1e028a, expected:any, comp: eq) | |||||||||||||||||||||||||||||||
Transform Substructure OK nexttype: (received:3, expected:3, comp: eq) OK reserved1: (received:0, expected:0, comp: eq) OK transformLen: (received:12, expected:12, comp: eq) OK type: (received:ENCR, expected:ENCR, comp: eq) OK reserved2: (received:0, expected:0, comp: eq) OK id: (received:AES_CBC, expected:AES_CBC, comp: eq) | |||||||||||||||||||||||||||||||
Transform Attribute OK type: (received:Key Length, expected:Key Length, comp: eq) OK value: (received:128, expected:128, comp: eq) | |||||||||||||||||||||||||||||||
Transform Substructure OK nexttype: (received:3, expected:3, comp: eq) OK reserved1: (received:0, expected:0, comp: eq) OK transformLen: (received:8, expected:8, comp: eq) OK type: (received:INTEG, expected:INTEG, comp: eq) OK reserved2: (received:0, expected:0, comp: eq) OK id: (received:HMAC_MD5_96, expected:HMAC_MD5_96, comp: eq) | |||||||||||||||||||||||||||||||
Transform Substructure OK nexttype: (received:0, expected:0, comp: eq) OK reserved1: (received:0, expected:0, comp: eq) OK transformLen: (received:8, expected:8, comp: eq) OK type: (received:ESN, expected:ESN, comp: eq) OK reserved2: (received:0, expected:0, comp: eq) OK id: (received:No ESN, expected:No ESN, comp: eq) | |||||||||||||||||||||||||||||||
Proposal Substructure OK nexttype: (received:2, expected:2, comp: eq) OK reserved: (received:0, expected:0, comp: eq) OK number: (received:3, expected:0, comp: ne) OK id: (received:ESP, expected:ESP, comp: eq) OK proposalLen: (received:36, expected:36, comp: eq) OK transformCount: (received:3, expected:3, comp: eq) OK spiSize: (received:4, expected:4, comp: eq) OK spi: (received:cf1e028a, expected:any, comp: eq) | |||||||||||||||||||||||||||||||
Transform Substructure OK nexttype: (received:3, expected:3, comp: eq) OK reserved1: (received:0, expected:0, comp: eq) OK transformLen: (received:8, expected:8, comp: eq) OK type: (received:ENCR, expected:ENCR, comp: eq) OK reserved2: (received:0, expected:0, comp: eq) OK id: (received:3DES, expected:3DES, comp: eq) | |||||||||||||||||||||||||||||||
Transform Substructure OK nexttype: (received:3, expected:3, comp: eq) OK reserved1: (received:0, expected:0, comp: eq) OK transformLen: (received:8, expected:8, comp: eq) OK type: (received:INTEG, expected:INTEG, comp: eq) OK reserved2: (received:0, expected:0, comp: eq) OK id: (received:HMAC_SHA1_96, expected:HMAC_SHA1_96, comp: eq) | |||||||||||||||||||||||||||||||
Transform Substructure OK nexttype: (received:0, expected:0, comp: eq) OK reserved1: (received:0, expected:0, comp: eq) OK transformLen: (received:8, expected:8, comp: eq) OK type: (received:ESN, expected:ESN, comp: eq) OK reserved2: (received:0, expected:0, comp: eq) OK id: (received:No ESN, expected:No ESN, comp: eq) | |||||||||||||||||||||||||||||||
Proposal Substructure OK nexttype: (received:0, expected:0, comp: eq) OK reserved: (received:0, expected:0, comp: eq) OK number: (received:4, expected:0, comp: ne) OK id: (received:ESP, expected:ESP, comp: eq) OK proposalLen: (received:36, expected:36, comp: eq) OK transformCount: (received:3, expected:3, comp: eq) OK spiSize: (received:4, expected:4, comp: eq) OK spi: (received:cf1e028a, expected:any, comp: eq) | |||||||||||||||||||||||||||||||
Transform Substructure OK nexttype: (received:3, expected:3, comp: eq) OK reserved1: (received:0, expected:0, comp: eq) OK transformLen: (received:8, expected:8, comp: eq) OK type: (received:ENCR, expected:ENCR, comp: eq) OK reserved2: (received:0, expected:0, comp: eq) OK id: (received:3DES, expected:3DES, comp: eq) | |||||||||||||||||||||||||||||||
Transform Substructure OK nexttype: (received:3, expected:3, comp: eq) OK reserved1: (received:0, expected:0, comp: eq) OK transformLen: (received:8, expected:8, comp: eq) OK type: (received:INTEG, expected:INTEG, comp: eq) OK reserved2: (received:0, expected:0, comp: eq) OK id: (received:HMAC_MD5_96, expected:HMAC_MD5_96, comp: eq) | |||||||||||||||||||||||||||||||
Transform Substructure OK nexttype: (received:0, expected:0, comp: eq) OK reserved1: (received:0, expected:0, comp: eq) OK transformLen: (received:8, expected:8, comp: eq) OK type: (received:ESN, expected:ESN, comp: eq) OK reserved2: (received:0, expected:0, comp: eq) OK id: (received:No ESN, expected:No ESN, comp: eq) | |||||||||||||||||||||||||||||||
Traffic Selector Payload - Initiator OK nexttype: (received: TSr, expected: TSr, comp: eq) OK critical: (received: 0, expected: 0, comp: eq) OK reserved: (received: 0, expected: 0, comp: eq) OK length: (received: 48, expected: 48, comp: eq) OK count: (received: 1, expected: 1, comp: eq) OK reserved1: (received: 0, expected: 0, comp: eq) | |||||||||||||||||||||||||||||||
Traffic Selector (expected #0) OK type: (received: IPV6_ADDR_RANGE, expected: IPV6_ADDR_RANGE, comp: eq) OK protocol: (received: 0, expected: 0, comp: eq) OK selectorLen: (received: 40, expected: 40, comp: eq) OK sport: (received: 0, expected: 0, comp: eq) OK eport: (received: 65535, expected: 65535, comp: eq) OK saddr: (received: 20010DB8 00010001 00000000 00001234, expected: 20010DB8 00010001 00000000 00001234, comp: eq) OK eaddr: (received: 20010DB8 00010001 00000000 00001234, expected: 20010DB8 00010001 00000000 00001234, comp: eq) | |||||||||||||||||||||||||||||||
Traffic Selector Payload - Responder OK nexttype: (received: N, expected: N, comp: eq) OK critical: (received: 0, expected: 0, comp: eq) OK reserved: (received: 0, expected: 0, comp: eq) OK length: (received: 48, expected: 48, comp: eq) OK count: (received: 1, expected: 1, comp: eq) OK reserved1: (received: 0, expected: 0, comp: eq) | |||||||||||||||||||||||||||||||
Traffic Selector (expected #0) OK type: (received: IPV6_ADDR_RANGE, expected: IPV6_ADDR_RANGE, comp: eq) OK protocol: (received: 0, expected: 0, comp: eq) OK selectorLen: (received: 40, expected: 40, comp: eq) OK sport: (received: 0, expected: 0, comp: eq) OK eport: (received: 65535, expected: 65535, comp: eq) OK saddr: (received: 20010DB8 000F0001 00000000 00000001, expected: 20010DB8 000F0001 00000000 00000001, comp: eq) OK eaddr: (received: 20010DB8 000F0001 00000000 00000001, expected: 20010DB8 000F0001 00000000 00000001, comp: eq) | |||||||||||||||||||||||||||||||
Notify Payload OK nexttype: (received: 0, expected: 0, comp: eq) OK critical: (received: 0, expected: 0, comp: eq) OK reserved: (received: 0, expected: 0, comp: eq) OK length: (received: 8, expected: 8, comp: eq) OK id: (received: 0, expected: 0, comp: eq) OK spiSize: (received: 0, expected: 0, comp: eq) OK type: (received: USE_TRANSPORT_MODE, expected: USE_TRANSPORT_MODE, comp: eq) OK spi: (received: , expected: , comp: eq) OK data: (received: , expected: , comp: eq) | |||||||||||||||||||||||||||||||
Match with packet('common_remote_index') | |||||||||||||||||||||||||||||||
(I) (R) NUT TN1 | | |<--------------| IKE_AUTH response (HDR, SK {IDr, AUTH, N(USE_TRANSPORT_MODE), SAr2, TSi, TSr}) | | V V | |||||||||||||||||||||||||||||||
03:41:03 |
Clear Buffer done |
||||||||||||||||||||||||||||||
03:41:03 |
Send done sent to SocketID:4 send 4th packet |
||||||||||||||||||||||||||||||
| |||||||||||||||||||||||||||||||
03:41:03 |
ikev2Local("/usr/local/sbin/setkey -c << EOF
add 2001:0db8:000f:0001::1 2001:0db8:0001:0001::1234 esp 0xcf1e028a
-E 3des-cbc 0x0d90d291d838b35acd1609f76fe0e50298bfedf2c68e5305
-A hmac-sha1 0xa720fda04c338c288078292c2661ee3ae9a51bc3;
add 2001:0db8:0001:0001::1234 2001:0db8:000f:0001::1 esp 0x97f66a22
-E 3des-cbc 0xd814c740b7e820313fd52d539537e387f986c620e460fb4f
-A hmac-sha1 0x833ef9c0b07b8719d35d5f4935a841a5dcc179ab;
spdadd 2001:0db8:0001:0001::1234[any] 2001:0db8:000f:0001::1[any] any
-P in ipsec esp/transport//require;
spdadd 2001:0db8:000f:0001::1[any] 2001:0db8:0001:0001::1234[any] any
-P out ipsec esp/transport//require;
EOF
")add 2001:0db8:000f:0001::1 2001:0db8:0001:0001::1234 esp 0xcf1e028a -E 3des-cbc 0x0d90d291d838b35acd1609f76fe0e50298bfedf2c68e5305 -A hmac-sha1 0xa720fda04c338c288078292c2661ee3ae9a51bc3; add 2001:0db8:0001:0001::1234 2001:0db8:000f:0001::1 esp 0x97f66a22 -E 3des-cbc 0xd814c740b7e820313fd52d539537e387f986c620e460fb4f -A hmac-sha1 0x833ef9c0b07b8719d35d5f4935a841a5dcc179ab; spdadd 2001:0db8:0001:0001::1234[any] 2001:0db8:000f:0001::1[any] any -P in ipsec esp/transport//require; spdadd 2001:0db8:000f:0001::1[any] 2001:0db8:0001:0001::1234[any] any -P out ipsec esp/transport//require; |
||||||||||||||||||||||||||||||
03:41:03 |
ikev2Local("/usr/local/sbin/setkey -DP")2001:db8:1:1::1234[any] 2001:db8:f:1::1[any] any in ipsec esp/transport//require spid=5 seq=1 pid=5373 refcnt=1 2001:db8:f:1::1[any] 2001:db8:1:1::1234[any] any out ipsec esp/transport//require spid=6 seq=0 pid=5373 refcnt=1 |
||||||||||||||||||||||||||||||
03:41:03 |
ikev2Local("/usr/local/sbin/setkey -D")2001:db8:1:1::1234 2001:db8:f:1::1 esp mode=any spi=2549508642(0x97f66a22) reqid=0(0x00000000) E: 3des-cbc d814c740 b7e82031 3fd52d53 9537e387 f986c620 e460fb4f A: hmac-sha1 833ef9c0 b07b8719 d35d5f49 35a841a5 dcc179ab seq=0x00000000 replay=0 flags=0x00000040 state=mature created: Mar 9 03:41:03 2010 current: Mar 9 03:41:03 2010 diff: 0(s) hard: 0(s) soft: 0(s) last: hard: 0(s) soft: 0(s) current: 0(bytes) hard: 0(bytes) soft: 0(bytes) allocated: 0 hard: 0 soft: 0 sadb_seq=1 pid=5374 refcnt=1 2001:db8:f:1::1 2001:db8:1:1::1234 esp mode=any spi=3474850442(0xcf1e028a) reqid=0(0x00000000) E: 3des-cbc 0d90d291 d838b35a cd1609f7 6fe0e502 98bfedf2 c68e5305 A: hmac-sha1 a720fda0 4c338c28 8078292c 2661ee3a e9a51bc3 seq=0x00000000 replay=0 flags=0x00000040 state=mature created: Mar 9 03:41:03 2010 current: Mar 9 03:41:03 2010 diff: 0(s) hard: 0(s) soft: 0(s) last: hard: 0(s) soft: 0(s) current: 0(bytes) hard: 0(bytes) soft: 0(bytes) allocated: 0 hard: 0 soft: 0 sadb_seq=0 pid=5374 refcnt=1 |
||||||||||||||||||||||||||||||
03:41:03 |
Connect SrcAddr:2001:0db8:000f:0001::1 SrcPort:0 DstAddr:2001:0db8:0001:0001::1234 DstPort:0 done connected to SocketID:5 |
||||||||||||||||||||||||||||||
03:41:03 |
Receive Can't receive any packets at SrcAddr:2001:db8:f:1::1 SrcPort:0 | ||||||||||||||||||||||||||||||
(I) (R) NUT TN1 | | |<--------------| IPsec {Echo Request} | | V V | |||||||||||||||||||||||||||||||
03:41:05 |
Send done sent to SocketID:5 send 5th packet |
||||||||||||||||||||||||||||||
(I) (R) NUT TN1 | | |-------------->| IPsec {Echo Reply} | | V V | |||||||||||||||||||||||||||||||
03:41:05 |
Receive SrcAddr:2001:db8:1:1::1234 SrcPort:0 DstAddr:2001:db8:f:1::1 DstPort:0 done received from SocketID:5 receive 6th packet |
||||||||||||||||||||||||||||||
(I) (R) NUT TN1 | | |<--------------| cryptographically unprotected IKE message | | V V | |||||||||||||||||||||||||||||||
03:41:05 |
Clear Buffer done |
||||||||||||||||||||||||||||||
03:41:05 |
Send done sent to SocketID:4 send 7th packet |
||||||||||||||||||||||||||||||
(I) (R) NUT TN1 | | |<--------------| IPsec {Echo Request} | | V V | |||||||||||||||||||||||||||||||
03:41:05 |
Send done sent to SocketID:5 send 8th packet |
||||||||||||||||||||||||||||||
(I) (R) NUT TN1 | | |-------------->| IPsec {Echo Reply} | | V V | |||||||||||||||||||||||||||||||
03:41:05 |
Receive SrcAddr:2001:db8:1:1::1234 SrcPort:0 DstAddr:2001:db8:f:1::1 DstPort:0 done received from SocketID:5 receive 9th packet |
||||||||||||||||||||||||||||||
TEST CLEANUP | |||||||||||||||||||||||||||||||
03:41:05 |
kRemoteAsyncWait()
Link to remote control start point ikev2> ikev2> operation: initiate ikev2> selector.direction: outbound ikev2> selector.dst.address: 2001:0db8:000f:0001::1 ikev2> selector.dst.address_family: inet6 ikev2> selector.policy_index: common_policy_index ikev2> selector.selector_index: common_selector_index_outbound ikev2> selector.src.address: 2001:0db8:0001:0001::1234 ikev2> selector.src.address_family: inet6 ikev2> selector.upper_layer_protocol.protocol: any ikev2> target: 2001:0db8:000f:0001::1 ikev2> ikev2> Press Enter key for continue. ikev2> | ||||||||||||||||||||||||||||||
cleaning up NUT ... | |||||||||||||||||||||||||||||||
03:41:09 |
kRemote(ikev2.rmt) ``/usr/local/koi/bin/remotes/manual//ikev2.rmt operation=stop'' kRemote()... /usr/local/koi/bin/remotes/manual//ikev2.rmt operation=stop ikev2> ikev2> operation: stop ikev2> ikev2> Press Enter key for continue. ikev2> | ||||||||||||||||||||||||||||||
03:41:22 |
kRemote(route.rmt) ``/usr/local/koi/bin/remotes/manual//route.rmt operation=delete route.0.address_family=inet6 route.0.gateway=fe80::f%eth0 route.0.interface=eth0 route.0.network=2001:0db8:000f:0001::/64 route.num=1'' kRemote()... /usr/local/koi/bin/remotes/manual//route.rmt operation=delete route.0.address_family=inet6 route.0.gateway=fe80::f%eth0 route.0.interface=eth0 route.0.network=2001:0db8:000f:0001::/64 route.num=1 route> route> operation: delete route> route.0.address_family: inet6 route> route.0.gateway: fe80::f%eth0 route> route.0.interface: eth0 route> route.0.network: 2001:0db8:000f:0001::/64 route> route.num: 1 route> route> Press Enter key for continue. route> | ||||||||||||||||||||||||||||||
03:41:23 |
kRemote(ifconfig.rmt) ``/usr/local/koi/bin/remotes/manual//ifconfig.rmt operation=delete ifconfig.address=2001:0db8:0001:0001::1234/64 ifconfig.address_family=inet6 ifconfig.interface=eth0'' kRemote()... /usr/local/koi/bin/remotes/manual//ifconfig.rmt operation=delete ifconfig.address=2001:0db8:0001:0001::1234/64 ifconfig.address_family=inet6 ifconfig.interface=eth0 ifconfig> ifconfig> ifconfig.address: 2001:0db8:0001:0001::1234/64 ifconfig> ifconfig.address_family: inet6 ifconfig> ifconfig.interface: eth0 ifconfig> operation: delete ifconfig> ifconfig> Press Enter key for continue. ifconfig> | ||||||||||||||||||||||||||||||
cleaning up TN ... | |||||||||||||||||||||||||||||||
03:41:24 |
ikev2Local("/sbin/setkey -D")2001:db8:1:1::1234 2001:db8:f:1::1 esp mode=any spi=2549508642(0x97f66a22) reqid=0(0x00000000) E: 3des-cbc d814c740 b7e82031 3fd52d53 9537e387 f986c620 e460fb4f A: hmac-sha1 833ef9c0 b07b8719 d35d5f49 35a841a5 dcc179ab seq=0x00000002 replay=0 flags=0x00000040 state=mature created: Mar 9 03:41:03 2010 current: Mar 9 03:41:24 2010 diff: 21(s) hard: 0(s) soft: 0(s) last: Mar 9 03:41:05 2010 hard: 0(s) soft: 0(s) current: 160(bytes) hard: 0(bytes) soft: 0(bytes) allocated: 2 hard: 0 soft: 0 sadb_seq=1 pid=5378 refcnt=1 2001:db8:f:1::1 2001:db8:1:1::1234 esp mode=any spi=3474850442(0xcf1e028a) reqid=0(0x00000000) E: 3des-cbc 0d90d291 d838b35a cd1609f7 6fe0e502 98bfedf2 c68e5305 A: hmac-sha1 a720fda0 4c338c28 8078292c 2661ee3a e9a51bc3 seq=0x00000003 replay=0 flags=0x00000040 state=mature created: Mar 9 03:41:03 2010 current: Mar 9 03:41:24 2010 diff: 21(s) hard: 0(s) soft: 0(s) last: Mar 9 03:41:05 2010 hard: 0(s) soft: 0(s) current: 348(bytes) hard: 0(bytes) soft: 0(bytes) allocated: 3 hard: 0 soft: 0 sadb_seq=0 pid=5378 refcnt=2 |
||||||||||||||||||||||||||||||
03:41:24 |
ikev2Local("/sbin/setkey -F") |
||||||||||||||||||||||||||||||
03:41:27 |
ikev2Local("/sbin/setkey -D") |
||||||||||||||||||||||||||||||
03:41:27 |
ikev2Local("/sbin/setkey -DP")2001:db8:1:1::1234[any] 2001:db8:f:1::1[any] any in ipsec esp/transport//require spid=5 seq=1 pid=5381 refcnt=1 2001:db8:f:1::1[any] 2001:db8:1:1::1234[any] any out ipsec esp/transport//require spid=6 seq=0 pid=5381 refcnt=1 |
||||||||||||||||||||||||||||||
03:41:27 |
ikev2Local("/sbin/setkey -FP") |
||||||||||||||||||||||||||||||
03:41:30 |
ikev2Local("/sbin/setkey -DP")No SPD entries. |
||||||||||||||||||||||||||||||
03:41:30 |
ikev2Local("/sbin/sysctl -w net.inet6.ip6.forwarding=0")net.inet6.ip6.forwarding: 1 -> 0 |
||||||||||||||||||||||||||||||
03:41:30 |
ikev2Local("/sbin/ifconfig -a")em0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500 options=19b<RXCSUM,TXCSUM,VLAN_MTU,VLAN_HWTAGGING,VLAN_HWCSUM,TSO4> ether 00:23:ae:9d:94:70 inet6 fe80::223:aeff:fe9d:9470%em0 prefixlen 64 scopeid 0x1 inet 10.66.70.72 netmask 0xffffff00 broadcast 10.66.70.255 media: Ethernet autoselect (1000baseT <full-duplex>) status: active rl0: flags=8943<UP,BROADCAST,RUNNING,PROMISC,SIMPLEX,MULTICAST> metric 0 mtu 1500 options=8<VLAN_MTU> ether 00:e0:4c:0d:51:49 inet 192.168.0.20 netmask 0xffffff00 broadcast 192.168.0.255 inet6 fe80::2e0:4cff:fe0d:5149%rl0 prefixlen 64 scopeid 0x2 inet6 fe80::f%rl0 prefixlen 64 scopeid 0x2 inet6 2001:db8:1:1::f prefixlen 64 media: Ethernet autoselect (100baseTX <full-duplex>) status: active rl1: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500 options=8<VLAN_MTU> ether 00:1d:0f:0f:be:4e inet6 fe80::21d:fff:fe0f:be4e%rl1 prefixlen 64 scopeid 0x3 media: Ethernet autoselect (none) status: no carrier plip0: flags=8810<POINTOPOINT,SIMPLEX,MULTICAST> metric 0 mtu 1500 lo0: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> metric 0 mtu 16384 options=3<RXCSUM,TXCSUM> inet 127.0.0.1 netmask 0xff000000 inet6 ::1 prefixlen 128 inet6 fe80::1%lo0 prefixlen 64 scopeid 0x5 lo1: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> metric 0 mtu 16384 options=3<RXCSUM,TXCSUM> inet6 2001:db8:f:1::1 prefixlen 64 |
||||||||||||||||||||||||||||||
03:41:30 |
ikev2Local("/sbin/ifconfig lo1 inet6 2001:0db8:000f:0001::1/64 delete") |
||||||||||||||||||||||||||||||
03:41:30 |
ikev2Local("/sbin/ifconfig lo1 down") |
||||||||||||||||||||||||||||||
03:41:30 |
ikev2Local("/sbin/ifconfig lo1 destroy") |
||||||||||||||||||||||||||||||
03:41:30 |
ikev2Local("/sbin/ifconfig rl0 inet6 2001:0db8:0001:0001::f/64 delete") |
||||||||||||||||||||||||||||||
03:41:30 |
ikev2Local("/sbin/ifconfig rl0 inet6 fe80::f%rl0/64 delete") |
||||||||||||||||||||||||||||||
03:41:33 |
ikev2Local("/sbin/ifconfig -a")em0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500 options=19b<RXCSUM,TXCSUM,VLAN_MTU,VLAN_HWTAGGING,VLAN_HWCSUM,TSO4> ether 00:23:ae:9d:94:70 inet6 fe80::223:aeff:fe9d:9470%em0 prefixlen 64 scopeid 0x1 inet 10.66.70.72 netmask 0xffffff00 broadcast 10.66.70.255 media: Ethernet autoselect (1000baseT <full-duplex>) status: active rl0: flags=8943<UP,BROADCAST,RUNNING,PROMISC,SIMPLEX,MULTICAST> metric 0 mtu 1500 options=8<VLAN_MTU> ether 00:e0:4c:0d:51:49 inet 192.168.0.20 netmask 0xffffff00 broadcast 192.168.0.255 inet6 fe80::2e0:4cff:fe0d:5149%rl0 prefixlen 64 scopeid 0x2 media: Ethernet autoselect (100baseTX <full-duplex>) status: active rl1: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500 options=8<VLAN_MTU> ether 00:1d:0f:0f:be:4e inet6 fe80::21d:fff:fe0f:be4e%rl1 prefixlen 64 scopeid 0x3 media: Ethernet autoselect (none) status: no carrier plip0: flags=8810<POINTOPOINT,SIMPLEX,MULTICAST> metric 0 mtu 1500 lo0: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> metric 0 mtu 16384 options=3<RXCSUM,TXCSUM> inet 127.0.0.1 netmask 0xff000000 inet6 ::1 prefixlen 128 inet6 fe80::1%lo0 prefixlen 64 scopeid 0x5 |
||||||||||||||||||||||||||||||
PASS |
IP Packet | IP Header | | Version = 6 | | Source Address = 2001:db8:1:1::1234 | | Destination Address = 2001:db8:f:1::1 | UDP Header | | Source Port = 500 | | Destination Port = 500 | Internet Security Association and Key Management Protocol Payload | | IKE Header | | | IKE_SA Initiator's SPI = 6bc2bc18126922fb | | | IKE_SA Responder's SPI = 0000000000000000 | | | Next Payload = 33 (SA) | | | Major Version = 2 | | | Minor Version = 0 | | | Exchange Type = 34 (IKE_SA_INIT) | | | Flags = 8 (0b00001000) | | | | Reserved (XX000000) = 0 | | | | Response (00R00000) = 0 | | | | Version (000V0000) = 0 | | | | Initiator (0000I000) = 1 | | | | Reserved (00000XXX) = 0 | | | Message ID = 0 (0x0) | | | Length = 244 (0xf4) | | | SA Payload | | | | Next Payload = 34 (KE) | | | | Critical = 0 | | | | Reserved = 0 | | | | Payload Length = 44 (0x2c) | | | | Proposal #1 | | | | | Next Payload = 0 (last) | | | | | RESERVED = 0 | | | | | Proposal Length = 40 | | | | | Proposal # = 1 | | | | | Proposal ID = IKE | | | | | SPI Size = 0 | | | | | # of Transforms = 4 | | | | | Transfrom | | | | | | Next Payload = 3 (Transform) | | | | | | RESERVED = 0 | | | | | | Transform Length = 8 | | | | | | Transform Type = 1 (ENCR) | | | | | | RESERVED = 0 | | | | | | Transform ID = 3 (3DES) | | | | | Transfrom | | | | | | Next Payload = 3 (Transform) | | | | | | RESERVED = 0 | | | | | | Transform Length = 8 | | | | | | Transform Type = 3 (INTEG) | | | | | | RESERVED = 0 | | | | | | Transform ID = 2 (HMAC_SHA1_96) | | | | | Transfrom | | | | | | Next Payload = 3 (Transform) | | | | | | RESERVED = 0 | | | | | | Transform Length = 8 | | | | | | Transform Type = 2 (PRF) | | | | | | RESERVED = 0 | | | | | | Transform ID = 2 (HMAC_SHA1) | | | | | Transfrom | | | | | | Next Payload = 0 (last) | | | | | | RESERVED = 0 | | | | | | Transform Length = 8 | | | | | | Transform Type = 4 (D-H) | | | | | | RESERVED = 0 | | | | | | Transform ID = 2 (1024 MODP Group) | | | KE Payload | | | | Next Payload = 40 (Ni, Nr) | | | | Critical = 0 | | | | Reserved = 0 | | | | Payload Length = 136 (0x88) | | | | DH Group # = 2 | | | | RESERVED = 0 | | | | Key Exchange Data = 0x2af2fc48563853a949531a10aa36fae3616fa2e4564515962b916073fe1aa11c13b00cb2fe5a8587f11c60310c6d39663996715ceb9d4c9e449a6e56d3bf3cc8856687c4355c36a4b5bfc0285a067f90cc7fe6b653c753d65687f67b89ed5532495f0d9f22c4052db287258a370c53d565d884ddb2ccb16bb0b12ebb202d0ff6 | | | Ni, Nr Payload | | | | Next Payload = 43 (V) | | | | Critical = 0 | | | | Reserved = 0 | | | | Payload Length = 20 (0x14) | | | | Nonce Data = 28f8ce4ce4bfb5554b0496240b92d0e0 | | | UNDEFINED Payload (type(V)) | | | | Next Payload = 0 (0) | | | | Critical = 0 | | | | Reserved = 0 | | | | Payload Length = 16 (0x10)
IP Packet | IP Header | | Version = 6 | | Source Address = 2001:db8:f:1::1 | | Destination Address = 2001:db8:1:1::1234 | UDP Header | | Source Port = 500 | | Destination Port = 500 | Internet Security Association and Key Management Protocol Payload | | IKE Header | | | IKE_SA Initiator's SPI = 6bc2bc18126922fb | | | IKE_SA Responder's SPI = c054693cefd56477 | | | Next Payload = 33 (SA) | | | Major Version = 2 | | | Minor Version = 0 | | | Exchange Type = 34 (IKE_SA_INIT) | | | Flags = 32 (0b00100000) | | | | Reserved (XX000000) = 0 | | | | Response (00R00000) = 1 | | | | Version (000V0000) = 0 | | | | Initiator (0000I000) = 0 | | | | Reserved (00000XXX) = 0 | | | Message ID = 0 (0x0) | | | Length = 251 (0xfb) | | | SA Payload | | | | Next Payload = 34 (KE) | | | | Critical = 0 | | | | Reserved = 0 | | | | Payload Length = 44 (0x2c) | | | | Proposal #1 | | | | | Next Payload = 0 (last) | | | | | RESERVED = 0 | | | | | Proposal Length = 40 | | | | | Proposal # = 1 | | | | | Proposal ID = IKE | | | | | SPI Size = 0 | | | | | # of Transforms = 4 | | | | | Transfrom | | | | | | Next Payload = 3 (Transform) | | | | | | RESERVED = 0 | | | | | | Transform Length = 8 | | | | | | Transform Type = 1 (ENCR) | | | | | | RESERVED = 0 | | | | | | Transform ID = 3 (3DES) | | | | | Transfrom | | | | | | Next Payload = 3 (Transform) | | | | | | RESERVED = 0 | | | | | | Transform Length = 8 | | | | | | Transform Type = 2 (PRF) | | | | | | RESERVED = 0 | | | | | | Transform ID = 2 (HMAC_SHA1) | | | | | Transfrom | | | | | | Next Payload = 3 (Transform) | | | | | | RESERVED = 0 | | | | | | Transform Length = 8 | | | | | | Transform Type = 3 (INTEG) | | | | | | RESERVED = 0 | | | | | | Transform ID = 2 (HMAC_SHA1_96) | | | | | Transfrom | | | | | | Next Payload = 0 (last) | | | | | | RESERVED = 0 | | | | | | Transform Length = 8 | | | | | | Transform Type = 4 (D-H) | | | | | | RESERVED = 0 | | | | | | Transform ID = 2 (1024 MODP Group) | | | KE Payload | | | | Next Payload = 40 (Ni, Nr) | | | | Critical = 0 | | | | Reserved = 0 | | | | Payload Length = 136 (0x88) | | | | DH Group # = 2 | | | | RESERVED = 0 | | | | Key Exchange Data = 0x5e4061459b3971f7a1765b12e8eaee1b20f05a58056eccec1db5c8818d90338625ecd5a1d0ec6eb57b940a62a43c2b13798900b39ce6885df225233ca79c8596028ac6236ad75c54f9e72cee91a78e50643a6000f044491ab9f53d3e362bb72b48211dbcfd700a29cc0fe313fc4731b2f95121aeacddacdbb44da82229ecc186 | | | Ni, Nr Payload | | | | Next Payload = 0 (0) | | | | Critical = 0 | | | | Reserved = 0 | | | | Payload Length = 43 (0x2b) | | | | Nonce Data = 90c4aa61db6f025f2796835f989e6a83e44c787b1178b12e5b5bb770d2fefcc43d7d687a59d69a
IP Packet | IP Header | | Version = 6 | | Source Address = 2001:db8:1:1::1234 | | Destination Address = 2001:db8:f:1::1 | UDP Header | | Source Port = 500 | | Destination Port = 500 | Internet Security Association and Key Management Protocol Payload | | IKE Header | | | IKE_SA Initiator's SPI = 6bc2bc18126922fb | | | IKE_SA Responder's SPI = c054693cefd56477 | | | Next Payload = 46 (E) | | | Major Version = 2 | | | Minor Version = 0 | | | Exchange Type = 35 (IKE_AUTH) | | | Flags = 8 (0b00001000) | | | | Reserved (XX000000) = 0 | | | | Response (00R00000) = 0 | | | | Version (000V0000) = 0 | | | | Initiator (0000I000) = 1 | | | | Reserved (00000XXX) = 0 | | | Message ID = 1 (0x1) | | | Length = 372 (0x174) | | | E Payload | | | | Next Payload = 35 (IDi) | | | | Critical = 0 | | | | Reserved = 0 | | | | Payload Length = 344 (0x158) | | | | Initialization Vector = 4e3ce884253778a2 | | | | Encrypted IKE Payloads | | | | | IDi Payload | | | | | | Next Payload = 39 (AUTH) | | | | | | Critical = 0 | | | | | | Reserved = 0 | | | | | | Payload Length = 24 (0x18) | | | | | | ID Type = 5 (IPV6_ADDR) | | | | | | RESERVED = 0 | | | | | | Identification Data = 20010db8000100010000000000001234 (2001:db8:1:1::1234) | | | | | AUTH Payload | | | | | | Next Payload = 33 (SA) | | | | | | Critical = 0 | | | | | | Reserved = 0 | | | | | | Payload Length = 28 (0x1c) | | | | | | Auth Method = 2 (SK_MIC) | | | | | | RESERVED = 0 | | | | | | Authentication Data = 3634643966656131623430623736616231353332 | | | | | SA Payload | | | | | | Next Payload = 44 (TSi) | | | | | | Critical = 0 | | | | | | Reserved = 0 | | | | | | Payload Length = 156 (0x9c) | | | | | | Proposal #1 | | | | | | | Next Payload = 2 (Proposal) | | | | | | | RESERVED = 0 | | | | | | | Proposal Length = 40 | | | | | | | Proposal # = 1 | | | | | | | Proposal ID = ESP | | | | | | | SPI Size = 4 | | | | | | | # of Transforms = 3 | | | | | | | SPI = cf1e028a | | | | | | | Transfrom | | | | | | | | Next Payload = 3 (Transform) | | | | | | | | RESERVED = 0 | | | | | | | | Transform Length = 12 | | | | | | | | Transform Type = 1 (ENCR) | | | | | | | | RESERVED = 0 | | | | | | | | Transform ID = 12 (AES_CBC) | | | | | | | | | Attribute | | | | | | | | | | Attribute Type = Key Length | | | | | | | | | | Attribute Value = 128 | | | | | | | Transfrom | | | | | | | | Next Payload = 3 (Transform) | | | | | | | | RESERVED = 0 | | | | | | | | Transform Length = 8 | | | | | | | | Transform Type = 3 (INTEG) | | | | | | | | RESERVED = 0 | | | | | | | | Transform ID = 2 (HMAC_SHA1_96) | | | | | | | Transfrom | | | | | | | | Next Payload = 0 (last) | | | | | | | | RESERVED = 0 | | | | | | | | Transform Length = 8 | | | | | | | | Transform Type = 5 (ESN) | | | | | | | | RESERVED = 0 | | | | | | | | Transform ID = 0 (No ESN) | | | | | | Proposal #2 | | | | | | | Next Payload = 2 (Proposal) | | | | | | | RESERVED = 0 | | | | | | | Proposal Length = 40 | | | | | | | Proposal # = 2 | | | | | | | Proposal ID = ESP | | | | | | | SPI Size = 4 | | | | | | | # of Transforms = 3 | | | | | | | SPI = cf1e028a | | | | | | | Transfrom | | | | | | | | Next Payload = 3 (Transform) | | | | | | | | RESERVED = 0 | | | | | | | | Transform Length = 12 | | | | | | | | Transform Type = 1 (ENCR) | | | | | | | | RESERVED = 0 | | | | | | | | Transform ID = 12 (AES_CBC) | | | | | | | | | Attribute | | | | | | | | | | Attribute Type = Key Length | | | | | | | | | | Attribute Value = 128 | | | | | | | Transfrom | | | | | | | | Next Payload = 3 (Transform) | | | | | | | | RESERVED = 0 | | | | | | | | Transform Length = 8 | | | | | | | | Transform Type = 3 (INTEG) | | | | | | | | RESERVED = 0 | | | | | | | | Transform ID = 1 (HMAC_MD5_96) | | | | | | | Transfrom | | | | | | | | Next Payload = 0 (last) | | | | | | | | RESERVED = 0 | | | | | | | | Transform Length = 8 | | | | | | | | Transform Type = 5 (ESN) | | | | | | | | RESERVED = 0 | | | | | | | | Transform ID = 0 (No ESN) | | | | | | Proposal #3 | | | | | | | Next Payload = 2 (Proposal) | | | | | | | RESERVED = 0 | | | | | | | Proposal Length = 36 | | | | | | | Proposal # = 3 | | | | | | | Proposal ID = ESP | | | | | | | SPI Size = 4 | | | | | | | # of Transforms = 3 | | | | | | | SPI = cf1e028a | | | | | | | Transfrom | | | | | | | | Next Payload = 3 (Transform) | | | | | | | | RESERVED = 0 | | | | | | | | Transform Length = 8 | | | | | | | | Transform Type = 1 (ENCR) | | | | | | | | RESERVED = 0 | | | | | | | | Transform ID = 3 (3DES) | | | | | | | Transfrom | | | | | | | | Next Payload = 3 (Transform) | | | | | | | | RESERVED = 0 | | | | | | | | Transform Length = 8 | | | | | | | | Transform Type = 3 (INTEG) | | | | | | | | RESERVED = 0 | | | | | | | | Transform ID = 2 (HMAC_SHA1_96) | | | | | | | Transfrom | | | | | | | | Next Payload = 0 (last) | | | | | | | | RESERVED = 0 | | | | | | | | Transform Length = 8 | | | | | | | | Transform Type = 5 (ESN) | | | | | | | | RESERVED = 0 | | | | | | | | Transform ID = 0 (No ESN) | | | | | | Proposal #4 | | | | | | | Next Payload = 0 (last) | | | | | | | RESERVED = 0 | | | | | | | Proposal Length = 36 | | | | | | | Proposal # = 4 | | | | | | | Proposal ID = ESP | | | | | | | SPI Size = 4 | | | | | | | # of Transforms = 3 | | | | | | | SPI = cf1e028a | | | | | | | Transfrom | | | | | | | | Next Payload = 3 (Transform) | | | | | | | | RESERVED = 0 | | | | | | | | Transform Length = 8 | | | | | | | | Transform Type = 1 (ENCR) | | | | | | | | RESERVED = 0 | | | | | | | | Transform ID = 3 (3DES) | | | | | | | Transfrom | | | | | | | | Next Payload = 3 (Transform) | | | | | | | | RESERVED = 0 | | | | | | | | Transform Length = 8 | | | | | | | | Transform Type = 3 (INTEG) | | | | | | | | RESERVED = 0 | | | | | | | | Transform ID = 1 (HMAC_MD5_96) | | | | | | | Transfrom | | | | | | | | Next Payload = 0 (last) | | | | | | | | RESERVED = 0 | | | | | | | | Transform Length = 8 | | | | | | | | Transform Type = 5 (ESN) | | | | | | | | RESERVED = 0 | | | | | | | | Transform ID = 0 (No ESN) | | | | | TSi Payload | | | | | | Next Payload = 45 (TSr) | | | | | | Critical = 0 | | | | | | Reserved = 0 | | | | | | Payload Length = 48 (0x30) | | | | | | Number of TSs = 1 | | | | | | RESERVED = 0 | | | | | | Traffic Selector | | | | | | | TS Type = 8 (IPV6_ADDR_RANGE) | | | | | | | IP Protocol ID = 0 (any) | | | | | | | Selector Length = 40 | | | | | | | Start Port = 0 | | | | | | | End Port = 65535 | | | | | | | Starting Address = 20010db8000100010000000000001234 | | | | | | | Ending Address = 20010db8000100010000000000001234 | | | | | TSr Payload | | | | | | Next Payload = 41 (N) | | | | | | Critical = 0 | | | | | | Reserved = 0 | | | | | | Payload Length = 48 (0x30) | | | | | | Number of TSs = 1 | | | | | | RESERVED = 0 | | | | | | Traffic Selector | | | | | | | TS Type = 8 (IPV6_ADDR_RANGE) | | | | | | | IP Protocol ID = 0 (any) | | | | | | | Selector Length = 40 | | | | | | | Start Port = 0 | | | | | | | End Port = 65535 | | | | | | | Starting Address = 20010db8000f00010000000000000001 | | | | | | | Ending Address = 20010db8000f00010000000000000001 | | | | | N Payload | | | | | | Next Payload = 0 (0) | | | | | | Critical = 0 | | | | | | Reserved = 0 | | | | | | Payload Length = 8 (0x8) | | | | | | Protocol ID = 0 (no relation) | | | | | | SPI Size = 0 | | | | | | Notify Message Type = 16391 (USE_TRANSPORT_MODE) | | | | Integrity Checksum Data = 501eac54b7fbc7b80d898bd8
IP Packet | IP Header | | Version = 6 | | Source Address = 2001:db8:f:1::1 | | Destination Address = 2001:db8:1:1::1234 | UDP Header | | Source Port = 500 | | Destination Port = 500 | Internet Security Association and Key Management Protocol Payload | | IKE Header | | | IKE_SA Initiator's SPI = 6bc2bc18126922fb | | | IKE_SA Responder's SPI = c054693cefd56477 | | | Next Payload = 46 (E) | | | Major Version = 2 | | | Minor Version = 0 | | | Exchange Type = 35 (IKE_AUTH) | | | Flags = 32 (0b00100000) | | | | Reserved (XX000000) = 0 | | | | Response (00R00000) = 1 | | | | Version (000V0000) = 0 | | | | Initiator (0000I000) = 0 | | | | Reserved (00000XXX) = 0 | | | Message ID = 1 (0x1) | | | Length = 252 (0xfc) | | | E Payload | | | | Next Payload = 36 (IDr) | | | | Critical = 0 | | | | Reserved = 0 | | | | Payload Length = 224 (0xe0) | | | | Initialization Vector = 5fcb715c8301d9be | | | | Encrypted IKE Payloads | | | | | IDr Payload | | | | | | Next Payload = 39 (AUTH) | | | | | | Critical = 0 | | | | | | Reserved = 0 | | | | | | Payload Length = 24 (0x18) | | | | | | ID Type = 5 (IPV6_ADDR) | | | | | | RESERVED = 0 | | | | | | Identification Data = 20010db8000f00010000000000000001 (2001:db8:f:1::1) | | | | | AUTH Payload | | | | | | Next Payload = 41 (N) | | | | | | Critical = 0 | | | | | | Reserved = 0 | | | | | | Payload Length = 28 (0x1c) | | | | | | Auth Method = 2 (SK_MIC) | | | | | | RESERVED = 0 | | | | | | Authentication Data = 3536383830623665626266326637376462656635 | | | | | N Payload | | | | | | Next Payload = 33 (SA) | | | | | | Critical = 0 | | | | | | Reserved = 0 | | | | | | Payload Length = 8 (0x8) | | | | | | Protocol ID = 0 (no relation) | | | | | | SPI Size = 0 | | | | | | Notify Message Type = 16391 (USE_TRANSPORT_MODE) | | | | | SA Payload | | | | | | Next Payload = 44 (TSi) | | | | | | Critical = 0 | | | | | | Reserved = 0 | | | | | | Payload Length = 40 (0x28) | | | | | | Proposal #1 | | | | | | | Next Payload = 0 (last) | | | | | | | RESERVED = 0 | | | | | | | Proposal Length = 36 | | | | | | | Proposal # = 1 | | | | | | | Proposal ID = ESP | | | | | | | SPI Size = 4 | | | | | | | # of Transforms = 3 | | | | | | | SPI = 97f66a22 | | | | | | | Transfrom | | | | | | | | Next Payload = 3 (Transform) | | | | | | | | RESERVED = 0 | | | | | | | | Transform Length = 8 | | | | | | | | Transform Type = 1 (ENCR) | | | | | | | | RESERVED = 0 | | | | | | | | Transform ID = 3 (3DES) | | | | | | | Transfrom | | | | | | | | Next Payload = 3 (Transform) | | | | | | | | RESERVED = 0 | | | | | | | | Transform Length = 8 | | | | | | | | Transform Type = 3 (INTEG) | | | | | | | | RESERVED = 0 | | | | | | | | Transform ID = 2 (HMAC_SHA1_96) | | | | | | | Transfrom | | | | | | | | Next Payload = 0 (last) | | | | | | | | RESERVED = 0 | | | | | | | | Transform Length = 8 | | | | | | | | Transform Type = 5 (ESN) | | | | | | | | RESERVED = 0 | | | | | | | | Transform ID = 0 (No ESN) | | | | | TSi Payload | | | | | | Next Payload = 45 (TSr) | | | | | | Critical = 0 | | | | | | Reserved = 0 | | | | | | Payload Length = 48 (0x30) | | | | | | Number of TSs = 1 | | | | | | RESERVED = 0 | | | | | | Traffic Selector | | | | | | | TS Type = 8 (IPV6_ADDR_RANGE) | | | | | | | IP Protocol ID = 0 (any) | | | | | | | Selector Length = 40 | | | | | | | Start Port = 0 | | | | | | | End Port = 65535 | | | | | | | Starting Address = 20010db8000100010000000000001234 | | | | | | | Ending Address = 20010db8000100010000000000001234 | | | | | TSr Payload | | | | | | Next Payload = 0 (0) | | | | | | Critical = 0 | | | | | | Reserved = 0 | | | | | | Payload Length = 48 (0x30) | | | | | | Number of TSs = 1 | | | | | | RESERVED = 0 | | | | | | Traffic Selector | | | | | | | TS Type = 8 (IPV6_ADDR_RANGE) | | | | | | | IP Protocol ID = 0 (any) | | | | | | | Selector Length = 40 | | | | | | | Start Port = 0 | | | | | | | End Port = 65535 | | | | | | | Starting Address = 20010db8000f00010000000000000001 | | | | | | | Ending Address = 20010db8000f00010000000000000001 | | | | Integrity Checksum Data = 04411df67d8c1f64e08c612f
IP Packet | IP Header | | Version = 6 | | Source Address = 2001:db8:f:1::1 | | Destination Address = 2001:db8:1:1::1234 | ICMP Header | | Type = 128 (Echo Request) | | Code = 0 | | Checksum = 0x0000
IP Packet | IP Header | | Version = 6 | | Source Address = 2001:db8:1:1::1234 | | Destination Address = 2001:db8:f:1::1 | ICMP Header | | Type = 129 (Echo Reply) | | Code = 0 | | Checksum = 0x10e4 | | Identifier = 0x0000 | | Sequence Number = 0x0000
IP Packet | IP Header | | Version = 6 | | Source Address = 2001:db8:f:1::1 | | Destination Address = 2001:db8:1:1::1234 | UDP Header | | Source Port = 500 | | Destination Port = 500 | Internet Security Association and Key Management Protocol Payload | | IKE Header | | | IKE_SA Initiator's SPI = 6bc2bc18126922fb | | | IKE_SA Responder's SPI = c054693cefd56477 | | | Next Payload = 41 (N) | | | Major Version = 2 | | | Minor Version = 0 | | | Exchange Type = 37 (INFORMATIONAL) | | | Flags = 0 (0b00000000) | | | | Reserved (XX000000) = 0 | | | | Response (00R00000) = 0 | | | | Version (000V0000) = 0 | | | | Initiator (0000I000) = 0 | | | | Reserved (00000XXX) = 0 | | | Message ID = 0 (0x0) | | | Length = 36 (0x24) | | | N Payload | | | | Next Payload = 0 (0) | | | | Critical = 0 | | | | Reserved = 0 | | | | Payload Length = 8 (0x8) | | | | Protocol ID = ESP (3) | | | | SPI Size = 0 | | | | Notify Message Type = 11 (INVALID_SPI)
IP Packet | IP Header | | Version = 6 | | Source Address = 2001:db8:f:1::1 | | Destination Address = 2001:db8:1:1::1234 | ICMP Header | | Type = 128 (Echo Request) | | Code = 0 | | Checksum = 0x0000
IP Packet | IP Header | | Version = 6 | | Source Address = 2001:db8:1:1::1234 | | Destination Address = 2001:db8:f:1::1 | ICMP Header | | Type = 129 (Echo Reply) | | Code = 0 | | Checksum = 0x10e4 | | Identifier = 0x0000 | | Sequence Number = 0x0000