Sergey Anohin
28.06.2017, 02:30
Sergey Anohin написал(а) к All в Jun 17 01:04:28 по местному времени:
Нello All
Клиент за натом:
2017-06-28 01:02:14: INFO: @(#)ipsec-tools 0.8.2 (http://ipsec-tools.sourceforge.net)
2017-06-28 01:02:14: INFO: @(#)This product linked OpenSSL 1.0.2k-freebsd 26 Jan 2017 (http://www.openssl.org/)
2017-06-28 01:02:14: INFO: Reading configuration from "/usr/local/etc/racoon/racoon.conf"
2017-06-28 01:02:14: INFO: 85.113.221.175[4500] used for NAT-T
2017-06-28 01:02:14: INFO: 85.113.221.175[4500] used as isakmp port (fd=5)
2017-06-28 01:02:14: INFO: 85.113.221.175[500] used as isakmp port (fd=6)
2017-06-28 01:02:25: INFO: respond new phase 1 negotiation: 85.113.221.175[500]<=>2.93.3.213[500]
2017-06-28 01:02:25: INFO: begin Identity Protection mode.
2017-06-28 01:02:25: INFO: received broken Microsoft ID: MS NT5 ISAKMPOAKLEY
2017-06-28 01:02:25: INFO: received Vendor ID: RFC 3947
2017-06-28 01:02:25: INFO: received Vendor ID: draft-ietf-ipsec-nat-t-ike-02
2017-06-28 01:02:25: INFO: received Vendor ID: FRAGMENTATION
2017-06-28 01:02:25: [2.93.3.213] INFO: Selected NAT-T version: RFC 3947
2017-06-28 01:02:25: ERROR: invalid DН group 20.
2017-06-28 01:02:25: ERROR: invalid DН group 19.
2017-06-28 01:02:25: [85.113.221.175] INFO: Нashing 85.113.221.175[500] with algo #2
2017-06-28 01:02:25: INFO: NAT-D payload #0 verified
2017-06-28 01:02:25: [2.93.3.213] INFO: Нashing 2.93.3.213[500] with algo #2
2017-06-28 01:02:25: INFO: NAT-D payload #1 doesn't match
2017-06-28 01:02:25: INFO: NAT detected: PEER
2017-06-28 01:02:25: [2.93.3.213] INFO: Нashing 2.93.3.213[500] with algo #2
2017-06-28 01:02:25: [85.113.221.175] INFO: Нashing 85.113.221.175[500] with algo #2
2017-06-28 01:02:25: INFO: Adding remote and local NAT-D payloads.
2017-06-28 01:02:25: INFO: NAT-T: ports changed to: 2.93.3.213[4500]<->85.113.221.175[4500]
2017-06-28 01:02:25: INFO: ISAKMP-SA established 85.113.221.175[4500]-2.93.3.213[4500] spi:b0b96f3c1a3b4eee:a9abecf27ba44a4c
2017-06-28 01:02:25: INFO: respond new phase 2 negotiation: 85.113.221.175[4500]<=>2.93.3.213[4500]
2017-06-28 01:02:25: INFO: Update the generated policy : 2.93.3.213/32[1701] 85.113.221.175/32[1701] proto=udp dir=in
2017-06-28 01:02:25: INFO: Adjusting my encmode UDP-Transport->Transport
2017-06-28 01:02:25: INFO: Adjusting peer's encmode UDP-Transport(4)->Transport(2)
Jun 28 01:02:25 server racoon: phase1(ident R msg1): 0.000850
2017-06-28 01:02:25: ERROR: pfkey UPDATE failed: No such process
2017-06-28 01:02:25: INFO: IPsec-SA established: ESP 85.113.221.175[4500]->2.93.3.213[4500] spi=1845983402(0x6e0778aa)
Jun 28 01:02:25 server racoon: oakleydhgenerate(MODP1024): 0.002195
Jun 28 01:02:25 server racoon: oakleydhcompute(MODP1024): 0.002050
Jun 28 01:02:25 server racoon: algoakley_hmacdef_one(hmacsha1 size=64): 0.000014
Jun 28 01:02:25 server racoon: algoakley_hmacdef_one(hmacsha1 size=145): 0.000005
Jun 28 01:02:25 server racoon: algoakley_hmacdef_one(hmacsha1 size=165): 0.000005
Jun 28 01:02:25 server racoon: algoakley_hmacdef_one(hmacsha1 size=165): 0.000004
Jun 28 01:02:25 server racoon: algoakley_hmacdef_one(hmacsha1 size=1): 0.000004
Jun 28 01:02:25 server racoon: algoakley_hmacdef_one(hmacsha1 size=20): 0.000004
Jun 28 01:02:25 server racoon: phase1(ident R msg2): 0.005479
Jun 28 01:02:25 server racoon: algoakley_encdefdecrypt(3des klen=192 size=40): 0.000038
Jun 28 01:02:25 server racoon: algoakley_hmacdef_one(hmacsha1 size=488): 0.000011
Jun 28 01:02:25 server racoon: oakleyvalidateauth(pre-shared key): 0.000037
Jun 28 01:02:25 server racoon: algoakley_hmacdef_one(hmacsha1 size=488): 0.000006
Jun 28 01:02:25 server racoon: algoakley_encdefencrypt(3des klen=192 size=40): 0.000010
Jun 28 01:02:25 server racoon: phase1(ident R msg3): 0.000213
Jun 28 01:02:25 server racoon: phase1(Identity Protection): 0.061428
Jun 28 01:02:25 server racoon: algoakley_hmacdef_one(hmacsha1 size=32): 0.000004
Jun 28 01:02:25 server racoon: algoakley_encdefencrypt(3des klen=192 size=56): 0.000008
Jun 28 01:02:25 server racoon: algoakley_encdefdecrypt(3des klen=192 size=352): 0.000042
Jun 28 01:02:25 server racoon: algoakley_hmacdef_one(hmacsha1 size=328): 0.000009
Jun 28 01:02:25 server racoon: phase2(???): 0.000464
Jun 28 01:02:25 server racoon: algoakley_hmacdef_one(hmacsha1 size=188): 0.000005
Jun 28 01:02:25 server racoon: algoakley_encdefencrypt(3des klen=192 size=168): 0.000020
Jun 28 01:02:25 server racoon: phase2(quick R msg1): 0.000118
Jun 28 01:02:25 server racoon: algoakley_encdefdecrypt(3des klen=192 size=32): 0.000016
Jun 28 01:02:25 server racoon: algoakley_hmacdef_one(hmacsha1 size=69): 0.000011
Jun 28 01:02:25 server racoon: algoakley_hmacdef_one(hmacsha1 size=69): 0.000005
Jun 28 01:02:25 server racoon: algoakley_hmacdef_one(hmacsha1 size=89): 0.000005
Jun 28 01:02:25 server racoon: algoakley_hmacdef_one(hmacsha1 size=89): 0.000005
Jun 28 01:02:25 server racoon: algoakley_hmacdef_one(hmacsha1 size=69): 0.000005
Jun 28 01:02:25 server racoon: algoakley_hmacdef_one(hmacsha1 size=89): 0.000004
Jun 28 01:02:25 server racoon: algoakley_hmacdef_one(hmacsha1 size=89): 0.000004
Jun 28 01:02:25 server racoon: phase2(???): 0.000308
2017-06-28 01:03:00: INFO: deleting a generated policy.
Jun 28 01:03:00 server racoon: algoakley_encdefdecrypt(3des klen=192 size=48): 0.000017
2017-06-28 01:03:00: INFO: purged IPsec-SA proto_id=ESP spi=1845983402.
2017-06-28 01:03:00: ERROR: pfkey X_SPDDELETE failed: Invalid argument
2017-06-28 01:03:00: ERROR: pfkey X_SPDDELETE failed: Invalid argument
2017-06-28 01:03:00: INFO: ISAKMP-SA expired 85.113.221.175[4500]-2.93.3.213[4500] spi:b0b96f3c1a3b4eee:a9abecf27ba44a4c
2017-06-28 01:03:00: INFO: ISAKMP-SA deleted 85.113.221.175[4500]-2.93.3.213[4500] spi:b0b96f3c1a3b4eee:a9abecf27ba44a4c
Jun 28 01:03:00 server racoon: algoakley_hmacdef_one(hmacsha1 size=20): 0.000009
Jun 28 01:03:00 server racoon: algoakley_encdefdecrypt(3des klen=192 size=56): 0.000016
Jun 28 01:03:00 server racoon: algoakley_hmacdef_one(hmacsha1 size=32): 0.000007
Клиент не за натом:
2017-06-28 01:00:33: INFO: respond new phase 1 negotiation: 85.113.221.175[500]<=>176.9.63.209[500]
2017-06-28 01:00:33: INFO: begin Identity Protection mode.
2017-06-28 01:00:33: INFO: received broken Microsoft ID: MS NT5 ISAKMPOAKLEY
2017-06-28 01:00:33: INFO: received Vendor ID: RFC 3947
2017-06-28 01:00:33: INFO: received Vendor ID: draft-ietf-ipsec-nat-t-ike-02
2017-06-28 01:00:33: INFO: received Vendor ID: FRAGMENTATION
2017-06-28 01:00:33: [176.9.63.209] INFO: Selected NAT-T version: RFC 3947
2017-06-28 01:00:33: ERROR: invalid DН group 20.
2017-06-28 01:00:33: ERROR: invalid DН group 19.
Jun 28 01:00:33 server racoon: phase1(ident R msg1): 0.120704
2017-06-28 01:00:33: [85.113.221.175] INFO: Нashing 85.113.221.175[500] with algo #2
2017-06-28 01:00:33: INFO: NAT-D payload #0 verified
2017-06-28 01:00:33: [176.9.63.209] INFO: Нashing 176.9.63.209[500] with algo #2
2017-06-28 01:00:33: INFO: NAT-D payload #1 verified
2017-06-28 01:00:33: INFO: NAT not detected
Jun 28 01:00:33 server racoon: oakleydhgenerate(MODP1024): 0.002052
2017-06-28 01:00:33: [176.9.63.209] INFO: Нashing 176.9.63.209[500] with algo #2
2017-06-28 01:00:33: [85.113.221.175] INFO: Нashing 85.113.221.175[500] with algo #2
2017-06-28 01:00:33: INFO: Adding remote and local NAT-D payloads.
Jun 28 01:00:33 server racoon: oakleydhcompute(MODP1024): 0.001987
Jun 28 01:00:34 server racoon: algoakley_hmacdef_one(hmacsha1 size=64): 0.000016
Jun 28 01:00:34 server racoon: algoakley_hmacdef_one(hmacsha1 size=145): 0.000006
Jun 28 01:00:34 server racoon: algoakley_hmacdef_one(hmacsha1 size=165): 0.000007
Jun 28 01:00:34 server racoon: algoakley_hmacdef_one(hmacsha1 size=165): 0.000007
Jun 28 01:00:34 server racoon: algoakley_hmacdef_one(hmacsha1 size=1): 0.000005
Jun 28 01:00:34 server racoon: algoakley_hmacdef_one(hmacsha1 size=20): 0.000005
Jun 28 01:00:34 server racoon: phase1(ident R msg2): 0.153022
2017-06-28 01:00:34: INFO: ISAKMP-SA established 85.113.221.175[500]-176.9.63.209[500] spi:2cdd52a36f56a9d9:38c7b178f3ea9b74
Jun 28 01:00:34 server racoon: algoakley_encdefdecrypt(3des klen=192 size=40): 0.000015
Jun 28 01:00:34 server racoon: algoakley_hmacdef_one(hmacsha1 size=488): 0.000007
Jun 28 01:00:34 server racoon: oakleyvalidateauth(pre-shared key): 0.000022
Jun 28 01:00:34 server racoon: algoakley_hmacdef_one(hmacsha1 size=488): 0.000006
Jun 28 01:00:34 server racoon: algoakley_encdefencrypt(3des klen=192 size=40): 0.000007
Jun 28 01:00:34 server racoon: phase1(ident R msg3): 0.000157
Jun 28 01:00:34 server racoon: phase1(Identity Protection): 0.340594
2017-06-28 01:00:34: INFO: respond new phase 2 negotiation: 85.113.221.175[500]<=>176.9.63.209[500]
Jun 28 01:00:34 server racoon: algoakley_encdefdecrypt(3des klen=192 size=280): 0.000035
Jun 28 01:00:34 server racoon: algoakley_hmacdef_one(hmacsha1 size=252): 0.000009
2017-06-28 01:00:34: INFO: Update the generated policy : 176.9.63.209/32[1701] 85.113.221.175/32[1701] proto=udp dir=in
Jun 28 01:00:34 server racoon: phase2(???): 0.000495
2017-06-28 01:00:34: ERROR: pfkey UPDATE failed: No such process
2017-06-28 01:00:34: INFO: IPsec-SA established: ESP 85.113.221.175[500]->176.9.63.209[500] spi=3399688836(0xcaa32284)
Jun 28 01:00:34 server racoon: algoakley_hmacdef_one(hmacsha1 size=164): 0.000005
Jun 28 01:00:34 server racoon: algoakley_encdefencrypt(3des klen=192 size=144): 0.000020
Jun 28 01:00:34 server racoon: phase2(quick R msg1): 0.000164
Jun 28 01:00:34 server racoon: algoakley_encdefdecrypt(3des klen=192 size=32): 0.000014
Jun 28 01:00:34 server racoon: algoakley_hmacdef_one(hmacsha1 size=69): 0.000010
Jun 28 01:00:34 server racoon: algoakley_hmacdef_one(hmacsha1 size=69): 0.000004
Jun 28 01:00:34 server racoon: algoakley_hmacdef_one(hmacsha1 size=89): 0.000004
Jun 28 01:00:34 server racoon: algoakley_hmacdef_one(hmacsha1 size=89): 0.000005
Jun 28 01:00:34 server racoon: algoakley_hmacdef_one(hmacsha1 size=69): 0.000005
Jun 28 01:00:34 server racoon: algoakley_hmacdef_one(hmacsha1 size=89): 0.000005
Jun 28 01:00:34 server racoon: algoakley_hmacdef_one(hmacsha1 size=89): 0.000005
Jun 28 01:00:34 server racoon: phase2(???): 0.000295
2017-06-28 01:00:49: ERROR: 176.9.63.209 give up to get IPsec-SA due to time up to wait.
Jun 28 01:01:09 server racoon: algoakley_encdefdecrypt(3des klen=192 size=48): 0.000018
Jun 28 01:01:09 server racoon: algoakley_hmacdef_one(hmacsha1 size=20): 0.000007
2017-06-28 01:01:09: INFO: purged IPsec-SA proto_id=ESP spi=3399688836.
Jun 28 01:01:09 server racoon: algoakley_encdefdecrypt(3des klen=192 size=56): 0.000011
Jun 28 01:01:09 server racoon: algoakley_hmacdef_one(hmacsha1 size=32): 0.000006
2017-06-28 01:01:09: INFO: ISAKMP-SA expired 85.113.221.175[500]-176.9.63.209[500] spi:2cdd52a36f56a9d9:38c7b178f3ea9b74
2017-06-28 01:01:09: INFO: ISAKMP-SA deleted 85.113.221.175[500]-176.9.63.209[500] spi:2cdd52a36f56a9d9:38c7b178f3ea9b74
И так и так не пашет.
Bye, , 28 июня 17
--- FIPS/IP <build 01.14>
Нello All
Клиент за натом:
2017-06-28 01:02:14: INFO: @(#)ipsec-tools 0.8.2 (http://ipsec-tools.sourceforge.net)
2017-06-28 01:02:14: INFO: @(#)This product linked OpenSSL 1.0.2k-freebsd 26 Jan 2017 (http://www.openssl.org/)
2017-06-28 01:02:14: INFO: Reading configuration from "/usr/local/etc/racoon/racoon.conf"
2017-06-28 01:02:14: INFO: 85.113.221.175[4500] used for NAT-T
2017-06-28 01:02:14: INFO: 85.113.221.175[4500] used as isakmp port (fd=5)
2017-06-28 01:02:14: INFO: 85.113.221.175[500] used as isakmp port (fd=6)
2017-06-28 01:02:25: INFO: respond new phase 1 negotiation: 85.113.221.175[500]<=>2.93.3.213[500]
2017-06-28 01:02:25: INFO: begin Identity Protection mode.
2017-06-28 01:02:25: INFO: received broken Microsoft ID: MS NT5 ISAKMPOAKLEY
2017-06-28 01:02:25: INFO: received Vendor ID: RFC 3947
2017-06-28 01:02:25: INFO: received Vendor ID: draft-ietf-ipsec-nat-t-ike-02
2017-06-28 01:02:25: INFO: received Vendor ID: FRAGMENTATION
2017-06-28 01:02:25: [2.93.3.213] INFO: Selected NAT-T version: RFC 3947
2017-06-28 01:02:25: ERROR: invalid DН group 20.
2017-06-28 01:02:25: ERROR: invalid DН group 19.
2017-06-28 01:02:25: [85.113.221.175] INFO: Нashing 85.113.221.175[500] with algo #2
2017-06-28 01:02:25: INFO: NAT-D payload #0 verified
2017-06-28 01:02:25: [2.93.3.213] INFO: Нashing 2.93.3.213[500] with algo #2
2017-06-28 01:02:25: INFO: NAT-D payload #1 doesn't match
2017-06-28 01:02:25: INFO: NAT detected: PEER
2017-06-28 01:02:25: [2.93.3.213] INFO: Нashing 2.93.3.213[500] with algo #2
2017-06-28 01:02:25: [85.113.221.175] INFO: Нashing 85.113.221.175[500] with algo #2
2017-06-28 01:02:25: INFO: Adding remote and local NAT-D payloads.
2017-06-28 01:02:25: INFO: NAT-T: ports changed to: 2.93.3.213[4500]<->85.113.221.175[4500]
2017-06-28 01:02:25: INFO: ISAKMP-SA established 85.113.221.175[4500]-2.93.3.213[4500] spi:b0b96f3c1a3b4eee:a9abecf27ba44a4c
2017-06-28 01:02:25: INFO: respond new phase 2 negotiation: 85.113.221.175[4500]<=>2.93.3.213[4500]
2017-06-28 01:02:25: INFO: Update the generated policy : 2.93.3.213/32[1701] 85.113.221.175/32[1701] proto=udp dir=in
2017-06-28 01:02:25: INFO: Adjusting my encmode UDP-Transport->Transport
2017-06-28 01:02:25: INFO: Adjusting peer's encmode UDP-Transport(4)->Transport(2)
Jun 28 01:02:25 server racoon: phase1(ident R msg1): 0.000850
2017-06-28 01:02:25: ERROR: pfkey UPDATE failed: No such process
2017-06-28 01:02:25: INFO: IPsec-SA established: ESP 85.113.221.175[4500]->2.93.3.213[4500] spi=1845983402(0x6e0778aa)
Jun 28 01:02:25 server racoon: oakleydhgenerate(MODP1024): 0.002195
Jun 28 01:02:25 server racoon: oakleydhcompute(MODP1024): 0.002050
Jun 28 01:02:25 server racoon: algoakley_hmacdef_one(hmacsha1 size=64): 0.000014
Jun 28 01:02:25 server racoon: algoakley_hmacdef_one(hmacsha1 size=145): 0.000005
Jun 28 01:02:25 server racoon: algoakley_hmacdef_one(hmacsha1 size=165): 0.000005
Jun 28 01:02:25 server racoon: algoakley_hmacdef_one(hmacsha1 size=165): 0.000004
Jun 28 01:02:25 server racoon: algoakley_hmacdef_one(hmacsha1 size=1): 0.000004
Jun 28 01:02:25 server racoon: algoakley_hmacdef_one(hmacsha1 size=20): 0.000004
Jun 28 01:02:25 server racoon: phase1(ident R msg2): 0.005479
Jun 28 01:02:25 server racoon: algoakley_encdefdecrypt(3des klen=192 size=40): 0.000038
Jun 28 01:02:25 server racoon: algoakley_hmacdef_one(hmacsha1 size=488): 0.000011
Jun 28 01:02:25 server racoon: oakleyvalidateauth(pre-shared key): 0.000037
Jun 28 01:02:25 server racoon: algoakley_hmacdef_one(hmacsha1 size=488): 0.000006
Jun 28 01:02:25 server racoon: algoakley_encdefencrypt(3des klen=192 size=40): 0.000010
Jun 28 01:02:25 server racoon: phase1(ident R msg3): 0.000213
Jun 28 01:02:25 server racoon: phase1(Identity Protection): 0.061428
Jun 28 01:02:25 server racoon: algoakley_hmacdef_one(hmacsha1 size=32): 0.000004
Jun 28 01:02:25 server racoon: algoakley_encdefencrypt(3des klen=192 size=56): 0.000008
Jun 28 01:02:25 server racoon: algoakley_encdefdecrypt(3des klen=192 size=352): 0.000042
Jun 28 01:02:25 server racoon: algoakley_hmacdef_one(hmacsha1 size=328): 0.000009
Jun 28 01:02:25 server racoon: phase2(???): 0.000464
Jun 28 01:02:25 server racoon: algoakley_hmacdef_one(hmacsha1 size=188): 0.000005
Jun 28 01:02:25 server racoon: algoakley_encdefencrypt(3des klen=192 size=168): 0.000020
Jun 28 01:02:25 server racoon: phase2(quick R msg1): 0.000118
Jun 28 01:02:25 server racoon: algoakley_encdefdecrypt(3des klen=192 size=32): 0.000016
Jun 28 01:02:25 server racoon: algoakley_hmacdef_one(hmacsha1 size=69): 0.000011
Jun 28 01:02:25 server racoon: algoakley_hmacdef_one(hmacsha1 size=69): 0.000005
Jun 28 01:02:25 server racoon: algoakley_hmacdef_one(hmacsha1 size=89): 0.000005
Jun 28 01:02:25 server racoon: algoakley_hmacdef_one(hmacsha1 size=89): 0.000005
Jun 28 01:02:25 server racoon: algoakley_hmacdef_one(hmacsha1 size=69): 0.000005
Jun 28 01:02:25 server racoon: algoakley_hmacdef_one(hmacsha1 size=89): 0.000004
Jun 28 01:02:25 server racoon: algoakley_hmacdef_one(hmacsha1 size=89): 0.000004
Jun 28 01:02:25 server racoon: phase2(???): 0.000308
2017-06-28 01:03:00: INFO: deleting a generated policy.
Jun 28 01:03:00 server racoon: algoakley_encdefdecrypt(3des klen=192 size=48): 0.000017
2017-06-28 01:03:00: INFO: purged IPsec-SA proto_id=ESP spi=1845983402.
2017-06-28 01:03:00: ERROR: pfkey X_SPDDELETE failed: Invalid argument
2017-06-28 01:03:00: ERROR: pfkey X_SPDDELETE failed: Invalid argument
2017-06-28 01:03:00: INFO: ISAKMP-SA expired 85.113.221.175[4500]-2.93.3.213[4500] spi:b0b96f3c1a3b4eee:a9abecf27ba44a4c
2017-06-28 01:03:00: INFO: ISAKMP-SA deleted 85.113.221.175[4500]-2.93.3.213[4500] spi:b0b96f3c1a3b4eee:a9abecf27ba44a4c
Jun 28 01:03:00 server racoon: algoakley_hmacdef_one(hmacsha1 size=20): 0.000009
Jun 28 01:03:00 server racoon: algoakley_encdefdecrypt(3des klen=192 size=56): 0.000016
Jun 28 01:03:00 server racoon: algoakley_hmacdef_one(hmacsha1 size=32): 0.000007
Клиент не за натом:
2017-06-28 01:00:33: INFO: respond new phase 1 negotiation: 85.113.221.175[500]<=>176.9.63.209[500]
2017-06-28 01:00:33: INFO: begin Identity Protection mode.
2017-06-28 01:00:33: INFO: received broken Microsoft ID: MS NT5 ISAKMPOAKLEY
2017-06-28 01:00:33: INFO: received Vendor ID: RFC 3947
2017-06-28 01:00:33: INFO: received Vendor ID: draft-ietf-ipsec-nat-t-ike-02
2017-06-28 01:00:33: INFO: received Vendor ID: FRAGMENTATION
2017-06-28 01:00:33: [176.9.63.209] INFO: Selected NAT-T version: RFC 3947
2017-06-28 01:00:33: ERROR: invalid DН group 20.
2017-06-28 01:00:33: ERROR: invalid DН group 19.
Jun 28 01:00:33 server racoon: phase1(ident R msg1): 0.120704
2017-06-28 01:00:33: [85.113.221.175] INFO: Нashing 85.113.221.175[500] with algo #2
2017-06-28 01:00:33: INFO: NAT-D payload #0 verified
2017-06-28 01:00:33: [176.9.63.209] INFO: Нashing 176.9.63.209[500] with algo #2
2017-06-28 01:00:33: INFO: NAT-D payload #1 verified
2017-06-28 01:00:33: INFO: NAT not detected
Jun 28 01:00:33 server racoon: oakleydhgenerate(MODP1024): 0.002052
2017-06-28 01:00:33: [176.9.63.209] INFO: Нashing 176.9.63.209[500] with algo #2
2017-06-28 01:00:33: [85.113.221.175] INFO: Нashing 85.113.221.175[500] with algo #2
2017-06-28 01:00:33: INFO: Adding remote and local NAT-D payloads.
Jun 28 01:00:33 server racoon: oakleydhcompute(MODP1024): 0.001987
Jun 28 01:00:34 server racoon: algoakley_hmacdef_one(hmacsha1 size=64): 0.000016
Jun 28 01:00:34 server racoon: algoakley_hmacdef_one(hmacsha1 size=145): 0.000006
Jun 28 01:00:34 server racoon: algoakley_hmacdef_one(hmacsha1 size=165): 0.000007
Jun 28 01:00:34 server racoon: algoakley_hmacdef_one(hmacsha1 size=165): 0.000007
Jun 28 01:00:34 server racoon: algoakley_hmacdef_one(hmacsha1 size=1): 0.000005
Jun 28 01:00:34 server racoon: algoakley_hmacdef_one(hmacsha1 size=20): 0.000005
Jun 28 01:00:34 server racoon: phase1(ident R msg2): 0.153022
2017-06-28 01:00:34: INFO: ISAKMP-SA established 85.113.221.175[500]-176.9.63.209[500] spi:2cdd52a36f56a9d9:38c7b178f3ea9b74
Jun 28 01:00:34 server racoon: algoakley_encdefdecrypt(3des klen=192 size=40): 0.000015
Jun 28 01:00:34 server racoon: algoakley_hmacdef_one(hmacsha1 size=488): 0.000007
Jun 28 01:00:34 server racoon: oakleyvalidateauth(pre-shared key): 0.000022
Jun 28 01:00:34 server racoon: algoakley_hmacdef_one(hmacsha1 size=488): 0.000006
Jun 28 01:00:34 server racoon: algoakley_encdefencrypt(3des klen=192 size=40): 0.000007
Jun 28 01:00:34 server racoon: phase1(ident R msg3): 0.000157
Jun 28 01:00:34 server racoon: phase1(Identity Protection): 0.340594
2017-06-28 01:00:34: INFO: respond new phase 2 negotiation: 85.113.221.175[500]<=>176.9.63.209[500]
Jun 28 01:00:34 server racoon: algoakley_encdefdecrypt(3des klen=192 size=280): 0.000035
Jun 28 01:00:34 server racoon: algoakley_hmacdef_one(hmacsha1 size=252): 0.000009
2017-06-28 01:00:34: INFO: Update the generated policy : 176.9.63.209/32[1701] 85.113.221.175/32[1701] proto=udp dir=in
Jun 28 01:00:34 server racoon: phase2(???): 0.000495
2017-06-28 01:00:34: ERROR: pfkey UPDATE failed: No such process
2017-06-28 01:00:34: INFO: IPsec-SA established: ESP 85.113.221.175[500]->176.9.63.209[500] spi=3399688836(0xcaa32284)
Jun 28 01:00:34 server racoon: algoakley_hmacdef_one(hmacsha1 size=164): 0.000005
Jun 28 01:00:34 server racoon: algoakley_encdefencrypt(3des klen=192 size=144): 0.000020
Jun 28 01:00:34 server racoon: phase2(quick R msg1): 0.000164
Jun 28 01:00:34 server racoon: algoakley_encdefdecrypt(3des klen=192 size=32): 0.000014
Jun 28 01:00:34 server racoon: algoakley_hmacdef_one(hmacsha1 size=69): 0.000010
Jun 28 01:00:34 server racoon: algoakley_hmacdef_one(hmacsha1 size=69): 0.000004
Jun 28 01:00:34 server racoon: algoakley_hmacdef_one(hmacsha1 size=89): 0.000004
Jun 28 01:00:34 server racoon: algoakley_hmacdef_one(hmacsha1 size=89): 0.000005
Jun 28 01:00:34 server racoon: algoakley_hmacdef_one(hmacsha1 size=69): 0.000005
Jun 28 01:00:34 server racoon: algoakley_hmacdef_one(hmacsha1 size=89): 0.000005
Jun 28 01:00:34 server racoon: algoakley_hmacdef_one(hmacsha1 size=89): 0.000005
Jun 28 01:00:34 server racoon: phase2(???): 0.000295
2017-06-28 01:00:49: ERROR: 176.9.63.209 give up to get IPsec-SA due to time up to wait.
Jun 28 01:01:09 server racoon: algoakley_encdefdecrypt(3des klen=192 size=48): 0.000018
Jun 28 01:01:09 server racoon: algoakley_hmacdef_one(hmacsha1 size=20): 0.000007
2017-06-28 01:01:09: INFO: purged IPsec-SA proto_id=ESP spi=3399688836.
Jun 28 01:01:09 server racoon: algoakley_encdefdecrypt(3des klen=192 size=56): 0.000011
Jun 28 01:01:09 server racoon: algoakley_hmacdef_one(hmacsha1 size=32): 0.000006
2017-06-28 01:01:09: INFO: ISAKMP-SA expired 85.113.221.175[500]-176.9.63.209[500] spi:2cdd52a36f56a9d9:38c7b178f3ea9b74
2017-06-28 01:01:09: INFO: ISAKMP-SA deleted 85.113.221.175[500]-176.9.63.209[500] spi:2cdd52a36f56a9d9:38c7b178f3ea9b74
И так и так не пашет.
Bye, , 28 июня 17
--- FIPS/IP <build 01.14>