Welcome to ISAserver.org

Forums | Register | Login | My Profile | Inbox | RSS RSS icon | My Subscription | My Forums | Address Book | Member List | Search | FAQ | Ticket List | Log Out

RE: S2S VPN: why is a new QM SA negotiated every 5 minutes ?

Users viewing this topic: none

Logged in as: Guest
  Printable Version
All Forums >> [ISA Server 2004 Firewall] >> VPN >> RE: S2S VPN: why is a new QM SA negotiated every 5 minutes ? Page: <<   < prev  1 [2] 3   next >   >>
Login
Message << Older Topic   Newer Topic >>
RE: S2S VPN: why is a new QM SA negotiated every 5 minu... - 2.Mar.2006 3:37:43 PM   
onovotny

 

Posts: 14
Joined: 17.Feb.2006
Status: offline 		Update -- I just got an email from PSS saying that the hotfix above does fix an issue with IPSec but not this particular issue (something with NAT-T), but will be in SP2 anyawy. 

It appears that they're not yet planning to release the fix for the QM SA IdleTime bug.  If you call PSS, it's referenced only by an internal bug number, 173396. 

Maybe if more ppl call in about this and scream loudly, they'll package this up for release?

< Message edited by onovotny -- 2.Mar.2006 7:59:54 PM >

(in reply to onovotny)
Post #: 21
RE: S2S VPN: why is a new QM SA negotiated every 5 minu... - 2.Mar.2006 4:03:28 PM   
bas

 

Posts: 89
Joined: 14.Sep.2001
From: The Netherlands
Status: offline 		We tested the "fix" and it actually doesn't fix it, w're thinking of opening another case with another company just to keep the pressure on

(in reply to onovotny)
Post #: 22
RE: S2S VPN: why is a new QM SA negotiated every 5 minu... - 6.Mar.2006 7:53:52 PM   
spouseele

 

Posts: 12782
Joined: 1.Jun.2001
From: Belgium
Status: offline 		Hey guys,

the fix I got was an updated 'ipsec.sys' driver (version 5.2.3790.2588) for Windows 2003 SP1 and definitely solved the QM SA IdleTime problem.
 
HTH,
Stefaan
 

(in reply to bas)
Post #: 23
RE: S2S VPN: why is a new QM SA negotiated every 5 minu... - 6.Mar.2006 8:06:31 PM   
bas

 

Posts: 89
Joined: 14.Sep.2001
From: The Netherlands
Status: offline
quote:


the fix I got was an updated 'ipsec.sys' driver (version 5.2.3790.2588) for Windows 2003 SP1 and definitely solved the QM SA IdleTime problem. 

Funny, or actually not, I extracted both fixes I received but they both did not contain any ipsec.sys driver. The system is still running on the 2003_sp1 ipsec.sys driver.

Do you have the KB_article_number the fix is named after ?

(in reply to spouseele)
Post #: 24
RE: S2S VPN: why is a new QM SA negotiated every 5 minu... - 6.Mar.2006 8:18:58 PM   
spouseele

 

Posts: 12782
Joined: 1.Jun.2001
From: Belgium
Status: offline 		Hi Bas,

nope, neither a KB nor bug number. The issue is known as 'QM SA IdleTime problem'. Because it is a bug introduced by Windows 2003 SP1 you should never be charged for it by PSS. But I think you will have to scream very loud to get that private fix.
 
BTW --- The incident I logged was handled by PSS EMEA.
 
HTH,
Stefaan

(in reply to bas)
Post #: 25
RE: S2S VPN: why is a new QM SA negotiated every 5 minu... - 5.Apr.2006 5:43:14 PM   
tshinder

 

Posts: 47490
Joined: 10.Jan.2001
From: Texas
Status: offline 		Hey guys,

Great thread!
Thanks!
Tom

_____________________________

Thomas W Shinder, M.D.
Sr. Consultant/Technical Writer
Prowess Consulting http://www.prowessconsulting.com/
Blog: http://blogs.isaserver.org/shinder/

GET THE NEW ISA 2006 Book!: http://tinyurl.com/2gpoo8

(in reply to onovotny)
Post #: 26
RE: S2S VPN: why is a new QM SA negotiated every 5 minu... - 3.May2006 5:32:31 PM   
Mark78

 

Posts: 17
Joined: 14.Feb.2006
Status: offline 		A bit confused...  I requested the hotfix number in the thread (912213?), but I see no fles in it relating to IPsec and obviously cannot read the KB.  From the sounds of the thread though this isn't actually the hotfix I want?

(in reply to onovotny)
Post #: 27
RE: S2S VPN: why is a new QM SA negotiated every 5 minu... - 3.May2006 6:15:09 PM   
ClintD

 

Posts: 1833
Joined: 26.Jan.2001
From: Keller, TX
Status: offline 		What file is in the hotfix? It may be packaged incorrectly.

(in reply to Mark78)
Post #: 28
RE: S2S VPN: why is a new QM SA negotiated every 5 minu... - 3.May2006 7:05:01 PM   
Mark78

 

Posts: 17
Joined: 14.Feb.2006
Status: offline 		Theres a bunch of small files named _sfx_001._p - 010._p, a sfx_.dll and manifest file.  In the update folder there is update.ver, which when opened with notepad does say its ipsec.sys.

update.ver cotains:
sp1qfe\ipsec.sys=DDA55A568D4F06F4626F581E9392C135,000500020ECE0A3B,82432,SP1QFE,73393F48

The bug ID internal to MS says it fixes an issue with VPN clients and L2TP, but seeing as its a newer ipsec.sys we may give it a try for our issue anyways.

Also the hotfix doesn't have the typical symbols and ENU paths within it.  

WindowsServer2003-KB912213-x86-ENU is the hotfix package so I assume thats the one!   Just that the last reply about there being no KB or bug number associated with it threw me off, maybe that is just for EMEA customers...

(in reply to ClintD)
Post #: 29
RE: S2S VPN: why is a new QM SA negotiated every 5 minu... - 3.May2006 7:05:24 PM   
Mark78

 

Posts: 17
Joined: 14.Feb.2006
Status: offline 		Last question - Anyone know if this requires a full reboot, or if restarting the policyagent is enough?

(in reply to Mark78)
Post #: 30
RE: S2S VPN: why is a new QM SA negotiated every 5 minu... - 3.May2006 8:34:09 PM   
spouseele

 

Posts: 12782
Joined: 1.Jun.2001
From: Belgium
Status: offline 		Hi Mark78,

as far as I know the private fix (a new  'ipsec.sys' driver) will only be incorporated in Win2003 SP2. So, if PSS is not willing to give you the private fix you'll have to implement the following workaround to mitigate the problem:

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\IPSec
Value name: SAIdleTime
Data Type: REG_DWORD
Value data: default=300
Set to 3600 seconds

BTW --- the same workaround is advised for the error FWX_E_FWE_SPOOFING_PACKET_DROPPED during the QM SA renegotiation.

HTH,
Stefaan

(in reply to Mark78)
Post #: 31
RE: S2S VPN: why is a new QM SA negotiated every 5 minu... - 6.May2006 12:32:25 AM   
murpy

 

Posts: 43
Joined: 4.Mar.2006
Status: offline 		Very informational thread thanks so much for posting.
 
As far as this:
 
Set to 3600 seconds

does this correspond at all to my ipsec phase 1 or phas 2 settings.  Right now I have setup a tunnel to a Sonicwall through an edge router with SA lifetime settings for phase 1 and phase 2 set at 28800.  SO I have 4 setiings (two at each end) of 28800.  Can someon confirm that I leave these settings alone?


tia

quote:

ORIGINAL: spouseele

Hi Mark78,

as far as I know the private fix (a new  'ipsec.sys' driver) will only be incorporated in Win2003 SP2. So, if PSS is not willing to give you the private fix you'll have to implement the following workaround to mitigate the problem:


HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\IPSec
Value name: SAIdleTime
Data Type: REG_DWORD
Value data: default=300
Set to 3600 seconds

BTW --- the same workaround is advised for the error FWX_E_FWE_SPOOFING_PACKET_DROPPED during the QM SA renegotiation.

HTH,
Stefaan

(in reply to spouseele)
Post #: 32
RE: S2S VPN: why is a new QM SA negotiated every 5 minu... - 6.May2006 12:43:57 AM   
ClintD

 

Posts: 1833
Joined: 26.Jan.2001
From: Keller, TX
Status: offline 		That's for Phase 2 - a 1 hour rekey for Main Mode would be a pretty intensive operation over time.

If you change it on one side, when the negotiations take place, the node with the lower setting will let other node know that it has to back down on this setting - at least, this is how Windows and Cisco function (from personal experience) - Sonicwall will probably function that way as well, but I don't know for sure.

< Message edited by ClintD -- 6.May2006 12:46:48 AM >

(in reply to murpy)
Post #: 33
RE: S2S VPN: why is a new QM SA negotiated every 5 minu... - 6.May2006 2:48:45 AM   
murpy

 

Posts: 43
Joined: 4.Mar.2006
Status: offline 		So you would rcomend changing the phase 2 settings on the Sonicwall then .


BTW Clint what do you do now?  I know about your past life, lol...



(in reply to ClintD)
Post #: 34
RE: S2S VPN: why is a new QM SA negotiated every 5 minu... - 6.May2006 3:02:46 AM   
murpy

 

Posts: 43
Joined: 4.Mar.2006
Status: offline 		 


So for the FWX_E_FWE_SPOOFING_PACKET_DROPPED  fix is that a different registry setting?


quote:

ORIGINAL: spouseele

Hi Mark78,

as far as I know the private fix (a new  'ipsec.sys' driver) will only be incorporated in Win2003 SP2. So, if PSS is not willing to give you the private fix you'll have to implement the following workaround to mitigate the problem:


HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\IPSec
Value name: SAIdleTime
Data Type: REG_DWORD
Value data: default=300
Set to 3600 seconds

BTW --- the same workaround is advised for the error FWX_E_FWE_SPOOFING_PACKET_DROPPED during the QM SA renegotiation.

HTH,
Stefaan

(in reply to spouseele)
Post #: 35
RE: S2S VPN: why is a new QM SA negotiated every 5 minu... - 6.May2006 3:08:55 AM   
ClintD

 

Posts: 1833
Joined: 26.Jan.2001
From: Keller, TX
Status: offline 		Technically, you shouldn't have to, but if you have the time to test it both ways, it'd be interesting to see if Sonicwall behaves the same as Windows and Cisco.

Nowadays, I work at PepsiCo in the Pepsi / Frito Lay / Quaker / Tropicana datacenter. I work on the web hosting side of the house - Check Point, f5 Load Balancers, ISA 2004, Apache, IIS, etc, hosting business applications, and teaching app developers how HTTP really works. :P That's pretty disconcerting considering I'm not a pro at HTTP by any stretch.

<I drink Diet Dr Pepper though - shhhh!!!! Pepsi is entirely too serious about this...>

(in reply to murpy)
Post #: 36
RE: S2S VPN: why is a new QM SA negotiated every 5 minu... - 6.May2006 9:28:56 AM   
murpy

 

Posts: 43
Joined: 4.Mar.2006
Status: offline 		Well I installed the public patch that wa sposted earlier and implemented the registry change to the exact registry specified earlier (Note I am using ISA server 2003 though is this ok?)  And I still have reliablility problems with my tunnel.  This is getting frustrating. 

Here are my logs *sigh*



11:54:45 Start Link on SWall
11:56 something happened automatically
       10.x subnet up
1158 :?? ISA reports ike client closed connection
          SWall still indicated tunnel 10.x active
12:00:48 ISA indicates ike client initiated
connection
12:02 SA reports ike client closed connection
SW still indicated tunnel 10.x active
12:04:30 Manuall ping from swall client to 10.0.0.2
12:06 add ping from server
12:08 remove all pings tear down swall link restart swall and start ping from server

(in reply to onovotny)
Post #: 37
RE: S2S VPN: why is a new QM SA negotiated every 5 minu... - 6.May2006 9:30:11 AM   
murpy

 

Posts: 43
Joined: 4.Mar.2006
Status: offline 		5-05: 23:55:55:359:1504
5-05: 23:55:55:359:1504 Receive: (get) SA = 0x00000000 from 70.71.242.162.500
5-05: 23:55:55:359:1504 ISAKMP Header: (V1.0), len = 80
5-05: 23:55:55:359:1504   I-COOKIE e2086415b1e8c505
5-05: 23:55:55:359:1504   R-COOKIE 0000000000000000
5-05: 23:55:55:359:1504   exchange: Oakley Main Mode
5-05: 23:55:55:359:1504   flags: 0
5-05: 23:55:55:359:1504   next payload: SA
5-05: 23:55:55:359:1504   message ID: 00000000
5-05: 23:55:55:359:1504 Filter to match: Src 70.71.242.162 Dst 192.168.104.2
5-05: 23:55:55:359:1504 MM PolicyName: ISA Server bent MM Policy
5-05: 23:55:55:359:1504 MMPolicy dwFlags 0 SoftSAExpireTime 28800
5-05: 23:55:55:359:1504 MMOffer[0] LifetimeSec 28800 QMLimit 0 DHGroup 2
5-05: 23:55:55:359:1504 MMOffer[0] Encrypt: Triple DES CBC Hash: SHA
5-05: 23:55:55:359:1504 Auth[0]:PresharedKey KeyLen 30
5-05: 23:55:55:359:1504 Responding with new SA 3550c98
5-05: 23:55:55:359:1504 processing payload SA
5-05: 23:55:55:359:1504 Received Phase 1 Transform 1
5-05: 23:55:55:359:1504      Encryption Alg Triple DES CBC(5)
5-05: 23:55:55:359:1504      Hash Alg SHA(2)
5-05: 23:55:55:359:1504      Oakley Group 2
5-05: 23:55:55:359:1504      Auth Method Preshared Key(1)
5-05: 23:55:55:359:1504      Life type in Seconds
5-05: 23:55:55:359:1504      Life duration of 28800
5-05: 23:55:55:359:1504 Phase 1 SA accepted: transform=1
5-05: 23:55:55:359:1504 SA - Oakley proposal accepted
5-05: 23:55:55:359:1504 ClearFragList
5-05: 23:55:55:359:1504 constructing ISAKMP Header
5-05: 23:55:55:359:1504 constructing SA (ISAKMP)
5-05: 23:55:55:359:1504 Constructing Vendor MS NT5 ISAKMPOAKLEY
5-05: 23:55:55:359:1504 Constructing Vendor FRAGMENTATION
5-05: 23:55:55:359:1504 Constructing Vendor draft-ietf-ipsec-nat-t-ike-02
5-05: 23:55:55:359:1504
5-05: 23:55:55:359:1504 Sending: SA = 0x03550C98 to 70.71.242.162:Type 2.500
5-05: 23:55:55:359:1504 ISAKMP Header: (V1.0), len = 148
5-05: 23:55:55:359:1504   I-COOKIE e2086415b1e8c505
5-05: 23:55:55:359:1504   R-COOKIE 9727e2b0eab2c34b
5-05: 23:55:55:359:1504   exchange: Oakley Main Mode
5-05: 23:55:55:359:1504   flags: 0
5-05: 23:55:55:359:1504   next payload: SA
5-05: 23:55:55:359:1504   message ID: 00000000
5-05: 23:55:55:359:1504 Ports S:f401 D:f401
5-05: 23:55:55:468:1504
5-05: 23:55:55:468:1504 Receive: (get) SA = 0x03550c98 from 70.71.242.162.500
5-05: 23:55:55:468:1504 ISAKMP Header: (V1.0), len = 220
5-05: 23:55:55:468:1504   I-COOKIE e2086415b1e8c505
5-05: 23:55:55:468:1504   R-COOKIE 9727e2b0eab2c34b
5-05: 23:55:55:468:1504   exchange: Oakley Main Mode
5-05: 23:55:55:468:1504   flags: 0
5-05: 23:55:55:468:1504   next payload: KE
5-05: 23:55:55:468:1504   message ID: 00000000
5-05: 23:55:55:468:1504 processing payload KE
5-05: 23:55:55:500:1504 processing payload NONCE
5-05: 23:55:55:500:1504 processing payload VENDOR ID
5-05: 23:55:55:500:1504 processing payload VENDOR ID
5-05: 23:55:55:500:1504 processing payload VENDOR ID
5-05: 23:55:55:500:1504 ClearFragList
5-05: 23:55:55:500:1504 constructing ISAKMP Header
5-05: 23:55:55:500:1504 constructing KE
5-05: 23:55:55:500:1504 constructing NONCE (ISAKMP)
5-05: 23:55:55:500:1504
5-05: 23:55:55:500:1504 Sending: SA = 0x03550C98 to 70.71.242.162:Type 2.500
5-05: 23:55:55:500:1504 ISAKMP Header: (V1.0), len = 184
5-05: 23:55:55:500:1504   I-COOKIE e2086415b1e8c505
5-05: 23:55:55:500:1504   R-COOKIE 9727e2b0eab2c34b
5-05: 23:55:55:500:1504   exchange: Oakley Main Mode
5-05: 23:55:55:500:1504   flags: 0
5-05: 23:55:55:500:1504   next payload: KE
5-05: 23:55:55:500:1504   message ID: 00000000
5-05: 23:55:55:500:1504 Ports S:f401 D:f401
5-05: 23:55:55:609:1504
5-05: 23:55:55:609:1504 Receive: (get) SA = 0x03550c98 from 70.71.242.162.500
5-05: 23:55:55:609:1504 ISAKMP Header: (V1.0), len = 68
5-05: 23:55:55:609:1504   I-COOKIE e2086415b1e8c505
5-05: 23:55:55:609:1504   R-COOKIE 9727e2b0eab2c34b
5-05: 23:55:55:609:1504   exchange: Oakley Main Mode
5-05: 23:55:55:609:1504   flags: 1 ( encrypted )
5-05: 23:55:55:609:1504   next payload: ID
5-05: 23:55:55:609:1504   message ID: 00000000
5-05: 23:55:55:625:1504 processing payload ID
5-05: 23:55:55:625:1504 processing payload HASH
5-05: 23:55:55:625:1504 AUTH: Phase I authentication accepted
5-05: 23:55:55:625:1504 ClearFragList
5-05: 23:55:55:625:1504 constructing ISAKMP Header
5-05: 23:55:55:625:1504 constructing ID
5-05: 23:55:55:625:1504 MM ID Type 1
5-05: 23:55:55:625:1504 MM ID c0a86802
5-05: 23:55:55:625:1504 constructing HASH
5-05: 23:55:55:625:1504 MM established.  SA: 03550C98
5-05: 23:55:55:625:1504
5-05: 23:55:55:625:1504 Sending: SA = 0x03550C98 to 70.71.242.162:Type 2.500
5-05: 23:55:55:625:1504 ISAKMP Header: (V1.0), len = 68
5-05: 23:55:55:625:1504   I-COOKIE e2086415b1e8c505
5-05: 23:55:55:625:1504   R-COOKIE 9727e2b0eab2c34b
5-05: 23:55:55:625:1504   exchange: Oakley Main Mode
5-05: 23:55:55:625:1504   flags: 1 ( encrypted )
5-05: 23:55:55:625:1504   next payload: ID
5-05: 23:55:55:625:1504   message ID: 00000000
5-05: 23:55:55:625:1504 Ports S:f401 D:f401
5-05: 23:55:55:734:1504
5-05: 23:55:55:734:1504 Receive: (get) SA = 0x03550c98 from 70.71.242.162.500
5-05: 23:55:55:734:1504 ISAKMP Header: (V1.0), len = 300
5-05: 23:55:55:734:1504   I-COOKIE e2086415b1e8c505
5-05: 23:55:55:734:1504   R-COOKIE 9727e2b0eab2c34b
5-05: 23:55:55:734:1504   exchange: Oakley Quick Mode
5-05: 23:55:55:734:1504   flags: 1 ( encrypted )
5-05: 23:55:55:734:1504   next payload: HASH
5-05: 23:55:55:734:1504   message ID: ccbbd60f
5-05: 23:55:55:734:1504 processing HASH (QM)
5-05: 23:55:55:734:1504 ClearFragList
5-05: 23:55:55:734:1504 processing payload NONCE
5-05: 23:55:55:734:1504 processing payload KE
5-05: 23:55:55:734:1504 Quick Mode KE processed; Saved KE data
5-05: 23:55:55:734:1504 processing payload ID
5-05: 23:55:55:734:1504 processing payload ID
5-05: 23:55:55:734:1504 processing payload SA
5-05: 23:55:55:734:1504 Negotiated Proxy ID: Src 10.0.1.0.0 Dst 10.0.0.0.0
5-05: 23:55:55:734:1504 Src id for subnet.  Mask 255.255.255.0
5-05: 23:55:55:734:1504 Dst id for subnet.  Mask 255.255.255.0
5-05: 23:55:55:734:1504 Checking Proposal 1: Proto= ESP(3), num trans=1 Next=0
5-05: 23:55:55:734:1504 Checking Transform # 1: ID=Triple DES CBC(3)
5-05: 23:55:55:734:1504  SA life type in seconds
5-05: 23:55:55:734:1504  SA life duration 28800
5-05: 23:55:55:734:1504  group description for PFS is 2
5-05: 23:55:55:734:1504  tunnel mode is Tunnel Mode(1)
5-05: 23:55:55:734:1504  HMAC algorithm is SHA(2)
5-05: 23:55:55:734:1504 Finding Responder Policy for SRC=10.0.1.0.0000 DST=10.0.0.0.0000, SRCMask=255.255.255.0, DSTMask=255.255.255.0, Prot=0 InTunnelEndpt 268a8c0 OutTunnelEndpt a2f24746
5-05: 23:55:55:734:1504 QM PolicyName: ISA Server bent QM Policy dwFlags 0
5-05: 23:55:55:734:1504 QMOffer[0] LifetimeKBytes 0 LifetimeSec 28800
5-05: 23:55:55:734:1504 QMOffer[0] dwFlags 0 dwPFSGroup 2
5-05: 23:55:55:734:1504  Algo[0] Operation: ESP Algo: Triple DES CBC HMAC: SHA
5-05: 23:55:55:734:1504 Phase 2 SA accepted: proposal=1 transform=1
5-05: 23:55:55:734:1504 GetSpi: src = 10.0.1.0.0000, dst = 10.0.0.0.0000, proto = 00, context = 00000000, srcMask = 255.255.255.0, destMask = 255.255.255.0, TunnelFilter 1
5-05: 23:55:55:734:1504 Setting SPI  873403344
5-05: 23:55:55:781:1504 constructing ISAKMP Header
5-05: 23:55:55:781:1504 constructing HASH (null)
5-05: 23:55:55:781:1504 constructing SA (IPSEC)
5-05: 23:55:55:781:1504 constructing QM KE
5-05: 23:55:55:781:1504 constructing NONCE (IPSEC)
5-05: 23:55:55:781:1504 constructing ID (proxy)
5-05: 23:55:55:781:1504 constructing ID (proxy)
5-05: 23:55:55:781:1504 constructing HASH (QM)
5-05: 23:55:55:781:1504
5-05: 23:55:55:781:1504 Sending: SA = 0x03550C98 to 70.71.242.162:Type 2.500
5-05: 23:55:55:781:1504 ISAKMP Header: (V1.0), len = 300
5-05: 23:55:55:781:1504   I-COOKIE e2086415b1e8c505
5-05: 23:55:55:781:1504   R-COOKIE 9727e2b0eab2c34b
5-05: 23:55:55:781:1504   exchange: Oakley Quick Mode
5-05: 23:55:55:781:1504   flags: 3 ( encrypted commit )
5-05: 23:55:55:781:1504   next payload: HASH
5-05: 23:55:55:781:1504   message ID: ccbbd60f
5-05: 23:55:55:781:1504 Ports S:f401 D:f401
5-05: 23:55:55:890:1504
5-05: 23:55:55:890:1504 Receive: (get) SA = 0x03550c98 from 70.71.242.162.500
5-05: 23:55:55:890:1504 ISAKMP Header: (V1.0), len = 60
5-05: 23:55:55:890:1504   I-COOKIE e2086415b1e8c505
5-05: 23:55:55:890:1504   R-COOKIE 9727e2b0eab2c34b
5-05: 23:55:55:890:1504   exchange: Oakley Quick Mode
5-05: 23:55:55:890:1504   flags: 1 ( encrypted )
5-05: 23:55:55:890:1504   next payload: HASH
5-05: 23:55:55:890:1504   message ID: ccbbd60f
5-05: 23:55:55:890:1504 processing HASH (QM)
5-05: 23:55:55:890:1504 ClearFragList
5-05: 23:55:55:890:1504 Adding QMs: src = 10.0.0.0.0000, dst = 10.0.1.0.0000, proto = 00, context = 00000006, my tunnel = 192.168.104.2, peer tunnel = 70.71.242.162, SrcMask = 255.255.255.0, DestMask = 255.255.255.0 Lifetime = 28800 LifetimeKBytes 100000 dwFlags 1 Direction 1 EncapType 1
5-05: 23:55:55:890:1504  Algo[0] Operation: ESP Algo: Triple DES CBC HMAC: SHA
5-05: 23:55:55:890:1504  Algo[0] MySpi: 873403344 PeerSpi: 1922936232
5-05: 23:55:55:890:1504 Encap Ports Src 500 Dst 500
5-05: 23:55:55:890:1504 isadb_set_status sa:03550C98 centry:000EC558 status 0
5-05: 23:55:55:890:1504 Constructing Commit Notify
5-05: 23:55:55:890:1504 constructing ISAKMP Header
5-05: 23:55:55:890:1504 constructing HASH (null)
5-05: 23:55:55:890:1504 constructing NOTIFY 16384
5-05: 23:55:55:890:1504 constructing HASH (QM)
5-05: 23:55:55:890:1504
5-05: 23:55:55:890:1504 Sending: SA = 0x03550C98 to 70.71.242.162:Type 4.500
5-05: 23:55:55:890:1504 ISAKMP Header: (V1.0), len = 76
5-05: 23:55:55:890:1504   I-COOKIE e2086415b1e8c505
5-05: 23:55:55:890:1504   R-COOKIE 9727e2b0eab2c34b
5-05: 23:55:55:890:1504   exchange: Oakley Quick Mode
5-05: 23:55:55:890:1504   flags: 3 ( encrypted commit )
5-05: 23:55:55:890:1504   next payload: HASH
5-05: 23:55:55:890:1504   message ID: ccbbd60f
5-05: 23:55:55:890:1504 Ports S:f401 D:f401
5-05: 23:56:46:296:1504
5-05: 23:56:46:296:1504 Receive: (get) SA = 0x03550c98 from 70.71.242.162.500
5-05: 23:56:46:296:1504 ISAKMP Header: (V1.0), len = 300
5-05: 23:56:46:296:1504   I-COOKIE e2086415b1e8c505
5-05: 23:56:46:296:1504   R-COOKIE 9727e2b0eab2c34b
5-05: 23:56:46:296:1504   exchange: Oakley Quick Mode
5-05: 23:56:46:296:1504   flags: 1 ( encrypted )
5-05: 23:56:46:296:1504   next payload: HASH
5-05: 23:56:46:296:1504   message ID: aac4b66a
5-05: 23:56:46:296:1504 processing HASH (QM)
5-05: 23:56:46:296:1504 ClearFragList
5-05: 23:56:46:296:1504 processing payload NONCE
5-05: 23:56:46:296:1504 processing payload KE
5-05: 23:56:46:296:1504 Quick Mode KE processed; Saved KE data
5-05: 23:56:46:296:1504 processing payload ID
5-05: 23:56:46:296:1504 processing payload ID
5-05: 23:56:46:296:1504 processing payload SA
5-05: 23:56:46:296:1504 Negotiated Proxy ID: Src 10.0.1.0.0 Dst 192.168.104.0.0
5-05: 23:56:46:296:1504 Src id for subnet.  Mask 255.255.255.0
5-05: 23:56:46:296:1504 Dst id for subnet.  Mask 255.255.255.0
5-05: 23:56:46:296:1504 Checking Proposal 1: Proto= ESP(3), num trans=1 Next=0
5-05: 23:56:46:296:1504 Checking Transform # 1: ID=Triple DES CBC(3)
5-05: 23:56:46:296:1504  SA life type in seconds
5-05: 23:56:46:296:1504  SA life duration 28800
5-05: 23:56:46:296:1504  group description for PFS is 2
5-05: 23:56:46:296:1504  tunnel mode is Tunnel Mode(1)
5-05: 23:56:46:296:1504  HMAC algorithm is SHA(2)
5-05: 23:56:46:296:1504 Finding Responder Policy for SRC=10.0.1.0.0000 DST=192.168.104.0.0000, SRCMask=255.255.255.0, DSTMask=255.255.255.0, Prot=0 InTunnelEndpt 268a8c0 OutTunnelEndpt a2f24746
5-05: 23:56:46:296:1504 Failed to get TunnelPolicy 13015
5-05: 23:56:46:296:1504 Responder failed to match filter(Phase II) 13015
5-05: 23:56:46:312:1504 Data Protection Mode (Quick Mode)
5-05: 23:56:46:312:1504 Source IP Address 192.168.104.0  Source IP Address Mask 255.255.255.0  Destination IP Address 10.0.1.0  Destination IP Address Mask 255.255.255.0  Protocol 0  Source Port 0  Destination Port 0  IKE Local Addr 192.168.104.2  IKE Peer Addr 70.71.242.162  IKE Source Port 500  IKE Destination Port 500  Peer Private Addr
5-05: 23:56:46:312:1504 Preshared key ID.  Peer IP Address: 70.71.242.162
5-05: 23:56:46:312:1504 Me
5-05: 23:56:46:312:1504 No policy configured
5-05: 23:56:46:312:1504 Processed third (ID) payload  Responder.  Delta Time 0   0x0 0x0
5-05: 23:56:46:312:1504 isadb_set_status sa:03550C98 centry:000EC690 status 3601
5-05: 23:56:46:312:1504 ProcessFailure: sa:03550C98 centry:000EC690 status:3601
5-05: 23:56:46:312:1504 constructing ISAKMP Header
5-05: 23:56:46:312:1504 constructing HASH (null)
5-05: 23:56:46:312:1504 constructing NOTIFY 18
5-05: 23:56:46:312:1504 constructing HASH (Notify/Delete)
5-05: 23:56:46:312:1504
5-05: 23:56:46:312:1504 Sending: SA = 0x03550C98 to 70.71.242.162:Type 1.500
5-05: 23:56:46:312:1504 ISAKMP Header: (V1.0), len = 68
5-05: 23:56:46:312:1504   I-COOKIE e2086415b1e8c505
5-05: 23:56:46:312:1504   R-COOKIE 9727e2b0eab2c34b
5-05: 23:56:46:312:1504   exchange: ISAKMP Informational Exchange
5-05: 23:56:46:312:1504   flags: 1 ( encrypted )
5-05: 23:56:46:312:1504   next payload: HASH
5-05: 23:56:46:312:1504   message ID: 9e2d5fc9
5-05: 23:56:46:312:1504 Ports S:f401 D:f401
5-05: 23:56:51:234:1504
5-05: 23:56:51:234:1504 Receive: (get) SA = 0x03550c98 from 70.71.242.162.500
5-05: 23:56:51:234:1504 ISAKMP Header: (V1.0), len = 300
5-05: 23:56:51:234:1504   I-COOKIE e2086415b1e8c505
5-05: 23:56:51:234:1504   R-COOKIE 9727e2b0eab2c34b
5-05: 23:56:51:234:1504   exchange: Oakley Quick Mode
5-05: 23:56:51:234:1504   flags: 1 ( encrypted )
5-05: 23:56:51:234:1504   next payload: HASH
5-05: 23:56:51:234:1504   message ID: aac4b66a
5-05: 23:56:51:234:1504 Dropping Centry processing because SA status set.  SA 03550C98 Centry 000EC690 Status 3601
5-05: 23:57:00:250:1504
5-05: 23:57:00:250:1504 Receive: (get) SA = 0x03550c98 from 70.71.242.162.500
5-05: 23:57:00:250:1504 ISAKMP Header: (V1.0), len = 300
5-05: 23:57:00:250:1504   I-COOKIE e2086415b1e8c505
5-05: 23:57:00:250:1504   R-COOKIE 9727e2b0eab2c34b
5-05: 23:57:00:250:1504   exchange: Oakley Quick Mode
5-05: 23:57:00:250:1504   flags: 1 ( encrypted )
5-05: 23:57:00:250:1504   next payload: HASH
5-05: 23:57:00:250:1504   message ID: aac4b66a
5-05: 23:57:00:250:1504 Dropping Centry processing because SA status set.  SA 03550C98 Centry 000EC690 Status 3601
5-05: 23:57:13:62:1504 CE Dead. sa:03550C98 ce:000EC690 status:35f0
5-05: 23:57:13:62:1504 CE Dead. sa:03550C98 ce:000EC558 status:35f0
5-05: 23:57:16:312:1504
5-05: 23:57:16:312:1504 Receive: (get) SA = 0x03550c98 from 70.71.242.162.500
5-05: 23:57:16:312:1504 ISAKMP Header: (V1.0), len = 300
5-05: 23:57:16:312:1504   I-COOKIE e2086415b1e8c505
5-05: 23:57:16:312:1504   R-COOKIE 9727e2b0eab2c34b
5-05: 23:57:16:312:1504   exchange: Oakley Quick Mode
5-05: 23:57:16:312:1504   flags: 1 ( encrypted )
5-05: 23:57:16:312:1504   next payload: HASH
5-05: 23:57:16:312:1504   message ID: aac4b66a
5-05: 23:57:16:312:1504 unable to create connection entry 35ec
5-05: 23:57:16:312:1504 GetCentry failed 35ec
5-05: 23:57:16:312:1504 ProcessFailure: sa:03550C98 centry:02E5FCA0 status:35ec
5-05: 23:57:16:312:1504 Not creating notify.
5-06: 00:00:47:312:1504
5-06: 00:00:47:312:1504 Receive: (get) SA = 0x03550c98 from 70.71.242.162.500
5-06: 00:00:47:312:1504 ISAKMP Header: (V1.0), len = 300
5-06: 00:00:47:312:1504   I-COOKIE e2086415b1e8c505
5-06: 00:00:47:312:1504   R-COOKIE 9727e2b0eab2c34b
5-06: 00:00:47:312:1504   exchange: Oakley Quick Mode
5-06: 00:00:47:312:1504   flags: 1 ( encrypted )
5-06: 00:00:47:312:1504   next payload: HASH
5-06: 00:00:47:312:1504   message ID: 3b7d0c08
5-06: 00:00:47:312:1504 processing HASH (QM)
5-06: 00:00:47:312:1504 ClearFragList
5-06: 00:00:47:312:1504 processing payload NONCE
5-06: 00:00:47:312:1504 processing payload KE
5-06: 00:00:47:312:1504 Quick Mode KE processed; Saved KE data
5-06: 00:00:47:312:1504 processing payload ID
5-06: 00:00:47:312:1504 processing payload ID
5-06: 00:00:47:312:1504 processing payload SA
5-06: 00:00:47:312:1504 Negotiated Proxy ID: Src 10.0.1.0.0 Dst 192.168.104.0.0
5-06: 00:00:47:312:1504 Src id for subnet.  Mask 255.255.255.0
5-06: 00:00:47:312:1504 Dst id for subnet.  Mask 255.255.255.0
5-06: 00:00:47:312:1504 Checking Proposal 1: Proto= ESP(3), num trans=1 Next=0
5-06: 00:00:47:312:1504 Checking Transform # 1: ID=Triple DES CBC(3)
5-06: 00:00:47:312:1504  SA life type in seconds
5-06: 00:00:47:312:1504  SA life duration 28800
5-06: 00:00:47:312:1504  group description for PFS is 2
5-06: 00:00:47:312:1504  tunnel mode is Tunnel Mode(1)
5-06: 00:00:47:312:1504  HMAC algorithm is SHA(2)
5-06: 00:00:47:312:1504 Finding Responder Policy for SRC=10.0.1.0.0000 DST=192.168.104.0.0000, SRCMask=255.255.255.0, DSTMask=255.255.255.0, Prot=0 InTunnelEndpt 268a8c0 OutTunnelEndpt a2f24746
5-06: 00:00:47:312:1504 Failed to get TunnelPolicy 13015
5-06: 00:00:47:312:1504 Responder failed to match filter(Phase II) 13015
5-06: 00:00:47:312:1504 Data Protection Mode (Quick Mode)
5-06: 00:00:47:312:1504 Source IP Address 192.168.104.0  Source IP Address Mask 255.255.255.0  Destination IP Address 10.0.1.0  Destination IP Address Mask 255.255.255.0  Protocol 0  Source Port 0  Destination Port 0  IKE Local Addr 192.168.104.2  IKE Peer Addr 70.71.242.162  IKE Source Port 500  IKE Destination Port 500  Peer Private Addr
5-06: 00:00:47:312:1504 Preshared key ID.  Peer IP Address: 70.71.242.162
5-06: 00:00:47:312:1504 Me
5-06: 00:00:47:312:1504 No policy configured
5-06: 00:00:47:312:1504 Processed third (ID) payload  Responder.  Delta Time 0   0x0 0x0
5-06: 00:00:47:312:1504 isadb_set_status sa:03550C98 centry:000EC690 status 3601
5-06: 00:00:47:312:1504 ProcessFailure: sa:03550C98 centry:000EC690 status:3601
5-06: 00:00:47:312:1504 constructing ISAKMP Header
5-06: 00:00:47:312:1504 constructing HASH (null)
5-06: 00:00:47:312:1504 constructing NOTIFY 18
5-06: 00:00:47:312:1504 constructing HASH (Notify/Delete)
5-06: 00:00:47:312:1504
5-06: 00:00:47:312:1504 Sending: SA = 0x03550C98 to 70.71.242.162:Type 1.500
5-06: 00:00:47:312:1504 ISAKMP Header: (V1.0), len = 68
5-06: 00:00:47:312:1504   I-COOKIE e2086415b1e8c505
5-06: 00:00:47:312:1504   R-COOKIE 9727e2b0eab2c34b
5-06: 00:00:47:312:1504   exchange: ISAKMP Informational Exchange
5-06: 00:00:47:312:1504   flags: 1 ( encrypted )
5-06: 00:00:47:312:1504   next payload: HASH
5-06: 00:00:47:312:1504   message ID: cab2ec02
5-06: 00:00:47:312:1504 Ports S:f401 D:f401
5-06: 00:00:52:250:1504
5-06: 00:00:52:250:1504 Receive: (get) SA = 0x03550c98 from 70.71.242.162.500
5-06: 00:00:52:250:1504 ISAKMP Header: (V1.0), len = 300
5-06: 00:00:52:250:1504   I-COOKIE e2086415b1e8c505
5-06: 00:00:52:250:1504   R-COOKIE 9727e2b0eab2c34b
5-06: 00:00:52:250:1504   exchange: Oakley Quick Mode
5-06: 00:00:52:250:1504   flags: 1 ( encrypted )
5-06: 00:00:52:250:1504   next payload: HASH
5-06: 00:00:52:250:1504   message ID: 3b7d0c08
5-06: 00:00:52:250:1504 Dropping Centry processing because SA status set.  SA 03550C98 Centry 000EC690 Status 3601
5-06: 00:01:01:281:1504
5-06: 00:01:01:281:1504 Receive: (get) SA = 0x03550c98 from 70.71.242.162.500
5-06: 00:01:01:281:1504 ISAKMP Header: (V1.0), len = 300
5-06: 00:01:01:281:1504   I-COOKIE e2086415b1e8c505
5-06: 00:01:01:281:1504   R-COOKIE 9727e2b0eab2c34b
5-06: 00:01:01:281:1504   exchange: Oakley Quick Mode
5-06: 00:01:01:281:1504   flags: 1 ( encrypted )
5-06: 00:01:01:281:1504   next payload: HASH
5-06: 00:01:01:281:1504   message ID: 3b7d0c08
5-06: 00:01:01:281:1504 Dropping Centry processing because SA status set.  SA 03550C98 Centry 000EC690 Status 3601
5-06: 00:01:17:296:1504
5-06: 00:01:17:296:1504 Receive: (get) SA = 0x03550c98 from 70.71.242.162.500
5-06: 00:01:17:296:1504 ISAKMP Header: (V1.0), len = 300
5-06: 00:01:17:296:1504   I-COOKIE e2086415b1e8c505
5-06: 00:01:17:296:1504   R-COOKIE 9727e2b0eab2c34b
5-06: 00:01:17:312:1504   exchange: Oakley Quick Mode
5-06: 00:01:17:312:1504   flags: 1 ( encrypted )
5-06: 00:01:17:312:1504   next payload: HASH
5-06: 00:01:17:312:1504   message ID: 3b7d0c08
5-06: 00:01:17:312:1504 Dropping Centry processing because SA status set.  SA 03550C98 Centry 000EC690 Status 3601
5-06: 00:04:47:953:1504
5-06: 00:04:47:953:1504 Receive: (get) SA = 0x03550c98 from 70.71.242.162.500
5-06: 00:04:47:953:1504 ISAKMP Header: (V1.0), len = 300
5-06: 00:04:47:953:1504   I-COOKIE e2086415b1e8c505
5-06: 00:04:47:953:1504   R-COOKIE 9727e2b0eab2c34b
5-06: 00:04:47:953:1504   exchange: Oakley Quick Mode
5-06: 00:04:47:953:1504   flags: 1 ( encrypted )
5-06: 00:04:47:953:1504   next payload: HASH
5-06: 00:04:47:953:1504   message ID: e5903a92
5-06: 00:04:47:953:1504 processing HASH (QM)
5-06: 00:04:47:953:1504 ClearFragList
5-06: 00:04:47:953:1504 processing payload NONCE
5-06: 00:04:47:953:1504 processing payload KE
5-06: 00:04:47:953:1504 Quick Mode KE processed; Saved KE data
5-06: 00:04:47:953:1504 processing payload ID
5-06: 00:04:47:953:1504 processing payload ID
5-06: 00:04:47:953:1504 processing payload SA
5-06: 00:04:47:953:1504 Negotiated Proxy ID: Src 10.0.1.0.0 Dst 192.168.104.0.0
5-06: 00:04:47:953:1504 Src id for subnet.  Mask 255.255.255.0
5-06: 00:04:47:953:1504 Dst id for subnet.  Mask 255.255.255.0
5-06: 00:04:47:953:1504 Checking Proposal 1: Proto= ESP(3), num trans=1 Next=0
5-06: 00:04:47:953:1504 Checking Transform # 1: ID=Triple DES CBC(3)
5-06: 00:04:47:953:1504  SA life type in seconds
5-06: 00:04:47:953:1504  SA life duration 28800
5-06: 00:04:47:953:1504  group description for PFS is 2
5-06: 00:04:47:953:1504  tunnel mode is Tunnel Mode(1)
5-06: 00:04:47:953:1504  HMAC algorithm is SHA(2)
5-06: 00:04:47:953:1504 Finding Responder Policy for SRC=10.0.1.0.0000 DST=192.168.104.0.0000, SRCMask=255.255.255.0, DSTMask=255.255.255.0, Prot=0 InTunnelEndpt 268a8c0 OutTunnelEndpt a2f24746
5-06: 00:04:47:953:1504 Failed to get TunnelPolicy 13015
5-06: 00:04:47:953:1504 Responder failed to match filter(Phase II) 13015
5-06: 00:04:47:953:1504 Data Protection Mode (Quick Mode)
5-06: 00:04:47:953:1504 Source IP Address 192.168.104.0  Source IP Address Mask 255.255.255.0  Destination IP Address 10.0.1.0  Destination IP Address Mask 255.255.255.0  Protocol 0  Source Port 0  Destination Port 0  IKE Local Addr 192.168.104.2  IKE Peer Addr 70.71.242.162  IKE Source Port 500  IKE Destination Port 500  Peer Private Addr
5-06: 00:04:47:953:1504 Preshared key ID.  Peer IP Address: 70.71.242.162
5-06: 00:04:47:953:1504 Me
5-06: 00:04:47:953:1504 No policy configured
5-06: 00:04:47:953:1504 Processed third (ID) payload  Responder.  Delta Time 0   0x0 0x0
5-06: 00:04:47:953:1504 isadb_set_status sa:03550C98 centry:000EC900 status 3601
5-06: 00:04:47:953:1504 ProcessFailure: sa:03550C98 centry:000EC900 status:3601
5-06: 00:04:47:953:1504 constructing ISAKMP Header
5-06: 00:04:47:953:1504 constructing HASH (null)
5-06: 00:04:47:953:1504 constructing NOTIFY 18
5-06: 00:04:47:953:1504 constructing HASH (Notify/Delete)
5-06: 00:04:47:953:1504
5-06: 00:04:47:953:1504 Sending: SA = 0x03550C98 to 70.71.242.162:Type 1.500
5-06: 00:04:47:953:1504 ISAKMP Header: (V1.0), len = 68
5-06: 00:04:47:953:1504   I-COOKIE e2086415b1e8c505
5-06: 00:04:47:953:1504   R-COOKIE 9727e2b0eab2c34b
5-06: 00:04:47:953:1504   exchange: ISAKMP Informational Exchange
5-06: 00:04:47:953:1504   flags: 1 ( encrypted )
5-06: 00:04:47:953:1504   next payload: HASH
5-06: 00:04:47:953:1504   message ID: b486b245
5-06: 00:04:47:953:1504 Ports S:f401 D:f401
5-06: 00:04:52:843:1504
5-06: 00:04:52:843:1504 Receive: (get) SA = 0x03550c98 from 70.71.242.162.500
5-06: 00:04:52:843:1504 ISAKMP Header: (V1.0), len = 300
5-06: 00:04:52:843:1504   I-COOKIE e2086415b1e8c505
5-06: 00:04:52:843:1504   R-COOKIE 9727e2b0eab2c34b
5-06: 00:04:52:843:1504   exchange: Oakley Quick Mode
5-06: 00:04:52:843:1504   flags: 1 ( encrypted )
5-06: 00:04:52:843:1504   next payload: HASH
5-06: 00:04:52:843:1504   message ID: e5903a92
5-06: 00:04:52:843:1504 Dropping Centry processing because SA status set.  SA 03550C98 Centry 000EC900 Status 3601
5-06: 00:05:01:921:1504
5-06: 00:05:01:921:1504 Receive: (get) SA = 0x03550c98 from 70.71.242.162.500
5-06: 00:05:01:921:1504 ISAKMP Header: (V1.0), len = 300
5-06: 00:05:01:921:1504   I-COOKIE e2086415b1e8c505
5-06: 00:05:01:921:1504   R-COOKIE 9727e2b0eab2c34b
5-06: 00:05:01:921:1504   exchange: Oakley Quick Mode
5-06: 00:05:01:921:1504   flags: 1 ( encrypted )
5-06: 00:05:01:921:1504   next payload: HASH
5-06: 00:05:01:921:1504   message ID: e5903a92
5-06: 00:05:01:921:1504 Dropping Centry processing because SA status set.  SA 03550C98 Centry 000EC900 Status 3601
5-06: 00:05:17:937:1504
5-06: 00:05:17:937:1504 Receive: (get) SA = 0x03550c98 from 70.71.242.162.500
5-06: 00:05:17:937:1504 ISAKMP Header: (V1.0), len = 300
5-06: 00:05:17:937:1504   I-COOKIE e2086415b1e8c505
5-06: 00:05:17:937:1504   R-COOKIE 9727e2b0eab2c34b
5-06: 00:05:17:937:1504   exchange: Oakley Quick Mode
5-06: 00:05:17:937:1504   flags: 1 ( encrypted )
5-06: 00:05:17:937:1504   next payload: HASH
5-06: 00:05:17:937:1504   message ID: e5903a92
5-06: 00:05:17:937:1504 Dropping Centry processing because SA status set.  SA 03550C98 Centry 000EC900 Status 3601
5-06: 00:06:10:265:24c Acquire from driver: op=00000007 src=192.168.104.2.0 dst=10.0.1.1.0 proto = 0, SrcMask=255.255.255.255, DstMask=255.255.255.0, Tunnel 1, TunnelEndpt=70.71.242.162 Inbound TunnelEndpt=192.168.104.2
5-06: 00:06:10:265:1504 Starting Negotiation: src = 70.71.242.162.0500, dst = 192.168.104.2.0500, proto = 00, context = 00000007, ProxySrc = 192.168.104.2.0000, ProxyDst = 10.0.1.0.0000 SrcMask = 255.255.255.255 DstMask = 255.255.255.0
5-06: 00:06:10:265:1504 QM PolicyName: ISA Server bent QM Policy dwFlags 0
5-06: 00:06:10:265:1504 QMOffer[0] LifetimeKBytes 0 LifetimeSec 28800
5-06: 00:06:10:265:1504 QMOffer[0] dwFlags 0 dwPFSGroup 2
5-06: 00:06:10:265:1504  Algo[0] Operation: ESP Algo: Triple DES CBC HMAC: SHA
5-06: 00:06:10:265:1504 GetSpi: src = 10.0.1.0.0000, dst = 192.168.104.2.0000, proto = 00, context = 00000007, srcMask = 255.255.255.0, destMask = 255.255.255.255, TunnelFilter 1
5-06: 00:06:10:265:1504 Setting SPI  1733709909
5-06: 00:06:10:265:1504 constructing ISAKMP Header
5-06: 00:06:10:265:1504 constructing HASH (null)
5-06: 00:06:10:265:1504 constructing SA (IPSEC)
5-06: 00:06:10:265:1504 constructing QM KE
5-06: 00:06:10:296:1504 constructing NONCE (IPSEC)
5-06: 00:06:10:296:1504 constructing ID (proxy)
5-06: 00:06:10:296:1504 constructing ID (proxy)
5-06: 00:06:10:296:1504 constructing HASH (QM)
5-06: 00:06:10:296:1504
5-06: 00:06:10:296:1504 Sending: SA = 0x03550C98 to 70.71.242.162:Type 2.500
5-06: 00:06:10:296:1504 ISAKMP Header: (V1.0), len = 292
5-06: 00:06:10:296:1504   I-COOKIE e2086415b1e8c505
5-06: 00:06:10:296:1504   R-COOKIE 9727e2b0eab2c34b
5-06: 00:06:10:296:1504   exchange: Oakley Quick Mode
5-06: 00:06:10:296:1504   flags: 1 ( encrypted )
5-06: 00:06:10:296:1504   next payload: HASH
5-06: 00:06:10:296:1504   message ID: 09e5d13a
5-06: 00:06:10:296:1504 Ports S:f401 D:f401
5-06: 00:06:10:515:1504
5-06: 00:06:10:515:1504 Receive: (get) SA = 0x03550c98 from 70.71.242.162.500
5-06: 00:06:10:515:1504 ISAKMP Header: (V1.0), len = 108
5-06: 00:06:10:515:1504   I-COOKIE e2086415b1e8c505
5-06: 00:06:10:515:1504   R-COOKIE 9727e2b0eab2c34b
5-06: 00:06:10:515:1504   exchange: ISAKMP Informational Exchange
5-06: 00:06:10:515:1504   flags: 1 ( encrypted )
5-06: 00:06:10:515:1504   next payload: HASH
5-06: 00:06:10:515:1504   message ID: 50ae1916
5-06: 00:06:10:515:1504 processing HASH (Notify/Delete)
5-06: 00:06:10:515:1504 processing payload NOTIFY
5-06: 00:06:10:515:1504 notify: NO-PROPOSAL-CHOSEN
5-06: 00:06:10:515:1504 isadb_set_status sa:03550C98 centry:00000000 status 35ea
5-06: 00:06:11:218:254 retransmit: sa = 03550C98 centry 000EC558 , count = 1
5-06: 00:06:11:218:254
5-06: 00:06:11:218:254 Sending: SA = 0x03550C98 to 70.71.242.162:Type 2.500
5-06: 00:06:11:218:254 ISAKMP Header: (V1.0), len = 292
5-06: 00:06:11:218:254   I-COOKIE e2086415b1e8c505
5-06: 00:06:11:218:254   R-COOKIE 9727e2b0eab2c34b
5-06: 00:06:11:218:254   exchange: Oakley Quick Mode
5-06: 00:06:11:218:254   flags: 1 ( encrypted )
5-06: 00:06:11:218:254   next payload: HASH
5-06: 00:06:11:218:254   message ID: 09e5d13a
5-06: 00:06:11:218:254 Ports S:f401 D:f401
5-06: 00:06:13:218:254 retransmit: sa = 03550C98 centry 000EC558 , count = 2
5-06: 00:06:13:218:254
5-06: 00:06:13:218:254 Sending: SA = 0x03550C98 to 70.71.242.162:Type 2.500
5-06: 00:06:13:218:254 ISAKMP Header: (V1.0), len = 292
5-06: 00:06:13:218:254   I-COOKIE e2086415b1e8c505
5-06: 00:06:13:218:254   R-COOKIE 9727e2b0eab2c34b
5-06: 00:06:13:218:254   exchange: Oakley Quick Mode
5-06: 00:06:13:218:254   flags: 1 ( encrypted )
5-06: 00:06:13:218:254   next payload: HASH
5-06: 00:06:13:218:254   message ID: 09e5d13a
5-06: 00:06:13:218:254 Ports S:f401 D:f401
5-06: 00:06:17:218:254 retransmit: sa = 03550C98 centry 000EC558 , count = 3
5-06: 00:06:17:218:254
5-06: 00:06:17:218:254 Sending: SA = 0x03550C98 to 70.71.242.162:Type 2.500
5-06: 00:06:17:218:254 ISAKMP Header: (V1.0), len = 292
5-06: 00:06:17:218:254   I-COOKIE e2086415b1e8c505
5-06: 00:06:17:218:254   R-COOKIE 9727e2b0eab2c34b
5-06: 00:06:17:218:254   exchange: Oakley Quick Mode
5-06: 00:06:17:218:254   flags: 1 ( encrypted )
5-06: 00:06:17:218:254   next payload: HASH
5-06: 00:06:17:218:254   message ID: 09e5d13a
5-06: 00:06:17:218:254 Ports S:f401 D:f401
5-06: 00:06:25:218:254 retransmit: sa = 03550C98 centry 000EC558 , count = 4
5-06: 00:06:25:218:254
5-06: 00:06:25:218:254 Sending: SA = 0x03550C98 to 70.71.242.162:Type 2.500
5-06: 00:06:25:218:254 ISAKMP Header: (V1.0), len = 292
5-06: 00:06:25:218:254   I-COOKIE e2086415b1e8c505
5-06: 00:06:25:218:254   R-COOKIE 9727e2b0eab2c34b
5-06: 00:06:25:218:254   exchange: Oakley Quick Mode
5-06: 00:06:25:218:254   flags: 1 ( encrypted )
5-06: 00:06:25:218:254   next payload: HASH
5-06: 00:06:25:218:254   message ID: 09e5d13a
5-06: 00:06:25:218:254 Ports S:f401 D:f401
5-06: 00:06:25:437:1504
5-06: 00:06:25:437:1504 Receive: (get) SA = 0x03550c98 from 70.71.242.162.500
5-06: 00:06:25:437:1504 ISAKMP Header: (V1.0), len = 108
5-06: 00:06:25:437:1504   I-COOKIE e2086415b1e8c505
5-06: 00:06:25:437:1504   R-COOKIE 9727e2b0eab2c34b
5-06: 00:06:25:437:1504   exchange: ISAKMP Informational Exchange
5-06: 00:06:25:437:1504   flags: 1 ( encrypted )
5-06: 00:06:25:437:1504   next payload: HASH
5-06: 00:06:25:437:1504   message ID: 6ed0726a
5-06: 00:06:25:437:1504 processing HASH (Notify/Delete)
5-06: 00:06:25:437:1504 processing payload NOTIFY
5-06: 00:06:25:437:1504 notify: NO-PROPOSAL-CHOSEN
5-06: 00:06:41:218:254 retransmit: sa = 03550C98 centry 000EC558 , count = 5
5-06: 00:06:41:218:254
5-06: 00:06:41:218:254 Sending: SA = 0x03550C98 to 70.71.242.162:Type 2.500
5-06: 00:06:41:218:254 ISAKMP Header: (V1.0), len = 292
5-06: 00:06:41:218:254   I-COOKIE e2086415b1e8c505
5-06: 00:06:41:218:254   R-COOKIE 9727e2b0eab2c34b
5-06: 00:06:41:218:254   exchange: Oakley Quick Mode
5-06: 00:06:41:218:254   flags: 1 ( encrypted )
5-06: 00:06:41:218:254   next payload: HASH
5-06: 00:06:41:218:254   message ID: 09e5d13a
5-06: 00:06:41:218:254 Ports S:f401 D:f401
5-06: 00:06:41:421:1504
5-06: 00:06:41:421:1504 Receive: (get) SA = 0x03550c98 from 70.71.242.162.500
5-06: 00:06:41:421:1504 ISAKMP Header: (V1.0), len = 108
5-06: 00:06:41:421:1504   I-COOKIE e2086415b1e8c505
5-06: 00:06:41:421:1504   R-COOKIE 9727e2b0eab2c34b
5-06: 00:06:41:421:1504   exchange: ISAKMP Informational Exchange
5-06: 00:06:41:421:1504   flags: 1 ( encrypted )
5-06: 00:06:41:421:1504   next payload: HASH
5-06: 00:06:41:421:1504   message ID: 0c8fa408
5-06: 00:06:41:421:1504 processing HASH (Notify/Delete)
5-06: 00:06:41:421:1504 processing payload NOTIFY
5-06: 00:06:41:421:1504 notify: NO-PROPOSAL-CHOSEN
5-06: 00:07:13:218:254 retransmit exhausted: sa = 03550C98 centry 000EC558, count = 6
5-06: 00:07:13:218:254 SA Dead. sa:03550C98 status:35f0
5-06: 00:07:13:218:254 CE Dead. sa:03550C98 ce:000EC558 status:35f0
5-06: 00:07:13:218:254 Data Protection Mode (Quick Mode)
5-06: 00:07:13:218:254 Source IP Address 192.168.104.2  Source IP Address Mask 255.255.255.255  Destination IP Address 10.0.1.0  Destination IP Address Mask 255.255.255.0  Protocol 0  Source Port 0  Destination Port 0  IKE Local Addr 192.168.104.2  IKE Peer Addr 70.71.242.162  IKE Source Port 500  IKE Destination Port 500  Peer Private Addr
5-06: 00:07:13:218:254 Preshared key ID.  Peer IP Address: 70.71.242.162
5-06: 00:07:13:218:254 Me
5-06: 00:07:13:218:254 IKE SA deleted before establishment completed
5-06: 00:07:13:218:254 Processed third (ID) payload  Initiator.  Delta Time 63   0x0 0x0
5-06: 00:07:13:218:254 isadb_set_status sa:03550C98 centry:000EC558 status 35f0
5-06: 00:07:13:218:254 Re-initiating SA SRC=268a8c0 DST=1000a
5-06: 00:07:13:218:254 Internal Acquire: op=00000007 src=192.168.104.2.0 dst=10.0.1.0.0 proto = 0, SrcMask=255.255.255.255, DstMask=255.255.255.0, Tunnel 1, TunnelEndpt=70.71.242.162 Inbound TunnelEndpt=192.168.104.2, InitiateEvent=00000000, IKE SrcPort=500 IKE DstPort=500
5-06: 00:07:13:218:254 constructing ISAKMP Header
5-06: 00:07:13:218:254 constructing HASH (null)
5-06: 00:07:13:218:254 constructing DELETE. MM 03550C98
5-06: 00:07:13:218:254 constructing HASH (Notify/Delete)
5-06: 00:07:13:218:254 Not setting retransmit to downlevel client. SA 03550C98 Centry 00000000
5-06: 00:07:13:218:254
5-06: 00:07:13:218:254 Sending: SA = 0x03550C98 to 70.71.242.162:Type 1.500
5-06: 00:07:13:218:254 ISAKMP Header: (V1.0), len = 84
5-06: 00:07:13:218:254   I-COOKIE e2086415b1e8c505
5-06: 00:07:13:218:254   R-COOKIE 9727e2b0eab2c34b
5-06: 00:07:13:218:254   exchange: ISAKMP Informational Exchange
5-06: 00:07:13:218:254   flags: 1 ( encrypted )
5-06: 00:07:13:218:254   next payload: HASH
5-06: 00:07:13:218:254   message ID: 6935eb36
5-06: 00:07:13:218:254 Ports S:f401 D:f401
5-06: 00:07:13:218:1504 Filter to match: Src 70.71.242.162 Dst 192.168.104.2
5-06: 00:07:13:234:1504 MM PolicyName: ISA Server bent MM Policy
5-06: 00:07:13:234:1504 MMPolicy dwFlags 0 SoftSAExpireTime 28800
5-06: 00:07:13:234:1504 MMOffer[0] LifetimeSec 28800 QMLimit 0 DHGroup 2
5-06: 00:07:13:234:1504 MMOffer[0] Encrypt: Triple DES CBC Hash: SHA
5-06: 00:07:13:234:1504 Auth[0]:PresharedKey KeyLen 30
5-06: 00:07:13:234:1504 QM PolicyName: ISA Server bent QM Policy dwFlags 0
5-06: 00:07:13:234:1504 QMOffer[0] LifetimeKBytes 0 LifetimeSec 28800
5-06: 00:07:13:234:1504 QMOffer[0] dwFlags 0 dwPFSGroup 2
5-06: 00:07:13:234:1504  Algo[0] Operation: ESP Algo: Triple DES CBC HMAC: SHA
5-06: 00:07:13:234:1504 Starting Negotiation: src = 192.168.104.2.0500, dst = 70.71.242.162.0500, proto = 00, context = 00000007, ProxySrc = 192.168.104.2.0000, ProxyDst = 10.0.1.0.0000 SrcMask = 255.255.255.255 DstMask = 255.255.255.0
5-06: 00:07:13:234:1504 constructing ISAKMP Header
5-06: 00:07:13:234:1504 constructing SA (ISAKMP)
5-06: 00:07:13:234:1504 Constructing Vendor MS NT5 ISAKMPOAKLEY
5-06: 00:07:13:234:1504 Constructing Vendor FRAGMENTATION
5-06: 00:07:13:234:1504 Constructing Vendor draft-ietf-ipsec-nat-t-ike-02
5-06: 00:07:13:234:1504
5-06: 00:07:13:234:1504 Sending: SA = 0x03551000 to 70.71.242.162:Type 2.500
5-06: 00:07:13:234:1504 ISAKMP Header: (V1.0), len = 148
5-06: 00:07:13:234:1504   I-COOKIE 25fa0e0cc9fe152b
5-06: 00:07:13:234:1504   R-COOKIE 0000000000000000
5-06: 00:07:13:234:1504   exchange: Oakley Main Mode
5-06: 00:07:13:234:1504   flags: 0
5-06: 00:07:13:234:1504   next payload: SA
5-06: 00:07:13:234:1504   message ID: 00000000
5-06: 00:07:13:234:1504 Ports S:f401 D:f401
5-06: 00:07:13:250:1504
5-06: 00:07:13:250:1504 Receive: (get) SA = 0x03551000 from 70.71.242.162.500
5-06: 00:07:13:250:1504 ISAKMP Header: (V1.0), len = 80
5-06: 00:07:13:250:1504   I-COOKIE 25fa0e0cc9fe152b
5-06: 00:07:13:250:1504   R-COOKIE 03e63f2a4583379b
5-06: 00:07:13:250:1504   exchange: Oakley Main Mode
5-06: 00:07:13:250:1504   flags: 0
5-06: 00:07:13:250:1504   next payload: SA
5-06: 00:07:13:250:1504   message ID: 00000000
5-06: 00:07:13:250:1504 processing payload SA
5-06: 00:07:13:250:1504 Received Phase 1 Transform 1
5-06: 00:07:13:250:1504      Encryption Alg Triple DES CBC(5)
5-06: 00:07:13:250:1504      Hash Alg SHA(2)
5-06: 00:07:13:250:1504      Oakley Group 2
5-06: 00:07:13:250:1504      Auth Method Preshared Key(1)
5-06: 00:07:13:250:1504      Life type in Seconds
5-06: 00:07:13:250:1504      Life duration of 28800
5-06: 00:07:13:250:1504 Phase 1 SA accepted: transform=1
5-06: 00:07:13:250:1504 SA - Oakley proposal accepted
5-06: 00:07:13:250:1504 ClearFragList
5-06: 00:07:13:250:1504 constructing ISAKMP Header
5-06: 00:07:13:281:1504 constructing KE
5-06: 00:07:13:281:1504 constructing NONCE (ISAKMP)
5-06: 00:07:13:281:1504
5-06: 00:07:13:281:1504 Sending: SA = 0x03551000 to 70.71.242.162:Type 2.500
5-06: 00:07:13:281:1504 ISAKMP Header: (V1.0), len = 184
5-06: 00:07:13:281:1504   I-COOKIE 25fa0e0cc9fe152b
5-06: 00:07:13:281:1504   R-COOKIE 03e63f2a4583379b
5-06: 00:07:13:281:1504   exchange: Oakley Main Mode
5-06: 00:07:13:281:1504   flags: 0
5-06: 00:07:13:281:1504   next payload: KE
5-06: 00:07:13:281:1504   message ID: 00000000
5-06: 00:07:13:281:1504 Ports S:f401 D:f401
5-06: 00:07:13:484:1504
5-06: 00:07:13:484:1504 Receive: (get) SA = 0x03551000 from 70.71.242.162.500
5-06: 00:07:13:484:1504 ISAKMP Header: (V1.0), len = 220
5-06: 00:07:13:484:1504   I-COOKIE 25fa0e0cc9fe152b
5-06: 00:07:13:484:1504   R-COOKIE 03e63f2a4583379b
5-06: 00:07:13:484:1504   exchange: Oakley Main Mode
5-06: 00:07:13:484:1504   flags: 0
5-06: 00:07:13:484:1504   next payload: KE
5-06: 00:07:13:484:1504   message ID: 00000000
5-06: 00:07:13:484:1504 processing payload KE
5-06: 00:07:13:500:1504 processing payload NONCE
5-06: 00:07:13:500:1504 processing payload VENDOR ID
5-06: 00:07:13:500:1504 processing payload VENDOR ID
5-06: 00:07:13:500:1504 processing payload VENDOR ID
5-06: 00:07:13:500:1504 ClearFragList
5-06: 00:07:13:500:1504 constructing ISAKMP Header
5-06: 00:07:13:500:1504 constructing ID
5-06: 00:07:13:500:1504 MM ID Type 1
5-06: 00:07:13:500:1504 MM ID c0a86802
5-06: 00:07:13:500:1504 constructing HASH
5-06: 00:07:13:500:1504
5-06: 00:07:13:500:1504 Sending: SA = 0x03551000 to 70.71.242.162:Type 2.500
5-06: 00:07:13:500:1504 ISAKMP Header: (V1.0), len = 68
5-06: 00:07:13:500:1504   I-COOKIE 25fa0e0cc9fe152b
5-06: 00:07:13:500:1504   R-COOKIE 03e63f2a4583379b
5-06: 00:07:13:500:1504   exchange: Oakley Main Mode
5-06: 00:07:13:500:1504   flags: 1 ( encrypted )
5-06: 00:07:13:500:1504   next payload: ID
5-06: 00:07:13:500:1504   message ID: 00000000
5-06: 00:07:13:500:1504 Ports S:f401 D:f401
5-06: 00:07:13:515:1504
5-06: 00:07:13:515:1504 Receive: (get) SA = 0x03551000 from 70.71.242.162.500
5-06: 00:07:13:515:1504 ISAKMP Header: (V1.0), len = 68
5-06: 00:07:13:515:1504   I-COOKIE 25fa0e0cc9fe152b
5-06: 00:07:13:515:1504   R-COOKIE 03e63f2a4583379b
5-06: 00:07:13:515:1504   exchange: Oakley Main Mode
5-06: 00:07:13:515:1504   flags: 1 ( encrypted )
5-06: 00:07:13:515:1504   next payload: ID
5-06: 00:07:13:515:1504   message ID: 00000000
5-06: 00:07:13:515:1504 processing payload ID
5-06: 00:07:13:515:1504 processing payload HASH
5-06: 00:07:13:515:1504 AUTH: Phase I authentication accepted
5-06: 00:07:13:515:1504 ClearFragList
5-06: 00:07:13:515:1504 MM established.  SA: 03551000
5-06: 00:07:13:515:1504 QM PolicyName: ISA Server bent QM Policy dwFlags 0
5-06: 00:07:13:515:1504 QMOffer[0] LifetimeKBytes 0 LifetimeSec 28800
5-06: 00:07:13:515:1504 QMOffer[0] dwFlags 0 dwPFSGroup 2
5-06: 00:07:13:515:1504  Algo[0] Operation: ESP Algo: Triple DES CBC HMAC: SHA
5-06: 00:07:13:515:1504 GetSpi: src = 10.0.1.0.0000, dst = 192.168.104.2.0000, proto = 00, context = 00000007, srcMask = 255.255.255.0, destMask = 255.255.255.255, TunnelFilter 1
5-06: 00:07:13:515:1504 Setting SPI  1733709909
5-06: 00:07:13:515:1504 constructing ISAKMP Header
5-06: 00:07:13:515:1504 constructing HASH (null)
5-06: 00:07:13:515:1504 constructing SA (IPSEC)
5-06: 00:07:13:515:1504 constructing QM KE
5-06: 00:07:13:546:1504 constructing NONCE (IPSEC)
5-06: 00:07:13:546:1504 constructing ID (proxy)
5-06: 00:07:13:546:1504 constructing ID (proxy)
5-06: 00:07:13:546:1504 constructing HASH (QM)
5-06: 00:07:13:546:1504
5-06: 00:07:13:546:1504 Sending: SA = 0x03551000 to 70.71.242.162:Type 2.500
5-06: 00:07:13:546:1504 ISAKMP Header: (V1.0), len = 292
5-06: 00:07:13:546:1504   I-COOKIE 25fa0e0cc9fe152b
5-06: 00:07:13:546:1504   R-COOKIE 03e63f2a4583379b
5-06: 00:07:13:546:1504   exchange: Oakley Quick Mode
5-06: 00:07:13:546:1504   flags: 1 ( encrypted )
5-06: 00:07:13:546:1504   next payload: HASH
5-06: 00:07:13:546:1504   message ID: a11aa5ef
5-06: 00:07:13:546:1504 Ports S:f401 D:f401
5-06: 00:07:13:765:1504
5-06: 00:07:13:765:1504 Receive: (get) SA = 0x03551000 from 70.71.242.162.500
5-06: 00:07:13:765:1504 ISAKMP Header: (V1.0), len = 108
5-06: 00:07:13:765:1504   I-COOKIE 25fa0e0cc9fe152b
5-06: 00:07:13:765:1504   R-COOKIE 03e63f2a4583379b
5-06: 00:07:13:765:1504   exchange: ISAKMP Informational Exchange
5-06: 00:07:13:765:1504   flags: 1 ( encrypted )
5-06: 00:07:13:765:1504   next payload: HASH
5-06: 00:07:13:765:1504   message ID: 7ca54a2f
5-06: 00:07:13:765:1504 processing HASH (Notify/Delete)
5-06: 00:07:13:765:1504 processing payload NOTIFY
5-06: 00:07:13:765:1504 notify: NO-PROPOSAL-CHOSEN
5-06: 00:07:13:765:1504 isadb_set_status sa:03551000 centry:00000000 status 35ea
5-06: 00:07:14:218:254 retransmit: sa = 03551000 centry 000EC7C8 , count = 1
5-06: 00:07:14:218:254
5-06: 00:07:14:218:254 Sending: SA = 0x03551000 to 70.71.242.162:Type 2.500
5-06: 00:07:14:218:254 ISAKMP Header: (V1.0), len = 292
5-06: 00:07:14:218:254   I-COOKIE 25fa0e0cc9fe152b
5-06: 00:07:14:218:254   R-COOKIE 03e63f2a4583379b
5-06: 00:07:14:218:254   exchange: Oakley Quick Mode
5-06: 00:07:14:218:254   flags: 1 ( encrypted )
5-06: 00:07:14:218:254   next payload: HASH
5-06: 00:07:14:218:254   message ID: a11aa5ef
5-06: 00:07:14:218:254 Ports S:f401 D:f401
5-06: 00:07:14:234:1504
5-06: 00:07:14:234:1504 Receive: (get) SA = 0x03551000 from 70.71.242.162.500
5-06: 00:07:14:234:1504 ISAKMP Header: (V1.0), len = 68
5-06: 00:07:14:234:1504   I-COOKIE 25fa0e0cc9fe152b
5-06: 00:07:14:234:1504   R-COOKIE 03e63f2a4583379b
5-06: 00:07:14:234:1504   exchange: Oakley Main Mode
5-06: 00:07:14:234:1504   flags: 1 ( encrypted )
5-06: 00:07:14:234:1504   next payload: ID
5-06: 00:07:14:234:1504   message ID: 00000000
5-06: 00:07:14:234:1504 invalid payload received
5-06: 00:07:14:234:1504 GetPacket failed 3613
5-06: 00:07:16:218:254 retransmit: sa = 03551000 centry 000EC7C8 , count = 2
5-06: 00:07:16:218:254
5-06: 00:07:16:218:254 Sending: SA = 0x03551000 to 70.71.242.162:Type 2.500
5-06: 00:07:16:218:254 ISAKMP Header: (V1.0), len = 292
5-06: 00:07:16:218:254   I-COOKIE 25fa0e0cc9fe152b
5-06: 00:07:16:218:254   R-COOKIE 03e63f2a4583379b
5-06: 00:07:16:218:254   exchange: Oakley Quick Mode
5-06: 00:07:16:218:254   flags: 1 ( encrypted )
5-06: 00:07:16:218:254   next payload: HASH
5-06: 00:07:16:218:254   message ID: a11aa5ef
5-06: 00:07:16:218:254 Ports S:f401 D:f401
5-06: 00:07:16:234:1504
5-06: 00:07:16:234:1504 Receive: (get) SA = 0x03551000 from 70.71.242.162.500
5-06: 00:07:16:234:1504 ISAKMP Header: (V1.0), len = 68
5-06: 00:07:16:234:1504   I-COOKIE 25fa0e0cc9fe152b
5-06: 00:07:16:234:1504   R-COOKIE 03e63f2a4583379b
5-06: 00:07:16:234:1504   exchange: Oakley Main Mode
5-06: 00:07:16:234:1504   flags: 1 ( encrypted )
5-06: 00:07:16:234:1504   next payload: ID
5-06: 00:07:16:234:1504   message ID: 00000000
5-06: 00:07:16:234:1504 invalid payload received
5-06: 00:07:16:234:1504 GetPacket failed 3613
5-06: 00:07:20:218:254 retransmit: sa = 03551000 centry 000EC7C8 , count = 3
5-06: 00:07:20:218:254
5-06: 00:07:20:218:254 Sending: SA = 0x03551000 to 70.71.242.162:Type 2.500
5-06: 00:07:20:218:254 ISAKMP Header: (V1.0), len = 292
5-06: 00:07:20:218:254   I-COOKIE 25fa0e0cc9fe152b
5-06: 00:07:20:218:254   R-COOKIE 03e63f2a4583379b
5-06: 00:07:20:218:254   exchange: Oakley Quick Mode
5-06: 00:07:20:218:254   flags: 1 ( encrypted )
5-06: 00:07:20:218:254   next payload: HASH
5-06: 00:07:20:218:254   message ID: a11aa5ef
5-06: 00:07:20:218:254 Ports S:f401 D:f401
5-06: 00:07:20:234:1504
5-06: 00:07:20:234:1504 Receive: (get) SA = 0x03551000 from 70.71.242.162.500
5-06: 00:07:20:234:1504 ISAKMP Header: (V1.0), len = 68
5-06: 00:07:20:234:1504   I-COOKIE 25fa0e0cc9fe152b
5-06: 00:07:20:234:1504   R-COOKIE 03e63f2a4583379b
5-06: 00:07:20:234:1504   exchange: Oakley Main Mode
5-06: 00:07:20:234:1504   flags: 1 ( encrypted )
5-06: 00:07:20:234:1504   next payload: ID
5-06: 00:07:20:234:1504   message ID: 00000000
5-06: 00:07:20:234:1504 invalid payload received
5-06: 00:07:20:234:1504 GetPacket failed 3613
5-06: 00:07:24:328:24c Acquire from driver: op=00000008 src=192.168.104.2.0 dst=10.0.1.1.0 proto = 0, SrcMask=255.255.255.255, DstMask=255.255.255.0, Tunnel 1, TunnelEndpt=70.71.242.162 Inbound TunnelEndpt=192.168.104.2
5-06: 00:07:24:328:1504 Starting Negotiation: src = 192.168.104.2.0500, dst = 70.71.242.162.0500, proto = 00, context = 00000008, ProxySrc = 192.168.104.2.0000, ProxyDst = 10.0.1.0.0000 SrcMask = 255.255.255.255 DstMask = 255.255.255.0
5-06: 00:07:24:328:1504 QM PolicyName: ISA Server bent QM Policy dwFlags 0
5-06: 00:07:24:328:1504 QMOffer[0] LifetimeKBytes 0 LifetimeSec 28800 <