log d'échange à l'établissement du tunnel.

Forum traitant de la distribution sécurisée montante nommée IP cop et basée sur la distribution Smoothwall. C'est à l'heure actuelle le forum le plus actif du site.

Modérateur: modos Ixus

Publier une réponse

log d'échange à l'établissement du tunnel.

Messagepar jmy1904 » 03 Oct 2004 23:21

Dites moi, quelqu'un serait il capable d'analyser un log oakley afin de me dire ce qui cloche dans l'établissement de mon tunnel?

une fois ipsec lancé sur mon XP, je tente un ping -t vers une machine 200 du réseau distant:

10-03: 22:47:22:988:6a8 Initialization OK
10-03: 22:54:06:768:6a8 isadb_schedule_kill_oldPolicy_sas: e9c6732a-6921-4737-a79ea92f865fd749 4
10-03: 22:54:06:778:6a8 isadb_schedule_kill_oldPolicy_sas: 343c97b2-5fea-4732-b23bd064886d0623 4
10-03: 22:54:06:778:6a8 isadb_schedule_kill_oldPolicy_sas: 8d20ce7d-e0e9-4b44-87494b999b1c613f 3
10-03: 22:54:06:778:6a8 isadb_schedule_kill_oldPolicy_sas: 0e9ec665-0afd-4a83-88a9e023f70ecaa4 3
10-03: 22:54:06:778:6a8 isadb_schedule_kill_oldPolicy_sas: 55b423a9-ee2d-49c1-aa5ff6b4bb94a872 1
10-03: 22:54:06:778:6a8 isadb_schedule_kill_oldPolicy_sas: df49985f-cc4b-441b-b295df91f02109bc 2
10-03: 22:54:06:778:6a8 isadb_schedule_kill_oldPolicy_sas: 16e09e9f-223b-4a42-bda2453a6050b0dc 2
10-03: 22:54:06:788:370 entered kill_old_policy_sas 4
10-03: 22:54:06:788:370 entered kill_old_policy_sas 4
10-03: 22:54:06:788:370 entered kill_old_policy_sas 3
10-03: 22:54:06:788:370 entered kill_old_policy_sas 3
10-03: 22:54:06:788:370 entered kill_old_policy_sas 1
10-03: 22:54:06:788:370 entered kill_old_policy_sas 2
10-03: 22:54:06:788:370 entered kill_old_policy_sas 2
10-03: 22:54:37:783:6c8 Acquire from driver: op=00000006 src=172.210.147.153.0 dst=10.0.66.200.0 proto = 0, SrcMask=255.255.255.255, DstMask=255.255.255.0, Tunnel 1, TunnelEndpt=81.250.71.64 Inbound TunnelEndpt=172.210.147.153
10-03: 22:54:37:783:370 Filter to match: Src 81.250.71.64 Dst 172.210.147.153
10-03: 22:54:37:793:370 MM PolicyName: 2
10-03: 22:54:37:793:370 MMPolicy dwFlags 2 SoftSAExpireTime 28800
10-03: 22:54:37:793:370 MMOffer[0] LifetimeSec 28800 QMLimit 1 DHGroup 2
10-03: 22:54:37:793:370 MMOffer[0] Encrypt: Triple DES CBC Hash: SHA
10-03: 22:54:37:793:370 MMOffer[1] LifetimeSec 28800 QMLimit 1 DHGroup 2
10-03: 22:54:37:793:370 MMOffer[1] Encrypt: Triple DES CBC Hash: MD5
10-03: 22:54:37:793:370 MMOffer[2] LifetimeSec 28800 QMLimit 1 DHGroup 1
10-03: 22:54:37:793:370 MMOffer[2] Encrypt: DES CBC Hash: SHA
10-03: 22:54:37:793:370 MMOffer[3] LifetimeSec 28800 QMLimit 1 DHGroup 1
10-03: 22:54:37:793:370 MMOffer[3] Encrypt: DES CBC Hash: MD5
10-03: 22:54:37:793:370 Auth[0]:PresharedKey KeyLen 8
10-03: 22:54:37:793:370 QM PolicyName: Host-Jm-vers-66 filter action dwFlags 1
10-03: 22:54:37:793:370 QMOffer[0] LifetimeKBytes 50000 LifetimeSec 3600
10-03: 22:54:37:793:370 QMOffer[0] dwFlags 0 dwPFSGroup -2147483648
10-03: 22:54:37:793:370 Algo[0] Operation: ESP Algo: Triple DES CBC HMAC: MD5
10-03: 22:54:37:793:370 Starting Negotiation: src = 172.210.147.153.0500, dst = 81.250.xx.xx.0500, proto = 00, context = 00000006, ProxySrc = 172.210.147.153.0000, ProxyDst = 10.0.66.0.0000 SrcMask = 255.255.255.255 DstMask = 255.255.255.0
10-03: 22:54:37:793:370 constructing ISAKMP Header
10-03: 22:54:37:793:370 constructing SA (ISAKMP)
10-03: 22:54:37:793:370 Constructing Vendor MS NT5 ISAKMPOAKLEY
10-03: 22:54:37:803:370 Constructing Vendor FRAGMENTATION
10-03: 22:54:37:803:370 Constructing Vendor draft-ietf-ipsec-nat-t-ike-02
10-03: 22:54:37:803:370 Constructing Vendor Vid-Initial-Contact
10-03: 22:54:37:803:370
10-03: 22:54:37:803:370 Sending: SA = 0x000F6C78 to 81.250.xx.xx:Type 2.500
10-03: 22:54:37:803:370 ISAKMP Header: (V1.0), len = 276
10-03: 22:54:37:803:370 I-COOKIE 2ddb7fe4f2ccc03d
10-03: 22:54:37:803:370 R-COOKIE 0000000000000000
10-03: 22:54:37:803:370 exchange: Oakley Main Mode
10-03: 22:54:37:803:370 flags: 0
10-03: 22:54:37:803:370 next payload: SA
10-03: 22:54:37:803:370 message ID: 00000000
10-03: 22:54:37:803:370 Ports S:f401 D:f401
10-03: 22:54:38:674:6d0 retransmit: sa = 000F6C78 centry 00000000 , count = 1
10-03: 22:54:38:674:6d0
10-03: 22:54:38:674:6d0 Sending: SA = 0x000F6C78 to 81.250.xx.xx:Type 2.500
10-03: 22:54:38:674:6d0 ISAKMP Header: (V1.0), len = 276
10-03: 22:54:38:674:6d0 I-COOKIE 2ddb7fe4f2ccc03d
10-03: 22:54:38:674:6d0 R-COOKIE 0000000000000000
10-03: 22:54:38:674:6d0 exchange: Oakley Main Mode
10-03: 22:54:38:674:6d0 flags: 0
10-03: 22:54:38:674:6d0 next payload: SA
10-03: 22:54:38:674:6d0 message ID: 00000000
10-03: 22:54:38:674:6d0 Ports S:f401 D:f401
10-03: 22:54:38:744:370
10-03: 22:54:38:744:370 Receive: (get) SA = 0x000f6c78 from 81.250.xx.xx.500
10-03: 22:54:38:744:370 ISAKMP Header: (V1.0), len = 84
10-03: 22:54:38:744:370 I-COOKIE 2ddb7fe4f2ccc03d
10-03: 22:54:38:744:370 R-COOKIE 13f256fdb532308a
10-03: 22:54:38:744:370 exchange: Oakley Main Mode
10-03: 22:54:38:744:370 flags: 0
10-03: 22:54:38:744:370 next payload: SA
10-03: 22:54:38:744:370 message ID: 00000000
10-03: 22:54:38:744:370 processing payload SA
10-03: 22:54:38:744:370 Received Phase 1 Transform 1
10-03: 22:54:38:744:370 Encryption Alg Triple DES CBC(5)
10-03: 22:54:38:744:370 Hash Alg SHA(2)
10-03: 22:54:38:744:370 Oakley Group 2
10-03: 22:54:38:744:370 Auth Method Clé pré-partagée(1)
10-03: 22:54:38:744:370 Life type in Seconds
10-03: 22:54:38:744:370 Life duration of 28800
10-03: 22:54:38:744:370 Phase 1 SA accepted: transform=1
10-03: 22:54:38:744:370 SA - Oakley proposal accepted
10-03: 22:54:38:744:370 ClearFragList
10-03: 22:54:38:744:370 constructing ISAKMP Header
10-03: 22:54:38:774:370 constructing KE
10-03: 22:54:38:774:370 constructing NONCE (ISAKMP)
10-03: 22:54:38:774:370
10-03: 22:54:38:774:370 Sending: SA = 0x000F6C78 to 81.250.xx.xx:Type 2.500
10-03: 22:54:38:774:370 ISAKMP Header: (V1.0), len = 184
10-03: 22:54:38:774:370 I-COOKIE 2ddb7fe4f2ccc03d
10-03: 22:54:38:774:370 R-COOKIE 13f256fdb532308a
10-03: 22:54:38:774:370 exchange: Oakley Main Mode
10-03: 22:54:38:774:370 flags: 0
10-03: 22:54:38:774:370 next payload: KE
10-03: 22:54:38:774:370 message ID: 00000000
10-03: 22:54:38:774:370 Ports S:f401 D:f401
10-03: 22:54:39:586:370
10-03: 22:54:39:586:370 Receive: (get) SA = 0x00000000 from 81.250.xx.xx.500
10-03: 22:54:39:586:370 ISAKMP Header: (V1.0), len = 84
10-03: 22:54:39:586:370 I-COOKIE 2ddb7fe4f2ccc03d
10-03: 22:54:39:586:370 R-COOKIE 4788737f6cfcf47f
10-03: 22:54:39:586:370 exchange: Oakley Main Mode
10-03: 22:54:39:586:370 flags: 0
10-03: 22:54:39:586:370 next payload: SA
10-03: 22:54:39:586:370 message ID: 00000000
10-03: 22:54:39:586:370 Cookie exists, or new receive throttle hit
10-03: 22:54:39:586:370 Responding with new SA 0
10-03: 22:54:39:586:370 HandleFirstPacketResponder failed 35ec
10-03: 22:54:39:676:6d0 retransmit: sa = 000F6C78 centry 00000000 , count = 1
10-03: 22:54:39:676:6d0
10-03: 22:54:39:676:6d0 Sending: SA = 0x000F6C78 to 81.250.xx.xx:Type 2.500
10-03: 22:54:39:676:6d0 ISAKMP Header: (V1.0), len = 184
10-03: 22:54:39:676:6d0 I-COOKIE 2ddb7fe4f2ccc03d
10-03: 22:54:39:676:6d0 R-COOKIE 13f256fdb532308a
10-03: 22:54:39:676:6d0 exchange: Oakley Main Mode
10-03: 22:54:39:676:6d0 flags: 0
10-03: 22:54:39:676:6d0 next payload: KE
10-03: 22:54:39:676:6d0 message ID: 00000000
10-03: 22:54:39:676:6d0 Ports S:f401 D:f401
10-03: 22:54:40:417:370
10-03: 22:54:40:417:370 Receive: (get) SA = 0x000f6c78 from 81.250.xx.xx.500
10-03: 22:54:40:417:370 ISAKMP Header: (V1.0), len = 180
10-03: 22:54:40:417:370 I-COOKIE 2ddb7fe4f2ccc03d
10-03: 22:54:40:417:370 R-COOKIE 13f256fdb532308a
10-03: 22:54:40:417:370 exchange: Oakley Main Mode
10-03: 22:54:40:417:370 flags: 0
10-03: 22:54:40:417:370 next payload: KE
10-03: 22:54:40:417:370 message ID: 00000000
10-03: 22:54:40:417:370 processing payload KE
10-03: 22:54:40:427:370 processing payload NONCE
10-03: 22:54:40:427:370 ClearFragList
10-03: 22:54:40:427:370 constructing ISAKMP Header
10-03: 22:54:40:427:370 constructing ID
10-03: 22:54:40:427:370 MM ID Type 1
10-03: 22:54:40:427:370 MM ID acd29399
10-03: 22:54:40:427:370 constructing HASH
10-03: 22:54:40:427:370
10-03: 22:54:40:427:370 Sending: SA = 0x000F6C78 to 81.250.xx.xx:Type 2.500
10-03: 22:54:40:427:370 ISAKMP Header: (V1.0), len = 68
10-03: 22:54:40:427:370 I-COOKIE 2ddb7fe4f2ccc03d
10-03: 22:54:40:427:370 R-COOKIE 13f256fdb532308a
10-03: 22:54:40:427:370 exchange: Oakley Main Mode
10-03: 22:54:40:427:370 flags: 1 ( encrypted )
10-03: 22:54:40:427:370 next payload: ID
10-03: 22:54:40:427:370 message ID: 00000000
10-03: 22:54:40:427:370 Ports S:f401 D:f401
10-03: 22:54:41:98:370
10-03: 22:54:41:98:370 Receive: (get) SA = 0x000f6c78 from 81.250.xx.xx.500
10-03: 22:54:41:98:370 ISAKMP Header: (V1.0), len = 68
10-03: 22:54:41:98:370 I-COOKIE 2ddb7fe4f2ccc03d
10-03: 22:54:41:98:370 R-COOKIE 13f256fdb532308a
10-03: 22:54:41:98:370 exchange: Oakley Main Mode
10-03: 22:54:41:98:370 flags: 1 ( encrypted )
10-03: 22:54:41:98:370 next payload: ID
10-03: 22:54:41:98:370 message ID: 00000000
10-03: 22:54:41:98:370 processing payload ID
10-03: 22:54:41:98:370 processing payload HASH
10-03: 22:54:41:98:370 AUTH: Phase I authentication accepted
10-03: 22:54:41:98:370 ClearFragList
10-03: 22:54:41:98:370 MM established. SA: 000F6C78
10-03: 22:54:41:118:370 QM PolicyName: Host-Jm-vers-66 filter action dwFlags 1
10-03: 22:54:41:118:370 QMOffer[0] LifetimeKBytes 50000 LifetimeSec 3600
10-03: 22:54:41:118:370 QMOffer[0] dwFlags 0 dwPFSGroup -2147483648
10-03: 22:54:41:118:370 Algo[0] Operation: ESP Algo: Triple DES CBC HMAC: MD5
10-03: 22:54:41:118:370 GetSpi: src = 10.0.66.0.0000, dst = 172.210.147.153.0000, proto = 00, context = 00000006, srcMask = 255.255.255.0, destMask = 255.255.255.255, TunnelFilter 1
10-03: 22:54:41:118:370 Setting SPI 2341583804
10-03: 22:54:41:118:370 constructing ISAKMP Header
10-03: 22:54:41:118:370 constructing HASH (null)
10-03: 22:54:41:118:370 constructing SA (IPSEC)
10-03: 22:54:41:118:370 constructing QM KE
10-03: 22:54:41:158:370 constructing NONCE (IPSEC)
10-03: 22:54:41:158:370 constructing ID (proxy)
10-03: 22:54:41:158:370 constructing ID (proxy)
10-03: 22:54:41:158:370 constructing HASH (QM)
10-03: 22:54:41:158:370
10-03: 22:54:41:158:370 Sending: SA = 0x000F6C78 to 81.250.xx.xx:Type 2.500
10-03: 22:54:41:158:370 ISAKMP Header: (V1.0), len = 308
10-03: 22:54:41:158:370 I-COOKIE 2ddb7fe4f2ccc03d
10-03: 22:54:41:158:370 R-COOKIE 13f256fdb532308a
10-03: 22:54:41:158:370 exchange: Oakley Quick Mode
10-03: 22:54:41:158:370 flags: 1 ( encrypted )
10-03: 22:54:41:158:370 next payload: HASH
10-03: 22:54:41:158:370 message ID: c078b42e
10-03: 22:54:41:158:370 Ports S:f401 D:f401
10-03: 22:54:41:679:6d0 retransmit: sa = 000F6C78 centry 0010E418 , count = 1
10-03: 22:54:41:679:6d0
10-03: 22:54:41:679:6d0 Sending: SA = 0x000F6C78 to 81.250.xx.xx:Type 2.500
10-03: 22:54:41:679:6d0 ISAKMP Header: (V1.0), len = 308
10-03: 22:54:41:679:6d0 I-COOKIE 2ddb7fe4f2ccc03d
10-03: 22:54:41:679:6d0 R-COOKIE 13f256fdb532308a
10-03: 22:54:41:679:6d0 exchange: Oakley Quick Mode
10-03: 22:54:41:679:6d0 flags: 1 ( encrypted )
10-03: 22:54:41:679:6d0 next payload: HASH
10-03: 22:54:41:679:6d0 message ID: c078b42e
10-03: 22:54:41:679:6d0 Ports S:f401 D:f401
10-03: 22:54:43:301:370
10-03: 22:54:43:301:370 Receive: (get) SA = 0x000f6c78 from 81.250.xx.xx.500
10-03: 22:54:43:301:370 ISAKMP Header: (V1.0), len = 300
10-03: 22:54:43:301:370 I-COOKIE 2ddb7fe4f2ccc03d
10-03: 22:54:43:301:370 R-COOKIE 13f256fdb532308a
10-03: 22:54:43:301:370 exchange: Oakley Quick Mode
10-03: 22:54:43:301:370 flags: 1 ( encrypted )
10-03: 22:54:43:301:370 next payload: HASH
10-03: 22:54:43:301:370 message ID: c078b42e
10-03: 22:54:43:301:370 Received commit re-send
10-03: 22:54:43:301:370 processing HASH (QM)
10-03: 22:54:43:301:370 ClearFragList
10-03: 22:54:43:301:370 processing payload NONCE
10-03: 22:54:43:301:370 processing payload KE
10-03: 22:54:43:301:370 Quick Mode KE processed; Saved KE data
10-03: 22:54:43:301:370 processing payload ID
10-03: 22:54:43:301:370 processing payload ID
10-03: 22:54:43:301:370 processing payload SA
10-03: 22:54:43:301:370 Negotiated Proxy ID: Src 172.210.147.153.0 Dst 10.0.66.0.0
10-03: 22:54:43:301:370 Dst id for subnet. Mask 255.255.255.0
10-03: 22:54:43:301:370 Checking Proposal 1: Proto= ESP(3), num trans=1 Next=0
10-03: 22:54:43:301:370 Checking Transform # 1: ID=Triple DES CBC(3)
10-03: 22:54:43:301:370 SA life type in seconds
10-03: 22:54:43:301:370 SA life duration 00000e10
10-03: 22:54:43:301:370 SA life type in kilobytes
10-03: 22:54:43:301:370 SA life duration 0000c350
10-03: 22:54:43:301:370 tunnel mode is Mode de tunnel(1)
10-03: 22:54:43:301:370 HMAC algorithm is MD5(1)
10-03: 22:54:43:301:370 group description for PFS is 2
10-03: 22:54:43:301:370 Phase 2 SA accepted: proposal=1 transform=1
10-03: 22:54:43:311:370 constructing ISAKMP Header
10-03: 22:54:43:311:370 constructing HASH (QM)
10-03: 22:54:43:311:370 Adding QMs: src = 172.210.147.153.0000, dst = 10.0.66.0.0000, proto = 00, context = 00000006, my tunnel = 172.210.147.153, peer tunnel = 81.250.xx.xx, SrcMask = 0.0.0.0, DestMask = 255.255.255.0 Lifetime = 3600 LifetimeKBytes 50000 dwFlags 201 Direction 2 EncapType 1
10-03: 22:54:43:311:370 Algo[0] Operation: ESP Algo: Triple DES CBC HMAC: MD5
10-03: 22:54:43:311:370 Algo[0] MySpi: 2341583804 PeerSpi: 2309286182
10-03: 22:54:43:311:370 Encap Ports Src 500 Dst 500
10-03: 22:54:43:311:370 Skipping Outbound SA add
10-03: 22:54:43:311:370 Adding QMs: src = 172.210.147.153.0000, dst = 10.0.66.0.0000, proto = 00, context = 00000006, my tunnel = 172.210.147.153, peer tunnel = 81.250.xx.xx, SrcMask = 0.0.0.0, DestMask = 255.255.255.0 Lifetime = 3600 LifetimeKBytes 50000 dwFlags 201 Direction 3 EncapType 1
10-03: 22:54:43:311:370 Algo[0] Operation: ESP Algo: Triple DES CBC HMAC: MD5
10-03: 22:54:43:311:370 Algo[0] MySpi: 2341583804 PeerSpi: 2309286182
10-03: 22:54:43:311:370 Encap Ports Src 500 Dst 500
10-03: 22:54:43:311:370 Skipping Inbound SA add
10-03: 22:54:43:311:370 isadb_set_status sa:000F6C78 centry:0010E418 status 0
10-03: 22:54:43:311:370
10-03: 22:54:43:311:370 Sending: SA = 0x000F6C78 to 81.250.xx.xx:Type 4.500
10-03: 22:54:43:311:370 ISAKMP Header: (V1.0), len = 52
10-03: 22:54:43:311:370 I-COOKIE 2ddb7fe4f2ccc03d
10-03: 22:54:43:311:370 R-COOKIE 13f256fdb532308a
10-03: 22:54:43:311:370 exchange: Oakley Quick Mode
10-03: 22:54:43:311:370 flags: 1 ( encrypted )
10-03: 22:54:43:311:370 next payload: HASH
10-03: 22:54:43:311:370 message ID: c078b42e
10-03: 22:54:43:311:370 Ports S:f401 D:f401
10-03: 22:54:49:260:370
10-03: 22:54:49:260:370 Receive: (get) SA = 0x00000000 from 81.250.xx.xx.500
10-03: 22:54:49:260:370 ISAKMP Header: (V1.0), len = 84
10-03: 22:54:49:260:370 I-COOKIE 2ddb7fe4f2ccc03d
10-03: 22:54:49:260:370 R-COOKIE 4788737f6cfcf47f
10-03: 22:54:49:260:370 exchange: Oakley Main Mode
10-03: 22:54:49:260:370 flags: 0
10-03: 22:54:49:260:370 next payload: SA
10-03: 22:54:49:260:370 message ID: 00000000
10-03: 22:54:49:260:370 Cookie exists, or new receive throttle hit
10-03: 22:54:49:260:370 Responding with new SA 0
10-03: 22:54:49:260:370 HandleFirstPacketResponder failed 35ec



si cela vous parle alors merci de me traduire :o)
Jm
jmy1904
Matelot
Matelot
 
Messages: 4
Inscrit le: 07 Sep 2004 14:15
Haut
Publier une réponse

Retour vers IPCop

Qui est en ligne ?

Utilisateur(s) parcourant actuellement ce forum : Aucun utilisateur inscrit et 1 invité

Powered by boolaz