Reposting as I'm not seeing my reply showing up...
Here's a sample kerb negotiation:
1-20: 18:51:50:834:614 Acquire from driver: op=00000033 src=a.b.c.d.0
dst=e.f.g.h.0 proto = 0, SrcMask=0.0.0.0, DstMask=255.255.0.0, Tunnel 0,
TunnelEndpt=0.0.0.0 Inbound TunnelEndpt=0.0.0.0
1-20: 18:51:50:834:ee4 Filter to match: Src e.f.g.h Dst a.b.c.d
1-20: 18:51:50:834:ee4 MM PolicyName: 1
1-20: 18:51:50:834:ee4 MMPolicy dwFlags 2 SoftSAExpireTime 7200
1-20: 18:51:50:834:ee4 MMOffer[0] LifetimeSec 7200 QMLimit 0 DHGroup 2
1-20: 18:51:50:834:ee4 MMOffer[0] Encrypt: Triple DES CBC Hash: SHA
1-20: 18:51:50:834:ee4 MMOffer[1] LifetimeSec 7200 QMLimit 0 DHGroup 2
1-20: 18:51:50:834:ee4 MMOffer[1] Encrypt: Triple DES CBC Hash: MD5
1-20: 18:51:50:834:ee4 MMOffer[2] LifetimeSec 7200 QMLimit 0 DHGroup 1
1-20: 18:51:50:834:ee4 MMOffer[2] Encrypt: DES CBC Hash: SHA
1-20: 18:51:50:834:ee4 MMOffer[3] LifetimeSec 7200 QMLimit 0 DHGroup 1
1-20: 18:51:50:834:ee4 MMOffer[3] Encrypt: DES CBC Hash: MD5
1-20: 18:51:50:834:ee4 Auth[0]:Kerberos
1-20: 18:51:50:834:ee4 QM PolicyName: Test Security dwFlags 4
1-20: 18:51:50:834:ee4 QMOffer[0] LifetimeKBytes 57266230 LifetimeSec 3600
1-20: 18:51:50:834:ee4 QMOffer[0] dwFlags 0 dwPFSGroup 0
1-20: 18:51:50:834:ee4 Algo[0] Operation: ESP Algo: NULL DES HMAC: SHA
1-20: 18:51:50:834:ee4 QMOffer[1] LifetimeKBytes 57266230 LifetimeSec 3600
1-20: 18:51:50:834:ee4 QMOffer[1] dwFlags 0 dwPFSGroup 0
1-20: 18:51:50:834:ee4 Algo[0] Operation: ESP Algo: NULL DES HMAC: MD5
1-20: 18:51:50:834:ee4 QMOffer[2] LifetimeKBytes 57266230 LifetimeSec 3600
1-20: 18:51:50:834:ee4 QMOffer[2] dwFlags 0 dwPFSGroup 0
1-20: 18:51:50:834:ee4 Algo[0] Operation: AH Algo: SHA
1-20: 18:51:50:834:ee4 QMOffer[3] LifetimeKBytes 57266230 LifetimeSec 3600
1-20: 18:51:50:834:ee4 QMOffer[3] dwFlags 0 dwPFSGroup 0
1-20: 18:51:50:834:ee4 Algo[0] Operation: AH Algo: MD5
1-20: 18:51:50:834:ee4 QMOffer[4] LifetimeKBytes 57266230 LifetimeSec 3600
1-20: 18:51:50:834:ee4 QMOffer[4] dwFlags 0 dwPFSGroup 0
1-20: 18:51:50:834:ee4 Algo[0] Operation: ESP Algo: DES CBC HMAC: SHA
1-20: 18:51:50:834:ee4 QMOffer[5] LifetimeKBytes 57266230 LifetimeSec 3600
1-20: 18:51:50:834:ee4 QMOffer[5] dwFlags 0 dwPFSGroup 0
1-20: 18:51:50:834:ee4 Algo[0] Operation: ESP Algo: DES CBC HMAC: MD5
1-20: 18:51:50:834:ee4 QMOffer[6] LifetimeKBytes 57266230 LifetimeSec 3600
1-20: 18:51:50:834:ee4 QMOffer[6] dwFlags 0 dwPFSGroup 0
1-20: 18:51:50:834:ee4 Algo[0] Operation: ESP Algo: Triple DES CBC HMAC:
SHA
1-20: 18:51:50:834:ee4 QMOffer[7] LifetimeKBytes 57266230 LifetimeSec 3600
1-20: 18:51:50:834:ee4 QMOffer[7] dwFlags 0 dwPFSGroup 0
1-20: 18:51:50:834:ee4 Algo[0] Operation: ESP Algo: Triple DES CBC HMAC:
MD5
1-20: 18:51:50:834:ee4 Starting Negotiation: src = a.b.c.d.0500, dst =
e.f.g.h.0500, proto = 00, context = 00000033, ProxySrc = a.b.c.d.0000,
ProxyDst = e.f.g.h.0000 SrcMask = 0.0.0.0 DstMask = 0.0.0.0
1-20: 18:51:50:834:ee4 constructing ISAKMP Header
1-20: 18:51:50:834:ee4 constructing SA (ISAKMP)
1-20: 18:51:50:834:ee4 Constructing Vendor MS NT5 ISAKMPOAKLEY
1-20: 18:51:50:834:ee4 Constructing Vendor FRAGMENTATION
1-20: 18:51:50:834:ee4 Constructing Vendor draft-ietf-ipsec-nat-t-ike-02
1-20: 18:51:50:834:ee4 Constructing Vendor Vid-Initial-Contact
1-20: 18:51:50:834:ee4
1-20: 18:51:50:834:ee4 Sending: SA = 0x019A57D0 to e.f.g.h:Type 2.500
1-20: 18:51:50:834:ee4 ISAKMP Header: (V1.0), len = 708
1-20: 18:51:50:834:ee4 I-COOKIE 378b9e9cefc5baf5
1-20: 18:51:50:834:ee4 R-COOKIE 0000000000000000
1-20: 18:51:50:834:ee4 exchange: Oakley Main Mode
1-20: 18:51:50:834:ee4 flags: 0
1-20: 18:51:50:834:ee4 next payload: SA
1-20: 18:51:50:834:ee4 message ID: 00000000
1-20: 18:51:50:834:ee4 Ports S:f401 D:f401
1-20: 18:51:50:834:ee4
1-20: 18:51:50:834:ee4 Receive: (get) SA = 0x019a57d0 from e.f.g.h.500
1-20: 18:51:50:834:ee4 ISAKMP Header: (V1.0), len = 228
1-20: 18:51:50:834:ee4 I-COOKIE 378b9e9cefc5baf5
1-20: 18:51:50:834:ee4 R-COOKIE 4713587259605c52
1-20: 18:51:50:834:ee4 exchange: Oakley Main Mode
1-20: 18:51:50:834:ee4 flags: 0
1-20: 18:51:50:834:ee4 next payload: SA
1-20: 18:51:50:834:ee4 message ID: 00000000
1-20: 18:51:50:834:ee4 processing payload SA
1-20: 18:51:50:834:ee4 Received Phase 1 Transform 1
1-20: 18:51:50:834:ee4 Encryption Alg Triple DES CBC(5)
1-20: 18:51:50:834:ee4 Hash Alg SHA(2)
1-20: 18:51:50:834:ee4 Oakley Group 2
1-20: 18:51:50:834:ee4 Auth Method Kerberos (GSSAPI)(65001)
1-20: 18:51:50:834:ee4 Life type in Seconds
1-20: 18:51:50:834:ee4 Life duration of 7200
1-20: 18:51:50:834:ee4 SSPI len=76
1-20: 18:51:50:834:ee4 Phase 1 SA accepted: transform=1
1-20: 18:51:50:834:ee4 SA - Oakley proposal accepted
1-20: 18:51:50:834:ee4 processing payload VENDOR ID
1-20: 18:51:50:834:ee4 Received VendorId MS NT5 ISAKMPOAKLEY
1-20: 18:51:50:834:ee4 processing payload VENDOR ID
1-20: 18:51:50:834:ee4 Received VendorId FRAGMENTATION
1-20: 18:51:50:834:ee4 processing payload VENDOR ID
1-20: 18:51:50:834:ee4 Received VendorId draft-ietf-ipsec-nat-t-ike-02
1-20: 18:51:50:834:ee4 ClearFragList
1-20: 18:51:50:834:ee4 constructing ISAKMP Header
1-20: 18:51:50:897:ee4 constructing KE
1-20: 18:51:50:897:ee4 constructing NONCE (ISAKMP)
1-20: 18:51:50:897:ee4 constructing SSPI
1-20: 18:51:51:6:ee4 InitializeSecurityContext returned 590610
1-20: 18:51:51:6:ee4 Constructing NatDisc
1-20: 18:51:51:6:ee4
1-20: 18:51:51:6:ee4 Sending: SA = 0x019A57D0 to e.f.g.h:Type 2.500
1-20: 18:51:51:6:ee4 ISAKMP Header: (V1.0), len = 1441
1-20: 18:51:51:6:ee4 I-COOKIE 378b9e9cefc5baf5
1-20: 18:51:51:6:ee4 R-COOKIE 4713587259605c52
1-20: 18:51:51:6:ee4 exchange: Oakley Main Mode
1-20: 18:51:51:6:ee4 flags: 0
1-20: 18:51:51:6:ee4 next payload: KE
1-20: 18:51:51:6:ee4 message ID: 00000000
1-20: 18:51:51:6:ee4 Ports S:f401 D:f401
1-20: 18:51:51:69:ee4
1-20: 18:51:51:69:ee4 Receive: (get) SA = 0x019a57d0 from e.f.g.h.500
1-20: 18:51:51:69:ee4 ISAKMP Header: (V1.0), len = 371
1-20: 18:51:51:69:ee4 I-COOKIE 378b9e9cefc5baf5
1-20: 18:51:51:69:ee4 R-COOKIE 4713587259605c52
1-20: 18:51:51:69:ee4 exchange: Oakley Main Mode
1-20: 18:51:51:69:ee4 flags: 0
1-20: 18:51:51:69:ee4 next payload: KE
1-20: 18:51:51:69:ee4 message ID: 00000000
1-20: 18:51:51:69:ee4 processing payload KE
1-20: 18:51:51:84:ee4 processing payload NONCE
1-20: 18:51:51:84:ee4 processing payload SSPI
1-20: 18:51:51:84:ee4 InitSecCont status 0
1-20: 18:51:51:84:ee4 AUTH - Phase I SSPI authentication accepted
1-20: 18:51:51:84:ee4 processing payload NATDISC
1-20: 18:51:51:84:ee4 Processing NatHash
1-20: 18:51:51:84:ee4 Nat hash 0f5d68e86bb03f336d1464048193b249
1-20: 18:51:51:84:ee4 267a7975
1-20: 18:51:51:84:ee4 SA StateMask2 e
1-20: 18:51:51:84:ee4 processing payload NATDISC
1-20: 18:51:51:84:ee4 Processing NatHash
1-20: 18:51:51:84:ee4 Nat hash 1ae305cf7f23498dc8ab3c88418c6b2f
1-20: 18:51:51:84:ee4 15accf96
1-20: 18:51:51:84:ee4 SA StateMask2 8e
1-20: 18:51:51:84:ee4 ClearFragList
1-20: 18:51:51:84:ee4 constructing ISAKMP Header
1-20: 18:51:51:84:ee4 constructing ID
1-20: 18:51:51:84:ee4 MM ID Type 1
1-20: 18:51:51:84:ee4 MM ID 9d3b8d75
1-20: 18:51:51:84:ee4 constructing HASH
1-20: 18:51:51:84:ee4
1-20: 18:51:51:84:ee4 Sending: SA = 0x019A57D0 to e.f.g.h:Type 2.500
1-20: 18:51:51:84:ee4 ISAKMP Header: (V1.0), len = 116
1-20: 18:51:51:84:ee4 I-COOKIE 378b9e9cefc5baf5
1-20: 18:51:51:84:ee4 R-COOKIE 4713587259605c52
1-20: 18:51:51:84:ee4 exchange: Oakley Main Mode
1-20: 18:51:51:84:ee4 flags: 1 ( encrypted )
1-20: 18:51:51:84:ee4 next payload: ID
1-20: 18:51:51:84:ee4 message ID: 00000000
1-20: 18:51:51:84:ee4 Ports S:f401 D:f401
1-20: 18:51:51:84:ee4
1-20: 18:51:51:84:ee4 Receive: (get) SA = 0x019a57d0 from e.f.g.h.500
1-20: 18:51:51:84:ee4 ISAKMP Header: (V1.0), len = 116
1-20: 18:51:51:84:ee4 I-COOKIE 378b9e9cefc5baf5
1-20: 18:51:51:84:ee4 R-COOKIE 4713587259605c52
1-20: 18:51:51:84:ee4 exchange: Oakley Main Mode
1-20: 18:51:51:84:ee4 flags: 1 ( encrypted )
1-20: 18:51:51:84:ee4 next payload: ID
1-20: 18:51:51:84:ee4 message ID: 00000000
1-20: 18:51:51:84:ee4 processing payload ID
1-20: 18:51:51:84:ee4 processing payload HASH
1-20: 18:51:51:84:ee4 AUTH: Phase I authentication accepted
1-20: 18:51:51:84:ee4 ClearFragList
1-20: 18:51:51:84:ee4 MM established. SA: 019A57D0
1-20: 18:51:51:84:ee4 Peer KerbID
[email protected]
1-20: 18:51:51:84:ee4 QM PolicyName: Test Security dwFlags 4
1-20: 18:51:51:84:ee4 QMOffer[0] LifetimeKBytes 57266230 LifetimeSec 3600
1-20: 18:51:51:84:ee4 QMOffer[0] dwFlags 0 dwPFSGroup 0
1-20: 18:51:51:84:ee4 Algo[0] Operation: ESP Algo: NULL DES HMAC: SHA
1-20: 18:51:51:84:ee4 QMOffer[1] LifetimeKBytes 57266230 LifetimeSec 3600
1-20: 18:51:51:84:ee4 QMOffer[1] dwFlags 0 dwPFSGroup 0
1-20: 18:51:51:84:ee4 Algo[0] Operation: ESP Algo: NULL DES HMAC: MD5
1-20: 18:51:51:84:ee4 QMOffer[2] LifetimeKBytes 57266230 LifetimeSec 3600
1-20: 18:51:51:84:ee4 QMOffer[2] dwFlags 0 dwPFSGroup 0
1-20: 18:51:51:84:ee4 Algo[0] Operation: AH Algo: SHA
1-20: 18:51:51:84:ee4 QMOffer[3] LifetimeKBytes 57266230 LifetimeSec 3600
1-20: 18:51:51:84:ee4 QMOffer[3] dwFlags 0 dwPFSGroup 0
1-20: 18:51:51:84:ee4 Algo[0] Operation: AH Algo: MD5
1-20: 18:51:51:84:ee4 QMOffer[4] LifetimeKBytes 57266230 LifetimeSec 3600
1-20: 18:51:51:84:ee4 QMOffer[4] dwFlags 0 dwPFSGroup 0
1-20: 18:51:51:84:ee4 Algo[0] Operation: ESP Algo: DES CBC HMAC: SHA
1-20: 18:51:51:84:ee4 QMOffer[5] LifetimeKBytes 57266230 LifetimeSec 3600
1-20: 18:51:51:84:ee4 QMOffer[5] dwFlags 0 dwPFSGroup 0
1-20: 18:51:51:84:ee4 Algo[0] Operation: ESP Algo: DES CBC HMAC: MD5
1-20: 18:51:51:84:ee4 QMOffer[6] LifetimeKBytes 57266230 LifetimeSec 3600
1-20: 18:51:51:84:ee4 QMOffer[6] dwFlags 0 dwPFSGroup 0
1-20: 18:51:51:84:ee4 Algo[0] Operation: ESP Algo: Triple DES CBC HMAC:
SHA
1-20: 18:51:51:84:ee4 QMOffer[7] LifetimeKBytes 57266230 LifetimeSec 3600
1-20: 18:51:51:84:ee4 QMOffer[7] dwFlags 0 dwPFSGroup 0
1-20: 18:51:51:84:ee4 Algo[0] Operation: ESP Algo: Triple DES CBC HMAC:
MD5
1-20: 18:51:51:84:ee4 GetSpi: src = e.f.g.h.0000, dst = a.b.c.d.0000, proto
= 00, context = 00000033, srcMask = 255.255.255.255, destMask =
255.255.255.255, TunnelFilter 0
1-20: 18:51:51:84:ee4 Setting SPI 593726832
1-20: 18:51:51:84:ee4 constructing ISAKMP Header
1-20: 18:51:51:84:ee4 constructing HASH (null)
1-20: 18:51:51:84:ee4 constructing SA (IPSEC)
1-20: 18:51:51:84:ee4 constructing NONCE (IPSEC)
1-20: 18:51:51:84:ee4 constructing ID (proxy)
1-20: 18:51:51:84:ee4 constructing ID (proxy)
1-20: 18:51:51:84:ee4 constructing HASH (QM)
1-20: 18:51:51:84:ee4
1-20: 18:51:51:84:ee4 Sending: SA = 0x019A57D0 to e.f.g.h:Type 2.500
1-20: 18:51:51:84:ee4 ISAKMP Header: (V1.0), len = 468
1-20: 18:51:51:84:ee4 I-COOKIE 378b9e9cefc5baf5
1-20: 18:51:51:84:ee4 R-COOKIE 4713587259605c52
1-20: 18:51:51:84:ee4 exchange: Oakley Quick Mode
1-20: 18:51:51:84:ee4 flags: 1 ( encrypted )
1-20: 18:51:51:84:ee4 next payload: HASH
1-20: 18:51:51:84:ee4 message ID: bb897bd1
1-20: 18:51:51:84:ee4 Ports S:f401 D:f401
1-20: 18:51:51:100:ee4
1-20: 18:51:51:100:ee4 Receive: (get) SA = 0x019a57d0 from e.f.g.h.500
1-20: 18:51:51:100:ee4 ISAKMP Header: (V1.0), len = 164
1-20: 18:51:51:100:ee4 I-COOKIE 378b9e9cefc5baf5
1-20: 18:51:51:100:ee4 R-COOKIE 4713587259605c52
1-20: 18:51:51:100:ee4 exchange: Oakley Quick Mode
1-20: 18:51:51:100:ee4 flags: 3 ( encrypted commit )
1-20: 18:51:51:100:ee4 next payload: HASH
1-20: 18:51:51:100:ee4 message ID: bb897bd1
1-20: 18:51:51:100:ee4 processing HASH (QM)
1-20: 18:51:51:100:ee4 ClearFragList
1-20: 18:51:51:100:ee4 processing payload NONCE
1-20: 18:51:51:100:ee4 processing payload ID
1-20: 18:51:51:100:ee4 processing payload ID
1-20: 18:51:51:100:ee4 processing payload SA
1-20: 18:51:51:100:ee4 Negotiated Proxy ID: Src a.b.c.d.0 Dst e.f.g.h.0
1-20: 18:51:51:100:ee4 Checking Proposal 1: Proto= ESP(3), num trans=1
Next=0
1-20: 18:51:51:100:ee4 Checking Transform # 1: ID=NULL DES(11)
1-20: 18:51:51:100:ee4 SA life type in seconds
1-20: 18:51:51:100:ee4 SA life duration 00000e10
1-20: 18:51:51:100:ee4 SA life type in kilobytes
1-20: 18:51:51:100:ee4 SA life duration 0369d036
1-20: 18:51:51:100:ee4 tunnel mode is Transport Mode(2)
1-20: 18:51:51:100:ee4 HMAC algorithm is SHA(2)
1-20: 18:51:51:100:ee4 Phase 2 SA accepted: proposal=1 transform=1
1-20: 18:51:51:100:ee4 constructing ISAKMP Header
1-20: 18:51:51:100:ee4 constructing HASH (QM)
1-20: 18:51:51:100:ee4 Adding QMs: src = a.b.c.d.0000, dst = e.f.g.h.0000,
proto = 00, context = 00000033, my tunnel = 0.0.0.0, peer tunnel = 0.0.0.0,
SrcMask = 0.0.0.0, DestMask = 0.0.0.0 Lifetime = 3600 LifetimeKBytes
57266230 dwFlags 0 Direction 2 EncapType 1
1-20: 18:51:51:100:ee4 Algo[0] Operation: ESP Algo: NULL DES HMAC: SHA
1-20: 18:51:51:100:ee4 Algo[0] MySpi: 593726832 PeerSpi: 4143305975
1-20: 18:51:51:100:ee4 Encap Ports Src 500 Dst 500
1-20: 18:51:51:100:ee4 Skipping Outbound SA add
1-20: 18:51:51:100:ee4
1-20: 18:51:51:100:ee4 Sending: SA = 0x019A57D0 to e.f.g.h:Type 2.500
1-20: 18:51:51:100:ee4 ISAKMP Header: (V1.0), len = 52
1-20: 18:51:51:100:ee4 I-COOKIE 378b9e9cefc5baf5
1-20: 18:51:51:100:ee4 R-COOKIE 4713587259605c52
1-20: 18:51:51:100:ee4 exchange: Oakley Quick Mode
1-20: 18:51:51:100:ee4 flags: 3 ( encrypted commit )
1-20: 18:51:51:100:ee4 next payload: HASH
1-20: 18:51:51:100:ee4 message ID: bb897bd1
1-20: 18:51:51:100:ee4 Ports S:f401 D:f401
1-20: 18:51:51:100:ee4
1-20: 18:51:51:100:ee4 Receive: (get) SA = 0x019a57d0 from e.f.g.h.500
1-20: 18:51:51:100:ee4 ISAKMP Header: (V1.0), len = 84
1-20: 18:51:51:100:ee4 I-COOKIE 378b9e9cefc5baf5
1-20: 18:51:51:100:ee4 R-COOKIE 4713587259605c52
1-20: 18:51:51:100:ee4 exchange: Oakley Quick Mode
1-20: 18:51:51:100:ee4 flags: 3 ( encrypted commit )
1-20: 18:51:51:100:ee4 next payload: HASH
1-20: 18:51:51:100:ee4 message ID: bb897bd1
1-20: 18:51:51:100:ee4 processing HASH (Notify/Delete)
1-20: 18:51:51:100:ee4 ClearFragList
1-20: 18:51:51:100:ee4 processing payload NOTIFY
1-20: 18:51:51:100:ee4 Adding QMs: src = a.b.c.d.0000, dst = e.f.g.h.0000,
proto = 00, context = 00000033, my tunnel = 0.0.0.0, peer tunnel = 0.0.0.0,
SrcMask = 0.0.0.0, DestMask = 0.0.0.0 Lifetime = 3600 LifetimeKBytes
57266230 dwFlags 0 Direction 3 EncapType 1
1-20: 18:51:51:100:ee4 Algo[0] Operation: ESP Algo: NULL DES HMAC: SHA
1-20: 18:51:51:100:ee4 Algo[0] MySpi: 593726832 PeerSpi: 4143305975
1-20: 18:51:51:100:ee4 Encap Ports Src 500 Dst 500
1-20: 18:51:51:100:ee4 Skipping Inbound SA add
1-20: 18:51:51:100:ee4 Peer KerbID
[email protected]
1-20: 18:51:51:100:ee4 isadb_set_status sa:019A57D0 centry:000E5520 status
0
1-20: 18:51:51:100:ee4 CE Dead. sa:019A57D0 ce:000E5520 status:0
Here's a sample Cert negotiation:
1-20: 18:30:25:127:614 Acquire from driver: op=0000002D src=a.b.c.d.0
dst=e.f.g.h.0 proto = 0, SrcMask=0.0.0.0, DstMask=255.255.0.0, Tunnel 0,
TunnelEndpt=0.0.0.0 Inbound TunnelEndpt=0.0.0.0
1-20: 18:30:25:127:ee4 Filter to match: Src e.f.g.h Dst a.b.c.d
1-20: 18:30:25:127:ee4 MM PolicyName: 1
1-20: 18:30:25:142:ee4 MMPolicy dwFlags 2 SoftSAExpireTime 7200
1-20: 18:30:25:142:ee4 MMOffer[0] LifetimeSec 7200 QMLimit 0 DHGroup 2
1-20: 18:30:25:142:ee4 MMOffer[0] Encrypt: Triple DES CBC Hash: SHA
1-20: 18:30:25:142:ee4 MMOffer[1] LifetimeSec 7200 QMLimit 0 DHGroup 2
1-20: 18:30:25:142:ee4 MMOffer[1] Encrypt: Triple DES CBC Hash: MD5
1-20: 18:30:25:142:ee4 MMOffer[2] LifetimeSec 7200 QMLimit 0 DHGroup 1
1-20: 18:30:25:142:ee4 MMOffer[2] Encrypt: DES CBC Hash: SHA
1-20: 18:30:25:142:ee4 MMOffer[3] LifetimeSec 7200 QMLimit 0 DHGroup 1
1-20: 18:30:25:142:ee4 MMOffer[3] Encrypt: DES CBC Hash: MD5
1-20: 18:30:25:142:ee4 Auth[0]:Kerberos
1-20: 18:30:25:142:ee4 Auth[1]:RSA Sig O=Test, CN=Test Root CA AuthFlags 0
1-20: 18:30:25:142:ee4 Auth[2]:RSA Sig C=US, O=Test, OU=Test, CN=Test SA
Root CA AuthFlags 0
1-20: 18:30:25:142:ee4 Auth[3]:RSA Sig
[email protected], C=US, S=WA,
L=Redmond, O=Test, OU=Test, CN=Test Root Authority AuthFlags 0
1-20: 18:30:25:142:ee4 QM PolicyName: Test Security dwFlags 4
1-20: 18:30:25:142:ee4 QMOffer[0] LifetimeKBytes 57266230 LifetimeSec 3600
1-20: 18:30:25:142:ee4 QMOffer[0] dwFlags 0 dwPFSGroup 0
1-20: 18:30:25:142:ee4 Algo[0] Operation: ESP Algo: NULL DES HMAC: SHA
1-20: 18:30:25:142:ee4 QMOffer[1] LifetimeKBytes 57266230 LifetimeSec 3600
1-20: 18:30:25:142:ee4 QMOffer[1] dwFlags 0 dwPFSGroup 0
1-20: 18:30:25:142:ee4 Algo[0] Operation: ESP Algo: NULL DES HMAC: MD5
1-20: 18:30:25:142:ee4 QMOffer[2] LifetimeKBytes 57266230 LifetimeSec 3600
1-20: 18:30:25:142:ee4 QMOffer[2] dwFlags 0 dwPFSGroup 0
1-20: 18:30:25:142:ee4 Algo[0] Operation: AH Algo: SHA
1-20: 18:30:25:142:ee4 QMOffer[3] LifetimeKBytes 57266230 LifetimeSec 3600
1-20: 18:30:25:142:ee4 QMOffer[3] dwFlags 0 dwPFSGroup 0
1-20: 18:30:25:142:ee4 Algo[0] Operation: AH Algo: MD5
1-20: 18:30:25:142:ee4 QMOffer[4] LifetimeKBytes 57266230 LifetimeSec 3600
1-20: 18:30:25:142:ee4 QMOffer[4] dwFlags 0 dwPFSGroup 0
1-20: 18:30:25:142:ee4 Algo[0] Operation: ESP Algo: DES CBC HMAC: SHA
1-20: 18:30:25:142:ee4 QMOffer[5] LifetimeKBytes 57266230 LifetimeSec 3600
1-20: 18:30:25:142:ee4 QMOffer[5] dwFlags 0 dwPFSGroup 0
1-20: 18:30:25:142:ee4 Algo[0] Operation: ESP Algo: DES CBC HMAC: MD5
1-20: 18:30:25:142:ee4 QMOffer[6] LifetimeKBytes 57266230 LifetimeSec 3600
1-20: 18:30:25:142:ee4 QMOffer[6] dwFlags 0 dwPFSGroup 0
1-20: 18:30:25:142:ee4 Algo[0] Operation: ESP Algo: Triple DES CBC HMAC:
SHA
1-20: 18:30:25:142:ee4 QMOffer[7] LifetimeKBytes 57266230 LifetimeSec 3600
1-20: 18:30:25:142:ee4 QMOffer[7] dwFlags 0 dwPFSGroup 0
1-20: 18:30:25:142:ee4 Algo[0] Operation: ESP Algo: Triple DES CBC HMAC:
MD5
1-20: 18:30:25:142:ee4 Starting Negotiation: src = a.b.c.d.0500, dst =
e.f.g.h.0500, proto = 00, context = 0000002D, ProxySrc = a.b.c.d.0000,
ProxyDst = e.f.g.h.0000 SrcMask = 0.0.0.0 DstMask = 0.0.0.0
1-20: 18:30:25:142:ee4 constructing ISAKMP Header
1-20: 18:30:25:142:ee4 constructing SA (ISAKMP)
1-20: 18:30:25:142:ee4 Constructing Vendor MS NT5 ISAKMPOAKLEY
1-20: 18:30:25:142:ee4 Constructing Vendor FRAGMENTATION
1-20: 18:30:25:142:ee4 Constructing Vendor draft-ietf-ipsec-nat-t-ike-02
1-20: 18:30:25:142:ee4 Constructing Vendor Vid-Initial-Contact
1-20: 18:30:25:142:ee4
1-20: 18:30:25:142:ee4 Sending: SA = 0x019A3928 to e.f.g.h:Type 2.500
1-20: 18:30:25:142:ee4 ISAKMP Header: (V1.0), len = 708
1-20: 18:30:25:142:ee4 I-COOKIE 89457b8aee0b0f8f
1-20: 18:30:25:142:ee4 R-COOKIE 0000000000000000
1-20: 18:30:25:142:ee4 exchange: Oakley Main Mode
1-20: 18:30:25:142:ee4 flags: 0
1-20: 18:30:25:142:ee4 next payload: SA
1-20: 18:30:25:142:ee4 message ID: 00000000
1-20: 18:30:25:142:ee4 Ports S:f401 D:f401
1-20: 18:30:25:158:ee4
1-20: 18:30:25:158:ee4 Receive: (get) SA = 0x019a3928 from e.f.g.h.500
1-20: 18:30:25:158:ee4 ISAKMP Header: (V1.0), len = 148
1-20: 18:30:25:158:ee4 I-COOKIE 89457b8aee0b0f8f
1-20: 18:30:25:158:ee4 R-COOKIE d23c71d3c8fe1bf2
1-20: 18:30:25:158:ee4 exchange: Oakley Main Mode
1-20: 18:30:25:158:ee4 flags: 0
1-20: 18:30:25:158:ee4 next payload: SA
1-20: 18:30:25:158:ee4 message ID: 00000000
1-20: 18:30:25:158:ee4 processing payload SA
1-20: 18:30:25:158:ee4 Received Phase 1 Transform 1
1-20: 18:30:25:158:ee4 Encryption Alg Triple DES CBC(5)
1-20: 18:30:25:158:ee4 Hash Alg SHA(2)
1-20: 18:30:25:158:ee4 Oakley Group 2
1-20: 18:30:25:158:ee4 Auth Method RSA Signature with Certificates(3)
1-20: 18:30:25:158:ee4 Life type in Seconds
1-20: 18:30:25:158:ee4 Life duration of 7200
1-20: 18:30:25:158:ee4 Phase 1 SA accepted: transform=1
1-20: 18:30:25:158:ee4 SA - Oakley proposal accepted
1-20: 18:30:25:158:ee4 processing payload VENDOR ID
1-20: 18:30:25:158:ee4 Received VendorId MS NT5 ISAKMPOAKLEY
1-20: 18:30:25:158:ee4 processing payload VENDOR ID
1-20: 18:30:25:158:ee4 Received VendorId FRAGMENTATION
1-20: 18:30:25:158:ee4 processing payload VENDOR ID
1-20: 18:30:25:158:ee4 Received VendorId draft-ietf-ipsec-nat-t-ike-02
1-20: 18:30:25:158:ee4 ClearFragList
1-20: 18:30:25:158:ee4 constructing ISAKMP Header
1-20: 18:30:25:220:ee4 constructing KE
1-20: 18:30:25:220:ee4 constructing NONCE (ISAKMP)
1-20: 18:30:25:220:ee4 Constructing NatDisc
1-20: 18:30:25:220:ee4
1-20: 18:30:25:220:ee4 Sending: SA = 0x019A3928 to e.f.g.h:Type 2.500
1-20: 18:30:25:220:ee4 ISAKMP Header: (V1.0), len = 232
1-20: 18:30:25:220:ee4 I-COOKIE 89457b8aee0b0f8f
1-20: 18:30:25:220:ee4 R-COOKIE d23c71d3c8fe1bf2
1-20: 18:30:25:220:ee4 exchange: Oakley Main Mode
1-20: 18:30:25:220:ee4 flags: 0
1-20: 18:30:25:220:ee4 next payload: KE
1-20: 18:30:25:220:ee4 message ID: 00000000
1-20: 18:30:25:220:ee4 Ports S:f401 D:f401
1-20: 18:30:25:343:ee4
1-20: 18:30:25:343:ee4 Receive: (get) SA = 0x019a3928 from e.f.g.h.500
1-20: 18:30:25:343:ee4 ISAKMP Header: (V1.0), len = 392
1-20: 18:30:25:343:ee4 I-COOKIE 89457b8aee0b0f8f
1-20: 18:30:25:343:ee4 R-COOKIE d23c71d3c8fe1bf2
1-20: 18:30:25:343:ee4 exchange: Oakley Main Mode
1-20: 18:30:25:343:ee4 flags: 0
1-20: 18:30:25:343:ee4 next payload: KE
1-20: 18:30:25:343:ee4 message ID: 00000000
1-20: 18:30:25:343:ee4 processing payload KE
1-20: 18:30:25:359:ee4 processing payload NONCE
1-20: 18:30:25:359:ee4 processing payload CRP
1-20: 18:30:25:359:ee4 C=US, O=Test, OU=Test, CN=Test SA Root CA
1-20: 18:30:25:359:ee4 processing payload CRP
1-20: 18:30:25:359:ee4 O=Test, CN=Test Root CA
1-20: 18:30:25:359:ee4 processing payload NATDISC
1-20: 18:30:25:359:ee4 Processing NatHash
1-20: 18:30:25:359:ee4 Nat hash 952fe721eece32b455361d7d67c48998
1-20: 18:30:25:359:ee4 692c1b30
1-20: 18:30:25:359:ee4 SA StateMask2 e
1-20: 18:30:25:359:ee4 processing payload NATDISC
1-20: 18:30:25:359:ee4 Processing NatHash
1-20: 18:30:25:359:ee4 Nat hash ea3945ecaaa892f6e06594e4a2c0da71
1-20: 18:30:25:359:ee4 b8661494
1-20: 18:30:25:359:ee4 SA StateMask2 8e
1-20: 18:30:25:359:ee4 ClearFragList
1-20: 18:30:25:359:ee4 constructing ISAKMP Header
1-20: 18:30:25:359:ee4 constructing ID
1-20: 18:30:25:359:ee4 Looking for IPSec only cert
1-20: 18:30:25:436:ee4 Cert Trustes. 0 100
1-20: 18:30:25:436:ee4 Cert SHA Thumbprint aaaaaaaaaaaa
1-20: 18:30:25:621:ee4 Entered CRL check
1-20: 18:30:25:730:ee4 Left CRL check
1-20: 18:30:25:730:ee4 Cert SHA Thumbprint bbbbbbb
1-20: 18:30:25:730:ee4 SubjectName: DC=Test, DC=Test, OU=Test, OU=Test,
CN=Test1
1-20: 18:30:25:730:ee4 Cert Serialnumber ccccccccc
1-20: 18:30:25:730:ee4 Cert SHA Thumbprint ddddddddd
1-20: 18:30:25:730:ee4 SubjectName: DC=Test, DC=Test, OU=Test, OU=Test,
CN=Test2
1-20: 18:30:25:730:ee4 Cert Serialnumber eeeeeeee
1-20: 18:30:25:730:ee4 Cert SHA Thumbprint ffffffffff
1-20: 18:30:25:730:ee4 SubjectName: C=US, O=Test, OU=Test, CN=Test
Intermediate Subordinate
1-20: 18:30:25:730:ee4 Cert Serialnumber ggggggggg
1-20: 18:30:25:730:ee4 Cert SHA Thumbprint hhhhhhhhhhh
1-20: 18:30:25:730:ee4 SubjectName: C=US, O=Test, OU=Test, CN=Test SA Root
CA
1-20: 18:30:25:730:ee4 Cert Serialnumber iiiiiiiiii
1-20: 18:30:25:730:ee4 Cert SHA Thumbprint jjjjjjjjj
1-20: 18:30:25:730:ee4 Not storing My cert chain in SA.
1-20: 18:30:25:730:ee4 MM ID Type 9
1-20: 18:30:25:730:ee4 MM ID kkkkkkkkkkkk
1-20: 18:30:25:730:ee4 constructing CERT
1-20: 18:30:25:730:ee4 Construct SIG
1-20: 18:30:25:730:ee4 Constructing Cert Request
1-20: 18:30:25:730:ee4 O=Test, CN=Test
1-20: 18:30:25:730:ee4 Constructing Cert Request
1-20: 18:30:25:730:ee4 C=US, O=Test, OU=Test, CN=Test SA Root CA
1-20: 18:30:25:730:ee4 Constructing Cert Request
1-20: 18:30:25:730:ee4
[email protected], C=US, S=WA, L=Redmond, O=Test,
OU=Test, CN=Test Root Authority
1-20: 18:30:25:730:ee4
1-20: 18:30:25:730:ee4 Sending: SA = 0x019A3928 to e.f.g.h:Type 2.500
1-20: 18:30:25:730:ee4 ISAKMP Header: (V1.0), len = 5828
1-20: 18:30:25:730:ee4 I-COOKIE 89457b8aee0b0f8f
1-20: 18:30:25:730:ee4 R-COOKIE d23c71d3c8fe1bf2
1-20: 18:30:25:730:ee4 exchange: Oakley Main Mode
1-20: 18:30:25:730:ee4 flags: 1 ( encrypted )
1-20: 18:30:25:730:ee4 next payload: ID
1-20: 18:30:25:730:ee4 message ID: 00000000
1-20: 18:30:25:730:ee4 Ports S:f401 D:f401
1-20: 18:30:26:239:ee4
1-20: 18:30:26:239:ee4 Receive: (get) SA = 0x019a3928 from e.f.g.h.500
1-20: 18:30:26:239:ee4 ISAKMP Header: (V1.0), len = 5556
1-20: 18:30:26:239:ee4 I-COOKIE 89457b8aee0b0f8f
1-20: 18:30:26:239:ee4 R-COOKIE d23c71d3c8fe1bf2
1-20: 18:30:26:239:ee4 exchange: Oakley Main Mode
1-20: 18:30:26:239:ee4 flags: 1 ( encrypted )
1-20: 18:30:26:239:ee4 next payload: ID
1-20: 18:30:26:239:ee4 message ID: 00000000
1-20: 18:30:26:239:ee4 processing payload ID
1-20: 18:30:26:239:ee4 processing payload CERT
1-20: 18:30:26:239:ee4 processing payload SIG
1-20: 18:30:26:239:ee4 Verifying CertStore
1-20: 18:30:26:239:ee4 SubjectName: DC=Test, DC=Test, OU=Test, OU=Test,
OU=Test, CN=Test
1-20: 18:30:26:239:ee4 Cert Serialnumber aaaaaaaaa
1-20: 18:30:26:239:ee4 Cert SHA Thumbprint bbbbbbb
1-20: 18:30:26:239:ee4 SubjectName: DC=Test, DC=Test, DC=Test, CN=WTest
1-20: 18:30:26:239:ee4 Cert Serialnumber cccccccc
1-20: 18:30:26:239:ee4 Cert SHA Thumbprint ddddddd
1-20: 18:30:26:239:ee4 SubjectName: C=US, O=Test, OU=Test, CN=Test
Intermediate Subordinate
1-20: 18:30:26:239:ee4 Cert Serialnumber eeeeeeee
1-20: 18:30:26:239:ee4 Cert SHA Thumbprint ffffffff
1-20: 18:30:26:239:ee4 Cert Trustes. 0 100
1-20: 18:30:26:239:ee4 SubjectName: DC=Test, DC=Test, OU=Test, OU=Test,
OU=Test, CN=Test
1-20: 18:30:26:239:ee4 Cert Serialnumber ggggggg
1-20: 18:30:26:239:ee4 Cert SHA Thumbprint hhhhhh
1-20: 18:30:26:239:ee4 SubjectName: DC=Test, DC=Test, DC=Test, CN=Test
1-20: 18:30:26:239:ee4 Cert Serialnumber iiiiiiiiii
1-20: 18:30:26:239:ee4 Cert SHA Thumbprint jjjjjjjjj
1-20: 18:30:26:239:ee4 SubjectName: C=US, O=Test, OU=Test, CN=Test
Intermediate Subordinate
1-20: 18:30:26:239:ee4 Cert Serialnumber aaaaaaaa
1-20: 18:30:26:239:ee4 Cert SHA Thumbprint bbbbbbbb
1-20: 18:30:26:239:ee4 SubjectName: C=US, O=Test, OU=Test, CN=Test SA Root
CA
1-20: 18:30:26:239:ee4 Cert Serialnumber cccccccc
1-20: 18:30:26:239:ee4 Cert SHA Thumbprint ddddddd
1-20: 18:30:26:239:ee4 Not storing Peer's cert chain in SA.
1-20: 18:30:26:239:ee4 Cert SHA Thumbprint eeeeeeee
1-20: 18:30:26:239:ee4 Entered CRL check
1-20: 18:30:26:239:ee4 Left CRL check
1-20: 18:30:26:239:ee4 Signature validated
1-20: 18:30:26:239:ee4 ClearFragList
1-20: 18:30:26:239:ee4 MM established. SA: 019A3928
1-20: 18:30:26:270:ee4 QM PolicyName: Test Security dwFlags 4
1-20: 18:30:26:270:ee4 QMOffer[0] LifetimeKBytes 57266230 LifetimeSec 3600
1-20: 18:30:26:270:ee4 QMOffer[0] dwFlags 0 dwPFSGroup 0
1-20: 18:30:26:270:ee4 Algo[0] Operation: ESP Algo: NULL DES HMAC: SHA
1-20: 18:30:26:270:ee4 QMOffer[1] LifetimeKBytes 57266230 LifetimeSec 3600
1-20: 18:30:26:270:ee4 QMOffer[1] dwFlags 0 dwPFSGroup 0
1-20: 18:30:26:270:ee4 Algo[0] Operation: ESP Algo: NULL DES HMAC: MD5
1-20: 18:30:26:270:ee4 QMOffer[2] LifetimeKBytes 57266230 LifetimeSec 3600
1-20: 18:30:26:270:ee4 QMOffer[2] dwFlags 0 dwPFSGroup 0
1-20: 18:30:26:270:ee4 Algo[0] Operation: AH Algo: SHA
1-20: 18:30:26:270:ee4 QMOffer[3] LifetimeKBytes 57266230 LifetimeSec 3600
1-20: 18:30:26:270:ee4 QMOffer[3] dwFlags 0 dwPFSGroup 0
1-20: 18:30:26:270:ee4 Algo[0] Operation: AH Algo: MD5
1-20: 18:30:26:270:ee4 QMOffer[4] LifetimeKBytes 57266230 LifetimeSec 3600
1-20: 18:30:26:270:ee4 QMOffer[4] dwFlags 0 dwPFSGroup 0
1-20: 18:30:26:270:ee4 Algo[0] Operation: ESP Algo: DES CBC HMAC: SHA
1-20: 18:30:26:270:ee4 QMOffer[5] LifetimeKBytes 57266230 LifetimeSec 3600
1-20: 18:30:26:270:ee4 QMOffer[5] dwFlags 0 dwPFSGroup 0
1-20: 18:30:26:270:ee4 Algo[0] Operation: ESP Algo: DES CBC HMAC: MD5
1-20: 18:30:26:270:ee4 QMOffer[6] LifetimeKBytes 57266230 LifetimeSec 3600
1-20: 18:30:26:270:ee4 QMOffer[6] dwFlags 0 dwPFSGroup 0
1-20: 18:30:26:270:ee4 Algo[0] Operation: ESP Algo: Triple DES CBC HMAC:
SHA
1-20: 18:30:26:270:ee4 QMOffer[7] LifetimeKBytes 57266230 LifetimeSec 3600
1-20: 18:30:26:270:ee4 QMOffer[7] dwFlags 0 dwPFSGroup 0
1-20: 18:30:26:270:ee4 Algo[0] Operation: ESP Algo: Triple DES CBC HMAC:
MD5
1-20: 18:30:26:270:ee4 GetSpi: src = e.f.g.h.0000, dst = a.b.c.d.0000,
proto = 00, context = 0000002D, srcMask = 255.255.255.255, destMask =
255.255.255.255, TunnelFilter 0
1-20: 18:30:26:270:ee4 Setting SPI 1762709929
1-20: 18:30:26:270:ee4 constructing ISAKMP Header
1-20: 18:30:26:270:ee4 constructing HASH (null)
1-20: 18:30:26:270:ee4 constructing SA (IPSEC)
1-20: 18:30:26:270:ee4 constructing NONCE (IPSEC)
1-20: 18:30:26:270:ee4 constructing ID (proxy)
1-20: 18:30:26:270:ee4 constructing ID (proxy)
1-20: 18:30:26:270:ee4 constructing HASH (QM)
1-20: 18:30:26:270:ee4
1-20: 18:30:26:270:ee4 Sending: SA = 0x019A3928 to e.f.g.h:Type 2.500
1-20: 18:30:26:270:ee4 ISAKMP Header: (V1.0), len = 468
1-20: 18:30:26:270:ee4 I-COOKIE 89457b8aee0b0f8f
1-20: 18:30:26:270:ee4 R-COOKIE d23c71d3c8fe1bf2
1-20: 18:30:26:270:ee4 exchange: Oakley Quick Mode
1-20: 18:30:26:270:ee4 flags: 1 ( encrypted )
1-20: 18:30:26:270:ee4 next payload: HASH
1-20: 18:30:26:270:ee4 message ID: 3e8f41ba
1-20: 18:30:26:270:ee4 Ports S:f401 D:f401
1-20: 18:30:26:270:ee4
1-20: 18:30:26:270:ee4 Receive: (get) SA = 0x019a3928 from e.f.g.h.500
1-20: 18:30:26:270:ee4 ISAKMP Header: (V1.0), len = 164
1-20: 18:30:26:270:ee4 I-COOKIE 89457b8aee0b0f8f
1-20: 18:30:26:270:ee4 R-COOKIE d23c71d3c8fe1bf2
1-20: 18:30:26:286:ee4 exchange: Oakley Quick Mode
1-20: 18:30:26:286:ee4 flags: 3 ( encrypted commit )
1-20: 18:30:26:286:ee4 next payload: HASH
1-20: 18:30:26:286:ee4 message ID: 3e8f41ba
1-20: 18:30:26:286:ee4 processing HASH (QM)
1-20: 18:30:26:286:ee4 ClearFragList
1-20: 18:30:26:286:ee4 processing payload NONCE
1-20: 18:30:26:286:ee4 processing payload ID
1-20: 18:30:26:286:ee4 processing payload ID
1-20: 18:30:26:286:ee4 processing payload SA
1-20: 18:30:26:286:ee4 Negotiated Proxy ID: Src a.b.c.d.0 Dst e.f.g.h.0
1-20: 18:30:26:286:ee4 Checking Proposal 1: Proto= ESP(3), num trans=1
Next=0
1-20: 18:30:26:286:ee4 Checking Transform # 1: ID=NULL DES(11)
1-20: 18:30:26:286:ee4 SA life type in seconds
1-20: 18:30:26:286:ee4 SA life duration 00000e10
1-20: 18:30:26:286:ee4 SA life type in kilobytes
1-20: 18:30:26:286:ee4 SA life duration 0369d036
1-20: 18:30:26:286:ee4 tunnel mode is Transport Mode(2)
1-20: 18:30:26:286:ee4 HMAC algorithm is SHA(2)
1-20: 18:30:26:286:ee4 Phase 2 SA accepted: proposal=1 transform=1
1-20: 18:30:26:286:ee4 constructing ISAKMP Header
1-20: 18:30:26:286:ee4 constructing HASH (QM)
1-20: 18:30:26:286:ee4 Adding QMs: src = a.b.c.d.0000, dst = e.f.g.h.0000,
proto = 00, context = 0000002D, my tunnel = 0.0.0.0, peer tunnel = 0.0.0.0,
SrcMask = 0.0.0.0, DestMask = 0.0.0.0 Lifetime = 3600 LifetimeKBytes
57266230 dwFlags 0 Direction 2 EncapType 1
1-20: 18:30:26:286:ee4 Algo[0] Operation: ESP Algo: NULL DES HMAC: SHA
1-20: 18:30:26:286:ee4 Algo[0] MySpi: 1762709929 PeerSpi: 698504243
1-20: 18:30:26:286:ee4 Encap Ports Src 500 Dst 500
1-20: 18:30:26:286:ee4 Skipping Outbound SA add
1-20: 18:30:26:286:ee4
1-20: 18:30:26:286:ee4 Sending: SA = 0x019A3928 to e.f.g.h:Type 2.500
1-20: 18:30:26:286:ee4 ISAKMP Header: (V1.0), len = 52
1-20: 18:30:26:286:ee4 I-COOKIE 89457b8aee0b0f8f
1-20: 18:30:26:286:ee4 R-COOKIE d23c71d3c8fe1bf2
1-20: 18:30:26:286:ee4 exchange: Oakley Quick Mode
1-20: 18:30:26:286:ee4 flags: 3 ( encrypted commit )
1-20: 18:30:26:286:ee4 next payload: HASH
1-20: 18:30:26:286:ee4 message ID: 3e8f41ba
1-20: 18:30:26:286:ee4 Ports S:f401 D:f401
1-20: 18:30:26:286:ee4
1-20: 18:30:26:286:ee4 Receive: (get) SA = 0x019a3928 from e.f.g.h.500
1-20: 18:30:26:286:ee4 ISAKMP Header: (V1.0), len = 84
1-20: 18:30:26:286:ee4 I-COOKIE 89457b8aee0b0f8f
1-20: 18:30:26:286:ee4 R-COOKIE d23c71d3c8fe1bf2
1-20: 18:30:26:286:ee4 exchange: Oakley Quick Mode
1-20: 18:30:26:286:ee4 flags: 3 ( encrypted commit )
1-20: 18:30:26:286:ee4 next payload: HASH
1-20: 18:30:26:286:ee4 message ID: 3e8f41ba
1-20: 18:30:26:286:ee4 processing HASH (Notify/Delete)
1-20: 18:30:26:286:ee4 ClearFragList
1-20: 18:30:26:286:ee4 processing payload NOTIFY
1-20: 18:30:26:286:ee4 Adding QMs: src = a.b.c.d.0000, dst = e.f.g.h.0000,
proto = 00, context = 0000002D, my tunnel = 0.0.0.0, peer tunnel = 0.0.0.0,
SrcMask = 0.0.0.0, DestMask = 0.0.0.0 Lifetime = 3600 LifetimeKBytes
57266230 dwFlags 0 Direction 3 EncapType 1
1-20: 18:30:26:286:ee4 Algo[0] Operation: ESP Algo: NULL DES HMAC: SHA
1-20: 18:30:26:286:ee4 Algo[0] MySpi: 1762709929 PeerSpi: 698504243
1-20: 18:30:26:286:ee4 Encap Ports Src 500 Dst 500
1-20: 18:30:26:286:ee4 Skipping Inbound SA add
1-20: 18:30:26:286:ee4 isadb_set_status sa:019A3928 centry:000E53E8 status
0
1-20: 18:30:26:286:ee4 CE Dead. sa:019A3928 ce:000E53E8 status:0
1-20: 18:30:26:286:ee4
1-20: 18:30:26:286:ee4 Receive: (get) SA = 0x019a3928 from e.f.g.h.500
1-20: 18:30:26:286:ee4 ISAKMP Header: (V1.0), len = 180
1-20: 18:30:26:286:ee4 I-COOKIE 89457b8aee0b0f8f
1-20: 18:30:26:286:ee4 R-COOKIE d23c71d3c8fe1bf2
1-20: 18:30:26:286:ee4 exchange: Oakley Quick Mode
1-20: 18:30:26:286:ee4 flags: 1 ( encrypted )
1-20: 18:30:26:286:ee4 next payload: HASH
1-20: 18:30:26:286:ee4 message ID: d0a7e2d7
1-20: 18:30:26:286:ee4 processing HASH (QM)
1-20: 18:30:26:286:ee4 ClearFragList
1-20: 18:30:26:286:ee4 processing payload NONCE
1-20: 18:30:26:286:ee4 processing payload ID
1-20: 18:30:26:286:ee4 processing payload ID
1-20: 18:30:26:286:ee4 processing payload SA
1-20: 18:30:26:286:ee4 Negotiated Proxy ID: Src e.f.g.h.0 Dst a.b.c.d.0
1-20: 18:30:26:286:ee4 Checking Proposal 1: Proto= ESP(3), num trans=2
Next=0
1-20: 18:30:26:286:ee4 Checking Transform # 1: ID=NULL DES(11)
1-20: 18:30:26:286:ee4 tunnel mode is Transport Mode(2)
1-20: 18:30:26:286:ee4 HMAC algorithm is SHA(2)
1-20: 18:30:26:286:ee4 Checking Transform # 2: ID=Triple DES CBC(3)
1-20: 18:30:26:286:ee4 SA life type in seconds
1-20: 18:30:26:286:ee4 SA life duration 00008ca0
1-20: 18:30:26:286:ee4 SA life type in kilobytes
1-20: 18:30:26:286:ee4 SA life duration 000f4240
1-20: 18:30:26:286:ee4 tunnel mode is Transport Mode(2)
1-20: 18:30:26:286:ee4 HMAC algorithm is SHA(2)
1-20: 18:30:26:286:ee4 Finding Responder Policy for SRC=e.f.g.h.0000
DST=a.b.c.d.0000, SRCMask=255.255.255.255, DSTMask=255.255.255.255, Prot=6
InTunnelEndpt 0 OutTunnelEndpt 0
1-20: 18:30:26:286:ee4 QM PolicyName: Test Security dwFlags 4
1-20: 18:30:26:286:ee4 QMOffer[0] LifetimeKBytes 57266230 LifetimeSec 3600
1-20: 18:30:26:286:ee4 QMOffer[0] dwFlags 0 dwPFSGroup 0
1-20: 18:30:26:286:ee4 Algo[0] Operation: ESP Algo: NULL DES HMAC: SHA
1-20: 18:30:26:286:ee4 QMOffer[1] LifetimeKBytes 57266230 LifetimeSec 3600
1-20: 18:30:26:286:ee4 QMOffer[1] dwFlags 0 dwPFSGroup 0
1-20: 18:30:26:286:ee4 Algo[0] Operation: ESP Algo: NULL DES HMAC: MD5
1-20: 18:30:26:286:ee4 QMOffer[2] LifetimeKBytes 57266230 LifetimeSec 3600
1-20: 18:30:26:286:ee4 QMOffer[2] dwFlags 0 dwPFSGroup 0
1-20: 18:30:26:286:ee4 Algo[0] Operation: AH Algo: SHA
1-20: 18:30:26:286:ee4 QMOffer[3] LifetimeKBytes 57266230 LifetimeSec 3600
1-20: 18:30:26:286:ee4 QMOffer[3] dwFlags 0 dwPFSGroup 0
1-20: 18:30:26:286:ee4 Algo[0] Operation: AH Algo: MD5
1-20: 18:30:26:286:ee4 QMOffer[4] LifetimeKBytes 57266230 LifetimeSec 3600
1-20: 18:30:26:286:ee4 QMOffer[4] dwFlags 0 dwPFSGroup 0
1-20: 18:30:26:286:ee4 Algo[0] Operation: ESP Algo: DES CBC HMAC: SHA
1-20: 18:30:26:286:ee4 QMOffer[5] LifetimeKBytes 57266230 LifetimeSec 3600
1-20: 18:30:26:286:ee4 QMOffer[5] dwFlags 0 dwPFSGroup 0
1-20: 18:30:26:286:ee4 Algo[0] Operation: ESP Algo: DES CBC HMAC: MD5
1-20: 18:30:26:286:ee4 QMOffer[6] LifetimeKBytes 57266230 LifetimeSec 3600
1-20: 18:30:26:286:ee4 QMOffer[6] dwFlags 0 dwPFSGroup 0
1-20: 18:30:26:286:ee4 Algo[0] Operation: ESP Algo: Triple DES CBC HMAC:
SHA
1-20: 18:30:26:286:ee4 QMOffer[7] LifetimeKBytes 57266230 LifetimeSec 3600
1-20: 18:30:26:286:ee4 QMOffer[7] dwFlags 0 dwPFSGroup 0
1-20: 18:30:26:286:ee4 Algo[0] Operation: ESP Algo: Triple DES CBC HMAC:
MD5
1-20: 18:30:26:286:ee4 Policy too general
1-20: 18:30:26:286:ee4 Phase 2 SA accepted: proposal=1 transform=1
1-20: 18:30:26:286:ee4 Adding default policy for SRC=h.g.f.e.0000
DST=d.c.b.a.0000, SRCMask=ffffffff, DSTMask=ffffffff, Prot=6, TunnelFilter
0, TunnelAddr 0
1-20: 18:30:26:301:ee4 GetSpi: src = e.f.g.h.0000, dst = a.b.c.d.0000,
proto = 06, context = 00000000, srcMask = 255.255.255.255, destMask =
255.255.255.255, TunnelFilter 0
1-20: 18:30:26:301:ee4 Setting SPI 1746025742
1-20: 18:30:26:301:ee4 constructing ISAKMP Header
1-20: 18:30:26:301:ee4 constructing HASH (null)
1-20: 18:30:26:301:ee4 constructing SA (IPSEC)
1-20: 18:30:26:301:ee4 constructing NONCE (IPSEC)
1-20: 18:30:26:301:ee4 constructing ID (proxy)
1-20: 18:30:26:301:ee4 constructing ID (proxy)
1-20: 18:30:26:301:ee4 constructing HASH (QM)
1-20: 18:30:26:301:ee4
1-20: 18:30:26:301:ee4 Sending: SA = 0x019A3928 to e.f.g.h:Type 2.500
1-20: 18:30:26:301:ee4 ISAKMP Header: (V1.0), len = 140
1-20: 18:30:26:301:ee4 I-COOKIE 89457b8aee0b0f8f
1-20: 18:30:26:301:ee4 R-COOKIE d23c71d3c8fe1bf2
1-20: 18:30:26:301:ee4 exchange: Oakley Quick Mode
1-20: 18:30:26:301:ee4 flags: 3 ( encrypted commit )
1-20: 18:30:26:301:ee4 next payload: HASH
1-20: 18:30:26:301:ee4 message ID: d0a7e2d7
1-20: 18:30:26:301:ee4 Ports S:f401 D:f401
1-20: 18:30:26:301:ee4
1-20: 18:30:26:301:ee4 Receive: (get) SA = 0x019a3928 from e.f.g.h.500
1-20: 18:30:26:301:ee4 ISAKMP Header: (V1.0), len = 52
1-20: 18:30:26:301:ee4 I-COOKIE 89457b8aee0b0f8f
1-20: 18:30:26:301:ee4 R-COOKIE d23c71d3c8fe1bf2
1-20: 18:30:26:301:ee4 exchange: Oakley Quick Mode
1-20: 18:30:26:301:ee4 flags: 3 ( encrypted commit )
1-20: 18:30:26:301:ee4 next payload: HASH
1-20: 18:30:26:301:ee4 message ID: d0a7e2d7
1-20: 18:30:26:301:ee4 processing HASH (QM)
1-20: 18:30:26:301:ee4 ClearFragList
1-20: 18:30:26:301:ee4 Adding QMs: src = a.b.c.d.0000, dst = e.f.g.h.0000,
proto = 06, context = 0000002E, my tunnel = 0.0.0.0, peer tunnel = 0.0.0.0,
SrcMask = 0.0.0.0, DestMask = 0.0.0.0 Lifetime = 3600 LifetimeKBytes
57266230 dwFlags 0 Direction 1 EncapType 1
1-20: 18:30:26:301:ee4 Algo[0] Operation: ESP Algo: NULL DES HMAC: SHA
1-20: 18:30:26:301:ee4 Algo[0] MySpi: 1746025742 PeerSpi: 3057779403
1-20: 18:30:26:301:ee4 Encap Ports Src 500 Dst 500
1-20: 18:30:26:301:ee4 isadb_set_status sa:019A3928 centry:000E5520 status
0
1-20: 18:30:26:301:ee4 Constructing Commit Notify
1-20: 18:30:26:301:ee4 constructing ISAKMP Header
1-20: 18:30:26:301:ee4 constructing HASH (null)
1-20: 18:30:26:301:ee4 constructing NOTIFY 16384
1-20: 18:30:26:301:ee4 constructing HASH (QM)
1-20: 18:30:26:301:ee4
1-20: 18:30:26:301:ee4 Sending: SA = 0x019A3928 to e.f.g.h:Type 4.500
1-20: 18:30:26:301:ee4 ISAKMP Header: (V1.0), len = 84
1-20: 18:30:26:301:ee4 I-COOKIE 89457b8aee0b0f8f
1-20: 18:30:26:301:ee4 R-COOKIE d23c71d3c8fe1bf2
1-20: 18:30:26:301:ee4 exchange: Oakley Quick Mode
1-20: 18:30:26:301:ee4 flags: 3 ( encrypted commit )
1-20: 18:30:26:301:ee4 next payload: HASH
1-20: 18:30:26:301:ee4 message ID: d0a7e2d7
1-20: 18:30:26:301:ee4 Ports S:f401 D:f401