Target : undefined show vpn status profile name:default -------------------------------------------------- current using tunnel :unselected tunnel current tunnel using time :0 ipsec is preempt status :disable ipsec is fast failover status :disable ipsec hold on period :600s ipsec tunnel monitor frequency (seconds/packet) :5 ipsec tunnel monitor timeout by lost packet cnt :6 ipsec reconnect duration (seconds) :30 ipsec primary tunnel crypto type :Cert ipsec primary tunnel peer address :10.20.202.10 ipsec primary tunnel peer tunnel ip :0.0.0.0 ipsec primary tunnel ap tunnel ip :0.0.0.0 ipsec primary tunnel using interface : ipsec primary tunnel using MTU :0 ipsec primary tunnel profile index :0 ipsec primary tunnel current sm status :Retrying ipsec primary tunnel tunnel status :Down ipsec primary tunnel tunnel retry times :3 ipsec primary tunnel tunnel uptime :0 ipsec backup tunnel crypto type :Cert ipsec backup tunnel peer address :N/A ipsec backup tunnel peer tunnel ip :N/A ipsec backup tunnel ap tunnel ip :N/A ipsec backup tunnel using interface :N/A ipsec backup tunnel using MTU :N/A ipsec backup tunnel current sm status :Init ipsec backup tunnel tunnel status :Down ipsec backup tunnel tunnel retry times :0 ipsec backup tunnel tunnel uptime :0 end of show vpn status ======================================================== show gre status GRE not configured - no status end of show gre status ======================================================== show upgrade info swarm upgrade status -------------------- Mac IP Address Seed AP AP Class Status Image Info --- ---------- ------- -------- ------ ---------- 90:4c:81:c0:f6:0c 192.168.0.3 No Draco image-ok From Seed Auto reboot :enable Use external URL :enable Conductor wait Time :0 secs 0 count Switch Partition :enable Upgrade in process :No UAP convert process :No end of show upgrade info ======================================================== show log upgrade ----------Download log start---------- download log not available ----------Download log end------------ Download status: incomplete ----------Upgrade log start---------- upgrade log not available ----------Upgrade log end------------ Upgrade status: upgrade status not available end of show log upgrade ======================================================== show log rapper Feb 01, 13:42:06: get_ike_version: Use IKE Version 2 Feb 01, 13:42:06: rapper_write_pid_to_file: wrote rapper pid 9917 to file /tmp/rapper_pid_1 Feb 01, 13:42:06: papi_init papifd:6 ack:15 IKE_EXAMPLE: Starting up IKE server Feb 01, 13:42:06: IKE_init: ethmacstr = 90:4C:81:C0:F6:0C Initialized Timers IKE_init: completed after (0.0)(pid:9917) time:2022-02-01 13:42:06 seconds. Feb 01, 13:42:06: RAP using default certificates Feb 01, 13:42:06: IAP using default CA certificates Feb 01, 13:42:06: Before getting Certs Feb 01, 13:42:06: TPM enabled Feb 01, 13:42:06: get_usb_type: Unable to open /tmp/usb_type Feb 01, 13:42:06: get_usb_csr: Unable to open /tmp/usb_csr Feb 01, 13:42:06: CA_MGMT_EXAMPLE_computeHostKeys init cert-len 0 Feb 01, 13:42:06: Factory Device Cert is /tmp/deviceCerts/certifiedKeyCert.der Feb 01, 13:42:06: Reading DER Device Cert file /tmp/deviceCerts/certifiedKeyCert.der Feb 01, 13:42:06: DER Device Cert file len:1713 Feb 01, 13:42:06: Intermediate Cert index:0 is /tmp/deviceCerts/certifiedKeyCaCert.der Feb 01, 13:42:06: Reading DER Intermediate Cert file Feb 01, 13:42:06: DER Intermediate Cert file len:1118 Feb 01, 13:42:06: Intermediate Cert index:1 is /tmp/deviceCerts/caChainCert1.der Feb 01, 13:42:06: Reading DER Intermediate Cert file Feb 01, 13:42:06: DER Intermediate Cert file len:1333 Feb 01, 13:42:06: Decode PEM Key length :0 Feb 01, 13:42:06: testHostKeys : status 0 Feb 01, 13:42:06: testHostKeys : free temp Certificate status 0 Feb 01, 13:42:06: CA_MGMT_EXAMPLE_computeHostKeys after testHostKeys cert-len 1713 Feb 01, 13:42:06: CA Cert index:0 is /tmp/deviceCerts/OpensslOldCA_RootCert.der Feb 01, 13:42:06: Reading CA Cert file Feb 01, 13:42:06: i=0 DER CA Cert file len:1416 Feb 01, 13:42:06: CA Cert index:1 is /tmp/deviceCerts/MSCAV1_RootCert.der Feb 01, 13:42:06: Reading CA Cert file Feb 01, 13:42:06: i=1 DER CA Cert file len:1009 Feb 01, 13:42:06: CA Cert index:2 is /tmp/deviceCerts/Aruba_EST_CA_RootCert.der Feb 01, 13:42:06: Reading CA Cert file Feb 01, 13:42:06: i=2 DER CA Cert file len:992 Feb 01, 13:42:06: Got 3 Trusted Certs Feb 01, 13:42:06: CSS CA Cert is /tmp/deviceCerts/CSS_CA_RootCert.der Feb 01, 13:42:06: Reading DER CA Cert file Feb 01, 13:42:06: Error in reading DER CA Cert:/tmp/deviceCerts/CSS_CA_RootCert.der, Ignore It Feb 01, 13:42:06: CA Cert status : 0 Before IKE_initServer Feb 01, 13:42:06: IKE_initServer: Cert length 1713 IKE_initServer: Host Certificate is set (RSA-SIG) {CN=CNG2K511VX::90:4c:81:c0:f6:0c} Feb 01, 13:42:06: get_ip_from_dev: interface name = br0 Feb 01, 13:42:06: get_ip_from_dev: interface name = br0 Feb 01, 13:42:06: IKE_EXAMPLE_addServer port:0 natt:0 Feb 01, 13:42:06: get_ip_from_dev: interface name = br0 Feb 01, 13:42:06: IKE_EXAMPLE_addServer:2330 dev_name br0 saddr 192.168.0.3 Feb 01, 13:42:06: IKE_EXAMPLE_addUdpSkt STARTS Feb 01, 13:42:06: IKE_EXAMPLE_addUdpSkt:2035 family is v4 hostAddr= 192.168.0.3 wHostPort = 0 Feb 01, 13:42:06: get_ip_from_dev: interface name = br0 Feb 01, 13:42:06: srcdev_name = br0 ip 192.168.0.3 Feb 01, 13:42:06: IKE_EXAMPLE_addUdpSkt: Using SocketIndex:0 IKE_EXAMPLE: Socket created on 192.168.0.3[0] Feb 01, 13:42:06: IKE_EXAMPLE_addServer:2388 socket descriptor is 0 port number 65359 for server instance 0 at 0th index addr 192.168.0.3 Feb 01, 13:42:06: IKE_EXAMPLE_addUdpSkt STARTS Feb 01, 13:42:06: IKE_EXAMPLE_addUdpSkt:2035 family is v4 hostAddr= 192.168.0.3 wHostPort = 65360 Feb 01, 13:42:06: get_ip_from_dev: interface name = br0 Feb 01, 13:42:06: srcdev_name = br0 ip 192.168.0.3 Feb 01, 13:42:06: IKE_EXAMPLE_addUdpSkt: Using SocketIndex:1 IKE_EXAMPLE: Socket created on 192.168.0.3[65360] Feb 01, 13:42:06: IKE_EXAMPLE_addServer:2437 socket descriptor is 1 port number 65360 for server instance 0 at 1st index addr 192.168.0.3 Feb 01, 13:42:06: IKE_EXAMPLE_addDefaultServers status:0 Feb 01, 13:42:06: setup_tunnel:5102: Setenv TUNDEV setup_tunnel successful Feb 01, 13:42:06: tunnel address = 10.20.202.10 Feb 01, 13:42:06: hostAddr = 192.168.0.3 (0.0)(pid:9917) time:2022-02-01 13:42:06 SA_INIT dest=10.20.202.10 Feb 01, 13:42:06: IKE_evtRecv: Initialize IKE SA Feb 01, 13:42:06: IKE_CUSTOM_getVersion(peerAddr:10.20.202.10): ikeVersion:2 Feb 01, 13:42:06: IKE2_evtInit:1168: peerAddr=10.20.202.10 peerAddr->family=2 Feb 01, 13:42:06: IKE_allocSa my_rapper_index 0 serverInstance 1 for 192.168.0.3 Timer ID: 1 Initialized Feb 01, 13:42:06: IKE_SA_INIT Feb 01, 13:42:06: IKE2_newSa(822): NEW SA, DhGrp 2 (0) Feb 01, 13:42:06: IKE2_newSa(peerAddr:169134602): IKE_SA-lifetime:28000 Feb 01, 13:42:06: IKE2_getStateInfo start oExchange = 34 dir = 0 Feb 01, 13:42:06: IKE2_xchgOut:(226): IPV4 IMPLEMENTATION ctx->dwBufferSize=0 ctx->bUseNattPort=0 I --> Feb 01, 13:42:06: I --> Feb 01, 13:42:06: construct outgoing message Feb 01, 13:42:06: initI_out : IPV4 IMPLEMENTATION Feb 01, 13:42:06: OutSa(v2-peerAddr::: pxSa->dwPeerAddr:10.20.202.10): Entered Feb 01, 13:42:06: OutSa: ike sa ENCR_AES 128-BITS ENCR_AES 256-BITS PRF_HMAC_SHA1 AUTH_HMAC_SHA1_96 DH_2 NAT_D (us): fa 5a 6b ff 44 e0 b7 0a cb b3 be 52 b4 66 32 93 67 ca 53 fb NAT_D (peer): 5c 13 73 d2 6d be d2 0b 22 91 d4 42 30 7c 28 6b 95 9f 14 0d Feb 01, 13:42:06: RAPPER_ERROR_FILE doesn't exist Feb 01, 13:42:06: RAPPER_ERROR_FILE doesn't exist Feb 01, 13:42:06: RAPPER_ERROR_FILE doesn't exist Feb 01, 13:42:06: RAPPER_ERROR_FILE doesn't exist Feb 01, 13:42:06: RAPPER_ERROR_FILE doesn't exist Feb 01, 13:42:06: transmit message spi={5e18d9ebcecedddb 0000000000000000} np=SA exchange=IKE_SA_INIT msgid=0 len=388 #SEND 392 bytes to 10.20.202.10[4500] (0.0)(pid:9917) time:2022-02-01 13:42:06 Feb 01, 13:42:06: IKE_SAMPLE_ikeXchgSend:2735:V4 IMPLEMENATION dwPeerAddr=10.20.202.10 bUseNattPort=1 Feb 01, 13:42:06: Sending from SrcPort 65360 ---> DstPort 4500 myAddr = 192.168.0.3 Feb 01, 13:42:06: IKE_SAMPLE_ikeXchgSend Successfully setsockopt UDP_ENCAP port 65360 Feb 01, 13:42:06: send message: dwPeerAddr=10.20.202.10, wPeerPort=4500, pBuffer=, dwBufferSize=392 Feb 01, 13:42:06: UDP_sendTo successful IKE_EXAMPLE: UDP_sendTo() successful, status = 0 sendto() returns 2 Remote IP address = 10.20.202.10 IKE_EXAMPLE: IKE_keyConnect() started, id = 0xFeb 01, 13:42:06: IKE_EXAMPLE: IKE_keyConnect() started, id = 0x on device br0 9d80f3a2... Feb 01, 13:42:06: papi:15200 Feb 01, 13:42:06: IKE_EXAMPLE_msgRecv:2160:V4 IMPLEMENATION peerAddr = 10.20.202.10 Feb 01, 13:42:06: IKE2_msgRecv:(1650): IPV4 IMPLEMENTATION bUseNattPort=1 Feb 01, 13:42:06: IKE2_msgRecv:1664 original ike_context created #RECV 60 bytes from 10.20.202.10[4500] at 192.168.0.3 (0.0)(pid:9917) time:2022-02-01 13:42:06 Feb 01, 13:42:06: IKE2_msgRecv:1744: Feb 01, 13:42:06: IKE2_xchgIn:(798): IPV4 IMPLEMENTATION ctx->dwBufferSize=60 ctx->bUseNattPort=1 spi={5e18d9ebcecedddb 0000000000000000} np=N exchange=IKE_SA_INIT msgid=0 len=56 I <-- Feb 01, 13:42:06: InNotify:(8316): IPV4 IMPLEMENTATION ctx->dwBufferSize=28 ctx->bUseNattPort=1 Notify: COOKIE Feb 01, 13:42:06: IKE2_xchgIn:1378 bResponse=1 status=0 Feb 01, 13:42:06: IKE2_msgRecv:1834 create new context, status_in=0 Feb 01, 13:42:06: |ocsp| IKE2_msgRecv_resume:2077 Feb 01, 13:42:06: IKE2_xchgOut:(226): IPV4 IMPLEMENTATION ctx->dwBufferSize=60 ctx->bUseNattPort=1 Feb 01, 13:42:06: transmit message spi={5e18d9ebcecedddb 0000000000000000} np=N exchange=IKE_SA_INIT msgid=0 len=416 #SEND 420 bytes to 10.20.202.10[4500] (0.0)(pid:9917) time:2022-02-01 13:42:06 Feb 01, 13:42:06: IKE_SAMPLE_ikeXchgSend:2735:V4 IMPLEMENATION dwPeerAddr=10.20.202.10 bUseNattPort=1 Feb 01, 13:42:06: Sending from SrcPort 65360 ---> DstPort 4500 myAddr = 192.168.0.3 Feb 01, 13:42:06: send message: dwPeerAddr=10.20.202.10, wPeerPort=4500, pBuffer=, dwBufferSize=420 Feb 01, 13:42:06: UDP_sendTo successful IKE_EXAMPLE: UDP_sendTo() successful, status = 0 sendto() returns 0 Remote IP address = 10.20.202.10 Feb 01, 13:42:06: cleanup_and_free_context: delete ctx memory Feb 01, 13:42:06: |ocsp| cleanup_context_data:2257 Feb 01, 13:42:06: IKE2_msgRecv:1850 status=0 OK=0 Feb 01, 13:42:06: IKE_EXAMPLE_msgRecv:2160:V4 IMPLEMENATION peerAddr = 10.20.202.10 Feb 01, 13:42:06: IKE2_msgRecv:(1650): IPV4 IMPLEMENTATION bUseNattPort=1 Feb 01, 13:42:06: IKE2_msgRecv:1664 original ike_context created #RECV 525 bytes from 10.20.202.10[4500] at 192.168.0.3 (0.0)(pid:9917) time:2022-02-01 13:42:06 Feb 01, 13:42:06: IKE2_msgRecv:1744: Feb 01, 13:42:06: IKE2_xchgIn:(798): IPV4 IMPLEMENTATION ctx->dwBufferSize=525 ctx->bUseNattPort=1 spi={5e18d9ebcecedddb ce6d1c71b2c57464} np=SA exchange=IKE_SA_INIT msgid=0 len=521 I <-- Proposal #1: IKE[4] ENCR_AES 256-BITS PRF_HMAC_SHA1 AUTH_HMAC_SHA1_96 DH_2 Feb 01, 13:42:06: InNotify:(8316): IPV4 IMPLEMENTATION ctx->dwBufferSize=281 ctx->bUseNattPort=1 Notify: NAT_DETECTION_SOURCE_IP Feb 01, 13:42:06: InNotify:(8316): IPV4 IMPLEMENTATION ctx->dwBufferSize=253 ctx->bUseNattPort=1 Notify: NAT_DETECTION_DESTINATION_IP NAT_D (us/NAT): 4a 10 bb a3 28 8a 06 b9 f3 3c fb 27 ec a9 30 dc a3 65 e5 b5 Feb 01, 13:42:06: InCr:7799 SA rapper index 0 my_rapper_index 0 VID: 40 48 b7 d5 6e bc e8 85 25 e7 de 7f 00 d6 c2 d3 Feb 01, 13:42:06: Fragmentation is enabled Feb 01, 13:42:06: IKE2_getStateInfo start oExchange = 35 dir = 0 Feb 01, 13:42:06: IKE2_xchgIn:1378 bResponse=1 status=0 Feb 01, 13:42:06: IKE2_msgRecv:1834 create new context, status_in=0 Feb 01, 13:42:06: |ocsp| IKE2_msgRecv_resume:2077 Feb 01, 13:42:06: IKE2_xchgOut:(226): IPV4 IMPLEMENTATION ctx->dwBufferSize=525 ctx->bUseNattPort=1 I --> Feb 01, 13:42:06: I --> Feb 01, 13:42:06: construct outgoing message Notify: INITIAL_CONTACT Feb 01, 13:42:06: OutCert: adding leaf Cert of Len:1713 Feb 01, 13:42:06: RAPPER priority old: -19, set to -20 (0.0)(pid:9917) time:2022-02-01 13:42:06 Feb 01, 13:42:06: OutAuth oSigAlgo 0, Len 15, 30 14 msg 00 00 00 00 5e 18 d9 eb ce ce dd db 00 00 00 00 00 00 00 00 29 20 22 08 00 00 00 00 00 00 01 a0 21 00 00 1c 01 00 40 06 00 00 00 a5 6a 27 66 d2 9d 62 7f eb 1c 3f a2 fb 25 6c c9 c9 22 00 00 3c 00 00 00 38 01 01 00 05 03 00 00 0c 01 00 00 0c 80 0e 00 80 03 00 00 0c 01 00 00 0c 80 0e 01 00 03 00 00 08 02 00 00 02 03 00 00 08 03 00 00 02 00 00 00 08 04 00 00 02 28 00 00 88 00 02 00 00 e6 e7 ba a6 d9 e0 9c 28 88 2c af 10 39 71 ce e7 4f 68 40 bf 0b 61 a9 a2 65 68 5c be f9 7d 00 e4 47 d9 a0 b4 ff a9 9c 91 0d 34 7b 88 fc 4e a9 dc da 5b 64 48 cb cd 65 75 c5 db e8 bf 41 61 a3 14 99 f8 02 cd 54 ef f4 0e 5c a9 82 f4 95 95 36 41 d2 cc 12 88 b0 93 c1 ae ff 9b 8e 9f 12 c8 0d cf 1f 02 af aa 5c fc 7a c8 44 ed ec 49 7f 30 6d a3 06 cf c5 0a 37 da e5 2d 89 5b 4f d8 65 f7 83 f4 29 00 00 14 57 d5 db 72 b0 8c 78 17 76 e7 5a f6 ae 72 19 7d 29 00 00 1c 00 00 40 04 fa 5a 6b ff 44 e0 b7 0a cb b3 be 52 b4 66 32 93 67 ca 53 fb 2b 00 00 1c 00 00 40 05 5c 13 73 d2 6d be d2 0b 22 91 d4 42 30 7c 28 6b 95 9f 14 0d 2b 00 00 14 40 48 b7 d5 6e bc e8 85 25 e7 de 7f 00 d6 c2 d3 2b 00 00 18 91 27 e6 75 f9 9a 10 88 16 b3 38 d1 8a 29 8a 42 c0 dd 94 18 2b 00 00 18 17 25 f0 89 27 42 ea 52 3b 79 ec 84 8c 97 20 1a 30 94 d6 c5 00 00 00 14 40 48 b7 d5 6e bc e8 85 25 e7 de 7f 00 d6 c2 d3 non 3b 81 1d c0 51 e6 1f f7 9d 95 06 4d 26 cb 76 07 67 ea c4 5c 4a b5 f5 05 lst 2b 08 2d ed c8 d1 88 09 ee b5 8c 3c 4f e1 67 4e 70 18 64 0a HASH_i e1 f5 f4 02 43 29 92 a8 f8 a9 79 0d a0 b1 f0 c7 b1 40 8a 7b (2.0)(pid:9917) time:2022-02-01 13:42:08 Feb 01, 13:42:08: OutAuth TPM sign api passed (2.0)(pid:9917) time:2022-02-01 13:42:08 Feb 01, 13:42:08: IKE_SAMPLE_ikeInitCfg(peerAddr=10.20.202.10): No CP-CFG IPV4 IMPLEMENTATION CFG_REQUEST IP4_ADDRESS IP4_NETMASK find index: 00000000Feb 01, 13:42:08: OutSa(v2-peerAddr:10.20.202.10 pxSa->dwPeerAddr:10.20.202.10): Entered Feb 01, 13:42:08: OutSa: child sa Feb 01, 13:42:08: OutTfm2(v2-peerAddr:169134602): oTfmId:0 wAuthAlgo:0 wEncrKeyLen:0 wAuthKeyLen:0 bNoEnumEncr:0 bNoEnumAuth:0 ENCR_AES 128-BITS ENCR_AES 256-BITS ENCR_3DES AUTH_HMAC_SHA1_96 ESN_0 Feb 01, 13:42:08: OutTs:1934: Feb 01, 13:42:08: OutTs:1979: ctx->dwBufferSize=12479 wBodyLen=8 TSi: 0.0.0.0~255.255.255.255 Feb 01, 13:42:08: OutTs:1934: Feb 01, 13:42:08: OutTs:1979: ctx->dwBufferSize=12455 wBodyLen=8 TSr: 0.0.0.0~255.255.255.255 Feb 01, 13:42:08: transmit message spi={5e18d9ebcecedddb ce6d1c71b2c57464} np=E{IDi} exchange=IKE_AUTH msgid=1 len=2268 #SEND 2272 bytes to 10.20.202.10[4500] (2.0)(pid:9917) time:2022-02-01 13:42:08 Feb 01, 13:42:08: IKE2_xchgOut:513 Feb 01, 13:42:08: ikeTotalDatasize 2244, maxFragDataSize = 476, num 5, last 340 Feb 01, 13:42:08: IKE2_fragCreate:(237): IPV4 IMPLEMENTATION ctx->dwBufferSize=12412 ctx->bUseNattPort=1 Feb 01, 13:42:08: Created fragment, size = 476 Feb 01, 13:42:08: Sending no:1 fragment out of 5 fragments, size = 0 Feb 01, 13:42:08: IKE_SAMPLE_ikeXchgSend:2735:V4 IMPLEMENATION dwPeerAddr=10.20.202.10 bUseNattPort=1 Feb 01, 13:42:08: Sending from SrcPort 65360 ---> DstPort 4500 myAddr = 192.168.0.3 Feb 01, 13:42:08: send message: dwPeerAddr=10.20.202.10, wPeerPort=4500, pBuffer=, dwBufferSize=516 Feb 01, 13:42:08: UDP_sendTo successful IKE_EXAMPLE: UDP_sendTo() successful, status = 0 sendto() returns 0 Remote IP address = 10.20.202.10 Feb 01, 13:42:08: Sending fragment, size = 516 Feb 01, 13:42:08: IKE2_fragCreate:(237): IPV4 IMPLEMENTATION ctx->dwBufferSize=12412 ctx->bUseNattPort=1 Feb 01, 13:42:08: Created fragment, size = 476 Feb 01, 13:42:08: Sending no:2 fragment out of 5 fragments, size = 0 Feb 01, 13:42:08: IKE_SAMPLE_ikeXchgSend:2735:V4 IMPLEMENATION dwPeerAddr=10.20.202.10 bUseNattPort=1 Feb 01, 13:42:08: Sending from SrcPort 65360 ---> DstPort 4500 myAddr = 192.168.0.3 Feb 01, 13:42:08: send message: dwPeerAddr=10.20.202.10, wPeerPort=4500, pBuffer=, dwBufferSize=516 Feb 01, 13:42:08: UDP_sendTo successful IKE_EXAMPLE: UDP_sendTo() successful, status = 0 sendto() returns 0 Remote IP address = 10.20.202.10 Feb 01, 13:42:08: Sending fragment, size = 516 Feb 01, 13:42:08: IKE2_fragCreate:(237): IPV4 IMPLEMENTATION ctx->dwBufferSize=12412 ctx->bUseNattPort=1 Feb 01, 13:42:08: Created fragment, size = 476 Feb 01, 13:42:08: Sending no:3 fragment out of 5 fragments, size = 0 Feb 01, 13:42:08: IKE_SAMPLE_ikeXchgSend:2735:V4 IMPLEMENATION dwPeerAddr=10.20.202.10 bUseNattPort=1 Feb 01, 13:42:08: Sending from SrcPort 65360 ---> DstPort 4500 myAddr = 192.168.0.3 Feb 01, 13:42:08: send message: dwPeerAddr=10.20.202.10, wPeerPort=4500, pBuffer=, dwBufferSize=516 Feb 01, 13:42:08: UDP_sendTo successful IKE_EXAMPLE: UDP_sendTo() successful, status = 0 sendto() returns 0 Remote IP address = 10.20.202.10 Feb 01, 13:42:08: Sending fragment, size = 516 Feb 01, 13:42:08: IKE2_fragCreate:(237): IPV4 IMPLEMENTATION ctx->dwBufferSize=12412 ctx->bUseNattPort=1 Feb 01, 13:42:08: Created fragment, size = 476 Feb 01, 13:42:08: Sending no:4 fragment out of 5 fragments, size = 0 Feb 01, 13:42:08: IKE_SAMPLE_ikeXchgSend:2735:V4 IMPLEMENATION dwPeerAddr=10.20.202.10 bUseNattPort=1 Feb 01, 13:42:08: Sending from SrcPort 65360 ---> DstPort 4500 myAddr = 192.168.0.3 Feb 01, 13:42:08: send message: dwPeerAddr=10.20.202.10, wPeerPort=4500, pBuffer=, dwBufferSize=516 Feb 01, 13:42:08: UDP_sendTo successful IKE_EXAMPLE: UDP_sendTo() successful, status = 0 sendto() returns 0 Remote IP address = 10.20.202.10 Feb 01, 13:42:08: Sending fragment, size = 516 Feb 01, 13:42:08: IKE2_fragCreate:(237): IPV4 IMPLEMENTATION ctx->dwBufferSize=12412 ctx->bUseNattPort=1 Feb 01, 13:42:08: Created fragment, size = 336 Feb 01, 13:42:08: Sending last fragment, size = 376 Feb 01, 13:42:08: IKE_SAMPLE_ikeXchgSend:2735:V4 IMPLEMENATION dwPeerAddr=10.20.202.10 bUseNattPort=1 Feb 01, 13:42:08: Sending from SrcPort 65360 ---> DstPort 4500 myAddr = 192.168.0.3 Feb 01, 13:42:08: send message: dwPeerAddr=10.20.202.10, wPeerPort=4500, pBuffer=, dwBufferSize=376 Feb 01, 13:42:08: UDP_sendTo successful IKE_EXAMPLE: UDP_sendTo() successful, status = 0 sendto() returns 0 Remote IP address = 10.20.202.10 Feb 01, 13:42:08: cleanup_and_free_context: delete ctx memory Feb 01, 13:42:08: |ocsp| cleanup_context_data:2257 Feb 01, 13:42:08: IKE2_msgRecv:1850 status=0 OK=0 Feb 01, 13:42:08: IKE_EXAMPLE_msgRecv:2160:V4 IMPLEMENATION peerAddr = 10.20.202.10 Feb 01, 13:42:08: IKE2_msgRecv:(1650): IPV4 IMPLEMENTATION bUseNattPort=1 Feb 01, 13:42:08: IKE2_msgRecv:1664 original ike_context created #RECV 80 bytes from 10.20.202.10[4500] at 192.168.0.3 (2.0)(pid:9917) time:2022-02-01 13:42:08 Feb 01, 13:42:08: IKE2_msgRecv:1744: Feb 01, 13:42:08: IKE2_xchgIn:(798): IPV4 IMPLEMENTATION ctx->dwBufferSize=80 ctx->bUseNattPort=1 spi={5e18d9ebcecedddb ce6d1c71b2c57464} np=E{N} exchange=IKE_AUTH msgid=1 len=76 I <-- Feb 01, 13:42:08: InNotify:(8316): IPV4 IMPLEMENTATION ctx->dwBufferSize=12 ctx->bUseNattPort=1 Notify: AUTHENTICATION_FAILED (ESP spi=d3f70d00) Feb 01, 13:42:08: InNotify AP authentication failed ike2_state.c (8406): errorCode = ERR_IKE_NOTIFY_PAYLOAD Feb 01, 13:42:08: IKE_SAMPLE_ikeStatHdlr(CHILD_SA): dwPeerAddr:10.20.202.10 index:0 mPeerType:0 Feb 01, 13:42:08: IKE SA failed reason = ERR_IKE_XAUTH_FAILED, errorcode = -8952 ikeVer 2 Feb 01, 13:42:08: send_sapd_error: InnerIP:0.0.0.0 error:45 debug_error:0 Feb 01, 13:42:08: send_sapd_error: error:45 debug_error:0 Feb 01, 13:42:08: rapper_log_error: buf = 5e 18 d9 eb ce ce dd db 2d Feb 01, 13:42:08: |ocsp| IKE2_delSa: 1116 Feb 01, 13:42:08: IKE_SAMPLE_ikeStatHdlr: picking index 0 Feb 01, 13:42:08: IKE_SAMPLE_ikeStatHdlr: V4 IMPLEMENTATION Feb 01, 13:42:08: IKE_SAMPLE_ikeStatHdlr(SA): dwPeerAddr:10.20.202.10 index:0 mPeerType:0 Feb 01, 13:42:08: IKE_SA [v2 I] (id=0x9d80f3a2) flags 0x41000015 failed reason = ERR_IKE_XAUTH_FAILED, errorcode = -8952 Feb 01, 13:42:08: IKE_SAMPLE_ikeStatHdlr(IST_FAIL): g_ikeversion:2 Feb 01, 13:42:08: |ocsp| IKE2_delSa: 1198 Feb 01, 13:42:08: |ocsp| ap_remove_certmgr_packet: start Timer ID: 1 Deleted Feb 01, 13:42:08: IKE2_xchgIn:1378 bResponse=1 status=-8947 Feb 01, 13:42:08: IKE2_msgRecv:2008 exit: Feb 01, 13:42:08: |ocsp| cleanup_context_data:2257 rapperSendStatusCB Feb 01, 13:42:35: rapper got Signal 15 Feb 01, 13:42:35: need rapper EXIT immediately, since sometimes dispatcher loop hasn't start Feb 01, 13:42:36: get_ike_version: Use IKE Version 2 Feb 01, 13:42:36: rapper_write_pid_to_file: wrote rapper pid 10157 to file /tmp/rapper_pid_1 Feb 01, 13:42:36: papi_init papifd:6 ack:15 IKE_EXAMPLE: Starting up IKE server Feb 01, 13:42:36: IKE_init: ethmacstr = 90:4C:81:C0:F6:0C Initialized Timers IKE_init: completed after (0.0)(pid:10157) time:2022-02-01 13:42:36 seconds. Feb 01, 13:42:36: RAP using default certificates Feb 01, 13:42:36: IAP using default CA certificates Feb 01, 13:42:36: Before getting Certs Feb 01, 13:42:36: TPM enabled Feb 01, 13:42:36: get_usb_type: Unable to open /tmp/usb_type Feb 01, 13:42:36: get_usb_csr: Unable to open /tmp/usb_csr Feb 01, 13:42:36: CA_MGMT_EXAMPLE_computeHostKeys init cert-len 0 Feb 01, 13:42:36: Factory Device Cert is /tmp/deviceCerts/certifiedKeyCert.der Feb 01, 13:42:36: Reading DER Device Cert file /tmp/deviceCerts/certifiedKeyCert.der Feb 01, 13:42:36: DER Device Cert file len:1713 Feb 01, 13:42:36: Intermediate Cert index:0 is /tmp/deviceCerts/certifiedKeyCaCert.der Feb 01, 13:42:36: Reading DER Intermediate Cert file Feb 01, 13:42:36: DER Intermediate Cert file len:1118 Feb 01, 13:42:36: Intermediate Cert index:1 is /tmp/deviceCerts/caChainCert1.der Feb 01, 13:42:36: Reading DER Intermediate Cert file Feb 01, 13:42:36: DER Intermediate Cert file len:1333 Feb 01, 13:42:36: Decode PEM Key length :0 Feb 01, 13:42:36: testHostKeys : status 0 Feb 01, 13:42:36: testHostKeys : free temp Certificate status 0 Feb 01, 13:42:36: CA_MGMT_EXAMPLE_computeHostKeys after testHostKeys cert-len 1713 Feb 01, 13:42:36: CA Cert index:0 is /tmp/deviceCerts/OpensslOldCA_RootCert.der Feb 01, 13:42:36: Reading CA Cert file Feb 01, 13:42:36: i=0 DER CA Cert file len:1416 Feb 01, 13:42:36: CA Cert index:1 is /tmp/deviceCerts/MSCAV1_RootCert.der Feb 01, 13:42:36: Reading CA Cert file Feb 01, 13:42:36: i=1 DER CA Cert file len:1009 Feb 01, 13:42:36: CA Cert index:2 is /tmp/deviceCerts/Aruba_EST_CA_RootCert.der Feb 01, 13:42:36: Reading CA Cert file Feb 01, 13:42:36: i=2 DER CA Cert file len:992 Feb 01, 13:42:36: Got 3 Trusted Certs Feb 01, 13:42:36: CSS CA Cert is /tmp/deviceCerts/CSS_CA_RootCert.der Feb 01, 13:42:36: Reading DER CA Cert file Feb 01, 13:42:36: Error in reading DER CA Cert:/tmp/deviceCerts/CSS_CA_RootCert.der, Ignore It Feb 01, 13:42:36: CA Cert status : 0 Before IKE_initServer Feb 01, 13:42:36: IKE_initServer: Cert length 1713 IKE_initServer: Host Certificate is set (RSA-SIG) {CN=CNG2K511VX::90:4c:81:c0:f6:0c} Feb 01, 13:42:36: get_ip_from_dev: interface name = br0 Feb 01, 13:42:36: get_ip_from_dev: interface name = br0 Feb 01, 13:42:36: IKE_EXAMPLE_addServer port:0 natt:0 Feb 01, 13:42:36: get_ip_from_dev: interface name = br0 Feb 01, 13:42:36: IKE_EXAMPLE_addServer:2330 dev_name br0 saddr 192.168.0.3 Feb 01, 13:42:36: IKE_EXAMPLE_addUdpSkt STARTS Feb 01, 13:42:36: IKE_EXAMPLE_addUdpSkt:2035 family is v4 hostAddr= 192.168.0.3 wHostPort = 65361 Feb 01, 13:42:36: get_ip_from_dev: interface name = br0 Feb 01, 13:42:36: srcdev_name = br0 ip 192.168.0.3 Feb 01, 13:42:36: IKE_EXAMPLE_addUdpSkt: Using SocketIndex:0 IKE_EXAMPLE: Socket created on 192.168.0.3[65361] Feb 01, 13:42:36: IKE_EXAMPLE_addServer:2388 socket descriptor is 0 port number 65361 for server instance 0 at 0th index addr 192.168.0.3 Feb 01, 13:42:36: IKE_EXAMPLE_addUdpSkt STARTS Feb 01, 13:42:36: IKE_EXAMPLE_addUdpSkt:2035 family is v4 hostAddr= 192.168.0.3 wHostPort = 65362 Feb 01, 13:42:36: get_ip_from_dev: interface name = br0 Feb 01, 13:42:36: srcdev_name = br0 ip 192.168.0.3 Feb 01, 13:42:36: IKE_EXAMPLE_addUdpSkt: Using SocketIndex:1 IKE_EXAMPLE: Socket created on 192.168.0.3[65362] Feb 01, 13:42:36: IKE_EXAMPLE_addServer:2437 socket descriptor is 1 port number 65362 for server instance 0 at 1st index addr 192.168.0.3 Feb 01, 13:42:36: IKE_EXAMPLE_addDefaultServers status:0 Feb 01, 13:42:36: setup_tunnel:5102: Setenv TUNDEV setup_tunnel successful Feb 01, 13:42:36: tunnel address = 10.20.202.10 Feb 01, 13:42:36: hostAddr = 192.168.0.3 (0.0)(pid:10157) time:2022-02-01 13:42:36 SA_INIT dest=10.20.202.10 Feb 01, 13:42:36: IKE_evtRecv: Initialize IKE SA Feb 01, 13:42:36: IKE_CUSTOM_getVersion(peerAddr:10.20.202.10): ikeVersion:2 Feb 01, 13:42:36: IKE2_evtInit:1168: peerAddr=10.20.202.10 peerAddr->family=2 Feb 01, 13:42:36: IKE_allocSa my_rapper_index 0 serverInstance 1 for 192.168.0.3 Timer ID: 1 Initialized Feb 01, 13:42:36: IKE_SA_INIT Feb 01, 13:42:36: IKE2_newSa(822): NEW SA, DhGrp 2 (0) Feb 01, 13:42:36: IKE2_newSa(peerAddr:169134602): IKE_SA-lifetime:28000 Feb 01, 13:42:36: IKE2_getStateInfo start oExchange = 34 dir = 0 Feb 01, 13:42:36: IKE2_xchgOut:(226): IPV4 IMPLEMENTATION ctx->dwBufferSize=0 ctx->bUseNattPort=0 I --> Feb 01, 13:42:36: I --> Feb 01, 13:42:36: construct outgoing message Feb 01, 13:42:36: initI_out : IPV4 IMPLEMENTATION Feb 01, 13:42:36: OutSa(v2-peerAddr::: pxSa->dwPeerAddr:10.20.202.10): Entered Feb 01, 13:42:36: OutSa: ike sa ENCR_AES 128-BITS ENCR_AES 256-BITS PRF_HMAC_SHA1 AUTH_HMAC_SHA1_96 DH_2 NAT_D (us): f7 08 22 27 55 73 26 48 24 2e 49 5c 89 d4 23 54 c6 94 57 73 NAT_D (peer): 24 cd c1 8b 92 e2 25 49 59 50 6c 7d f2 78 ad 48 0a b4 20 7e Feb 01, 13:42:36: RAPPER_ERROR_FILE exists Feb 01, 13:42:36: AP err cookie retval 9 cookie:5e18d9ebcecedddb err 2d Feb 01, 13:42:36: RAPPER_ERROR_FILE exists Feb 01, 13:42:36: AP err cookie retval 9 cookie:5e18d9ebcecedddb err 2d Feb 01, 13:42:36: RAPPER_ERROR_FILE exists Feb 01, 13:42:36: AP err cookie retval 9 cookie:5e18d9ebcecedddb err 2d Feb 01, 13:42:36: RAPPER_ERROR_FILE exists Feb 01, 13:42:36: AP err cookie retval 9 cookie:5e18d9ebcecedddb err 2d Feb 01, 13:42:36: RAPPER_ERROR_FILE exists Feb 01, 13:42:36: AP err cookie retval 9 cookie:5e18d9ebcecedddb err 2d Feb 01, 13:42:36: transmit message spi={77f4e03594810bda 0000000000000000} np=SA exchange=IKE_SA_INIT msgid=0 len=388 #SEND 392 bytes to 10.20.202.10[4500] (0.0)(pid:10157) time:2022-02-01 13:42:36 Feb 01, 13:42:36: IKE_SAMPLE_ikeXchgSend:2735:V4 IMPLEMENATION dwPeerAddr=10.20.202.10 bUseNattPort=1 Feb 01, 13:42:36: Sending from SrcPort 65362 ---> DstPort 4500 myAddr = 192.168.0.3 Feb 01, 13:42:36: IKE_SAMPLE_ikeXchgSend Successfully setsockopt UDP_ENCAP port 65362 Feb 01, 13:42:36: send message: dwPeerAddr=10.20.202.10, wPeerPort=4500, pBuffer=, dwBufferSize=392 Feb 01, 13:42:36: UDP_sendTo successful IKE_EXAMPLE: UDP_sendTo() successful, status = 0 sendto() returns 2 Remote IP address = 10.20.202.10 IKE_EXAMPLE: IKE_keyConnect() started, id = 0xFeb 01, 13:42:36: IKE_EXAMPLE: IKE_keyConnect() started, id = 0x on device br0 c5fa273a... Feb 01, 13:42:36: papi:15200 Feb 01, 13:42:36: IKE_EXAMPLE_msgRecv:2160:V4 IMPLEMENATION peerAddr = 10.20.202.10 Feb 01, 13:42:36: IKE2_msgRecv:(1650): IPV4 IMPLEMENTATION bUseNattPort=1 Feb 01, 13:42:36: IKE2_msgRecv:1664 original ike_context created #RECV 60 bytes from 10.20.202.10[4500] at 192.168.0.3 (0.0)(pid:10157) time:2022-02-01 13:42:36 Feb 01, 13:42:36: IKE2_msgRecv:1744: Feb 01, 13:42:36: IKE2_xchgIn:(798): IPV4 IMPLEMENTATION ctx->dwBufferSize=60 ctx->bUseNattPort=1 spi={77f4e03594810bda 0000000000000000} np=N exchange=IKE_SA_INIT msgid=0 len=56 I <-- Feb 01, 13:42:36: InNotify:(8316): IPV4 IMPLEMENTATION ctx->dwBufferSize=28 ctx->bUseNattPort=1 Notify: COOKIE Feb 01, 13:42:36: IKE2_xchgIn:1378 bResponse=1 status=0 Feb 01, 13:42:36: IKE2_msgRecv:1834 create new context, status_in=0 Feb 01, 13:42:36: |ocsp| IKE2_msgRecv_resume:2077 Feb 01, 13:42:36: IKE2_xchgOut:(226): IPV4 IMPLEMENTATION ctx->dwBufferSize=60 ctx->bUseNattPort=1 Feb 01, 13:42:36: transmit message spi={77f4e03594810bda 0000000000000000} np=N exchange=IKE_SA_INIT msgid=0 len=416 #SEND 420 bytes to 10.20.202.10[4500] (0.0)(pid:10157) time:2022-02-01 13:42:36 Feb 01, 13:42:36: IKE_SAMPLE_ikeXchgSend:2735:V4 IMPLEMENATION dwPeerAddr=10.20.202.10 bUseNattPort=1 Feb 01, 13:42:36: Sending from SrcPort 65362 ---> DstPort 4500 myAddr = 192.168.0.3 Feb 01, 13:42:36: send message: dwPeerAddr=10.20.202.10, wPeerPort=4500, pBuffer=, dwBufferSize=420 Feb 01, 13:42:36: UDP_sendTo successful IKE_EXAMPLE: UDP_sendTo() successful, status = 0 sendto() returns 0 Remote IP address = 10.20.202.10 Feb 01, 13:42:36: cleanup_and_free_context: delete ctx memory Feb 01, 13:42:36: |ocsp| cleanup_context_data:2257 Feb 01, 13:42:36: IKE2_msgRecv:1850 status=0 OK=0 Feb 01, 13:42:36: IKE_EXAMPLE_msgRecv:2160:V4 IMPLEMENATION peerAddr = 10.20.202.10 Feb 01, 13:42:36: IKE2_msgRecv:(1650): IPV4 IMPLEMENTATION bUseNattPort=1 Feb 01, 13:42:36: IKE2_msgRecv:1664 original ike_context created #RECV 525 bytes from 10.20.202.10[4500] at 192.168.0.3 (0.0)(pid:10157) time:2022-02-01 13:42:36 Feb 01, 13:42:36: IKE2_msgRecv:1744: Feb 01, 13:42:36: IKE2_xchgIn:(798): IPV4 IMPLEMENTATION ctx->dwBufferSize=525 ctx->bUseNattPort=1 spi={77f4e03594810bda 14206d32569169ba} np=SA exchange=IKE_SA_INIT msgid=0 len=521 I <-- Proposal #1: IKE[4] ENCR_AES 256-BITS PRF_HMAC_SHA1 AUTH_HMAC_SHA1_96 DH_2 Feb 01, 13:42:36: InNotify:(8316): IPV4 IMPLEMENTATION ctx->dwBufferSize=281 ctx->bUseNattPort=1 Notify: NAT_DETECTION_SOURCE_IP Feb 01, 13:42:36: InNotify:(8316): IPV4 IMPLEMENTATION ctx->dwBufferSize=253 ctx->bUseNattPort=1 Notify: NAT_DETECTION_DESTINATION_IP NAT_D (us/NAT): e5 fb 2a ac fe f5 6e 0a 9e de 15 e5 3f d7 e7 eb 4e 98 a8 12 Feb 01, 13:42:36: InCr:7799 SA rapper index 0 my_rapper_index 0 VID: 40 48 b7 d5 6e bc e8 85 25 e7 de 7f 00 d6 c2 d3 Feb 01, 13:42:36: Fragmentation is enabled Feb 01, 13:42:36: IKE2_getStateInfo start oExchange = 35 dir = 0 Feb 01, 13:42:36: IKE2_xchgIn:1378 bResponse=1 status=0 Feb 01, 13:42:36: IKE2_msgRecv:1834 create new context, status_in=0 Feb 01, 13:42:36: |ocsp| IKE2_msgRecv_resume:2077 Feb 01, 13:42:36: IKE2_xchgOut:(226): IPV4 IMPLEMENTATION ctx->dwBufferSize=525 ctx->bUseNattPort=1 I --> Feb 01, 13:42:36: I --> Feb 01, 13:42:36: construct outgoing message Notify: INITIAL_CONTACT Feb 01, 13:42:36: OutCert: adding leaf Cert of Len:1713 Feb 01, 13:42:36: RAPPER priority old: -19, set to -20 (0.0)(pid:10157) time:2022-02-01 13:42:36 Feb 01, 13:42:36: OutAuth oSigAlgo 0, Len 15, 30 14 msg 00 00 00 00 77 f4 e0 35 94 81 0b da 00 00 00 00 00 00 00 00 29 20 22 08 00 00 00 00 00 00 01 a0 21 00 00 1c 01 00 40 06 00 00 00 a5 85 81 a1 8e 89 d1 1a e7 28 51 55 35 85 28 80 57 22 00 00 3c 00 00 00 38 01 01 00 05 03 00 00 0c 01 00 00 0c 80 0e 00 80 03 00 00 0c 01 00 00 0c 80 0e 01 00 03 00 00 08 02 00 00 02 03 00 00 08 03 00 00 02 00 00 00 08 04 00 00 02 28 00 00 88 00 02 00 00 a1 29 58 16 4f 8f b8 09 c8 62 6c b9 68 c5 b2 c3 6c 12 57 0d 3b f1 10 0c 2e 76 22 f3 5d 5a 7d 6e 93 7c 16 a5 bd 79 7b 34 4b 89 c9 23 99 98 a7 5c 08 d4 ab 9c 71 80 e5 ed 9e 5e 5c 86 a5 b7 1f 9f 28 e4 a7 cb 14 14 5b 76 c4 18 12 48 4f 36 de 26 a8 c2 aa 6e 8d b3 a5 b7 9a a9 9d a5 2a 18 45 ff 6b 9f 29 cf 0e d7 3b 13 78 b0 25 75 10 a8 33 a7 54 e5 c6 09 56 c8 fe a8 b7 dd 6a bc a3 93 ae 33 29 00 00 14 fb d4 94 da c6 60 88 b4 f3 97 6d b0 ae af be b1 29 00 00 1c 00 00 40 04 f7 08 22 27 55 73 26 48 24 2e 49 5c 89 d4 23 54 c6 94 57 73 2b 00 00 1c 00 00 40 05 24 cd c1 8b 92 e2 25 49 59 50 6c 7d f2 78 ad 48 0a b4 20 7e 2b 00 00 14 40 48 b7 d5 6e bc e8 85 25 e7 de 7f 00 d6 c2 d3 2b 00 00 18 91 27 e6 75 f9 9a 10 88 16 b3 38 d1 8a 29 8a 42 c0 dd 94 18 2b 00 00 18 17 25 f0 89 27 42 ea 52 3b 79 ec 84 8c 97 20 1a 30 94 d6 c5 00 00 00 14 40 48 b7 d5 6e bc e8 85 25 e7 de 7f 00 d6 c2 d3 non 16 f3 53 49 0b 2e 86 59 01 6c 38 f8 ab b8 fb de 6e d6 5d 1e 15 db c6 a8 lst 6c 89 cb 5b 97 f4 1d a0 56 de ab ef 63 98 1b c1 0a a1 b5 e5 HASH_i 96 30 db 48 42 10 7b 79 c0 77 3a f0 7e 58 7f 35 23 cf b0 f8 (2.0)(pid:10157) time:2022-02-01 13:42:38 Feb 01, 13:42:38: OutAuth TPM sign api passed (2.0)(pid:10157) time:2022-02-01 13:42:38 Feb 01, 13:42:38: IKE_SAMPLE_ikeInitCfg(peerAddr=10.20.202.10): No CP-CFG IPV4 IMPLEMENTATION CFG_REQUEST IP4_ADDRESS IP4_NETMASK find index: 00000000Feb 01, 13:42:38: OutSa(v2-peerAddr:10.20.202.10 pxSa->dwPeerAddr:10.20.202.10): Entered Feb 01, 13:42:38: OutSa: child sa Feb 01, 13:42:38: OutTfm2(v2-peerAddr:169134602): oTfmId:0 wAuthAlgo:0 wEncrKeyLen:0 wAuthKeyLen:0 bNoEnumEncr:0 bNoEnumAuth:0 ENCR_AES 128-BITS ENCR_AES 256-BITS ENCR_3DES AUTH_HMAC_SHA1_96 ESN_0 Feb 01, 13:42:38: OutTs:1934: Feb 01, 13:42:38: OutTs:1979: ctx->dwBufferSize=12479 wBodyLen=8 TSi: 0.0.0.0~255.255.255.255 Feb 01, 13:42:38: OutTs:1934: Feb 01, 13:42:38: OutTs:1979: ctx->dwBufferSize=12455 wBodyLen=8 TSr: 0.0.0.0~255.255.255.255 Feb 01, 13:42:38: transmit message spi={77f4e03594810bda 14206d32569169ba} np=E{IDi} exchange=IKE_AUTH msgid=1 len=2268 #SEND 2272 bytes to 10.20.202.10[4500] (2.0)(pid:10157) time:2022-02-01 13:42:38 Feb 01, 13:42:38: IKE2_xchgOut:513 Feb 01, 13:42:38: ikeTotalDatasize 2244, maxFragDataSize = 476, num 5, last 340 Feb 01, 13:42:38: IKE2_fragCreate:(237): IPV4 IMPLEMENTATION ctx->dwBufferSize=12412 ctx->bUseNattPort=1 Feb 01, 13:42:38: Created fragment, size = 476 Feb 01, 13:42:38: Sending no:1 fragment out of 5 fragments, size = 0 Feb 01, 13:42:38: IKE_SAMPLE_ikeXchgSend:2735:V4 IMPLEMENATION dwPeerAddr=10.20.202.10 bUseNattPort=1 Feb 01, 13:42:38: Sending from SrcPort 65362 ---> DstPort 4500 myAddr = 192.168.0.3 Feb 01, 13:42:38: send message: dwPeerAddr=10.20.202.10, wPeerPort=4500, pBuffer=, dwBufferSize=516 Feb 01, 13:42:38: UDP_sendTo successful IKE_EXAMPLE: UDP_sendTo() successful, status = 0 sendto() returns 0 Remote IP address = 10.20.202.10 Feb 01, 13:42:38: Sending fragment, size = 516 Feb 01, 13:42:38: IKE2_fragCreate:(237): IPV4 IMPLEMENTATION ctx->dwBufferSize=12412 ctx->bUseNattPort=1 Feb 01, 13:42:38: Created fragment, size = 476 Feb 01, 13:42:38: Sending no:2 fragment out of 5 fragments, size = 0 Feb 01, 13:42:38: IKE_SAMPLE_ikeXchgSend:2735:V4 IMPLEMENATION dwPeerAddr=10.20.202.10 bUseNattPort=1 Feb 01, 13:42:38: Sending from SrcPort 65362 ---> DstPort 4500 myAddr = 192.168.0.3 Feb 01, 13:42:38: send message: dwPeerAddr=10.20.202.10, wPeerPort=4500, pBuffer=, dwBufferSize=516 Feb 01, 13:42:38: UDP_sendTo successful IKE_EXAMPLE: UDP_sendTo() successful, status = 0 sendto() returns 0 Remote IP address = 10.20.202.10 Feb 01, 13:42:38: Sending fragment, size = 516 Feb 01, 13:42:38: IKE2_fragCreate:(237): IPV4 IMPLEMENTATION ctx->dwBufferSize=12412 ctx->bUseNattPort=1 Feb 01, 13:42:38: Created fragment, size = 476 Feb 01, 13:42:38: Sending no:3 fragment out of 5 fragments, size = 0 Feb 01, 13:42:38: IKE_SAMPLE_ikeXchgSend:2735:V4 IMPLEMENATION dwPeerAddr=10.20.202.10 bUseNattPort=1 Feb 01, 13:42:38: Sending from SrcPort 65362 ---> DstPort 4500 myAddr = 192.168.0.3 Feb 01, 13:42:38: send message: dwPeerAddr=10.20.202.10, wPeerPort=4500, pBuffer=, dwBufferSize=516 Feb 01, 13:42:38: UDP_sendTo successful IKE_EXAMPLE: UDP_sendTo() successful, status = 0 sendto() returns 0 Remote IP address = 10.20.202.10 Feb 01, 13:42:38: Sending fragment, size = 516 Feb 01, 13:42:38: IKE2_fragCreate:(237): IPV4 IMPLEMENTATION ctx->dwBufferSize=12412 ctx->bUseNattPort=1 Feb 01, 13:42:38: Created fragment, size = 476 Feb 01, 13:42:38: Sending no:4 fragment out of 5 fragments, size = 0 Feb 01, 13:42:38: IKE_SAMPLE_ikeXchgSend:2735:V4 IMPLEMENATION dwPeerAddr=10.20.202.10 bUseNattPort=1 Feb 01, 13:42:38: Sending from SrcPort 65362 ---> DstPort 4500 myAddr = 192.168.0.3 Feb 01, 13:42:38: send message: dwPeerAddr=10.20.202.10, wPeerPort=4500, pBuffer=, dwBufferSize=516 Feb 01, 13:42:38: UDP_sendTo successful IKE_EXAMPLE: UDP_sendTo() successful, status = 0 sendto() returns 0 Remote IP address = 10.20.202.10 Feb 01, 13:42:38: Sending fragment, size = 516 Feb 01, 13:42:38: IKE2_fragCreate:(237): IPV4 IMPLEMENTATION ctx->dwBufferSize=12412 ctx->bUseNattPort=1 Feb 01, 13:42:38: Created fragment, size = 336 Feb 01, 13:42:38: Sending last fragment, size = 376 Feb 01, 13:42:38: IKE_SAMPLE_ikeXchgSend:2735:V4 IMPLEMENATION dwPeerAddr=10.20.202.10 bUseNattPort=1 Feb 01, 13:42:38: Sending from SrcPort 65362 ---> DstPort 4500 myAddr = 192.168.0.3 Feb 01, 13:42:38: send message: dwPeerAddr=10.20.202.10, wPeerPort=4500, pBuffer=, dwBufferSize=376 Feb 01, 13:42:38: UDP_sendTo successful IKE_EXAMPLE: UDP_sendTo() successful, status = 0 sendto() returns 0 Remote IP address = 10.20.202.10 Feb 01, 13:42:38: cleanup_and_free_context: delete ctx memory Feb 01, 13:42:38: |ocsp| cleanup_context_data:2257 Feb 01, 13:42:38: IKE2_msgRecv:1850 status=0 OK=0 Feb 01, 13:42:38: IKE_EXAMPLE_msgRecv:2160:V4 IMPLEMENATION peerAddr = 10.20.202.10 Feb 01, 13:42:38: IKE2_msgRecv:(1650): IPV4 IMPLEMENTATION bUseNattPort=1 Feb 01, 13:42:38: IKE2_msgRecv:1664 original ike_context created #RECV 80 bytes from 10.20.202.10[4500] at 192.168.0.3 (2.0)(pid:10157) time:2022-02-01 13:42:38 Feb 01, 13:42:38: IKE2_msgRecv:1744: Feb 01, 13:42:38: IKE2_xchgIn:(798): IPV4 IMPLEMENTATION ctx->dwBufferSize=80 ctx->bUseNattPort=1 spi={77f4e03594810bda 14206d32569169ba} np=E{N} exchange=IKE_AUTH msgid=1 len=76 I <-- Feb 01, 13:42:38: InNotify:(8316): IPV4 IMPLEMENTATION ctx->dwBufferSize=12 ctx->bUseNattPort=1 Notify: AUTHENTICATION_FAILED (ESP spi=c6dd0200) Feb 01, 13:42:38: InNotify AP authentication failed ike2_state.c (8406): errorCode = ERR_IKE_NOTIFY_PAYLOAD Feb 01, 13:42:38: IKE_SAMPLE_ikeStatHdlr(CHILD_SA): dwPeerAddr:10.20.202.10 index:0 mPeerType:0 Feb 01, 13:42:38: IKE SA failed reason = ERR_IKE_XAUTH_FAILED, errorcode = -8952 ikeVer 2 Feb 01, 13:42:38: send_sapd_error: InnerIP:0.0.0.0 error:45 debug_error:0 Feb 01, 13:42:38: send_sapd_error: error:45 debug_error:0 Feb 01, 13:42:38: rapper_log_error: buf = 77 f4 e0 35 94 81 0b da 2d Feb 01, 13:42:38: |ocsp| IKE2_delSa: 1116 Feb 01, 13:42:38: IKE_SAMPLE_ikeStatHdlr: picking index 0 Feb 01, 13:42:38: IKE_SAMPLE_ikeStatHdlr: V4 IMPLEMENTATION Feb 01, 13:42:38: IKE_SAMPLE_ikeStatHdlr(SA): dwPeerAddr:10.20.202.10 index:0 mPeerType:0 Feb 01, 13:42:38: IKE_SA [v2 I] (id=0xc5fa273a) flags 0x41000015 failed reason = ERR_IKE_XAUTH_FAILED, errorcode = -8952 Feb 01, 13:42:38: IKE_SAMPLE_ikeStatHdlr(IST_FAIL): g_ikeversion:2 Feb 01, 13:42:38: |ocsp| IKE2_delSa: 1198 Feb 01, 13:42:38: |ocsp| ap_remove_certmgr_packet: start Timer ID: 1 Deleted Feb 01, 13:42:38: IKE2_xchgIn:1378 bResponse=1 status=-8947 Feb 01, 13:42:38: IKE2_msgRecv:2008 exit: Feb 01, 13:42:38: |ocsp| cleanup_context_data:2257 rapperSendStatusCB Feb 01, 13:43:05: rapper got Signal 15 Feb 01, 13:43:05: need rapper EXIT immediately, since sometimes dispatcher loop hasn't start Feb 01, 13:43:06: get_ike_version: Use IKE Version 2 Feb 01, 13:43:06: rapper_write_pid_to_file: wrote rapper pid 10422 to file /tmp/rapper_pid_1 Feb 01, 13:43:06: papi_init papifd:6 ack:15 IKE_EXAMPLE: Starting up IKE server Feb 01, 13:43:06: IKE_init: ethmacstr = 90:4C:81:C0:F6:0C Initialized Timers IKE_init: completed after (0.0)(pid:10422) time:2022-02-01 13:43:06 seconds. Feb 01, 13:43:06: RAP using default certificates Feb 01, 13:43:06: IAP using default CA certificates Feb 01, 13:43:06: Before getting Certs Feb 01, 13:43:06: TPM enabled Feb 01, 13:43:06: get_usb_type: Unable to open /tmp/usb_type Feb 01, 13:43:06: get_usb_csr: Unable to open /tmp/usb_csr Feb 01, 13:43:06: CA_MGMT_EXAMPLE_computeHostKeys init cert-len 0 Feb 01, 13:43:06: Factory Device Cert is /tmp/deviceCerts/certifiedKeyCert.der Feb 01, 13:43:06: Reading DER Device Cert file /tmp/deviceCerts/certifiedKeyCert.der Feb 01, 13:43:06: DER Device Cert file len:1713 Feb 01, 13:43:06: Intermediate Cert index:0 is /tmp/deviceCerts/certifiedKeyCaCert.der Feb 01, 13:43:06: Reading DER Intermediate Cert file Feb 01, 13:43:06: DER Intermediate Cert file len:1118 Feb 01, 13:43:06: Intermediate Cert index:1 is /tmp/deviceCerts/caChainCert1.der Feb 01, 13:43:06: Reading DER Intermediate Cert file Feb 01, 13:43:06: DER Intermediate Cert file len:1333 Feb 01, 13:43:06: Decode PEM Key length :0 Feb 01, 13:43:06: testHostKeys : status 0 Feb 01, 13:43:06: testHostKeys : free temp Certificate status 0 Feb 01, 13:43:06: CA_MGMT_EXAMPLE_computeHostKeys after testHostKeys cert-len 1713 Feb 01, 13:43:06: CA Cert index:0 is /tmp/deviceCerts/OpensslOldCA_RootCert.der Feb 01, 13:43:06: Reading CA Cert file Feb 01, 13:43:06: i=0 DER CA Cert file len:1416 Feb 01, 13:43:06: CA Cert index:1 is /tmp/deviceCerts/MSCAV1_RootCert.der Feb 01, 13:43:06: Reading CA Cert file Feb 01, 13:43:06: i=1 DER CA Cert file len:1009 Feb 01, 13:43:06: CA Cert index:2 is /tmp/deviceCerts/Aruba_EST_CA_RootCert.der Feb 01, 13:43:06: Reading CA Cert file Feb 01, 13:43:06: i=2 DER CA Cert file len:992 Feb 01, 13:43:06: Got 3 Trusted Certs Feb 01, 13:43:06: CSS CA Cert is /tmp/deviceCerts/CSS_CA_RootCert.der Feb 01, 13:43:06: Reading DER CA Cert file Feb 01, 13:43:06: Error in reading DER CA Cert:/tmp/deviceCerts/CSS_CA_RootCert.der, Ignore It Feb 01, 13:43:06: CA Cert status : 0 Before IKE_initServer Feb 01, 13:43:06: IKE_initServer: Cert length 1713 IKE_initServer: Host Certificate is set (RSA-SIG) {CN=CNG2K511VX::90:4c:81:c0:f6:0c} Feb 01, 13:43:06: get_ip_from_dev: interface name = br0 Feb 01, 13:43:06: get_ip_from_dev: interface name = br0 Feb 01, 13:43:06: IKE_EXAMPLE_addServer port:0 natt:0 Feb 01, 13:43:06: get_ip_from_dev: interface name = br0 Feb 01, 13:43:06: IKE_EXAMPLE_addServer:2330 dev_name br0 saddr 192.168.0.3 Feb 01, 13:43:06: IKE_EXAMPLE_addUdpSkt STARTS Feb 01, 13:43:06: IKE_EXAMPLE_addUdpSkt:2035 family is v4 hostAddr= 192.168.0.3 wHostPort = 65363 Feb 01, 13:43:06: get_ip_from_dev: interface name = br0 Feb 01, 13:43:06: srcdev_name = br0 ip 192.168.0.3 Feb 01, 13:43:06: IKE_EXAMPLE_addUdpSkt: Using SocketIndex:0 IKE_EXAMPLE: Socket created on 192.168.0.3[65363] Feb 01, 13:43:06: IKE_EXAMPLE_addServer:2388 socket descriptor is 0 port number 65363 for server instance 0 at 0th index addr 192.168.0.3 Feb 01, 13:43:06: IKE_EXAMPLE_addUdpSkt STARTS Feb 01, 13:43:06: IKE_EXAMPLE_addUdpSkt:2035 family is v4 hostAddr= 192.168.0.3 wHostPort = 65364 Feb 01, 13:43:06: get_ip_from_dev: interface name = br0 Feb 01, 13:43:06: srcdev_name = br0 ip 192.168.0.3 Feb 01, 13:43:06: IKE_EXAMPLE_addUdpSkt: Using SocketIndex:1 IKE_EXAMPLE: Socket created on 192.168.0.3[65364] Feb 01, 13:43:06: IKE_EXAMPLE_addServer:2437 socket descriptor is 1 port number 65364 for server instance 0 at 1st index addr 192.168.0.3 Feb 01, 13:43:06: IKE_EXAMPLE_addDefaultServers status:0 Feb 01, 13:43:06: setup_tunnel:5102: Setenv TUNDEV setup_tunnel successful Feb 01, 13:43:06: tunnel address = 10.20.202.10 Feb 01, 13:43:06: hostAddr = 192.168.0.3 (0.0)(pid:10422) time:2022-02-01 13:43:06 SA_INIT dest=10.20.202.10 Feb 01, 13:43:06: IKE_evtRecv: Initialize IKE SA Feb 01, 13:43:06: IKE_CUSTOM_getVersion(peerAddr:10.20.202.10): ikeVersion:2 Feb 01, 13:43:06: IKE2_evtInit:1168: peerAddr=10.20.202.10 peerAddr->family=2 Feb 01, 13:43:06: IKE_allocSa my_rapper_index 0 serverInstance 1 for 192.168.0.3 Timer ID: 1 Initialized Feb 01, 13:43:06: IKE_SA_INIT Feb 01, 13:43:06: IKE2_newSa(822): NEW SA, DhGrp 2 (0) Feb 01, 13:43:06: IKE2_newSa(peerAddr:169134602): IKE_SA-lifetime:28000 Feb 01, 13:43:06: IKE2_getStateInfo start oExchange = 34 dir = 0 Feb 01, 13:43:06: IKE2_xchgOut:(226): IPV4 IMPLEMENTATION ctx->dwBufferSize=0 ctx->bUseNattPort=0 I --> Feb 01, 13:43:06: I --> Feb 01, 13:43:06: construct outgoing message Feb 01, 13:43:06: initI_out : IPV4 IMPLEMENTATION Feb 01, 13:43:06: OutSa(v2-peerAddr::: pxSa->dwPeerAddr:10.20.202.10): Entered Feb 01, 13:43:06: OutSa: ike sa ENCR_AES 128-BITS ENCR_AES 256-BITS PRF_HMAC_SHA1 AUTH_HMAC_SHA1_96 DH_2 NAT_D (us): 80 4a 14 ac 5a d7 dc 0a 09 b5 2f 74 a4 b5 f5 5f 13 0b 3f 38 NAT_D (peer): a2 5a 3e 48 11 de 19 58 b8 7c 6c d7 3a 87 89 73 c9 f0 99 1f Feb 01, 13:43:06: RAPPER_ERROR_FILE exists Feb 01, 13:43:06: AP err cookie retval 9 cookie:77f4e03594810bda err 2d Feb 01, 13:43:06: RAPPER_ERROR_FILE exists Feb 01, 13:43:06: AP err cookie retval 9 cookie:77f4e03594810bda err 2d Feb 01, 13:43:06: RAPPER_ERROR_FILE exists Feb 01, 13:43:06: AP err cookie retval 9 cookie:77f4e03594810bda err 2d Feb 01, 13:43:06: RAPPER_ERROR_FILE exists Feb 01, 13:43:06: AP err cookie retval 9 cookie:77f4e03594810bda err 2d Feb 01, 13:43:06: RAPPER_ERROR_FILE exists Feb 01, 13:43:06: AP err cookie retval 9 cookie:77f4e03594810bda err 2d Feb 01, 13:43:06: transmit message spi={5c034d3dd72c42b2 0000000000000000} np=SA exchange=IKE_SA_INIT msgid=0 len=388 #SEND 392 bytes to 10.20.202.10[4500] (0.0)(pid:10422) time:2022-02-01 13:43:06 Feb 01, 13:43:06: IKE_SAMPLE_ikeXchgSend:2735:V4 IMPLEMENATION dwPeerAddr=10.20.202.10 bUseNattPort=1 Feb 01, 13:43:06: Sending from SrcPort 65364 ---> DstPort 4500 myAddr = 192.168.0.3 Feb 01, 13:43:06: IKE_SAMPLE_ikeXchgSend Successfully setsockopt UDP_ENCAP port 65364 Feb 01, 13:43:06: send message: dwPeerAddr=10.20.202.10, wPeerPort=4500, pBuffer=, dwBufferSize=392 Feb 01, 13:43:06: UDP_sendTo successful IKE_EXAMPLE: UDP_sendTo() successful, status = 0 sendto() returns 2 Remote IP address = 10.20.202.10 IKE_EXAMPLE: IKE_keyConnect() started, id = 0xFeb 01, 13:43:06: IKE_EXAMPLE: IKE_keyConnect() started, id = 0x on device br0 e7aa6940... Feb 01, 13:43:06: papi:15200 Feb 01, 13:43:06: IKE_EXAMPLE_msgRecv:2160:V4 IMPLEMENATION peerAddr = 10.20.202.10 Feb 01, 13:43:06: IKE2_msgRecv:(1650): IPV4 IMPLEMENTATION bUseNattPort=1 Feb 01, 13:43:06: IKE2_msgRecv:1664 original ike_context created #RECV 60 bytes from 10.20.202.10[4500] at 192.168.0.3 (0.0)(pid:10422) time:2022-02-01 13:43:06 Feb 01, 13:43:06: IKE2_msgRecv:1744: Feb 01, 13:43:06: IKE2_xchgIn:(798): IPV4 IMPLEMENTATION ctx->dwBufferSize=60 ctx->bUseNattPort=1 spi={5c034d3dd72c42b2 0000000000000000} np=N exchange=IKE_SA_INIT msgid=0 len=56 I <-- Feb 01, 13:43:06: InNotify:(8316): IPV4 IMPLEMENTATION ctx->dwBufferSize=28 ctx->bUseNattPort=1 Notify: COOKIE Feb 01, 13:43:06: IKE2_xchgIn:1378 bResponse=1 status=0 Feb 01, 13:43:06: IKE2_msgRecv:1834 create new context, status_in=0 Feb 01, 13:43:06: |ocsp| IKE2_msgRecv_resume:2077 Feb 01, 13:43:06: IKE2_xchgOut:(226): IPV4 IMPLEMENTATION ctx->dwBufferSize=60 ctx->bUseNattPort=1 Feb 01, 13:43:06: transmit message spi={5c034d3dd72c42b2 0000000000000000} np=N exchange=IKE_SA_INIT msgid=0 len=416 #SEND 420 bytes to 10.20.202.10[4500] (0.0)(pid:10422) time:2022-02-01 13:43:06 Feb 01, 13:43:06: IKE_SAMPLE_ikeXchgSend:2735:V4 IMPLEMENATION dwPeerAddr=10.20.202.10 bUseNattPort=1 Feb 01, 13:43:06: Sending from SrcPort 65364 ---> DstPort 4500 myAddr = 192.168.0.3 Feb 01, 13:43:06: send message: dwPeerAddr=10.20.202.10, wPeerPort=4500, pBuffer=, dwBufferSize=420 Feb 01, 13:43:06: UDP_sendTo successful IKE_EXAMPLE: UDP_sendTo() successful, status = 0 sendto() returns 0 Remote IP address = 10.20.202.10 Feb 01, 13:43:06: cleanup_and_free_context: delete ctx memory Feb 01, 13:43:06: |ocsp| cleanup_context_data:2257 Feb 01, 13:43:06: IKE2_msgRecv:1850 status=0 OK=0 Feb 01, 13:43:06: IKE_EXAMPLE_msgRecv:2160:V4 IMPLEMENATION peerAddr = 10.20.202.10 Feb 01, 13:43:06: IKE2_msgRecv:(1650): IPV4 IMPLEMENTATION bUseNattPort=1 Feb 01, 13:43:06: IKE2_msgRecv:1664 original ike_context created #RECV 525 bytes from 10.20.202.10[4500] at 192.168.0.3 (0.0)(pid:10422) time:2022-02-01 13:43:06 Feb 01, 13:43:06: IKE2_msgRecv:1744: Feb 01, 13:43:06: IKE2_xchgIn:(798): IPV4 IMPLEMENTATION ctx->dwBufferSize=525 ctx->bUseNattPort=1 spi={5c034d3dd72c42b2 0b05eb1dfdf34b13} np=SA exchange=IKE_SA_INIT msgid=0 len=521 I <-- Proposal #1: IKE[4] ENCR_AES 256-BITS PRF_HMAC_SHA1 AUTH_HMAC_SHA1_96 DH_2 Feb 01, 13:43:06: InNotify:(8316): IPV4 IMPLEMENTATION ctx->dwBufferSize=281 ctx->bUseNattPort=1 Notify: NAT_DETECTION_SOURCE_IP Feb 01, 13:43:06: InNotify:(8316): IPV4 IMPLEMENTATION ctx->dwBufferSize=253 ctx->bUseNattPort=1 Notify: NAT_DETECTION_DESTINATION_IP NAT_D (us/NAT): cb d9 2a b6 76 95 b6 79 86 3e d7 5d 8a ed e9 c0 f4 09 8b be Feb 01, 13:43:06: InCr:7799 SA rapper index 0 my_rapper_index 0 VID: 40 48 b7 d5 6e bc e8 85 25 e7 de 7f 00 d6 c2 d3 Feb 01, 13:43:06: Fragmentation is enabled Feb 01, 13:43:06: IKE2_getStateInfo start oExchange = 35 dir = 0 Feb 01, 13:43:06: IKE2_xchgIn:1378 bResponse=1 status=0 Feb 01, 13:43:06: IKE2_msgRecv:1834 create new context, status_in=0 Feb 01, 13:43:06: |ocsp| IKE2_msgRecv_resume:2077 Feb 01, 13:43:06: IKE2_xchgOut:(226): IPV4 IMPLEMENTATION ctx->dwBufferSize=525 ctx->bUseNattPort=1 I --> Feb 01, 13:43:06: I --> Feb 01, 13:43:06: construct outgoing message Notify: INITIAL_CONTACT Feb 01, 13:43:06: OutCert: adding leaf Cert of Len:1713 Feb 01, 13:43:06: RAPPER priority old: -19, set to -20 (0.0)(pid:10422) time:2022-02-01 13:43:06 Feb 01, 13:43:06: OutAuth oSigAlgo 0, Len 15, 30 14 msg 00 00 00 00 5c 03 4d 3d d7 2c 42 b2 00 00 00 00 00 00 00 00 29 20 22 08 00 00 00 00 00 00 01 a0 21 00 00 1c 01 00 40 06 00 00 00 a5 0b 7b b9 ae a0 34 c2 1f 39 f7 7a 3b 31 d5 99 2e 22 00 00 3c 00 00 00 38 01 01 00 05 03 00 00 0c 01 00 00 0c 80 0e 00 80 03 00 00 0c 01 00 00 0c 80 0e 01 00 03 00 00 08 02 00 00 02 03 00 00 08 03 00 00 02 00 00 00 08 04 00 00 02 28 00 00 88 00 02 00 00 46 fa 87 4b 19 c3 46 c8 69 95 00 41 66 e6 2c 39 4e 18 94 6d c3 e8 17 81 61 9c 3b f4 00 59 cd 74 37 bc 8b 5e 00 89 0f 44 e3 cf 27 27 19 d8 63 a0 d7 fc c8 9f 6f 2d 9d c6 31 19 34 c1 17 44 40 7b dc 03 18 bf 62 31 bb 4c b7 c8 39 ad 97 12 ee dc 3a 4f df 50 f9 54 93 cd 83 2f dc 8c b8 1a a8 2b 09 e6 d2 f5 89 1f 49 a6 96 74 5d 28 67 ed d8 6f 3f 15 2b ff 56 88 6e 38 4f 0c 5f 20 fc 00 f3 1b 29 00 00 14 03 ce 21 27 51 5f 74 3e 25 8a b7 5f 23 9e c7 bd 29 00 00 1c 00 00 40 04 80 4a 14 ac 5a d7 dc 0a 09 b5 2f 74 a4 b5 f5 5f 13 0b 3f 38 2b 00 00 1c 00 00 40 05 a2 5a 3e 48 11 de 19 58 b8 7c 6c d7 3a 87 89 73 c9 f0 99 1f 2b 00 00 14 40 48 b7 d5 6e bc e8 85 25 e7 de 7f 00 d6 c2 d3 2b 00 00 18 91 27 e6 75 f9 9a 10 88 16 b3 38 d1 8a 29 8a 42 c0 dd 94 18 2b 00 00 18 17 25 f0 89 27 42 ea 52 3b 79 ec 84 8c 97 20 1a 30 94 d6 c5 00 00 00 14 40 48 b7 d5 6e bc e8 85 25 e7 de 7f 00 d6 c2 d3 non a3 a6 25 65 f0 50 11 9c 85 ae 27 da 97 44 93 61 04 57 40 64 bf 2b 32 72 lst 8d d3 a6 d1 39 fe 1b d2 e1 20 46 ca 3a 54 ca 88 28 2c 0a 0a HASH_i 80 84 55 a8 98 46 f1 77 07 58 81 0c fe 0b a7 2e ad 05 76 cf end of show log rapper ======================================================== Target : undefined show vpn status profile name:default -------------------------------------------------- current using tunnel :unselected tunnel current tunnel using time :0 ipsec is preempt status :disable ipsec is fast failover status :disable ipsec hold on period :600s ipsec tunnel monitor frequency (seconds/packet) :5 ipsec tunnel monitor timeout by lost packet cnt :6 ipsec reconnect duration (seconds) :30 ipsec primary tunnel crypto type :Cert ipsec primary tunnel peer address :10.20.202.10 ipsec primary tunnel peer tunnel ip :0.0.0.0 ipsec primary tunnel ap tunnel ip :0.0.0.0 ipsec primary tunnel using interface : ipsec primary tunnel using MTU :0 ipsec primary tunnel profile index :0 ipsec primary tunnel current sm status :Retrying ipsec primary tunnel tunnel status :Down ipsec primary tunnel tunnel retry times :3 ipsec primary tunnel tunnel uptime :0 ipsec backup tunnel crypto type :Cert ipsec backup tunnel peer address :N/A ipsec backup tunnel peer tunnel ip :N/A ipsec backup tunnel ap tunnel ip :N/A ipsec backup tunnel using interface :N/A ipsec backup tunnel using MTU :N/A ipsec backup tunnel current sm status :Init ipsec backup tunnel tunnel status :Down ipsec backup tunnel tunnel retry times :0 ipsec backup tunnel tunnel uptime :0 end of show vpn status ======================================================== show gre status GRE not configured - no status end of show gre status ======================================================== show upgrade info swarm upgrade status -------------------- Mac IP Address Seed AP AP Class Status Image Info --- ---------- ------- -------- ------ ---------- 90:4c:81:c0:f6:0c 192.168.0.3 No Draco image-ok From Seed Auto reboot :enable Use external URL :enable Conductor wait Time :0 secs 0 count Switch Partition :enable Upgrade in process :No UAP convert process :No end of show upgrade info ======================================================== show log upgrade ----------Download log start---------- download log not available ----------Download log end------------ Download status: incomplete ----------Upgrade log start---------- upgrade log not available ----------Upgrade log end------------ Upgrade status: upgrade status not available end of show log upgrade ======================================================== show log rapper Feb 01, 13:42:06: get_ike_version: Use IKE Version 2 Feb 01, 13:42:06: rapper_write_pid_to_file: wrote rapper pid 9917 to file /tmp/rapper_pid_1 Feb 01, 13:42:06: papi_init papifd:6 ack:15 IKE_EXAMPLE: Starting up IKE server Feb 01, 13:42:06: IKE_init: ethmacstr = 90:4C:81:C0:F6:0C Initialized Timers IKE_init: completed after (0.0)(pid:9917) time:2022-02-01 13:42:06 seconds. Feb 01, 13:42:06: RAP using default certificates Feb 01, 13:42:06: IAP using default CA certificates Feb 01, 13:42:06: Before getting Certs Feb 01, 13:42:06: TPM enabled Feb 01, 13:42:06: get_usb_type: Unable to open /tmp/usb_type Feb 01, 13:42:06: get_usb_csr: Unable to open /tmp/usb_csr Feb 01, 13:42:06: CA_MGMT_EXAMPLE_computeHostKeys init cert-len 0 Feb 01, 13:42:06: Factory Device Cert is /tmp/deviceCerts/certifiedKeyCert.der Feb 01, 13:42:06: Reading DER Device Cert file /tmp/deviceCerts/certifiedKeyCert.der Feb 01, 13:42:06: DER Device Cert file len:1713 Feb 01, 13:42:06: Intermediate Cert index:0 is /tmp/deviceCerts/certifiedKeyCaCert.der Feb 01, 13:42:06: Reading DER Intermediate Cert file Feb 01, 13:42:06: DER Intermediate Cert file len:1118 Feb 01, 13:42:06: Intermediate Cert index:1 is /tmp/deviceCerts/caChainCert1.der Feb 01, 13:42:06: Reading DER Intermediate Cert file Feb 01, 13:42:06: DER Intermediate Cert file len:1333 Feb 01, 13:42:06: Decode PEM Key length :0 Feb 01, 13:42:06: testHostKeys : status 0 Feb 01, 13:42:06: testHostKeys : free temp Certificate status 0 Feb 01, 13:42:06: CA_MGMT_EXAMPLE_computeHostKeys after testHostKeys cert-len 1713 Feb 01, 13:42:06: CA Cert index:0 is /tmp/deviceCerts/OpensslOldCA_RootCert.der Feb 01, 13:42:06: Reading CA Cert file Feb 01, 13:42:06: i=0 DER CA Cert file len:1416 Feb 01, 13:42:06: CA Cert index:1 is /tmp/deviceCerts/MSCAV1_RootCert.der Feb 01, 13:42:06: Reading CA Cert file Feb 01, 13:42:06: i=1 DER CA Cert file len:1009 Feb 01, 13:42:06: CA Cert index:2 is /tmp/deviceCerts/Aruba_EST_CA_RootCert.der Feb 01, 13:42:06: Reading CA Cert file Feb 01, 13:42:06: i=2 DER CA Cert file len:992 Feb 01, 13:42:06: Got 3 Trusted Certs Feb 01, 13:42:06: CSS CA Cert is /tmp/deviceCerts/CSS_CA_RootCert.der Feb 01, 13:42:06: Reading DER CA Cert file Feb 01, 13:42:06: Error in reading DER CA Cert:/tmp/deviceCerts/CSS_CA_RootCert.der, Ignore It Feb 01, 13:42:06: CA Cert status : 0 Before IKE_initServer Feb 01, 13:42:06: IKE_initServer: Cert length 1713 IKE_initServer: Host Certificate is set (RSA-SIG) {CN=CNG2K511VX::90:4c:81:c0:f6:0c} Feb 01, 13:42:06: get_ip_from_dev: interface name = br0 Feb 01, 13:42:06: get_ip_from_dev: interface name = br0 Feb 01, 13:42:06: IKE_EXAMPLE_addServer port:0 natt:0 Feb 01, 13:42:06: get_ip_from_dev: interface name = br0 Feb 01, 13:42:06: IKE_EXAMPLE_addServer:2330 dev_name br0 saddr 192.168.0.3 Feb 01, 13:42:06: IKE_EXAMPLE_addUdpSkt STARTS Feb 01, 13:42:06: IKE_EXAMPLE_addUdpSkt:2035 family is v4 hostAddr= 192.168.0.3 wHostPort = 0 Feb 01, 13:42:06: get_ip_from_dev: interface name = br0 Feb 01, 13:42:06: srcdev_name = br0 ip 192.168.0.3 Feb 01, 13:42:06: IKE_EXAMPLE_addUdpSkt: Using SocketIndex:0 IKE_EXAMPLE: Socket created on 192.168.0.3[0] Feb 01, 13:42:06: IKE_EXAMPLE_addServer:2388 socket descriptor is 0 port number 65359 for server instance 0 at 0th index addr 192.168.0.3 Feb 01, 13:42:06: IKE_EXAMPLE_addUdpSkt STARTS Feb 01, 13:42:06: IKE_EXAMPLE_addUdpSkt:2035 family is v4 hostAddr= 192.168.0.3 wHostPort = 65360 Feb 01, 13:42:06: get_ip_from_dev: interface name = br0 Feb 01, 13:42:06: srcdev_name = br0 ip 192.168.0.3 Feb 01, 13:42:06: IKE_EXAMPLE_addUdpSkt: Using SocketIndex:1 IKE_EXAMPLE: Socket created on 192.168.0.3[65360] Feb 01, 13:42:06: IKE_EXAMPLE_addServer:2437 socket descriptor is 1 port number 65360 for server instance 0 at 1st index addr 192.168.0.3 Feb 01, 13:42:06: IKE_EXAMPLE_addDefaultServers status:0 Feb 01, 13:42:06: setup_tunnel:5102: Setenv TUNDEV setup_tunnel successful Feb 01, 13:42:06: tunnel address = 10.20.202.10 Feb 01, 13:42:06: hostAddr = 192.168.0.3 (0.0)(pid:9917) time:2022-02-01 13:42:06 SA_INIT dest=10.20.202.10 Feb 01, 13:42:06: IKE_evtRecv: Initialize IKE SA Feb 01, 13:42:06: IKE_CUSTOM_getVersion(peerAddr:10.20.202.10): ikeVersion:2 Feb 01, 13:42:06: IKE2_evtInit:1168: peerAddr=10.20.202.10 peerAddr->family=2 Feb 01, 13:42:06: IKE_allocSa my_rapper_index 0 serverInstance 1 for 192.168.0.3 Timer ID: 1 Initialized Feb 01, 13:42:06: IKE_SA_INIT Feb 01, 13:42:06: IKE2_newSa(822): NEW SA, DhGrp 2 (0) Feb 01, 13:42:06: IKE2_newSa(peerAddr:169134602): IKE_SA-lifetime:28000 Feb 01, 13:42:06: IKE2_getStateInfo start oExchange = 34 dir = 0 Feb 01, 13:42:06: IKE2_xchgOut:(226): IPV4 IMPLEMENTATION ctx->dwBufferSize=0 ctx->bUseNattPort=0 I --> Feb 01, 13:42:06: I --> Feb 01, 13:42:06: construct outgoing message Feb 01, 13:42:06: initI_out : IPV4 IMPLEMENTATION Feb 01, 13:42:06: OutSa(v2-peerAddr::: pxSa->dwPeerAddr:10.20.202.10): Entered Feb 01, 13:42:06: OutSa: ike sa ENCR_AES 128-BITS ENCR_AES 256-BITS PRF_HMAC_SHA1 AUTH_HMAC_SHA1_96 DH_2 NAT_D (us): fa 5a 6b ff 44 e0 b7 0a cb b3 be 52 b4 66 32 93 67 ca 53 fb NAT_D (peer): 5c 13 73 d2 6d be d2 0b 22 91 d4 42 30 7c 28 6b 95 9f 14 0d Feb 01, 13:42:06: RAPPER_ERROR_FILE doesn't exist Feb 01, 13:42:06: RAPPER_ERROR_FILE doesn't exist Feb 01, 13:42:06: RAPPER_ERROR_FILE doesn't exist Feb 01, 13:42:06: RAPPER_ERROR_FILE doesn't exist Feb 01, 13:42:06: RAPPER_ERROR_FILE doesn't exist Feb 01, 13:42:06: transmit message spi={5e18d9ebcecedddb 0000000000000000} np=SA exchange=IKE_SA_INIT msgid=0 len=388 #SEND 392 bytes to 10.20.202.10[4500] (0.0)(pid:9917) time:2022-02-01 13:42:06 Feb 01, 13:42:06: IKE_SAMPLE_ikeXchgSend:2735:V4 IMPLEMENATION dwPeerAddr=10.20.202.10 bUseNattPort=1 Feb 01, 13:42:06: Sending from SrcPort 65360 ---> DstPort 4500 myAddr = 192.168.0.3 Feb 01, 13:42:06: IKE_SAMPLE_ikeXchgSend Successfully setsockopt UDP_ENCAP port 65360 Feb 01, 13:42:06: send message: dwPeerAddr=10.20.202.10, wPeerPort=4500, pBuffer=, dwBufferSize=392 Feb 01, 13:42:06: UDP_sendTo successful IKE_EXAMPLE: UDP_sendTo() successful, status = 0 sendto() returns 2 Remote IP address = 10.20.202.10 IKE_EXAMPLE: IKE_keyConnect() started, id = 0xFeb 01, 13:42:06: IKE_EXAMPLE: IKE_keyConnect() started, id = 0x on device br0 9d80f3a2... Feb 01, 13:42:06: papi:15200 Feb 01, 13:42:06: IKE_EXAMPLE_msgRecv:2160:V4 IMPLEMENATION peerAddr = 10.20.202.10 Feb 01, 13:42:06: IKE2_msgRecv:(1650): IPV4 IMPLEMENTATION bUseNattPort=1 Feb 01, 13:42:06: IKE2_msgRecv:1664 original ike_context created #RECV 60 bytes from 10.20.202.10[4500] at 192.168.0.3 (0.0)(pid:9917) time:2022-02-01 13:42:06 Feb 01, 13:42:06: IKE2_msgRecv:1744: Feb 01, 13:42:06: IKE2_xchgIn:(798): IPV4 IMPLEMENTATION ctx->dwBufferSize=60 ctx->bUseNattPort=1 spi={5e18d9ebcecedddb 0000000000000000} np=N exchange=IKE_SA_INIT msgid=0 len=56 I <-- Feb 01, 13:42:06: InNotify:(8316): IPV4 IMPLEMENTATION ctx->dwBufferSize=28 ctx->bUseNattPort=1 Notify: COOKIE Feb 01, 13:42:06: IKE2_xchgIn:1378 bResponse=1 status=0 Feb 01, 13:42:06: IKE2_msgRecv:1834 create new context, status_in=0 Feb 01, 13:42:06: |ocsp| IKE2_msgRecv_resume:2077 Feb 01, 13:42:06: IKE2_xchgOut:(226): IPV4 IMPLEMENTATION ctx->dwBufferSize=60 ctx->bUseNattPort=1 Feb 01, 13:42:06: transmit message spi={5e18d9ebcecedddb 0000000000000000} np=N exchange=IKE_SA_INIT msgid=0 len=416 #SEND 420 bytes to 10.20.202.10[4500] (0.0)(pid:9917) time:2022-02-01 13:42:06 Feb 01, 13:42:06: IKE_SAMPLE_ikeXchgSend:2735:V4 IMPLEMENATION dwPeerAddr=10.20.202.10 bUseNattPort=1 Feb 01, 13:42:06: Sending from SrcPort 65360 ---> DstPort 4500 myAddr = 192.168.0.3 Feb 01, 13:42:06: send message: dwPeerAddr=10.20.202.10, wPeerPort=4500, pBuffer=, dwBufferSize=420 Feb 01, 13:42:06: UDP_sendTo successful IKE_EXAMPLE: UDP_sendTo() successful, status = 0 sendto() returns 0 Remote IP address = 10.20.202.10 Feb 01, 13:42:06: cleanup_and_free_context: delete ctx memory Feb 01, 13:42:06: |ocsp| cleanup_context_data:2257 Feb 01, 13:42:06: IKE2_msgRecv:1850 status=0 OK=0 Feb 01, 13:42:06: IKE_EXAMPLE_msgRecv:2160:V4 IMPLEMENATION peerAddr = 10.20.202.10 Feb 01, 13:42:06: IKE2_msgRecv:(1650): IPV4 IMPLEMENTATION bUseNattPort=1 Feb 01, 13:42:06: IKE2_msgRecv:1664 original ike_context created #RECV 525 bytes from 10.20.202.10[4500] at 192.168.0.3 (0.0)(pid:9917) time:2022-02-01 13:42:06 Feb 01, 13:42:06: IKE2_msgRecv:1744: Feb 01, 13:42:06: IKE2_xchgIn:(798): IPV4 IMPLEMENTATION ctx->dwBufferSize=525 ctx->bUseNattPort=1 spi={5e18d9ebcecedddb ce6d1c71b2c57464} np=SA exchange=IKE_SA_INIT msgid=0 len=521 I <-- Proposal #1: IKE[4] ENCR_AES 256-BITS PRF_HMAC_SHA1 AUTH_HMAC_SHA1_96 DH_2 Feb 01, 13:42:06: InNotify:(8316): IPV4 IMPLEMENTATION ctx->dwBufferSize=281 ctx->bUseNattPort=1 Notify: NAT_DETECTION_SOURCE_IP Feb 01, 13:42:06: InNotify:(8316): IPV4 IMPLEMENTATION ctx->dwBufferSize=253 ctx->bUseNattPort=1 Notify: NAT_DETECTION_DESTINATION_IP NAT_D (us/NAT): 4a 10 bb a3 28 8a 06 b9 f3 3c fb 27 ec a9 30 dc a3 65 e5 b5 Feb 01, 13:42:06: InCr:7799 SA rapper index 0 my_rapper_index 0 VID: 40 48 b7 d5 6e bc e8 85 25 e7 de 7f 00 d6 c2 d3 Feb 01, 13:42:06: Fragmentation is enabled Feb 01, 13:42:06: IKE2_getStateInfo start oExchange = 35 dir = 0 Feb 01, 13:42:06: IKE2_xchgIn:1378 bResponse=1 status=0 Feb 01, 13:42:06: IKE2_msgRecv:1834 create new context, status_in=0 Feb 01, 13:42:06: |ocsp| IKE2_msgRecv_resume:2077 Feb 01, 13:42:06: IKE2_xchgOut:(226): IPV4 IMPLEMENTATION ctx->dwBufferSize=525 ctx->bUseNattPort=1 I --> Feb 01, 13:42:06: I --> Feb 01, 13:42:06: construct outgoing message Notify: INITIAL_CONTACT Feb 01, 13:42:06: OutCert: adding leaf Cert of Len:1713 Feb 01, 13:42:06: RAPPER priority old: -19, set to -20 (0.0)(pid:9917) time:2022-02-01 13:42:06 Feb 01, 13:42:06: OutAuth oSigAlgo 0, Len 15, 30 14 msg 00 00 00 00 5e 18 d9 eb ce ce dd db 00 00 00 00 00 00 00 00 29 20 22 08 00 00 00 00 00 00 01 a0 21 00 00 1c 01 00 40 06 00 00 00 a5 6a 27 66 d2 9d 62 7f eb 1c 3f a2 fb 25 6c c9 c9 22 00 00 3c 00 00 00 38 01 01 00 05 03 00 00 0c 01 00 00 0c 80 0e 00 80 03 00 00 0c 01 00 00 0c 80 0e 01 00 03 00 00 08 02 00 00 02 03 00 00 08 03 00 00 02 00 00 00 08 04 00 00 02 28 00 00 88 00 02 00 00 e6 e7 ba a6 d9 e0 9c 28 88 2c af 10 39 71 ce e7 4f 68 40 bf 0b 61 a9 a2 65 68 5c be f9 7d 00 e4 47 d9 a0 b4 ff a9 9c 91 0d 34 7b 88 fc 4e a9 dc da 5b 64 48 cb cd 65 75 c5 db e8 bf 41 61 a3 14 99 f8 02 cd 54 ef f4 0e 5c a9 82 f4 95 95 36 41 d2 cc 12 88 b0 93 c1 ae ff 9b 8e 9f 12 c8 0d cf 1f 02 af aa 5c fc 7a c8 44 ed ec 49 7f 30 6d a3 06 cf c5 0a 37 da e5 2d 89 5b 4f d8 65 f7 83 f4 29 00 00 14 57 d5 db 72 b0 8c 78 17 76 e7 5a f6 ae 72 19 7d 29 00 00 1c 00 00 40 04 fa 5a 6b ff 44 e0 b7 0a cb b3 be 52 b4 66 32 93 67 ca 53 fb 2b 00 00 1c 00 00 40 05 5c 13 73 d2 6d be d2 0b 22 91 d4 42 30 7c 28 6b 95 9f 14 0d 2b 00 00 14 40 48 b7 d5 6e bc e8 85 25 e7 de 7f 00 d6 c2 d3 2b 00 00 18 91 27 e6 75 f9 9a 10 88 16 b3 38 d1 8a 29 8a 42 c0 dd 94 18 2b 00 00 18 17 25 f0 89 27 42 ea 52 3b 79 ec 84 8c 97 20 1a 30 94 d6 c5 00 00 00 14 40 48 b7 d5 6e bc e8 85 25 e7 de 7f 00 d6 c2 d3 non 3b 81 1d c0 51 e6 1f f7 9d 95 06 4d 26 cb 76 07 67 ea c4 5c 4a b5 f5 05 lst 2b 08 2d ed c8 d1 88 09 ee b5 8c 3c 4f e1 67 4e 70 18 64 0a HASH_i e1 f5 f4 02 43 29 92 a8 f8 a9 79 0d a0 b1 f0 c7 b1 40 8a 7b (2.0)(pid:9917) time:2022-02-01 13:42:08 Feb 01, 13:42:08: OutAuth TPM sign api passed (2.0)(pid:9917) time:2022-02-01 13:42:08 Feb 01, 13:42:08: IKE_SAMPLE_ikeInitCfg(peerAddr=10.20.202.10): No CP-CFG IPV4 IMPLEMENTATION CFG_REQUEST IP4_ADDRESS IP4_NETMASK find index: 00000000Feb 01, 13:42:08: OutSa(v2-peerAddr:10.20.202.10 pxSa->dwPeerAddr:10.20.202.10): Entered Feb 01, 13:42:08: OutSa: child sa Feb 01, 13:42:08: OutTfm2(v2-peerAddr:169134602): oTfmId:0 wAuthAlgo:0 wEncrKeyLen:0 wAuthKeyLen:0 bNoEnumEncr:0 bNoEnumAuth:0 ENCR_AES 128-BITS ENCR_AES 256-BITS ENCR_3DES AUTH_HMAC_SHA1_96 ESN_0 Feb 01, 13:42:08: OutTs:1934: Feb 01, 13:42:08: OutTs:1979: ctx->dwBufferSize=12479 wBodyLen=8 TSi: 0.0.0.0~255.255.255.255 Feb 01, 13:42:08: OutTs:1934: Feb 01, 13:42:08: OutTs:1979: ctx->dwBufferSize=12455 wBodyLen=8 TSr: 0.0.0.0~255.255.255.255 Feb 01, 13:42:08: transmit message spi={5e18d9ebcecedddb ce6d1c71b2c57464} np=E{IDi} exchange=IKE_AUTH msgid=1 len=2268 #SEND 2272 bytes to 10.20.202.10[4500] (2.0)(pid:9917) time:2022-02-01 13:42:08 Feb 01, 13:42:08: IKE2_xchgOut:513 Feb 01, 13:42:08: ikeTotalDatasize 2244, maxFragDataSize = 476, num 5, last 340 Feb 01, 13:42:08: IKE2_fragCreate:(237): IPV4 IMPLEMENTATION ctx->dwBufferSize=12412 ctx->bUseNattPort=1 Feb 01, 13:42:08: Created fragment, size = 476 Feb 01, 13:42:08: Sending no:1 fragment out of 5 fragments, size = 0 Feb 01, 13:42:08: IKE_SAMPLE_ikeXchgSend:2735:V4 IMPLEMENATION dwPeerAddr=10.20.202.10 bUseNattPort=1 Feb 01, 13:42:08: Sending from SrcPort 65360 ---> DstPort 4500 myAddr = 192.168.0.3 Feb 01, 13:42:08: send message: dwPeerAddr=10.20.202.10, wPeerPort=4500, pBuffer=, dwBufferSize=516 Feb 01, 13:42:08: UDP_sendTo successful IKE_EXAMPLE: UDP_sendTo() successful, status = 0 sendto() returns 0 Remote IP address = 10.20.202.10 Feb 01, 13:42:08: Sending fragment, size = 516 Feb 01, 13:42:08: IKE2_fragCreate:(237): IPV4 IMPLEMENTATION ctx->dwBufferSize=12412 ctx->bUseNattPort=1 Feb 01, 13:42:08: Created fragment, size = 476 Feb 01, 13:42:08: Sending no:2 fragment out of 5 fragments, size = 0 Feb 01, 13:42:08: IKE_SAMPLE_ikeXchgSend:2735:V4 IMPLEMENATION dwPeerAddr=10.20.202.10 bUseNattPort=1 Feb 01, 13:42:08: Sending from SrcPort 65360 ---> DstPort 4500 myAddr = 192.168.0.3 Feb 01, 13:42:08: send message: dwPeerAddr=10.20.202.10, wPeerPort=4500, pBuffer=, dwBufferSize=516 Feb 01, 13:42:08: UDP_sendTo successful IKE_EXAMPLE: UDP_sendTo() successful, status = 0 sendto() returns 0 Remote IP address = 10.20.202.10 Feb 01, 13:42:08: Sending fragment, size = 516 Feb 01, 13:42:08: IKE2_fragCreate:(237): IPV4 IMPLEMENTATION ctx->dwBufferSize=12412 ctx->bUseNattPort=1 Feb 01, 13:42:08: Created fragment, size = 476 Feb 01, 13:42:08: Sending no:3 fragment out of 5 fragments, size = 0 Feb 01, 13:42:08: IKE_SAMPLE_ikeXchgSend:2735:V4 IMPLEMENATION dwPeerAddr=10.20.202.10 bUseNattPort=1 Feb 01, 13:42:08: Sending from SrcPort 65360 ---> DstPort 4500 myAddr = 192.168.0.3 Feb 01, 13:42:08: send message: dwPeerAddr=10.20.202.10, wPeerPort=4500, pBuffer=, dwBufferSize=516 Feb 01, 13:42:08: UDP_sendTo successful IKE_EXAMPLE: UDP_sendTo() successful, status = 0 sendto() returns 0 Remote IP address = 10.20.202.10 Feb 01, 13:42:08: Sending fragment, size = 516 Feb 01, 13:42:08: IKE2_fragCreate:(237): IPV4 IMPLEMENTATION ctx->dwBufferSize=12412 ctx->bUseNattPort=1 Feb 01, 13:42:08: Created fragment, size = 476 Feb 01, 13:42:08: Sending no:4 fragment out of 5 fragments, size = 0 Feb 01, 13:42:08: IKE_SAMPLE_ikeXchgSend:2735:V4 IMPLEMENATION dwPeerAddr=10.20.202.10 bUseNattPort=1 Feb 01, 13:42:08: Sending from SrcPort 65360 ---> DstPort 4500 myAddr = 192.168.0.3 Feb 01, 13:42:08: send message: dwPeerAddr=10.20.202.10, wPeerPort=4500, pBuffer=, dwBufferSize=516 Feb 01, 13:42:08: UDP_sendTo successful IKE_EXAMPLE: UDP_sendTo() successful, status = 0 sendto() returns 0 Remote IP address = 10.20.202.10 Feb 01, 13:42:08: Sending fragment, size = 516 Feb 01, 13:42:08: IKE2_fragCreate:(237): IPV4 IMPLEMENTATION ctx->dwBufferSize=12412 ctx->bUseNattPort=1 Feb 01, 13:42:08: Created fragment, size = 336 Feb 01, 13:42:08: Sending last fragment, size = 376 Feb 01, 13:42:08: IKE_SAMPLE_ikeXchgSend:2735:V4 IMPLEMENATION dwPeerAddr=10.20.202.10 bUseNattPort=1 Feb 01, 13:42:08: Sending from SrcPort 65360 ---> DstPort 4500 myAddr = 192.168.0.3 Feb 01, 13:42:08: send message: dwPeerAddr=10.20.202.10, wPeerPort=4500, pBuffer=, dwBufferSize=376 Feb 01, 13:42:08: UDP_sendTo successful IKE_EXAMPLE: UDP_sendTo() successful, status = 0 sendto() returns 0 Remote IP address = 10.20.202.10 Feb 01, 13:42:08: cleanup_and_free_context: delete ctx memory Feb 01, 13:42:08: |ocsp| cleanup_context_data:2257 Feb 01, 13:42:08: IKE2_msgRecv:1850 status=0 OK=0 Feb 01, 13:42:08: IKE_EXAMPLE_msgRecv:2160:V4 IMPLEMENATION peerAddr = 10.20.202.10 Feb 01, 13:42:08: IKE2_msgRecv:(1650): IPV4 IMPLEMENTATION bUseNattPort=1 Feb 01, 13:42:08: IKE2_msgRecv:1664 original ike_context created #RECV 80 bytes from 10.20.202.10[4500] at 192.168.0.3 (2.0)(pid:9917) time:2022-02-01 13:42:08 Feb 01, 13:42:08: IKE2_msgRecv:1744: Feb 01, 13:42:08: IKE2_xchgIn:(798): IPV4 IMPLEMENTATION ctx->dwBufferSize=80 ctx->bUseNattPort=1 spi={5e18d9ebcecedddb ce6d1c71b2c57464} np=E{N} exchange=IKE_AUTH msgid=1 len=76 I <-- Feb 01, 13:42:08: InNotify:(8316): IPV4 IMPLEMENTATION ctx->dwBufferSize=12 ctx->bUseNattPort=1 Notify: AUTHENTICATION_FAILED (ESP spi=d3f70d00) Feb 01, 13:42:08: InNotify AP authentication failed ike2_state.c (8406): errorCode = ERR_IKE_NOTIFY_PAYLOAD Feb 01, 13:42:08: IKE_SAMPLE_ikeStatHdlr(CHILD_SA): dwPeerAddr:10.20.202.10 index:0 mPeerType:0 Feb 01, 13:42:08: IKE SA failed reason = ERR_IKE_XAUTH_FAILED, errorcode = -8952 ikeVer 2 Feb 01, 13:42:08: send_sapd_error: InnerIP:0.0.0.0 error:45 debug_error:0 Feb 01, 13:42:08: send_sapd_error: error:45 debug_error:0 Feb 01, 13:42:08: rapper_log_error: buf = 5e 18 d9 eb ce ce dd db 2d Feb 01, 13:42:08: |ocsp| IKE2_delSa: 1116 Feb 01, 13:42:08: IKE_SAMPLE_ikeStatHdlr: picking index 0 Feb 01, 13:42:08: IKE_SAMPLE_ikeStatHdlr: V4 IMPLEMENTATION Feb 01, 13:42:08: IKE_SAMPLE_ikeStatHdlr(SA): dwPeerAddr:10.20.202.10 index:0 mPeerType:0 Feb 01, 13:42:08: IKE_SA [v2 I] (id=0x9d80f3a2) flags 0x41000015 failed reason = ERR_IKE_XAUTH_FAILED, errorcode = -8952 Feb 01, 13:42:08: IKE_SAMPLE_ikeStatHdlr(IST_FAIL): g_ikeversion:2 Feb 01, 13:42:08: |ocsp| IKE2_delSa: 1198 Feb 01, 13:42:08: |ocsp| ap_remove_certmgr_packet: start Timer ID: 1 Deleted Feb 01, 13:42:08: IKE2_xchgIn:1378 bResponse=1 status=-8947 Feb 01, 13:42:08: IKE2_msgRecv:2008 exit: Feb 01, 13:42:08: |ocsp| cleanup_context_data:2257 rapperSendStatusCB Feb 01, 13:42:35: rapper got Signal 15 Feb 01, 13:42:35: need rapper EXIT immediately, since sometimes dispatcher loop hasn't start Feb 01, 13:42:36: get_ike_version: Use IKE Version 2 Feb 01, 13:42:36: rapper_write_pid_to_file: wrote rapper pid 10157 to file /tmp/rapper_pid_1 Feb 01, 13:42:36: papi_init papifd:6 ack:15 IKE_EXAMPLE: Starting up IKE server Feb 01, 13:42:36: IKE_init: ethmacstr = 90:4C:81:C0:F6:0C Initialized Timers IKE_init: completed after (0.0)(pid:10157) time:2022-02-01 13:42:36 seconds. Feb 01, 13:42:36: RAP using default certificates Feb 01, 13:42:36: IAP using default CA certificates Feb 01, 13:42:36: Before getting Certs Feb 01, 13:42:36: TPM enabled Feb 01, 13:42:36: get_usb_type: Unable to open /tmp/usb_type Feb 01, 13:42:36: get_usb_csr: Unable to open /tmp/usb_csr Feb 01, 13:42:36: CA_MGMT_EXAMPLE_computeHostKeys init cert-len 0 Feb 01, 13:42:36: Factory Device Cert is /tmp/deviceCerts/certifiedKeyCert.der Feb 01, 13:42:36: Reading DER Device Cert file /tmp/deviceCerts/certifiedKeyCert.der Feb 01, 13:42:36: DER Device Cert file len:1713 Feb 01, 13:42:36: Intermediate Cert index:0 is /tmp/deviceCerts/certifiedKeyCaCert.der Feb 01, 13:42:36: Reading DER Intermediate Cert file Feb 01, 13:42:36: DER Intermediate Cert file len:1118 Feb 01, 13:42:36: Intermediate Cert index:1 is /tmp/deviceCerts/caChainCert1.der Feb 01, 13:42:36: Reading DER Intermediate Cert file Feb 01, 13:42:36: DER Intermediate Cert file len:1333 Feb 01, 13:42:36: Decode PEM Key length :0 Feb 01, 13:42:36: testHostKeys : status 0 Feb 01, 13:42:36: testHostKeys : free temp Certificate status 0 Feb 01, 13:42:36: CA_MGMT_EXAMPLE_computeHostKeys after testHostKeys cert-len 1713 Feb 01, 13:42:36: CA Cert index:0 is /tmp/deviceCerts/OpensslOldCA_RootCert.der Feb 01, 13:42:36: Reading CA Cert file Feb 01, 13:42:36: i=0 DER CA Cert file len:1416 Feb 01, 13:42:36: CA Cert index:1 is /tmp/deviceCerts/MSCAV1_RootCert.der Feb 01, 13:42:36: Reading CA Cert file Feb 01, 13:42:36: i=1 DER CA Cert file len:1009 Feb 01, 13:42:36: CA Cert index:2 is /tmp/deviceCerts/Aruba_EST_CA_RootCert.der Feb 01, 13:42:36: Reading CA Cert file Feb 01, 13:42:36: i=2 DER CA Cert file len:992 Feb 01, 13:42:36: Got 3 Trusted Certs Feb 01, 13:42:36: CSS CA Cert is /tmp/deviceCerts/CSS_CA_RootCert.der Feb 01, 13:42:36: Reading DER CA Cert file Feb 01, 13:42:36: Error in reading DER CA Cert:/tmp/deviceCerts/CSS_CA_RootCert.der, Ignore It Feb 01, 13:42:36: CA Cert status : 0 Before IKE_initServer Feb 01, 13:42:36: IKE_initServer: Cert length 1713 IKE_initServer: Host Certificate is set (RSA-SIG) {CN=CNG2K511VX::90:4c:81:c0:f6:0c} Feb 01, 13:42:36: get_ip_from_dev: interface name = br0 Feb 01, 13:42:36: get_ip_from_dev: interface name = br0 Feb 01, 13:42:36: IKE_EXAMPLE_addServer port:0 natt:0 Feb 01, 13:42:36: get_ip_from_dev: interface name = br0 Feb 01, 13:42:36: IKE_EXAMPLE_addServer:2330 dev_name br0 saddr 192.168.0.3 Feb 01, 13:42:36: IKE_EXAMPLE_addUdpSkt STARTS Feb 01, 13:42:36: IKE_EXAMPLE_addUdpSkt:2035 family is v4 hostAddr= 192.168.0.3 wHostPort = 65361 Feb 01, 13:42:36: get_ip_from_dev: interface name = br0 Feb 01, 13:42:36: srcdev_name = br0 ip 192.168.0.3 Feb 01, 13:42:36: IKE_EXAMPLE_addUdpSkt: Using SocketIndex:0 IKE_EXAMPLE: Socket created on 192.168.0.3[65361] Feb 01, 13:42:36: IKE_EXAMPLE_addServer:2388 socket descriptor is 0 port number 65361 for server instance 0 at 0th index addr 192.168.0.3 Feb 01, 13:42:36: IKE_EXAMPLE_addUdpSkt STARTS Feb 01, 13:42:36: IKE_EXAMPLE_addUdpSkt:2035 family is v4 hostAddr= 192.168.0.3 wHostPort = 65362 Feb 01, 13:42:36: get_ip_from_dev: interface name = br0 Feb 01, 13:42:36: srcdev_name = br0 ip 192.168.0.3 Feb 01, 13:42:36: IKE_EXAMPLE_addUdpSkt: Using SocketIndex:1 IKE_EXAMPLE: Socket created on 192.168.0.3[65362] Feb 01, 13:42:36: IKE_EXAMPLE_addServer:2437 socket descriptor is 1 port number 65362 for server instance 0 at 1st index addr 192.168.0.3 Feb 01, 13:42:36: IKE_EXAMPLE_addDefaultServers status:0 Feb 01, 13:42:36: setup_tunnel:5102: Setenv TUNDEV setup_tunnel successful Feb 01, 13:42:36: tunnel address = 10.20.202.10 Feb 01, 13:42:36: hostAddr = 192.168.0.3 (0.0)(pid:10157) time:2022-02-01 13:42:36 SA_INIT dest=10.20.202.10 Feb 01, 13:42:36: IKE_evtRecv: Initialize IKE SA Feb 01, 13:42:36: IKE_CUSTOM_getVersion(peerAddr:10.20.202.10): ikeVersion:2 Feb 01, 13:42:36: IKE2_evtInit:1168: peerAddr=10.20.202.10 peerAddr->family=2 Feb 01, 13:42:36: IKE_allocSa my_rapper_index 0 serverInstance 1 for 192.168.0.3 Timer ID: 1 Initialized Feb 01, 13:42:36: IKE_SA_INIT Feb 01, 13:42:36: IKE2_newSa(822): NEW SA, DhGrp 2 (0) Feb 01, 13:42:36: IKE2_newSa(peerAddr:169134602): IKE_SA-lifetime:28000 Feb 01, 13:42:36: IKE2_getStateInfo start oExchange = 34 dir = 0 Feb 01, 13:42:36: IKE2_xchgOut:(226): IPV4 IMPLEMENTATION ctx->dwBufferSize=0 ctx->bUseNattPort=0 I --> Feb 01, 13:42:36: I --> Feb 01, 13:42:36: construct outgoing message Feb 01, 13:42:36: initI_out : IPV4 IMPLEMENTATION Feb 01, 13:42:36: OutSa(v2-peerAddr::: pxSa->dwPeerAddr:10.20.202.10): Entered Feb 01, 13:42:36: OutSa: ike sa ENCR_AES 128-BITS ENCR_AES 256-BITS PRF_HMAC_SHA1 AUTH_HMAC_SHA1_96 DH_2 NAT_D (us): f7 08 22 27 55 73 26 48 24 2e 49 5c 89 d4 23 54 c6 94 57 73 NAT_D (peer): 24 cd c1 8b 92 e2 25 49 59 50 6c 7d f2 78 ad 48 0a b4 20 7e Feb 01, 13:42:36: RAPPER_ERROR_FILE exists Feb 01, 13:42:36: AP err cookie retval 9 cookie:5e18d9ebcecedddb err 2d Feb 01, 13:42:36: RAPPER_ERROR_FILE exists Feb 01, 13:42:36: AP err cookie retval 9 cookie:5e18d9ebcecedddb err 2d Feb 01, 13:42:36: RAPPER_ERROR_FILE exists Feb 01, 13:42:36: AP err cookie retval 9 cookie:5e18d9ebcecedddb err 2d Feb 01, 13:42:36: RAPPER_ERROR_FILE exists Feb 01, 13:42:36: AP err cookie retval 9 cookie:5e18d9ebcecedddb err 2d Feb 01, 13:42:36: RAPPER_ERROR_FILE exists Feb 01, 13:42:36: AP err cookie retval 9 cookie:5e18d9ebcecedddb err 2d Feb 01, 13:42:36: transmit message spi={77f4e03594810bda 0000000000000000} np=SA exchange=IKE_SA_INIT msgid=0 len=388 #SEND 392 bytes to 10.20.202.10[4500] (0.0)(pid:10157) time:2022-02-01 13:42:36 Feb 01, 13:42:36: IKE_SAMPLE_ikeXchgSend:2735:V4 IMPLEMENATION dwPeerAddr=10.20.202.10 bUseNattPort=1 Feb 01, 13:42:36: Sending from SrcPort 65362 ---> DstPort 4500 myAddr = 192.168.0.3 Feb 01, 13:42:36: IKE_SAMPLE_ikeXchgSend Successfully setsockopt UDP_ENCAP port 65362 Feb 01, 13:42:36: send message: dwPeerAddr=10.20.202.10, wPeerPort=4500, pBuffer=, dwBufferSize=392 Feb 01, 13:42:36: UDP_sendTo successful IKE_EXAMPLE: UDP_sendTo() successful, status = 0 sendto() returns 2 Remote IP address = 10.20.202.10 IKE_EXAMPLE: IKE_keyConnect() started, id = 0xFeb 01, 13:42:36: IKE_EXAMPLE: IKE_keyConnect() started, id = 0x on device br0 c5fa273a... Feb 01, 13:42:36: papi:15200 Feb 01, 13:42:36: IKE_EXAMPLE_msgRecv:2160:V4 IMPLEMENATION peerAddr = 10.20.202.10 Feb 01, 13:42:36: IKE2_msgRecv:(1650): IPV4 IMPLEMENTATION bUseNattPort=1 Feb 01, 13:42:36: IKE2_msgRecv:1664 original ike_context created #RECV 60 bytes from 10.20.202.10[4500] at 192.168.0.3 (0.0)(pid:10157) time:2022-02-01 13:42:36 Feb 01, 13:42:36: IKE2_msgRecv:1744: Feb 01, 13:42:36: IKE2_xchgIn:(798): IPV4 IMPLEMENTATION ctx->dwBufferSize=60 ctx->bUseNattPort=1 spi={77f4e03594810bda 0000000000000000} np=N exchange=IKE_SA_INIT msgid=0 len=56 I <-- Feb 01, 13:42:36: InNotify:(8316): IPV4 IMPLEMENTATION ctx->dwBufferSize=28 ctx->bUseNattPort=1 Notify: COOKIE Feb 01, 13:42:36: IKE2_xchgIn:1378 bResponse=1 status=0 Feb 01, 13:42:36: IKE2_msgRecv:1834 create new context, status_in=0 Feb 01, 13:42:36: |ocsp| IKE2_msgRecv_resume:2077 Feb 01, 13:42:36: IKE2_xchgOut:(226): IPV4 IMPLEMENTATION ctx->dwBufferSize=60 ctx->bUseNattPort=1 Feb 01, 13:42:36: transmit message spi={77f4e03594810bda 0000000000000000} np=N exchange=IKE_SA_INIT msgid=0 len=416 #SEND 420 bytes to 10.20.202.10[4500] (0.0)(pid:10157) time:2022-02-01 13:42:36 Feb 01, 13:42:36: IKE_SAMPLE_ikeXchgSend:2735:V4 IMPLEMENATION dwPeerAddr=10.20.202.10 bUseNattPort=1 Feb 01, 13:42:36: Sending from SrcPort 65362 ---> DstPort 4500 myAddr = 192.168.0.3 Feb 01, 13:42:36: send message: dwPeerAddr=10.20.202.10, wPeerPort=4500, pBuffer=, dwBufferSize=420 Feb 01, 13:42:36: UDP_sendTo successful IKE_EXAMPLE: UDP_sendTo() successful, status = 0 sendto() returns 0 Remote IP address = 10.20.202.10 Feb 01, 13:42:36: cleanup_and_free_context: delete ctx memory Feb 01, 13:42:36: |ocsp| cleanup_context_data:2257 Feb 01, 13:42:36: IKE2_msgRecv:1850 status=0 OK=0 Feb 01, 13:42:36: IKE_EXAMPLE_msgRecv:2160:V4 IMPLEMENATION peerAddr = 10.20.202.10 Feb 01, 13:42:36: IKE2_msgRecv:(1650): IPV4 IMPLEMENTATION bUseNattPort=1 Feb 01, 13:42:36: IKE2_msgRecv:1664 original ike_context created #RECV 525 bytes from 10.20.202.10[4500] at 192.168.0.3 (0.0)(pid:10157) time:2022-02-01 13:42:36 Feb 01, 13:42:36: IKE2_msgRecv:1744: Feb 01, 13:42:36: IKE2_xchgIn:(798): IPV4 IMPLEMENTATION ctx->dwBufferSize=525 ctx->bUseNattPort=1 spi={77f4e03594810bda 14206d32569169ba} np=SA exchange=IKE_SA_INIT msgid=0 len=521 I <-- Proposal #1: IKE[4] ENCR_AES 256-BITS PRF_HMAC_SHA1 AUTH_HMAC_SHA1_96 DH_2 Feb 01, 13:42:36: InNotify:(8316): IPV4 IMPLEMENTATION ctx->dwBufferSize=281 ctx->bUseNattPort=1 Notify: NAT_DETECTION_SOURCE_IP Feb 01, 13:42:36: InNotify:(8316): IPV4 IMPLEMENTATION ctx->dwBufferSize=253 ctx->bUseNattPort=1 Notify: NAT_DETECTION_DESTINATION_IP NAT_D (us/NAT): e5 fb 2a ac fe f5 6e 0a 9e de 15 e5 3f d7 e7 eb 4e 98 a8 12 Feb 01, 13:42:36: InCr:7799 SA rapper index 0 my_rapper_index 0 VID: 40 48 b7 d5 6e bc e8 85 25 e7 de 7f 00 d6 c2 d3 Feb 01, 13:42:36: Fragmentation is enabled Feb 01, 13:42:36: IKE2_getStateInfo start oExchange = 35 dir = 0 Feb 01, 13:42:36: IKE2_xchgIn:1378 bResponse=1 status=0 Feb 01, 13:42:36: IKE2_msgRecv:1834 create new context, status_in=0 Feb 01, 13:42:36: |ocsp| IKE2_msgRecv_resume:2077 Feb 01, 13:42:36: IKE2_xchgOut:(226): IPV4 IMPLEMENTATION ctx->dwBufferSize=525 ctx->bUseNattPort=1 I --> Feb 01, 13:42:36: I --> Feb 01, 13:42:36: construct outgoing message Notify: INITIAL_CONTACT Feb 01, 13:42:36: OutCert: adding leaf Cert of Len:1713 Feb 01, 13:42:36: RAPPER priority old: -19, set to -20 (0.0)(pid:10157) time:2022-02-01 13:42:36 Feb 01, 13:42:36: OutAuth oSigAlgo 0, Len 15, 30 14 msg 00 00 00 00 77 f4 e0 35 94 81 0b da 00 00 00 00 00 00 00 00 29 20 22 08 00 00 00 00 00 00 01 a0 21 00 00 1c 01 00 40 06 00 00 00 a5 85 81 a1 8e 89 d1 1a e7 28 51 55 35 85 28 80 57 22 00 00 3c 00 00 00 38 01 01 00 05 03 00 00 0c 01 00 00 0c 80 0e 00 80 03 00 00 0c 01 00 00 0c 80 0e 01 00 03 00 00 08 02 00 00 02 03 00 00 08 03 00 00 02 00 00 00 08 04 00 00 02 28 00 00 88 00 02 00 00 a1 29 58 16 4f 8f b8 09 c8 62 6c b9 68 c5 b2 c3 6c 12 57 0d 3b f1 10 0c 2e 76 22 f3 5d 5a 7d 6e 93 7c 16 a5 bd 79 7b 34 4b 89 c9 23 99 98 a7 5c 08 d4 ab 9c 71 80 e5 ed 9e 5e 5c 86 a5 b7 1f 9f 28 e4 a7 cb 14 14 5b 76 c4 18 12 48 4f 36 de 26 a8 c2 aa 6e 8d b3 a5 b7 9a a9 9d a5 2a 18 45 ff 6b 9f 29 cf 0e d7 3b 13 78 b0 25 75 10 a8 33 a7 54 e5 c6 09 56 c8 fe a8 b7 dd 6a bc a3 93 ae 33 29 00 00 14 fb d4 94 da c6 60 88 b4 f3 97 6d b0 ae af be b1 29 00 00 1c 00 00 40 04 f7 08 22 27 55 73 26 48 24 2e 49 5c 89 d4 23 54 c6 94 57 73 2b 00 00 1c 00 00 40 05 24 cd c1 8b 92 e2 25 49 59 50 6c 7d f2 78 ad 48 0a b4 20 7e 2b 00 00 14 40 48 b7 d5 6e bc e8 85 25 e7 de 7f 00 d6 c2 d3 2b 00 00 18 91 27 e6 75 f9 9a 10 88 16 b3 38 d1 8a 29 8a 42 c0 dd 94 18 2b 00 00 18 17 25 f0 89 27 42 ea 52 3b 79 ec 84 8c 97 20 1a 30 94 d6 c5 00 00 00 14 40 48 b7 d5 6e bc e8 85 25 e7 de 7f 00 d6 c2 d3 non 16 f3 53 49 0b 2e 86 59 01 6c 38 f8 ab b8 fb de 6e d6 5d 1e 15 db c6 a8 lst 6c 89 cb 5b 97 f4 1d a0 56 de ab ef 63 98 1b c1 0a a1 b5 e5 HASH_i 96 30 db 48 42 10 7b 79 c0 77 3a f0 7e 58 7f 35 23 cf b0 f8 (2.0)(pid:10157) time:2022-02-01 13:42:38 Feb 01, 13:42:38: OutAuth TPM sign api passed (2.0)(pid:10157) time:2022-02-01 13:42:38 Feb 01, 13:42:38: IKE_SAMPLE_ikeInitCfg(peerAddr=10.20.202.10): No CP-CFG IPV4 IMPLEMENTATION CFG_REQUEST IP4_ADDRESS IP4_NETMASK find index: 00000000Feb 01, 13:42:38: OutSa(v2-peerAddr:10.20.202.10 pxSa->dwPeerAddr:10.20.202.10): Entered Feb 01, 13:42:38: OutSa: child sa Feb 01, 13:42:38: OutTfm2(v2-peerAddr:169134602): oTfmId:0 wAuthAlgo:0 wEncrKeyLen:0 wAuthKeyLen:0 bNoEnumEncr:0 bNoEnumAuth:0 ENCR_AES 128-BITS ENCR_AES 256-BITS ENCR_3DES AUTH_HMAC_SHA1_96 ESN_0 Feb 01, 13:42:38: OutTs:1934: Feb 01, 13:42:38: OutTs:1979: ctx->dwBufferSize=12479 wBodyLen=8 TSi: 0.0.0.0~255.255.255.255 Feb 01, 13:42:38: OutTs:1934: Feb 01, 13:42:38: OutTs:1979: ctx->dwBufferSize=12455 wBodyLen=8 TSr: 0.0.0.0~255.255.255.255 Feb 01, 13:42:38: transmit message spi={77f4e03594810bda 14206d32569169ba} np=E{IDi} exchange=IKE_AUTH msgid=1 len=2268 #SEND 2272 bytes to 10.20.202.10[4500] (2.0)(pid:10157) time:2022-02-01 13:42:38 Feb 01, 13:42:38: IKE2_xchgOut:513 Feb 01, 13:42:38: ikeTotalDatasize 2244, maxFragDataSize = 476, num 5, last 340 Feb 01, 13:42:38: IKE2_fragCreate:(237): IPV4 IMPLEMENTATION ctx->dwBufferSize=12412 ctx->bUseNattPort=1 Feb 01, 13:42:38: Created fragment, size = 476 Feb 01, 13:42:38: Sending no:1 fragment out of 5 fragments, size = 0 Feb 01, 13:42:38: IKE_SAMPLE_ikeXchgSend:2735:V4 IMPLEMENATION dwPeerAddr=10.20.202.10 bUseNattPort=1 Feb 01, 13:42:38: Sending from SrcPort 65362 ---> DstPort 4500 myAddr = 192.168.0.3 Feb 01, 13:42:38: send message: dwPeerAddr=10.20.202.10, wPeerPort=4500, pBuffer=, dwBufferSize=516 Feb 01, 13:42:38: UDP_sendTo successful IKE_EXAMPLE: UDP_sendTo() successful, status = 0 sendto() returns 0 Remote IP address = 10.20.202.10 Feb 01, 13:42:38: Sending fragment, size = 516 Feb 01, 13:42:38: IKE2_fragCreate:(237): IPV4 IMPLEMENTATION ctx->dwBufferSize=12412 ctx->bUseNattPort=1 Feb 01, 13:42:38: Created fragment, size = 476 Feb 01, 13:42:38: Sending no:2 fragment out of 5 fragments, size = 0 Feb 01, 13:42:38: IKE_SAMPLE_ikeXchgSend:2735:V4 IMPLEMENATION dwPeerAddr=10.20.202.10 bUseNattPort=1 Feb 01, 13:42:38: Sending from SrcPort 65362 ---> DstPort 4500 myAddr = 192.168.0.3 Feb 01, 13:42:38: send message: dwPeerAddr=10.20.202.10, wPeerPort=4500, pBuffer=, dwBufferSize=516 Feb 01, 13:42:38: UDP_sendTo successful IKE_EXAMPLE: UDP_sendTo() successful, status = 0 sendto() returns 0 Remote IP address = 10.20.202.10 Feb 01, 13:42:38: Sending fragment, size = 516 Feb 01, 13:42:38: IKE2_fragCreate:(237): IPV4 IMPLEMENTATION ctx->dwBufferSize=12412 ctx->bUseNattPort=1 Feb 01, 13:42:38: Created fragment, size = 476 Feb 01, 13:42:38: Sending no:3 fragment out of 5 fragments, size = 0 Feb 01, 13:42:38: IKE_SAMPLE_ikeXchgSend:2735:V4 IMPLEMENATION dwPeerAddr=10.20.202.10 bUseNattPort=1 Feb 01, 13:42:38: Sending from SrcPort 65362 ---> DstPort 4500 myAddr = 192.168.0.3 Feb 01, 13:42:38: send message: dwPeerAddr=10.20.202.10, wPeerPort=4500, pBuffer=, dwBufferSize=516 Feb 01, 13:42:38: UDP_sendTo successful IKE_EXAMPLE: UDP_sendTo() successful, status = 0 sendto() returns 0 Remote IP address = 10.20.202.10 Feb 01, 13:42:38: Sending fragment, size = 516 Feb 01, 13:42:38: IKE2_fragCreate:(237): IPV4 IMPLEMENTATION ctx->dwBufferSize=12412 ctx->bUseNattPort=1 Feb 01, 13:42:38: Created fragment, size = 476 Feb 01, 13:42:38: Sending no:4 fragment out of 5 fragments, size = 0 Feb 01, 13:42:38: IKE_SAMPLE_ikeXchgSend:2735:V4 IMPLEMENATION dwPeerAddr=10.20.202.10 bUseNattPort=1 Feb 01, 13:42:38: Sending from SrcPort 65362 ---> DstPort 4500 myAddr = 192.168.0.3 Feb 01, 13:42:38: send message: dwPeerAddr=10.20.202.10, wPeerPort=4500, pBuffer=, dwBufferSize=516 Feb 01, 13:42:38: UDP_sendTo successful IKE_EXAMPLE: UDP_sendTo() successful, status = 0 sendto() returns 0 Remote IP address = 10.20.202.10 Feb 01, 13:42:38: Sending fragment, size = 516 Feb 01, 13:42:38: IKE2_fragCreate:(237): IPV4 IMPLEMENTATION ctx->dwBufferSize=12412 ctx->bUseNattPort=1 Feb 01, 13:42:38: Created fragment, size = 336 Feb 01, 13:42:38: Sending last fragment, size = 376 Feb 01, 13:42:38: IKE_SAMPLE_ikeXchgSend:2735:V4 IMPLEMENATION dwPeerAddr=10.20.202.10 bUseNattPort=1 Feb 01, 13:42:38: Sending from SrcPort 65362 ---> DstPort 4500 myAddr = 192.168.0.3 Feb 01, 13:42:38: send message: dwPeerAddr=10.20.202.10, wPeerPort=4500, pBuffer=, dwBufferSize=376 Feb 01, 13:42:38: UDP_sendTo successful IKE_EXAMPLE: UDP_sendTo() successful, status = 0 sendto() returns 0 Remote IP address = 10.20.202.10 Feb 01, 13:42:38: cleanup_and_free_context: delete ctx memory Feb 01, 13:42:38: |ocsp| cleanup_context_data:2257 Feb 01, 13:42:38: IKE2_msgRecv:1850 status=0 OK=0 Feb 01, 13:42:38: IKE_EXAMPLE_msgRecv:2160:V4 IMPLEMENATION peerAddr = 10.20.202.10 Feb 01, 13:42:38: IKE2_msgRecv:(1650): IPV4 IMPLEMENTATION bUseNattPort=1 Feb 01, 13:42:38: IKE2_msgRecv:1664 original ike_context created #RECV 80 bytes from 10.20.202.10[4500] at 192.168.0.3 (2.0)(pid:10157) time:2022-02-01 13:42:38 Feb 01, 13:42:38: IKE2_msgRecv:1744: Feb 01, 13:42:38: IKE2_xchgIn:(798): IPV4 IMPLEMENTATION ctx->dwBufferSize=80 ctx->bUseNattPort=1 spi={77f4e03594810bda 14206d32569169ba} np=E{N} exchange=IKE_AUTH msgid=1 len=76 I <-- Feb 01, 13:42:38: InNotify:(8316): IPV4 IMPLEMENTATION ctx->dwBufferSize=12 ctx->bUseNattPort=1 Notify: AUTHENTICATION_FAILED (ESP spi=c6dd0200) Feb 01, 13:42:38: InNotify AP authentication failed ike2_state.c (8406): errorCode = ERR_IKE_NOTIFY_PAYLOAD Feb 01, 13:42:38: IKE_SAMPLE_ikeStatHdlr(CHILD_SA): dwPeerAddr:10.20.202.10 index:0 mPeerType:0 Feb 01, 13:42:38: IKE SA failed reason = ERR_IKE_XAUTH_FAILED, errorcode = -8952 ikeVer 2 Feb 01, 13:42:38: send_sapd_error: InnerIP:0.0.0.0 error:45 debug_error:0 Feb 01, 13:42:38: send_sapd_error: error:45 debug_error:0 Feb 01, 13:42:38: rapper_log_error: buf = 77 f4 e0 35 94 81 0b da 2d Feb 01, 13:42:38: |ocsp| IKE2_delSa: 1116 Feb 01, 13:42:38: IKE_SAMPLE_ikeStatHdlr: picking index 0 Feb 01, 13:42:38: IKE_SAMPLE_ikeStatHdlr: V4 IMPLEMENTATION Feb 01, 13:42:38: IKE_SAMPLE_ikeStatHdlr(SA): dwPeerAddr:10.20.202.10 index:0 mPeerType:0 Feb 01, 13:42:38: IKE_SA [v2 I] (id=0xc5fa273a) flags 0x41000015 failed reason = ERR_IKE_XAUTH_FAILED, errorcode = -8952 Feb 01, 13:42:38: IKE_SAMPLE_ikeStatHdlr(IST_FAIL): g_ikeversion:2 Feb 01, 13:42:38: |ocsp| IKE2_delSa: 1198 Feb 01, 13:42:38: |ocsp| ap_remove_certmgr_packet: start Timer ID: 1 Deleted Feb 01, 13:42:38: IKE2_xchgIn:1378 bResponse=1 status=-8947 Feb 01, 13:42:38: IKE2_msgRecv:2008 exit: Feb 01, 13:42:38: |ocsp| cleanup_context_data:2257 rapperSendStatusCB Feb 01, 13:43:05: rapper got Signal 15 Feb 01, 13:43:05: need rapper EXIT immediately, since sometimes dispatcher loop hasn't start Feb 01, 13:43:06: get_ike_version: Use IKE Version 2 Feb 01, 13:43:06: rapper_write_pid_to_file: wrote rapper pid 10422 to file /tmp/rapper_pid_1 Feb 01, 13:43:06: papi_init papifd:6 ack:15 IKE_EXAMPLE: Starting up IKE server Feb 01, 13:43:06: IKE_init: ethmacstr = 90:4C:81:C0:F6:0C Initialized Timers IKE_init: completed after (0.0)(pid:10422) time:2022-02-01 13:43:06 seconds. Feb 01, 13:43:06: RAP using default certificates Feb 01, 13:43:06: IAP using default CA certificates Feb 01, 13:43:06: Before getting Certs Feb 01, 13:43:06: TPM enabled Feb 01, 13:43:06: get_usb_type: Unable to open /tmp/usb_type Feb 01, 13:43:06: get_usb_csr: Unable to open /tmp/usb_csr Feb 01, 13:43:06: CA_MGMT_EXAMPLE_computeHostKeys init cert-len 0 Feb 01, 13:43:06: Factory Device Cert is /tmp/deviceCerts/certifiedKeyCert.der Feb 01, 13:43:06: Reading DER Device Cert file /tmp/deviceCerts/certifiedKeyCert.der Feb 01, 13:43:06: DER Device Cert file len:1713 Feb 01, 13:43:06: Intermediate Cert index:0 is /tmp/deviceCerts/certifiedKeyCaCert.der Feb 01, 13:43:06: Reading DER Intermediate Cert file Feb 01, 13:43:06: DER Intermediate Cert file len:1118 Feb 01, 13:43:06: Intermediate Cert index:1 is /tmp/deviceCerts/caChainCert1.der Feb 01, 13:43:06: Reading DER Intermediate Cert file Feb 01, 13:43:06: DER Intermediate Cert file len:1333 Feb 01, 13:43:06: Decode PEM Key length :0 Feb 01, 13:43:06: testHostKeys : status 0 Feb 01, 13:43:06: testHostKeys : free temp Certificate status 0 Feb 01, 13:43:06: CA_MGMT_EXAMPLE_computeHostKeys after testHostKeys cert-len 1713 Feb 01, 13:43:06: CA Cert index:0 is /tmp/deviceCerts/OpensslOldCA_RootCert.der Feb 01, 13:43:06: Reading CA Cert file Feb 01, 13:43:06: i=0 DER CA Cert file len:1416 Feb 01, 13:43:06: CA Cert index:1 is /tmp/deviceCerts/MSCAV1_RootCert.der Feb 01, 13:43:06: Reading CA Cert file Feb 01, 13:43:06: i=1 DER CA Cert file len:1009 Feb 01, 13:43:06: CA Cert index:2 is /tmp/deviceCerts/Aruba_EST_CA_RootCert.der Feb 01, 13:43:06: Reading CA Cert file Feb 01, 13:43:06: i=2 DER CA Cert file len:992 Feb 01, 13:43:06: Got 3 Trusted Certs Feb 01, 13:43:06: CSS CA Cert is /tmp/deviceCerts/CSS_CA_RootCert.der Feb 01, 13:43:06: Reading DER CA Cert file Feb 01, 13:43:06: Error in reading DER CA Cert:/tmp/deviceCerts/CSS_CA_RootCert.der, Ignore It Feb 01, 13:43:06: CA Cert status : 0 Before IKE_initServer Feb 01, 13:43:06: IKE_initServer: Cert length 1713 IKE_initServer: Host Certificate is set (RSA-SIG) {CN=CNG2K511VX::90:4c:81:c0:f6:0c} Feb 01, 13:43:06: get_ip_from_dev: interface name = br0 Feb 01, 13:43:06: get_ip_from_dev: interface name = br0 Feb 01, 13:43:06: IKE_EXAMPLE_addServer port:0 natt:0 Feb 01, 13:43:06: get_ip_from_dev: interface name = br0 Feb 01, 13:43:06: IKE_EXAMPLE_addServer:2330 dev_name br0 saddr 192.168.0.3 Feb 01, 13:43:06: IKE_EXAMPLE_addUdpSkt STARTS Feb 01, 13:43:06: IKE_EXAMPLE_addUdpSkt:2035 family is v4 hostAddr= 192.168.0.3 wHostPort = 65363 Feb 01, 13:43:06: get_ip_from_dev: interface name = br0 Feb 01, 13:43:06: srcdev_name = br0 ip 192.168.0.3 Feb 01, 13:43:06: IKE_EXAMPLE_addUdpSkt: Using SocketIndex:0 IKE_EXAMPLE: Socket created on 192.168.0.3[65363] Feb 01, 13:43:06: IKE_EXAMPLE_addServer:2388 socket descriptor is 0 port number 65363 for server instance 0 at 0th index addr 192.168.0.3 Feb 01, 13:43:06: IKE_EXAMPLE_addUdpSkt STARTS Feb 01, 13:43:06: IKE_EXAMPLE_addUdpSkt:2035 family is v4 hostAddr= 192.168.0.3 wHostPort = 65364 Feb 01, 13:43:06: get_ip_from_dev: interface name = br0 Feb 01, 13:43:06: srcdev_name = br0 ip 192.168.0.3 Feb 01, 13:43:06: IKE_EXAMPLE_addUdpSkt: Using SocketIndex:1 IKE_EXAMPLE: Socket created on 192.168.0.3[65364] Feb 01, 13:43:06: IKE_EXAMPLE_addServer:2437 socket descriptor is 1 port number 65364 for server instance 0 at 1st index addr 192.168.0.3 Feb 01, 13:43:06: IKE_EXAMPLE_addDefaultServers status:0 Feb 01, 13:43:06: setup_tunnel:5102: Setenv TUNDEV setup_tunnel successful Feb 01, 13:43:06: tunnel address = 10.20.202.10 Feb 01, 13:43:06: hostAddr = 192.168.0.3 (0.0)(pid:10422) time:2022-02-01 13:43:06 SA_INIT dest=10.20.202.10 Feb 01, 13:43:06: IKE_evtRecv: Initialize IKE SA Feb 01, 13:43:06: IKE_CUSTOM_getVersion(peerAddr:10.20.202.10): ikeVersion:2 Feb 01, 13:43:06: IKE2_evtInit:1168: peerAddr=10.20.202.10 peerAddr->family=2 Feb 01, 13:43:06: IKE_allocSa my_rapper_index 0 serverInstance 1 for 192.168.0.3 Timer ID: 1 Initialized Feb 01, 13:43:06: IKE_SA_INIT Feb 01, 13:43:06: IKE2_newSa(822): NEW SA, DhGrp 2 (0) Feb 01, 13:43:06: IKE2_newSa(peerAddr:169134602): IKE_SA-lifetime:28000 Feb 01, 13:43:06: IKE2_getStateInfo start oExchange = 34 dir = 0 Feb 01, 13:43:06: IKE2_xchgOut:(226): IPV4 IMPLEMENTATION ctx->dwBufferSize=0 ctx->bUseNattPort=0 I --> Feb 01, 13:43:06: I --> Feb 01, 13:43:06: construct outgoing message Feb 01, 13:43:06: initI_out : IPV4 IMPLEMENTATION Feb 01, 13:43:06: OutSa(v2-peerAddr::: pxSa->dwPeerAddr:10.20.202.10): Entered Feb 01, 13:43:06: OutSa: ike sa ENCR_AES 128-BITS ENCR_AES 256-BITS PRF_HMAC_SHA1 AUTH_HMAC_SHA1_96 DH_2 NAT_D (us): 80 4a 14 ac 5a d7 dc 0a 09 b5 2f 74 a4 b5 f5 5f 13 0b 3f 38 NAT_D (peer): a2 5a 3e 48 11 de 19 58 b8 7c 6c d7 3a 87 89 73 c9 f0 99 1f Feb 01, 13:43:06: RAPPER_ERROR_FILE exists Feb 01, 13:43:06: AP err cookie retval 9 cookie:77f4e03594810bda err 2d Feb 01, 13:43:06: RAPPER_ERROR_FILE exists Feb 01, 13:43:06: AP err cookie retval 9 cookie:77f4e03594810bda err 2d Feb 01, 13:43:06: RAPPER_ERROR_FILE exists Feb 01, 13:43:06: AP err cookie retval 9 cookie:77f4e03594810bda err 2d Feb 01, 13:43:06: RAPPER_ERROR_FILE exists Feb 01, 13:43:06: AP err cookie retval 9 cookie:77f4e03594810bda err 2d Feb 01, 13:43:06: RAPPER_ERROR_FILE exists Feb 01, 13:43:06: AP err cookie retval 9 cookie:77f4e03594810bda err 2d Feb 01, 13:43:06: transmit message spi={5c034d3dd72c42b2 0000000000000000} np=SA exchange=IKE_SA_INIT msgid=0 len=388 #SEND 392 bytes to 10.20.202.10[4500] (0.0)(pid:10422) time:2022-02-01 13:43:06 Feb 01, 13:43:06: IKE_SAMPLE_ikeXchgSend:2735:V4 IMPLEMENATION dwPeerAddr=10.20.202.10 bUseNattPort=1 Feb 01, 13:43:06: Sending from SrcPort 65364 ---> DstPort 4500 myAddr = 192.168.0.3 Feb 01, 13:43:06: IKE_SAMPLE_ikeXchgSend Successfully setsockopt UDP_ENCAP port 65364 Feb 01, 13:43:06: send message: dwPeerAddr=10.20.202.10, wPeerPort=4500, pBuffer=, dwBufferSize=392 Feb 01, 13:43:06: UDP_sendTo successful IKE_EXAMPLE: UDP_sendTo() successful, status = 0 sendto() returns 2 Remote IP address = 10.20.202.10 IKE_EXAMPLE: IKE_keyConnect() started, id = 0xFeb 01, 13:43:06: IKE_EXAMPLE: IKE_keyConnect() started, id = 0x on device br0 e7aa6940... Feb 01, 13:43:06: papi:15200 Feb 01, 13:43:06: IKE_EXAMPLE_msgRecv:2160:V4 IMPLEMENATION peerAddr = 10.20.202.10 Feb 01, 13:43:06: IKE2_msgRecv:(1650): IPV4 IMPLEMENTATION bUseNattPort=1 Feb 01, 13:43:06: IKE2_msgRecv:1664 original ike_context created #RECV 60 bytes from 10.20.202.10[4500] at 192.168.0.3 (0.0)(pid:10422) time:2022-02-01 13:43:06 Feb 01, 13:43:06: IKE2_msgRecv:1744: Feb 01, 13:43:06: IKE2_xchgIn:(798): IPV4 IMPLEMENTATION ctx->dwBufferSize=60 ctx->bUseNattPort=1 spi={5c034d3dd72c42b2 0000000000000000} np=N exchange=IKE_SA_INIT msgid=0 len=56 I <-- Feb 01, 13:43:06: InNotify:(8316): IPV4 IMPLEMENTATION ctx->dwBufferSize=28 ctx->bUseNattPort=1 Notify: COOKIE Feb 01, 13:43:06: IKE2_xchgIn:1378 bResponse=1 status=0 Feb 01, 13:43:06: IKE2_msgRecv:1834 create new context, status_in=0 Feb 01, 13:43:06: |ocsp| IKE2_msgRecv_resume:2077 Feb 01, 13:43:06: IKE2_xchgOut:(226): IPV4 IMPLEMENTATION ctx->dwBufferSize=60 ctx->bUseNattPort=1 Feb 01, 13:43:06: transmit message spi={5c034d3dd72c42b2 0000000000000000} np=N exchange=IKE_SA_INIT msgid=0 len=416 #SEND 420 bytes to 10.20.202.10[4500] (0.0)(pid:10422) time:2022-02-01 13:43:06 Feb 01, 13:43:06: IKE_SAMPLE_ikeXchgSend:2735:V4 IMPLEMENATION dwPeerAddr=10.20.202.10 bUseNattPort=1 Feb 01, 13:43:06: Sending from SrcPort 65364 ---> DstPort 4500 myAddr = 192.168.0.3 Feb 01, 13:43:06: send message: dwPeerAddr=10.20.202.10, wPeerPort=4500, pBuffer=, dwBufferSize=420 Feb 01, 13:43:06: UDP_sendTo successful IKE_EXAMPLE: UDP_sendTo() successful, status = 0 sendto() returns 0 Remote IP address = 10.20.202.10 Feb 01, 13:43:06: cleanup_and_free_context: delete ctx memory Feb 01, 13:43:06: |ocsp| cleanup_context_data:2257 Feb 01, 13:43:06: IKE2_msgRecv:1850 status=0 OK=0 Feb 01, 13:43:06: IKE_EXAMPLE_msgRecv:2160:V4 IMPLEMENATION peerAddr = 10.20.202.10 Feb 01, 13:43:06: IKE2_msgRecv:(1650): IPV4 IMPLEMENTATION bUseNattPort=1 Feb 01, 13:43:06: IKE2_msgRecv:1664 original ike_context created #RECV 525 bytes from 10.20.202.10[4500] at 192.168.0.3 (0.0)(pid:10422) time:2022-02-01 13:43:06 Feb 01, 13:43:06: IKE2_msgRecv:1744: Feb 01, 13:43:06: IKE2_xchgIn:(798): IPV4 IMPLEMENTATION ctx->dwBufferSize=525 ctx->bUseNattPort=1 spi={5c034d3dd72c42b2 0b05eb1dfdf34b13} np=SA exchange=IKE_SA_INIT msgid=0 len=521 I <-- Proposal #1: IKE[4] ENCR_AES 256-BITS PRF_HMAC_SHA1 AUTH_HMAC_SHA1_96 DH_2 Feb 01, 13:43:06: InNotify:(8316): IPV4 IMPLEMENTATION ctx->dwBufferSize=281 ctx->bUseNattPort=1 Notify: NAT_DETECTION_SOURCE_IP Feb 01, 13:43:06: InNotify:(8316): IPV4 IMPLEMENTATION ctx->dwBufferSize=253 ctx->bUseNattPort=1 Notify: NAT_DETECTION_DESTINATION_IP NAT_D (us/NAT): cb d9 2a b6 76 95 b6 79 86 3e d7 5d 8a ed e9 c0 f4 09 8b be Feb 01, 13:43:06: InCr:7799 SA rapper index 0 my_rapper_index 0 VID: 40 48 b7 d5 6e bc e8 85 25 e7 de 7f 00 d6 c2 d3 Feb 01, 13:43:06: Fragmentation is enabled Feb 01, 13:43:06: IKE2_getStateInfo start oExchange = 35 dir = 0 Feb 01, 13:43:06: IKE2_xchgIn:1378 bResponse=1 status=0 Feb 01, 13:43:06: IKE2_msgRecv:1834 create new context, status_in=0 Feb 01, 13:43:06: |ocsp| IKE2_msgRecv_resume:2077 Feb 01, 13:43:06: IKE2_xchgOut:(226): IPV4 IMPLEMENTATION ctx->dwBufferSize=525 ctx->bUseNattPort=1 I --> Feb 01, 13:43:06: I --> Feb 01, 13:43:06: construct outgoing message Notify: INITIAL_CONTACT Feb 01, 13:43:06: OutCert: adding leaf Cert of Len:1713 Feb 01, 13:43:06: RAPPER priority old: -19, set to -20 (0.0)(pid:10422) time:2022-02-01 13:43:06 Feb 01, 13:43:06: OutAuth oSigAlgo 0, Len 15, 30 14 msg 00 00 00 00 5c 03 4d 3d d7 2c 42 b2 00 00 00 00 00 00 00 00 29 20 22 08 00 00 00 00 00 00 01 a0 21 00 00 1c 01 00 40 06 00 00 00 a5 0b 7b b9 ae a0 34 c2 1f 39 f7 7a 3b 31 d5 99 2e 22 00 00 3c 00 00 00 38 01 01 00 05 03 00 00 0c 01 00 00 0c 80 0e 00 80 03 00 00 0c 01 00 00 0c 80 0e 01 00 03 00 00 08 02 00 00 02 03 00 00 08 03 00 00 02 00 00 00 08 04 00 00 02 28 00 00 88 00 02 00 00 46 fa 87 4b 19 c3 46 c8 69 95 00 41 66 e6 2c 39 4e 18 94 6d c3 e8 17 81 61 9c 3b f4 00 59 cd 74 37 bc 8b 5e 00 89 0f 44 e3 cf 27 27 19 d8 63 a0 d7 fc c8 9f 6f 2d 9d c6 31 19 34 c1 17 44 40 7b dc 03 18 bf 62 31 bb 4c b7 c8 39 ad 97 12 ee dc 3a 4f df 50 f9 54 93 cd 83 2f dc 8c b8 1a a8 2b 09 e6 d2 f5 89 1f 49 a6 96 74 5d 28 67 ed d8 6f 3f 15 2b ff 56 88 6e 38 4f 0c 5f 20 fc 00 f3 1b 29 00 00 14 03 ce 21 27 51 5f 74 3e 25 8a b7 5f 23 9e c7 bd 29 00 00 1c 00 00 40 04 80 4a 14 ac 5a d7 dc 0a 09 b5 2f 74 a4 b5 f5 5f 13 0b 3f 38 2b 00 00 1c 00 00 40 05 a2 5a 3e 48 11 de 19 58 b8 7c 6c d7 3a 87 89 73 c9 f0 99 1f 2b 00 00 14 40 48 b7 d5 6e bc e8 85 25 e7 de 7f 00 d6 c2 d3 2b 00 00 18 91 27 e6 75 f9 9a 10 88 16 b3 38 d1 8a 29 8a 42 c0 dd 94 18 2b 00 00 18 17 25 f0 89 27 42 ea 52 3b 79 ec 84 8c 97 20 1a 30 94 d6 c5 00 00 00 14 40 48 b7 d5 6e bc e8 85 25 e7 de 7f 00 d6 c2 d3 non a3 a6 25 65 f0 50 11 9c 85 ae 27 da 97 44 93 61 04 57 40 64 bf 2b 32 72 lst 8d d3 a6 d1 39 fe 1b d2 e1 20 46 ca 3a 54 ca 88 28 2c 0a 0a HASH_i 80 84 55 a8 98 46 f1 77 07 58 81 0c fe 0b a7 2e ad 05 76 cf end of show log rapper ========================================================