Jul 31 09:55:56 :103063: <8352> |ike| 10.72.0.2:35228-> udp_encap_handle_message ver:2 serverInst:1 pktsize:390 Jul 31 09:55:56 :103063: <8352> |ike| 10.72.0.2:35228-> IKE_EXAMPLE_IKE_msgRecv: ip:10.72.0.2 port:35228 server:1 len:390 numSkts:8 Jul 31 09:55:56 :103063: <8352> |ike| 10.72.0.2:35228-> IKE_EXAMPLE_IKE_msgRecv:1369: IKE2_msgRecv Called Jul 31 09:55:56 :103063: <8352> |ike| 10.72.0.2:35228-> IKE2_msgRecv: dwPeerAddr: a480002 wPeerPort: 899c Jul 31 09:55:56 :103063: <8352> |ike| 10.72.0.2:35228-> Jul 31 09:55:56 :103063: <8352> |ike| 10.72.0.2:35228-> #RECV 390 bytes from 10.72.0.2(35228) at 10.72.0.60 (1347845.649) Jul 31 09:55:56 :103063: <8352> |ike| 10.72.0.2:35228-> spi={0bc043b1bfd60a16 0000000000000000} np=SA Jul 31 09:55:56 :103063: <8352> |ike| 10.72.0.2:35228-> exchange=IKE_SA_INIT msgid=0 len=386 Jul 31 09:55:56 :103063: <8352> |ike| 10.72.0.2:35228-> IKE2_checkCookie notify-cookie ip:10.72.0.2 Jul 31 09:55:56 :103063: <8352> |ike| 10.72.0.2:35228-> IPSEC_findSaByIP addr:10.72.0.2 Jul 31 09:55:56 :103063: <8352> |ike| 10.72.0.2:35228-> IPSEC_findSaByIP pxSa:(nil) status:0 Jul 31 09:55:56 :103063: <8352> |ike| 10.72.0.2:35228-> IPSEC_findSaByIP finished with pxSa:(nil) status:0 Jul 31 09:55:56 :103063: <8352> |ike| 10.72.0.2:35228-> IKE2_checkCookie finished with ipsecSa:(nil) status:0 Jul 31 09:55:56 :103063: <8352> |ike| 10.72.0.2:35228-> delete_cp_route entered with ip:10.72.0.2 Jul 31 09:55:56 :103063: <8352> |ike| 10.72.0.2:35228-> controlplaneRouteModify entered with ip:10.72.0.2/255.255.255.255 Jul 31 09:55:56 :103063: <8352> |ike| 10.72.0.2:35228-> controlplaneRouteModify after socket:44 with ip:10.72.0.2 Jul 31 09:55:56 :103063: <8352> |ike| 10.72.0.2:35228-> controlplaneRouteModify socket:44 request:35084 dev:tsgw rtflags:0 with ip:10.72.0.2 Jul 31 09:55:56 :103060: <8352> |ike| 10.72.0.2:35228-> ipc.c:controlplaneRouteModify:7651 Failed to Delete Route in Kernel: error:No such process Jul 31 09:55:56 :103063: <8352> |ike| 10.72.0.2:35228-> controlplaneRouteModify after ioctl sock:44 with ip:10.72.0.2 Jul 31 09:55:56 :103063: <8352> |ike| 10.72.0.2:35228-> controlplaneRouteModify after close sock:44 with ip:10.72.0.2 Jul 31 09:55:56 :103063: <8352> |ike| 10.72.0.2:35228-> delete_cp_route finished with ip:10.72.0.2 Jul 31 09:55:56 :103063: <8352> |ike| 10.72.0.2:35228-> OutInfo notify-cookie Jul 31 09:55:56 :103063: <8352> |ike| 10.72.0.2:35228-> <-- R Notify: COOKIE#SEND 60 bytes to 10.72.0.2(35228) (1347845.650) Jul 31 09:55:56 :103063: <8352> |ike| 10.72.0.2:35228-> IKE_SAMPLE_ikeXchgSend: server instance 1 Jul 31 09:55:56 :103063: <8352> |ike| 10.72.0.2:35228-> cleanup_and_free_context delete ctx memory Jul 31 09:55:56 :103063: <8352> |ike| 10.72.0.2:35228-> udp_encap_handle_message IKEv2 pkt status:0 Jul 31 09:55:56 :103063: <8352> |ike| 10.72.0.2:35228-> udp_encap_handle_message ver:2 serverInst:1 pktsize:418 Jul 31 09:55:56 :103063: <8352> |ike| 10.72.0.2:35228-> IKE_EXAMPLE_IKE_msgRecv: ip:10.72.0.2 port:35228 server:1 len:418 numSkts:8 Jul 31 09:55:56 :103063: <8352> |ike| 10.72.0.2:35228-> IKE_EXAMPLE_IKE_msgRecv:1369: IKE2_msgRecv Called Jul 31 09:55:56 :103063: <8352> |ike| 10.72.0.2:35228-> IKE2_msgRecv: dwPeerAddr: a480002 wPeerPort: 899c Jul 31 09:55:56 :103063: <8352> |ike| 10.72.0.2:35228-> Jul 31 09:55:56 :103063: <8352> |ike| 10.72.0.2:35228-> #RECV 418 bytes from 10.72.0.2(35228) at 10.72.0.60 (1347845.682) Jul 31 09:55:56 :103063: <8352> |ike| 10.72.0.2:35228-> spi={0bc043b1bfd60a16 0000000000000000} np=N Jul 31 09:55:56 :103063: <8352> |ike| 10.72.0.2:35228-> exchange=IKE_SA_INIT msgid=0 len=414 Jul 31 09:55:56 :103063: <8352> |ike| 10.72.0.2:35228-> IKE_allocSa sa:0xb6597c peer:10.72.0.2:35228 id:42408942 timestart:1347845682 Jul 31 09:55:56 :103063: <8352> |ike| 10.72.0.2:35228-> check_aruba_ap_vid: aruba ap eth0 mac address 204c033fdb2d vidLen = 26 Jul 31 09:55:56 :103063: <8352> |ike| 10.72.0.2:35228-> IKE2_xchgIn:1387 Jul 31 09:55:56 :103063: <8352> |ike| 10.72.0.2:35228-> IKE2_newXchg oExchange:34 bReq:0 dwMsgId:0 Jul 31 09:55:56 :103063: <8352> |ike| 10.72.0.2:35228-> InNotify notify-cookie Jul 31 09:55:56 :103063: <8352> |ike| 10.72.0.2:35228-> InTfm entered isakmp:0x775a3c Jul 31 09:55:56 :103063: <8352> |ike| 10.72.0.2:35228-> IKE_cipherSuite: TfmId:12 policy-enc:12 keylen:32 policy-keylen:32 Jul 31 09:55:56 :103063: <8352> |ike| 10.72.0.2:35228-> --> R Notify: COOKIE (IKE) Proposal #1: IKE(4) ENCR_AES 256-BITS PRF_HMAC_SHA1 Jul 31 09:55:56 :103063: <8352> |ike| 10.72.0.2:35228-> IKE_macSuite: TfmId:2 policy:10004 mac:2 Jul 31 09:55:56 :103063: <8352> |ike| 10.72.0.2:35228-> IKE_checkGroup good dh:2 policy:2 Jul 31 09:55:56 :103063: <8352> |ike| 10.72.0.2:35228-> InTfm Using Policy 10004, setting IKE_SA lifetime to 28800 seconds Jul 31 09:55:56 :103063: <8352> |ike| 10.72.0.2:35228-> InTfm: status=0 merror:0 Jul 31 09:55:56 :103063: <8352> |ike| 10.72.0.2:35228-> InSa: after ACCEPT status:0 bMatch:1 Jul 31 09:55:56 :103063: <8352> |ike| 10.72.0.2:35228-> InSa: after ACCEPT CHILD_SA before BREAK status:0 bMatch:1 Jul 31 09:55:56 :103063: <8352> |ike| 10.72.0.2:35228-> InKe initiator:NO Jul 31 09:55:56 :103063: <8352> |ike| 10.72.0.2:35228-> InKe responder: grp:ike 2 Jul 31 09:55:56 :103063: <8352> |ike| 10.72.0.2:35228-> IKE_checkGroup good dh:2 Jul 31 09:55:56 :103063: <8352> |ike| 10.72.0.2:35228-> DH_allocateServer: postponing further processing until DH H/w completes Jul 31 09:55:56 :103063: <8352> |ike| 10.72.0.2:35228-> AUTH_HMAC_SHA1_96 DH_2 Notify: NAT_DETECTION_SOURCE_IP NAT_D (peer/NAT): 1a 46 d2 40 1d 2b Jul 31 09:55:56 :103063: <8352> |ike| 10.72.0.2:35228-> 6a 42 6e aa ff 23 74 f0 38 88 d6 b0 99 b9 Jul 31 09:55:56 :103063: <8352> |ike| 10.72.0.2:35228-> Notify: NAT_DETECTION_DESTINATION_IP NAT_D (us/NAT): 97 39 cf 76 7f 9c af 6c 51 b5 9b 10 9d 32 Jul 31 09:55:56 :103063: <8352> |ike| 10.72.0.2:35228-> 9b a9 a4 37 03 27 Jul 31 09:55:56 :103063: <8352> |ike| 10.72.0.2:35228-> InVid Jul 31 09:55:56 :103063: <8352> |ike| 10.72.0.2:35228-> VID: 40 48 b7 d5 6e bc e8 85 25 e7 de 7f 00 d6 c2 d3 Jul 31 09:55:56 :103063: <8352> |ike| 10.72.0.2:35228-> Aruba Fragmentation request is received Jul 31 09:55:56 :103063: <8352> |ike| 10.72.0.2:35228-> Enabling Fragmentation for this SA Jul 31 09:55:56 :103063: <8352> |ike| 10.72.0.2:35228-> InVid Jul 31 09:55:56 :103063: <8352> |ike| 10.72.0.2:35228-> VID: ca 3e 2b 85 4b a8 03 00 17 dc 10 23 a4 fd e2 04 1f 9f 74 63 Jul 31 09:55:56 :103063: <8352> |ike| 10.72.0.2:35228-> Aruba RAP detected Jul 31 09:55:56 :103063: <8352> |ike| 10.72.0.2:35228-> InVid Jul 31 09:55:56 :103063: <8352> |ike| 10.72.0.2:35228-> VID: bb 4f ff d1 8f 6e c5 b1 be ee 5e e1 11 38 4d 8f 69 37 28 bb 20 4c 03 3f db 2d Jul 31 09:55:56 :103063: <8352> |ike| 10.72.0.2:35228-> check_aruba_vid: aruba ap eth0 mac address 204c033fdb2d Jul 31 09:55:56 :103063: <8352> |ike| 10.72.0.2:35228-> InVid Jul 31 09:55:56 :103063: <8352> |ike| 10.72.0.2:35228-> VID: 17 25 f0 89 27 42 ea 52 3b 79 ec 84 8c 97 20 1a 30 94 d6 c5 Jul 31 09:55:56 :103063: <8352> |ike| 10.72.0.2:35228-> Detected peer using TPM Jul 31 09:55:56 :103063: <8352> |ike| 10.72.0.2:35228-> IKE2_msgRecv_resume dh1 pending, skipping outstanding send Jul 31 09:55:56 :103063: <8352> |ike| 10.72.0.2:35228-> group_get entered id:2 Jul 31 09:55:56 :103063: <8352> |ike| 10.72.0.2:35228-> group_get ike_group:0x5c9628 Jul 31 09:55:56 :103063: <8352> |ike| 10.72.0.2:35228-> modp_init entered Jul 31 09:55:56 :103063: <8352> |ike| 10.72.0.2:35228-> group_get group:0x9b8bac Jul 31 09:55:56 :103060: <8352> |ike| 10.72.0.2:35228-> xlp_lib.c:xlp_send_dh_request_x_ikev2:311 rsa param allocated successfully Jul 31 09:55:56 :103060: <8352> |ike| 10.72.0.2:35228-> xlp_lib.c:xlp_send_dh_request_x_ikev2:318 rsa result allocated successfully Jul 31 09:55:56 :103060: <8352> |ike| 10.72.0.2:35228-> xlp_lib.c:xlp_send_dh_request_x_ikev2:327 rsa arg allocated successfully Jul 31 09:55:56 :103060: <8352> |ike| 10.72.0.2:35228-> xlp_lib.c:xlp_send_dh_request_x_ikev2:372 plen = 24 Jul 31 09:55:56 :103060: <8352> |ike| 10.72.0.2:35228-> xlp_lib.c:xlp_send_dh_request_x_ikev2:431 nlm_crypto_do_op returned success, success code = 0 Jul 31 09:55:56 :103060: <8352> |ike| 10.72.0.2:35228-> xlp_lib.c:xlp_send_dh_request_x_ikev2:441 DH1 request: peer: 10.72.0.2 dhflags:1 sos_pending:1 Jul 31 09:55:56 :103063: <8352> |ike| 10.72.0.2:35228-> udp_encap_handle_message IKEv2 pkt status:0 Jul 31 09:55:56 :103060: <8352> |ike| xlp_lib.c:xlp_rcv_response:661 Obtained result from SAE response Jul 31 09:55:56 :103060: <8352> |ike| xlp_lib.c:xlp_rcv_response:667 param struct obtained correctly from SAE response Jul 31 09:55:56 :103060: <8352> |ike| xlp_lib.c:xlp_rcv_response:673 rsa arg obtained correctly Jul 31 09:55:56 :103060: <8352> |ike| xlp_lib.c:xlp_rcv_response:691 Peer:10.72.0.2 obtained result frm param struct correctly from SAE response. Jul 31 09:55:56 :103060: <8352> |ike| xlp_lib.c:xlp_rcv_response:730 obtained context struct correctly from dh hw tbl Jul 31 09:55:56 :103060: <8352> |ike| xlp_lib.c:process_xlp_dh1_response_ikev2:482 Obtained DH1 response from SAE Jul 31 09:55:56 :103060: <8352> |ike| xlp_lib.c:process_xlp_dh1_response_ikev2:488 pxSa obtained fine Jul 31 09:55:56 :103060: <8352> |ike| xlp_lib.c:process_xlp_dh1_response_ikev2:496 pDGctx obtained fine Jul 31 09:55:56 :103060: <8352> |ike| xlp_lib.c:process_xlp_dh1_response_ikev2:509 DH1 response: peer 10.72.0.2 sos_pending 0 grouplen 128 Jul 31 09:55:56 :103063: <8352> |ike| modp_free entered Jul 31 09:55:56 :103063: <8352> |ike| group_get entered id:2 Jul 31 09:55:56 :103063: <8352> |ike| group_get ike_group:0x5c9628 Jul 31 09:55:56 :103063: <8352> |ike| modp_init entered Jul 31 09:55:56 :103063: <8352> |ike| group_get group:0x9b8bac Jul 31 09:55:56 :103060: <8352> |ike| xlp_lib.c:xlp_send_dh_request_x_ikev2:311 rsa param allocated successfully Jul 31 09:55:56 :103060: <8352> |ike| xlp_lib.c:xlp_send_dh_request_x_ikev2:318 rsa result allocated successfully Jul 31 09:55:56 :103060: <8352> |ike| xlp_lib.c:xlp_send_dh_request_x_ikev2:327 rsa arg allocated successfully Jul 31 09:55:56 :103060: <8352> |ike| xlp_lib.c:xlp_send_dh_request_x_ikev2:372 plen = 24 Jul 31 09:55:56 :103060: <8352> |ike| xlp_lib.c:xlp_send_dh_request_x_ikev2:431 nlm_crypto_do_op returned success, success code = 0 Jul 31 09:55:56 :103060: <8352> |ike| xlp_lib.c:xlp_send_dh_request_x_ikev2:444 DH2 request: peer: 10.72.0.2 dhflags:4 sos_pending:1 Jul 31 09:55:56 :103060: <8352> |ike| xlp_lib.c:process_xlp_dh1_response_ikev2:527 Initiating DH2 request to SAE Jul 31 09:55:56 :103063: <8352> |ike| xlp_rcv_response: Nothing to be read from cryptolib fd Jul 31 09:55:56 :103060: <8352> |ike| xlp_lib.c:xlp_rcv_response:661 Obtained result from SAE response Jul 31 09:55:56 :103060: <8352> |ike| xlp_lib.c:xlp_rcv_response:667 param struct obtained correctly from SAE response Jul 31 09:55:56 :103060: <8352> |ike| xlp_lib.c:xlp_rcv_response:673 rsa arg obtained correctly Jul 31 09:55:56 :103060: <8352> |ike| xlp_lib.c:xlp_rcv_response:691 Peer:10.72.0.2 obtained result frm param struct correctly from SAE response. Jul 31 09:55:56 :103060: <8352> |ike| xlp_lib.c:xlp_rcv_response:730 obtained context struct correctly from dh hw tbl Jul 31 09:55:56 :103060: <8352> |ike| xlp_lib.c:process_xlp_dh2_response_ikev2:544 Got a DH2 response from SAE Jul 31 09:55:56 :103060: <8352> |ike| xlp_lib.c:process_xlp_dh2_response_ikev2:550 pxSa obtained correctly Jul 31 09:55:56 :103060: <8352> |ike| xlp_lib.c:process_xlp_dh2_response_ikev2:557 pDHctx obtained fine Jul 31 09:55:56 :103060: <8352> |ike| xlp_lib.c:process_xlp_dh2_response_ikev2:569 DH2 response: peer 10.72.0.2 sos_pending 0 Jul 31 09:55:56 :103063: <8352> |ike| modp_free entered Jul 31 09:55:56 :103060: <8352> |ike| xlp_lib.c:process_xlp_dh2_response_ikev2:585 DH2 completed successfully Jul 31 09:55:56 :103063: <8352> |ike| OutTfm_R Jul 31 09:55:56 :103063: <8352> |ike| OutKe Responder grp:ike 2 Jul 31 09:55:56 :103063: <8352> |ike| <-- R NAT_D (us): a1 4c c6 2d 68 0d 01 9e 0f 89 b3 fa 8c 94 73 94 20 e7 86 ad Jul 31 09:55:56 :103063: <8352> |ike| NAT_D (peer): c4 e9 b9 dd bb 45 33 f7 1a 84 b1 19 9a dd 10 14 e7 9b 28 79 Jul 31 09:55:56 :103063: <8352> |ike| OutVid: added Fragmentation vendor-id Jul 31 09:55:56 :103063: <8352> |ike| #SEND 525 bytes to 10.72.0.2(35228) (1347845.686) Jul 31 09:55:56 :103063: <8352> |ike| IKE_SAMPLE_ikeXchgSend: server instance 1 Jul 31 09:55:56 :103063: <8352> |ike| cleanup_and_free_context delete ctx memory Jul 31 09:55:56 :103063: <8352> |ike| initR_in_Continued: IKE2_msgRecv_resume status:0 Jul 31 09:55:56 :103063: <8352> |ike| xlp_rcv_response: Nothing to be read from cryptolib fd Jul 31 09:55:58 :124004: <8405> |authmgr| Auth GSM: Num dev_id_cache entries aged = 0 Jul 31 09:55:58 :103063: <8352> |ike| 10.72.0.2:35228-> udp_encap_handle_message ver:2 serverInst:1 pktsize:530 Jul 31 09:55:58 :103063: <8352> |ike| 10.72.0.2:35228-> IKE_EXAMPLE_IKE_msgRecv: ip:10.72.0.2 port:35228 server:1 len:530 numSkts:8 Jul 31 09:55:58 :103063: <8352> |ike| 10.72.0.2:35228-> IKE_EXAMPLE_IKE_msgRecv:1369: IKE2_msgRecv Called Jul 31 09:55:58 :103063: <8352> |ike| 10.72.0.2:35228-> IKE2_msgRecv: dwPeerAddr: a480002 wPeerPort: 899c Jul 31 09:55:58 :103063: <8352> |ike| 10.72.0.2:35228-> Jul 31 09:55:58 :103063: <8352> |ike| 10.72.0.2:35228-> #RECV 530 bytes from 10.72.0.2(35228) at 10.72.0.60 (1347848.301) Jul 31 09:55:58 :103063: <8352> |ike| 10.72.0.2:35228-> spi={0bc043b1bfd60a16 3ba9422eb38f0e7b} np=FGMT Jul 31 09:55:58 :103063: <8352> |ike| 10.72.0.2:35228-> exchange=IKE_AUTH msgid=1 len=526 Jul 31 09:55:58 :103063: <8352> |ike| 10.72.0.2:35228-> ike2.c (948): errorCode = ERR_FRAGMENTATION_REQUIRED Jul 31 09:55:58 :103063: <8352> |ike| 10.72.0.2:35228-> IKE2_xchg_reassemble:1575 ctx->BufferSize = 526 Jul 31 09:55:58 :103063: <8352> |ike| 10.72.0.2:35228-> spi={0bc043b1bfd60a16 3ba9422eb38f0e7b} np=FGMT Jul 31 09:55:58 :103063: <8352> |ike| 10.72.0.2:35228-> exchange=IKE_AUTH msgid=1 len=526 Jul 31 09:55:58 :103063: <8352> |ike| 10.72.0.2:35228-> IKE2_xchg_reassemble:1595 dwLength = 526 Jul 31 09:55:58 :103063: <8352> |ike| 10.72.0.2:35228-> IKE2_xchg_reassemble:1605 dwLength = 526, dwBodyLen = 498 Jul 31 09:55:58 :103063: <8352> |ike| 10.72.0.2:35228-> IKE2_xchg_reassemble:1651 pxSa = 0xb6597c Jul 31 09:55:58 :103063: <8352> |ike| 10.72.0.2:35228-> pFragHdr->oFragNum:1, idx:1 Jul 31 09:55:58 :103063: <8352> |ike| 10.72.0.2:35228-> udp_encap_handle_message IKEv2 pkt status:0 Jul 31 09:55:58 :103063: <8352> |ike| 10.72.0.2:35228-> udp_encap_handle_message ver:2 serverInst:1 pktsize:530 Jul 31 09:55:58 :103063: <8352> |ike| 10.72.0.2:35228-> IKE_EXAMPLE_IKE_msgRecv: ip:10.72.0.2 port:35228 server:1 len:530 numSkts:8 Jul 31 09:55:58 :103063: <8352> |ike| 10.72.0.2:35228-> IKE_EXAMPLE_IKE_msgRecv:1369: IKE2_msgRecv Called Jul 31 09:55:58 :103063: <8352> |ike| 10.72.0.2:35228-> IKE2_msgRecv: dwPeerAddr: a480002 wPeerPort: 899c Jul 31 09:55:58 :103063: <8352> |ike| 10.72.0.2:35228-> Jul 31 09:55:58 :103063: <8352> |ike| 10.72.0.2:35228-> #RECV 530 bytes from 10.72.0.2(35228) at 10.72.0.60 (1347848.308) Jul 31 09:55:58 :103063: <8352> |ike| 10.72.0.2:35228-> spi={0bc043b1bfd60a16 3ba9422eb38f0e7b} np=FGMT Jul 31 09:55:58 :103063: <8352> |ike| 10.72.0.2:35228-> exchange=IKE_AUTH msgid=1 len=526 Jul 31 09:55:58 :103063: <8352> |ike| 10.72.0.2:35228-> ike2.c (948): errorCode = ERR_FRAGMENTATION_REQUIRED Jul 31 09:55:58 :103063: <8352> |ike| 10.72.0.2:35228-> IKE2_xchg_reassemble:1575 ctx->BufferSize = 526 Jul 31 09:55:58 :103063: <8352> |ike| 10.72.0.2:35228-> spi={0bc043b1bfd60a16 3ba9422eb38f0e7b} np=FGMT Jul 31 09:55:58 :103063: <8352> |ike| 10.72.0.2:35228-> exchange=IKE_AUTH msgid=1 len=526 Jul 31 09:55:58 :103063: <8352> |ike| 10.72.0.2:35228-> IKE2_xchg_reassemble:1595 dwLength = 526 Jul 31 09:55:58 :103063: <8352> |ike| 10.72.0.2:35228-> IKE2_xchg_reassemble:1605 dwLength = 526, dwBodyLen = 498 Jul 31 09:55:58 :103063: <8352> |ike| 10.72.0.2:35228-> IKE2_xchg_reassemble:1651 pxSa = 0xb6597c Jul 31 09:55:58 :103063: <8352> |ike| 10.72.0.2:35228-> pFragHdr->oFragNum:2, idx:2 Jul 31 09:55:58 :103063: <8352> |ike| 10.72.0.2:35228-> udp_encap_handle_message IKEv2 pkt status:0 Jul 31 09:55:58 :103063: <8352> |ike| 10.72.0.2:35228-> udp_encap_handle_message ver:2 serverInst:1 pktsize:530 Jul 31 09:55:58 :103063: <8352> |ike| 10.72.0.2:35228-> IKE_EXAMPLE_IKE_msgRecv: ip:10.72.0.2 port:35228 server:1 len:530 numSkts:8 Jul 31 09:55:58 :103063: <8352> |ike| 10.72.0.2:35228-> IKE_EXAMPLE_IKE_msgRecv:1369: IKE2_msgRecv Called Jul 31 09:55:58 :103063: <8352> |ike| 10.72.0.2:35228-> IKE2_msgRecv: dwPeerAddr: a480002 wPeerPort: 899c Jul 31 09:55:58 :103063: <8352> |ike| 10.72.0.2:35228-> Jul 31 09:55:58 :103063: <8352> |ike| 10.72.0.2:35228-> #RECV 530 bytes from 10.72.0.2(35228) at 10.72.0.60 (1347848.316) Jul 31 09:55:58 :103063: <8352> |ike| 10.72.0.2:35228-> spi={0bc043b1bfd60a16 3ba9422eb38f0e7b} np=FGMT Jul 31 09:55:58 :103063: <8352> |ike| 10.72.0.2:35228-> exchange=IKE_AUTH msgid=1 len=526 Jul 31 09:55:58 :103063: <8352> |ike| 10.72.0.2:35228-> ike2.c (948): errorCode = ERR_FRAGMENTATION_REQUIRED Jul 31 09:55:58 :103063: <8352> |ike| 10.72.0.2:35228-> IKE2_xchg_reassemble:1575 ctx->BufferSize = 526 Jul 31 09:55:58 :103063: <8352> |ike| 10.72.0.2:35228-> spi={0bc043b1bfd60a16 3ba9422eb38f0e7b} np=FGMT Jul 31 09:55:58 :103063: <8352> |ike| 10.72.0.2:35228-> exchange=IKE_AUTH msgid=1 len=526 Jul 31 09:55:58 :103063: <8352> |ike| 10.72.0.2:35228-> IKE2_xchg_reassemble:1595 dwLength = 526 Jul 31 09:55:58 :103063: <8352> |ike| 10.72.0.2:35228-> IKE2_xchg_reassemble:1605 dwLength = 526, dwBodyLen = 498 Jul 31 09:55:58 :103063: <8352> |ike| 10.72.0.2:35228-> IKE2_xchg_reassemble:1651 pxSa = 0xb6597c Jul 31 09:55:58 :103063: <8352> |ike| 10.72.0.2:35228-> pFragHdr->oFragNum:3, idx:3 Jul 31 09:55:58 :103063: <8352> |ike| 10.72.0.2:35228-> udp_encap_handle_message IKEv2 pkt status:0 Jul 31 09:55:58 :103063: <8352> |ike| 10.72.0.2:35228-> udp_encap_handle_message ver:2 serverInst:1 pktsize:530 Jul 31 09:55:58 :103063: <8352> |ike| 10.72.0.2:35228-> IKE_EXAMPLE_IKE_msgRecv: ip:10.72.0.2 port:35228 server:1 len:530 numSkts:8 Jul 31 09:55:58 :103063: <8352> |ike| 10.72.0.2:35228-> IKE_EXAMPLE_IKE_msgRecv:1369: IKE2_msgRecv Called Jul 31 09:55:58 :103063: <8352> |ike| 10.72.0.2:35228-> IKE2_msgRecv: dwPeerAddr: a480002 wPeerPort: 899c Jul 31 09:55:58 :103063: <8352> |ike| 10.72.0.2:35228-> Jul 31 09:55:58 :103063: <8352> |ike| 10.72.0.2:35228-> #RECV 530 bytes from 10.72.0.2(35228) at 10.72.0.60 (1347848.324) Jul 31 09:55:58 :103063: <8352> |ike| 10.72.0.2:35228-> spi={0bc043b1bfd60a16 3ba9422eb38f0e7b} np=FGMT Jul 31 09:55:58 :103063: <8352> |ike| 10.72.0.2:35228-> exchange=IKE_AUTH msgid=1 len=526 Jul 31 09:55:58 :103063: <8352> |ike| 10.72.0.2:35228-> ike2.c (948): errorCode = ERR_FRAGMENTATION_REQUIRED Jul 31 09:55:58 :103063: <8352> |ike| 10.72.0.2:35228-> IKE2_xchg_reassemble:1575 ctx->BufferSize = 526 Jul 31 09:55:58 :103063: <8352> |ike| 10.72.0.2:35228-> spi={0bc043b1bfd60a16 3ba9422eb38f0e7b} np=FGMT Jul 31 09:55:58 :103063: <8352> |ike| 10.72.0.2:35228-> exchange=IKE_AUTH msgid=1 len=526 Jul 31 09:55:58 :103063: <8352> |ike| 10.72.0.2:35228-> IKE2_xchg_reassemble:1595 dwLength = 526 Jul 31 09:55:58 :103063: <8352> |ike| 10.72.0.2:35228-> IKE2_xchg_reassemble:1605 dwLength = 526, dwBodyLen = 498 Jul 31 09:55:58 :103063: <8352> |ike| 10.72.0.2:35228-> IKE2_xchg_reassemble:1651 pxSa = 0xb6597c Jul 31 09:55:58 :103063: <8352> |ike| 10.72.0.2:35228-> pFragHdr->oFragNum:4, idx:4 Jul 31 09:55:58 :103063: <8352> |ike| 10.72.0.2:35228-> udp_encap_handle_message IKEv2 pkt status:0 Jul 31 09:55:58 :103063: <8352> |ike| 10.72.0.2:35228-> udp_encap_handle_message ver:2 serverInst:1 pktsize:304 Jul 31 09:55:58 :103063: <8352> |ike| 10.72.0.2:35228-> IKE_EXAMPLE_IKE_msgRecv: ip:10.72.0.2 port:35228 server:1 len:304 numSkts:8 Jul 31 09:55:58 :103063: <8352> |ike| 10.72.0.2:35228-> IKE_EXAMPLE_IKE_msgRecv:1369: IKE2_msgRecv Called Jul 31 09:55:58 :103063: <8352> |ike| 10.72.0.2:35228-> IKE2_msgRecv: dwPeerAddr: a480002 wPeerPort: 899c Jul 31 09:55:58 :103063: <8352> |ike| 10.72.0.2:35228-> Jul 31 09:55:58 :103063: <8352> |ike| 10.72.0.2:35228-> #RECV 304 bytes from 10.72.0.2(35228) at 10.72.0.60 (1347848.328) Jul 31 09:55:58 :103063: <8352> |ike| 10.72.0.2:35228-> spi={0bc043b1bfd60a16 3ba9422eb38f0e7b} np=FGMT Jul 31 09:55:58 :103063: <8352> |ike| 10.72.0.2:35228-> exchange=IKE_AUTH msgid=1 len=300 Jul 31 09:55:58 :103063: <8352> |ike| 10.72.0.2:35228-> ike2.c (948): errorCode = ERR_FRAGMENTATION_REQUIRED Jul 31 09:55:58 :103063: <8352> |ike| 10.72.0.2:35228-> IKE2_xchg_reassemble:1575 ctx->BufferSize = 300 Jul 31 09:55:58 :103063: <8352> |ike| 10.72.0.2:35228-> spi={0bc043b1bfd60a16 3ba9422eb38f0e7b} np=FGMT Jul 31 09:55:58 :103063: <8352> |ike| 10.72.0.2:35228-> exchange=IKE_AUTH msgid=1 len=300 Jul 31 09:55:58 :103063: <8352> |ike| 10.72.0.2:35228-> IKE2_xchg_reassemble:1595 dwLength = 300 Jul 31 09:55:58 :103063: <8352> |ike| 10.72.0.2:35228-> IKE2_xchg_reassemble:1605 dwLength = 300, dwBodyLen = 272 Jul 31 09:55:58 :103063: <8352> |ike| 10.72.0.2:35228-> IKE2_xchg_reassemble:1651 pxSa = 0xb6597c Jul 31 09:55:58 :103063: <8352> |ike| 10.72.0.2:35228-> pFragHdr->oFragNum:5, idx:0 Jul 31 09:55:58 :103063: <8352> |ike| 10.72.0.2:35228-> RE-ASSEMBLING FRAG NUM [1 Jul 31 09:55:58 :103063: <8352> |ike| 10.72.0.2:35228-> RE-ASSEMBLING FRAG NUM [2 Jul 31 09:55:58 :103063: <8352> |ike| 10.72.0.2:35228-> RE-ASSEMBLING FRAG NUM [3 Jul 31 09:55:58 :103063: <8352> |ike| 10.72.0.2:35228-> RE-ASSEMBLING FRAG NUM [4 Jul 31 09:55:58 :103063: <8352> |ike| 10.72.0.2:35228-> RE-ASSEMBLING FRAG NUM [5 Jul 31 09:55:58 :103063: <8352> |ike| 10.72.0.2:35228-> IKE_fragRecv Rcvd all 0 fragments Jul 31 09:55:58 :103063: <8352> |ike| 10.72.0.2:35228-> IKE2_msgRecv:2002: IKE2_msgRecv Called Jul 31 09:55:58 :103063: <8352> |ike| 10.72.0.2:35228-> IKE2_msgRecv: dwPeerAddr: a480002 wPeerPort: 899c Jul 31 09:55:58 :103063: <8352> |ike| 10.72.0.2:35228-> Jul 31 09:55:58 :103063: <8352> |ike| 10.72.0.2:35228-> #RECV 2256 bytes from 10.72.0.2(35228) at 10.72.0.60 (1347848.329) Jul 31 09:55:58 :103063: <8352> |ike| 10.72.0.2:35228-> spi={0bc043b1bfd60a16 3ba9422eb38f0e7b} np=E{IDi} Jul 31 09:55:58 :103063: <8352> |ike| 10.72.0.2:35228-> exchange=IKE_AUTH msgid=1 len=2252 Jul 31 09:55:58 :103063: <8352> |ike| 10.72.0.2:35228-> IKE2_xchgIn:1387 Jul 31 09:55:58 :103063: <8352> |ike| 10.72.0.2:35228-> IKE2_newXchg oExchange:35 bReq:0 dwMsgId:1 Jul 31 09:55:58 :103063: <8352> |ike| 10.72.0.2:35228-> IKE2_newXchg before delXchg Jul 31 09:55:58 :103063: <8352> |ike| 10.72.0.2:35228-> IKE2_delXchg Deleting exchange Jul 31 09:55:58 :103063: <8352> |ike| 10.72.0.2:35228-> authR_in Jul 31 09:55:58 :103063: <8352> |ike| 10.72.0.2:35228-> InSa0: calling IKE2_newIPsecSa Jul 31 09:55:58 :103063: <8352> |ike| 10.72.0.2:35228-> InCp Jul 31 09:55:58 :103063: <8352> |ike| 10.72.0.2:35228-> --> R Notify: INITIAL_CONTACT CFG_REQUEST Jul 31 09:55:58 :103063: <8352> |ike| 10.72.0.2:35228-> CheckCfgAttr type:1 Jul 31 09:55:58 :103063: <8352> |ike| 10.72.0.2:35228-> CheckCfgAttr type:2 Jul 31 09:55:58 :103063: <8352> |ike| 10.72.0.2:35228-> InCp : detected VPN client Jul 31 09:55:58 :103063: <8352> |ike| 10.72.0.2:35228-> InTs entered Jul 31 09:55:58 :103063: <8352> |ike| 10.72.0.2:35228-> InTs # of TS:1 Jul 31 09:55:58 :103063: <8352> |ike| 10.72.0.2:35228-> InTs no:0 IPV4 addr:0.0.0.0 end:255.255.255.255 Jul 31 09:55:58 :103063: <8352> |ike| 10.72.0.2:35228-> IP4_ADDRESS IP4_NETMASK TSi: 0.0.0.0~255.255.255.255 Jul 31 09:55:58 :103063: <8352> |ike| 10.72.0.2:35228-> InTs responder: the remote switch ip is :: pxIPsecSa->dwIP 0.0.0.0 pxIPsecSa->dwIPEnd 255.255.255.255 Jul 31 09:55:58 :103063: <8352> |ike| 10.72.0.2:35228-> InTs entered Jul 31 09:55:58 :103063: <8352> |ike| 10.72.0.2:35228-> InTs # of TS:1 Jul 31 09:55:58 :103063: <8352> |ike| 10.72.0.2:35228-> InTs no:1 IPV4 addr:0.0.0.0 end:255.255.255.255 Jul 31 09:55:58 :103063: <8352> |ike| 10.72.0.2:35228-> TSr: 0.0.0.0~255.255.255.255 Jul 31 09:55:58 :103063: <8352> |ike| 10.72.0.2:35228-> InTs responder: the remote switch ip is :: pxIPsecSa->dwIP 0.0.0.0 pxIPsecSa->dwIPEnd 255.255.255.255 Jul 31 09:55:58 :103063: <8352> |ike| 10.72.0.2:35228-> InAuthSig certNum:1 Jul 31 09:55:58 :103063: <8352> |ike| 10.72.0.2:35228-> sort_certificate_chain: Size of certificate chain to be sorted: 1 Jul 31 09:55:58 :103063: <8352> |ike| 10.72.0.2:35228-> sort_certificate_chain: Current cert index being considered: 0 Jul 31 09:55:58 :103063: <8352> |ike| 10.72.0.2:35228-> sort_certificate_chain: Last cert has n parent in chain Jul 31 09:55:58 :103063: <8352> |ike| 10.72.0.2:35228-> IKE_certGetKey num-certs:1 Jul 31 09:55:58 :103063: <8352> |ike| 10.72.0.2:35228-> asn_cert_ike_subj_string Cert-len:1713 Subject: /CN=CNH8K2T0D9::20:4c:03:3f:db:2d Jul 31 09:55:58 :103063: <8352> |ike| 10.72.0.2:35228-> IKE_certGetKey : ARUBA cert MAC:20:4c:03:3f:db:2d Jul 31 09:55:58 :103063: <8352> |ike| 10.72.0.2:35228-> IKE_certGetKey : cert CN:20:4c:03:3f:db:2d Jul 31 09:55:58 :103063: <8352> |ike| 10.72.0.2:35228-> IKE_certGetKey: Aruba AP cert validated successfully against device ca cert Jul 31 09:55:58 :103063: <8352> |ike| 10.72.0.2:35228-> HASH_i 9e 12 06 ec 4f de b9 f3 dc 9f ae 7e 1b 42 67 2e 6d ab 04 60 Jul 31 09:55:58 :103063: <8352> |ike| 10.72.0.2:35228-> IKE_getCertId NATT peer-port:0 Jul 31 09:55:58 :103063: <8352> |ike| 10.72.0.2:35228-> IKE_getCertId IkeCertId peer-port:0 peer-natt:35201 Jul 31 09:55:58 :103063: <8352> |ike| 10.72.0.2:35228-> IKE_getCertId IkeCertId peer-port:0 peer-natt:35202 Jul 31 09:55:58 :103063: <8352> |ike| 10.72.0.2:35228-> IKE_getCertId IkeCertId peer-port:0 peer-natt:35203 Jul 31 09:55:58 :103063: <8352> |ike| 10.72.0.2:35228-> IKE_getCertId IkeCertId peer-port:0 peer-natt:35205 Jul 31 09:55:58 :103063: <8352> |ike| 10.72.0.2:35228-> IKE_getCertId IkeCertId peer-port:0 peer-natt:35206 Jul 31 09:55:58 :103063: <8352> |ike| 10.72.0.2:35228-> IKE_getCertId IkeCertId peer-port:0 peer-natt:35207 Jul 31 09:55:58 :103063: <8352> |ike| 10.72.0.2:35228-> IKE_getCertId IkeCertId peer-port:0 peer-natt:35209 Jul 31 09:55:58 :103063: <8352> |ike| 10.72.0.2:35228-> IKE_getCertId IkeCertId peer-port:0 peer-natt:35211 Jul 31 09:55:58 :103063: <8352> |ike| 10.72.0.2:35228-> IKE_getCertId IkeCertId peer-port:0 peer-natt:35213 Jul 31 09:55:58 :103063: <8352> |ike| 10.72.0.2:35228-> IKE_getCertId IkeCertId peer-port:0 peer-natt:35214 Jul 31 09:55:58 :103063: <8352> |ike| 10.72.0.2:35228-> IKE_getCertId IkeCertId peer-port:0 peer-natt:35215 Jul 31 09:55:58 :103063: <8352> |ike| 10.72.0.2:35228-> IKE_getCertId IkeCertId peer-port:0 peer-natt:35223 Jul 31 09:55:58 :103063: <8352> |ike| 10.72.0.2:35228-> IKE_getCertId IkeCertId peer-port:0 peer-natt:35225 Jul 31 09:55:58 :103063: <8352> |ike| 10.72.0.2:35228-> IKE_getCertId IkeCertId peer-port:0 peer-natt:35226 Jul 31 09:55:58 :103063: <8352> |ike| 10.72.0.2:35228-> IKE_getCertId IkeCertId peer-port:0 peer-natt:35227 Jul 31 09:55:58 :103063: <8352> |ike| 10.72.0.2:35228-> IKE_getCertId IkeCertId peer-port:0 peer-natt:0 Jul 31 09:55:58 :103063: <8352> |ike| 10.72.0.2:35228-> IKE_getCertId status:-8946 peer-port:0 peer-natt:35228 Jul 31 09:55:58 :103063: <8352> |ike| 10.72.0.2:35228-> IKE_certAssign natt port:35228 Jul 31 09:55:58 :103063: <8352> |ike| 10.72.0.2:35228-> IKE_initContSa: isarubaCampusAP 0 isarubaAP 1 isMasterLocal 0 isBOC 0 peeruplinkfailover 0 username 20:4c:03:3f:db:2d Jul 31 09:55:58 :103063: <8352> |ike| 10.72.0.2:35228-> IKE_initContSa: calling mac_hash_tbl_entry_add for username 20:4c:03:3f:db:2d Jul 31 09:55:58 :103063: <8352> |ike| 10.72.0.2:35228-> mac_hash_tbl_entry_add: adding mac hash table entry for user 20:4c:03:3f:db:2d version 2 Jul 31 09:55:58 :103063: <8352> |ike| 10.72.0.2:35228-> mac_hash_tbl_entry_add: Cookies : Initiator cookie:0bc043b1bfd60a16 Responder cookie:3ba9422eb38f0e7b Jul 31 09:55:58 :103063: <8352> |ike| 10.72.0.2:35228-> mac_hash_tbl_entry_add: converted mac : 20:4c:3:3f:db:2d Jul 31 09:55:58 :103063: <8352> |ike| 10.72.0.2:35228-> mac_hash_tbl_entry_add: found an existing mac entry salist numOfNodes 0 Jul 31 09:55:58 :103063: <8352> |ike| 10.72.0.2:35228-> mac_hash_tbl_entry_add: added sa entry to an existing mac entry Jul 31 09:55:58 :103063: <8352> |ike| 10.72.0.2:35228-> INITIAL _CONTACT received delete child SA's for ip = 10.72.0.2 port = 35228 Jul 31 09:55:58 :103063: <8352> |ike| 10.72.0.2:35228-> IPSEC_keyDelete(raddr=10.72.0.2) Jul 31 09:55:58 :103063: <8352> |ike| 10.72.0.2:35228-> DoSa2_R : detected VPN client Jul 31 09:55:58 :103063: <8352> |ike| 10.72.0.2:35228-> InSa: Responder SPI:59e8a000 Jul 31 09:55:58 :103063: <8352> |ike| 10.72.0.2:35228-> ipsec_spi_hash_tbl_entry_add: adding IPSEC spi 0x59e8a000 to SPI hash table Jul 31 09:55:58 :103063: <8352> |ike| 10.72.0.2:35228-> ipsec_spi_hash_tbl_entry_add: successfully added IPSEC spi 0x59e8a000 to SPI hash table Jul 31 09:55:58 :103063: <8352> |ike| 10.72.0.2:35228-> InSa: Successfully added Responder SPI:59e8a000 to SPI hash table Jul 31 09:55:58 :103063: <8352> |ike| 10.72.0.2:35228-> InSa: dwSpi[I Jul 31 09:55:58 :103063: <8352> |ike| 10.72.0.2:35228-> RAP Dynamic Map found Jul 31 09:55:58 :103063: <8352> |ike| 10.72.0.2:35228-> InTfm2_R trying map:default-rap-ipsecmap numxf:3 Jul 31 09:55:58 :103063: <8352> |ike| 10.72.0.2:35228-> InTfm2_R trying ipsec-xf:default-rap-transform Jul 31 09:55:58 :103063: <8352> |ike| 10.72.0.2:35228-> InTfm2_R: selected cnt:0 encr TfmId 12 Jul 31 09:55:58 :103063: <8352> |ike| 10.72.0.2:35228-> Proposal #1: ESP(4) spi=2b1e5300 ENCR_AES 256-BITS ENCR_3DES unsupported AUTH_ Jul 31 09:55:58 :103063: <8352> |ike| 10.72.0.2:35228-> InTfm2_R: selected cnt:0 auth algo 2 Jul 31 09:55:58 :103063: <8352> |ike| 10.72.0.2:35228-> enc_tried:1 enc_supported:1 Jul 31 09:55:58 :103063: <8352> |ike| 10.72.0.2:35228-> auth_tried:1 auth_supported:1 Jul 31 09:55:58 :103063: <8352> |ike| 10.72.0.2:35228-> dh_tried:0 dh_supported:0 Jul 31 09:55:58 :103063: <8352> |ike| 10.72.0.2:35228-> InTfm2_R Accepting map:default-rap-ipsecmap transform:default-rap-transform Jul 31 09:55:58 :103063: <8352> |ike| 10.72.0.2:35228-> InTfm2_R i:0 Cnt:1 encrAlgo:12 len:32 Jul 31 09:55:58 :103063: <8352> |ike| 10.72.0.2:35228-> InTfm2_R i:0 Cnt:1 authAlgo:2 len:0 Jul 31 09:55:58 :103063: <8352> |ike| 10.72.0.2:35228-> InTfm2_R : Initialize ipsecKeyEx Jul 31 09:55:58 :103063: <8352> |ike| 10.72.0.2:35228-> IKE_initIPsecKey in:1 dstport:35228 srcport:4500 Jul 31 09:55:58 :103063: <8352> |ike| 10.72.0.2:35228-> InTfm2_R : dstip:0.0.0.0 srcip:0.0.0.0 Jul 31 09:55:58 :103063: <8352> |ike| 10.72.0.2:35228-> InTfm2_R setting IPSEC_SA map lifetime:7200 in seconds Jul 31 09:55:58 :103063: <8352> |ike| 10.72.0.2:35228-> InTfm2_R: status=0 merror:0 Jul 31 09:55:58 :103063: <8352> |ike| 10.72.0.2:35228-> InSa: InTfmX_R status:0 bMatch:1 Jul 31 09:55:58 :103063: <8352> |ike| 10.72.0.2:35228-> InSa: before initIPsecKey status:0 bMatch:1 Jul 31 09:55:58 :103063: <8352> |ike| 10.72.0.2:35228-> IKE_initIPsecKey in:1 dstport:35228 srcport:4500 Jul 31 09:55:58 :103063: <8352> |ike| 10.72.0.2:35228-> InSa: after initIPsecKey status:0 bMatch:1 Jul 31 09:55:58 :103063: <8352> |ike| 10.72.0.2:35228-> InSa: after ACCEPT status:0 bMatch:1 Jul 31 09:55:58 :103063: <8352> |ike| 10.72.0.2:35228-> InSa: after ACCEPT CHILD_SA status:0 bMatch:1 Jul 31 09:55:58 :103063: <8352> |ike| 10.72.0.2:35228-> InSa: after ACCEPT CHILD_SA before BREAK status:0 bMatch:1 Jul 31 09:55:58 :103063: <8352> |ike| 10.72.0.2:35228-> IKE_useCert certchain:(nil) Jul 31 09:55:58 :103063: <8352> |ike| 10.72.0.2:35228-> IKE_CUSTOM_useCert trying device cert cert for RAP Jul 31 09:55:58 :103063: <8352> |ike| 10.72.0.2:35228-> IKE_CUSTOM_useCert: found valid Server-Cert:Aruba-Factory-Server-Cert-Chain Jul 31 09:55:58 :103063: <8352> |ike| 10.72.0.2:35228-> IKE_CUSTOM_useCert: got 4 certs Jul 31 09:55:58 :103063: <8352> |ike| 10.72.0.2:35228-> UseCustomCert: certNum:4 Jul 31 09:55:58 :103063: <8352> |ike| 10.72.0.2:35228-> IKE_certSetChain num:4 Jul 31 09:55:58 :103063: <8352> |ike| 10.72.0.2:35228-> IKE_certSetChain index:0 cert-len:733 cert:0x7ee02c key:0x7fe4f4 keylen:2018 Jul 31 09:55:58 :103063: <8352> |ike| 10.72.0.2:35228-> IKE_certSetChain index:1 cert-len:1618 cert:0x7f172c key:(nil) keylen:0 Jul 31 09:55:58 :103063: <8352> |ike| 10.72.0.2:35228-> IKE_certSetChain index:2 cert-len:1467 cert:0x7f612c key:(nil) keylen:0 Jul 31 09:55:58 :103063: <8352> |ike| 10.72.0.2:35228-> IKE_certSetChain index:3 cert-len:1580 cert:0x7fad0c key:(nil) keylen:0 Jul 31 09:55:58 :103063: <8352> |ike| 10.72.0.2:35228-> IKE_certSetChain status:0 Jul 31 09:55:58 :103063: <8352> |ike| 10.72.0.2:35228-> authR_in: status:0 authmtd:1 Jul 31 09:55:58 :103063: <8352> |ike| 10.72.0.2:35228-> IKE2_msgRecv_resume auth pending, skipping outstanding send Jul 31 09:55:58 :103063: <8352> |ike| 10.72.0.2:35228-> pap_ikev2_auth_requests username: 20:4c:03:3f:db:2d Jul 31 09:55:58 :103060: <8352> |ike| 10.72.0.2:35228-> mocana_interface.c:pap_ikev2_auth_requests:1450 user=20:4c:03:3f:db:2d Jul 31 09:55:58 :103063: <8352> |ike| 10.72.0.2:35228-> pap_ikev2_auth_requests ip:10.72.0.2 cookie:2189892590 auth:3 vpn:2 Jul 31 09:55:58 :103063: <8352> |ike| 10.72.0.2:35228-> udp_encap_handle_message IKEv2 pkt status:0 Jul 31 09:55:58 :124004: <8405> |authmgr| RX (sock) message of type 66, len 1020 Jul 31 09:55:58 :124454: <8405> |authmgr| auth_user_query_raw: recvd request user:20:4c:03:3f:db:2d ip:10.72.0.2 cookie:-2105074706 Jul 31 09:55:58 :124155: <8405> |authmgr| No macuser for ip 10.72.0.2, mac 00:00:00:00:00:00. Jul 31 09:55:58 :124150: <8405> |authmgr| Create ipuser and user 00:00:00:00:00:00. Jul 31 09:55:58 :124004: <8405> |authmgr| logging role event for 0x2355b44: 0x216e0a4,0x2, index 0 Jul 31 09:55:58 :124156: <8405> |authmgr| Called ip_user_new() for ip 10.72.0.2. Jul 31 09:55:58 :124004: <8405> |authmgr| aal_authenticate: In aal_authenticate Jul 31 09:55:58 :124100: <8405> |authmgr| Setting auth subtype 'EAP-LEAP' for user 10.72.0.2, client VPN. Jul 31 09:55:58 :124099: <8405> |authmgr| Setting auth type 'VPN' for user 10.72.0.2, client VPN. Jul 31 09:55:58 :124098: <8405> |authmgr| Setting authstate 'started' for user 10.72.0.2, client VPN. Jul 31 09:55:58 :124546: <8405> |authmgr| aal_authenticate user:20:4c:03:3f:db:2d vpnflags:2. Jul 31 09:55:58 :124004: <8405> |authmgr| ncfg_auth_server_group_authtype ip=10.72.0.2, method=VPN vpnflags:2 Jul 31 09:55:58 :124004: <8405> |authmgr| ncfg_auth_server_group_authtype vpnflags:2 vpn-profile:default-rap Jul 31 09:55:58 :124004: <8405> |authmgr| ip=10.72.0.2, sg=default Jul 31 09:55:58 :124547: <8405> |authmgr| aal_authenticate server_group:default. Jul 31 09:55:58 :124004: <8405> |authmgr| ncfg_auth_server_group_authtype ip=10.72.0.2, method=VPN vpnflags:2 Jul 31 09:55:58 :124004: <8405> |authmgr| ncfg_auth_server_group_authtype vpnflags:2 vpn-profile:default-rap Jul 31 09:55:58 :124004: <8405> |authmgr| ip=10.72.0.2, sg=default Jul 31 09:55:58 :124004: <8405> |authmgr| Select server for method=VPN, user=20:4c:03:3f:db:2d, essid=<>, server-group=default, last_srv <> Jul 31 09:55:58 :124004: <8405> |authmgr| server=Internal, ena=1, ins=1 (1) Jul 31 09:55:58 :124038: <8405> |authmgr| Selected server Internal for method=VPN; user=20:4c:03:3f:db:2d, essid=<>, domain=<>, server-group=default Jul 31 09:55:58 :124004: <8405> |authmgr| aal_authenticate (1250)(INC) : os_reqs 1, s Internal type 1 inservice 1 markedD 0 Jul 31 09:55:58 :124004: <8405> |authmgr| aal_authenticate (1288)(INC) : os_auths 1, s Internal type 1 inservice 1 markedD 0 sg_name default Jul 31 09:55:58 :133028: <8484> |localdb| executeUSERDBMethod(127.0.0.1:8214 ==> 127.0.0.1:8344 PktType:0x402 SeqNum:4367 MsgCode:62): Received udb_msg with msgtype:62 id:16 reqtype:6 dbtype:13 Jul 31 09:55:58 :133108: <8484> |localdb| executeUSERDBMethod: Query for mac:20:4c:03:3f:db:2d is successful locally with msgtype:62 id:16 reqtype:6 dbtype:13 Jul 31 09:55:58 :133005: <8484> |localdb| User 20:4c:03:3f:db:2d Successfully Authenticated Jul 31 09:55:58 :133122: <8484> |localdb| make_response: Sending response to 127.0.0.1:8214 with msgtype:79 id:16 reqtype:6 dbtype:13 Jul 31 09:55:58 :124230: <8405> |authmgr| Rx message 62/79, length 867 from 127.0.0.1:8344 Jul 31 09:55:58 :124004: <8405> |authmgr| udb_gen_whitelist_avpairs: Added avpair name Remote-IP value 0 Jul 31 09:55:58 :124004: <8405> |authmgr| udb_gen_whitelist_avpairs: Added avpair name Remote-IPv6 value :: Jul 31 09:55:58 :124004: <8405> |authmgr| udb_gen_whitelist_avpairs: Added avpair name Inner-IP value 0 Jul 31 09:55:58 :124004: <8405> |authmgr| udb_gen_whitelist_avpairs: Added avpair name Cert_type value 1 Jul 31 09:55:58 :124003: <8405> |authmgr| Authentication result=Authentication Successful(0), method=VPN, server=Internal, user=20:4c:03:3f:db:2d Jul 31 09:55:58 :124004: <8405> |authmgr| server_cbh (257)(DEC) : os_reqs 0, s Internal type 1 inservice 1 markedD 0 Jul 31 09:55:58 :124607: <8405> |authmgr| server_cbh(): response=0 from Auth server 'Internal for client:3 proto:7 eap-type:0'. Jul 31 09:55:58 :124004: <8405> |authmgr| server_cbh (650)(DEC) : os_auths 0, s Internal type 1 inservice 1 markedD 0 sg_name default Jul 31 09:55:58 :124097: <8405> |authmgr| Setting authserver 'Internal' for user 10.72.0.2, client VPN. Jul 31 09:55:58 :124453: <8405> |authmgr| auth_user_query_resp: response user:20:4c:03:3f:db:2d ip:10.72.0.2 cookie:-2105074706 Jul 31 09:55:58 :124184: <8405> |authmgr| {L3} Authenticating Server is Internal. Jul 31 09:55:58 :124004: <8405> |authmgr| Matching `default' rules to derive role ... Jul 31 09:55:58 :124004: <8405> |authmgr| role 'value-of' Jul 31 09:55:58 :124004: <8405> |authmgr| rule: set role condition role value-of Jul 31 09:55:58 :124004: <8405> |authmgr| match_rule Value Pair to match User-Name : 20:4c:03:3f:db:2d Jul 31 09:55:58 :124004: <8405> |authmgr| match_rule Value Pair to match AP_Group : RAP-DUE Jul 31 09:55:58 :124004: <8405> |authmgr| match_rule Value Pair to match AP_Name : cr-rap-wie-001 Jul 31 09:55:58 :124004: <8405> |authmgr| match_rule Value Pair to match DB_Entry_State : 0 Jul 31 09:55:58 :124004: <8405> |authmgr| match_rule Value Pair to match Remote-IP : 0.0.0.0 Jul 31 09:55:58 :124004: <8405> |authmgr| match_rule Value Pair to match Remote-IPv6 : :: Jul 31 09:55:58 :124004: <8405> |authmgr| match_rule Value Pair to match Inner-IP : 0.0.0.0 Jul 31 09:55:58 :124004: <8405> |authmgr| match_rule Value Pair to match AP_Authenticated : 0 Jul 31 09:55:58 :124004: <8405> |authmgr| match_rule Value Pair to match Cert_type : 1 Jul 31 09:55:58 :124004: <8405> |authmgr| match_rule Value Pair to match Server-Name : Internal Jul 31 09:55:58 :124004: <8405> |authmgr| match_rule Value Pair to match Authentication-Type : 3 Jul 31 09:55:58 :124004: <8405> |authmgr| match_rule Value Pair to match Authentication-Sub-Type : 7 Jul 31 09:55:58 :124004: <8405> |authmgr| match_rule Value Pair to match Server-Group : default Jul 31 09:55:58 :124004: <8405> |authmgr| match_rule Value Pair to match User-Name : 20:4c:03:3f:db:2d Jul 31 09:55:58 :124004: <8405> |authmgr| match_rule Value Pair to match fw_mode : 0 Jul 31 09:55:58 :124004: <8405> |authmgr| match_rule Value Pair to match macaddr : 00:00:00:00:00:00 Jul 31 09:55:58 :124004: <8405> |authmgr| match_rule Value Pair to match location : N/A Jul 31 09:55:58 :124004: <8405> |authmgr| match_rule Value Pair to match essid : Jul 31 09:55:58 :124441: <8405> |authmgr| auth_user_query_resp: vpnflags:2 Jul 31 09:55:58 :124467: <8405> |authmgr| Framed IP: found 0x0 (mask 0x0) Jul 31 09:55:58 :124004: <8405> |authmgr| auth_user_query_resp: nvp->name Inner-IP Jul 31 09:55:58 :103063: <8352> |ike| ipc_ikev2_auth_recv_vpn_packet cookie:2189892590 innerip 0.0.0.0 inneripv6 :: Jul 31 09:55:58 :103063: <8352> |ike| ipc_ikev2_auth_recv_vpn_packet removing ctx 86133c from auth-list. auth-cookie 2189892590 Jul 31 09:55:58 :103063: <8352> |ike| *** ipc_auth_recv_packet user=20:4c:03:3f:db:2d, pass=******, result=0 ctx:0x86133c, ctx-innerip::: l2tp_pool:default-l2tp-pool Jul 31 09:55:58 :103063: <8352> |ike| ipc_ikev2_auth_recv_vpn_packet rsp.cluster_rap_innerip 0.0.0.0 rsp.inner_ip 0.0.0.0 Jul 31 09:55:58 :103063: <8352> |ike| get_ikev2_internal_ip Inner-ip from L2TP pool 10.73.8.25, DNS1:0.0.0.0, DNS2:0.0.0.0, WINS1:0.0.0.0, WINS2:0.0.0.0 Jul 31 09:55:58 :103063: <8352> |ike| controlplaneRouteModify entered with ip:10.73.8.25/255.255.255.255 Jul 31 09:55:58 :103063: <8352> |ike| controlplaneRouteModify after socket:44 with ip:10.73.8.25 Jul 31 09:55:58 :103063: <8352> |ike| controlplaneRouteModify socket:44 request:35083 dev:tsgw rtflags:1 with ip:10.73.8.25 Jul 31 09:55:58 :103060: <8352> |ike| ipc.c:controlplaneRouteModify:7646 Add: Route Already Present in the Kernel Jul 31 09:55:58 :103063: <8352> |ike| controlplaneRouteModify after ioctl sock:44 with ip:10.73.8.25 Jul 31 09:55:58 :103063: <8352> |ike| controlplaneRouteModify after close sock:44 with ip:10.73.8.25 Jul 31 09:55:58 :103063: <8352> |ike| ipc_ikev2_auth_recv_vpn_packet:4399 sa cert-type 1, db cert-type 1 Jul 31 09:55:58 :103063: <8352> |ike| ipc_ikev2_auth_recv_vpn_packet calling client_auth_ip_up for InnerIP 10.73.8.25, a490819, extip 10.72.0.2 Jul 31 09:55:58 :103082: <8352> |ike| IKEv2 Client-Authentication succeeded for 10.73.8.25 (External 10.72.0.2) for default-vpn-role Jul 31 09:55:58 :103063: <8352> |ike| IKE_useCert certchain:0x867c74 Jul 31 09:55:58 :124004: <8405> |authmgr| RX (sock) message of type 18, len 64 Jul 31 09:55:58 :124458: <8405> |authmgr| IP UP int: 10.73.8.25, ext:10.72.0.2 flags 0x2 Jul 31 09:55:58 :124861: <8405> |authmgr| Auth GSM : IP_USER delete for IP 10.72.0.2 Jul 31 09:55:58 :103063: <8352> |ike| HMAC_SHA1_96 ESN_0 HASH_r 83 f1 c9 5a 6e d7 19 02 33 d8 4a 15 97 58 4b d0 3a ca eb 79 Jul 31 09:55:58 :124862: <8405> |authmgr| Auth GSM : IP_USER delete failed for IP 10.72.0.2 result error_htbl_key_not_found Jul 31 09:55:58 :103060: <8352> |ike| xlp_lib.c:xlp_send_rsasign_request_ikev2:1119 rsa param allocated successfully Jul 31 09:55:58 :124155: <8405> |authmgr| No macuser for ip 10.73.8.25, mac 00:00:00:00:00:00. Jul 31 09:55:58 :103060: <8352> |ike| xlp_lib.c:xlp_send_rsasign_request_ikev2:1126 rsa result allocated successfully Jul 31 09:55:58 :103060: <8352> |ike| xlp_lib.c:xlp_send_rsasign_request_ikev2:1135 rsa arg allocated successfully Jul 31 09:55:58 :124150: <8405> |authmgr| Create ipuser and user 00:00:00:00:00:00. Jul 31 09:55:58 :124004: <8405> |authmgr| logging role event for 0x2353a64: 0x216e0a4,0x2, index 0 Jul 31 09:55:58 :103060: <8352> |ike| xlp_lib.c:xlp_send_rsasign_request_ikev2:1188 nlm_crypto_do_op returned success, success code = 0 Jul 31 09:55:58 :103063: <8352> |ike| ipc_ikev2_auth_recv_vpn_packet rsa signature pending, skipping outstanding send Jul 31 09:55:58 :124156: <8405> |authmgr| Called ip_user_new() for ip 10.73.8.25. Jul 31 09:55:58 :124861: <8405> |authmgr| Auth GSM : IP_USER delete for IP 10.73.8.25 Jul 31 09:55:58 :124862: <8405> |authmgr| Auth GSM : IP_USER delete failed for IP 10.73.8.25 result error_htbl_key_not_found Jul 31 09:55:58 :124004: <8405> |authmgr| logging role event for 0x2353a64: 0x218b81c,0x1170308, index 1 Jul 31 09:55:58 :124182: <8405> |authmgr| {10.73.8.25} role logon for outer=10.72.0.2, count=1, auth type=3->3, subtype=7, server=Internal. Jul 31 09:55:58 :124004: <8405> |authmgr| user_download: User 10.73.8.25 Router Acl(0) Jul 31 09:55:58 :124163: <8405> |authmgr| download-L3: ip=10.73.8.25 acl=14/0 role=sys-ap-role, Ubwm=0, Dbwm=0 tunl=0x0, PA=0, HA=1, RO=0, VPN=0, MAC=00:00:00:00:00:00. Jul 31 09:55:58 :124234: <8405> |authmgr| Tx message to Sibyte, blocking with ack, Opcode = 164, msglen = 596 2 user messages bundled, actions = 18, 20 Jul 31 09:55:58 :124004: <8405> |authmgr| user_download: User 10.72.0.2 Router Acl(0) Jul 31 09:55:58 :124163: <8405> |authmgr| download-L3: ip=10.72.0.2 acl=2/0 role=logon, Ubwm=0, Dbwm=0 tunl=0x0, PA=0, HA=1, RO=0, VPN=1, MAC=00:00:00:00:00:00. Jul 31 09:55:58 :124234: <8405> |authmgr| Tx message to Sibyte, blocking with ack, Opcode = 164, msglen = 596 2 user messages bundled, actions = 18, 20 Jul 31 09:55:58 :103060: <8352> |ike| xlp_lib.c:xlp_rcv_response:661 Obtained result from SAE response Jul 31 09:55:58 :103060: <8352> |ike| xlp_lib.c:xlp_rcv_response:667 param struct obtained correctly from SAE response Jul 31 09:55:58 :103060: <8352> |ike| xlp_lib.c:xlp_rcv_response:673 rsa arg obtained correctly Jul 31 09:55:58 :103060: <8352> |ike| xlp_lib.c:xlp_rcv_response:691 Peer:10.72.0.2 obtained result frm param struct correctly from SAE response. Jul 31 09:55:58 :103060: <8352> |ike| xlp_lib.c:xlp_rcv_response:730 obtained context struct correctly from dh hw tbl Jul 31 09:55:58 :103060: <8352> |ike| xlp_lib.c:process_xlp_rsasign_response_ikev2:617 received response from RSA engine for rsa sign request Jul 31 09:55:58 :103063: <8352> |ike| authR_out Jul 31 09:55:58 :103063: <8352> |ike| DoCfgReq Jul 31 09:55:58 :103063: <8352> |ike| ragcfg IKECFG_SAMPLE_getAttrs innerip:a490819 g_switch_ip:a488133 Jul 31 09:55:58 :103063: <8352> |ike| CheckCfgAttr type:1 Jul 31 09:55:58 :103063: <8352> |ike| CheckCfgAttr type:16 Jul 31 09:55:58 :103063: <8352> |ike| CheckCfgAttr type:17 Jul 31 09:55:58 :103063: <8352> |ike| CheckCfgAttr type:18 Jul 31 09:55:58 :103063: <8352> |ike| OutCp entered Jul 31 09:55:58 :103063: <8352> |ike| <-- R CFG_REPLY IP4_ADDRESS(10.73.8.25) Jul 31 09:55:58 :103063: <8352> |ike| '16'([4 Jul 31 09:55:58 :103063: <8352> |ike| '17'([7 Jul 31 09:55:58 :103063: <8352> |ike| '18'([14 Jul 31 09:55:58 :103063: <8352> |ike| OutTfm2 Jul 31 09:55:58 :103063: <8352> |ike| OutTs : responder no:0 start:0.0.0.0 end:255.255.255.255 Jul 31 09:55:58 :103063: <8352> |ike| OutTs : responder no:1 start:0.0.0.0 end:255.255.255.255 Jul 31 09:55:58 :103063: <8352> |ike| #SEND 5968 bytes to 10.72.0.2(35228) (1347848.348) Jul 31 09:55:58 :103063: <8352> |ike| Sending no:1 fragment out of 7 fragments, size = 900 Jul 31 09:55:58 :103063: <8352> |ike| IKE_SAMPLE_ikeXchgSend: server instance 1 Jul 31 09:55:58 :103063: <8352> |ike| Sending no:2 fragment out of 7 fragments, size = 900 Jul 31 09:55:58 :103063: <8352> |ike| IKE_SAMPLE_ikeXchgSend: server instance 1 Jul 31 09:55:58 :103063: <8352> |ike| Sending no:3 fragment out of 7 fragments, size = 900 Jul 31 09:55:58 :103063: <8352> |ike| IKE_SAMPLE_ikeXchgSend: server instance 1 Jul 31 09:55:58 :103063: <8352> |ike| Sending no:4 fragment out of 7 fragments, size = 900 Jul 31 09:55:58 :103063: <8352> |ike| IKE_SAMPLE_ikeXchgSend: server instance 1 Jul 31 09:55:58 :103063: <8352> |ike| Sending no:5 fragment out of 7 fragments, size = 900 Jul 31 09:55:58 :103063: <8352> |ike| IKE_SAMPLE_ikeXchgSend: server instance 1 Jul 31 09:55:58 :103063: <8352> |ike| Sending no:6 fragment out of 7 fragments, size = 900 Jul 31 09:55:58 :103063: <8352> |ike| IKE_SAMPLE_ikeXchgSend: server instance 1 Jul 31 09:55:58 :103063: <8352> |ike| Sending last fragment, size = 816 Jul 31 09:55:58 :103063: <8352> |ike| IKE_SAMPLE_ikeXchgSend: server instance 1 Jul 31 09:55:58 :103077: <8352> |ike| IKEv2 IKE_SA succeeded for peer 10.72.0.2:35228 Jul 31 09:55:58 :103063: <8352> |ike| IKE_SA [v2 R Jul 31 09:55:58 :103063: <8352> |ike| IKE_addIPsecKey(ike=82871bee) Jul 31 09:55:58 :103063: <8352> |ike| IKE_initIPsecKey in:1 dstport:35228 srcport:4500 Jul 31 09:55:58 :103063: <8352> |ike| IKE_addIPsecKey id:2189892590 Jul 31 09:55:58 :103063: <8352> |ike| IKE_addIPsecKey k:1 Jul 31 09:55:58 :103063: <8352> |ike| IKE_addIPsecKey spi:59e8a000 opp-spi:2b1e5300 src:10.72.0.2 dst:10.72.0.60 initiator:NO out:0 Jul 31 09:55:58 :103063: <8352> |ike| ESP spi=59e8a000 10.72.0.60 << 10.72.0.2 udp-enc(35228)* spd=0(0) exp=7200 secs auth=sha1 Jul 31 09:55:58 :103063: <8352> |ike| IKE_addIPsecKey k:0 swapping spi/dst/src Jul 31 09:55:58 :103063: <8352> |ike| IKE_addIPsecKey k:0 Jul 31 09:55:58 :103063: <8352> |ike| IKE_addIPsecKey spi:2b1e5300 opp-spi:59e8a000 src:10.72.0.60 dst:10.72.0.2 initiator:NO out:1 Jul 31 09:55:58 :103063: <8352> |ike| IPSEC_keyAddEx spdid:0 Jul 31 09:55:58 :103063: <8352> |ike| IPSEC_newSa Added outbound-hash for pxSa 0xa2370c IP:10.72.0.2 status:0 inbound:0 hash:189581235 Jul 31 09:55:58 :103063: <8352> |ike| IPSEC_newSa SADB:0xa2370c Proto:50 SPI:2b1e5300 OppSPI:59e8a000 Dst:10.72.0.2 Src:10.72.0.60 natt:35228 Dport:0 Sport:0 Oprot:0 Mode:2 Inner:10.73.8.25 DstIP:0.0.0.0 DstIPe:255.255.255.255 SrcIP:0.0 Jul 31 09:55:58 :103076: <8352> |ike| IKEv2 IPSEC Tunnel created for peer 10.72.0.2:35228 Jul 31 09:55:58 :103063: <8352> |ike| arubaIPSecSetKeys:IPSECKEY proto:50 ospi:2b1e5300 ispi:59e8a000 auth:2 len:20 enc:4 len:32 add:1 out:1 Jul 31 09:55:58 :103063: <8352> |ike| DP SA out:1 natt:1 mode:1 proto:1 cipher:4 auth:2 spi:2b1e5300 oppspi:59e8a000 esrc:10.72.0.60 edst:10.72.0.2 dstnet:10.73.8.25 dstmask:0.0.0.0 nattport:35228 trust:0 dpd:0 ingress:0 sacl:0 family: 2 Jul 31 09:55:58 :103063: <8352> |ike| Added the IPSEC SA --- DONE !! Jul 31 09:55:58 :103060: <8352> |ike| ipc.c:is_HA_crypto_map_present:2781 Looking for MAP default-ha-ipsecmap10.72.0.2 Jul 31 09:55:58 :103063: <8352> |ike| DP SA out:0 natt:1 mode:1 proto:1 cipher:4 auth:2 spi:59e8a000 oppspi:2b1e5300 esrc:10.72.0.2 edst:10.72.0.60 dstnet:0.0.0.0 dstmask:0.0.0.0 nattport:35228 trust:0 dpd:0 ingress:0 sacl:0 family: 20 Jul 31 09:55:58 :103063: <8352> |ike| Added the IPSEC SA --- DONE !! Jul 31 09:55:58 :103063: <8352> |ike| encr=aes ESP spi=2b1e5300 10.72.0.2 << 10.72.0.60 udp-enc(35228)* spd=0(0) exp=7200 secs auth= Jul 31 09:55:58 :103078: <8352> |ike| IKEv2 CHILD_SA successful for peer 10.72.0.2:35228 Jul 31 09:55:58 :103063: <8352> |ike| CHILD_SA [v2 R Jul 31 09:55:58 :103063: <8352> |ike| cleanup_and_free_context delete ctx memory Jul 31 09:55:58 :103063: <8352> |ike| xlp_rcv_response: Nothing to be read from cryptolib fd Jul 31 09:55:59 :103060: <8352> |ike| ipc.c:ipc_rcvcb:3518 SWITCH IPv6 is not configured Jul 31 09:55:59 :103060: <8352> |ike| ipc.c:ipc_rcvcb:3520 Recvd SWITCH IPv6 =0.0.0.0 Jul 31 09:56:04 :103060: <8352> |ike| ipc.c:ipc_rcvcb:3518 SWITCH IPv6 is not configured Jul 31 09:56:04 :103060: <8352> |ike| ipc.c:ipc_rcvcb:3520 Recvd SWITCH IPv6 =0.0.0.0 Jul 31 09:56:09 :103060: <8352> |ike| ipc.c:ipc_rcvcb:3518 SWITCH IPv6 is not configured Jul 31 09:56:09 :103060: <8352> |ike| ipc.c:ipc_rcvcb:3520 Recvd SWITCH IPv6 =0.0.0.0 Jul 31 09:56:13 :103063: <8352> |ike| exchange_start_ikev2 pre-connect check duplicate mapname:default-local-master-ipsecmap Jul 31 09:56:14 :103060: <8352> |ike| ipc.c:ipc_rcvcb:3518 SWITCH IPv6 is not configured Jul 31 09:56:14 :103060: <8352> |ike| ipc.c:ipc_rcvcb:3520 Recvd SWITCH IPv6 =0.0.0.0 Jul 31 09:56:19 :103060: <8352> |ike| ipc.c:ipc_rcvcb:3518 SWITCH IPv6 is not configured Jul 31 09:56:19 :103060: <8352> |ike| ipc.c:ipc_rcvcb:3520 Recvd SWITCH IPv6 =0.0.0.0 Jul 31 09:56:24 :103060: <8352> |ike| ipc.c:ipc_rcvcb:3518 SWITCH IPv6 is not configured Jul 31 09:56:24 :103060: <8352> |ike| ipc.c:ipc_rcvcb:3520 Recvd SWITCH IPv6 =0.0.0.0 Jul 31 09:56:27 :124230: <8405> |authmgr| Rx message 3099/67108864, length 122 from 127.0.0.1:8222 Jul 31 09:56:27 :124220: <8405> |authmgr| stm_message_handler : msg_type 3099 Jul 31 09:56:27 :124004: <8405> |authmgr| Got STM_AP_GLOBAL_STATE_TYPE_DELETE for ip:10.73.8.25 Jul 31 09:56:27 :124004: <8405> |authmgr| Sent IP down to ike ip:10.73.8.25 vpn:Yes tvpn:No Jul 31 09:56:27 :124004: <8405> |authmgr| ap_global_state is null for AP IP 10.73.8.25 Jul 31 09:56:27 :103060: <8352> |ike| ipc.c:ipc_rcvcb:3650 Auth ip down message.ip=10.73.8.25. flags 4 Jul 31 09:56:27 :103063: <8352> |ike| IPSEC_deleteSaByInnerIPExtIP delete IPSEC SA 10.72.0.2:(inner:10.73.8.25) Jul 31 09:56:27 :103101: <8352> |ike| IPSEC SA deleted for peer 10.72.0.2 Jul 31 09:56:27 :103063: <8352> |ike| IPSEC_delSa: Removing spi 0x59e8a000 from hash table Jul 31 09:56:27 :103063: <8352> |ike| ipsec_spi_hash_tbl_entry_remove: Successfully removed IPSEC spi 0x59e8a000 from SPI hash table Jul 31 09:56:27 :103063: <8352> |ike| IPSEC_delSa: Removing entry from m_hashTableOutbnd. RAP: 1 Innerip: 10.73.8.25 Dst: 10.72.0.2 Src: 10.72.0.60 Jul 31 09:56:27 :103063: <8352> |ike| IPSEC_delSa (RESPONDER) Outgoing=1 SADB Proto:50 SPI:2b1e5300 OppSPI:59e8a000 Dst:10.72.0.2 Src:10.72.0.60 natt:35228 Dport:0 Sport:0 Oprot:0 Mode:2 Inner:10.73.8.25 DstIP:0.0.0.0 DstIPe:255.255.255 Jul 31 09:56:27 :103063: <8352> |ike| arubaIPSecSetKeys:IPSECKEY proto:50 ospi:2b1e5300 ispi:59e8a000 auth:2 len:20 enc:4 len:32 add:0 out:1 Jul 31 09:56:27 :103063: <8352> |ike| DP SA out:1 natt:1 mode:1 proto:1 cipher:4 auth:2 spi:2b1e5300 oppspi:59e8a000 esrc:10.72.0.60 edst:10.72.0.2 dstnet:10.73.8.25 dstmask:0.0.0.0 nattport:35228 trust:0 dpd:0 ingress:0 sacl:0 family: 2 Jul 31 09:56:27 :103063: <8352> |ike| Deleted the IPSEC SA --- DONE !! Jul 31 09:56:27 :103063: <8352> |ike| DP SA out:0 natt:1 mode:1 proto:1 cipher:4 auth:2 spi:59e8a000 oppspi:2b1e5300 esrc:10.72.0.2 edst:10.72.0.60 dstnet:0.0.0.0 dstmask:0.0.0.0 nattport:35228 trust:0 dpd:0 ingress:0 sacl:0 family: 20 Jul 31 09:56:27 :103063: <8352> |ike| Deleted the IPSEC SA --- DONE !! Jul 31 09:56:27 :103063: <8352> |ike| IPSEC_delSa: freeing innerip:10.73.8.25 Jul 31 09:56:27 :103063: <8352> |ike| freeL2TPIP freeing IP 10.73.8.25 from pool Jul 31 09:56:27 :124004: <8405> |authmgr| RX (sock) message of type 19, len 64 Jul 31 09:56:27 :124459: <8405> |authmgr| IP DN int: 10.73.8.25, ext:10.72.0.2 Jul 31 09:56:27 :124004: <8405> |authmgr| auth_ip_down: send IP down to SAPM for RAP with inner ip 10.73.8.25 outer ip 10.72.0.2 Jul 31 09:56:27 :124004: <8405> |authmgr| user_download: User 10.72.0.2 Router Acl(0) Jul 31 09:56:27 :103063: <8352> |ike| IKE_resetInnerIP: Reset innerip:10.73.8.25 in IKESA Jul 31 09:56:27 :124163: <8405> |authmgr| download-L3: ip=10.72.0.2 acl=2/0 role=logon, Ubwm=0, Dbwm=0 tunl=0x0, PA=0, HA=1, RO=0, VPN=0, MAC=00:00:00:00:00:00. Jul 31 09:56:27 :103063: <8352> |ike| IPSEC_delSa freeing pxsa 0xa2370c Jul 31 09:56:27 :124234: <8405> |authmgr| Tx message to Sibyte, blocking with ack, Opcode = 164, msglen = 596 2 user messages bundled, actions = 18, 20 Jul 31 09:56:27 :103060: <8352> |ike| sa.c:sa_xauth_down:2715 ikev2_sa_xauth_down success ip 0.2.0.0 flag 4 Jul 31 09:56:27 :103069: <8352> |ike| IKE received AP DOWN for 10.73.8.25 (External 10.72.0.2) Jul 31 09:56:27 :103060: <8352> |ike| ipc.c:ipc_rcvcb:3688 sa_xauth_downreturned ok for IP10.73.8.25: flag 4 Jul 31 09:56:27 :124004: <8405> |authmgr| IP User delete: [10.73.8.25 Jul 31 09:56:27 :124687: <8405> |authmgr| AP-GROUP:16 Group Name: default released. Jul 31 09:56:27 :124234: <8405> |authmgr| Tx message to Sibyte, blocking with ack, Opcode = 17, msglen = 352 action = 1 Jul 31 09:56:27 :124153: <8405> |authmgr| Free ipuser 0x23f492c (10.73.8.25) for user 0x2353a64. Jul 31 09:56:27 :124154: <8405> |authmgr| Free user 0x2353a64. Jul 31 09:56:27 :103063: <8352> |ike| 10.72.0.2:35228-> udp_encap_handle_message ver:2 serverInst:1 pktsize:80 Jul 31 09:56:27 :103063: <8352> |ike| 10.72.0.2:35228-> IKE_EXAMPLE_IKE_msgRecv: ip:10.72.0.2 port:35228 server:1 len:80 numSkts:8 Jul 31 09:56:27 :103063: <8352> |ike| 10.72.0.2:35228-> IKE_EXAMPLE_IKE_msgRecv:1369: IKE2_msgRecv Called Jul 31 09:56:27 :103063: <8352> |ike| 10.72.0.2:35228-> IKE2_msgRecv: dwPeerAddr: a480002 wPeerPort: 899c Jul 31 09:56:27 :103063: <8352> |ike| 10.72.0.2:35228-> sha1 encr=aes Jul 31 09:56:27 :103063: <8352> |ike| 10.72.0.2:35228-> #RECV 80 bytes from 10.72.0.2(35228) at 10.72.0.60 (1347877.228) Jul 31 09:56:27 :103063: <8352> |ike| 10.72.0.2:35228-> spi={0bc043b1bfd60a16 3ba9422eb38f0e7b} np=E{D} Jul 31 09:56:27 :103063: <8352> |ike| 10.72.0.2:35228-> exchange=INFORMATIONAL msgid=2 len=76 Jul 31 09:56:27 :103063: <8352> |ike| 10.72.0.2:35228-> IKE2_xchgIn:1387 Jul 31 09:56:27 :103063: <8352> |ike| 10.72.0.2:35228-> IKE2_newXchg oExchange:37 bReq:0 dwMsgId:2 Jul 31 09:56:27 :103063: <8352> |ike| 10.72.0.2:35228-> IKE2_newXchg before delXchg Jul 31 09:56:27 :103063: <8352> |ike| 10.72.0.2:35228-> IKE2_delXchg Deleting exchange Jul 31 09:56:27 :103063: <8352> |ike| 10.72.0.2:35228-> --> R Delete: 0 IKE_ SA's Jul 31 09:56:27 :103063: <8352> |ike| 10.72.0.2:35228-> <-- R#SEND 80 bytes to 10.72.0.2(35228) (1347877.228) Jul 31 09:56:27 :103063: <8352> |ike| 10.72.0.2:35228-> IKE_SAMPLE_ikeXchgSend: server instance 1 Jul 31 09:56:27 :103063: <8352> |ike| 10.72.0.2:35228-> cleanup_and_free_context delete ctx memory Jul 31 09:56:27 :103063: <8352> |ike| 10.72.0.2:35228-> udp_encap_handle_message IKEv2 pkt status:0 Jul 31 09:56:28 :103063: <8352> |ike| IKE2_updateSadb Permanently Deleting IKE_SA Jul 31 09:56:28 :103063: <8352> |ike| IKE2_updateSadb Permanently Deleting IKE_SA for peer 10.72.0.2:35228 Jul 31 09:56:28 :103063: <8352> |ike| IKE2_delSa sa:0xb6597c peer:10.72.0.2:35228 id:2189892590 err:0 saflags:30100059 arflags:5 Jul 31 09:56:28 :103063: <8352> |ike| IKE2_delSa before IKE2_delXchg Jul 31 09:56:28 :103063: <8352> |ike| IKE_SA (id=0x82871bee) deleted Jul 31 09:56:28 :103063: <8352> |ike| , status = -8972 Jul 31 09:56:28 :103063: <8352> |ike| IKE2_delSa before 2nd IKE2_delXchg Jul 31 09:56:28 :103063: <8352> |ike| IKE2_delXchg Deleting exchange Jul 31 09:56:28 :103063: <8352> |ike| IKE2_delSa: deleting IPSEC SA 10.72.0.2:35228 due to deletion of un-rekeyed IKE_SA Jul 31 09:56:28 :103063: <8352> |ike| IKE_deleteHW_state cookies:a480002:899c Jul 31 09:56:28 :103063: <8352> |ike| IKE2_delSa: isarubaAp 1 isarubaCampusAp 0 isMasterLocal 0 isBOC 0 ispeeruplinkfailover 0 username 20:4c:03:3f:db:2d before calling mac_hash_tbl_delete_sa_entry Jul 31 09:56:28 :103063: <8352> |ike| mac_hash_tbl_delete_sa_entry: deleting for mac 20:4c:03:3f:db:2d Jul 31 09:56:28 :103063: <8352> |ike| ikev2_same_sa: Jul 31 09:56:28 :103063: <8352> |ike| Cookies : Initiator cookie:0bc043b1bfd60a16 new sa Initiator cookie:0bc043b1bfd60a16 Jul 31 09:56:28 :103063: <8352> |ike| Cookies : Responder cookie:3ba9422eb38f0e7b new sa Responder cookie:3ba9422eb38f0e7b Jul 31 09:56:28 :103102: <8352> |ike| IKE SA deleted for peer 10.72.0.2