profile name:default -------------------------------------------------- current using tunnel :unselected tunnel ipsec is preempt status :disable ipsec is fast failover status :disable ipsec hold on period :600 ipsec tunnel monitor frequency (seconds/packet) :5 ipsec tunnel monitor timeout by lost packet cnt :2 ipsec primary tunnel crypto type :Cert ipsec primary tunnel peer address :202.15X.XXX.XX ipsec primary tunnel peer tunnel ip :0.0.0.0 ipsec primary tunnel ap tunnel ip :0.0.0.0 ipsec primary tunnel current sm status :Retrying ipsec primary tunnel tunnel status :Down ipsec primary tunnel tunnel retry times :4 ipsec primary tunnel tunnel uptime :0 ipsec backup tunnel crypto type :Cert ipsec backup tunnel peer address :N/A ipsec backup tunnel peer tunnel ip :N/A ipsec backup tunnel ap tunnel ip :N/A ipsec backup tunnel current sm status :Init ipsec backup tunnel tunnel status :Down ipsec backup tunnel tunnel retry times :0 ipsec backup tunnel tunnel uptime :0 end of show vpn status ======================================================== show upgrade info Image Upgrade Progress ---------------------- Mac IP Address AP Class Status Image Info Error Detail --- ---------- -------- ------ ---------- ------------ 24:de:c6:c0:16:34 192.168.10.60 Orion image-ok image file none Auto reboot :enable Use external URL :enable end of show upgrade info ======================================================== show log upgrade ----------Download log start---------- download log not available ----------Download log end------------ Download status: incomplete ----------Upgrade log start---------- upgrade log not available ----------Upgrade log end------------ Upgrade status: upgrade status not available end of show log upgrade ======================================================== show log rapper EC_generateKey_FIPS_consistancy_test: GOOD Signature Verify! EC_generateKey_FIPS_consistancy_test: GOOD Signature Verify! EC_generateKey_FIPS_consistancy_test: GOOD Signature Verify! EC_generateKey_FIPS_consistancy_test: GOOD Signature Verify! EC_generateKey_FIPS_consistancy_test: GOOD Signature Verify! Apr 15, 20:56:06: main: ethmacstr = 24:DE:C6:C0:16:34 Apr 15, 20:56:06: main: ethmacstr = 24:DE:C6:C0:16:34 Apr 15, 20:56:06: main(): Entered, getpid()=2407 Apr 15, 20:56:06: get_ike_version: Use IKE Version 2 Apr 15, 20:56:06: papi_init papifd:7 ack:13 IKE_EXAMPLE: Starting up IKE server setup_tunnel Apr 15, 20:56:06: IKE_init: ethmacstr = 24:DE:C6:C0:16:34 Initialized Timers IKE_init: completed after (0.0)(pid:2407) time:2014-04-15 20:56:06 seconds. Apr 15, 20:56:06: RAP using default certificates Apr 15, 20:56:06: Before getting Certs Apr 15, 20:56:06: TPM enabled Apr 15, 20:56:06: get_usb_type: Unable to open /tmp/usb_type Apr 15, 20:56:06: CA_MGMT_EXAMPLE_computeHostKeys init cert-len 0 Apr 15, 20:56:06: Factory Device Cert is /tmp/deviceCerts/certifiedKeyCert.der Apr 15, 20:56:06: Reading DER Device Cert file /tmp/deviceCerts/certifiedKeyCert.der Apr 15, 20:56:06: DER Device Cert file len:1767 Apr 15, 20:56:06: Intermediate Cert index:0 is /tmp/deviceCerts/certifiedKeyCaCert.der Apr 15, 20:56:06: Reading DER Intermediate Cert file Apr 15, 20:56:06: DER Intermediate Cert file len:1456 Apr 15, 20:56:06: Intermediate Cert index:1 is /tmp/deviceCerts/caChainCert1.der Apr 15, 20:56:06: Reading DER Intermediate Cert file Apr 15, 20:56:06: DER Intermediate Cert file len:1580 Apr 15, 20:56:06: Decode PEM Key length :0 Apr 15, 20:56:06: testHostKeys : status 0 Apr 15, 20:56:06: testHostKeys : free temp Certificate status 0 Apr 15, 20:56:06: CA_MGMT_EXAMPLE_computeHostKeys after testHostKeys cert-len 1767 Apr 15, 20:56:06: CA Cert index:0 is /tmp/deviceCerts/OpensslOldCA_RootCert.der Apr 15, 20:56:06: Reading DER CA Cert file Apr 15, 20:56:06: DER CA Cert file len:1416 Apr 15, 20:56:06: CA Cert index:1 is /tmp/deviceCerts/MSCAV1_RootCert.der Apr 15, 20:56:06: Reading DER CA Cert file Apr 15, 20:56:06: DER CA Cert file len:1009 Apr 15, 20:56:06: Got 2 Trusted Certs Apr 15, 20:56:06: After getFieldTrustedCerts ret:-1 Apr 15, 20:56:06: Got 0 Field Trusted Certs Apr 15, 20:56:06: CSS CA Cert is /tmp/deviceCerts/CSS_CA_RootCert.der Apr 15, 20:56:06: Reading DER CA Cert file Apr 15, 20:56:06: Error in reading DER CA Cert:/tmp/deviceCerts/CSS_CA_RootCert.der, Ignore It Apr 15, 20:56:06: CA Cert status : 0 Before IKE_initServer Apr 15, 20:56:06: IKE_initServer: Cert length 1767 IKE_initServer: Host Certificate is set (RSA-SIG) {CN=BU0041483::24:de:c6:c0:16:34} Apr 15, 20:56:06: IKE_EXAMPLE_addServer port:0 natt:0 Apr 15, 20:56:06: srcdev_name = br0 ip c0a80a3c Apr 15, 20:56:06: IKE_EXAMPLE_addUdpSkt: Using SocketIndex:0 IKE_EXAMPLE: Socket created on 192.168.10.60[0] Apr 15, 20:56:06: IKE_EXAMPLE_addServer:1330 socket descriptor is 0 port number 49156 for server instance 0 at 0th index Apr 15, 20:56:06: srcdev_name = br0 ip c0a80a3c Apr 15, 20:56:06: IKE_EXAMPLE_addUdpSkt: Using SocketIndex:1 IKE_EXAMPLE: Socket created on 192.168.10.60[49157] Apr 15, 20:56:06: IKE_EXAMPLE_addServer:1377 socket descriptor is 1 port number 49157 for server instance 0 at 1st index Apr 15, 20:56:06: IKE_EXAMPLE_addDefaultServers status:0 (0.0)(pid:2407) time:2014-04-15 20:56:06 SA_INIT dest=202.158.130.41 Apr 15, 20:56:06: Initialize IKE SA Apr 15, 20:56:06: IKE_CUSTOM_getVersion(peerAddr:ca9e8229): ikeVersion:2 Timer ID: 1 Initialized Apr 15, 20:56:06: IKE2_newSa(peerAddr:ca9e8229): IKE_SA-lifetime:28000 I --> Apr 15, 20:56:06: OutSa(v2-peerAddr:0 pxSa->dwPeerAddr:ca9e8229): Entered ENCR_AES 256-BITS PRF_HMAC_SHA1 AUTH_HMAC_SHA1_96 DH_2 NAT_D (us): 4d 0f ce 70 00 97 cd 32 3d c4 42 db 51 d3 f5 d5 97 3b 36 e0 NAT_D (peer): 5b f6 ad 14 39 5c 18 b9 26 13 66 f1 e0 7b 95 b9 a9 27 b1 1c Apr 15, 20:56:06: RAPPER_ERROR_FILE doesn't exist Apr 15, 20:56:06: RAPPER_ERROR_FILE doesn't exist Apr 15, 20:56:06: RAPPER_ERROR_FILE doesn't exist Apr 15, 20:56:06: RAPPER_ERROR_FILE doesn't exist Apr 15, 20:56:06: RAPPER_ERROR_FILE doesn't exist spi={ca97501e0808d430 0000000000000000} np=SA exchange=IKE_SA_INIT msgid=0 len=376 #SEND 380 bytes to 202.158.130.41[4500] (0.0)(pid:2407) time:2014-04-15 20:56:06 Apr 15, 20:56:06: IKE_SAMPLE_ikeXchgSend Successfully setsockopt UDP_ENCAP port 49157 IKE_EXAMPLE: IKE_keyConnect() started, id = 0xApr 15, 20:56:06: IKE_EXAMPLE: IKE_keyConnect() started, id = 0x on device br0 cfcc4b86... Apr 15, 20:56:06: papi:15200 spi={ca97501e0808d430 0000000000000000} np=SA exchange=IKE_SA_INIT msgid=0 len=376 #SEND 380 bytes to 202.158.130.41[4500] (5.0)(pid:2407) time:2014-04-15 20:56:11 spi={ca97501e0808d430 0000000000000000} np=SA exchange=IKE_SA_INIT msgid=0 len=376 #SEND 380 bytes to 202.158.130.41[4500] (10.0)(pid:2407) time:2014-04-15 20:56:16 spi={ca97501e0808d430 0000000000000000} np=SA exchange=IKE_SA_INIT msgid=0 len=376 #SEND 380 bytes to 202.158.130.41[4500] (15.0)(pid:2407) time:2014-04-15 20:56:21 EC_generateKey_FIPS_consistancy_test: GOOD Signature Verify! EC_generateKey_FIPS_consistancy_test: GOOD Signature Verify! EC_generateKey_FIPS_consistancy_test: GOOD Signature Verify! EC_generateKey_FIPS_consistancy_test: GOOD Signature Verify! EC_generateKey_FIPS_consistancy_test: GOOD Signature Verify! Apr 15, 20:56:27: main: ethmacstr = 24:DE:C6:C0:16:34 Apr 15, 20:56:27: main: ethmacstr = 24:DE:C6:C0:16:34 Apr 15, 20:56:27: main(): Entered, getpid()=2434 Apr 15, 20:56:27: get_ike_version: Use IKE Version 2 Apr 15, 20:56:27: papi_init papifd:7 ack:13 IKE_EXAMPLE: Starting up IKE server setup_tunnel Apr 15, 20:56:28: IKE_init: ethmacstr = 24:DE:C6:C0:16:34 Initialized Timers IKE_init: completed after (1.0)(pid:2434) time:2014-04-15 20:56:28 seconds. Apr 15, 20:56:28: RAP using default certificates Apr 15, 20:56:28: Before getting Certs Apr 15, 20:56:28: TPM enabled Apr 15, 20:56:28: get_usb_type: Unable to open /tmp/usb_type Apr 15, 20:56:28: CA_MGMT_EXAMPLE_computeHostKeys init cert-len 0 Apr 15, 20:56:28: Factory Device Cert is /tmp/deviceCerts/certifiedKeyCert.der Apr 15, 20:56:28: Reading DER Device Cert file /tmp/deviceCerts/certifiedKeyCert.der Apr 15, 20:56:28: DER Device Cert file len:1767 Apr 15, 20:56:28: Intermediate Cert index:0 is /tmp/deviceCerts/certifiedKeyCaCert.der Apr 15, 20:56:28: Reading DER Intermediate Cert file Apr 15, 20:56:28: DER Intermediate Cert file len:1456 Apr 15, 20:56:28: Intermediate Cert index:1 is /tmp/deviceCerts/caChainCert1.der Apr 15, 20:56:28: Reading DER Intermediate Cert file Apr 15, 20:56:28: DER Intermediate Cert file len:1580 Apr 15, 20:56:28: Decode PEM Key length :0 Apr 15, 20:56:28: testHostKeys : status 0 Apr 15, 20:56:28: testHostKeys : free temp Certificate status 0 Apr 15, 20:56:28: CA_MGMT_EXAMPLE_computeHostKeys after testHostKeys cert-len 1767 Apr 15, 20:56:28: CA Cert index:0 is /tmp/deviceCerts/OpensslOldCA_RootCert.der Apr 15, 20:56:28: Reading DER CA Cert file Apr 15, 20:56:28: DER CA Cert file len:1416 Apr 15, 20:56:28: CA Cert index:1 is /tmp/deviceCerts/MSCAV1_RootCert.der Apr 15, 20:56:28: Reading DER CA Cert file Apr 15, 20:56:28: DER CA Cert file len:1009 Apr 15, 20:56:28: Got 2 Trusted Certs Apr 15, 20:56:28: After getFieldTrustedCerts ret:-1 Apr 15, 20:56:28: Got 0 Field Trusted Certs Apr 15, 20:56:28: CSS CA Cert is /tmp/deviceCerts/CSS_CA_RootCert.der Apr 15, 20:56:28: Reading DER CA Cert file Apr 15, 20:56:28: Error in reading DER CA Cert:/tmp/deviceCerts/CSS_CA_RootCert.der, Ignore It Apr 15, 20:56:28: CA Cert status : 0 Before IKE_initServer Apr 15, 20:56:28: IKE_initServer: Cert length 1767 IKE_initServer: Host Certificate is set (RSA-SIG) {CN=BU0041483::24:de:c6:c0:16:34} Apr 15, 20:56:28: IKE_EXAMPLE_addServer port:0 natt:0 Apr 15, 20:56:28: srcdev_name = br0 ip c0a80a3c Apr 15, 20:56:28: IKE_EXAMPLE_addUdpSkt: Using SocketIndex:0 IKE_EXAMPLE: Socket created on 192.168.10.60[49158] Apr 15, 20:56:28: IKE_EXAMPLE_addServer:1330 socket descriptor is 0 port number 49158 for server instance 0 at 0th index Apr 15, 20:56:28: srcdev_name = br0 ip c0a80a3c Apr 15, 20:56:28: IKE_EXAMPLE_addUdpSkt: Using SocketIndex:1 IKE_EXAMPLE: Socket created on 192.168.10.60[49159] Apr 15, 20:56:28: IKE_EXAMPLE_addServer:1377 socket descriptor is 1 port number 49159 for server instance 0 at 1st index Apr 15, 20:56:28: IKE_EXAMPLE_addDefaultServers status:0 (1.0)(pid:2434) time:2014-04-15 20:56:28 SA_INIT dest=202.158.130.41 Apr 15, 20:56:28: Initialize IKE SA Apr 15, 20:56:28: IKE_CUSTOM_getVersion(peerAddr:ca9e8229): ikeVersion:2 Timer ID: 1 Initialized Apr 15, 20:56:28: IKE2_newSa(peerAddr:ca9e8229): IKE_SA-lifetime:28000 I --> Apr 15, 20:56:28: OutSa(v2-peerAddr:0 pxSa->dwPeerAddr:ca9e8229): Entered ENCR_AES 256-BITS PRF_HMAC_SHA1 AUTH_HMAC_SHA1_96 DH_2 NAT_D (us): db 29 ab 79 69 df 64 e9 a2 87 87 a6 ce 7c 66 1c c4 64 85 72 NAT_D (peer): 0a 3e a8 4b a3 03 b2 89 f5 19 97 0e d4 aa f9 c5 6c 3c 17 e8 Apr 15, 20:56:28: RAPPER_ERROR_FILE doesn't exist Apr 15, 20:56:28: RAPPER_ERROR_FILE doesn't exist Apr 15, 20:56:28: RAPPER_ERROR_FILE doesn't exist Apr 15, 20:56:28: RAPPER_ERROR_FILE doesn't exist Apr 15, 20:56:28: RAPPER_ERROR_FILE doesn't exist spi={c39a5d1008629d19 0000000000000000} np=SA exchange=IKE_SA_INIT msgid=0 len=376 #SEND 380 bytes to 202.158.130.41[4500] (1.0)(pid:2434) time:2014-04-15 20:56:28 Apr 15, 20:56:28: IKE_SAMPLE_ikeXchgSend Successfully setsockopt UDP_ENCAP port 49159 IKE_EXAMPLE: IKE_keyConnect() started, id = 0xApr 15, 20:56:28: IKE_EXAMPLE: IKE_keyConnect() started, id = 0x on device br0 d101ac75... Apr 15, 20:56:28: papi:15200 spi={c39a5d1008629d19 0000000000000000} np=SA exchange=IKE_SA_INIT msgid=0 len=376 #SEND 380 bytes to 202.158.130.41[4500] (6.0)(pid:2434) time:2014-04-15 20:56:33 spi={c39a5d1008629d19 0000000000000000} np=SA exchange=IKE_SA_INIT msgid=0 len=376 #SEND 380 bytes to 202.158.130.41[4500] (11.0)(pid:2434) time:2014-04-15 20:56:38 spi={c39a5d1008629d19 0000000000000000} np=SA exchange=IKE_SA_INIT msgid=0 len=376 #SEND 380 bytes to 202.158.130.41[4500] (17.0)(pid:2434) time:2014-04-15 20:56:44 EC_generateKey_FIPS_consistancy_test: GOOD Signature Verify! EC_generateKey_FIPS_consistancy_test: GOOD Signature Verify! EC_generateKey_FIPS_consistancy_test: GOOD Signature Verify! EC_generateKey_FIPS_consistancy_test: GOOD Signature Verify! EC_generateKey_FIPS_consistancy_test: GOOD Signature Verify! Apr 15, 20:56:49: main: ethmacstr = 24:DE:C6:C0:16:34 Apr 15, 20:56:49: main: ethmacstr = 24:DE:C6:C0:16:34 Apr 15, 20:56:49: main(): Entered, getpid()=2507 Apr 15, 20:56:49: get_ike_version: Use IKE Version 2 Apr 15, 20:56:49: papi_init papifd:7 ack:13 IKE_EXAMPLE: Starting up IKE server setup_tunnel Apr 15, 20:56:49: IKE_init: ethmacstr = 24:DE:C6:C0:16:34 Initialized Timers IKE_init: completed after (0.0)(pid:2507) time:2014-04-15 20:56:49 seconds. Apr 15, 20:56:49: RAP using default certificates Apr 15, 20:56:49: Before getting Certs Apr 15, 20:56:49: TPM enabled Apr 15, 20:56:49: get_usb_type: Unable to open /tmp/usb_type Apr 15, 20:56:49: CA_MGMT_EXAMPLE_computeHostKeys init cert-len 0 Apr 15, 20:56:49: Factory Device Cert is /tmp/deviceCerts/certifiedKeyCert.der Apr 15, 20:56:49: Reading DER Device Cert file /tmp/deviceCerts/certifiedKeyCert.der Apr 15, 20:56:49: DER Device Cert file len:1767 Apr 15, 20:56:49: Intermediate Cert index:0 is /tmp/deviceCerts/certifiedKeyCaCert.der Apr 15, 20:56:49: Reading DER Intermediate Cert file Apr 15, 20:56:49: DER Intermediate Cert file len:1456 Apr 15, 20:56:49: Intermediate Cert index:1 is /tmp/deviceCerts/caChainCert1.der Apr 15, 20:56:49: Reading DER Intermediate Cert file Apr 15, 20:56:49: DER Intermediate Cert file len:1580 Apr 15, 20:56:49: Decode PEM Key length :0 Apr 15, 20:56:49: testHostKeys : status 0 Apr 15, 20:56:49: testHostKeys : free temp Certificate status 0 Apr 15, 20:56:49: CA_MGMT_EXAMPLE_computeHostKeys after testHostKeys cert-len 1767 Apr 15, 20:56:49: CA Cert index:0 is /tmp/deviceCerts/OpensslOldCA_RootCert.der Apr 15, 20:56:49: Reading DER CA Cert file Apr 15, 20:56:49: DER CA Cert file len:1416 Apr 15, 20:56:49: CA Cert index:1 is /tmp/deviceCerts/MSCAV1_RootCert.der Apr 15, 20:56:49: Reading DER CA Cert file Apr 15, 20:56:49: DER CA Cert file len:1009 Apr 15, 20:56:49: Got 2 Trusted Certs Apr 15, 20:56:49: After getFieldTrustedCerts ret:-1 Apr 15, 20:56:49: Got 0 Field Trusted Certs Apr 15, 20:56:49: CSS CA Cert is /tmp/deviceCerts/CSS_CA_RootCert.der Apr 15, 20:56:49: Reading DER CA Cert file Apr 15, 20:56:49: Error in reading DER CA Cert:/tmp/deviceCerts/CSS_CA_RootCert.der, Ignore It Apr 15, 20:56:49: CA Cert status : 0 Before IKE_initServer Apr 15, 20:56:49: IKE_initServer: Cert length 1767 IKE_initServer: Host Certificate is set (RSA-SIG) {CN=BU0041483::24:de:c6:c0:16:34} Apr 15, 20:56:49: IKE_EXAMPLE_addServer port:0 natt:0 Apr 15, 20:56:49: srcdev_name = br0 ip c0a80a3c Apr 15, 20:56:49: IKE_EXAMPLE_addUdpSkt: Using SocketIndex:0 IKE_EXAMPLE: Socket created on 192.168.10.60[49160] Apr 15, 20:56:49: IKE_EXAMPLE_addServer:1330 socket descriptor is 0 port number 49160 for server instance 0 at 0th index Apr 15, 20:56:49: srcdev_name = br0 ip c0a80a3c Apr 15, 20:56:49: IKE_EXAMPLE_addUdpSkt: Using SocketIndex:1 IKE_EXAMPLE: Socket created on 192.168.10.60[49161] Apr 15, 20:56:49: IKE_EXAMPLE_addServer:1377 socket descriptor is 1 port number 49161 for server instance 0 at 1st index Apr 15, 20:56:49: IKE_EXAMPLE_addDefaultServers status:0 (0.0)(pid:2507) time:2014-04-15 20:56:49 SA_INIT dest=202.158.130.41 Apr 15, 20:56:49: Initialize IKE SA Apr 15, 20:56:49: IKE_CUSTOM_getVersion(peerAddr:ca9e8229): ikeVersion:2 Timer ID: 1 Initialized Apr 15, 20:56:49: IKE2_newSa(peerAddr:ca9e8229): IKE_SA-lifetime:28000 I --> Apr 15, 20:56:49: OutSa(v2-peerAddr:0 pxSa->dwPeerAddr:ca9e8229): Entered ENCR_AES 256-BITS PRF_HMAC_SHA1 AUTH_HMAC_SHA1_96 DH_2 NAT_D (us): 6d 12 79 06 7f 08 df 49 eb e9 b2 63 50 92 f7 13 6c 5e 23 7a NAT_D (peer): c5 fa ae cd fe 4c 87 a1 ef 42 b6 74 7c a7 96 b5 a7 13 29 02 Apr 15, 20:56:49: RAPPER_ERROR_FILE doesn't exist Apr 15, 20:56:49: RAPPER_ERROR_FILE doesn't exist Apr 15, 20:56:49: RAPPER_ERROR_FILE doesn't exist Apr 15, 20:56:49: RAPPER_ERROR_FILE doesn't exist Apr 15, 20:56:49: RAPPER_ERROR_FILE doesn't exist spi={d2b3c4f6cc13ba2f 0000000000000000} np=SA exchange=IKE_SA_INIT msgid=0 len=376 #SEND 380 bytes to 202.158.130.41[4500] (0.0)(pid:2507) time:2014-04-15 20:56:49 Apr 15, 20:56:49: IKE_SAMPLE_ikeXchgSend Successfully setsockopt UDP_ENCAP port 49161 IKE_EXAMPLE: IKE_keyConnect() started, id = 0xApr 15, 20:56:49: IKE_EXAMPLE: IKE_keyConnect() started, id = 0x on device br0 9f59cf95... Apr 15, 20:56:49: papi:15200 spi={d2b3c4f6cc13ba2f 0000000000000000} np=SA exchange=IKE_SA_INIT msgid=0 len=376 #SEND 380 bytes to 202.158.130.41[4500] (5.0)(pid:2507) time:2014-04-15 20:56:54 spi={d2b3c4f6cc13ba2f 0000000000000000} np=SA exchange=IKE_SA_INIT msgid=0 len=376 #SEND 380 bytes to 202.158.130.41[4500] (10.0)(pid:2507) time:2014-04-15 20:56:59 spi={d2b3c4f6cc13ba2f 0000000000000000} np=SA exchange=IKE_SA_INIT msgid=0 len=376 #SEND 380 bytes to 202.158.130.41[4500] (15.0)(pid:2507) time:2014-04-15 20:57:04 EC_generateKey_FIPS_consistancy_test: GOOD Signature Verify! EC_generateKey_FIPS_consistancy_test: GOOD Signature Verify! EC_generateKey_FIPS_consistancy_test: GOOD Signature Verify! EC_generateKey_FIPS_consistancy_test: GOOD Signature Verify! EC_generateKey_FIPS_consistancy_test: GOOD Signature Verify! Apr 15, 20:57:10: main: ethmacstr = 24:DE:C6:C0:16:34 Apr 15, 20:57:10: main: ethmacstr = 24:DE:C6:C0:16:34 Apr 15, 20:57:10: main(): Entered, getpid()=2560 Apr 15, 20:57:10: get_ike_version: Use IKE Version 2 Apr 15, 20:57:10: papi_init papifd:7 ack:13 IKE_EXAMPLE: Starting up IKE server setup_tunnel Apr 15, 20:57:11: IKE_init: ethmacstr = 24:DE:C6:C0:16:34 Initialized Timers IKE_init: completed after (0.0)(pid:2560) time:2014-04-15 20:57:11 seconds. Apr 15, 20:57:11: RAP using default certificates Apr 15, 20:57:11: Before getting Certs Apr 15, 20:57:11: TPM enabled Apr 15, 20:57:11: get_usb_type: Unable to open /tmp/usb_type Apr 15, 20:57:11: CA_MGMT_EXAMPLE_computeHostKeys init cert-len 0 Apr 15, 20:57:11: Factory Device Cert is /tmp/deviceCerts/certifiedKeyCert.der Apr 15, 20:57:11: Reading DER Device Cert file /tmp/deviceCerts/certifiedKeyCert.der Apr 15, 20:57:11: DER Device Cert file len:1767 Apr 15, 20:57:11: Intermediate Cert index:0 is /tmp/deviceCerts/certifiedKeyCaCert.der Apr 15, 20:57:11: Reading DER Intermediate Cert file Apr 15, 20:57:11: DER Intermediate Cert file len:1456 Apr 15, 20:57:11: Intermediate Cert index:1 is /tmp/deviceCerts/caChainCert1.der Apr 15, 20:57:11: Reading DER Intermediate Cert file Apr 15, 20:57:11: DER Intermediate Cert file len:1580 Apr 15, 20:57:11: Decode PEM Key length :0 Apr 15, 20:57:11: testHostKeys : status 0 Apr 15, 20:57:11: testHostKeys : free temp Certificate status 0 Apr 15, 20:57:11: CA_MGMT_EXAMPLE_computeHostKeys after testHostKeys cert-len 1767 Apr 15, 20:57:11: CA Cert index:0 is /tmp/deviceCerts/OpensslOldCA_RootCert.der Apr 15, 20:57:11: Reading DER CA Cert file Apr 15, 20:57:11: DER CA Cert file len:1416 Apr 15, 20:57:11: CA Cert index:1 is /tmp/deviceCerts/MSCAV1_RootCert.der Apr 15, 20:57:11: Reading DER CA Cert file Apr 15, 20:57:11: DER CA Cert file len:1009 Apr 15, 20:57:11: Got 2 Trusted Certs Apr 15, 20:57:11: After getFieldTrustedCerts ret:-1 Apr 15, 20:57:11: Got 0 Field Trusted Certs Apr 15, 20:57:11: CSS CA Cert is /tmp/deviceCerts/CSS_CA_RootCert.der Apr 15, 20:57:11: Reading DER CA Cert file Apr 15, 20:57:11: Error in reading DER CA Cert:/tmp/deviceCerts/CSS_CA_RootCert.der, Ignore It Apr 15, 20:57:11: CA Cert status : 0 Before IKE_initServer Apr 15, 20:57:11: IKE_initServer: Cert length 1767 IKE_initServer: Host Certificate is set (RSA-SIG) {CN=BU0041483::24:de:c6:c0:16:34} Apr 15, 20:57:11: IKE_EXAMPLE_addServer port:0 natt:0 Apr 15, 20:57:11: srcdev_name = br0 ip c0a80a3c Apr 15, 20:57:11: IKE_EXAMPLE_addUdpSkt: Using SocketIndex:0 IKE_EXAMPLE: Socket created on 192.168.10.60[49162] Apr 15, 20:57:11: IKE_EXAMPLE_addServer:1330 socket descriptor is 0 port number 49162 for server instance 0 at 0th index Apr 15, 20:57:11: srcdev_name = br0 ip c0a80a3c Apr 15, 20:57:11: IKE_EXAMPLE_addUdpSkt: Using SocketIndex:1 IKE_EXAMPLE: Socket created on 192.168.10.60[49163] Apr 15, 20:57:11: IKE_EXAMPLE_addServer:1377 socket descriptor is 1 port number 49163 for server instance 0 at 1st index Apr 15, 20:57:11: IKE_EXAMPLE_addDefaultServers status:0 (1.0)(pid:2560) time:2014-04-15 20:57:11 SA_INIT dest=202.158.130.41 Apr 15, 20:57:11: Initialize IKE SA Apr 15, 20:57:11: IKE_CUSTOM_getVersion(peerAddr:ca9e8229): ikeVersion:2 Timer ID: 1 Initialized Apr 15, 20:57:11: IKE2_newSa(peerAddr:ca9e8229): IKE_SA-lifetime:28000 I --> Apr 15, 20:57:11: OutSa(v2-peerAddr:0 pxSa->dwPeerAddr:ca9e8229): Entered ENCR_AES 256-BITS PRF_HMAC_SHA1 AUTH_HMAC_SHA1_96 DH_2 NAT_D (us): 54 b8 43 de dc 35 a4 18 b2 e0 ef 59 e9 e2 8e 6e 8a 8d c3 70 NAT_D (peer): 64 15 ec 71 ca ae df 49 3d 82 41 91 da ff b9 06 cc 77 b5 e8 Apr 15, 20:57:11: RAPPER_ERROR_FILE doesn't exist Apr 15, 20:57:11: RAPPER_ERROR_FILE doesn't exist Apr 15, 20:57:11: RAPPER_ERROR_FILE doesn't exist Apr 15, 20:57:11: RAPPER_ERROR_FILE doesn't exist Apr 15, 20:57:11: RAPPER_ERROR_FILE doesn't exist spi={21888872b379d98c 0000000000000000} np=SA exchange=IKE_SA_INIT msgid=0 len=376 #SEND 380 bytes to 202.158.130.41[4500] (1.0)(pid:2560) time:2014-04-15 20:57:11 Apr 15, 20:57:11: IKE_SAMPLE_ikeXchgSend Successfully setsockopt UDP_ENCAP port 49163 IKE_EXAMPLE: IKE_keyConnect() started, id = 0xApr 15, 20:57:11: IKE_EXAMPLE: IKE_keyConnect() started, id = 0x on device br0 ade81257... Apr 15, 20:57:11: papi:15200 end of show log rapper ==========================================