1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
|
1 2007-08-06 12:21:24.386989 IP (tos 0x0, ttl 64, id 19908, offset 0, flags [none], proto UDP (17), length 404)
192.168.1.2.500 > 192.168.1.1.500: isakmp 2.0 msgid 00000000: parent_sa ikev2_init[I]:
(sa: len=116
(p: #1 protoid=isakmp transform=12 len=116
(t: #1 type=encr id=aes (type=keylen value=0080))
(t: #2 type=encr id=aes (type=keylen value=0100))
(t: #3 type=encr id=aes (type=keylen value=00c0))
(t: #4 type=encr id=3des )
(t: #5 type=prf id=hmac-sha )
(t: #6 type=prf id=hmac-md5 )
(t: #7 type=prf id=aes128_xcbc )
(t: #8 type=integ id=hmac-sha )
(t: #9 type=integ id=hmac-md5 )
(t: #10 type=integ id=aes-xcbc )
(t: #11 type=dh id=modp1024 )
(t: #12 type=dh id=modp2048 )))
(v2ke: len=128 group=modp1024)
(nonce: len=32 data=(6128ebd023a864e94a7f...ba041b5de59955900d818ac54e18b236739d9e8b))
(n: prot_id=#0 type=16388(nat_detection_source_ip))
(n: prot_id=#0 type=16389(nat_detection_destination_ip))
2 2007-08-06 12:21:24.390720 IP (tos 0x0, ttl 64, id 19909, offset 0, flags [none], proto UDP (17), length 88)
192.168.1.1.500 > 192.168.1.2.500: isakmp 2.0 msgid 00000000: parent_sa ikev2_init[R]:
(n: prot_id=#0 type=16390(cookie) data=(00000001c2221e50c16e123f2b0c71aefcf0cb3b798782c6))
3 2007-08-06 12:21:24.394523 IP (tos 0x0, ttl 64, id 19910, offset 0, flags [none], proto UDP (17), length 436)
192.168.1.2.500 > 192.168.1.1.500: isakmp 2.0 msgid 00000000: parent_sa ikev2_init[I]:
(n: prot_id=#0 type=16390(cookie) data=(00000001c2221e50c16e...ba041b5de59955900d818ac54e18b236739d9e8b))
(sa: len=116
(p: #1 protoid=isakmp transform=12 len=116
(t: #1 type=encr id=aes (type=keylen value=0080))
(t: #2 type=encr id=aes (type=keylen value=0100))
(t: #3 type=encr id=aes (type=keylen value=00c0))
(t: #4 type=encr id=3des )
(t: #5 type=prf id=hmac-sha )
(t: #6 type=prf id=hmac-md5 )
(t: #7 type=prf id=aes128_xcbc )
(t: #8 type=integ id=hmac-sha )
(t: #9 type=integ id=hmac-md5 )
(t: #10 type=integ id=aes-xcbc )
(t: #11 type=dh id=modp1024 )
(t: #12 type=dh id=modp2048 )))
(v2ke: len=128 group=modp1024)
(nonce: len=32 data=(6128ebd023a864e94a7f...ba041b5de59955900d818ac54e18b236739d9e8b))
(n: prot_id=#0 type=16388(nat_detection_source_ip))
(n: prot_id=#0 type=16389(nat_detection_destination_ip))
4 2007-08-06 12:21:24.403533 IP (tos 0x0, ttl 64, id 19911, offset 0, flags [none], proto UDP (17), length 332)
192.168.1.1.500 > 192.168.1.2.500: isakmp 2.0 msgid 00000000: parent_sa ikev2_init[R]:
(sa: len=44
(p: #1 protoid=isakmp transform=4 len=44
(t: #1 type=encr id=aes (type=keylen value=0080))
(t: #2 type=prf id=hmac-sha )
(t: #3 type=integ id=hmac-sha )
(t: #4 type=dh id=modp1024 )))
(v2ke: len=128 group=modp1024)
(nonce: len=32 data=(b31c379f272ce2984bd1...905954a783be2c37e2ccc4fdd270a532dbe6f428))
(n: prot_id=#0 type=16388(nat_detection_source_ip))
(n: prot_id=#0 type=16389(nat_detection_destination_ip))
5 2007-08-06 12:21:24.414868 IP (tos 0x0, ttl 64, id 19912, offset 0, flags [none], proto UDP (17), length 264)
192.168.1.2.500 > 192.168.1.1.500: isakmp 2.0 msgid 00000001: child_sa ikev2_auth[I]:
(v2e: len=204)
6 2007-08-06 12:21:24.420851 IP (tos 0x0, ttl 64, id 19913, offset 0, flags [none], proto UDP (17), length 184)
192.168.1.1.500 > 192.168.1.2.500: isakmp 2.0 msgid 00000001: child_sa ikev2_auth[R]:
(v2e: len=124)
7 2007-08-06 12:21:24.428594 IP (tos 0x0, ttl 64, id 19914, offset 0, flags [none], proto UDP (17), length 280)
192.168.1.2.500 > 192.168.1.1.500: isakmp 2.0 msgid 00000002: child_sa child_sa[I]:
(v2e: len=220)
8 2007-08-06 12:21:24.431476 IP (tos 0x0, ttl 64, id 19915, offset 0, flags [none], proto UDP (17), length 248)
192.168.1.2.500 > 192.168.1.1.500: isakmp 2.0 msgid 00000003: child_sa child_sa[I]:
(v2e: len=188)
9 2007-08-06 12:21:24.434259 IP (tos 0x0, ttl 64, id 19916, offset 0, flags [none], proto UDP (17), length 104)
192.168.1.1.500 > 192.168.1.2.500: isakmp 2.0 msgid 00000002: child_sa child_sa[R]:
(v2e: len=44)
10 2007-08-06 12:21:24.441104 IP (tos 0x0, ttl 64, id 19917, offset 0, flags [none], proto UDP (17), length 104)
192.168.1.1.500 > 192.168.1.2.500: isakmp 2.0 msgid 00000003: child_sa child_sa[R]:
(v2e: len=44)
11 2007-08-06 12:21:24.447581 IP (tos 0x0, ttl 64, id 19918, offset 0, flags [none], proto UDP (17), length 312)
192.168.1.2.500 > 192.168.1.1.500: isakmp 2.0 msgid 00000004: child_sa child_sa[I]:
(v2e: len=252)
12 2007-08-06 12:21:24.450581 IP (tos 0x0, ttl 64, id 19919, offset 0, flags [none], proto UDP (17), length 280)
192.168.1.2.500 > 192.168.1.1.500: isakmp 2.0 msgid 00000005: child_sa child_sa[I]:
(v2e: len=220)
13 2007-08-06 12:21:24.454303 IP (tos 0x0, ttl 64, id 19920, offset 0, flags [none], proto UDP (17), length 232)
192.168.1.1.500 > 192.168.1.2.500: isakmp 2.0 msgid 00000004: child_sa child_sa[R]:
(v2e: len=172)
14 2007-08-06 12:21:24.462453 IP (tos 0x0, ttl 64, id 19921, offset 0, flags [none], proto UDP (17), length 232)
192.168.1.1.500 > 192.168.1.2.500: isakmp 2.0 msgid 00000005: child_sa child_sa[R]:
(v2e: len=172)
15 2007-08-06 12:21:24.470120 IP (tos 0x0, ttl 64, id 19922, offset 0, flags [none], proto UDP (17), length 312)
192.168.1.2.500 > 192.168.1.1.500: isakmp 2.0 msgid 00000006: child_sa child_sa[I]:
(v2e: len=252)
16 2007-08-06 12:21:24.472695 IP (tos 0x0, ttl 64, id 19923, offset 0, flags [none], proto UDP (17), length 280)
192.168.1.2.500 > 192.168.1.1.500: isakmp 2.0 msgid 00000007: child_sa child_sa[I]:
(v2e: len=220)
17 2007-08-06 12:21:24.476686 IP (tos 0x0, ttl 64, id 19924, offset 0, flags [none], proto UDP (17), length 232)
192.168.1.1.500 > 192.168.1.2.500: isakmp 2.0 msgid 00000006: child_sa child_sa[R]:
(v2e: len=172)
18 2007-08-06 12:21:24.485264 IP (tos 0x0, ttl 64, id 19925, offset 0, flags [none], proto UDP (17), length 232)
192.168.1.1.500 > 192.168.1.2.500: isakmp 2.0 msgid 00000007: child_sa child_sa[R]:
(v2e: len=172)
19 2007-08-06 12:21:24.494634 IP (tos 0x0, ttl 64, id 19926, offset 0, flags [none], proto UDP (17), length 392)
192.168.1.2.500 > 192.168.1.1.500: isakmp 2.0 msgid 00000008: child_sa child_sa[I]:
(v2e: len=332)
20 2007-08-06 12:21:24.507694 IP (tos 0x0, ttl 64, id 19927, offset 0, flags [none], proto UDP (17), length 344)
192.168.1.1.500 > 192.168.1.2.500: isakmp 2.0 msgid 00000008: child_sa child_sa[R]:
(v2e: len=284)
21 2007-08-06 12:21:24.517735 IP (tos 0x0, ttl 64, id 19928, offset 0, flags [none], proto UDP (17), length 120)
192.168.1.2.500 > 192.168.1.1.500: isakmp 2.0 msgid 00000000: parent_sa inf2[I]:
(v2e: len=60)
|