Screenos Dailup VPN Debug

From Network Security Wiki
Jump to navigation Jump to search

ScreenOS Dailup VPN Debugs are as follows:


debug ike detail

SSG-1-> get db str
## 2014-12-11 23:45:15 : IKE<192.168.3.1> SA Life Type = seconds
## 2014-12-11 23:45:15 : IKE<192.168.3.1> SA lifetime (TLV) = 86400
## 2014-12-11 23:45:15 : IKE<192.168.3.1> DH_BG_consume OK. p1 resp
## 2014-12-11 23:45:15 : IKE<192.168.3.1> Process [KE]:
## 2014-12-11 23:45:15 : IKE<192.168.3.1> processing ISA_KE in phase 1.
## 2014-12-11 23:45:15 : IKE<192.168.3.1> Phase1: his_DH_pub_len is 96
## 2014-12-11 23:45:15 : IKE<192.168.3.1> Process [NONCE]:
## 2014-12-11 23:45:15 : IKE<192.168.3.1> processing NONCE in phase 1.
## 2014-12-11 23:45:15 : IKE<192.168.3.1> Process [ID]:
## 2014-12-11 23:45:15 : IKE<192.168.3.1> ID received: type=ID_FQDN, FQDN = aman@wipro.com, port=0, protocol=0
## 2014-12-11 23:45:15 : IKE<192.168.3.1> process_id need to update peer entry, cur <Dialup-VPNGW>.
## 2014-12-11 23:45:15 : IKE<192.168.2.1>   peer <VPN1-GW> has static ip.
## 2014-12-11 23:45:15 :   locate peer entry for (2/aman@wipro.com), by identity.
## 2014-12-11 23:45:15 : found single user entry(2/aman@wipro.com).
## 2014-12-11 23:45:15 : IKE<192.168.3.1> Dynamic peer IP addr, search peer by identity.
## 2014-12-11 23:45:15 : IKE<192.168.3.1> peer gateway entry has no peer id configured
## 2014-12-11 23:45:15 : IKE<192.168.3.1> ID processed. return 0. sa->p1_state = 0.
## 2014-12-11 23:45:15 : IKE<192.168.3.1> Phase 1 AG Responder constructing 2nd message.
## 2014-12-11 23:45:15 : IKE<192.168.3.1> Construct ISAKMP header.
## 2014-12-11 23:45:15 : IKE<192.168.3.1> Msg header built (next payload #1)
## 2014-12-11 23:45:15 : IKE<192.168.3.1> Construct [SA] for ISAKMP
## 2014-12-11 23:45:15 : IKE<192.168.3.1> auth(1)<PRESHRD>, encr(1)<DES>, hash(1)<MD5>, group(1)
## 2014-12-11 23:45:15 : IKE<192.168.3.1> xauth attribute: disabled
## 2014-12-11 23:45:15 : IKE<192.168.3.1> lifetime/lifesize (86400/0)
## 2014-12-11 23:45:15 : IKE<0.0.0.0        >   set_phase1_transform, dh_group(1).
## 2014-12-11 23:45:15 : IKE<192.168.3.1> Construct NetScreen [VID]
## 2014-12-11 23:45:15 : IKE<192.168.3.1> Construct custom [VID]
## 2014-12-11 23:45:15 : IKE<192.168.3.1> Construct custom [VID]
## 2014-12-11 23:45:15 : IKE<192.168.3.1> Construct [KE] for ISAKMP
## 2014-12-11 23:45:15 : IKE<192.168.3.1> Construct [NONCE]
## 2014-12-11 23:45:15 : IKE<192.168.3.1> gen_skeyid()
## 2014-12-11 23:45:15 : IKE<192.168.3.1> gen_skeyid: returning 0
## 2014-12-11 23:45:15 : IKE<192.168.3.1> Construct [ID] for ISAKMP
## 2014-12-11 23:45:15 : IKE<192.168.3.1> Construct [HASH]
## 2014-12-11 23:45:15 : IKE<192.168.3.1> ID, len=8, type=1, pro=17, port=500,
## 2014-12-11 23:45:15 : IKE<192.168.3.1> addr=192.168.1.1
## 2014-12-11 23:45:15 : IKE<192.168.3.1> Construct NAT-T [VID]: draft 2
## 2014-12-11 23:45:15 : IKE<192.168.3.1> Responder psk ag mode: natt vid constructed.
## 2014-12-11 23:45:15 : IKE<192.168.3.1> responder (psk) constructing remote NAT-D
## 2014-12-11 23:45:15 : IKE<192.168.3.1> Construct [NATD]
## 2014-12-11 23:45:15 : IKE<192.168.3.1> responder (psk) constructing local NAT-D
## 2014-12-11 23:45:15 : IKE<192.168.3.1> Construct [NATD]
## 2014-12-11 23:45:15 : IKE<192.168.3.1    > Xmit : [SA] [VID] [VID] [VID] [KE] [NONCE] [ID] [HASH] [VID] 
## 2014-12-11 23:45:15 : [NATD] [NATD] 
## 2014-12-11 23:45:15 : IKE<192.168.3.1> Responder sending IPv4 IP 192.168.3.1/port 10952
## 2014-12-11 23:45:15 : IKE<192.168.3.1> Send Phase 1 packet (len=388)
## 2014-12-11 23:45:15 : IKE<192.168.3.1> IKE msg done: PKI state<0> IKE state<5/91100f>
## 2014-12-11 23:45:15 : IKE<192.168.3.1> ike packet, len 144, action 0
## 2014-12-11 23:45:15 : IKE<192.168.3.1> Catcher: received 116 bytes from socket.
## 2014-12-11 23:45:15 : IKE<192.168.3.1> ****** Recv packet if <ethernet0/3> of vsys <Root> ******
## 2014-12-11 23:45:15 : IKE<192.168.3.1> Catcher: get 116 bytes. src port 10952
## 2014-12-11 23:45:15 : IKE<0.0.0.0        >   ISAKMP msg: len 116, nxp 8[HASH], exch 4[AG], flag 01  E 
## 2014-12-11 23:45:15 : IKE<192.168.3.1> Decrypting payload (length 88)
## 2014-12-11 23:45:15 : IKE<192.168.3.1    > Recv*: [HASH] [NATD] [NATD] [NOTIF] 
## 2014-12-11 23:45:15 : IKE<0.0.0.0        >   extract payload (88): 
## 2014-12-11 23:45:15 : IKE<192.168.3.1> AG in state OAK_AG_INIT_EXCH.
## 2014-12-11 23:45:15 : IKE<192.168.3.1> Process [NATD]:
## 2014-12-11 23:45:15 : IKE<192.168.3.1> Process [NATD]:
## 2014-12-11 23:45:15 : IKE<192.168.3.1> Process [HASH]:
## 2014-12-11 23:45:15 : IKE<192.168.3.1> ID, len=18, type=2, pro=0, port=0,
## 2014-12-11 23:45:15 : IKE<192.168.3.1> 
## 2014-12-11 23:45:15 : IKE<192.168.3.1> Process [NOTIF]:
## 2014-12-11 23:45:15 : IKE<192.168.3.1> Received notify message for DOI <1> <24578> <INITIAL-CONTACT>.
## 2014-12-11 23:45:15 : IKE<192.168.3.1> Received initial contact notification and removed Phase 2 SAs.
## 2014-12-11 23:45:15 : clear phase 2 sa of peer Dialup-VPNGW.
## 2014-12-11 23:45:15 : IKE<192.168.3.1> deactive p2 sa 0 send_delete 0
## 2014-12-11 23:45:15 : IKE<192.168.3.1> process notify exit with <0>.
## 2014-12-11 23:45:15 : IKE<192.168.3.1> completing Phase 1
## 2014-12-11 23:45:15 : IKE<192.168.3.1> sa_pidt = 2a7a2f8
## 2014-12-11 23:45:15 : IKE<192.168.3.1> found existing peer identity 2a79d90
## 2014-12-11 23:45:15 : IKE<192.168.3.1> peer_identity_unregister_p1_sa.
## 2014-12-11 23:45:15 : IKE<0.0.0.0        >   delete peer identity 0x2a7a2f8
## 2014-12-11 23:45:15 : IKE<0.0.0.0        >   peer_identity_remove_from_peer: num entry before remove <2>
## 2014-12-11 23:45:15 : IKE<192.168.3.1> peer_idt.c peer_identity_unregister_p1_sa 686: pidt deleted.
## 2014-12-11 23:45:15 : IKE<192.168.3.1> Phase 1: Completed for ip <192.168.3.1>, user<VPN-User>
## 2014-12-11 23:45:15 : IKE<192.168.3.1> Phase 1: Completed Aggressive mode negotiation with a <28800>-second lifetime.
## 2014-12-11 23:45:15 : IKE<0.0.0.0        >   proc_other_session_notify->
## 2014-12-11 23:45:15 : IKE<0.0.0.0        >     process Notify Payload: doi(1), msg(24578), txt<INITIAL-CONTACT>
## 2014-12-11 23:45:15 : IKE<192.168.3.1> Received initial contact notification and removed Phase 1 SAs.
## 2014-12-11 23:45:15 : IKE<192.168.3.1> IKE msg done: PKI state<0> IKE state<6/1097102f>
## 2014-12-11 23:45:16 : IKE<192.168.3.1> ike packet, len 200, action 0
## 2014-12-11 23:45:16 : IKE<192.168.3.1> Catcher: received 172 bytes from socket.
## 2014-12-11 23:45:16 : IKE<192.168.3.1> ****** Recv packet if <ethernet0/3> of vsys <Root> ******
## 2014-12-11 23:45:16 : IKE<192.168.3.1> Catcher: get 172 bytes. src port 10952
## 2014-12-11 23:45:16 : IKE<0.0.0.0        >   ISAKMP msg: len 172, nxp 8[HASH], exch 32[QM], flag 01  E 
## 2014-12-11 23:45:16 : IKE<192.168.3.1> Create conn entry...
## 2014-12-11 23:45:16 : IKE<192.168.3.1>   ...done(new 37541d2c)
## 2014-12-11 23:45:16 : IKE<192.168.3.1> Phase 2 msg-id <37541d2c>: Responded to the first peer message.
## 2014-12-11 23:45:16 : IKE<192.168.3.1> Decrypting payload (length 144)
## 2014-12-11 23:45:16 : IKE<192.168.3.1    > Recv*: [HASH] [SA] [NONCE] [ID] [ID] 
## 2014-12-11 23:45:16 : valid id checking, id type:IP Address, len:12.
## 2014-12-11 23:45:16 : valid id checking, id type:IP Subnet, len:16.
## 2014-12-11 23:45:16 : IKE<0.0.0.0        >   extract payload (144): 
## 2014-12-11 23:45:16 : valid id checking, id type:IP Address, len:12.
## 2014-12-11 23:45:16 : valid id checking, id type:IP Subnet, len:16.
## 2014-12-11 23:45:16 : IKE<192.168.3.1> QM in state OAK_QM_SA_ACCEPT.
## 2014-12-11 23:45:16 : IKE<192.168.3.1> receive init proxy id type ID_IPV4_ADDR with mask 0: force mask to all 1.
## 2014-12-11 23:45:16 : IKE<192.168.3.1> Start by finding matching member SA (verify -1/-1)
## 2014-12-11 23:45:16 : IKE<192.168.3.1> IKE: Matching policy: gw ip <192.168.3.1> peer entry id<1>
## 2014-12-11 23:45:16 : IKE<0.0.0.0        >   protocol matched expected<0>.
## 2014-12-11 23:45:16 : IKE<0.0.0.0        >   port matched expect l:<0>, r<0>.
## 2014-12-11 23:45:16 : IKE<192.168.3.1> Peer is dial up.
## 2014-12-11 23:45:16 : IKE<192.168.3.1> configured ID for sa(4): 
## 2014-12-11 23:45:16 : IKE<192.168.3.1> local  10.1.1.0/24 prot<0> port<0> type<4>
        remote 192.168.3.1/32 prot<0> port<0> type<1>
## 2014-12-11 23:45:16 : IKE<192.168.3.1> member without dynamic policy found, match local address only
## 2014-12-11 23:45:16 : ipvx = IPV4
## 2014-12-11 23:45:16 : rcv_local_addr = 10.1.1.0, rcv_local_mask = 255.255.255.0, p_rcv_local_real = 10.1.1.0
## 2014-12-11 23:45:16 : rcv_remote_addr = 192.168.3.1, rcv_remote_mask = 255.255.255.255, p_rcv_remote_real = 192.168.3.1
## 2014-12-11 23:45:16 : ike_p2_id->local_ip = 10.1.1.0, cfg_local_mask = 255.255.255.0, p_cfg_local_real = 10.1.1.0
## 2014-12-11 23:45:16 : ike_p2_id->remote_ip = 192.168.3.1, cfg_remote_mask = 255.255.255.255, p_cfg_remote_real = 192.168.3.1
## 2014-12-11 23:45:16 : IKE<192.168.3.1> Proxy ID match: Located matching Phase 2 SA <4>.
## 2014-12-11 23:45:16 : IKE<192.168.3.1> Start by finding matching member SA (verify -1/-1)
## 2014-12-11 23:45:16 : IKE<192.168.3.1> IKE: Matching policy: gw ip <192.168.3.1> peer entry id<1>
## 2014-12-11 23:45:16 : IKE<0.0.0.0        >   protocol matched expected<0>.
## 2014-12-11 23:45:16 : IKE<0.0.0.0        >   port matched expect l:<0>, r<0>.
## 2014-12-11 23:45:16 : IKE<192.168.3.1> Peer is dial up.
## 2014-12-11 23:45:16 : IKE<192.168.3.1> configured ID for sa(4): 
## 2014-12-11 23:45:16 : IKE<192.168.3.1> local  10.1.1.0/24 prot<0> port<0> type<4>
        remote 192.168.3.1/32 prot<0> port<0> type<1>
## 2014-12-11 23:45:16 : IKE<192.168.3.1> member without dynamic policy found, match local address only
## 2014-12-11 23:45:16 : ipvx = IPV4
## 2014-12-11 23:45:16 : rcv_local_addr = 10.1.1.0, rcv_local_mask = 255.255.255.0, p_rcv_local_real = 10.1.1.0
## 2014-12-11 23:45:16 : rcv_remote_addr = 192.168.3.1, rcv_remote_mask = 255.255.255.255, p_rcv_remote_real = 192.168.3.1
## 2014-12-11 23:45:16 : ike_p2_id->local_ip = 10.1.1.0, cfg_local_mask = 255.255.255.0, p_cfg_local_real = 10.1.1.0
## 2014-12-11 23:45:16 : ike_p2_id->remote_ip = 192.168.3.1, cfg_remote_mask = 255.255.255.255, p_cfg_remote_real = 192.168.3.1
## 2014-12-11 23:45:16 : IKE<192.168.3.1> Proxy ID match: Located matching Phase 2 SA <4>.
## 2014-12-11 23:45:16 : IKE<192.168.3.1> Process [SA]:
## 2014-12-11 23:45:16 : IKE<0.0.0.0        >   Check P2 Proposal
## 2014-12-11 23:45:16 : IKE<192.168.3.1> SA life type = seconds
## 2014-12-11 23:45:16 : IKE<0.0.0.0        >   SA life duration (TV) = 28800
## 2014-12-11 23:45:16 : IKE<0.0.0.0        >   encap mode from peer = 1.
## 2014-12-11 23:45:16 : IKE<0.0.0.0        >   encap mode after converting it to private value = 1.
## 2014-12-11 23:45:16 : IKE<192.168.3.1> Phase 2 received:
## 2014-12-11 23:45:16 : IKE<192.168.3.1> atts<00000003 00000000 00000002 00000001 00000001 00000000>
## 2014-12-11 23:45:16 : IKE<192.168.3.1> proto(3)<ESP>, esp(2)<ESP_DES>, auth(1)<MD5>, encap(1)<TUNNEL>, group(0)
## 2014-12-11 23:45:16 : IKE<192.168.3.1> P2 proposal [0] selected.
## 2014-12-11 23:45:16 : IKE<0.0.0.0        >   add sa list for msg id <37541d2c>
## 2014-12-11 23:45:16 : IKE<192.168.3.1> get_unique_spi 0, 1314921932, 4e601dcc
## 2014-12-11 23:45:16 : IKE<192.168.3.1> Process [NONCE]:
## 2014-12-11 23:45:16 : IKE<192.168.3.1> processing NONCE in phase 2.
## 2014-12-11 23:45:16 : IKE<192.168.3.1> Process [ID]:
## 2014-12-11 23:45:16 : IKE<192.168.3.1> Process [ID]:
## 2014-12-11 23:45:16 : IKE<192.168.3.1> Phase 2 Responder constructing 2nd message.
## 2014-12-11 23:45:16 : IKE<192.168.3.1> Construct ISAKMP header.
## 2014-12-11 23:45:16 : IKE<192.168.3.1> Msg header built (next payload #8)
## 2014-12-11 23:45:16 : IKE<192.168.3.1> Construct [HASH]
## 2014-12-11 23:45:16 : IKE<192.168.3.1> Construct [SA] for IPSEC
## 2014-12-11 23:45:16 : IKE<0.0.0.0        >   Set IPSEC SA attrs tunnel(1) MD5 grp0 lifetime(28800/0)
## 2014-12-11 23:45:16 : IKE<0.0.0.0        >   Before NAT-T attr unmap: P2 prop tunnel = 1.
## 2014-12-11 23:45:16 : IKE<0.0.0.0        >   After NAT-T attr unmap: P2 prop tunnel = 1.
## 2014-12-11 23:45:16 : IKE<192.168.3.1> IP<192.168.3.1> mask<255.255.255.255> prot<0> port<0>
## 2014-12-11 23:45:16 : IKE<192.168.3.1> Initiator P2 ID built: ...h
## 2014-12-11 23:45:16 : IKE<10.1.1.0> IP<10.1.1.0> mask<255.255.255.0> prot<0> port<0>
## 2014-12-11 23:45:16 : IKE<192.168.3.1> Responder P2 ID built: ...h
## 2014-12-11 23:45:16 : IKE<192.168.3.1> Construct [NONCE] for IPSec
## 2014-12-11 23:45:16 : IKE<192.168.3.1> Construct [ID] for Phase 2
## 2014-12-11 23:45:16 : id payload constructed. type(1),ip(192.168.3.1),mask(255.255.255.255), prot(0), port(0)
## 2014-12-11 23:45:16 : IKE<192.168.3.1> Construct [ID] for Phase 2
## 2014-12-11 23:45:16 : id payload constructed. type(4),ip(10.1.1.0),mask(255.255.255.0), prot(0), port(0)
## 2014-12-11 23:45:16 : IKE<192.168.3.1> send out RESPONDER_LIFETIME notification. prot=3, 
## 2014-12-11 23:45:16 : IKE<192.168.3.1> life_sec=3600 
## 2014-12-11 23:45:16 : IKE<192.168.3.1> Construct [NOTIF] (RESPONDER-LIFETIME) for IPSEC
## 2014-12-11 23:45:16 : IKE<192.168.3.1> construct QM HASH
## 2014-12-11 23:45:16 : IKE<192.168.3.1    > Xmit*: [HASH] [SA] [NONCE] [ID] [ID] [NOTIF] 
## 2014-12-11 23:45:16 : IKE<192.168.3.1> Encrypt P2 payload (len 192)
## 2014-12-11 23:45:16 : IKE<192.168.3.1> Responder sending IPv4 IP 192.168.3.1/port 10952
## 2014-12-11 23:45:16 : IKE<192.168.3.1> Send Phase 2 packet (len=196)
## 2014-12-11 23:45:16 : IKE<192.168.3.1> oakley_process_quick_mode():exit
## 2014-12-11 23:45:16 : IKE<192.168.3.1> IKE msg done: PKI state<0> IKE state<6/1097102f>
## 2014-12-11 23:45:16 : IKE<192.168.3.1> ike packet, len 80, action 0
## 2014-12-11 23:45:16 : IKE<192.168.3.1> Catcher: received 52 bytes from socket.
## 2014-12-11 23:45:16 : IKE<192.168.3.1> ****** Recv packet if <ethernet0/3> of vsys <Root> ******
## 2014-12-11 23:45:16 : IKE<192.168.3.1> Catcher: get 52 bytes. src port 10952
## 2014-12-11 23:45:16 : IKE<0.0.0.0        >   ISAKMP msg: len 52, nxp 8[HASH], exch 32[QM], flag 01  E 
## 2014-12-11 23:45:16 : IKE<192.168.3.1> Decrypting payload (length 24)
## 2014-12-11 23:45:16 : IKE<192.168.3.1    > Recv*: [HASH] 
## 2014-12-11 23:45:16 : IKE<0.0.0.0        >   extract payload (24): 
## 2014-12-11 23:45:16 : IKE<192.168.3.1> QM in state OAK_QM_AUTH_AWAIT.
## 2014-12-11 23:45:16 : IKE<192.168.3.1> xauth_cleanup()
## 2014-12-11 23:45:16 : IKE<192.168.3.1> Done cleaning up IKE Phase 1 SA
## 2014-12-11 23:45:16 : IKE<192.168.3.1> Start by finding matching member SA (verify 0/0)
## 2014-12-11 23:45:16 : IKE<192.168.3.1> Verify sa: index 0
## 2014-12-11 23:45:16 : IKE<192.168.3.1> IKE: Matching policy: gw ip <192.168.3.1> peer entry id<1>
## 2014-12-11 23:45:16 : IKE<0.0.0.0        >   protocol matched expected<0>.
## 2014-12-11 23:45:16 : IKE<0.0.0.0        >   port matched expect l:<0>, r<0>.
## 2014-12-11 23:45:16 : IKE<192.168.3.1> Peer is dial up.
## 2014-12-11 23:45:16 : IKE<192.168.3.1> configured ID for sa(4): 
## 2014-12-11 23:45:16 : IKE<192.168.3.1> local  10.1.1.0/24 prot<0> port<0> type<4>
        remote 192.168.3.1/32 prot<0> port<0> type<1>
## 2014-12-11 23:45:16 : IKE<192.168.3.1> member without dynamic policy found, match local address only
## 2014-12-11 23:45:16 : ipvx = IPV4
## 2014-12-11 23:45:16 : rcv_local_addr = 10.1.1.0, rcv_local_mask = 255.255.255.0, p_rcv_local_real = 10.1.1.0
## 2014-12-11 23:45:16 : rcv_remote_addr = 192.168.3.1, rcv_remote_mask = 255.255.255.255, p_rcv_remote_real = 192.168.3.1
## 2014-12-11 23:45:16 : ike_p2_id->local_ip = 10.1.1.0, cfg_local_mask = 255.255.255.0, p_cfg_local_real = 10.1.1.0
## 2014-12-11 23:45:16 : ike_p2_id->remote_ip = 192.168.3.1, cfg_remote_mask = 255.255.255.255, p_cfg_remote_real = 192.168.3.1
## 2014-12-11 23:45:16 : IKE<192.168.3.1> Proxy ID match: Located matching Phase 2 SA <4>.
## 2014-12-11 23:45:16 : IKE<192.168.3.1> sa ID for phase 2 sa is <4>. IP version is 4.
## 2014-12-11 23:45:16 : IKE<192.168.3.1> Single user entry.
## 2014-12-11 23:45:16 : IKE<0.0.0.0        >   life (sec or kb): lcl 3600, peer 28800, set 3600.
## 2014-12-11 23:45:16 : IKE<0.0.0.0        >   life (sec or kb): lcl 0, peer 0, set 0.
## 2014-12-11 23:45:16 : IKE<192.168.3.1> gen_qm_key()
## 2014-12-11 23:45:16 : IKE<192.168.3.1> load_sa_keys(): enter.
## 2014-12-11 23:45:16 : IKE<192.168.3.1> gen_qm_key()
## 2014-12-11 23:45:16 : IKE<192.168.3.1> load_sa_keys(): enter.
## 2014-12-11 23:45:16 : IKE<192.168.3.1> ikmpd.c 3999. sa ID for phase 2 sa is <4>. IP version is 4.
## 2014-12-11 23:45:16 : IKE<0.0.0.0        >   spi hash node removed: type<2>,spi<4e601dcb>,ip<192.168.1.1>
## 2014-12-11 23:45:16 : IKE<0.0.0.0        >   spi hash node removed: type<2>,spi<387eb481>,ip<192.168.3.1>
## 2014-12-11 23:45:16 : IKE<192.168.3.1> clean_all_sa_state_node_from_list->
## 2014-12-11 23:45:16 : IKE<192.168.3.1> no relocate earlier SA-state, not active.
## 2014-12-11 23:45:16 : IKE<192.168.3.1> key_modify: sa index <0> bk_idx <0>.
## 2014-12-11 23:45:16 : IKE<0.0.0.0        >   insert_sa_state_to_spi_hash spi<4e601dcc>, sa_index<0>, Incoming
## 2014-12-11 23:45:16 : IKE<0.0.0.0        >   insert_sa_state_to_spi_hash spi<c9beca6b>, sa_index<0>, Outgoing
## 2014-12-11 23:45:16 : IKE<192.168.3.1> update acvpn flags for sa 0
## 2014-12-11 23:45:16 : IKE<192.168.3.1> update acvpn flags for sa 0 - 0x400033
## 2014-12-11 23:45:16 : IKE<192.168.3.1>  crypto_ctx 11, 8, 8, 8, 0, 0, 16, 0, 12, 48
## 2014-12-11 23:45:16 : IKE<192.168.3.1> modify esp tunnel: src (peer) ipv4 <192.168.3.1>
## 2014-12-11 23:45:16 : IKE<192.168.3.1> modifying esp tunnel: self <ipv4 192.168.1.1>
## 2014-12-11 23:45:16 : IKE<192.168.3.1> update auto NHTB status for sa 0
## 2014-12-11 23:45:16 : IKE<192.168.3.1> after mod, out nsptunnel <03661890>.
## 2014-12-11 23:45:16 : IKE<192.168.3.1> Phase 2 msg-id <37541d2c>: Completed Quick Mode negotiation with SPI <4e601dcc>, tunnel ID <4>, and lifetime <3600> seconds/<0> KB.
## 2014-12-11 23:45:16 : IKE<192.168.3.1> Application sa installed.
## 2014-12-11 23:45:16 : IKE<192.168.3.1> oakley_process_quick_mode():exit
## 2014-12-11 23:45:16 : IKE<192.168.3.1> IKE msg done: PKI state<0> IKE state<6/1097102f>
## 2014-12-11 23:45:17 : IKE<192.168.2.1> nhtb_list_update_status: vpn VPN1-PH2
## 2014-12-11 23:45:17 : IKE<192.168.2.1>   ** vpn mon return up 4
## 2014-12-11 23:45:17 : IKE<192.168.2.1> sa_link_status_for_tunl_ifp: saidx 1, preliminary status 4
## 2014-12-11 23:45:17 : IKE<192.168.2.1>   local_if is ethernet0/3
## 2014-12-11 23:45:35 : IKE<192.168.3.1> ike packet, len 112, action 0
## 2014-12-11 23:45:35 : IKE<192.168.3.1> Catcher: received 84 bytes from socket.
## 2014-12-11 23:45:35 : IKE<192.168.3.1> ****** Recv packet if <ethernet0/3> of vsys <Root> ******
## 2014-12-11 23:45:35 : IKE<192.168.3.1> Catcher: get 84 bytes. src port 10952
## 2014-12-11 23:45:35 : IKE<0.0.0.0        >   ISAKMP msg: len 84, nxp 8[HASH], exch 5[INFO], flag 01  E 
## 2014-12-11 23:45:35 : IKE<192.168.3.1> Create conn entry...
## 2014-12-11 23:45:35 : IKE<192.168.3.1>   ...done(new 25107bcb)
## 2014-12-11 23:45:35 : IKE<192.168.3.1> Decrypting payload (length 56)
## 2014-12-11 23:45:35 : IKE<192.168.3.1    > Recv*: [HASH] [NOTIF] 
## 2014-12-11 23:45:35 : IKE<192.168.3.1> Process [NOTIF]:
## 2014-12-11 23:45:35 : IKE<192.168.3.1> Received notify message for DOI <1> <36136> <NOTIFY_DPD_R_U_THERE>.
## 2014-12-11 23:45:35 : IKE<192.168.3.1> Notify with message id<00000000>, packet mess_id<25107bcb>.
## 2014-12-11 23:45:35 : IKE<192.168.3.1> Create conn entry...
## 2014-12-11 23:45:35 : IKE<192.168.3.1>   ...done(new 6bdc1209)
## 2014-12-11 23:45:35 : IKE<192.168.3.1> Construct ISAKMP header.
## 2014-12-11 23:45:35 : IKE<192.168.3.1> Msg header built (next payload #8)
## 2014-12-11 23:45:35 : IKE<192.168.3.1> Construct [HASH]
## 2014-12-11 23:45:35 : IKE<192.168.3.1> Construct [NOTIF]:(NOTIFY_DPD_R_U_THERE_ACK)
## 2014-12-11 23:45:35 : IKE<192.168.3.1> construct QM HASH
## 2014-12-11 23:45:35 : IKE<192.168.3.1    > Xmit*: [HASH] [NOTIF] 
## 2014-12-11 23:45:35 : IKE<192.168.3.1> Encrypt P2 payload (len 80)
## 2014-12-11 23:45:35 : IKE<192.168.3.1> Responder sending IPv4 IP 192.168.3.1/port 10952
## 2014-12-11 23:45:35 : IKE<192.168.3.1> Send Phase 2 packet (len=84)
## 2014-12-11 23:45:35 : IKE<192.168.3.1>   Delete conn entry...
## 2014-12-11 23:45:35 : IKE<192.168.3.1>  ...found conn entry(6bdc1209)
## 2014-12-11 23:45:35 : IKE<192.168.3.1> process notify exit with <0>.
## 2014-12-11 23:45:35 : IKE<192.168.3.1>   Delete conn entry...
## 2014-12-11 23:45:35 : IKE<192.168.3.1>  ...found conn entry(25107bcb)
## 2014-12-11 23:45:35 : IKE<192.168.3.1> IKE msg done: PKI state<0> IKE state<6/1097102f>
## 2014-12-11 23:45:46 : IKE<192.168.3.1>   Delete conn entry...
## 2014-12-11 23:45:46 : IKE<192.168.3.1>  ...found conn entry(37541d2c)
## 2014-12-11 23:45:55 : IKE<192.168.3.1> ike packet, len 112, action 0
## 2014-12-11 23:45:55 : IKE<192.168.3.1> Catcher: received 84 bytes from socket.
## 2014-12-11 23:45:55 : IKE<192.168.3.1> ****** Recv packet if <ethernet0/3> of vsys <Root> ******
## 2014-12-11 23:45:55 : IKE<192.168.3.1> Catcher: get 84 bytes. src port 10952
## 2014-12-11 23:45:55 : IKE<0.0.0.0        >   ISAKMP msg: len 84, nxp 8[HASH], exch 5[INFO], flag 01  E 
## 2014-12-11 23:45:55 : IKE<192.168.3.1> Create conn entry...
## 2014-12-11 23:45:55 : IKE<192.168.3.1>   ...done(new 37211cf7)
## 2014-12-11 23:45:55 : IKE<192.168.3.1> Decrypting payload (length 56)
## 2014-12-11 23:45:55 : IKE<192.168.3.1    > Recv*: [HASH] [NOTIF] 
## 2014-12-11 23:45:55 : IKE<192.168.3.1> Process [NOTIF]:
## 2014-12-11 23:45:55 : IKE<192.168.3.1> Received notify message for DOI <1> <36136> <NOTIFY_DPD_R_U_THERE>.
## 2014-12-11 23:45:55 : IKE<192.168.3.1> Notify with message id<00000000>, packet mess_id<37211cf7>.
## 2014-12-11 23:45:55 : IKE<192.168.3.1> Create conn entry...
## 2014-12-11 23:45:55 : IKE<192.168.3.1>   ...done(new b0ddf173)
## 2014-12-11 23:45:55 : IKE<192.168.3.1> Construct ISAKMP header.
## 2014-12-11 23:45:55 : IKE<192.168.3.1> Msg header built (next payload #8)
## 2014-12-11 23:45:55 : IKE<192.168.3.1> Construct [HASH]
## 2014-12-11 23:45:55 : IKE<192.168.3.1> Construct [NOTIF]:(NOTIFY_DPD_R_U_THERE_ACK)
## 2014-12-11 23:45:55 : IKE<192.168.3.1> construct QM HASH
## 2014-12-11 23:45:55 : IKE<192.168.3.1    > Xmit*: [HASH] [NOTIF] 
## 2014-12-11 23:45:55 : IKE<192.168.3.1> Encrypt P2 payload (len 80)
## 2014-12-11 23:45:55 : IKE<192.168.3.1> Responder sending IPv4 IP 192.168.3.1/port 10952
## 2014-12-11 23:45:55 : IKE<192.168.3.1> Send Phase 2 packet (len=84)
## 2014-12-11 23:45:55 : IKE<192.168.3.1>   Delete conn entry...
## 2014-12-11 23:45:55 : IKE<192.168.3.1>  ...found conn entry(b0ddf173)
## 2014-12-11 23:45:55 : IKE<192.168.3.1> process notify exit with <0>.
## 2014-12-11 23:45:55 : IKE<192.168.3.1>   Delete conn entry...
## 2014-12-11 23:45:55 : IKE<192.168.3.1>  ...found conn entry(37211cf7)
## 2014-12-11 23:45:55 : IKE<192.168.3.1> IKE msg done: PKI state<0> IKE state<6/1097102f>
## 2014-12-11 23:46:16 : IKE<192.168.3.1> ike packet, len 112, action 0
## 2014-12-11 23:46:16 : IKE<192.168.3.1> Catcher: received 84 bytes from socket.
## 2014-12-11 23:46:16 : IKE<192.168.3.1> ****** Recv packet if <ethernet0/3> of vsys <Root> ******
## 2014-12-11 23:46:16 : IKE<192.168.3.1> Catcher: get 84 bytes. src port 10952
## 2014-12-11 23:46:16 : IKE<0.0.0.0        >   ISAKMP msg: len 84, nxp 8[HASH], exch 5[INFO], flag 01  E 
## 2014-12-11 23:46:16 : IKE<192.168.3.1> Create conn entry...
## 2014-12-11 23:46:16 : IKE<192.168.3.1>   ...done(new ce5a9481)
## 2014-12-11 23:46:16 : IKE<192.168.3.1> Decrypting payload (length 56)
## 2014-12-11 23:46:16 : IKE<192.168.3.1    > Recv*: [HASH] [NOTIF] 
## 2014-12-11 23:46:16 : IKE<192.168.3.1> Process [NOTIF]:
## 2014-12-11 23:46:16 : IKE<192.168.3.1> Received notify message for DOI <1> <36136> <NOTIFY_DPD_R_U_THERE>.
## 2014-12-11 23:46:16 : IKE<192.168.3.1> Notify with message id<00000000>, packet mess_id<ce5a9481>.
## 2014-12-11 23:46:16 : IKE<192.168.3.1> Create conn entry...
## 2014-12-11 23:46:16 : IKE<192.168.3.1>   ...done(new df8f4217)
## 2014-12-11 23:46:16 : IKE<192.168.3.1> Construct ISAKMP header.
## 2014-12-11 23:46:16 : IKE<192.168.3.1> Msg header built (next payload #8)
## 2014-12-11 23:46:16 : IKE<192.168.3.1> Construct [HASH]
## 2014-12-11 23:46:16 : IKE<192.168.3.1> Construct [NOTIF]:(NOTIFY_DPD_R_U_THERE_ACK)
## 2014-12-11 23:46:16 : IKE<192.168.3.1> construct QM HASH
## 2014-12-11 23:46:16 : IKE<192.168.3.1    > Xmit*: [HASH] [NOTIF] 
## 2014-12-11 23:46:16 : IKE<192.168.3.1> Encrypt P2 payload (len 80)
## 2014-12-11 23:46:16 : IKE<192.168.3.1> Responder sending IPv4 IP 192.168.3.1/port 10952
## 2014-12-11 23:46:16 : IKE<192.168.3.1> Send Phase 2 packet (len=84)
## 2014-12-11 23:46:16 : IKE<192.168.3.1>   Delete conn entry...
## 2014-12-11 23:46:16 : IKE<192.168.3.1>  ...found conn entry(df8f4217)
## 2014-12-11 23:46:16 : IKE<192.168.3.1> process notify exit with <0>.
## 2014-12-11 23:46:16 : IKE<192.168.3.1>   Delete conn entry...
## 2014-12-11 23:46:16 : IKE<192.168.3.1>  ...found conn entry(ce5a9481)
## 2014-12-11 23:46:16 : IKE<192.168.3.1> IKE msg done: PKI state<0> IKE state<6/1097102f>
## 2014-12-11 23:46:36 : IKE<192.168.3.1> ike packet, len 112, action 0
## 2014-12-11 23:46:36 : IKE<192.168.3.1> Catcher: received 84 bytes from socket.
## 2014-12-11 23:46:36 : IKE<192.168.3.1> ****** Recv packet if <ethernet0/3> of vsys <Root> ******
## 2014-12-11 23:46:36 : IKE<192.168.3.1> Catcher: get 84 bytes. src port 10952
## 2014-12-11 23:46:36 : IKE<0.0.0.0        >   ISAKMP msg: len 84, nxp 8[HASH], exch 5[INFO], flag 01  E 
## 2014-12-11 23:46:36 : IKE<192.168.3.1> Create conn entry...
## 2014-12-11 23:46:36 : IKE<192.168.3.1>   ...done(new 6d4a4cb9)
## 2014-12-11 23:46:36 : IKE<192.168.3.1> Decrypting payload (length 56)
## 2014-12-11 23:46:36 : IKE<192.168.3.1    > Recv*: [HASH] [NOTIF] 
## 2014-12-11 23:46:36 : IKE<192.168.3.1> Process [NOTIF]:
## 2014-12-11 23:46:36 : IKE<192.168.3.1> Received notify message for DOI <1> <36136> <NOTIFY_DPD_R_U_THERE>.
## 2014-12-11 23:46:36 : IKE<192.168.3.1> Notify with message id<00000000>, packet mess_id<6d4a4cb9>.
## 2014-12-11 23:46:36 : IKE<192.168.3.1> Create conn entry...
## 2014-12-11 23:46:36 : IKE<192.168.3.1>   ...done(new 3993c145)
## 2014-12-11 23:46:36 : IKE<192.168.3.1> Construct ISAKMP header.
## 2014-12-11 23:46:36 : IKE<192.168.3.1> Msg header built (next payload #8)
## 2014-12-11 23:46:36 : IKE<192.168.3.1> Construct [HASH]
## 2014-12-11 23:46:36 : IKE<192.168.3.1> Construct [NOTIF]:(NOTIFY_DPD_R_U_THERE_ACK)
## 2014-12-11 23:46:36 : IKE<192.168.3.1> construct QM HASH
## 2014-12-11 23:46:36 : IKE<192.168.3.1    > Xmit*: [HASH] [NOTIF] 
## 2014-12-11 23:46:36 : IKE<192.168.3.1> Encrypt P2 payload (len 80)
## 2014-12-11 23:46:36 : IKE<192.168.3.1> Responder sending IPv4 IP 192.168.3.1/port 10952
## 2014-12-11 23:46:36 : IKE<192.168.3.1> Send Phase 2 packet (len=84)
## 2014-12-11 23:46:36 : IKE<192.168.3.1>   Delete conn entry...
## 2014-12-11 23:46:36 : IKE<192.168.3.1>  ...found conn entry(3993c145)
## 2014-12-11 23:46:36 : IKE<192.168.3.1> process notify exit with <0>.
## 2014-12-11 23:46:36 : IKE<192.168.3.1>   Delete conn entry...
## 2014-12-11 23:46:36 : IKE<192.168.3.1>  ...found conn entry(6d4a4cb9)
## 2014-12-11 23:46:36 : IKE<192.168.3.1> IKE msg done: PKI state<0> IKE state<6/1097102f>
## 2014-12-11 23:46:56 : IKE<192.168.3.1> ike packet, len 112, action 0
## 2014-12-11 23:46:56 : IKE<192.168.3.1> ike packet, len 96, action 0
## 2014-12-11 23:46:56 : IKE<192.168.3.1> ike packet, len 104, action 0
## 2014-12-11 23:46:56 : IKE<192.168.3.1> Catcher: received 84 bytes from socket.
## 2014-12-11 23:46:56 : IKE<192.168.3.1> ****** Recv packet if <ethernet0/3> of vsys <Root> ******
## 2014-12-11 23:46:56 : IKE<192.168.3.1> Catcher: get 84 bytes. src port 10952
## 2014-12-11 23:46:56 : IKE<0.0.0.0        >   ISAKMP msg: len 84, nxp 8[HASH], exch 5[INFO], flag 01  E 
## 2014-12-11 23:46:56 : IKE<192.168.3.1> Create conn entry...
## 2014-12-11 23:46:56 : IKE<192.168.3.1>   ...done(new 8a94ad03)
## 2014-12-11 23:46:56 : IKE<192.168.3.1> Decrypting payload (length 56)
## 2014-12-11 23:46:56 : IKE<192.168.3.1    > Recv*: [HASH] [NOTIF] 
## 2014-12-11 23:46:56 : IKE<192.168.3.1> Process [NOTIF]:
## 2014-12-11 23:46:56 : IKE<192.168.3.1> Received notify message for DOI <1> <36136> <NOTIFY_DPD_R_U_THERE>.
## 2014-12-11 23:46:56 : IKE<192.168.3.1> Notify with message id<00000000>, packet mess_id<8a94ad03>.
## 2014-12-11 23:46:56 : IKE<192.168.3.1> Create conn entry...
## 2014-12-11 23:46:56 : IKE<192.168.3.1>   ...done(new 50c0f3e9)
## 2014-12-11 23:46:56 : IKE<192.168.3.1> Construct ISAKMP header.
## 2014-12-11 23:46:56 : IKE<192.168.3.1> Msg header built (next payload #8)
## 2014-12-11 23:46:56 : IKE<192.168.3.1> Construct [HASH]
## 2014-12-11 23:46:56 : IKE<192.168.3.1> Construct [NOTIF]:(NOTIFY_DPD_R_U_THERE_ACK)
## 2014-12-11 23:46:56 : IKE<192.168.3.1> construct QM HASH
## 2014-12-11 23:46:56 : IKE<192.168.3.1    > Xmit*: [HASH] [NOTIF] 
## 2014-12-11 23:46:56 : IKE<192.168.3.1> Encrypt P2 payload (len 80)
## 2014-12-11 23:46:56 : IKE<192.168.3.1> Responder sending IPv4 IP 192.168.3.1/port 10952
## 2014-12-11 23:46:56 : IKE<192.168.3.1> Send Phase 2 packet (len=84)
## 2014-12-11 23:46:56 : IKE<192.168.3.1>   Delete conn entry...
## 2014-12-11 23:46:56 : IKE<192.168.3.1>  ...found conn entry(50c0f3e9)
## 2014-12-11 23:46:56 : IKE<192.168.3.1> process notify exit with <0>.
## 2014-12-11 23:46:56 : IKE<192.168.3.1>   Delete conn entry...
## 2014-12-11 23:46:56 : IKE<192.168.3.1>  ...found conn entry(8a94ad03)
## 2014-12-11 23:46:56 : IKE<192.168.3.1> IKE msg done: PKI state<0> IKE state<6/1097102f>
## 2014-12-11 23:46:56 : IKE<192.168.3.1> Catcher: received 68 bytes from socket.
## 2014-12-11 23:46:56 : IKE<192.168.3.1> ****** Recv packet if <ethernet0/3> of vsys <Root> ******
## 2014-12-11 23:46:56 : IKE<192.168.3.1> Catcher: get 68 bytes. src port 10952
## 2014-12-11 23:46:56 : IKE<0.0.0.0        >   ISAKMP msg: len 68, nxp 8[HASH], exch 5[INFO], flag 01  E 
## 2014-12-11 23:46:56 : IKE<192.168.3.1> Create conn entry...
## 2014-12-11 23:46:56 : IKE<192.168.3.1>   ...done(new d9555251)
## 2014-12-11 23:46:56 : IKE<192.168.3.1> Decrypting payload (length 40)
## 2014-12-11 23:46:56 : IKE<192.168.3.1    > Recv*: [HASH] [DELETE] 
## 2014-12-11 23:46:56 : IKE<192.168.3.1> Process [DELETE]:
## 2014-12-11 23:46:56 : IKE<192.168.3.1> ipsec del msg received, (SA0 c9beca6b) deleted.
## 2014-12-11 23:46:56 : IKE<192.168.3.1> clean_all_sa_state_node_from_list->
## 2014-12-11 23:46:56 : IKE<192.168.3.1>   Delete conn entry...
## 2014-12-11 23:46:56 : IKE<192.168.3.1>  ...found conn entry(d9555251)
## 2014-12-11 23:46:56 : IKE<192.168.3.1> IKE msg done: PKI state<0> IKE state<6/1097102f>
## 2014-12-11 23:46:56 : IKE<192.168.3.1> Catcher: received 76 bytes from socket.
## 2014-12-11 23:46:56 : IKE<192.168.3.1> ****** Recv packet if <ethernet0/3> of vsys <Root> ******
## 2014-12-11 23:46:56 : IKE<192.168.3.1> Catcher: get 76 bytes. src port 10952
## 2014-12-11 23:46:56 : IKE<0.0.0.0        >   ISAKMP msg: len 76, nxp 8[HASH], exch 5[INFO], flag 01  E 
## 2014-12-11 23:46:56 : IKE<192.168.3.1> Create conn entry...
## 2014-12-11 23:46:56 : IKE<192.168.3.1>   ...done(new 19ff2318)
## 2014-12-11 23:46:56 : IKE<192.168.3.1> Decrypting payload (length 48)
## 2014-12-11 23:46:56 : IKE<192.168.3.1    > Recv*: [HASH] [DELETE] 
## 2014-12-11 23:46:56 : IKE<192.168.3.1> Process [DELETE]:
## 2014-12-11 23:46:56 : IKE<192.168.3.1> DELETE payload received, deleting Phase-1 SA
## 2014-12-11 23:46:56 : IKE<192.168.3.1>   Delete conn entry...
## 2014-12-11 23:46:56 : IKE<192.168.3.1>  ...found conn entry(19ff2318)
## 2014-12-11 23:46:56 : IKE<192.168.3.1> IKE msg done: PKI state<0> IKE state<6/1097102f>
## 2014-12-11 23:46:57 : IKE<192.168.2.1> nhtb_list_update_status: vpn VPN1-PH2
## 2014-12-11 23:46:57 : IKE<192.168.2.1>   ** vpn mon return up 4
## 2014-12-11 23:46:57 : IKE<192.168.2.1> sa_link_status_for_tunl_ifp: saidx 1, preliminary status 4
## 2014-12-11 23:46:57 : IKE<192.168.2.1>   local_if is ethernet0/3
## 2014-12-11 23:47:26 : reap_db. deleting p1sa 2a4c38c
## 2014-12-11 23:47:26 : terminate_SA: trying to delete SA cause: 0 cond: c2
## 2014-12-11 23:47:26 : peer_identity_unregister_p1_sa.


get config

set user "VPN-User" uid 1
set user "VPN-User" ike-id fqdn "aman@wipro.com" share-limit 1
set user "VPN-User" type ike
set user "VPN-User" "enable"
set crypto-policy
set ike gateway "Dialup-VPNGW" dialup "VPN-User" Aggr outgoing-interface "ethernet0/3" preshare "Tvh0IpHtNk8w1AsnRUCWBK1GHknZF/BSwA==" proposal "pre-g1-des-md5"
unset ike gateway "Dialup-VPNGW" nat-traversal udp-checksum
set ike gateway "Dialup-VPNGW" nat-traversal keepalive-frequency 5
set vpn "Dialup-PH2" gateway "Dialup-VPNGW" no-replay tunnel idletime 0 proposal "nopfs-esp-des-md5" 
set policy id 5 from "Untrust" to "Trust"  "Dial-Up VPN IPv4" "10.1.1.0/24" "ANY" tunnel vpn "Dialup-PH2" id 0x4 log 
set route 10.2.1.0/24 interface tunnel.1 gateway 192.168.2.1


get sa

SSG-1-> get sa
total configured sa: 2
HEX ID    Gateway         Port Algorithm     SPI      Life:sec kb Sta   PID vsys
00000004<     192.168.3.1  500 esp: des/md5  4e601dd0  3586 unlim A/-     5 0
00000004>     192.168.3.1  500 esp: des/md5  687a37c3  3586 unlim A/-    -1 0
00000003<     192.168.2.1  500 esp: des/md5  4e601dcf  2572 unlim A/U    -1 0
00000003>     192.168.2.1  500 esp: des/md5  e6214ba8  2572 unlim A/U    -1 0
SSG-1-> 



get sa id

SSG-1-> get sa id 0x4
index 0, name Dialup-PH2, peer gateway ip 192.168.3.1. vsys<Root>
auto key. policy node, tunnel mode, policy id in:<5> out:<-1> vpngrp:<-1>. sa_list_nxt:<-1>.
tunnel id 4, peer id 1, NSRP Local.     dialup, original.   site-to-site. Local interface is ethernet0/3 <192.168.1.1>.
  esp, group 0,  des encryption, md5  authentication
  autokey, IN active, OUT active
  monitor<0>, latency: 0, availability: 0
  DF bit: clear
  app_sa_flags: 0x2400033
  proxy id: local 10.1.1.0/255.255.255.0, remote 192.168.3.1/255.255.255.255, proto 0, port 0/0
  ike activity timestamp: 84771354
  DSCP-mark : disabled
nat-traversal map not available
incoming: SPI 4e601dd0, flag 00004000, tunnel info 40000004, pipeline
  life 3600 sec, 3572 remain, 0 kb, 0 bytes remain
  anti-replay off, idle timeout value <0>, idled 28 seconds
  next pak sequence number: 0x0
  bytes/paks:0/0; sw bytes/paks:0/0
outgoing: SPI 687a37c3, flag 00000000, tunnel info 40000004, pipeline
  life 3600 sec, 3572 remain, 0 kb, 0 bytes remain
  anti-replay off, idle timeout value <0>, idled 28 seconds
  next pak sequence number: 0x0
  bytes/paks:0/0; sw bytes/paks:0/0



get ike cookie

SSG-1-> get ike cookie

IKEv1 SA -- Active: 2, Dead: 0, Total 2

1097102f/0006, 192.168.3.1:10952->192.168.1.1:500, PRESHR/grp1/DES/MD5, xchg(5) (Dialup-VPNGW/grp-1/usr1)
resent-tmr 322 lifetime 28800 lt-recv 86400 nxt_rekey 28762 cert-expire 0
responder, err cnt 0, send dir 1, cond 0xc0
nat-traversal map not available
ike heartbeat              : disabled
ike heartbeat last rcv time: 0
ike heartbeat last snd time: 0
XAUTH status: 0
DPD seq local 0, peer 1451438350

80522f/0003, 192.168.1.1:500->192.168.2.1:500, PRESHR/grp1/DES/MD5, xchg(5) (VPN1-GW/grp-1/usr-1)
resent-tmr 322 lifetime 28800 lt-recv 28800 nxt_rekey 20568 cert-expire 0
initiator, err cnt 0, send dir 0, cond 0x0
nat-traversal map not available
ike heartbeat              : disabled
ike heartbeat last rcv time: 0
ike heartbeat last snd time: 0
XAUTH status: 0
DPD seq local 0, peer 0


IKEv2 SA -- Active: 0, Dead: 0, Total 0


get vpn

SSG-1-> get vpn
Name            Gateway         Mode RPlay 1st Proposal         Monitor Use Cnt Interface 
--------------- --------------- ---- ----- -------------------- ------- ------- ---------------
VPN1-PH2        VPN1-GW         tunl No    nopfs-esp-des-md5    on            0 eth0/3
Dialup-PH2      Dialup-VPNGW    tunl No    nopfs-esp-des-md5    off           1 eth0/3
  Total Auto VPN: 2
  Total Pure Transport Mode IPSEC VPN: 0

Name       Gateway         Interface       Lcl SPI  Rmt SPI  Algorithm        Monitor Tunnel ID 
---------- --------------- --------------- -------- -------- ---------------- ------- ----------
Total Manual VPN 0
SSG-1-> 


get event

SSG-1-> get event
Total event entries = 29
Date       Time     Module Level  Type Description
2014-12-12 02:36:50 system notif 00767 Event log was reviewed by admin netscreen.
2014-12-12 02:36:34 system info  00536 IKE 192.168.3.1 Phase 2 msg ID 15fb9b0b: Completed negotiations with SPI 4e601ddc, tunnel ID 4, and lifetime 3600 seconds/0 KB.
2014-12-12 02:36:34 system info  00536 IKE 192.168.3.1 phase 2:The symmetric crypto key has been generated successfully.
2014-12-12 02:36:34 system info  00536 IKE 192.168.3.1 Phase 2 msg ID 15fb9b0b: Responded to the peer's first message.
2014-12-12 02:36:33 system info  00536 IKE 192.168.3.1: Received initial contact notification and removed Phase 1 SAs.
2014-12-12 02:36:33 system info  00536 IKE 192.168.3.1 Phase 1: Completed Aggressive mode negotiations with a 28800-second lifetime.
2014-12-12 02:36:33 system info  00536 IKE 192.168.3.1 Phase 1: Completed for user VPN-User.
2014-12-12 02:36:33 system info  00536 IKE 192.168.3.1: Received initial contact notification and removed Phase 2 SAs.
2014-12-12 02:36:33 system info  00536 IKE 192.168.3.1: Received a notification message for DOI 1 24578 INITIAL-CONTACT.
2014-12-12 02:36:33 system info  00536 IKE 192.168.3.1 phase 1:The symmetric crypto key has been generated successfully.
2014-12-12 02:36:33 system info  00536 IKE 192.168.3.1 Phase 1: Responder starts AGGRESSIVE mode negotiations.


NCP-e Client profile

[GENERAL]
Export=1
Product=NCP Secure Client - Juniper Edition
Version=9.32 Build 218
Date=12/11/2014 2:48:18 PM
[PROFILE1]
Name=dialup-ssg
NotKeepVpn=0
BootProfile=0
ConnMode=0
Timeout=100
PkiConfig=
ExchMode=4
IKE-Policy=Pre-shared Key
IkeDhGroup=1
IkeLTSec=001:00:00:00
IPSec-Policy=proposal
PFS=0
IPSecLTType=1
IpsecLTSec=000:08:00:00
IPSecLTKb=50000
IkeIdType=2
IkeIdStr=aman@wipro.com
XAUTH-Id=""
XAUTH-Pw=""
Gateway=192.168.1.1
UseTunnel=0
UseXAUTH=0
DisDPD=0
DPDInterval=20
DPDRetrys=8
AntiReplay=0
IpAddrAssign=1
IPAddress=
SubnetMask=255.255.255.0
DNS1=0.0.0.0
DNS2=0.0.0.0
WINS1=0.0.0.0
WINS2=0.0.0.0
DomainName=
SubjectCert=
IssuerCert=
FingerPrint=
UseSHA1=0
DNSActiv=0
DNS1Tmp=0.0.0.0
DNS2Tmp=0.0.0.0
WINS1Tmp=0.0.0.0
WINS2Tmp=0.0.0.0
Secret="?qc"
UsePreShKey=1
Network1=10.1.1.0
SubMask1=255.255.255.0
[IKEPOLICY1]
IkeName=Pre-shared Key
IkeCrypt=1
IkeHash=1
IkeAuth=1
IkeDhGroup=2
[IPSECPOLICY1]
IPSecName=proposal
IpsecCrypt=1
IpsecAuth=1




blog comments powered by Disqus