[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

(racoon 870) x509 certificates problems

To: racoon@kame.net
Subject: (racoon 870) x509 certificates problems
From: Morgan <mailing-racoon@zacharie.net>
Date: Tue, 14 Dec 2004 16:45:20 +0100
Delivered-to: racoon-archive@kame.net
Delivered-to: racoon-outgo@kame.net
Delivered-to: racoon@orange.kame.net
Delivered-to: racoon@kame.net
Reply-to: racoon@kame.net
Sender: owner-racoon@kame.net
User-agent: KMail/1.7.1

Hi,

I try to make a tunnel between two FreeBSD 5.3 computers using x509 
certificates with a CA.

The main message is :
2004-12-14 16:00:18: ERROR: oakley.c:1640:oakley_check_certid(): Invalid ID
length in phase 1.

I've created many certificates without any change.

On the web, I don't find answer to this problem.

Do you have a solution, or an idea ?

Regards.

Morgan

-- 

Un pas vers les logiciels libres
http://www.fsf-europe.org/
http://www.gnu.org/

2004-12-14 16:00:15: INFO: main.c:172:main(): @(#)package version freebsd-20040818a
2004-12-14 16:00:16: INFO: main.c:174:main(): @(#)internal version 20001216 sakane@kame.net
2004-12-14 16:00:16: INFO: main.c:175:main(): @(#)This product linked OpenSSL 0.9.7d 17 Mar 2004 (http://www.openssl.org/)
2004-12-14 16:00:16: DEBUG: pfkey.c:434:pfkey_init(): call pfkey_send_register for AH
2004-12-14 16:00:16: DEBUG: pfkey.c:434:pfkey_init(): call pfkey_send_register for ESP
2004-12-14 16:00:16: DEBUG: pfkey.c:434:pfkey_init(): call pfkey_send_register for IPCOMP
2004-12-14 16:00:16: DEBUG: cftoken.l:578:yycf_set_buffer(): reading config file racoon-cert.conf
2004-12-14 16:00:16: DEBUG: pfkey.c:2379:pk_checkalg(): compression algorithm can not be checked because sadb message doesn't support it.
2004-12-14 16:00:16: INFO: isakmp.c:1368:isakmp_open(): 192.168.11.210[500] used as isakmp port (fd=4)
2004-12-14 16:00:16: DEBUG: pfkey.c:197:pfkey_handler(): get pfkey X_SPDDUMP message
2004-12-14 16:00:16: DEBUG: pfkey.c:197:pfkey_handler(): get pfkey X_SPDDUMP message
2004-12-14 16:00:16: DEBUG: policy.c:184:cmpspidxstrict(): sub:0xbfbfe780: 192.168.11.210/32[0] 192.168.11.211/32[0] proto=any dir=out
2004-12-14 16:00:16: DEBUG: policy.c:185:cmpspidxstrict(): db :0x809dc08: 192.168.11.211/32[0] 192.168.11.210/32[0] proto=any dir=in
2004-12-14 16:00:18: DEBUG: isakmp.c:233:isakmp_handler(): ===
2004-12-14 16:00:18: DEBUG: isakmp.c:234:isakmp_handler(): 80 bytes message received from 192.168.11.211[500]
2004-12-14 16:00:18: DEBUG: plog.c:193:plogdump(): 
9e8766d8 de6b8eb6 00000000 00000000 01100200 00000000 00000050 00000034
00000001 00000001 00000028 01010001 00000020 01010000 800b0001 800c7080
80010005 80030003 80020002 80040002
2004-12-14 16:00:18: DEBUG: remoteconf.c:129:getrmconf(): anonymous configuration selected for 192.168.11.211[500].
2004-12-14 16:00:18: DEBUG: isakmp.c:899:isakmp_ph1begin_r(): ===
2004-12-14 16:00:18: INFO: isakmp.c:904:isakmp_ph1begin_r(): respond new phase 1 negotiation: 192.168.11.210[500]<=>192.168.11.211[500]
2004-12-14 16:00:18: INFO: isakmp.c:909:isakmp_ph1begin_r(): begin Identity Protection mode.
2004-12-14 16:00:18: DEBUG: isakmp.c:1122:isakmp_parsewoh(): begin.
2004-12-14 16:00:18: DEBUG: isakmp.c:1149:isakmp_parsewoh(): seen nptype=1(sa)
2004-12-14 16:00:18: DEBUG: isakmp.c:1188:isakmp_parsewoh(): succeed.
2004-12-14 16:00:18: DEBUG: ipsec_doi.c:1117:get_proppair(): total SA len=48
2004-12-14 16:00:18: DEBUG: plog.c:193:plogdump(): 
00000001 00000001 00000028 01010001 00000020 01010000 800b0001 800c7080
80010005 80030003 80020002 80040002
2004-12-14 16:00:18: DEBUG: isakmp.c:1122:isakmp_parsewoh(): begin.
2004-12-14 16:00:18: DEBUG: isakmp.c:1149:isakmp_parsewoh(): seen nptype=2(prop)
2004-12-14 16:00:18: DEBUG: isakmp.c:1188:isakmp_parsewoh(): succeed.
2004-12-14 16:00:18: DEBUG: ipsec_doi.c:1170:get_proppair(): proposal #1 len=40
2004-12-14 16:00:18: DEBUG: isakmp.c:1122:isakmp_parsewoh(): begin.
2004-12-14 16:00:18: DEBUG: isakmp.c:1149:isakmp_parsewoh(): seen nptype=3(trns)
2004-12-14 16:00:18: DEBUG: isakmp.c:1188:isakmp_parsewoh(): succeed.
2004-12-14 16:00:18: DEBUG: ipsec_doi.c:1311:get_transform(): transform #1 len=32
2004-12-14 16:00:18: DEBUG: ipsec_doi.c:1870:check_attr_isakmp(): type=Life Type, flag=0x8000, lorv=seconds
2004-12-14 16:00:18: DEBUG: ipsec_doi.c:1870:check_attr_isakmp(): type=Life Duration, flag=0x8000, lorv=28800
2004-12-14 16:00:18: DEBUG: ipsec_doi.c:1870:check_attr_isakmp(): type=Encryption Algorithm, flag=0x8000, lorv=3DES-CBC
2004-12-14 16:00:18: DEBUG: algorithm.c:386:alg_oakley_encdef(): encription(3des)
2004-12-14 16:00:18: DEBUG: ipsec_doi.c:1870:check_attr_isakmp(): type=Authentication Method, flag=0x8000, lorv=RSA signatures
2004-12-14 16:00:18: DEBUG: ipsec_doi.c:1870:check_attr_isakmp(): type=Hash Algorithm, flag=0x8000, lorv=SHA
2004-12-14 16:00:18: DEBUG: algorithm.c:256:alg_oakley_hashdef(): hash(sha1)
2004-12-14 16:00:18: DEBUG: ipsec_doi.c:1870:check_attr_isakmp(): type=Group Description, flag=0x8000, lorv=1024-bit MODP group
2004-12-14 16:00:18: DEBUG: algorithm.c:614:alg_oakley_dhdef(): hmac(modp1024)
2004-12-14 16:00:18: DEBUG: ipsec_doi.c:1213:get_proppair(): pair 1:
2004-12-14 16:00:18: DEBUG: proposal.c:895:print_proppair0():  0x80a3d50: next=0x0 tnext=0x0
2004-12-14 16:00:18: DEBUG: ipsec_doi.c:1248:get_proppair(): proposal #1: 1 transform
2004-12-14 16:00:18: DEBUG: ipsec_doi.c:322:get_ph1approvalx(): prop#=1, prot-id=ISAKMP, spi-size=0, #trns=1
2004-12-14 16:00:18: DEBUG: ipsec_doi.c:327:get_ph1approvalx(): trns#=1, trns-id=IKE
2004-12-14 16:00:18: DEBUG: ipsec_doi.c:491:t2isakmpsa(): type=Life Type, flag=0x8000, lorv=seconds
2004-12-14 16:00:18: DEBUG: ipsec_doi.c:491:t2isakmpsa(): type=Life Duration, flag=0x8000, lorv=28800
2004-12-14 16:00:18: DEBUG: ipsec_doi.c:491:t2isakmpsa(): type=Encryption Algorithm, flag=0x8000, lorv=3DES-CBC
2004-12-14 16:00:18: DEBUG: ipsec_doi.c:491:t2isakmpsa(): type=Authentication Method, flag=0x8000, lorv=RSA signatures
2004-12-14 16:00:18: DEBUG: ipsec_doi.c:491:t2isakmpsa(): type=Hash Algorithm, flag=0x8000, lorv=SHA
2004-12-14 16:00:18: DEBUG: ipsec_doi.c:491:t2isakmpsa(): type=Group Description, flag=0x8000, lorv=1024-bit MODP group
2004-12-14 16:00:18: DEBUG: ipsec_doi.c:338:get_ph1approvalx(): Compared: DB:Peer
2004-12-14 16:00:18: DEBUG: ipsec_doi.c:339:get_ph1approvalx(): (lifetime = 28800:28800)
2004-12-14 16:00:18: DEBUG: ipsec_doi.c:341:get_ph1approvalx(): (lifebyte = 0:0)
2004-12-14 16:00:18: DEBUG: ipsec_doi.c:343:get_ph1approvalx(): enctype = 3DES-CBC:3DES-CBC
2004-12-14 16:00:18: DEBUG: ipsec_doi.c:348:get_ph1approvalx(): (encklen = 0:0)
2004-12-14 16:00:18: DEBUG: ipsec_doi.c:350:get_ph1approvalx(): hashtype = SHA:SHA
2004-12-14 16:00:18: DEBUG: ipsec_doi.c:355:get_ph1approvalx(): authmethod = RSA signatures:RSA signatures
2004-12-14 16:00:18: DEBUG: ipsec_doi.c:360:get_ph1approvalx(): dh_group = 1024-bit MODP group:1024-bit MODP group
2004-12-14 16:00:18: DEBUG: ipsec_doi.c:248:get_ph1approval(): an acceptable proposal found.
2004-12-14 16:00:18: DEBUG: algorithm.c:614:alg_oakley_dhdef(): hmac(modp1024)
2004-12-14 16:00:18: DEBUG: isakmp.c:2006:isakmp_newcookie(): new cookie:
1a2b303468e49b0e 
2004-12-14 16:00:18: DEBUG: isakmp.c:2130:set_isakmp_payload_c(): add payload of len 48, next type 1
2004-12-14 16:00:18: DEBUG: isakmp.c:2130:set_isakmp_payload_c(): add payload of len 16, next type 13
2004-12-14 16:00:18: DEBUG: sockmisc.c:421:sendfromto(): sockname 192.168.11.210[500]
2004-12-14 16:00:18: DEBUG: sockmisc.c:423:sendfromto(): send packet from 192.168.11.210[500]
2004-12-14 16:00:18: DEBUG: sockmisc.c:425:sendfromto(): send packet to 192.168.11.211[500]
2004-12-14 16:00:18: DEBUG: sockmisc.c:570:sendfromto(): 1 times of 100 bytes message will be sent to 192.168.11.211[500]
2004-12-14 16:00:18: DEBUG: plog.c:193:plogdump(): 
9e8766d8 de6b8eb6 1a2b3034 68e49b0e 01100200 00000000 00000064 0d000034
00000001 00000001 00000028 01010001 00000020 01010000 800b0001 800c7080
80010005 80030003 80020002 80040002 00000014 7003cbc1 097dbe9c 2600ba69
83bc8b35
2004-12-14 16:00:18: DEBUG: isakmp.c:1459:isakmp_ph1resend(): resend phase1 packet 9e8766d8de6b8eb6:1a2b303468e49b0e
2004-12-14 16:00:18: DEBUG: isakmp.c:233:isakmp_handler(): ===
2004-12-14 16:00:18: DEBUG: isakmp.c:234:isakmp_handler(): 200 bytes message received from 192.168.11.211[500]
2004-12-14 16:00:18: DEBUG: plog.c:193:plogdump(): 
9e8766d8 de6b8eb6 1a2b3034 68e49b0e 04100200 00000000 000000c8 0a000084
e31339c2 c2b905b0 f89226c3 64c0f778 a5a7d081 d137b8dd d1ea8451 255bea33
f8f5639f ef5d677c c757b88b 77ec358c 2b1909d7 38e39a99 4af6899d 95663def
3f209f61 3c29eee3 ac57def8 ed8f8887 4e247c33 8873d7f2 646859d8 6fb7123a
e0c72259 48c8dd09 ed3b8185 a24dd3da 4e2dbc1b 5320b63a d1fe288d 9dbe4dcf
0d000014 bfe617e1 b82f8d2d d4b147a8 d2e81c50 00000014 7003cbc1 097dbe9c
2600ba69 83bc8b35
2004-12-14 16:00:18: DEBUG: isakmp.c:1122:isakmp_parsewoh(): begin.
2004-12-14 16:00:18: DEBUG: isakmp.c:1149:isakmp_parsewoh(): seen nptype=4(ke)
2004-12-14 16:00:18: DEBUG: isakmp.c:1149:isakmp_parsewoh(): seen nptype=10(nonce)
2004-12-14 16:00:18: DEBUG: isakmp.c:1149:isakmp_parsewoh(): seen nptype=13(vid)
2004-12-14 16:00:18: DEBUG: isakmp.c:1188:isakmp_parsewoh(): succeed.
2004-12-14 16:00:18: INFO: vendorid.c:128:check_vendorid(): received Vendor ID: KAME/racoon
2004-12-14 16:00:18: DEBUG: isakmp.c:633:ph1_main(): ===
2004-12-14 16:00:18: DEBUG: oakley.c:300:oakley_dh_generate(): compute DH's private.
2004-12-14 16:00:18: DEBUG: plog.c:193:plogdump(): 
7c2c0b7e fd51999e 445931d7 df431550 897e1ae2 8a071862 fe785fde 809233d7
6b1b08c9 d1da1d63 fd4f68f6 1ba37b1d 10b9f270 0b4cb746 0b9d22a7 f78611ef
1c1d255c 48d4e078 3131d6b3 54b97123 4d1275d3 6b27353b 797350f9 526c3d3c
0f903f68 5d944842 ed4942d0 64a58eb0 f2372b40 e5dbca79 162e9080 72ce5137
2004-12-14 16:00:18: DEBUG: oakley.c:302:oakley_dh_generate(): compute DH's public.
2004-12-14 16:00:18: DEBUG: plog.c:193:plogdump(): 
a0b4bf5a 018aa2bf 4654cb0a a3f5bc08 9bdd422d 9f922705 8d95d437 133801b5
1ef065cc 0b457766 649f6a76 4e08c9df e76c8470 da44441e ae8f5c87 c8318a76
f15a5ab8 f1eed800 dc1aa611 97d2e7be e22a949f c8a0e9cf 2ad0dca3 b6f6eb44
2e407e4c 3fc33c2b 822727c9 374256a3 a582caaa 18a5b541 0a7b145c 0da8a87d
2004-12-14 16:00:18: DEBUG: isakmp.c:2130:set_isakmp_payload_c(): add payload of len 128, next type 4
2004-12-14 16:00:18: DEBUG: isakmp.c:2130:set_isakmp_payload_c(): add payload of len 16, next type 10
2004-12-14 16:00:18: DEBUG: isakmp.c:2130:set_isakmp_payload_c(): add payload of len 16, next type 13
2004-12-14 16:00:18: DEBUG: sockmisc.c:421:sendfromto(): sockname 192.168.11.210[500]
2004-12-14 16:00:18: DEBUG: sockmisc.c:423:sendfromto(): send packet from 192.168.11.210[500]
2004-12-14 16:00:18: DEBUG: sockmisc.c:425:sendfromto(): send packet to 192.168.11.211[500]
2004-12-14 16:00:18: DEBUG: sockmisc.c:570:sendfromto(): 1 times of 200 bytes message will be sent to 192.168.11.211[500]
2004-12-14 16:00:18: DEBUG: plog.c:193:plogdump(): 
9e8766d8 de6b8eb6 1a2b3034 68e49b0e 04100200 00000000 000000c8 0a000084
a0b4bf5a 018aa2bf 4654cb0a a3f5bc08 9bdd422d 9f922705 8d95d437 133801b5
1ef065cc 0b457766 649f6a76 4e08c9df e76c8470 da44441e ae8f5c87 c8318a76
f15a5ab8 f1eed800 dc1aa611 97d2e7be e22a949f c8a0e9cf 2ad0dca3 b6f6eb44
2e407e4c 3fc33c2b 822727c9 374256a3 a582caaa 18a5b541 0a7b145c 0da8a87d
0d000014 ccfc7c3a 9aa360c5 b369e3ac d152c0bb 00000014 7003cbc1 097dbe9c
2600ba69 83bc8b35
2004-12-14 16:00:18: DEBUG: isakmp.c:1459:isakmp_ph1resend(): resend phase1 packet 9e8766d8de6b8eb6:1a2b303468e49b0e
2004-12-14 16:00:18: DEBUG: oakley.c:250:oakley_dh_compute(): compute DH's shared.
2004-12-14 16:00:18: DEBUG: plog.c:193:plogdump(): 
227b97fd 8c518015 c468b800 60f1a6c7 61f206e1 fa16fb12 348014c9 d2805581
31eb33e0 d733f2b2 778711c2 c137d03b b4a2a080 edfd392a 8834e346 86f0a18b
dd23e526 5e808456 1c35aa47 4af6eceb f38b7dc9 4550b5b1 367889c9 951c7037
2f447117 bc8f2531 6c3b1c09 8df2a72e 7c3c3b0e 9739ff1b 5c6bfd60 950768dc
2004-12-14 16:00:18: DEBUG: oakley.c:2150:oakley_skeyid(): nonce1: 2004-12-14 16:00:18: DEBUG: plog.c:193:plogdump(): 
bfe617e1 b82f8d2d d4b147a8 d2e81c50
2004-12-14 16:00:18: DEBUG: oakley.c:2156:oakley_skeyid(): nonce2: 2004-12-14 16:00:18: DEBUG: plog.c:193:plogdump(): 
ccfc7c3a 9aa360c5 b369e3ac d152c0bb
2004-12-14 16:00:18: DEBUG: algorithm.c:326:alg_oakley_hmacdef(): hmac(hmac_sha1)
2004-12-14 16:00:18: DEBUG: oakley.c:2178:oakley_skeyid(): SKEYID computed:
2004-12-14 16:00:18: DEBUG: plog.c:193:plogdump(): 
3ee63552 f5466c32 e13f75f7 a9abf60b 0190ae0f
2004-12-14 16:00:18: DEBUG: algorithm.c:326:alg_oakley_hmacdef(): hmac(hmac_sha1)
2004-12-14 16:00:18: DEBUG: oakley.c:2235:oakley_skeyid_dae(): SKEYID_d computed:
2004-12-14 16:00:18: DEBUG: plog.c:193:plogdump(): 
ddd5ef2d c754b640 5a207b58 f83e7f79 0ebfa417
2004-12-14 16:00:18: DEBUG: algorithm.c:326:alg_oakley_hmacdef(): hmac(hmac_sha1)
2004-12-14 16:00:18: DEBUG: oakley.c:2264:oakley_skeyid_dae(): SKEYID_a computed:
2004-12-14 16:00:18: DEBUG: plog.c:193:plogdump(): 
c386b3e8 8774492b 352a249e f7c61379 010db9ca
2004-12-14 16:00:18: DEBUG: algorithm.c:326:alg_oakley_hmacdef(): hmac(hmac_sha1)
2004-12-14 16:00:18: DEBUG: oakley.c:2293:oakley_skeyid_dae(): SKEYID_e computed:
2004-12-14 16:00:18: DEBUG: plog.c:193:plogdump(): 
a1cec693 93d91606 188372e3 7f4cd147 7e1351b4
2004-12-14 16:00:18: DEBUG: algorithm.c:386:alg_oakley_encdef(): encription(3des)
2004-12-14 16:00:18: DEBUG: algorithm.c:256:alg_oakley_hashdef(): hash(sha1)
2004-12-14 16:00:18: DEBUG: oakley.c:2362:oakley_compute_enckey(): len(SKEYID_e) < len(Ka) (20 < 24), generating long key (Ka = K1 | K2 | ...)
2004-12-14 16:00:18: DEBUG: algorithm.c:326:alg_oakley_hmacdef(): hmac(hmac_sha1)
2004-12-14 16:00:18: DEBUG: oakley.c:2387:oakley_compute_enckey(): compute intermediate encryption key K1
2004-12-14 16:00:18: DEBUG: plog.c:193:plogdump(): 
00
2004-12-14 16:00:18: DEBUG: plog.c:193:plogdump(): 
7ae076fb 56063774 106783cc 3ba653e1 8208dbf0
2004-12-14 16:00:18: DEBUG: algorithm.c:326:alg_oakley_hmacdef(): hmac(hmac_sha1)
2004-12-14 16:00:18: DEBUG: oakley.c:2387:oakley_compute_enckey(): compute intermediate encryption key K2
2004-12-14 16:00:18: DEBUG: plog.c:193:plogdump(): 
7ae076fb 56063774 106783cc 3ba653e1 8208dbf0
2004-12-14 16:00:18: DEBUG: plog.c:193:plogdump(): 
af4d3ae2 4ab970a4 8bbcb19c 3cacec66 7da1bfb9
2004-12-14 16:00:18: DEBUG: oakley.c:2435:oakley_compute_enckey(): final encryption key computed:
2004-12-14 16:00:18: DEBUG: plog.c:193:plogdump(): 
7ae076fb 56063774 106783cc 3ba653e1 8208dbf0 af4d3ae2
2004-12-14 16:00:18: DEBUG: algorithm.c:256:alg_oakley_hashdef(): hash(sha1)
2004-12-14 16:00:18: DEBUG: algorithm.c:386:alg_oakley_encdef(): encription(3des)
2004-12-14 16:00:18: DEBUG: oakley.c:2546:oakley_newiv(): IV computed:
2004-12-14 16:00:18: DEBUG: plog.c:193:plogdump(): 
fe313d9e 4f8ba70c
2004-12-14 16:00:18: DEBUG: isakmp.c:233:isakmp_handler(): ===
2004-12-14 16:00:18: DEBUG: isakmp.c:234:isakmp_handler(): 1740 bytes message received from 192.168.11.211[500]
2004-12-14 16:00:18: DEBUG: plog.c:193:plogdump(): 
9e8766d8 de6b8eb6 1a2b3034 68e49b0e 05100201 00000000 000006cc 4acbf461
4120f3fd 750480d1 7b9a7518 efe0d047 806e34b7 ce134da0 630dee30 340cedd3
ef920305 1e8c4745 062678b7 1a212d08 c6b8ca86 9178ec37 bf1b795e a712b13d
1e4cafc7 b494e33c 107e1a3e b3761c4c 145d247a 0491c2f8 0b25b955 09e8a357
bed9f84f 9b88525c ed4bd9f9 86bf0f8c c29cdd3c 9096586a 5a1123cf b1b1d63e
31ba20de 6dd79454 2bef5df7 b0a73b5b e4c878ce 3018bec5 fd69f77a e37ad062
ce37ed5c 582ce18e 0946bdd4 e30572c7 50bf67d9 488a605c 7c8065ee 15876390
d9ed00d9 02a31a17 dfbbd3f6 21217a15 aebdd1a2 5c76ed49 b5b165e6 073a96d8
f884916c 40ff9944 42d7de59 422e1e39 3388ba95 79a4149f 0f29d192 acddc63a
ca748add 721e78e1 1fcd3c50 8e85aaa2 312c653c 3f83bfe9 0f645b53 73b9589c
a764e82a 30df3ab9 fb5b9158 bc03d7f9 5b21cb99 216d2f7a 37f22f5d 203e254d
97d53def 69ef7e44 724663ef 9b73fe44 796d060c a238893b 96ee0954 2ac1a962
0752fa60 baac5918 0dce1fc2 b93b6b65 e5d4a2d3 a30bbc98 20156b11 e8e9b912
642a8eb7 6c41b136 a2fa4bbe c9583bb3 cae10cf5 9322b3e6 d843bb21 ef3c44e0
5bfa9ba8 ef71cedd 0d3cf2de 3c1a3499 e7b602ee d015ff9e f02da444 daf48e6b
b39cacb2 e42797cf a5804bf5 a23b59bf 74d1b87b c927a8c7 648c3dad 68b0825f
64ac0e57 023a4ba2 a2e95557 87060422 8d16d642 cd9e3be1 dbb98ba8 6aa6fb4a
39546a61 81dc7b5f 18faf8f3 1510d4f2 eaa54547 2efd0554 0462fcfe 30c31669
300482ac e8dd5993 50c743f8 a8c90129 e9b2dddf 71182a98 40508465 3ff83b3a
3f6cae0f 232af9a8 75861dd6 fe78f642 c7cd7977 99c24075 78fd15e5 318c1a4f
0eee013e 508f9338 0a423992 3a9a2a9f 067c0007 1c2e15d7 dbddc8cc c00952e9
9e1187ea a07f3b0c 827aebef cd07b8c9 39612f9b 2a37ab67 76fb2bb8 384f895a
947a9e6c a61957ba da59e03b b2c31734 87663dda ea9a56da 456e78de 17bb7526
abcab6d7 8bb0ada2 4b56733e 50f5c60e 318228bb b384334e daa65a70 a9feb58a
8c1fdcd6 99bea8f4 908a9192 65c38068 65760a63 adfe4f0e 11d6bdbc 6040007d
1117b776 a7194dbd 393ca12d f79749f8 758f454e 624fc4ad d00610c5 71cea3f6
9024de1a c73161c1 1a660c88 e45c42f7 dd849abd 5f3e2bf1 fdea2372 d11c5d50
20430743 c192bf1f f19e0462 df002d16 a1c9562c aa737e36 c864b8a5 4cf9651a
a7e2e568 fe5d21b5 7477c474 eab90885 269eef1d 15aeb2e1 ff310af4 5d3a5cd6
92f609c9 62bcd057 093b44b6 09d72e12 a097ecf4 2e12bfc6 e0c6cb59 bf955a6a
b4954246 16474fc9 7734b2e1 5b0fa07e 2b75d5c6 1312f67c 59c49d97 63a4e102
00e7af1a bc0f2dcb 08b713a1 0acb7731 9454235d f2b14012 65f8fa51 4710976b
3cf701d9 e7fefdf3 b2e40f01 8641db1f ae7276c0 07c7734d 036d2705 8133eda0
d7ec02f4 53507af7 447c2dc6 0eb0597f ba1b41b6 74e50c04 2b773a36 4207336b
3f70b770 2275e70f f40a1704 1e1ed175 3c43dba4 33cbcc21 d00241ab 1a775677
0dffac71 6742873c 8cfdf8e7 3e0254b2 db7d0b0c 89d561e6 8a510b71 340f5bed
d97a8690 b49d2d94 77291336 2d4d3b15 67405d64 02ca7f91 6dfca683 70f91426
35783b69 cddb5cc3 3513f6c5 4b6b7f5d 66f5ed15 7899cb2c 1d7988d4 d2ed7a3d
f6c1f641 ffed3e4a 6ecb8972 3607546c 3da6a18f 25dce7b6 153b512b 74637da8
0594f8a1 f133b84e 6d085ad7 b73f01bc 22ef4367 02cd4bec bebba86b 41b31a54
b0a318ab d185c6ac 1729316a 4f48da75 d58f55d4 4d32a3e0 e9cd9a0e 22d229f8
c0bf9343 31bb45e6 aad4d209 9c8894e4 a239feaa 49218907 bca9174b f3648208
115694a6 531657f3 47aac83f 93f944ce f924b79a 1ae7b172 cd51547d 63ad8e42
f2970922 dddc372a c6d05bdd 71aab388 b7f70cf7 95de1665 10131dc5 2bedfdc3
f668a91f 2067da81 490a8f7f 7d37f8d6 692216c7 1d7ddb0b 419eace1 7567f7ae
9b447f25 b98aee07 a1894739 8a6423e1 eea1fb72 13776385 0c07632b 04a9f5a6
baa88bff ba171b3d e54a7288 5513bd1f c17ee3c0 aa3e226a c4e21d11 d805ab28
6972d93f ff9d2cb8 8b8c62db 52bd9b94 ee262fb7 c2043564 c6eb5237 d0d18398
14996c72 570c6bf5 31be0e60 78b1e9b3 292dc233 5907c537 9e15175e 0266f772
50ee9848 e078e5a0 32b1bab6 488d1a90 784b146e e2b54edf bb372f73 03891bd5
d36b27dd eadf6a9a c79bc894 f90441b6 7b3e020d 98132e45 51c60277 09af9ee6
89ce057b 55d4f8c3 d962c5ca 60410d5a d0196475 ef485d34 e05fc0bb dcb330c5
044ef10f 00910349 d7bd1e7e 710ce016 d7442aec 32f758c1 8c0d5c1d cab51050
6337ea21 d6d1e22e d64c68bb 660f3f01 9c501f4c addf2058 a98ccd97 126153ec
b0d64440 d182fd24 42fe2d88
2004-12-14 16:00:18: DEBUG: oakley.c:2666:oakley_do_decrypt(): begin decryption.
2004-12-14 16:00:18: DEBUG: algorithm.c:386:alg_oakley_encdef(): encription(3des)
2004-12-14 16:00:18: DEBUG: oakley.c:2680:oakley_do_decrypt(): IV was saved for next processing:
2004-12-14 16:00:18: DEBUG: plog.c:193:plogdump(): 
d182fd24 42fe2d88
2004-12-14 16:00:18: DEBUG: algorithm.c:386:alg_oakley_encdef(): encription(3des)
2004-12-14 16:00:18: DEBUG: oakley.c:2705:oakley_do_decrypt(): with key:
2004-12-14 16:00:18: DEBUG: plog.c:193:plogdump(): 
7ae076fb 56063774 106783cc 3ba653e1 8208dbf0 af4d3ae2
2004-12-14 16:00:18: DEBUG: oakley.c:2713:oakley_do_decrypt(): decrypted payload by IV:
2004-12-14 16:00:18: DEBUG: plog.c:193:plogdump(): 
d182fd24 42fe2d88
2004-12-14 16:00:18: DEBUG: oakley.c:2716:oakley_do_decrypt(): decrypted payload, but not trimed.
2004-12-14 16:00:18: DEBUG: plog.c:193:plogdump(): 
0600009a 09000000 30818f31 0b300906 03550406 13024652 31163014 06035504
08130d49 6c652064 65204672 616e6365 310e300c 06035504 07130550 61726973
310d300b 06035504 0a130454 65737431 1d301b06 0355040b 1314496e 666f726d
61746971 75652061 6e642063 6f2e3111 300f0603 55040313 086c6170 69747564
65311730 1506092a 864886f7 0d010901 16086c61 70697475 64650900 058d0430
82058430 82036ca0 03020102 02010230 0d06092a 864886f7 0d010105 05003081
90310b30 09060355 04061302 46523116 30140603 55040813 0d496c65 20646520
4672616e 6365310e 300c0603 55040713 05506172 6973310d 300b0603 55040a13
04546573 74311d30 1b060355 040b1314 496e666f 726d6174 69717565 20616e64
20636f2e 310d300b 06035504 03130474 65737431 1c301a06 092a8648 86f70d01
0901160d 74657374 40746573 742e636f 6d301e17 0d303431 32313431 30333734
305a170d 30353132 31343130 33373430 5a30818f 310b3009 06035504 06130246
52311630 14060355 0408130d 496c6520 64652046 72616e63 65310e30 0c060355
04071305 50617269 73310d30 0b060355 040a1304 54657374 311d301b 06035504
0b131449 6e666f72 6d617469 71756520 616e6420 636f2e31 11300f06 03550403
13086c61 70697475 64653117 30150609 2a864886 f70d0109 0116086c 61706974
75646530 819f300d 06092a86 4886f70d 01010105 0003818d 00308189 02818100
d7a5cc5d 4442b250 598e337a 654982f6 173bd922 fad927d6 f38c80cc 9cba31a4
31ac7dcd f365ad18 0b5116ed 04406805 3766e582 80518058 f937ac09 26936ff8
609a199b 3cc9a1bb 4d47a2ed bee2baa8 1eaeb35a 5c1b6112 93ae8c84 945f5764
17089dcb 765dd9c8 fe4c3dca 734b4866 9e758da2 493bf026 24785637 3ce34ccf
02030100 01a38201 6a308201 66300906 03551d13 04023000 30110609 60864801
86f84201 01040403 0204b030 2b060960 86480186 f842010d 041e161c 54696e79
43412047 656e6572 61746564 20436572 74696669 63617465 301d0603 551d0e04
160414a6 7d49193b b11b3f0e 982c513b 85b58e76 e700ec30 81bd0603 551d2304
81b53081 b2801407 0b122b74 08d533a9 d7b63478 7cf284e6 b340eda1 8196a481
93308190 310b3009 06035504 06130246 52311630 14060355 0408130d 496c6520
64652046 72616e63 65310e30 0c060355 04071305 50617269 73310d30 0b060355
040a1304 54657374 311d301b 06035504 0b131449 6e666f72 6d617469 71756520
616e6420 636f2e31 0d300b06 03550403 13047465 7374311c 301a0609 2a864886
f70d0109 01160d74 65737440 74657374 2e636f6d 82010030 18060355 1d120411
300f810d 74657374 40746573 742e636f 6d301306 03551d11 040c300a 81086c61
70697475 6465300b 0603551d 0f040403 0205a030 0d06092a 864886f7 0d010105
05000382 02010089 eb0590d8 6f4edc22 a2cb61a6 45d1356e b4b9f101 79311795
7d1c15d4 d14d64fe 8e189b59 9c0ae322 1509652b 05f308e4 772d31f2 c3f8c26b
ba4f501a e60fd136 06ed55d3 0f092bd4 803c0261 1a84a38c 04a2982e 6e5b5117
c2507619 40ef48d3 ef4ea9fe 9831ed67 73538be5 9cd1498c 4bfe4ebf 8a465bcc
975a2fe3 6fa3e8f3 d5f22b09 9cece80f 9e1b6140 367172bd 8ddf6873 3af58072
85f9814e 7301eaac dad5b277 86406588 3a94274e a7ffd628 45e63edf a89d67ef
77634b00 54093f9d 72979c88 77decd6f 6d9bf651 7de5b817 b16e1e85 ad97e14e
44abaa02 31348ed0 c003d600 361e2855 32bf8dc8 c8c8d8cf 0a991521 bb3a714a
da0309a6 d6e77aef 7f1666ab 5f26afae 0c2909fa 273c1989 e6408da9 ff861867
adfbed81 88042a09 3fb205da 176dd38b a4050fb0 8c025d74 e7ae69a5 902636ab
8eaf8182 c2104047 5619153d 57bbc129 8408550a 3a014ea9 16cd7242 607e8a52
6d7d61b0 6e6a99c4 6c7f553b 79a306ae df2df977 0f5bd1bd 0dba3b9f 0e271dc1
620d304e d611105f 6dac045f 3188bfd9 074f55d1 f9887267 0e5739c6 9ea4c9f5
d1029f25 ceb27559 329cbe43 0a3936f1 104cb5eb 4e21f6af 467955ea 669ca79b
7284d1bd a0a082c1 b96ce12c 7a900822 b558dffc 1435b42a af2e9ced b0c76c64
c4acd899 6ef81f73 495ec558 93d05f3a 18868c20 042605d2 53e3532b b2dbf0ff
42d89699 77c6b400 000084ac 6b360cf6 b2b27cda e085efe8 e4490771 6ea98c3a
39a400d7 d0d9a4ce e6814877 abdf11f4 71265906 ed3cefdf 6b6de0c1 a44cf2a7
09f77fc7 5564d28c 6614009f cb7716db 1fe73bf0 3c5d6e26 d7a6e633 d3b519d4
143092bd e1436469 5cee813d b5367d8c 43b01e3a 9487061b a0d4d6ad 3c9af19b
2785a92b 0215ecaf 34579100 00000005
2004-12-14 16:00:18: DEBUG: oakley.c:2725:oakley_do_decrypt(): padding len=5
2004-12-14 16:00:18: DEBUG: oakley.c:2739:oakley_do_decrypt(): skip to trim padding.
2004-12-14 16:00:18: DEBUG: oakley.c:2754:oakley_do_decrypt(): decrypted.
2004-12-14 16:00:18: DEBUG: plog.c:193:plogdump(): 
9e8766d8 de6b8eb6 1a2b3034 68e49b0e 05100201 00000000 000006cc 0600009a
09000000 30818f31 0b300906 03550406 13024652 31163014 06035504 08130d49
6c652064 65204672 616e6365 310e300c 06035504 07130550 61726973 310d300b
06035504 0a130454 65737431 1d301b06 0355040b 1314496e 666f726d 61746971
75652061 6e642063 6f2e3111 300f0603 55040313 086c6170 69747564 65311730
1506092a 864886f7 0d010901 16086c61 70697475 64650900 058d0430 82058430
82036ca0 03020102 02010230 0d06092a 864886f7 0d010105 05003081 90310b30
09060355 04061302 46523116 30140603 55040813 0d496c65 20646520 4672616e
6365310e 300c0603 55040713 05506172 6973310d 300b0603 55040a13 04546573
74311d30 1b060355 040b1314 496e666f 726d6174 69717565 20616e64 20636f2e
310d300b 06035504 03130474 65737431 1c301a06 092a8648 86f70d01 0901160d
74657374 40746573 742e636f 6d301e17 0d303431 32313431 30333734 305a170d
30353132 31343130 33373430 5a30818f 310b3009 06035504 06130246 52311630
14060355 0408130d 496c6520 64652046 72616e63 65310e30 0c060355 04071305
50617269 73310d30 0b060355 040a1304 54657374 311d301b 06035504 0b131449
6e666f72 6d617469 71756520 616e6420 636f2e31 11300f06 03550403 13086c61
70697475 64653117 30150609 2a864886 f70d0109 0116086c 61706974 75646530
819f300d 06092a86 4886f70d 01010105 0003818d 00308189 02818100 d7a5cc5d
4442b250 598e337a 654982f6 173bd922 fad927d6 f38c80cc 9cba31a4 31ac7dcd
f365ad18 0b5116ed 04406805 3766e582 80518058 f937ac09 26936ff8 609a199b
3cc9a1bb 4d47a2ed bee2baa8 1eaeb35a 5c1b6112 93ae8c84 945f5764 17089dcb
765dd9c8 fe4c3dca 734b4866 9e758da2 493bf026 24785637 3ce34ccf 02030100
01a38201 6a308201 66300906 03551d13 04023000 30110609 60864801 86f84201
01040403 0204b030 2b060960 86480186 f842010d 041e161c 54696e79 43412047
656e6572 61746564 20436572 74696669 63617465 301d0603 551d0e04 160414a6
7d49193b b11b3f0e 982c513b 85b58e76 e700ec30 81bd0603 551d2304 81b53081
b2801407 0b122b74 08d533a9 d7b63478 7cf284e6 b340eda1 8196a481 93308190
310b3009 06035504 06130246 52311630 14060355 0408130d 496c6520 64652046
72616e63 65310e30 0c060355 04071305 50617269 73310d30 0b060355 040a1304
54657374 311d301b 06035504 0b131449 6e666f72 6d617469 71756520 616e6420
636f2e31 0d300b06 03550403 13047465 7374311c 301a0609 2a864886 f70d0109
01160d74 65737440 74657374 2e636f6d 82010030 18060355 1d120411 300f810d
74657374 40746573 742e636f 6d301306 03551d11 040c300a 81086c61 70697475
6465300b 0603551d 0f040403 0205a030 0d06092a 864886f7 0d010105 05000382
02010089 eb0590d8 6f4edc22 a2cb61a6 45d1356e b4b9f101 79311795 7d1c15d4
d14d64fe 8e189b59 9c0ae322 1509652b 05f308e4 772d31f2 c3f8c26b ba4f501a
e60fd136 06ed55d3 0f092bd4 803c0261 1a84a38c 04a2982e 6e5b5117 c2507619
40ef48d3 ef4ea9fe 9831ed67 73538be5 9cd1498c 4bfe4ebf 8a465bcc 975a2fe3
6fa3e8f3 d5f22b09 9cece80f 9e1b6140 367172bd 8ddf6873 3af58072 85f9814e
7301eaac dad5b277 86406588 3a94274e a7ffd628 45e63edf a89d67ef 77634b00
54093f9d 72979c88 77decd6f 6d9bf651 7de5b817 b16e1e85 ad97e14e 44abaa02
31348ed0 c003d600 361e2855 32bf8dc8 c8c8d8cf 0a991521 bb3a714a da0309a6
d6e77aef 7f1666ab 5f26afae 0c2909fa 273c1989 e6408da9 ff861867 adfbed81
88042a09 3fb205da 176dd38b a4050fb0 8c025d74 e7ae69a5 902636ab 8eaf8182
c2104047 5619153d 57bbc129 8408550a 3a014ea9 16cd7242 607e8a52 6d7d61b0
6e6a99c4 6c7f553b 79a306ae df2df977 0f5bd1bd 0dba3b9f 0e271dc1 620d304e
d611105f 6dac045f 3188bfd9 074f55d1 f9887267 0e5739c6 9ea4c9f5 d1029f25
ceb27559 329cbe43 0a3936f1 104cb5eb 4e21f6af 467955ea 669ca79b 7284d1bd
a0a082c1 b96ce12c 7a900822 b558dffc 1435b42a af2e9ced b0c76c64 c4acd899
6ef81f73 495ec558 93d05f3a 18868c20 042605d2 53e3532b b2dbf0ff 42d89699
77c6b400 000084ac 6b360cf6 b2b27cda e085efe8 e4490771 6ea98c3a 39a400d7
d0d9a4ce e6814877 abdf11f4 71265906 ed3cefdf 6b6de0c1 a44cf2a7 09f77fc7
5564d28c 6614009f cb7716db 1fe73bf0 3c5d6e26 d7a6e633 d3b519d4 143092bd
e1436469 5cee813d b5367d8c 43b01e3a 9487061b a0d4d6ad 3c9af19b 2785a92b
0215ecaf 34579100 00000005
2004-12-14 16:00:18: DEBUG: isakmp.c:1122:isakmp_parsewoh(): begin.
2004-12-14 16:00:18: DEBUG: isakmp.c:1149:isakmp_parsewoh(): seen nptype=5(id)
2004-12-14 16:00:18: DEBUG: isakmp.c:1149:isakmp_parsewoh(): seen nptype=6(cert)
2004-12-14 16:00:18: DEBUG: isakmp.c:1149:isakmp_parsewoh(): seen nptype=9(sig)
2004-12-14 16:00:18: DEBUG: isakmp.c:1188:isakmp_parsewoh(): succeed.
2004-12-14 16:00:18: DEBUG: oakley.c:1881:oakley_savecert(): CERT saved:
2004-12-14 16:00:18: DEBUG: plog.c:193:plogdump(): 
30820584 3082036c a0030201 02020102 300d0609 2a864886 f70d0101 05050030
8190310b 30090603 55040613 02465231 16301406 03550408 130d496c 65206465
20467261 6e636531 0e300c06 03550407 13055061 72697331 0d300b06 0355040a
13045465 7374311d 301b0603 55040b13 14496e66 6f726d61 74697175 6520616e
6420636f 2e310d30 0b060355 04031304 74657374 311c301a 06092a86 4886f70d
01090116 0d746573 74407465 73742e63 6f6d301e 170d3034 31323134 31303337
34305a17 0d303531 32313431 30333734 305a3081 8f310b30 09060355 04061302
46523116 30140603 55040813 0d496c65 20646520 4672616e 6365310e 300c0603
55040713 05506172 6973310d 300b0603 55040a13 04546573 74311d30 1b060355
040b1314 496e666f 726d6174 69717565 20616e64 20636f2e 3111300f 06035504
0313086c 61706974 75646531 17301506 092a8648 86f70d01 09011608 6c617069
74756465 30819f30 0d06092a 864886f7 0d010101 05000381 8d003081 89028181
00d7a5cc 5d4442b2 50598e33 7a654982 f6173bd9 22fad927 d6f38c80 cc9cba31
a431ac7d cdf365ad 180b5116 ed044068 053766e5 82805180 58f937ac 0926936f
f8609a19 9b3cc9a1 bb4d47a2 edbee2ba a81eaeb3 5a5c1b61 1293ae8c 84945f57
6417089d cb765dd9 c8fe4c3d ca734b48 669e758d a2493bf0 26247856 373ce34c
cf020301 0001a382 016a3082 01663009 0603551d 13040230 00301106 09608648
0186f842 01010404 030204b0 302b0609 60864801 86f84201 0d041e16 1c54696e
79434120 47656e65 72617465 64204365 72746966 69636174 65301d06 03551d0e
04160414 a67d4919 3bb11b3f 0e982c51 3b85b58e 76e700ec 3081bd06 03551d23
0481b530 81b28014 070b122b 7408d533 a9d7b634 787cf284 e6b340ed a18196a4
81933081 90310b30 09060355 04061302 46523116 30140603 55040813 0d496c65
20646520 4672616e 6365310e 300c0603 55040713 05506172 6973310d 300b0603
55040a13 04546573 74311d30 1b060355 040b1314 496e666f 726d6174 69717565
20616e64 20636f2e 310d300b 06035504 03130474 65737431 1c301a06 092a8648
86f70d01 0901160d 74657374 40746573 742e636f 6d820100 30180603 551d1204
11300f81 0d746573 74407465 73742e63 6f6d3013 0603551d 11040c30 0a81086c
61706974 75646530 0b060355 1d0f0404 030205a0 300d0609 2a864886 f70d0101
05050003 82020100 89eb0590 d86f4edc 22a2cb61 a645d135 6eb4b9f1 01793117
957d1c15 d4d14d64 fe8e189b 599c0ae3 22150965 2b05f308 e4772d31 f2c3f8c2
6bba4f50 1ae60fd1 3606ed55 d30f092b d4803c02 611a84a3 8c04a298 2e6e5b51
17c25076 1940ef48 d3ef4ea9 fe9831ed 6773538b e59cd149 8c4bfe4e bf8a465b
cc975a2f e36fa3e8 f3d5f22b 099cece8 0f9e1b61 40367172 bd8ddf68 733af580
7285f981 4e7301ea acdad5b2 77864065 883a9427 4ea7ffd6 2845e63e dfa89d67
ef77634b 0054093f 9d72979c 8877decd 6f6d9bf6 517de5b8 17b16e1e 85ad97e1
4e44abaa 0231348e d0c003d6 00361e28 5532bf8d c8c8c8d8 cf0a9915 21bb3a71
4ada0309 a6d6e77a ef7f1666 ab5f26af ae0c2909 fa273c19 89e6408d a9ff8618
67adfbed 8188042a 093fb205 da176dd3 8ba4050f b08c025d 74e7ae69 a5902636
ab8eaf81 82c21040 47561915 3d57bbc1 29840855 0a3a014e a916cd72 42607e8a
526d7d61 b06e6a99 c46c7f55 3b79a306 aedf2df9 770f5bd1 bd0dba3b 9f0e271d
c1620d30 4ed61110 5f6dac04 5f3188bf d9074f55 d1f98872 670e5739 c69ea4c9
f5d1029f 25ceb275 59329cbe 430a3936 f1104cb5 eb4e21f6 af467955 ea669ca7
9b7284d1 bda0a082 c1b96ce1 2c7a9008 22b558df fc1435b4 2aaf2e9c edb0c76c
64c4acd8 996ef81f 73495ec5 5893d05f 3a18868c 20042605 d253e353 2bb2dbf0
ff42d896 9977c6b4
2004-12-14 16:00:18: DEBUG: oakley.c:1885:oakley_savecert(): Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2 (0x2)
        Signature Algorithm: sha1WithRSAEncryption
        Issuer: C=FR, ST=Ile de France, L=Paris, O=Test, OU=Informatique and co., CN=test/emailAddress=test@test.com
        Validity
            Not Before: Dec 14 10:37:40 2004 GMT
            Not After : Dec 14 10:37:40 2005 GMT
        Subject: C=FR, ST=Ile de France, L=Paris, O=Test, OU=Informatique and co., CN=lapitude/emailAddress=lapitude
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
            RSA Public Key: (1024 bit)
                Modulus (1024 bit):
                    00:d7:a5:cc:5d:44:42:b2:50:59:8e:33:7a:65:49:
                    82:f6:17:3b:d9:22:fa:d9:27:d6:f3:8c:80:cc:9c:
                    ba:31:a4:31:ac:7d:cd:f3:65:ad:18:0b:51:16:ed:
                    04:40:68:05:37:66:e5:82:80:51:80:58:f9:37:ac:
                    09:26:93:6f:f8:60:9a:19:9b:3c:c9:a1:bb:4d:47:
                    a2:ed:be:e2:ba:a8:1e:ae:b3:5a:5c:1b:61:12:93:
                    ae:8c:84:94:5f:57:64:17:08:9d:cb:76:5d:d9:c8:
                    fe:4c:3d:ca:73:4b:48:66:9e:75:8d:a2:49:3b:f0:
                    26:24:78:56:37:3c:e3:4c:cf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Basic Constraints: 
                CA:FALSE
            Netscape Cert Type: 
                SSL Client, S/MIME, Object Signing
            Netscape Comment: 
                TinyCA Generated Certificate
            X509v3 Subject Key Identifier: 
                A6:7D:49:19:3B:B1:1B:3F:0E:98:2C:51:3B:85:B5:8E:76:E7:00:EC
            X509v3 Authority Key Identifier: 
                keyid:07:0B:12:2B:74:08:D5:33:A9:D7:B6:34:78:7C:F2:84:E6:B3:40:ED
                DirName:/C=FR/ST=Ile de France/L=Paris/O=Test/OU=Informatique and co./CN=test/emailAddress=test@test.com
                serial:00

            X509v3 Issuer Alternative Name: 
                email:test@test.com
            X509v3 Subject Alternative Name: 
                email:lapitude
            X509v3 Key Usage: 
                Digital Signature, Key Encipherment
    Signature Algorithm: sha1WithRSAEncryption
        89:eb:05:90:d8:6f:4e:dc:22:a2:cb:61:a6:45:d1:35:6e:b4:
        b9:f1:01:79:31:17:95:7d:1c:15:d4:d1:4d:64:fe:8e:18:9b:
        59:9c:0a:e3:22:15:09:65:2b:05:f3:08:e4:77:2d:31:f2:c3:
        f8:c2:6b:ba:4f:50:1a:e6:0f:d1:36:06:ed:55:d3:0f:09:2b:
        d4:80:3c:02:61:1a:84:a3:8c:04:a2:98:2e:6e:5b:51:17:c2:
        50:76:19:40:ef:48:d3:ef:4e:a9:fe:98:31:ed:67:73:53:8b:
        e5:9c:d1:49:8c:4b:fe:4e:bf:8a:46:5b:cc:97:5a:2f:e3:6f:
        a3:e8:f3:d5:f2:2b:09:9c:ec:e8:0f:9e:1b:61:40:36:71:72:
        bd:8d:df:68:73:3a:f5:80:72:85:f9:81:4e:73:01:ea:ac:da:
        d5:b2:77:86:40:65:88:3a:94:27:4e:a7:ff:d6:28:45:e6:3e:
        df:a8:9d:67:ef:77:63:4b:00:54:09:3f:9d:72:97:9c:88:77:
        de:cd:6f:6d:9b:f6:51:7d:e5:b8:17:b1:6e:1e:85:ad:97:e1:
        4e:44:ab:aa:02:31:34:8e:d0:c0:03:d6:00:36:1e:28:55:32:
        bf:8d:c8:c8:c8:d8:cf:0a:99:15:21:bb:3a:71:4a:da:03:09:
        a6:d6:e7:7a:ef:7f:16:66:ab:5f:26:af:ae:0c:29:09:fa:27:
        3c:19:89:e6:40:8d:a9:ff:86:18:67:ad:fb:ed:81:88:04:2a:
        09:3f:b2:05:da:17:6d:d3:8b:a4:05:0f:b0:8c:02:5d:74:e7:
        ae:69:a5:90:26:36:ab:8e:af:81:82:c2:10:40:47:56:19:15:
        3d:57:bb:c1:29:84:08:55:0a:3a:01:4e:a9:16:cd:72:42:60:
        7e:8a:52:6d:7d:61:b0:6e:6a:99:c4:6c:7f:55:3b:79:a3:06:
        ae:df:2d:f9:77:0f:5b:d1:bd:0d:ba:3b:9f:0e:27:1d:c1:62:
        0d:30:4e:d6:11:10:5f:6d:ac:04:5f:31:88:bf:d9:07:4f:55:
        d1:f9:88:72:67:0e:57:39:c6:9e:a4:c9:f5:d1:02:9f:25:ce:
        b2:75:59:32:9c:be:43:0a:39:36:f1:10:4c:b5:eb:4e:21:f6:
        af:46:79:55:ea:66:9c:a7:9b:72:84:d1:bd:a0:a0:82:c1:b9:
        6c:e1:2c:7a:90:08:22:b5:58:df:fc:14:35:b4:2a:af:2e:9c:
        ed:b0:c7:6c:64:c4:ac:d8:99:6e:f8:1f:73:49:5e:c5:58:93:
        d0:5f:3a:18:86:8c:20:04:26:05:d2:53:e3:53:2b:b2:db:f0:
        ff:42:d8:96:99:77:c6:b4
2004-12-14 16:00:18: DEBUG: oakley.c:1258:oakley_validate_auth(): SIGN passed:
2004-12-14 16:00:18: DEBUG: plog.c:193:plogdump(): 
ac6b360c f6b2b27c dae085ef e8e44907 716ea98c 3a39a400 d7d0d9a4 cee68148
77abdf11 f4712659 06ed3cef df6b6de0 c1a44cf2 a709f77f c75564d2 8c661400
9fcb7716 db1fe73b f03c5d6e 26d7a6e6 33d3b519 d4143092 bde14364 695cee81
3db5367d 8c43b01e 3a948706 1ba0d4d6 ad3c9af1 9b2785a9 2b0215ec af345791
2004-12-14 16:00:18: DEBUG: localconf.c:253:getpathname(): filename: /usr/local/etc/racoon/cert/test-cacert.pem
2004-12-14 16:00:18: DEBUG: oakley.c:1505:get_cert_fromlocal(): Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 0 (0x0)
        Signature Algorithm: sha1WithRSAEncryption
        Issuer: C=FR, ST=Ile de France, L=Paris, O=Test, OU=Informatique and co., CN=test/emailAddress=test@test.com
        Validity
            Not Before: Dec 14 10:35:52 2004 GMT
            Not After : Dec 12 10:35:52 2014 GMT
        Subject: C=FR, ST=Ile de France, L=Paris, O=Test, OU=Informatique and co., CN=test/emailAddress=test@test.com
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
            RSA Public Key: (4096 bit)
                Modulus (4096 bit):
                    00:bd:bd:7d:e6:3e:ed:c5:b5:9e:9a:0d:ec:54:30:
                    fd:24:85:af:54:78:fc:87:38:c1:18:55:7b:23:df:
                    ad:fc:7d:62:dd:18:8f:aa:54:1e:26:c8:30:b9:db:
                    1d:52:07:a5:79:31:0a:d5:f1:11:3a:58:a4:83:dd:
                    6f:94:fc:cd:81:5f:b9:2f:76:1c:7a:6e:91:5d:dc:
                    29:80:a1:69:63:0b:24:7c:99:3a:64:cb:11:4c:3b:
                    c6:28:ea:24:29:79:bf:5c:35:c5:ee:37:41:fd:b2:
                    eb:c5:df:19:1d:9f:2a:3d:06:c2:2a:96:f1:c6:1a:
                    e8:f6:99:e6:70:9a:7e:46:55:b9:0d:d8:50:68:4d:
                    38:48:ae:02:83:20:ae:c6:f2:96:eb:c4:20:12:0e:
                    93:74:30:0d:13:f5:60:1a:09:fa:19:17:22:02:f1:
                    cf:31:2d:16:e3:b3:a5:cd:0f:6c:df:c9:41:3c:aa:
                    0c:d3:ac:06:51:3c:ed:13:d1:b4:f3:8e:19:9e:5f:
                    7a:13:65:40:7a:77:15:46:b7:58:9e:98:84:35:8e:
                    7d:dd:8e:99:f0:4b:16:79:46:ce:17:61:ca:3b:8a:
                    8a:72:76:c6:8c:cd:39:7a:2f:ba:30:45:95:84:c4:
                    43:a8:80:7a:28:76:15:dd:0b:e8:63:1c:f0:15:48:
                    29:85:53:82:e7:2f:dd:8d:39:93:a4:6e:bc:28:94:
                    de:9c:41:4f:82:42:55:e2:a9:51:1f:0e:16:c9:51:
                    2b:08:78:4e:d0:f2:22:38:65:04:fc:47:24:38:e5:
                    ca:8f:8e:7f:ae:3c:43:47:1d:26:39:57:81:4c:e3:
                    6f:d2:b7:c5:bc:81:2c:6b:77:aa:24:27:d8:51:2d:
                    7c:1a:21:7b:1f:c6:a4:2d:37:02:a5:e4:6a:7b:93:
                    8a:5d:f7:5e:cd:c5:16:22:57:95:e3:80:03:33:8a:
                    b3:94:64:04:21:8d:a4:d9:cb:46:d6:7b:eb:a8:2f:
                    84:9a:d6:cd:c1:d2:ab:02:74:ff:07:86:99:37:01:
                    2a:41:81:ca:67:4e:ff:a8:14:83:49:db:e2:38:c2:
                    5a:7b:4e:93:62:12:80:2f:28:a9:2d:1b:46:6f:2a:
                    9f:b7:07:07:90:5c:4f:35:ba:26:b9:17:f5:69:c3:
                    c7:cb:85:d4:11:2f:c2:f9:ec:9a:a8:3e:f2:5e:b2:
                    0b:0e:3f:5e:c5:e2:47:35:31:3c:ee:1e:85:ca:ad:
                    9b:db:f0:64:30:54:ca:5d:21:b7:59:7e:ab:a6:c2:
                    bf:03:39:a3:ad:82:b3:77:38:1a:c9:fc:90:c8:da:
                    a9:56:2d:09:1d:ff:7b:5a:fe:b1:18:6f:80:c8:68:
                    4a:01:8f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier: 
                07:0B:12:2B:74:08:D5:33:A9:D7:B6:34:78:7C:F2:84:E6:B3:40:ED
            X509v3 Authority Key Identifier: 
                keyid:07:0B:12:2B:74:08:D5:33:A9:D7:B6:34:78:7C:F2:84:E6:B3:40:ED
                DirName:/C=FR/ST=Ile de France/L=Paris/O=Test/OU=Informatique and co./CN=test/emailAddress=test@test.com
                serial:00

            X509v3 Basic Constraints: critical
                CA:TRUE
            Netscape Cert Type: 
                SSL CA, S/MIME CA, Object Signing CA
            X509v3 Issuer Alternative Name: 
                <EMPTY>

            Netscape Comment: 
                TinyCA Generated Certificate
            X509v3 Subject Alternative Name: 
                email:test@test.com
            X509v3 Key Usage: 
                Certificate Sign, CRL Sign
    Signature Algorithm: sha1WithRSAEncryption
        36:ca:23:02:cd:20:af:90:bc:ad:d4:c6:e0:21:59:a1:90:fa:
        c4:04:90:61:d6:bd:94:01:ca:da:01:4b:eb:70:ae:43:55:18:
        4a:a0:ff:01:82:b8:4e:fe:30:7d:0f:6d:4e:5d:7b:9b:f1:37:
        18:1d:e9:a9:e3:79:bc:04:26:d6:47:c8:18:32:ec:0b:c2:b7:
        50:a4:01:e1:5d:68:b8:44:29:ed:0c:b0:c5:a6:84:cc:32:75:
        22:b4:93:13:5f:ee:5c:41:29:9e:69:7d:bd:b2:85:83:2d:cd:
        83:28:ec:41:e6:fe:5a:97:4a:da:49:0a:ad:2d:06:92:b7:3d:
        2d:db:9c:6e:e4:24:19:e4:d8:e5:fd:aa:81:63:0f:cd:d3:87:
        d0:df:43:da:c6:ef:d7:48:b7:86:17:ad:f8:a5:8b:af:06:bc:
        51:23:6b:de:8c:27:1d:94:c6:f9:b7:84:b8:16:94:b2:b2:9a:
        cb:9a:98:29:b6:2c:26:20:4d:65:a9:64:96:33:d0:67:ac:3d:
        b0:5b:5b:ed:77:b0:17:e8:df:bc:92:86:44:fd:b8:dc:bd:2b:
        b2:36:a0:ab:d8:9f:c5:49:fa:3e:2b:92:90:a4:73:b8:31:af:
        52:e6:6f:c5:e1:9a:e4:bf:31:e3:8d:94:c0:5d:83:d6:54:df:
        41:62:e4:22:f3:a5:a7:7c:e6:38:82:de:2a:2d:d2:a0:2c:f5:
        e9:01:d2:de:09:ff:e9:81:70:be:13:ca:73:69:d7:62:14:12:
        db:f6:5f:d4:a3:d3:07:1a:1f:60:1f:a9:7a:99:be:9a:65:9a:
        da:b5:81:0c:36:fd:0c:2d:78:64:69:52:18:59:5e:ea:2e:95:
        b4:34:82:0b:84:fa:b0:35:23:63:29:54:e0:8f:0f:e9:4c:58:
        a1:7c:f7:27:28:e4:57:66:1d:26:7f:ca:0b:4c:0b:d6:b3:db:
        3d:78:e3:09:67:d7:23:b2:ea:3f:15:64:07:74:01:95:79:09:
        8a:d1:50:bc:bf:22:e8:fb:1e:bb:d9:bf:b1:9c:d0:74:8d:4d:
        eb:a9:c2:e4:97:ec:23:dd:af:5b:40:33:4e:92:9d:fa:6c:31:
        26:be:f3:f0:68:e0:e7:1a:65:de:4c:7d:8c:8a:1b:29:bc:f4:
        a5:e2:3a:29:cc:b9:56:72:3f:03:a3:ca:e8:9b:9c:31:1f:11:
        f2:e9:69:9c:22:a2:f8:8e:71:c9:b0:43:8c:73:2c:a2:ed:de:
        2b:29:d8:e7:4a:b7:32:f8:c3:a6:eb:56:ec:65:15:92:00:19:
        a3:1d:47:18:3c:c5:a7:e3:0f:a9:05:02:0d:e2:74:16:de:48:
        99:c8:66:ab:c1:3f:b9:e1
2004-12-14 16:00:18: DEBUG: oakley.c:1544:get_cert_fromlocal(): created CERT payload:
2004-12-14 16:00:18: DEBUG: plog.c:193:plogdump(): 
04308207 05308204 eda00302 01020201 00300d06 092a8648 86f70d01 01050500
30819031 0b300906 03550406 13024652 31163014 06035504 08130d49 6c652064
65204672 616e6365 310e300c 06035504 07130550 61726973 310d300b 06035504
0a130454 65737431 1d301b06 0355040b 1314496e 666f726d 61746971 75652061
6e642063 6f2e310d 300b0603 55040313 04746573 74311c30 1a06092a 864886f7
0d010901 160d7465 73744074 6573742e 636f6d30 1e170d30 34313231 34313033
3535325a 170d3134 31323132 31303335 35325a30 8190310b 30090603 55040613
02465231 16301406 03550408 130d496c 65206465 20467261 6e636531 0e300c06
03550407 13055061 72697331 0d300b06 0355040a 13045465 7374311d 301b0603
55040b13 14496e66 6f726d61 74697175 6520616e 6420636f 2e310d30 0b060355
04031304 74657374 311c301a 06092a86 4886f70d 01090116 0d746573 74407465
73742e63 6f6d3082 0222300d 06092a86 4886f70d 01010105 00038202 0f003082
020a0282 020100bd bd7de63e edc5b59e 9a0dec54 30fd2485 af5478fc 8738c118
557b23df adfc7d62 dd188faa 541e26c8 30b9db1d 5207a579 310ad5f1 113a58a4
83dd6f94 fccd815f b92f761c 7a6e915d dc2980a1 69630b24 7c993a64 cb114c3b
c628ea24 2979bf5c 35c5ee37 41fdb2eb c5df191d 9f2a3d06 c22a96f1 c61ae8f6
99e6709a 7e4655b9 0dd85068 4d3848ae 028320ae c6f296eb c420120e 9374300d
13f5601a 09fa1917 2202f1cf 312d16e3 b3a5cd0f 6cdfc941 3caa0cd3 ac06513c
ed13d1b4 f38e199e 5f7a1365 407a7715 46b7589e 9884358e 7ddd8e99 f04b1679
46ce1761 ca3b8a8a 7276c68c cd397a2f ba304595 84c443a8 807a2876 15dd0be8
631cf015 48298553 82e72fdd 8d3993a4 6ebc2894 de9c414f 824255e2 a9511f0e
16c9512b 08784ed0 f2223865 04fc4724 38e5ca8f 8e7fae3c 43471d26 3957814c
e36fd2b7 c5bc812c 6b77aa24 27d8512d 7c1a217b 1fc6a42d 3702a5e4 6a7b938a
5df75ecd c5162257 95e38003 338ab394 6404218d a4d9cb46 d67beba8 2f849ad6
cdc1d2ab 0274ff07 86993701 2a4181ca 674effa8 148349db e238c25a 7b4e9362
12802f28 a92d1b46 6f2a9fb7 0707905c 4f35ba26 b917f569 c3c7cb85 d4112fc2
f9ec9aa8 3ef25eb2 0b0e3f5e c5e24735 313cee1e 85caad9b dbf06430 54ca5d21
b7597eab a6c2bf03 39a3ad82 b377381a c9fc90c8 daa9562d 091dff7b 5afeb118
6f80c868 4a018f02 03010001 a3820166 30820162 301d0603 551d0e04 16041407
0b122b74 08d533a9 d7b63478 7cf284e6 b340ed30 81bd0603 551d2304 81b53081
b2801407 0b122b74 08d533a9 d7b63478 7cf284e6 b340eda1 8196a481 93308190
310b3009 06035504 06130246 52311630 14060355 0408130d 496c6520 64652046
72616e63 65310e30 0c060355 04071305 50617269 73310d30 0b060355 040a1304
54657374 311d301b 06035504 0b131449 6e666f72 6d617469 71756520 616e6420
636f2e31 0d300b06 03550403 13047465 7374311c 301a0609 2a864886 f70d0109
01160d74 65737440 74657374 2e636f6d 82010030 0f060355 1d130101 ff040530
030101ff 30110609 60864801 86f84201 01040403 02000730 09060355 1d120402
3000302b 06096086 480186f8 42010d04 1e161c54 696e7943 41204765 6e657261
74656420 43657274 69666963 61746530 18060355 1d110411 300f810d 74657374
40746573 742e636f 6d300b06 03551d0f 04040302 0106300d 06092a86 4886f70d
01010505 00038202 010036ca 2302cd20 af90bcad d4c6e021 59a190fa c4049061
d6bd9401 cada014b eb70ae43 55184aa0 ff0182b8 4efe307d 0f6d4e5d 7b9bf137
181de9a9 e379bc04 26d647c8 1832ec0b c2b750a4 01e15d68 b84429ed 0cb0c5a6
84cc3275 22b49313 5fee5c41 299e697d bdb28583 2dcd8328 ec41e6fe 5a974ada
490aad2d 0692b73d 2ddb9c6e e42419e4 d8e5fdaa 81630fcd d387d0df 43dac6ef
d748b786 17adf8a5 8baf06bc 51236bde 8c271d94 c6f9b784 b81694b2 b29acb9a
9829b62c 26204d65 a9649633 d067ac3d b05b5bed 77b017e8 dfbc9286 44fdb8dc
bd2bb236 a0abd89f c549fa3e 2b9290a4 73b831af 52e66fc5 e19ae4bf 31e38d94
c05d83d6 54df4162 e422f3a5 a77ce638 82de2a2d d2a02cf5 e901d2de 09ffe981
70be13ca 7369d762 1412dbf6 5fd4a3d3 071a1f60 1fa97a99 be9a659a dab5810c
36fd0c2d 78646952 18595eea 2e95b434 820b84fa b0352363 2954e08f 0fe94c58
a17cf727 28e45766 1d267fca 0b4c0bd6 b3db3d78 e30967d7 23b2ea3f 15640774
01957909 8ad150bc bf22e8fb 1ebbd9bf b19cd074 8d4deba9 c2e497ec 23ddaf5b
40334e92 9dfa6c31 26bef3f0 68e0e71a 65de4c7d 8c8a1b29 bcf4a5e2 3a29ccb9
56723f03 a3cae89b 9c311f11 f2e9699c 22a2f88e 71c9b043 8c732ca2 edde2b29
d8e74ab7 32f8c3a6 eb56ec65 15920019 a31d4718 3cc5a7e3 0fa90502 0de27416
de4899c8 66abc13f b9e1
2004-12-14 16:00:18: ERROR: oakley.c:1640:oakley_check_certid(): Invalid ID length in phase 1.
2004-12-14 16:00:18: DEBUG: oakley.c:2590:oakley_newiv2(): compute IV for phase2
2004-12-14 16:00:18: DEBUG: oakley.c:2591:oakley_newiv2(): phase1 last IV:
2004-12-14 16:00:18: DEBUG: plog.c:193:plogdump(): 
d182fd24 42fe2d88 53ae3520
2004-12-14 16:00:18: DEBUG: algorithm.c:256:alg_oakley_hashdef(): hash(sha1)
2004-12-14 16:00:18: DEBUG: algorithm.c:386:alg_oakley_encdef(): encription(3des)
2004-12-14 16:00:18: DEBUG: oakley.c:2623:oakley_newiv2(): phase2 IV computed:
2004-12-14 16:00:18: DEBUG: plog.c:193:plogdump(): 
6a38a5f1 db363366
2004-12-14 16:00:18: DEBUG: oakley.c:792:oakley_compute_hash1(): HASH with:
2004-12-14 16:00:18: DEBUG: plog.c:193:plogdump(): 
53ae3520 0000000c 00000001 01000012
2004-12-14 16:00:18: DEBUG: algorithm.c:326:alg_oakley_hmacdef(): hmac(hmac_sha1)
2004-12-14 16:00:18: DEBUG: oakley.c:802:oakley_compute_hash1(): HASH computed:
2004-12-14 16:00:18: DEBUG: plog.c:193:plogdump(): 
97c147dc 882678cd b2767fbb be05ca9b 0554f570
2004-12-14 16:00:18: DEBUG: oakley.c:2789:oakley_do_encrypt(): begin encryption.
2004-12-14 16:00:18: DEBUG: algorithm.c:386:alg_oakley_encdef(): encription(3des)
2004-12-14 16:00:18: DEBUG: oakley.c:2805:oakley_do_encrypt(): pad length = 4
2004-12-14 16:00:18: DEBUG: plog.c:193:plogdump(): 
0b000018 97c147dc 882678cd b2767fbb be05ca9b 0554f570 0000000c 00000001
01000012 00000004
2004-12-14 16:00:18: DEBUG: algorithm.c:386:alg_oakley_encdef(): encription(3des)
2004-12-14 16:00:18: DEBUG: oakley.c:2840:oakley_do_encrypt(): with key:
2004-12-14 16:00:18: DEBUG: plog.c:193:plogdump(): 
7ae076fb 56063774 106783cc 3ba653e1 8208dbf0 af4d3ae2
2004-12-14 16:00:18: DEBUG: oakley.c:2848:oakley_do_encrypt(): encrypted payload by IV:
2004-12-14 16:00:18: DEBUG: plog.c:193:plogdump(): 
7186636f a248ebba
2004-12-14 16:00:18: DEBUG: oakley.c:2855:oakley_do_encrypt(): save IV for next:
2004-12-14 16:00:18: DEBUG: plog.c:193:plogdump(): 
7186636f a248ebba
2004-12-14 16:00:18: DEBUG: oakley.c:2872:oakley_do_encrypt(): encrypted.
2004-12-14 16:00:18: DEBUG: sockmisc.c:421:sendfromto(): sockname 192.168.11.210[500]
2004-12-14 16:00:18: DEBUG: sockmisc.c:423:sendfromto(): send packet from 192.168.11.210[500]
2004-12-14 16:00:18: DEBUG: sockmisc.c:425:sendfromto(): send packet to 192.168.11.211[500]
2004-12-14 16:00:18: DEBUG: sockmisc.c:570:sendfromto(): 1 times of 68 bytes message will be sent to 192.168.11.211[500]
2004-12-14 16:00:18: DEBUG: plog.c:193:plogdump(): 
9e8766d8 de6b8eb6 1a2b3034 68e49b0e 08100501 53ae3520 00000044 9c5bba40
09d89b63 a3d878ec c30609b6 549114d9 72a450ca 5642872a 36aefd4f 7186636f
a248ebba
2004-12-14 16:00:18: DEBUG: isakmp_inf.c:699:isakmp_info_send_common(): sendto Information notify.
2004-12-14 16:00:19: INFO: session.c:299:check_sigreq(): caught signal 2
2004-12-14 16:00:19: DEBUG: pfkey.c:197:pfkey_handler(): get pfkey FLUSH message
2004-12-14 16:00:20: DEBUG: pfkey.c:333:pfkey_dump_sadb(): call pfkey_send_dump
2004-12-14 16:00:20: DEBUG: schedule.c:210:sched_scrub_param(): an undead schedule has been deleted.
2004-12-14 16:00:20: INFO: session.c:180:close_session(): racoon shutdown

path include "/usr/local/etc/racoon" ;

path certificate "/usr/local/etc/racoon/cert";

log debug2;

padding
{
	maximum_length 20;	# maximum padding length.
	randomize off;		# enable randomize length.
	strict_check off;	# enable strict check.
	exclusive_tail off;	# extract last one octet.
}

listen
{
	isakmp 192.168.11.210 [500];
	#isakmp ::1 [7000];
	#isakmp 202.249.11.124 [500];
	#admin [7002];		# administrative's port by kmpstat.
	#strict_address; 	# required all addresses must be bound.
}

timer
{
	# These value can be changed per remote node.
	counter 5;		# maximum trying count to send.
	interval 20 sec;	# maximum interval to resend.
	persend 1;		# the number of packets per a send.

	# timer for waiting to complete each phase.
	phase1 30 sec;
	phase2 15 sec;
}

remote anonymous
{
	exchange_mode main;
	certificate_type x509 "ioster-cert.pem" "ioster-key.pem";
	peers_certfile "test-cacert.pem";

	my_identifier asn1dn;
	peers_identifier asn1dn;

	#verify_identifier on;
	verify_cert on;

	passive on;
	#generate_policy on;

	proposal {
		encryption_algorithm 3des;
		hash_algorithm sha1;
		authentication_method rsasig;
		dh_group 2;
	}
}

sainfo anonymous
{
	pfs_group 2;
	lifetime time 30 sec;
	encryption_algorithm 3des;
	authentication_algorithm hmac_sha1;
	compression_algorithm deflate ;
}

Attachment: ipsec.sh
Description: application/shellscript

Follow-Ups:
- (racoon 871) Re: x509 certificates problems
  - From: YAMASHITA Yutaka <yutapon@tera.ics.keio.ac.jp>

Prev by Date: (racoon 869) Racoon-Kame-Segmentation fault on running racoon manually--remoteconf.c
Next by Date: (racoon 871) Re: x509 certificates problems
Previous by thread: (racoon 869) Racoon-Kame-Segmentation fault on running racoon manually--remoteconf.c
Next by thread: (racoon 871) Re: x509 certificates problems
Index(es):
- Date
- Thread