*Jul 29 10:45:13.013: IPSEC(sa_request): , (key eng. msg.) OUTBOUND local= X.X.X.X, remote= Y.Y.Y.Y, local_proxy= 172.18.41.0/255.255.255.0/0/0 (type=4), remote_proxy= 172.18.61.0/255.255.255.0/0/0 (type=4), protocol= ESP, transform= NONE (Tunnel), lifedur= 1800s and 4608000kb, spi= 0x0(0), conn_id= 0, keysize= 0, flags= 0x0 *Jul 29 10:45:13.017: ISAKMP:(0): SA request profile is (NULL) *Jul 29 10:45:13.017: ISAKMP: Created a peer struct for Y.Y.Y.Y, peer port 500 *Jul 29 10:45:13.017: ISAKMP: New peer created peer = 0x81D5E8C0 peer_handle = 0x80000028 *Jul 29 10:45:13.017: ISAKMP: Locking peer struct 0x81D5E8C0, refcount 1 for isakmp_initiator *Jul 29 10:45:13.017: ISAKMP:(0):Setting client config settings 8222DCD4 *Jul 29 10:45:13.017: ISAKMP:(0):(Re)Setting client xauth list and state *Jul 29 10:45:13.017: ISAKMP/xauth: initializing AAA request *Jul 29 10:45:13.017: ISAKMP: local port 500, remote port 500 *Jul 29 10:45:13.017: ISAKMP: set new node 0 to CONF_XAUTH *Jul 29 10:45:13.017: insert sa successfully sa = 82A360A0 *Jul 29 10:45:13.017: ISAKMP:(0):Can not start Aggressive mode, trying Main mode. *Jul 29 10:45:13.017: ISAKMP:(0):found peer pre-shared key matching Y.Y.Y.Y *Jul 29 10:45:13.021: ISAKMP:(0): constructed NAT-T vendor-07 ID *Jul 29 10:45:13.021: ISAKMP:(0): constructed NAT-T vendor-03 ID *Jul 29 10:45:13.021: ISAKMP:(0): constructed NAT-T vendor-02 ID *Jul 29 10:45:13.021: ISAKMP:(0):Input = IKE_MESG_FROM_IPSEC, IKE_SA_REQ_MM *Jul 29 10:45:13.021: ISAKMP:(0):Old State = IKE_READY New State = IKE_I_MM1 *Jul 29 10:45:13.021: ISAKMP:(0): beginning Main Mode exchange *Jul 29 10:45:13.021: ISAKMP:(0): sending packet to Y.Y.Y.Y my_port 500 peer_port 500 (I) MM_NO_STATE *Jul 29 10:45:13.313: ISAKMP (0:0): received packet from Y.Y.Y.Y dport 500 sport 500 Global (I) MM_NO_STATE *Jul 29 10:45:13.313: ISAKMP:(0):Input = IKE_MESG_FROM_PEER, IKE_MM_EXCH *Jul 29 10:45:13.313: ISAKMP:(0):Old State = IKE_I_MM1 New State = IKE_I_MM2 *Jul 29 10:45:13.313: ISAKMP:(0): processing SA payload. message ID = 0 *Jul 29 10:45:13.313: ISAKMP:(0): processing vendor id payload *Jul 29 10:45:13.313: ISAKMP:(0): vendor ID seems Unity/DPD but major 245 mismatch *Jul 29 10:45:13.313: ISAKMP (0:0): vendor ID is NAT-T v7 *Jul 29 10:45:13.313: ISAKMP:(0):found peer pre-shared key matching Y.Y.Y.Y *Jul 29 10:45:13.313: ISAKMP:(0): local preshared key found *Jul 29 10:45:13.313: ISAKMP:(0): Authentication by xauth preshared *Jul 29 10:45:13.313: ISAKMP:(0):Checking ISAKMP transform 1 against priority 1 policy *Jul 29 10:45:13.313: ISAKMP: encryption 3DES-CBC *Jul 29 10:45:13.313: ISAKMP: hash SHA *Jul 29 10:45:13.313: ISAKMP: default group 1 *Jul 29 10:45:13.313: ISAKMP: auth pre-share *Jul 29 10:45:13.313: ISAKMP: life type in seconds *Jul 29 10:45:13.313: ISAKMP: life duration (VPI) of 0x0 0x1 0x51 0x80 *Jul 29 10:45:13.313: ISAKMP:(0):Diffie-Hellman group offered does not match policy! *Jul 29 10:45:13.317: ISAKMP:(0):atts are not acceptable. Next payload is 0 *Jul 29 10:45:13.317: ISAKMP:(0):Checking ISAKMP transform 1 against priority 15 policy *Jul 29 10:45:13.317: ISAKMP: encryption 3DES-CBC *Jul 29 10:45:13.317: ISAKMP: hash SHA *Jul 29 10:45:13.317: ISAKMP: default group 1 *Jul 29 10:45:13.317: ISAKMP: auth pre-share *Jul 29 10:45:13.317: ISAKMP: life type in seconds *Jul 29 10:45:13.317: ISAKMP: life duration (VPI) of 0x0 0x1 0x51 0x80 *Jul 29 10:45:13.317: ISAKMP:(0):atts are acceptable. Next payload is 0 *Jul 29 10:45:13.317: ISAKMP:(0): processing vendor id payload *Jul 29 10:45:13.317: ISAKMP:(0): vendor ID seems Unity/DPD but major 245 mismatch *Jul 29 10:45:13.317: ISAKMP (0:0): vendor ID is NAT-T v7 *Jul 29 10:45:13.317: ISAKMP:(0):Input = IKE_MESG_INTERNAL, IKE_PROCESS_MAIN_MODE *Jul 29 10:45:13.317: ISAKMP:(0):Old State = IKE_I_MM2 New State = IKE_I_MM2 *Jul 29 10:45:13.317: ISAKMP:(0): sending packet to Y.Y.Y.Y my_port 500 peer_port 500 (I) MM_SA_SETUP *Jul 29 10:45:13.321: ISAKMP:(0):Input = IKE_MESG_INTERNAL, IKE_PROCESS_COMPLETE *Jul 29 10:45:13.321: ISAKMP:(0):Old State = IKE_I_MM2 New State = IKE_I_MM3 *Jul 29 10:45:13.681: ISAKMP (0:0): received packet from Y.Y.Y.Y dport 500 sport 500 Global (I) MM_SA_SETUP *Jul 29 10:45:13.681: ISAKMP:(0):Input = IKE_MESG_FROM_PEER, IKE_MM_EXCH *Jul 29 10:45:13.681: ISAKMP:(0):Old State = IKE_I_MM3 New State = IKE_I_MM4 *Jul 29 10:45:13.681: ISAKMP:(0): processing KE payload. message ID = 0 *Jul 29 10:45:13.709: ISAKMP:(0): processing NONCE payload. message ID = 0 *Jul 29 10:45:13.709: ISAKMP:(0):found peer pre-shared key matching Y.Y.Y.Y *Jul 29 10:45:13.713: ISAKMP:(2039): processing vendor id payload *Jul 29 10:45:13.713: ISAKMP:(2039): vendor ID is Unity *Jul 29 10:45:13.713: ISAKMP:(2039): processing vendor id payload *Jul 29 10:45:13.713: ISAKMP:(2039): vendor ID is DPD *Jul 29 10:45:13.713: ISAKMP:(2039): processing vendor id payload *Jul 29 10:45:13.713: ISAKMP:(2039): speaking to another IOS box! *Jul 29 10:45:13.713: ISAKMP:(2039):Input = IKE_MESG_INTERNAL, IKE_PROCESS_MAIN_MODE *Jul 29 10:45:13.713: ISAKMP:(2039):Old State = IKE_I_MM4 New State = IKE_I_MM4 *Jul 29 10:45:13.713: ISAKMP:(2039):Send initial contact *Jul 29 10:45:13.713: ISAKMP:(2039):SA is doing pre-shared key authentication using id type ID_IPV4_ADDR *Jul 29 10:45:13.713: ISAKMP (0:2039): ID payload next-payload : 8 type : 1 address : X.X.X.X protocol : 17 port : 500 length : 12 *Jul 29 10:45:13.713: ISAKMP:(2039):Total payload length: 12 *Jul 29 10:45:13.717: ISAKMP:(2039): sending packet to Y.Y.Y.Y my_port 500 peer_port 500 (I) MM_KEY_EXCH *Jul 29 10:45:13.717: ISAKMP:(2039):Input = IKE_MESG_INTERNAL, IKE_PROCESS_COMPLETE *Jul 29 10:45:13.717: ISAKMP:(2039):Old State = IKE_I_MM4 New State = IKE_I_MM5 *Jul 29 10:45:13.933: ISAKMP (0:2039): received packet from Y.Y.Y.Y dport 500 sport 500 Global (I) MM_KEY_EXCH *Jul 29 10:45:13.937: ISAKMP:(2039): processing ID payload. message ID = 0 *Jul 29 10:45:13.937: ISAKMP (0:2039): ID payload next-payload : 8 type : 1 address : Y.Y.Y.Y protocol : 17 port : 500 length : 12 *Jul 29 10:45:13.937: ISAKMP:(0):: peer matches *none* of the profiles *Jul 29 10:45:13.937: ISAKMP:(2039): processing HASH payload. message ID = 0 *Jul 29 10:45:13.937: ISAKMP:(2039):SA authentication status: authenticated *Jul 29 10:45:13.937: ISAKMP:(2039):SA has been authenticated with Y.Y.Y.Y *Jul 29 10:45:13.937: ISAKMP: Trying to insert a peer X.X.X.X/Y.Y.Y.Y/500/, and inserted successfully 81D5E8C0. *Jul 29 10:45:13.937: ISAKMP:(2039):Input = IKE_MESG_FROM_PEER, IKE_MM_EXCH *Jul 29 10:45:13.937: ISAKMP:(2039):Old State = IKE_I_MM5 New State = IKE_I_MM6 *Jul 29 10:45:13.937: ISAKMP:(2039):Input = IKE_MESG_INTERNAL, IKE_PROCESS_MAIN_MODE *Jul 29 10:45:13.937: ISAKMP:(2039):Old State = IKE_I_MM6 New State = IKE_I_MM6 *Jul 29 10:45:13.941: ISAKMP:(2039):Input = IKE_MESG_INTERNAL, IKE_PROCESS_COMPLETE *Jul 29 10:45:13.941: ISAKMP:(2039):Old State = IKE_I_MM6 New State = IKE_P1_COMPLETE *Jul 29 10:45:13.941: ISAKMP:(2039):Need XAUTH *Jul 29 10:45:13.941: ISAKMP: set new node -1965977065 to CONF_XAUTH *Jul 29 10:45:13.941: ISAKMP/xauth: request attribute XAUTH_USER_NAME_V2 *Jul 29 10:45:13.941: ISAKMP/xauth: request attribute XAUTH_USER_PASSWORD_V2 *Jul 29 10:45:13.941: ISAKMP:(2039): initiating peer config to Y.Y.Y.Y. ID = -1965977065 *Jul 29 10:45:13.941: ISAKMP:(2039): sending packet to Y.Y.Y.Y my_port 500 peer_port 500 (I) CONF_XAUTH *Jul 29 10:45:13.941: ISAKMP:(2039):Input = IKE_MESG_INTERNAL, IKE_PHASE1_COMPLETE *Jul 29 10:45:13.941: ISAKMP:(2039):Old State = IKE_P1_COMPLETE New State = IKE_XAUTH_REQ_SENT *Jul 29 10:45:14.237: ISAKMP (0:2039): received packet from Y.Y.Y.Y dport 500 sport 500 Global (I) CONF_XAUTH *Jul 29 10:45:14.237: ISAKMP: set new node 1291311711 to CONF_XAUTH *Jul 29 10:45:14.237: ISAKMP:(2039): processing HASH payload. message ID = 1291311711 *Jul 29 10:45:14.237: ISAKMP:received payload type 18 *Jul 29 10:45:14.237: ISAKMP:(2039): processing DELETE_WITH_REASON payload, message ID = 1291311711, reason: Unknown delete reason! *Jul 29 10:45:14.237: ISAKMP:(2039):peer does not do paranoid keepalives. *Jul 29 10:45:14.237: ISAKMP:(2039):peer does not do paranoid keepalives. *Jul 29 10:45:14.237: ISAKMP:(2039):deleting SA reason "IKMP_ERR_NO_RETRANS" state (I) CONF_XAUTH (peer Y.Y.Y.Y) *Jul 29 10:45:14.241: ISAKMP:(2039):deleting node 1291311711 error FALSE reason "Informational (in) state 1" *Jul 29 10:45:14.241: IPSEC(key_engine): got a queue event with 1 KMI message(s) *Jul 29 10:45:14.241: IPSEC(key_engine_delete_sas): rec'd delete notify from ISAKMP *Jul 29 10:45:14.241: IPSEC(key_engine_delete_sas): delete all SAs shared with peer Y.Y.Y.Y *Jul 29 10:45:14.241: ISAKMP: set new node 758031874 to CONF_XAUTH *Jul 29 10:45:14.241: ISAKMP:(2039): sending packet to Y.Y.Y.Y my_port 500 peer_port 500 (I) CONF_XAUTH *Jul 29 10:45:14.241: ISAKMP:(2039):purging node 758031874 *Jul 29 10:45:14.241: ISAKMP:(2039):Input = IKE_MESG_INTERNAL, IKE_PHASE1_DEL *Jul 29 10:45:14.241: ISAKMP:(2039):Old State = IKE_XAUTH_REQ_SENT New State = IKE_DEST_SA *Jul 29 10:45:14.245: ISAKMP:(2039):deleting SA reason "No reason" state (I) CONF_XAUTH (peer Y.Y.Y.Y) *Jul 29 10:45:14.245: ISAKMP:(0):Can't decrement IKE Call Admission Control stat outgoing_active since it's already 0. *Jul 29 10:45:14.245: ISAKMP: Unlocking peer struct 0x81D5E8C0 for isadb_mark_sa_deleted(), count 0 *Jul 29 10:45:14.245: ISAKMP: Deleting peer node by peer_reap for Y.Y.Y.Y: 81D5E8C0 *Jul 29 10:45:14.245: ISAKMP:(2039):deleting node 1008271880 error FALSE reason "IKE deleted" *Jul 29 10:45:14.245: ISAKMP:(2039):deleting node -1965977065 error FALSE reason "IKE deleted" *Jul 29 10:45:14.245: ISAKMP:(2039):deleting node 1291311711 error FALSE reason "IKE deleted" *Jul 29 10:45:14.245: ISAKMP:(2039):Input = IKE_MESG_FROM_PEER, IKE_MM_EXCH *Jul 29 10:45:14.245: ISAKMP:(2039):Old State = IKE_DEST_SA New State = IKE_DEST_SA *Jul 29 10:45:14.245: IPSEC(key_engine): got a queue event with 1 KMI message(s) ALHILAL# ALHILAL# *Jul 29 10:45:43.013: IPSEC(key_engine): request timer fired: count = 1, (identity) local= X.X.X.X, remote= Y.Y.Y.Y, local_proxy= 172.18.41.0/255.255.255.0/0/0 (type=4), remote_proxy= 172.18.61.0/255.255.255.0/0/0 (type=4) *Jul 29 10:45:43.013: IPSEC(sa_request): , (key eng. msg.) OUTBOUND local= X.X.X.X, remote= Y.Y.Y.Y, local_proxy= 172.18.41.0/255.255.255.0/0/0 (type=4), remote_proxy= 172.18.61.0/255.255.255.0/0/0 (type=4), protocol= ESP, transform= NONE (Tunnel), lifedur= 1800s and 4608000kb, spi= 0x0(0), conn_id= 0, keysize= 0, flags= 0x0 *Jul 29 10:45:43.013: ISAKMP:(0): SA request profile is (NULL) *Jul 29 10:45:43.013: ISAKMP: Created a peer struct for Y.Y.Y.Y, peer port 500 *Jul 29 10:45:43.013: ISAKMP: New peer created peer = 0x81D5E8C0 peer_handle = 0x80000029 *Jul 29 10:45:43.013: ISAKMP: Locking peer struct 0x81D5E8C0, refcount 1 for isakmp_initiator *Jul 29 10:45:43.013: ISAKMP:(0):Setting client config settings 8222DCD4 *Jul 29 10:45:43.013: ISAKMP:(0):(Re)Setting client xauth list and state *Jul 29 10:45:43.013: ISAKMP/xauth: initializing AAA request *Jul 29 10:45:43.017: ISAKMP: local port 500, remote port 500 *Jul 29 10:45:43.017: ISAKMP: set new node 0 to CONF_XAUTH *Jul 29 10:45:43.017: ISAKMP: Find a dup sa in the avl tree during calling isadb_insert sa = 81D8E09C *Jul 29 10:45:43.017: ISAKMP:(0):Can not start Aggressive mode, trying Main mode. *Jul 29 10:45:43.017: ISAKMP:(0):found peer pre-shared key matching Y.Y.Y.Y *Jul 29 10:45:43.017: ISAKMP:(0): constructed NAT-T vendor-07 ID *Jul 29 10:45:43.017: ISAKMP:(0): constructed NAT-T vendor-03 ID *Jul 29 10:45:43.017: ISAKMP:(0): constructed NAT-T vendor-02 ID *Jul 29 10:45:43.017: ISAKMP:(0):Input = IKE_MESG_FROM_IPSEC, IKE_SA_REQ_MM *Jul 29 10:45:43.017: ISAKMP:(0):Old State = IKE_READY New State = IKE_I_MM1 *Jul 29 10:45:43.017: ISAKMP:(0): beginning Main Mode exchange *Jul 29 10:45:43.017: ISAKMP:(0): sending packet to Y.Y.Y.Y my_port 500 peer_port 500 (I) MM_NO_STATE *Jul 29 10:45:43.213: ISAKMP (0:0): received packet from Y.Y.Y.Y dport 500 sport 500 Global (I) MM_NO_STATE *Jul 29 10:45:43.213: ISAKMP:(0):Input = IKE_MESG_FROM_PEER, IKE_MM_EXCH *Jul 29 10:45:43.213: ISAKMP:(0):Old State = IKE_I_MM1 New State = IKE_I_MM2 *Jul 29 10:45:43.213: ISAKMP:(0): processing SA payload. message ID = 0 *Jul 29 10:45:43.217: ISAKMP:(0): processing vendor id payload *Jul 29 10:45:43.217: ISAKMP:(0): vendor ID seems Unity/DPD but major 245 mismatch *Jul 29 10:45:43.217: ISAKMP (0:0): vendor ID is NAT-T v7 *Jul 29 10:45:43.217: ISAKMP:(0):found peer pre-shared key matching Y.Y.Y.Y *Jul 29 10:45:43.217: ISAKMP:(0): local preshared key found *Jul 29 10:45:43.217: ISAKMP:(0): Authentication by xauth preshared *Jul 29 10:45:43.217: ISAKMP:(0):Checking ISAKMP transform 1 against priority 1 policy *Jul 29 10:45:43.217: ISAKMP: encryption 3DES-CBC *Jul 29 10:45:43.217: ISAKMP: hash SHA *Jul 29 10:45:43.217: ISAKMP: default group 1 *Jul 29 10:45:43.217: ISAKMP: auth pre-share *Jul 29 10:45:43.217: ISAKMP: life type in seconds *Jul 29 10:45:43.217: ISAKMP: life duration (VPI) of 0x0 0x1 0x51 0x80 *Jul 29 10:45:43.217: ISAKMP:(0):Diffie-Hellman group offered does not match policy! *Jul 29 10:45:43.217: ISAKMP:(0):atts are not acceptable. Next payload is 0 *Jul 29 10:45:43.217: ISAKMP:(0):Checking ISAKMP transform 1 against priority 15 policy *Jul 29 10:45:43.217: ISAKMP: encryption 3DES-CBC *Jul 29 10:45:43.217: ISAKMP: hash SHA *Jul 29 10:45:43.217: ISAKMP: default group 1 *Jul 29 10:45:43.217: ISAKMP: auth pre-share *Jul 29 10:45:43.217: ISAKMP: life type in seconds *Jul 29 10:45:43.217: ISAKMP: life duration (VPI) of 0x0 0x1 0x51 0x80 *Jul 29 10:45:43.217: ISAKMP:(0):atts are acceptable. Next payload is 0 *Jul 29 10:45:43.217: ISAKMP:(0): processing vendor id payload *Jul 29 10:45:43.217: ISAKMP:(0): vendor ID seems Unity/DPD but major 245 mismatch *Jul 29 10:45:43.221: ISAKMP (0:0): vendor ID is NAT-T v7 *Jul 29 10:45:43.221: ISAKMP:(0):Input = IKE_MESG_INTERNAL, IKE_PROCESS_MAIN_MODE *Jul 29 10:45:43.221: ISAKMP:(0):Old State = IKE_I_MM2 New State = IKE_I_MM2 *Jul 29 10:45:43.221: ISAKMP:(0): sending packet to Y.Y.Y.Y my_port 500 peer_port 500 (I) MM_SA_SETUP *Jul 29 10:45:43.221: ISAKMP:(0):Input = IKE_MESG_INTERNAL, IKE_PROCESS_COMPLETE *Jul 29 10:45:43.221: ISAKMP:(0):Old State = IKE_I_MM2 New State = IKE_I_MM3 *Jul 29 10:45:43.425: ISAKMP (0:0): received packet from Y.Y.Y.Y dport 500 sport 500 Global (I) MM_SA_SETUP *Jul 29 10:45:43.429: ISAKMP:(0):Input = IKE_MESG_FROM_PEER, IKE_MM_EXCH *Jul 29 10:45:43.429: ISAKMP:(0):Old State = IKE_I_MM3 New State = IKE_I_MM4 *Jul 29 10:45:43.429: ISAKMP:(0): processing KE payload. message ID = 0 *Jul 29 10:45:43.457: ISAKMP:(0): processing NONCE payload. message ID = 0 *Jul 29 10:45:43.457: ISAKMP:(0):found peer pre-shared key matching Y.Y.Y.Y *Jul 29 10:45:43.457: ISAKMP:(2040): processing vendor id payload *Jul 29 10:45:43.457: ISAKMP:(2040): vendor ID is Unity *Jul 29 10:45:43.457: ISAKMP:(2040): processing vendor id payload *Jul 29 10:45:43.457: ISAKMP:(2040): vendor ID is DPD *Jul 29 10:45:43.461: ISAKMP:(2040): processing vendor id payload *Jul 29 10:45:43.461: ISAKMP:(2040): speaking to another IOS box! *Jul 29 10:45:43.461: ISAKMP:(2040):Input = IKE_MESG_INTERNAL, IKE_PROCESS_MAIN_MODE *Jul 29 10:45:43.461: ISAKMP:(2040):Old State = IKE_I_MM4 New State = IKE_I_MM4 *Jul 29 10:45:43.461: ISAKMP:(2040):Send initial contact *Jul 29 10:45:43.461: ISAKMP:(2040):SA is doing pre-shared key authentication using id type ID_IPV4_ADDR *Jul 29 10:45:43.461: ISAKMP (0:2040): ID payload next-payload : 8 type : 1 address : X.X.X.X protocol : 17 port : 500 length : 12 *Jul 29 10:45:43.461: ISAKMP:(2040):Total payload length: 12 *Jul 29 10:45:43.461: ISAKMP:(2040): sending packet to Y.Y.Y.Y my_port 500 peer_port 500 (I) MM_KEY_EXCH *Jul 29 10:45:43.465: ISAKMP:(2040):Input = IKE_MESG_INTERNAL, IKE_PROCESS_COMPLETE *Jul 29 10:45:43.465: ISAKMP:(2040):Old State = IKE_I_MM4 New State = IKE_I_MM5 *Jul 29 10:45:43.617: ISAKMP (0:2040): received packet from Y.Y.Y.Y dport 500 sport 500 Global (I) MM_KEY_EXCH *Jul 29 10:45:43.621: ISAKMP:(2040): processing ID payload. message ID = 0 *Jul 29 10:45:43.621: ISAKMP (0:2040): ID payload next-payload : 8 type : 1 address : Y.Y.Y.Y protocol : 17 port : 500 length : 12 *Jul 29 10:45:43.621: ISAKMP:(0):: peer matches *none* of the profiles *Jul 29 10:45:43.621: ISAKMP:(2040): processing HASH payload. message ID = 0 *Jul 29 10:45:43.621: ISAKMP:(2040):SA authentication status: authenticated *Jul 29 10:45:43.621: ISAKMP:(2040):SA has been authenticated with Y.Y.Y.Y *Jul 29 10:45:43.621: ISAKMP: Trying to insert a peer X.X.X.X/Y.Y.Y.Y/500/, and inserted successfully 81D5E8C0. *Jul 29 10:45:43.621: ISAKMP:(2040):Input = IKE_MESG_FROM_PEER, IKE_MM_EXCH *Jul 29 10:45:43.621: ISAKMP:(2040):Old State = IKE_I_MM5 New State = IKE_I_MM6 *Jul 29 10:45:43.621: ISAKMP:(2040):Input = IKE_MESG_INTERNAL, IKE_PROCESS_MAIN_MODE *Jul 29 10:45:43.621: ISAKMP:(2040):Old State = IKE_I_MM6 New State = IKE_I_MM6 *Jul 29 10:45:43.625: ISAKMP:(2040):Input = IKE_MESG_INTERNAL, IKE_PROCESS_COMPLETE *Jul 29 10:45:43.625: ISAKMP:(2040):Old State = IKE_I_MM6 New State = IKE_P1_COMPLETE *Jul 29 10:45:43.625: ISAKMP:(2040):Need XAUTH *Jul 29 10:45:43.625: ISAKMP: set new node 322552716 to CONF_XAUTH *Jul 29 10:45:43.625: ISAKMP/xauth: request attribute XAUTH_USER_NAME_V2 *Jul 29 10:45:43.625: ISAKMP/xauth: request attribute XAUTH_USER_PASSWORD_V2 *Jul 29 10:45:43.625: ISAKMP:(2040): initiating peer config to Y.Y.Y.Y. ID = 322552716 *Jul 29 10:45:43.625: ISAKMP:(2040): sending packet to Y.Y.Y.Y my_port 500 peer_port 500 (I) CONF_XAUTH *Jul 29 10:45:43.625: ISAKMP:(2040):Input = IKE_MESG_INTERNAL, IKE_PHASE1_COMPLETE *Jul 29 10:45:43.625: ISAKMP:(2040):Old State = IKE_P1_COMPLETE New State = IKE_XAUTH_REQ_SENT *Jul 29 10:45:43.717: ISAKMP (0:2040): received packet from Y.Y.Y.Y dport 500 sport 500 Global (I) CONF_XAUTH *Jul 29 10:45:43.721: ISAKMP: set new node -2108106074 to CONF_XAUTH *Jul 29 10:45:43.721: ISAKMP:(2040): processing HASH payload. message ID = -2108106074 *Jul 29 10:45:43.721: ISAKMP:received payload type 18 *Jul 29 10:45:43.721: ISAKMP:(2040): processing DELETE_WITH_REASON payload, message ID = -2108106074, reason: Unknown delete reason! *Jul 29 10:45:43.721: ISAKMP:(2040):peer does not do paranoid keepalives. *Jul 29 10:45:43.721: ISAKMP:(2040):peer does not do paranoid keepalives. *Jul 29 10:45:43.721: ISAKMP:(2040):deleting SA reason "IKMP_ERR_NO_RETRANS" state (I) CONF_XAUTH (peer Y.Y.Y.Y) *Jul 29 10:45:43.721: ISAKMP:(2040):deleting node -2108106074 error FALSE reason "Informational (in) state 1" *Jul 29 10:45:43.721: IPSEC(key_engine): got a queue event with 1 KMI message(s) *Jul 29 10:45:43.721: IPSEC(key_engine_delete_sas): rec'd delete notify from ISAKMP *Jul 29 10:45:43.721: IPSEC(key_engine_delete_sas): delete all SAs shared with peer Y.Y.Y.Y *Jul 29 10:45:43.721: ISAKMP: set new node 2146032115 to CONF_XAUTH *Jul 29 10:45:43.725: ISAKMP:(2040): sending packet to Y.Y.Y.Y my_port 500 peer_port 500 (I) CONF_XAUTH *Jul 29 10:45:43.725: ISAKMP:(2040):purging node 2146032115 *Jul 29 10:45:43.725: ISAKMP:(2040):Input = IKE_MESG_INTERNAL, IKE_PHASE1_DEL *Jul 29 10:45:43.725: ISAKMP:(2040):Old State = IKE_XAUTH_REQ_SENT New State = IKE_DEST_SA *Jul 29 10:45:43.725: ISAKMP:(2040):deleting SA reason "No reason" state (I) CONF_XAUTH (peer Y.Y.Y.Y) *Jul 29 10:45:43.725: ISAKMP:(0):Can't decrement IKE Call Admission Control stat outgoing_active since it's already 0. *Jul 29 10:45:43.725: ISAKMP: Unlocking peer struct 0x81D5E8C0 for isadb_mark_sa_deleted(), count 0 *Jul 29 10:45:43.725: ISAKMP: Deleting peer node by peer_reap for Y.Y.Y.Y: 81D5E8C0 *Jul 29 10:45:43.725: ISAKMP:(2040):deleting node 328712634 error FALSE reason "IKE deleted" *Jul 29 10:45:43.729: ISAKMP:(2040):deleting node 322552716 error FALSE reason "IKE deleted" *Jul 29 10:45:43.729: ISAKMP:(2040):deleting node -2108106074 error FALSE reason "IKE deleted" *Jul 29 10:45:43.729: ISAKMP:(2040):Input = IKE_MESG_FROM_PEER, IKE_MM_EXCH *Jul 29 10:45:43.729: ISAKMP:(2040):Old State = IKE_DEST_SA New State = IKE_DEST_SA *Jul 29 10:45:43.729: IPSEC(key_engine): got a queue event with 1 KMI message(s) ALHILAL# ALHILAL# ALHILAL# *Jul 29 10:46:13.013: IPSEC(key_engine): request timer fired: count = 2, (identity) local= X.X.X.X, remote= Y.Y.Y.Y, local_proxy= 172.18.41.0/255.255.255.0/0/0 (type=4), remote_proxy= 172.18.61.0/255.255.255.0/0/0 (type=4) *Jul 29 10:46:14.245: ISAKMP:(2039):purging SA., sa=82A360A0, delme=82A360A0 *Jul 29 10:46:14.245: ISAKMP:(2039):purging node 1008271880 *Jul 29 10:46:14.245: ISAKMP:(2039):purging node -1965977065 *Jul 29 10:46:14.245: ISAKMP:(2039):purging node 1291311711