=~=~=~=~=~=~=~=~=~=~=~= PuTTY log 2024.01.16 16:12:34 =~=~=~=~=~=~=~=~=~=~=~= E-Router# E-Router# E-Router# E-Router# E-Router#termi le E-Router#termi length 0 E-Router#termi length 0 E-Router# Jan 16 14:12:52.228: IKEv2-INTERNAL:Got a packet from dispatcher Jan 16 14:12:52.229: IKEv2-INTERNAL:Processing an item off the pak queue Jan 16 14:12:52.229: IKEv2-INTERNAL:New ikev2 sa request admitted Jan 16 14:12:52.229: IKEv2-INTERNAL:Incrementing incoming negotiating sa count by one Jan 16 14:12:52.229: IKEv2:Received Packet [From 64.100.12.5:46285/To 75.X.X.33:500/VRF i0:f0] Initiator SPI : D48C7FB2206B81AF - Responder SPI : 0000000000000000 Message id: 0 IKEv2 IKE_SA_INIT Exchange REQUEST Jan 16 14:12:52.229: IKEv2-PAK:Next payload: SA, version: 2.0 Exchange type: IKE_SA_INIT, flags: INITIATOR Message id: 0, length: 698 Payload contents: Jan 16 14:12:52.229: IKEv2:parsing SA payload SA Next payload: KE, reserved: 0x0, length: 276 last proposal: 0x2, reserved: 0x0, length: 124 Proposal: 1, Protocol id: IKE, SPI size: 0, #trans: 13 last transform: 0x3, reserved: 0x0: length: 12 type: 1, reserved: 0x0, id: AES-GCM last transform: 0x3, reserved: 0x0: length: 12 type: 1, reserved: 0x0, id: AES-GCM last transform: 0x3, reserved: 0x0: length: 12 type: 1, reserved: 0x0, id: AES-GCM last transform: 0x3, reserved: 0x0: length: 8 type: 2, reserved: 0x0, id: SHA384 last transform: 0x3, reserved: 0x0: length: 8 type: 2, reserved: 0x0, id: SHA512 last transform: 0x3, reserved: 0x0: length: 8 type: 2, reserved: 0x0, id: SHA256 last transform: 0x3, reserved: 0x0: length: 8 type: 2, reserved: 0x0, id: SHA1 last transform: 0x3, reserved: 0x0: length: 8 type: 3, reserved: 0x0, id: None last transform: 0x3, reserved: 0x0: length: 8 type: 4, reserved: 0x0, id: DH_GROUP_256_ECP/Group 19 last transform: 0x3, reserved: 0x0: length: 8 type: 4, reserved: 0x0, id: DH_GROUP_384_ECP/Group 20 last transform: 0x3, reserved: 0x0: length: 8 type: 4, reserved: 0x0, id: DH_GROUP_521_ECP/Group 21 last transform: 0x3, reserved: 0x0: length: 8 type: 4, reserved: 0x0, id: DH_GROUP_3072_MODP/Group 15 last transform: 0x0, reserved: 0x0: length: 8 type: 4, reserved: 0x0, id: DH_GROUP_4096_MODP/Group 16 last proposal: 0x0, reserved: 0x0, length: 148 Proposal: 2, Protocol id: IKE, SPI size: 0, #trans: 16 last transform: 0x3, reserved: 0x0: length: 12 type: 1, reserved: 0x0, id: AES-CBC last transform: 0x3, reserved: 0x0: length: 12 type: 1, reserved: 0x0, id: AES-CBC last transform: 0x3, reserved: 0x0: length: 12 type: 1, reserved: 0x0, id: AES-CBC last transform: 0x3, reserved: 0x0: length: 8 type: 2, reserved: 0x0, id: SHA384 last transform: 0x3, reserved: 0x0: length: 8 type: 2, reserved: 0x0, id: SHA512 last transform: 0x3, reserved: 0x0: length: 8 type: 2, reserved: 0x0, id: SHA256 last transform: 0x3, reserved: 0x0: length: 8 type: 2, reserved: 0x0, id: SHA1 last transform: 0x3, reserved: 0x0: length: 8 type: 3, reserved: 0x0, id: SHA256 last transform: 0x3, reserved: 0x0: length: 8 type: 3, reserved: 0x0, id: SHA384 last transform: 0x3, reserved: 0x0: length: 8 type: 3, reserved: 0x0, id: SHA96 last transform: 0x3, reserved: 0x0: length: 8 type: 3, reserved: 0x0, id: SHA512 last transform: 0x3, reserved: 0x0: length: 8 type: 4, reserved: 0x0, id: DH_GROUP_256_ECP/Group 19 last transform: 0x3, reserved: 0x0: length: 8 type: 4, reserved: 0x0, id: DH_GROUP_384_ECP/Group 20 last transform: 0x3, reserved: 0x0: length: 8 type: 4, reserved: 0x0, id: DH_GROUP_521_ECP/Group 21 last transform: 0x3, reserved: 0x0: length: 8 type: 4, reserved: 0x0, id: DH_GROUP_3072_MODP/Group 15 last transform: 0x0, reserved: 0x0: length: 8 type: 4, reserved: 0x0, id: DH_GROUP_4096_MODP/Group 16 Jan 16 14:12:52.230: IKEv2:parsing KE payload KE Next payload: N, reserved: 0x0, length: 72 DH group: 19, Reserved: 0x0 Jan 16 14:12:52.230: IKEv2:parsing N payload N Next payload: VID, reserved: 0x0, length: 24 Jan 16 14:12:52.230: IKEv2:parsing VID payload Jan 16 14:12:52.230: IKEv2-INTERNAL:Parse Vendor Specific Payload: CISCO-DELETE-REASON VID Next payload: VID, reserved: 0x0, length: 23 Jan 16 14:12:52.230: IKEv2:parsing VID payload Jan 16 14:12:52.230: IKEv2-INTERNAL:Parse Vendor Specific Payload: (CUSTOM) VID Next payload: VID, reserved: 0x0, length: 59 Jan 16 14:12:52.231: IKEv2:parsing VID payload Jan 16 14:12:52.231: IKEv2-INTERNAL:Parse Vendor Specific Payload: (CUSTOM) VID Next payload: VID, reserved: 0x0, length: 24 Jan 16 14:12:52.231: IKEv2:parsing VID payload Jan 16 14:12:52.231: IKEv2-INTERNAL:Parse Vendor Specific Payload: (CUSTOM) VID Next payload: VID, reserved: 0x0, length: 19 Jan 16 14:12:52.231: IKEv2:parsing VID payload Jan 16 14:12:52.231: IKEv2-INTERNAL:Parse Vendor Specific Payload: (CUSTOM) VID Next payload: VID, reserved: 0x0, length: 20 Jan 16 14:12:52.231: IKEv2:parsing VID payload Jan 16 14:12:52.231: IKEv2-INTERNAL:Parse Vendor Specific Payload: (CUSTOM) VID Next payload: VID, reserved: 0x0, length: 26 Jan 16 14:12:52.231: IKEv2:parsing VID payload Jan 16 14:12:52.231: IKEv2-INTERNAL:Parse Vendor Specific Payload: (CUSTOM) VID Next payload: NOTIFY, reserved: 0x0, length: 29 Jan 16 14:12:52.231: IKEv2:parsing NOTIFY payload Jan 16 14:12:52.231: IKEv2-INTERNAL:Parse Notify Payload: NAT_DETECTION_SOURCE_IP NOTIFY(NAT_DETECTION_SOURCE_IP) Next payload: NOTIFY, reserved: 0x0, length: 28 Security protocol id: IKE, spi size: 0, type: NAT_DETECTION_SOURCE_IP Jan 16 14:12:52.231: IKEv2:parsing NOTIFY payload Jan 16 14:12:52.231: IKEv2-INTERNAL:Parse Notify Payload: NAT_DETECTION_DESTINATION_IP NOTIFY(NAT_DETECTION_DESTINATION_IP) Next payload: VID, reserved: 0x0, length: 28 Security protocol id: IKE, spi size: 0, type: NAT_DETECTION_DESTINATION_IP Jan 16 14:12:52.231: IKEv2:parsing VID payload Jan 16 14:12:52.231: IKEv2-INTERNAL:Parse Vendor Specific Payload: FRAGMENTATION VID Next payload: CFG, reserved: 0x0, length: 20 Jan 16 14:12:52.232: IKEv2:parsing CFG payload CFG Next payload: NOTIFY, reserved: 0x0, length: 14 cfg type: CFG_REQUEST, reserved: 0x0, reserved: 0x0 attrib type: Unknown - 28728, length: 2 Jan 16 14:12:52.232: IKEv2:parsing NOTIFY payload Jan 16 14:12:52.232: IKEv2-INTERNAL:Parse Notify Payload: REDIRECT_SUPPORTED NOTIFY(REDIRECT_SUPPORTED) Next payload: NONE, reserved: 0x0, length: 8 Security protocol id: Unknown - 0, spi size: 0, type: REDIRECT_SUPPORTED Jan 16 14:12:52.232: IKEv2-INTERNAL:(1): Received custom vendor id : CISCO(COPYRIGHT) Jan 16 14:12:52.232: IKEv2-INTERNAL:(1): Received custom vendor id : CISCO-ANYCONNECT-EAP Jan 16 14:12:52.232: IKEv2-INTERNAL:(SESSION ID = 123,SA ID = 1):SM Trace-> SA: I_SPI=D48C7FB2206B81AF R_SPI=4EB60610A6D7FC09 (R) MsgID = 0 CurState: IDLE Event: EV_RECV_INIT Jan 16 14:12:52.232: IKEv2-INTERNAL:(SESSION ID = 123,SA ID = 1):SM Trace-> SA: I_SPI=D48C7FB2206B81AF R_SPI=4EB60610A6D7FC09 (R) MsgID = 0 CurState: R_INIT Event: EV_VERIFY_MSG Jan 16 14:12:52.232: IKEv2:(SESSION ID = 123,SA ID = 1):Verify SA init message Jan 16 14:12:52.232: IKEv2-INTERNAL:(SESSION ID = 123,SA ID = 1):SM Trace-> SA: I_SPI=D48C7FB2206B81AF R_SPI=4EB60610A6D7FC09 (R) MsgID = 0 CurState: R_INIT Event: EV_INSERT_SA Jan 16 14:12:52.232: IKEv2:(SESSION ID = 123,SA ID = 1):Insert SA Jan 16 14:12:52.232: IKEv2-INTERNAL:(SESSION ID = 123,SA ID = 1):SM Trace-> SA: I_SPI=D48C7FB2206B81AF R_SPI=4EB60610A6D7FC09 (R) MsgID = 0 CurState: R_INIT Event: EV_GET_IKE_POLICY Jan 16 14:12:52.232: IKEv2:Searching Policy with fvrf 0, local address 75.X.X.33 Jan 16 14:12:52.232: IKEv2:Found Policy 'IKEV2_POLICY' Jan 16 14:12:52.232: IKEv2-INTERNAL:Adding Proposal IKEV2_PROPOSAL to toolkit policy Jan 16 14:12:52.232: IKEv2-INTERNAL:(SESSION ID = 123,SA ID = 1):SM Trace-> SA: I_SPI=D48C7FB2206B81AF R_SPI=4EB60610A6D7FC09 (R) MsgID = 0 CurState: R_INIT Event: EV_PROC_MSG Jan 16 14:12:52.232: IKEv2:(SESSION ID = 123,SA ID = 1):Processing IKE_SA_INIT message Jan 16 14:12:52.233: IKEv2-INTERNAL:(SESSION ID = 123,SA ID = 1):SM Trace-> SA: I_SPI=D48C7FB2206B81AF R_SPI=4EB60610A6D7FC09 (R) MsgID = 0 CurState: R_INIT Event: EV_DETECT_NAT Jan 16 14:12:52.233: IKEv2-INTERNAL:(SESSION ID = 123,SA ID = 1):Process NAT discovery notify Jan 16 14:12:52.233: IKEv2-INTERNAL:(SESSION ID = 123,SA ID = 1):Processing nat detect src notify Jan 16 14:12:52.233: IKEv2-INTERNAL:(SESSION ID = 123,SA ID = 1):Remote address not matched Jan 16 14:12:52.233: IKEv2-INTERNAL:(SESSION ID = 123,SA ID = 1):Processing nat detect dst notify Jan 16 14:12:52.233: IKEv2-INTERNAL:(SESSION ID = 123,SA ID = 1):Local address matched Jan 16 14:12:52.233: IKEv2-INTERNAL:(SESSION ID = 123,SA ID = 1):Host is located NAT outside Jan 16 14:12:52.233: IKEv2-INTERNAL:(SESSION ID = 123,SA ID = 1):SM Trace-> SA: I_SPI=D48C7FB2206B81AF R_SPI=4EB60610A6D7FC09 (R) MsgID = 0 CurState: R_INIT Event: EV_CHK_CONFIG_MODE Jan 16 14:12:52.233: IKEv2:(SESSION ID = 123,SA ID = 1):Received valid config mode data Jan 16 14:12:52.233: IKEv2-INTERNAL:(SESSION ID = 123,SA ID = 1):SM Trace-> SA: I_SPI=D48C7FB2206B81AF R_SPI=4EB60610A6D7FC09 (R) MsgID = 0 CurState: R_INIT Event: EV_SET_RECD_CONFIG_MODE Jan 16 14:12:52.233: IKEv2-INTERNAL:(SESSION ID = 123,SA ID = 1):Received config data from toolkit: Jan 16 14:12:52.233: IKEv2:(SESSION ID = 123,SA ID = 1):Config data recieved: Jan 16 14:12:52.233: IKEv2:(SESSION ID = 123,SA ID = 1):Config-type: Config-request Jan 16 14:12:52.233: IKEv2:(SESSION ID = 123,SA ID = 1):Attrib type: unknown, length: 2, data: 0x2 0x40 Jan 16 14:12:52.233: IKEv2:IKEv2 responder - ignoring config data received in IKE_SA_INIT exch Jan 16 14:12:52.234: IKEv2:(SESSION ID = 123,SA ID = 1):Set received config mode data Jan 16 14:12:52.234: IKEv2-INTERNAL:(SESSION ID = 123,SA ID = 1):SM Trace-> SA: I_SPI=D48C7FB2206B81AF R_SPI=4EB60610A6D7FC09 (R) MsgID = 0 CurState: R_BLD_INIT Event: EV_SET_POLICY Jan 16 14:12:52.234: IKEv2-INTERNAL:(SESSION ID = 123,SA ID = 1):Setting configured policies Jan 16 14:12:52.234: IKEv2-INTERNAL:(SESSION ID = 123,SA ID = 1):SM Trace-> SA: I_SPI=D48C7FB2206B81AF R_SPI=4EB60610A6D7FC09 (R) MsgID = 0 CurState: R_BLD_INIT Event: EV_GET_PPK_CAP Jan 16 14:12:52.234: IKEv2-INTERNAL:(SESSION ID = 123,SA ID = 1):SM Trace-> SA: I_SPI=D48C7FB2206B81AF R_SPI=4EB60610A6D7FC09 (R) MsgID = 0 CurState: R_BLD_INIT Event: EV_CHK_AUTH4PKI Jan 16 14:12:52.234: IKEv2:(SA ID = 1):[IKEv2 -> PKI] Retrieve configured trustpoint(s) Jan 16 14:12:52.234: IKEv2:(SA ID = 1):[PKI -> IKEv2] Retrieved trustpoint(s): 'CASIGN' 'SLA-TrustPoint' 'IOSCA' 'CA' Jan 16 14:12:52.234: IKEv2:(SA ID = 1):[IKEv2 -> PKI] Get Public Key Hashes of trustpoints Jan 16 14:12:52.234: IKEv2:(SA ID = 1):[PKI -> IKEv2] Getting of Public Key Hashes of trustpoints PASSED Jan 16 14:12:52.234: IKEv2-INTERNAL:(SESSION ID = 123,SA ID = 1):SM Trace-> SA: I_SPI=D48C7FB2206B81AF R_SPI=4EB60610A6D7FC09 (R) MsgID = 0 CurState: R_BLD_INIT Event: EV_PKI_SESH_OPEN Jan 16 14:12:52.234: IKEv2-INTERNAL:(SESSION ID = 123,SA ID = 1):Opening a PKI session Jan 16 14:12:52.234: IKEv2:(SA ID = 1):[IKEv2 -> PKI] Start PKI Session Jan 16 14:12:52.234: IKEv2:(SA ID = 1):[PKI -> IKEv2] Starting of PKI Session PASSED Jan 16 14:12:52.234: IKEv2-INTERNAL:(SESSION ID = 123,SA ID = 1):SM Trace-> SA: I_SPI=D48C7FB2206B81AF R_SPI=4EB60610A6D7FC09 (R) MsgID = 0 CurState: R_BLD_INIT Event: EV_GEN_DH_KEY Jan 16 14:12:52.234: IKEv2:(SESSION ID = 123,SA ID = 1):[IKEv2 -> Crypto Engine] Computing DH public key, DH Group 19 Jan 16 14:12:52.236: IKEv2:(SESSION ID = 123,SA ID = 1):(SA ID = 1):[Crypto Engine -> IKEv2] DH key Computation PASSED Jan 16 14:12:52.236: IKEv2:(SESSION ID = 123,SA ID = 1):Request queued for computation of DH key Jan 16 14:12:52.236: IKEv2-INTERNAL:(SESSION ID = 123,SA ID = 1):SM Trace-> SA: I_SPI=D48C7FB2206B81AF R_SPI=4EB60610A6D7FC09 (R) MsgID = 0 CurState: R_BLD_INIT Event: EV_NO_EVENT Jan 16 14:12:52.236: IKEv2-INTERNAL:(SESSION ID = 123,SA ID = 1):SM Trace-> SA: I_SPI=D48C7FB2206B81AF R_SPI=4EB60610A6D7FC09 (R) MsgID = 0 CurState: R_BLD_INIT Event: EV_OK_RECD_DH_PUBKEY_RESP Jan 16 14:12:52.236: IKEv2-INTERNAL:(SESSION ID = 123,SA ID = 1):Action: Action_Null Jan 16 14:12:52.236: IKEv2-INTERNAL:(SESSION ID = 123,SA ID = 1):SM Trace-> SA: I_SPI=D48C7FB2206B81AF R_SPI=4EB60610A6D7FC09 (R) MsgID = 0 CurState: R_BLD_INIT Event: EV_GEN_DH_SECRET Jan 16 14:12:52.236: IKEv2:(SESSION ID = 123,SA ID = 1):[IKEv2 -> Crypto Engine] Computing DH secret key, DH Group 19 Jan 16 14:12:52.241: IKEv2:(SESSION ID = 123,SA ID = 1):(SA ID = 1):[Crypto Engine -> IKEv2] DH key Computation PASSED Jan 16 14:12:52.241: IKEv2:(SESSION ID = 123,SA ID = 1):Request queued for computation of DH secret Jan 16 14:12:52.241: IKEv2-INTERNAL:(SESSION ID = 123,SA ID = 1):SM Trace-> SA: I_SPI=D48C7FB2206B81AF R_SPI=4EB60610A6D7FC09 (R) MsgID = 0 CurState: R_BLD_INIT Event: EV_NO_EVENT Jan 16 14:12:52.241: IKEv2-INTERNAL:(SESSION ID = 123,SA ID = 1):SM Trace-> SA: I_SPI=D48C7FB2206B81AF R_SPI=4EB60610A6D7FC09 (R) MsgID = 0 CurState: R_BLD_INIT Event: EV_OK_RECD_DH_SECRET_RESP Jan 16 14:12:52.241: IKEv2-INTERNAL:(SESSION ID = 123,SA ID = 1):Action: Action_Null Jan 16 14:12:52.241: IKEv2-INTERNAL:(SESSION ID = 123,SA ID = 1):SM Trace-> SA: I_SPI=D48C7FB2206B81AF R_SPI=4EB60610A6D7FC09 (R) MsgID = 0 CurState: R_BLD_INIT Event: EV_GEN_SKEYID Jan 16 14:12:52.241: IKEv2-INTERNAL:(SESSION ID = 123,SA ID = 1):Generate skeyid Jan 16 14:12:52.241: IKEv2:(SESSION ID = 123,SA ID = 1):(SA ID = 1):[IKEv2 -> Crypto Engine] Calculate SKEYSEED and create rekeyed IKEv2 SA Jan 16 14:12:52.241: IKEv2:(SESSION ID = 123,SA ID = 1):(SA ID = 1):[Crypto Engine -> IKEv2] SKEYSEED calculation and creation of rekeyed IKEv2 SA PASSED Jan 16 14:12:52.242: IKEv2-INTERNAL:(SESSION ID = 123,SA ID = 1):SM Trace-> SA: I_SPI=D48C7FB2206B81AF R_SPI=4EB60610A6D7FC09 (R) MsgID = 0 CurState: R_BLD_INIT Event: EV_GET_CONFIG_MODE Jan 16 14:12:52.242: IKEv2:IKEv2 responder - no config data to send in IKE_SA_INIT exch Jan 16 14:12:52.242: IKEv2-INTERNAL:(SESSION ID = 123,SA ID = 1):No config data to send to toolkit: Jan 16 14:12:52.242: IKEv2-INTERNAL:(SESSION ID = 123,SA ID = 1):SM Trace-> SA: I_SPI=D48C7FB2206B81AF R_SPI=4EB60610A6D7FC09 (R) MsgID = 0 CurState: R_BLD_INIT Event: EV_BLD_MSG Jan 16 14:12:52.242: IKEv2:(SESSION ID = 123,SA ID = 1):Generating IKE_SA_INIT message Jan 16 14:12:52.242: IKEv2:(SESSION ID = 123,SA ID = 1):IKE Proposal: 2, SPI size: 0 (initial negotiation), Num. transforms: 4 AES-CBC SHA256 SHA256 DH_GROUP_256_ECP/Group 19 Jan 16 14:12:52.242: IKEv2-INTERNAL:Construct Vendor Specific Payload: DELETE-REASON Jan 16 14:12:52.242: IKEv2-INTERNAL:Construct Vendor Specific Payload: CISCOVPN-REV-02 Jan 16 14:12:52.242: IKEv2-INTERNAL:(1): Sending custom vendor id : CISCO(COPYRIGHT) Jan 16 14:12:52.242: IKEv2-INTERNAL:(1): Sending custom vendor id : CISCO-GRE-MODE Jan 16 14:12:52.242: IKEv2-INTERNAL:Sending DRU Handshake Jan 16 14:12:52.242: IKEv2-INTERNAL:(1): Sending custom vendor id : CISCO-DYNAMIC-ROUTE Jan 16 14:12:52.242: IKEv2-INTERNAL:(1): Sending custom vendor id : CISCO-ANYCONNECT-EAP Jan 16 14:12:52.242: IKEv2-INTERNAL:Construct Vendor Specific Payload: (CUSTOM) Jan 16 14:12:52.242: IKEv2-INTERNAL:Construct Vendor Specific Payload: (CUSTOM) Jan 16 14:12:52.242: IKEv2-INTERNAL:Construct Vendor Specific Payload: (CUSTOM) Jan 16 14:12:52.242: IKEv2-INTERNAL:Construct Vendor Specific Payload: (CUSTOM) Jan 16 14:12:52.242: IKEv2-INTERNAL:Construct Vendor Specific Payload: (CUSTOM) Jan 16 14:12:52.242: IKEv2-INTERNAL:Construct Notify Payload: NAT_DETECTION_SOURCE_IP Jan 16 14:12:52.242: IKEv2-INTERNAL:Construct Notify Payload: NAT_DETECTION_DESTINATION_IP Jan 16 14:12:52.242: IKEv2:(SA ID = 1):[IKEv2 -> PKI] Retrieve configured trustpoint(s) Jan 16 14:12:52.243: IKEv2:(SA ID = 1):[PKI -> IKEv2] Retrieved trustpoint(s): 'CASIGN' 'SLA-TrustPoint' 'IOSCA' 'CA' Jan 16 14:12:52.243: IKEv2:(SA ID = 1):[IKEv2 -> PKI] Get Public Key Hashes of trustpoints Jan 16 14:12:52.243: IKEv2:(SA ID = 1):[PKI -> IKEv2] Getting of Public Key Hashes of trustpoints PASSED Jan 16 14:12:52.243: IKEv2:(SESSION ID = 123,SA ID = 1):Sending Packet [To 64.100.12.5:46285/From 75.X.X.33:500/VRF i0:f0] Initiator SPI : D48C7FB2206B81AF - Responder SPI : 4EB60610A6D7FC09 Message id: 0 IKEv2 IKE_SA_INIT Exchange RESPONSE Jan 16 14:12:52.243: IKEv2-PAK:(SESSION ID = 123,SA ID = 1):Next payload: SA, version: 2.0 Exchange type: IKE_SA_INIT, flags: RESPONDER MSG-RESPONSE Message id: 0, length: 493 Payload contents: SA Next payload: KE, reserved: 0x0, length: 48 last proposal: 0x0, reserved: 0x0, length: 44 Proposal: 2, Protocol id: IKE, SPI size: 0, #trans: 4 last transform: 0x3, reserved: 0x0: length: 12 type: 1, reserved: 0x0, id: AES-CBC last transform: 0x3, reserved: 0x0: length: 8 type: 2, reserved: 0x0, id: SHA256 last transform: 0x3, reserved: 0x0: length: 8 type: 3, reserved: 0x0, id: SHA256 last transform: 0x0, reserved: 0x0: length: 8 type: 4, reserved: 0x0, id: DH_GROUP_256_ECP/Group 19 KE Next payload: N, reserved: 0x0, length: 72 DH group: 19, Reserved: 0x0 N Next payload: VID, reserved: 0x0, length: 36 VID Next payload: VID, reserved: 0x0, length: 23 VID Next payload: VID, reserved: 0x0, length: 19 VID Next payload: VID, reserved: 0x0, length: 59 VID Next payload: VID, reserved: 0x0, length: 19 VID Next payload: VID, reserved: 0x0, length: 23 VID Next payload: VID, reserved: 0x0, length: 24 VID Next payload: NOTIFY, reserved: 0x0, length: 21 NOTIFY(NAT_DETECTION_SOURCE_IP) Next payload: NOTIFY, reserved: 0x0, length: 28 Security protocol id: Unknown - 0, spi size: 0, type: NAT_DETECTION_SOURCE_IP NOTIFY(NAT_DETECTION_DESTINATION_IP) Next payload: CERTREQ, reserved: 0x0, length: 28 Security protocol id: Unknown - 0, spi size: 0, type: NAT_DETECTION_DESTINATION_IP CERTREQ Next payload: NONE, reserved: 0x0, length: 65 Cert encoding X.509 Certificate - signature Jan 16 14:12:52.244: IKEv2-INTERNAL:(SESSION ID = 123,SA ID = 1):SM Trace-> SA: I_SPI=D48C7FB2206B81AF R_SPI=4EB60610A6D7FC09 (R) MsgID = 0 CurState: INIT_DONE Event: EV_DONE Jan 16 14:12:52.244: IKEv2-INTERNAL:(SESSION ID = 123,SA ID = 1):Cisco DeleteReason Notify is enabled Jan 16 14:12:52.245: IKEv2:(SESSION ID = 123,SA ID = 1):Completed SA init exchange Jan 16 14:12:52.245: IKEv2-INTERNAL:(SESSION ID = 123,SA ID = 1):SM Trace-> SA: I_SPI=D48C7FB2206B81AF R_SPI=4EB60610A6D7FC09 (R) MsgID = 0 CurState: INIT_DONE Event: EV_CHK4_ROLE Jan 16 14:12:52.245: IKEv2-INTERNAL:(SESSION ID = 123,SA ID = 1):SM Trace-> SA: I_SPI=D48C7FB2206B81AF R_SPI=4EB60610A6D7FC09 (R) MsgID = 0 CurState: INIT_DONE Event: EV_START_TMR Jan 16 14:12:52.245: IKEv2:(SESSION ID = 123,SA ID = 1):Starting timer (30 sec) to wait for auth message Jan 16 14:12:52.245: IKEv2-INTERNAL:(SESSION ID = 123,SA ID = 1):SM Trace-> SA: I_SPI=D48C7FB2206B81AF R_SPI=4EB60610A6D7FC09 (R) MsgID = 0 CurState: R_WAIT_AUTH Event: EV_NO_EVENT Jan 16 14:12:52.320: IKEv2-INTERNAL:Got a packet from dispatcher Jan 16 14:12:52.320: IKEv2-INTERNAL:Processing an item off the pak queue Jan 16 14:12:52.320: IKEv2-INTERNAL:(SESSION ID = 123,SA ID = 1):Request has mess_id 1; expected 1 through 1 Jan 16 14:12:52.320: IKEv2:(SESSION ID = 123,SA ID = 1):Received Packet [From 64.100.12.5:37841/To 75.X.X.33:4500/VRF i0:f0] Initiator SPI : D48C7FB2206B81AF - Responder SPI : 4EB60610A6D7FC09 Message id: 1 IKEv2 IKE_AUTH Exchange REQUEST Jan 16 14:12:52.320: IKEv2-PAK:(SESSION ID = 123,SA ID = 1):Next payload: ENCR, version: 2.0 Exchange type: IKE_AUTH, flags: INITIATOR Message id: 1, length: 752 Payload contents: Jan 16 14:12:52.321: IKEv2:(SESSION ID = 123,SA ID = 1):parsing ENCR payload Jan 16 14:12:52.321: IKEv2:(SESSION ID = 123,SA ID = 1):parsing VID payload Jan 16 14:12:52.321: IKEv2-INTERNAL:Parse Vendor Specific Payload: (CUSTOM) VID Next payload: IDi, reserved: 0x0, length: 20 Jan 16 14:12:52.321: IKEv2:(SESSION ID = 123,SA ID = 1):parsing IDi payload IDi Next payload: CERTREQ, reserved: 0x0, length: 28 Id type: Group name, Reserved: 0x0 0x0 Jan 16 14:12:52.321: IKEv2:(SESSION ID = 123,SA ID = 1):parsing CERTREQ payload CERTREQ Next payload: CFG, reserved: 0x0, length: 25 Cert encoding X.509 Certificate - signature Jan 16 14:12:52.321: IKEv2:(SESSION ID = 123,SA ID = 1):parsing CFG payload CFG Next payload: SA, reserved: 0x0, length: 250 cfg type: CFG_REQUEST, reserved: 0x0, reserved: 0x0 attrib type: internal IP4 address, length: 0 attrib type: internal IP4 netmask, length: 0 attrib type: internal IP4 DNS, length: 0 attrib type: internal IP4 NBNS, length: 0 attrib type: internal address expiry, length: 0 attrib type: application version, length: 29 attrib type: internal IP4 subnet, length: 0 attrib type: internal IP6 address, length: 0 attrib type: internal IP6 DNS, length: 0 attrib type: internal IP6 subnet, length: 0 attrib type: Unknown - 28682, length: 5 attrib type: Unknown - 28704, length: 0 attrib type: Unknown - 28742, length: 0 attrib type: Unknown - 28743, length: 0 attrib type: Unknown - 28705, length: 0 attrib type: Unknown - 28706, length: 0 attrib type: Unknown - 28707, length: 0 attrib type: Unknown - 28708, length: 0 attrib type: Unknown - 28709, length: 0 attrib type: Unknown - 28710, length: 0 attrib type: Unknown - 28672, length: 0 attrib type: Unknown - 28684, length: 0 attrib type: Unknown - 28711, length: 2 attrib type: Unknown - 28674, length: 0 attrib type: Unknown - 28712, length: 0 attrib type: Unknown - 28675, length: 0 attrib type: Unknown - 28679, length: 0 attrib type: Unknown - 28683, length: 0 attrib type: Unknown - 28717, length: 0 attrib type: Unknown - 28718, length: 0 attrib type: Unknown - 28719, length: 0 attrib type: Unknown - 28720, length: 0 attrib type: Unknown - 28721, length: 0 attrib type: Unknown - 28722, length: 0 attrib type: Unknown - 28723, length: 0 attrib type: Unknown - 28724, length: 0 attrib type: Unknown - 28725, length: 0 attrib type: Unknown - 28726, length: 0 attrib type: Unknown - 28727, length: 0 attrib type: Unknown - 28729, length: 0 attrib type: Unknown - 28730, length: 0 attrib type: Unknown - 28731, length: 0 attrib type: Unknown - 28732, length: 0 attrib type: Unknown - 28734, length: 0 attrib type: Unknown - 28736, length: 0 attrib type: Unknown - 28733, length: 4 attrib type: Unknown - 28735, length: 4 attrib type: Unknown - 28737, length: 0 attrib type: Unknown - 28738, length: 2 Jan 16 14:12:52.323: IKEv2:(SESSION ID = 123,SA ID = 1):parsing SA payload SA Next payload: NOTIFY, reserved: 0x0, length: 156 last proposal: 0x2, reserved: 0x0, length: 64 Proposal: 1, Protocol id: ESP, SPI size: 4, #trans: 5 last transform: 0x3, reserved: 0x0: length: 12 type: 1, reserved: 0x0, id: AES-GCM last transform: 0x3, reserved: 0x0: length: 12 type: 1, reserved: 0x0, id: AES-GCM last transform: 0x3, reserved: 0x0: length: 12 type: 1, reserved: 0x0, id: AES-GCM last transform: 0x3, reserved: 0x0: length: 8 type: 3, reserved: 0x0, id: None last transform: 0x0, reserved: 0x0: length: 8 type: 5, reserved: 0x0, id: Don't use ESN last proposal: 0x0, reserved: 0x0, length: 88 Proposal: 2, Protocol id: ESP, SPI size: 4, #trans: 8 last transform: 0x3, reserved: 0x0: length: 12 type: 1, reserved: 0x0, id: AES-CBC last transform: 0x3, reserved: 0x0: length: 12 type: 1, reserved: 0x0, id: AES-CBC last transform: 0x3, reserved: 0x0: length: 12 type: 1, reserved: 0x0, id: AES-CBC last transform: 0x3, reserved: 0x0: length: 8 type: 3, reserved: 0x0, id: SHA256 last transform: 0x3, reserved: 0x0: length: 8 type: 3, reserved: 0x0, id: SHA384 last transform: 0x3, reserved: 0x0: length: 8 type: 3, reserved: 0x0, id: SHA96 last transform: 0x3, reserved: 0x0: length: 8 type: 3, reserved: 0x0, id: SHA512 last transform: 0x0, reserved: 0x0: length: 8 type: 5, reserved: 0x0, id: Don't use ESN Jan 16 14:12:52.324: IKEv2:(SESSION ID = 123,SA ID = 1):parsing NOTIFY payload Jan 16 14:12:52.324: IKEv2-INTERNAL:Parse Notify Payload: IPCOMP_SUPPORTED NOTIFY(IPCOMP_SUPPORTED) Next payload: TSi, reserved: 0x0, length: 11 Security protocol id: IKE, spi size: 0, type: IPCOMP_SUPPORTED Jan 16 14:12:52.324: IKEv2:(SESSION ID = 123,SA ID = 1):parsing TSi payload TSi Next payload: TSr, reserved: 0x0, length: 64 Num of TSs: 2, reserved 0x0, reserved 0x0 TS type: TS_IPV4_ADDR_RANGE, proto id: 0, length: 16 start port: 0, end port: 65535 start addr: 0.0.0.0, end addr: 255.255.255.255 TS type: TS_IPV6_ADDR_RANGE, proto id: 0, length: 40 start port: 0, end port: 65535 start addr: ::, end addr: FFFF:FFFF:FFFF:FFFF:FFFF:FFFF:FFFF:FFFF Jan 16 14:12:52.324: IKEv2:(SESSION ID = 123,SA ID = 1):parsing TSr payload TSr Next payload: NOTIFY, reserved: 0x0, length: 64 Num of TSs: 2, reserved 0x0, reserved 0x0 TS type: TS_IPV4_ADDR_RANGE, proto id: 0, length: 16 start port: 0, end port: 65535 start addr: 0.0.0.0, end addr: 255.255.255.255 TS type: TS_IPV6_ADDR_RANGE, proto id: 0, length: 40 start port: 0, end port: 65535 start addr: ::, end addr: FFFF:FFFF:FFFF:FFFF:FFFF:FFFF:FFFF:FFFF Jan 16 14:12:52.325: IKEv2:(SESSION ID = 123,SA ID = 1):parsing NOTIFY payload Jan 16 14:12:52.325: IKEv2-INTERNAL:Parse Notify Payload: INITIAL_CONTACT NOTIFY(INITIAL_CONTACT) Next payload: NOTIFY, reserved: 0x0, length: 8 Security protocol id: IKE, spi size: 0, type: INITIAL_CONTACT Jan 16 14:12:52.325: IKEv2:(SESSION ID = 123,SA ID = 1):parsing NOTIFY payload Jan 16 14:12:52.325: IKEv2-INTERNAL:Parse Notify Payload: USE_TRANSPORT_MODE NOTIFY(USE_TRANSPORT_MODE) Next payload: OA, reserved: 0x0, length: 8 Security protocol id: IKE, spi size: 0, type: USE_TRANSPORT_MODE Jan 16 14:12:52.325: IKEv2:(SESSION ID = 123,SA ID = 1):parsing OA payload OA Next payload: OA, reserved: 0x0, length: 12 Id type: IPv4 address, Reserved: 0x0 0x0 Jan 16 14:12:52.325: IKEv2:(SESSION ID = 123,SA ID = 1):parsing OA payload OA Next payload: NOTIFY, reserved: 0x0, length: 12 Id type: IPv4 address, Reserved: 0x0 0x0 Jan 16 14:12:52.325: IKEv2:(SESSION ID = 123,SA ID = 1):parsing NOTIFY payload Jan 16 14:12:52.325: IKEv2-INTERNAL:Parse Notify Payload: ESP_TFC_NO_SUPPORT NOTIFY(ESP_TFC_NO_SUPPORT) Next payload: NOTIFY, reserved: 0x0, length: 8 Security protocol id: IKE, spi size: 0, type: ESP_TFC_NO_SUPPORT Jan 16 14:12:52.325: IKEv2:(SESSION ID = 123,SA ID = 1):parsing NOTIFY payload Jan 16 14:12:52.325: IKEv2-INTERNAL:Parse Notify Payload: NON_FIRST_FRAGS NOTIFY(NON_FIRST_FRAGS) Next payload: NONE, reserved: 0x0, length: 8 Security protocol id: IKE, spi size: 0, type: NON_FIRST_FRAGS Jan 16 14:12:52.325: IKEv2-INTERNAL:(SESSION ID = 123,SA ID = 1):SM Trace-> SA: I_SPI=D48C7FB2206B81AF R_SPI=4EB60610A6D7FC09 (R) MsgID = 1 CurState: R_WAIT_AUTH Event: EV_RECV_AUTH Jan 16 14:12:52.326: IKEv2:(SESSION ID = 123,SA ID = 1):Stopping timer to wait for auth message Jan 16 14:12:52.326: IKEv2-INTERNAL:(SESSION ID = 123,SA ID = 1):SM Trace-> SA: I_SPI=D48C7FB2206B81AF R_SPI=4EB60610A6D7FC09 (R) MsgID = 1 CurState: R_WAIT_AUTH Event: EV_CHK_NAT_T Jan 16 14:12:52.326: IKEv2:(SESSION ID = 123,SA ID = 1):Checking NAT discovery Jan 16 14:12:52.326: IKEv2:(SESSION ID = 123,SA ID = 1):NAT OUTSIDE found Jan 16 14:12:52.326: IKEv2-INTERNAL:(SESSION ID = 123,SA ID = 1):SM Trace-> SA: I_SPI=D48C7FB2206B81AF R_SPI=4EB60610A6D7FC09 (R) MsgID = 1 CurState: R_WAIT_AUTH Event: EV_CHK_DIKE Jan 16 14:12:52.326: IKEv2-INTERNAL:(SESSION ID = 123,SA ID = 1):SM Trace-> SA: I_SPI=D48C7FB2206B81AF R_SPI=4EB60610A6D7FC09 (R) MsgID = 1 CurState: R_WAIT_AUTH Event: EV_CHG_NAT_T_PORT Jan 16 14:12:52.326: IKEv2:(SESSION ID = 123,SA ID = 1):NAT detected float to init port 37841, resp port 4500 Jan 16 14:12:52.326: IKEv2-INTERNAL:(SESSION ID = 123,SA ID = 1):SM Trace-> SA: I_SPI=D48C7FB2206B81AF R_SPI=4EB60610A6D7FC09 (R) MsgID = 1 CurState: R_WAIT_AUTH Event: EV_PROC_ID Jan 16 14:12:52.326: IKEv2-INTERNAL:(SESSION ID = 123,SA ID = 1):Received valid parameteres in process id Jan 16 14:12:52.326: IKEv2-INTERNAL:(SESSION ID = 123,SA ID = 1):SM Trace-> SA: I_SPI=D48C7FB2206B81AF R_SPI=4EB60610A6D7FC09 (R) MsgID = 1 CurState: R_WAIT_AUTH Event: EV_CHK_IF_PEER_CERT_NEEDS_TO_BE_FETCHED_FOR_PROF_SEL Jan 16 14:12:52.326: IKEv2-INTERNAL:(SESSION ID = 123,SA ID = 1):SM Trace-> SA: I_SPI=D48C7FB2206B81AF R_SPI=4EB60610A6D7FC09 (R) MsgID = 1 CurState: R_WAIT_AUTH Event: EV_GET_POLICY_BY_PEERID Jan 16 14:12:52.326: IKEv2:(SESSION ID = 123,SA ID = 1):Searching policy based on peer's identity '*$AnyConnectClient$*' of type 'key ID' Jan 16 14:12:52.326: IKEv2-ERROR:% IKEv2 profile not found Jan 16 14:12:52.326: IKEv2-INTERNAL:(1): Choosing IKE profile AnyConnect-EAP Jan 16 14:12:52.326: IKEv2:(SESSION ID = 123,SA ID = 1):Searching Policy with fvrf 0, local address 75.X.X.33 Jan 16 14:12:52.326: IKEv2:(SESSION ID = 123,SA ID = 1):Found Policy 'IKEV2_POLICY' Jan 16 14:12:52.326: IKEv2-INTERNAL:Adding Proposal IKEV2_PROPOSAL to toolkit policy Jan 16 14:12:52.326: IKEv2-INTERNAL:(SA ID = 1):Using IKEv2 profile 'AnyConnect-EAP' Jan 16 14:12:52.326: IKEv2:not a VPN-SIP session Jan 16 14:12:52.326: IKEv2-INTERNAL:(SESSION ID = 123,SA ID = 1):SM Trace-> SA: I_SPI=D48C7FB2206B81AF R_SPI=4EB60610A6D7FC09 (R) MsgID = 1 CurState: R_WAIT_AUTH Event: EV_SET_POLICY Jan 16 14:12:52.327: IKEv2-INTERNAL:(SESSION ID = 123,SA ID = 1):Setting configured policies Jan 16 14:12:52.327: IKEv2-INTERNAL:(SESSION ID = 123,SA ID = 1):SM Trace-> SA: I_SPI=D48C7FB2206B81AF R_SPI=4EB60610A6D7FC09 (R) MsgID = 1 CurState: R_WAIT_AUTH Event: EV_VERIFY_POLICY_BY_PEERID Jan 16 14:12:52.327: IKEv2:(SA ID = 1):[IKEv2 -> PKI] Retrieving trustpoint(s) from received certificate hash(es) Jan 16 14:12:52.327: IKEv2:(SA ID = 1):[PKI -> IKEv2] Retrieved trustpoint(s): NONE Jan 16 14:12:52.327: IKEv2:(SA ID = 1):[IKEv2 -> PKI] Retrieving trustpoint(s) from received certificate hash(es) Jan 16 14:12:52.327: IKEv2:(SA ID = 1):[PKI -> IKEv2] Retrieved trustpoint(s): NONE Jan 16 14:12:52.327: IKEv2:% Received cert hash is invalid, using configured trustpoints from profile for signing Jan 16 14:12:52.328: IKEv2:(SA ID = 1):[IKEv2 -> PKI] Getting cert chain for the trustpoint IOSCA Jan 16 14:12:52.329: IKEv2:(SA ID = 1):[PKI -> IKEv2] Getting of cert chain for the trustpoint PASSED Jan 16 14:12:52.329: IKEv2-INTERNAL:Sending certificates as X509 certificates Jan 16 14:12:52.329: IKEv2-INTERNAL:(SESSION ID = 123,SA ID = 1):Matching certificate found Jan 16 14:12:52.329: IKEv2:(SESSION ID = 123,SA ID = 1):Verify peer's policy Jan 16 14:12:52.329: IKEv2:(SESSION ID = 123,SA ID = 1):Peer's policy verified Jan 16 14:12:52.329: IKEv2-INTERNAL:(SESSION ID = 123,SA ID = 1):SM Trace-> SA: I_SPI=D48C7FB2206B81AF R_SPI=4EB60610A6D7FC09 (R) MsgID = 1 CurState: R_WAIT_AUTH Event: EV_CHK_FOR_PPK Jan 16 14:12:52.329: IKEv2-INTERNAL:(SESSION ID = 123,SA ID = 1):SM Trace-> SA: I_SPI=D48C7FB2206B81AF R_SPI=4EB60610A6D7FC09 (R) MsgID = 1 CurState: R_WAIT_AUTH Event: EV_CHK_PPK_MAND Jan 16 14:12:52.329: IKEv2-INTERNAL:(SESSION ID = 123,SA ID = 1):SM Trace-> SA: I_SPI=D48C7FB2206B81AF R_SPI=4EB60610A6D7FC09 (R) MsgID = 1 CurState: R_WAIT_AUTH Event: EV_CHK_AUTH4EAP Jan 16 14:12:52.339: IKEv2-INTERNAL:(SESSION ID = 123,SA ID = 1):SM Trace-> SA: I_SPI=D48C7FB2206B81AF R_SPI=4EB60610A6D7FC09 (R) MsgID = 1 CurState: R_WAIT_AC_EAP_RESP Event: EV_NO_EVENT Jan 16 14:12:55.925: IKEv2-INTERNAL:Got a packet from dispatcher Jan 16 14:12:55.925: IKEv2-INTERNAL:Processing an item off the pak queue Jan 16 14:12:55.925: IKEv2-INTERNAL:(SESSION ID = 123,SA ID = 1):Request has mess_id 2; expected 2 through 2 Jan 16 14:12:55.925: IKEv2:(SESSION ID = 123,SA ID = 1):Received Packet [From 64.100.12.5:37841/To 75.X.X.33:4500/VRF i0:f0] Initiator SPI : D48C7FB2206B81AF - Responder SPI : 4EB60610A6D7FC09 Message id: 2 IKEv2 IKE_AUTH Exchange REQUEST Jan 16 14:12:55.925: IKEv2-PAK:(SESSION ID = 123,SA ID = 1):Next payload: ENCR, version: 2.0 Exchange type: IKE_AUTH, flags: INITIATOR Message id: 2, length: 992 Payload contents: Jan 16 14:12:55.925: IKEv2:(SESSION ID = 123,SA ID = 1):parsing ENCR payload Jan 16 14:12:55.925: IKEv2:(SESSION ID = 123,SA ID = 1):parsing EAP payload EAP Next payload: NONE, reserved: 0x0, length: 925 Code: response: id: 59, length: 921 Type: expanded nak Jan 16 14:12:55.926: IKEv2-INTERNAL:(SESSION ID = 123,SA ID = 1):SM Trace-> SA: I_SPI=D48C7FB2206B81AF R_SPI=4EB60610A6D7FC09 (R) MsgID = 2 CurState: R_WAIT_AC_EAP_RESP Event: EV_RECV_AUTH Jan 16 14:12:55.926: IKEv2:(SESSION ID = 123,SA ID = 1):Stopping timer to wait for auth message Jan 16 14:12:55.926: IKEv2-INTERNAL:(SESSION ID = 123,SA ID = 1):SM Trace-> SA: I_SPI=D48C7FB2206B81AF R_SPI=4EB60610A6D7FC09 (R) MsgID = 2 CurState: R_WAIT_AC_EAP_RESP Event: EV_RECV_AC_EAP_RESP Jan 16 14:12:55.926: IKEv2-INTERNAL:(SESSION ID = 123,SA ID = 1):SM Trace-> SA: I_SPI=D48C7FB2206B81AF R_SPI=4EB60610A6D7FC09 (R) MsgID = 2 CurState: R_PROC_AC_EAP_RESP Event: EV_PROC_MSG Jan 16 14:12:55.926: IKEv2:(SESSION ID = 123,SA ID = 1):Processing AnyConnect EAP response Jan 16 14:12:55.926: IKEv2-INTERNAL:(SESSION ID = 123,SA ID = 1):SM Trace-> SA: I_SPI=D48C7FB2206B81AF R_SPI=4EB60610A6D7FC09 (R) MsgID = 2 CurState: R_PROC_AC_EAP_RESP Event: EV_RECV_AC_EAP_AUTH Jan 16 14:12:55.926: IKEv2:(SESSION ID = 123,SA ID = 1):Checking for Dual Auth Jan 16 14:12:55.926: IKEv2-INTERNAL:(SESSION ID = 123,SA ID = 1):SM Trace-> SA: I_SPI=D48C7FB2206B81AF R_SPI=4EB60610A6D7FC09 (R) MsgID = 2 CurState: R_BLD_AC_EAP_AUTH_REQ Event: EV_RECV_AC_EAP_AUTH Jan 16 14:12:55.926: IKEv2-INTERNAL:(SESSION ID = 123,SA ID = 1):Action: Action_Null Jan 16 14:12:55.926: IKEv2-INTERNAL:(SESSION ID = 123,SA ID = 1):SM Trace-> SA: I_SPI=D48C7FB2206B81AF R_SPI=4EB60610A6D7FC09 (R) MsgID = 2 CurState: R_BLD_AC_EAP_AUTH_REQ Event: EV_CHK_REDIRECT Jan 16 14:12:55.926: IKEv2-INTERNAL:(SESSION ID = 123,SA ID = 1):Redirect check is not needed, skipping it Jan 16 14:12:55.926: IKEv2-INTERNAL:(SESSION ID = 123,SA ID = 1):SM Trace-> SA: I_SPI=D48C7FB2206B81AF R_SPI=4EB60610A6D7FC09 (R) MsgID = 2 CurState: R_BLD_AC_EAP_AUTH_REQ Event: EV_PROC_AC_EAP_AUTH_REQ Jan 16 14:12:55.926: IKEv2:(SESSION ID = 123,SA ID = 1):Generating AnyConnect EAP AUTH request Jan 16 14:12:55.926: IKEv2-INTERNAL:(SESSION ID = 123,SA ID = 1):SM Trace-> SA: I_SPI=D48C7FB2206B81AF R_SPI=4EB60610A6D7FC09 (R) MsgID = 2 CurState: R_BLD_AC_EAP_AUTH_REQ Event: EV_SEND_AC_EAP_AUTH_REQ Jan 16 14:12:55.927: IKEv2:(SESSION ID = 123,SA ID = 1):Sending AnyConnect EAP 'auth-request' Jan 16 14:12:55.927: IKEv2:(SESSION ID = 123,SA ID = 1):Building packet for encryption. Payload contents: EAP Next payload: NONE, reserved: 0x0, length: 2068 Code: request: id: 2, length: 2064 Type: expanded nak Jan 16 14:12:55.927: IKEv2:(SESSION ID = 123,SA ID = 1):Sending Packet [To 64.100.12.5:37841/From 75.X.X.33:4500/VRF i0:f0] Initiator SPI : D48C7FB2206B81AF - Responder SPI : 4EB60610A6D7FC09 Message id: 2 IKEv2 IKE_AUTH Exchange RESPONSE Jan 16 14:12:55.927: IKEv2-PAK:(SESSION ID = 123,SA ID = 1):Next payload: ENCR, version: 2.0 Exchange type: IKE_AUTH, flags: RESPONDER MSG-RESPONSE Message id: 2, length: 2144 Payload contents: ENCR Next payload: EAP, reserved: 0x0, length: 2116 Jan 16 14:12:55.928: IKEv2-INTERNAL:(SESSION ID = 123,SA ID = 1):SM Trace-> SA: I_SPI=D48C7FB2206B81AF R_SPI=4EB60610A6D7FC09 (R) MsgID = 2 CurState: R_BLD_AC_EAP_AUTH_REQ Event: EV_START_TMR Jan 16 14:12:55.928: IKEv2:(SESSION ID = 123,SA ID = 1):Starting timer (90 sec) to wait for auth message Jan 16 14:12:55.928: IKEv2-INTERNAL:(SESSION ID = 123,SA ID = 1):SM Trace-> SA: I_SPI=D48C7FB2206B81AF R_SPI=4EB60610A6D7FC09 (R) MsgID = 2 CurState: R_WAIT_AC_EAP_AUTH_RESP Event: EV_NO_EVENT Jan 16 14:13:02.611: IKEv2-INTERNAL:Got a packet from dispatcher Jan 16 14:13:02.611: IKEv2-INTERNAL:Processing an item off the pak queue Jan 16 14:13:02.611: IKEv2-INTERNAL:(SESSION ID = 123,SA ID = 1):Request has mess_id 3; expected 3 through 3 Jan 16 14:13:02.611: IKEv2:(SESSION ID = 123,SA ID = 1):Received Packet [From 64.100.12.5:37841/To 75.X.X.33:4500/VRF i0:f0] Initiator SPI : D48C7FB2206B81AF - Responder SPI : 4EB60610A6D7FC09 Message id: 3 IKEv2 IKE_AUTH Exchange REQUEST Jan 16 14:13:02.611: IKEv2-PAK:(SESSION ID = 123,SA ID = 1):Next payload: ENCR, version: 2.0 Exchange type: IKE_AUTH, flags: INITIATOR Message id: 3, length: 912 Payload contents: Jan 16 14:13:02.611: IKEv2:(SESSION ID = 123,SA ID = 1):parsing ENCR payload Jan 16 14:13:02.612: IKEv2:(SESSION ID = 123,SA ID = 1):parsing EAP payload EAP Next payload: NONE, reserved: 0x0, length: 843 Code: response: id: 2, length: 839 Type: expanded nak Jan 16 14:13:02.612: IKEv2-INTERNAL:(SESSION ID = 123,SA ID = 1):SM Trace-> SA: I_SPI=D48C7FB2206B81AF R_SPI=4EB60610A6D7FC09 (R) MsgID = 3 CurState: R_WAIT_AC_EAP_AUTH_RESP Event: EV_RECV_AUTH Jan 16 14:13:02.612: IKEv2:(SESSION ID = 123,SA ID = 1):Stopping timer to wait for auth message Jan 16 14:13:02.612: IKEv2-INTERNAL:(SESSION ID = 123,SA ID = 1):SM Trace-> SA: I_SPI=D48C7FB2206B81AF R_SPI=4EB60610A6D7FC09 (R) MsgID = 3 CurState: R_WAIT_AC_EAP_AUTH_RESP Event: EV_RECV_AC_EAP_RESP Jan 16 14:13:02.612: IKEv2-INTERNAL:(SESSION ID = 123,SA ID = 1):SM Trace-> SA: I_SPI=D48C7FB2206B81AF R_SPI=4EB60610A6D7FC09 (R) MsgID = 3 CurState: R_PROC_AC_EAP_AUTH_RESP Event: EV_PROC_MSG Jan 16 14:13:02.612: IKEv2:(SESSION ID = 123,SA ID = 1):Processing AnyConnect EAP response Jan 16 14:13:02.613: IKEv2:Using authentication method list AUTHC Jan 16 14:13:02.613: IKEv2:(SA ID = 1):[IKEv2 -> AAA] Authentication request sent Jan 16 14:13:02.613: IKEv2-INTERNAL:(SESSION ID = 123,SA ID = 1):SM Trace-> SA: I_SPI=D48C7FB2206B81AF R_SPI=4EB60610A6D7FC09 (R) MsgID = 3 CurState: R_PROC_AC_EAP_AUTH_RESP Event: EV_NO_EVENT Jan 16 14:13:02.614: IKEv2-ERROR:AnyConnect EAP - failed to get author list Jan 16 14:13:02.615: IKEv2:Received response from aaa for AnyConnect EAP Jan 16 14:13:02.615: IKEv2-INTERNAL:(SESSION ID = 123,SA ID = 1):SM Trace-> SA: I_SPI=D48C7FB2206B81AF R_SPI=4EB60610A6D7FC09 (R) MsgID = 3 CurState: R_PROC_AC_EAP_AUTH_RESP Event: EV_RECV_AC_EAP_AUTH Jan 16 14:13:02.615: IKEv2-INTERNAL:(SESSION ID = 123,SA ID = 1):Action: Action_Null Jan 16 14:13:02.615: IKEv2-INTERNAL:(SESSION ID = 123,SA ID = 1):SM Trace-> SA: I_SPI=D48C7FB2206B81AF R_SPI=4EB60610A6D7FC09 (R) MsgID = 3 CurState: R_BLD_AC_EAP_AUTH_VERIFY Event: EV_RECV_AC_EAP_AUTH Jan 16 14:13:02.615: IKEv2-INTERNAL:(SESSION ID = 123,SA ID = 1):Action: Action_Null Jan 16 14:13:02.615: IKEv2-INTERNAL:(SESSION ID = 123,SA ID = 1):SM Trace-> SA: I_SPI=D48C7FB2206B81AF R_SPI=4EB60610A6D7FC09 (R) MsgID = 3 CurState: R_BLD_AC_EAP_AUTH_VERIFY Event: EV_CHK_REDIRECT Jan 16 14:13:02.615: IKEv2-INTERNAL:(SESSION ID = 123,SA ID = 1):Redirect check is not needed, skipping it Jan 16 14:13:02.615: IKEv2-INTERNAL:(SESSION ID = 123,SA ID = 1):SM Trace-> SA: I_SPI=D48C7FB2206B81AF R_SPI=4EB60610A6D7FC09 (R) MsgID = 3 CurState: R_BLD_AC_EAP_AUTH_VERIFY Event: EV_PROC_AC_EAP_AUTH_VERIFY Jan 16 14:13:02.615: IKEv2:(SESSION ID = 123,SA ID = 1):Generating AnyConnect EAP VERIFY request Jan 16 14:13:02.615: IKEv2-INTERNAL:(SESSION ID = 123,SA ID = 1):SM Trace-> SA: I_SPI=D48C7FB2206B81AF R_SPI=4EB60610A6D7FC09 (R) MsgID = 3 CurState: R_BLD_AC_EAP_AUTH_VERIFY Event: EV_SEND_AC_EAP_AUTH_VERIFY Jan 16 14:13:02.615: IKEv2:(SESSION ID = 123,SA ID = 1):Sending AnyConnect EAP 'VERIFY' request Jan 16 14:13:02.615: IKEv2:(SESSION ID = 123,SA ID = 1):Building packet for encryption. Payload contents: EAP Next payload: NONE, reserved: 0x0, length: 2068 Code: request: id: 3, length: 2064 Type: expanded nak Jan 16 14:13:02.616: IKEv2:(SESSION ID = 123,SA ID = 1):Sending Packet [To 64.100.12.5:37841/From 75.X.X.33:4500/VRF i0:f0] Initiator SPI : D48C7FB2206B81AF - Responder SPI : 4EB60610A6D7FC09 Message id: 3 IKEv2 IKE_AUTH Exchange RESPONSE Jan 16 14:13:02.616: IKEv2-PAK:(SESSION ID = 123,SA ID = 1):Next payload: ENCR, version: 2.0 Exchange type: IKE_AUTH, flags: RESPONDER MSG-RESPONSE Message id: 3, length: 2144 Payload contents: ENCR Next payload: EAP, reserved: 0x0, length: 2116 Jan 16 14:13:02.617: IKEv2-INTERNAL:(SESSION ID = 123,SA ID = 1):SM Trace-> SA: I_SPI=D48C7FB2206B81AF R_SPI=4EB60610A6D7FC09 (R) MsgID = 3 CurState: R_BLD_AC_EAP_AUTH_VERIFY Event: EV_START_TMR Jan 16 14:13:02.617: IKEv2:(SESSION ID = 123,SA ID = 1):Starting timer (90 sec) to wait for auth message Jan 16 14:13:02.617: IKEv2-INTERNAL:(SESSION ID = 123,SA ID = 1):SM Trace-> SA: I_SPI=D48C7FB2206B81AF R_SPI=4EB60610A6D7FC09 (R) MsgID = 3 CurState: R_WAIT_AC_EAP_AUTH_VERIFY Event: EV_NO_EVENT Jan 16 14:13:02.703: IKEv2-INTERNAL:Got a packet from dispatcher Jan 16 14:13:02.703: IKEv2-INTERNAL:Processing an item off the pak queue Jan 16 14:13:02.703: IKEv2-INTERNAL:(SESSION ID = 123,SA ID = 1):Request has mess_id 4; expected 4 through 4 Jan 16 14:13:02.704: IKEv2:(SESSION ID = 123,SA ID = 1):Received Packet [From 64.100.12.5:37841/To 75.X.X.33:4500/VRF i0:f0] Initiator SPI : D48C7FB2206B81AF - Responder SPI : 4EB60610A6D7FC09 Message id: 4 IKEv2 IKE_AUTH Exchange REQUEST Jan 16 14:13:02.704: IKEv2-PAK:(SESSION ID = 123,SA ID = 1):Next payload: ENCR, version: 2.0 Exchange type: IKE_AUTH, flags: INITIATOR Message id: 4, length: 624 Payload contents: Jan 16 14:13:02.704: IKEv2:(SESSION ID = 123,SA ID = 1):parsing ENCR payload Jan 16 14:13:02.704: IKEv2:(SESSION ID = 123,SA ID = 1):parsing EAP payload EAP Next payload: NONE, reserved: 0x0, length: 554 Code: response: id: 3, length: 550 Type: expanded nak Jan 16 14:13:02.704: IKEv2-INTERNAL:(SESSION ID = 123,SA ID = 1):SM Trace-> SA: I_SPI=D48C7FB2206B81AF R_SPI=4EB60610A6D7FC09 (R) MsgID = 4 CurState: R_WAIT_AC_EAP_AUTH_VERIFY Event: EV_RECV_AUTH Jan 16 14:13:02.704: IKEv2:(SESSION ID = 123,SA ID = 1):Stopping timer to wait for auth message Jan 16 14:13:02.704: IKEv2-INTERNAL:(SESSION ID = 123,SA ID = 1):SM Trace-> SA: I_SPI=D48C7FB2206B81AF R_SPI=4EB60610A6D7FC09 (R) MsgID = 4 CurState: R_WAIT_AC_EAP_AUTH_VERIFY Event: EV_RECV_AC_EAP_RESP Jan 16 14:13:02.704: IKEv2-INTERNAL:(SESSION ID = 123,SA ID = 1):SM Trace-> SA: I_SPI=D48C7FB2206B81AF R_SPI=4EB60610A6D7FC09 (R) MsgID = 4 CurState: R_PROC_AC_EAP_AUTH_VERIFY Event: EV_PROC_MSG Jan 16 14:13:02.704: IKEv2:(SESSION ID = 123,SA ID = 1):Processing AnyConnect EAP ack response Jan 16 14:13:02.704: IKEv2-INTERNAL:(SESSION ID = 123,SA ID = 1):SM Trace-> SA: I_SPI=D48C7FB2206B81AF R_SPI=4EB60610A6D7FC09 (R) MsgID = 4 CurState: R_PROC_AC_EAP_AUTH_VERIFY Event: unknown event Jan 16 14:13:02.704: IKEv2:(SESSION ID = 123,SA ID = 1):Generating AnyConnect EAP success request Jan 16 14:13:02.705: IKEv2-INTERNAL:(SESSION ID = 123,SA ID = 1):SM Trace-> SA: I_SPI=D48C7FB2206B81AF R_SPI=4EB60610A6D7FC09 (R) MsgID = 4 CurState: R_PROC_AC_EAP_AUTH_VERIFY Event: EV_RECV_AC_EAP_SUCCESS Jan 16 14:13:02.705: IKEv2:(SESSION ID = 123,SA ID = 1):Sending AnyConnect EAP success status message Jan 16 14:13:02.705: IKEv2:(SESSION ID = 123,SA ID = 1):Building packet for encryption. Payload contents: EAP Next payload: NONE, reserved: 0x0, length: 2068 Code: success: id: 4, length: 2064 Type: expanded nak Jan 16 14:13:02.705: IKEv2:(SESSION ID = 123,SA ID = 1):Sending Packet [To 64.100.12.5:37841/From 75.X.X.33:4500/VRF i0:f0] Initiator SPI : D48C7FB2206B81AF - Responder SPI : 4EB60610A6D7FC09 Message id: 4 IKEv2 IKE_AUTH Exchange RESPONSE Jan 16 14:13:02.705: IKEv2-PAK:(SESSION ID = 123,SA ID = 1):Next payload: ENCR, version: 2.0 Exchange type: IKE_AUTH, flags: RESPONDER MSG-RESPONSE Message id: 4, length: 2144 Payload contents: ENCR Next payload: EAP, reserved: 0x0, length: 2116 Jan 16 14:13:02.706: IKEv2-INTERNAL:(SESSION ID = 123,SA ID = 1):SM Trace-> SA: I_SPI=D48C7FB2206B81AF R_SPI=4EB60610A6D7FC09 (R) MsgID = 4 CurState: R_PROC_AC_EAP_AUTH_VERIFY Event: EV_START_TMR Jan 16 14:13:02.706: IKEv2:(SESSION ID = 123,SA ID = 1):Starting timer (90 sec) to wait for auth message Jan 16 14:13:02.706: IKEv2-INTERNAL:(SESSION ID = 123,SA ID = 1):SM Trace-> SA: I_SPI=D48C7FB2206B81AF R_SPI=4EB60610A6D7FC09 (R) MsgID = 4 CurState: ST_R_WAIT_AC_EAP_AUTH_VERIFY_FINAL Event: EV_NO_EVENT Jan 16 14:13:02.793: IKEv2-INTERNAL:Got a packet from dispatcher Jan 16 14:13:02.793: IKEv2-INTERNAL:Processing an item off the pak queue Jan 16 14:13:02.793: IKEv2-INTERNAL:(SESSION ID = 123,SA ID = 1):Request has mess_id 5; expected 5 through 5 Jan 16 14:13:02.793: IKEv2:(SESSION ID = 123,SA ID = 1):Received Packet [From 64.100.12.5:37841/To 75.X.X.33:4500/VRF i0:f0] Initiator SPI : D48C7FB2206B81AF - Responder SPI : 4EB60610A6D7FC09 Message id: 5 IKEv2 IKE_AUTH Exchange REQUEST Jan 16 14:13:02.793: IKEv2-PAK:(SESSION ID = 123,SA ID = 1):Next payload: ENCR, version: 2.0 Exchange type: IKE_AUTH, flags: INITIATOR Message id: 5, length: 112 Payload contents: Jan 16 14:13:02.793: IKEv2:(SESSION ID = 123,SA ID = 1):parsing ENCR payload Jan 16 14:13:02.793: IKEv2:(SESSION ID = 123,SA ID = 1):parsing AUTH payload AUTH Next payload: NONE, reserved: 0x0, length: 40 Auth method PSK, reserved: 0x0, reserved 0x0 Jan 16 14:13:02.794: IKEv2-INTERNAL:(SESSION ID = 123,SA ID = 1):SM Trace-> SA: I_SPI=D48C7FB2206B81AF R_SPI=4EB60610A6D7FC09 (R) MsgID = 5 CurState: ST_R_WAIT_AC_EAP_AUTH_VERIFY_FINAL Event: EV_RECV_AUTH Jan 16 14:13:02.794: IKEv2:(SESSION ID = 123,SA ID = 1):Stopping timer to wait for auth message Jan 16 14:13:02.794: IKEv2-INTERNAL:(SESSION ID = 123,SA ID = 1):SM Trace-> SA: I_SPI=D48C7FB2206B81AF R_SPI=4EB60610A6D7FC09 (R) MsgID = 5 CurState: R_VERIFY_AUTH Event: EV_GET_EAP_KEY Jan 16 14:13:02.794: IKEv2:(SESSION ID = 123,SA ID = 1):Send AUTH, to verify peer after EAP exchange Jan 16 14:13:02.794: IKEv2-INTERNAL:(SESSION ID = 123,SA ID = 1):SM Trace-> SA: I_SPI=D48C7FB2206B81AF R_SPI=4EB60610A6D7FC09 (R) MsgID = 5 CurState: R_VERIFY_AUTH Event: EV_VERIFY_AUTH Jan 16 14:13:02.794: IKEv2:(SESSION ID = 123,SA ID = 1):Verify peer's authentication data Jan 16 14:13:02.794: IKEv2-INTERNAL:(SESSION ID = 123,SA ID = 1):Anyconnect EAP peer present Jan 16 14:13:02.794: IKEv2-INTERNAL:(SESSION ID = 123,SA ID = 1):Anyconnect EAP, using default ID type Jan 16 14:13:02.794: IKEv2:(SESSION ID = 123,SA ID = 1):Use preshared key for id *$AnyConnectClient$*, key len 32 Jan 16 14:13:02.794: IKEv2:(SESSION ID = 123,SA ID = 1):[IKEv2 -> Crypto Engine] Generate IKEv2 authentication data Jan 16 14:13:02.794: IKEv2:(SESSION ID = 123,SA ID = 1):[Crypto Engine -> IKEv2] IKEv2 authentication data generation PASSED Jan 16 14:13:02.794: IKEv2-INTERNAL:(SESSION ID = 123,SA ID = 1):Computing AUTH data to authenticate Peer, error = 1 Jan 16 14:13:02.794: IKEv2-INTERNAL:(SESSION ID = 123,SA ID = 1):Peer AUTH WITHOUT PPK is used to Compare Jan 16 14:13:02.794: IKEv2-INTERNAL:(SESSION ID = 123,SA ID = 1):Authentication SUCCESS Jan 16 14:13:02.794: IKEv2-INTERNAL:(SESSION ID = 123,SA ID = 1):Conventional Authentication SUCCESS Jan 16 14:13:02.795: IKEv2:(SESSION ID = 123,SA ID = 1):Verification of peer's authentication data PASSED Jan 16 14:13:02.795: IKEv2-INTERNAL:(SESSION ID = 123,SA ID = 1):SM Trace-> SA: I_SPI=D48C7FB2206B81AF R_SPI=4EB60610A6D7FC09 (R) MsgID = 5 CurState: R_VERIFY_AUTH Event: EV_CHK4_IC Jan 16 14:13:02.795: IKEv2:(SESSION ID = 123,SA ID = 1):Processing INITIAL_CONTACT Jan 16 14:13:02.795: IKEv2-INTERNAL:(SESSION ID = 123,SA ID = 1):SM Trace-> SA: I_SPI=D48C7FB2206B81AF R_SPI=4EB60610A6D7FC09 (R) MsgID = 5 CurState: R_VERIFY_AUTH Event: EV_CHK_REDIRECT Jan 16 14:13:02.795: IKEv2-INTERNAL:(SESSION ID = 123,SA ID = 1):Redirect check is not needed, skipping it Jan 16 14:13:02.795: IKEv2-INTERNAL:(SESSION ID = 123,SA ID = 1):SM Trace-> SA: I_SPI=D48C7FB2206B81AF R_SPI=4EB60610A6D7FC09 (R) MsgID = 5 CurState: R_VERIFY_AUTH Event: EV_NOTIFY_AUTH_DONE Jan 16 14:13:02.795: IKEv2:Using mlist AUTHZ and username ikev2-auth-policy for group author request Jan 16 14:13:02.795: IKEv2:(SA ID = 1):[IKEv2 -> AAA] Authorisation request sent Jan 16 14:13:02.796: IKEv2-INTERNAL:(SESSION ID = 123,SA ID = 1):SM Trace-> SA: I_SPI=D48C7FB2206B81AF R_SPI=4EB60610A6D7FC09 (R) MsgID = 5 CurState: R_VERIFY_AUTH Event: EV_NO_EVENT Jan 16 14:13:02.796: IKEv2-INTERNAL:IKEv2 local AAA author request for 'ikev2-auth-policy' Jan 16 14:13:02.797: IKEv2:(SA ID = 1):[AAA -> IKEv2] Received AAA authorisation response Jan 16 14:13:02.798: IKEv2-INTERNAL:Received group author attributes: ipv4-pool: VPNPOOL, route-set-acl: VPNACL, route-accept any tag:1 distance:1, Jan 16 14:13:02.798: IKEv2-INTERNAL:AAA user authorization is not configured Jan 16 14:13:02.798: IKEv2-INTERNAL:(SESSION ID = 123,SA ID = 1):SM Trace-> SA: I_SPI=D48C7FB2206B81AF R_SPI=4EB60610A6D7FC09 (R) MsgID = 5 CurState: R_VERIFY_AUTH Event: EV_OK_NOTIFY_AUTH_DONE Jan 16 14:13:02.798: IKEv2-INTERNAL:(SESSION ID = 123,SA ID = 1):Action: Action_Null Jan 16 14:13:02.798: IKEv2-INTERNAL:(SESSION ID = 123,SA ID = 1):SM Trace-> SA: I_SPI=D48C7FB2206B81AF R_SPI=4EB60610A6D7FC09 (R) MsgID = 5 CurState: R_VERIFY_AUTH Event: EV_CHK_CONFIG_MODE Jan 16 14:13:02.798: IKEv2:(SESSION ID = 123,SA ID = 1):Received valid config mode data Jan 16 14:13:02.798: IKEv2-INTERNAL:(SESSION ID = 123,SA ID = 1):SM Trace-> SA: I_SPI=D48C7FB2206B81AF R_SPI=4EB60610A6D7FC09 (R) MsgID = 5 CurState: R_VERIFY_AUTH Event: EV_SET_RECD_CONFIG_MODE Jan 16 14:13:02.798: IKEv2-INTERNAL:(SESSION ID = 123,SA ID = 1):Received config data from toolkit: Jan 16 14:13:02.798: IKEv2:(SESSION ID = 123,SA ID = 1):Config data recieved: Jan 16 14:13:02.798: IKEv2:(SESSION ID = 123,SA ID = 1):Config-type: Config-request Jan 16 14:13:02.798: IKEv2:(SESSION ID = 123,SA ID = 1):Attrib type: ipv4-addr, length: 0 Jan 16 14:13:02.798: IKEv2:(SESSION ID = 123,SA ID = 1):Attrib type: ipv4-netmask, length: 0 Jan 16 14:13:02.798: IKEv2:(SESSION ID = 123,SA ID = 1):Attrib type: ipv4-dns, length: 0 Jan 16 14:13:02.798: IKEv2:(SESSION ID = 123,SA ID = 1):Attrib type: ipv4-nbns, length: 0 Jan 16 14:13:02.798: IKEv2:(SESSION ID = 123,SA ID = 1):Attrib type: unknown, length: 0 Jan 16 14:13:02.798: IKEv2:(SESSION ID = 123,SA ID = 1):Attrib type: app-version, length: 29, data: AnyConnect Windows 4.10.08025 Jan 16 14:13:02.799: IKEv2:(SESSION ID = 123,SA ID = 1):Attrib type: ipv4-subnet, length: 0 Jan 16 14:13:02.799: IKEv2:(SESSION ID = 123,SA ID = 1):Attrib type: ipv6-addr, length: 0 Jan 16 14:13:02.799: IKEv2:(SESSION ID = 123,SA ID = 1):Attrib type: ipv6-dns, length: 0 Jan 16 14:13:02.799: IKEv2:(SESSION ID = 123,SA ID = 1):Attrib type: ipv6-subnet, length: 0WKST1 Jan 16 14:13:02.799: IKEv2:(SESSION ID = 123,SA ID = 1):Attrib type: unknown, length: 0 Jan 16 14:13:02.799: IKEv2:(SESSION ID = 123,SA ID = 1):Attrib type: unknown, length: 0 Jan 16 14:13:02.799: IKEv2:(SESSION ID = 123,SA ID = 1):Attrib type: unknown, length: 0 Jan 16 14:13:02.799: IKEv2:(SESSION ID = 123,SA ID = 1):Attrib type: unknown, length: 0 Jan 16 14:13:02.799: IKEv2:(SESSION ID = 123,SA ID = 1):Attrib type: reconnect-cleanup-interval, length: 0 Jan 16 14:13:02.799: IKEv2:(SESSION ID = 123,SA ID = 1):Attrib type: unknown, length: 0 Jan 16 14:13:02.799: IKEv2:(SESSION ID = 123,SA ID = 1):Attrib type: unknown, length: 0 Jan 16 14:13:02.799: IKEv2:(SESSION ID = 123,SA ID = 1):Attrib type: reconnect-dpd-interval, length: 0 Jan 16 14:13:02.799: IKEv2:(SESSION ID = 123,SA ID = 1):Attrib type: unknown, length: 0 Jan 16 14:13:02.799: IKEv2:(SESSION ID = 123,SA ID = 1):Attrib type: banner, length: 0 Jan 16 14:13:02.799: IKEv2:(SESSION ID = 123,SA ID = 1):Attrib type: smartcard-removal-disconnect, length: 0 Jan 16 14:13:02.799: IKEv2:(SESSION ID = 123,SA ID = 1):Attrib type: unknown, length: 2, data: 0x5 0xFFFFFFFFFFFFFF86 Jan 16 14:13:02.799: IKEv2:(SESSION ID = 123,SA ID = 1):Attrib type: def-domain, length: 0 Jan 16 14:13:02.799: IKEv2:(SESSION ID = 123,SA ID = 1):Attrib type: split-exclude, length: 0 Jan 16 14:13:02.799: IKEv2:(SESSION ID = 123,SA ID = 1):Attrib type: split-dns, length: 0 Jan 16 14:13:02.800: IKEv2:(SESSION ID = 123,SA ID = 1):Attrib type: pfs, length: 0 Jan 16 14:13:02.800: IKEv2:(SESSION ID = 123,SA ID = 1):Attrib type: unknown, length: 0 Jan 16 14:13:02.800: IKEv2:(SESSION ID = 123,SA ID = 1):Attrib type: reconnect-token-id, length: 0 Jan 16 14:13:02.800: IKEv2:(SESSION ID = 123,SA ID = 1):Attrib type: reconnect-session-id, length: 0 Jan 16 14:13:02.800: IKEv2:(SESSION ID = 123,SA ID = 1):Attrib type: reconnect-session-data, length: 0 Jan 16 14:13:02.800: IKEv2:(SESSION ID = 123,SA ID = 1):Attrib type: unknown, length: 0 Jan 16 14:13:02.800: IKEv2:(SESSION ID = 123,SA ID = 1):Attrib type: unknown, length: 0 Jan 16 14:13:02.800: IKEv2:(SESSION ID = 123,SA ID = 1):Attrib type: unknown, length: 0 Jan 16 14:13:02.800: IKEv2:(SESSION ID = 123,SA ID = 1):Attrib type: unknown, length: 0 Jan 16 14:13:02.800: IKEv2:(SESSION ID = 123,SA ID = 1):Attrib type: unknown, length: 0 Jan 16 14:13:02.800: IKEv2:(SESSION ID = 123,SA ID = 1):Attrib type: unknown, length: 0 Jan 16 14:13:02.800: IKEv2:(SESSION ID = 123,SA ID = 1):Attrib type: unknown, length: 0 Jan 16 14:13:02.800: IKEv2:(SESSION ID = 123,SA ID = 1):Attrib type: unknown, length: 0 Jan 16 14:13:02.800: IKEv2:(SESSION ID = 123,SA ID = 1):Attrib type: unknown, length: 0 Jan 16 14:13:02.800: IKEv2:(SESSION ID = 123,SA ID = 1):Attrib type: unknown, length: 0 Jan 16 14:13:02.800: IKEv2:(SESSION ID = 123,SA ID = 1):Attrib type: unknown, length: 0 Jan 16 14:13:02.800: IKEv2:(SESSION ID = 123,SA ID = 1):Attrib type: unknown, length: 0 Jan 16 14:13:02.800: IKEv2:(SESSION ID = 123,SA ID = 1):Attrib type: unknown, length: 0 Jan 16 14:13:02.800: IKEv2:(SESSION ID = 123,SA ID = 1):Attrib type: unknown, length: 0 Jan 16 14:13:02.800: IKEv2:(SESSION ID = 123,SA ID = 1):Attrib type: unknown, length: 4, data: 0xFFFFFFFFFFFFFFC60x120x1 0x24 Jan 16 14:13:02.800: IKEv2:(SESSION ID = 123,SA ID = 1):Attrib type: unknown, length: 4, data: 0x4B0x370xFFFFFFFFFFFFFF960x21 Jan 16 14:13:02.800: IKEv2:(SESSION ID = 123,SA ID = 1):Attrib type: unknown, length: 0 Jan 16 14:13:02.800: IKEv2:(SESSION ID = 123,SA ID = 1):Attrib type: unknown, length: 2, data: 0x5 0xFFFFFFFFFFFFFFDC Jan 16 14:13:02.801: IKEv2-ERROR:IKEv2 responder - unsupported attrib unknown in cfg-req Jan 16 14:13:02.801: IKEv2-ERROR:IKEv2 responder - unsupported attrib unknown in cfg-req Jan 16 14:13:02.801: IKEv2-ERROR:IKEv2 responder - unsupported attrib unknown in cfg-req Jan 16 14:13:02.801: IKEv2-ERROR:IKEv2 responder - unsupported attrib unknown in cfg-req Jan 16 14:13:02.801: IKEv2-ERROR:IKEv2 responder - unsupported attrib unknown in cfg-req Jan 16 14:13:02.801: IKEv2-ERROR:IKEv2 responder - unsupported attrib reconnect-cleanup-interval in cfg-req Jan 16 14:13:02.801: IKEv2-ERROR:IKEv2 responder - unsupported attrib unknown in cfg-req Jan 16 14:13:02.801: IKEv2-ERROR:IKEv2 responder - unsupported attrib unknown in cfg-req Jan 16 14:13:02.801: IKEv2-ERROR:IKEv2 responder - unsupported attrib reconnect-dpd-interval in cfg-req Jan 16 14:13:02.801: IKEv2-ERROR:IKEv2 responder - unsupported attrib unknown in cfg-req Jan 16 14:13:02.801: IKEv2-ERROR:IKEv2 responder - unsupported attrib unknown in cfg-req Jan 16 14:13:02.801: IKEv2-ERROR:IKEv2 responder - unsupported attrib unknown in cfg-req Jan 16 14:13:02.801: IKEv2-ERROR:IKEv2 responder - unsupported attrib unknown in cfg-req Jan 16 14:13:02.801: IKEv2-ERROR:IKEv2 responder - unsupported attrib unknown in cfg-req Jan 16 14:13:02.801: IKEv2-ERROR:IKEv2 responder - unsupported attrib unknown in cfg-req Jan 16 14:13:02.801: IKEv2-ERROR:IKEv2 responder - unsupported attrib unknown in cfg-req Jan 16 14:13:02.801: IKEv2-ERROR:IKEv2 responder - unsupported attrib unknown in cfg-req Jan 16 14:13:02.801: IKEv2-ERROR:IKEv2 responder - unsupported attrib unknown in cfg-req Jan 16 14:13:02.801: IKEv2-ERROR:IKEv2 responder - unsupported attrib unknown in cfg-req Jan 16 14:13:02.801: IKEv2-ERROR:IKEv2 responder - unsupported attrib unknown in cfg-req Jan 16 14:13:02.801: IKEv2-ERROR:IKEv2 responder - unsupported attrib unknown in cfg-req Jan 16 14:13:02.801: IKEv2-ERROR:IKEv2 responder - unsupported attrib unknown in cfg-req Jan 16 14:13:02.801: IKEv2-ERROR:IKEv2 responder - unsupported attrib unknown in cfg-req Jan 16 14:13:02.801: IKEv2-ERROR:IKEv2 responder - unsupported attrib unknown in cfg-req Jan 16 14:13:02.801: IKEv2-ERROR:IKEv2 responder - unsupported attrib unknown in cfg-req Jan 16 14:13:02.801: IKEv2-ERROR:IKEv2 responder - unsupported attrib unknown in cfg-req Jan 16 14:13:02.801: IKEv2-ERROR:IKEv2 responder - unsupported attrib unknown in cfg-req Jan 16 14:13:02.801: IKEv2-ERROR:IKEv2 responder - unsupported attrib unknown in cfg-req Jan 16 14:13:02.801: IKEv2-ERROR:IKEv2 responder - unsupported attrib unknown in cfg-req Jan 16 14:13:02.801: IKEv2-ERROR:IKEv2 responder - unsupported attrib unknown in cfg-req Jan 16 14:13:02.801: IKEv2-INTERNAL:Allocated addr 192.168.20.147 from local pool VPNPOOL Jan 16 14:13:02.802: IKEv2:(SESSION ID = 123,SA ID = 1):Set received config mode data Jan 16 14:13:02.802: IKEv2-INTERNAL:(SESSION ID = 123,SA ID = 1):SM Trace-> SA: I_SPI=D48C7FB2206B81AF R_SPI=4EB60610A6D7FC09 (R) MsgID = 5 CurState: R_VERIFY_AUTH Event: EV_CHK_GKM Jan 16 14:13:02.802: IKEv2-INTERNAL:(SESSION ID = 123,SA ID = 1):SM Trace-> SA: I_SPI=D48C7FB2206B81AF R_SPI=4EB60610A6D7FC09 (R) MsgID = 5 CurState: R_VERIFY_AUTH Event: EV_CHK_DIKE Jan 16 14:13:02.802: IKEv2-INTERNAL:(SESSION ID = 123,SA ID = 1):SM Trace-> SA: I_SPI=D48C7FB2206B81AF R_SPI=4EB60610A6D7FC09 (R) MsgID = 5 CurState: R_VERIFY_AUTH Event: EV_PROC_SA_TS Jan 16 14:13:02.802: IKEv2:(SESSION ID = 123,SA ID = 1):Processing IKE_AUTH message Jan 16 14:13:02.802: IKEv2-INTERNAL:(SESSION ID = 123,SA ID = 1):Verify the IPsec policy Jan 16 14:13:02.802: IKEv2:% DVTI create request sent for profile AnyConnect-EAP with PSH index 1. Jan 16 14:13:02.802: IKEv2:(SESSION ID = 123,SA ID = 1): Jan 16 14:13:02.802: IKEv2-INTERNAL:(SESSION ID = 123,SA ID = 1):SM Trace-> SA: I_SPI=D48C7FB2206B81AF R_SPI=4EB60610A6D7FC09 (R) MsgID = 5 CurState: R_VERIFY_AUTH Event: EV_NO_EVENT Jan 16 14:13:02.803: IPSEC(key_engine): got a queue event with 1 KMI message(s) Jan 16 14:13:02.803: %LINEPROTO-5-UPDOWN: Line protocol on Interface Virtual-Access1, changed state to down Jan 16 14:13:02.822: %SYS-5-CONFIG_P: Configured programmatically by process Crypto INT from console as console Jan 16 14:13:02.837: IKEv2:% DVTI Vi1 created for profile AnyConnect-EAP with PSH index 1. Jan 16 14:13:02.837: IKEv2:Requesting IPsec policy verification by ikev2 osal engine Jan 16 14:13:02.837: IKEv2:% Adding assigned IP address 192.168.20.147 to TSi. Jan 16 14:13:02.838: IKEv2:PSH 1: Filling route_info for the pushed ipv4 addressfor interface Virtual-Access1 and vrf Jan 16 14:13:02.838: IKEv2:(SESSION ID = 123,SA ID = 1):IPSec policy validate request sent for profile AnyConnect-EAP with psh index 1. Jan 16 14:13:02.838: IPSEC(key_engine): got a queue event with 1 KMI message(s) Jan 16 14:13:02.838: IPSEC(validate_proposal_request): proposal part #1 Jan 16 14:13:02.838: IPSEC(validate_proposal_request): proposal part #1, (key eng. msg.) INBOUND local= 75.X.X.33:0, remote= 64.100.12.5:0, local_proxy= 0.0.0.0/0.0.0.0/256/0, remote_proxy= 192.168.20.147/255.255.255.255/256/0, protocol= ESP, transform= esp-gcm 256 (Tunnel-UDP), esn= FALSE, lifedur= 0s and 0kb, spi= 0x0(0), conn_id= 0, keysize= 256, flags= 0x0 Jan 16 14:13:02.839: IPSEC(validate_proposal_request): proposal part #2 Jan 16 14:13:02.839: IPSEC(validate_proposal_request): proposal part #2, (key eng. msg.) INBOUND local= 75.X.X.33:0, remote= 64.100.12.5:0, local_proxy= 0.0.0.0/0.0.0.0/256/0, remote_proxy= 192.168.20.147/255.255.255.255/256/0, protocol= PCP, transform= comp-lzs (Tunnel-UDP), esn= FALSE, lifedur= 0s and 0kb, spi= 0x0(0), conn_id= 0, keysize= 0, flags= 0x0 Jan 16 14:13:02.839: map_db_find_best did not find matching map Jan 16 14:13:02.839: IPSEC(ipsec_process_proposal): transform not supported: {esp-gcm 256 comp-lzs } Jan 16 14:13:02.839: IPSEC(validate_proposal_request): proposal part #1 Jan 16 14:13:02.839: IPSEC(validate_proposal_request): proposal part #1, (key eng. msg.) INBOUND local= 75.X.X.33:0, remote= 64.100.12.5:0, local_proxy= 0.0.0.0/0.0.0.0/256/0, remote_proxy= 0.0.0.0/0.0.0.0/256/0, protocol= ESP, transform= esp-gcm 256 (Tunnel-UDP), esn= FALSE, lifedur= 0s and 0kb, spi= 0x0(0), conn_id= 0, keysize= 256, flags= 0x0 Jan 16 14:13:02.839: IPSEC(validate_proposal_request): proposal part #2 Jan 16 14:13:02.839: IPSEC(validate_proposal_request): proposal part #2, (key eng. msg.) INBOUND local= 75.X.X.33:0, remote= 64.100.12.5:0, local_proxy= 0.0.0.0/0.0.0.0/256/0, remote_proxy= 0.0.0.0/0.0.0.0/256/0, protocol= PCP, transform= comp-lzs (Tunnel-UDP), esn= FALSE, lifedur= 0s and 0kb, spi= 0x0(0), conn_id= 0, keysize= 0, flags= 0x0 Jan 16 14:13:02.839: map_db_find_best did not find matching map Jan 16 14:13:02.839: map_db_find_best did not find matching map Jan 16 14:13:02.839: IPSEC(ipsec_process_proposal): transform not supported: {esp-gcm 256 comp-lzs } Jan 16 14:13:02.839: IPSEC(validate_proposal_request): proposal part #1 Jan 16 14:13:02.840: IPSEC(validate_proposal_request): proposal part #1, (key eng. msg.) INBOUND local= 75.X.X.33:0, remote= 64.100.12.5:0, local_proxy= ::/0/256/0, remote_proxy= ::/0/256/0, protocol= ESP, transform= esp-gcm 256 (Tunnel-UDP), esn= FALSE, lifedur= 0s and 0kb, spi= 0x0(0), conn_id= 0, keysize= 256, flags= 0x0 Jan 16 14:13:02.840: IPSEC(validate_proposal_request): proposal part #2 Jan 16 14:13:02.840: IPSEC(validate_proposal_request): proposal part #2, (key eng. msg.) INBOUND local= 75.X.X.33:0, remote= 64.100.12.5:0, local_proxy= ::/0/256/0, remote_proxy= ::/0/256/0, protocol= PCP, transform= comp-lzs (Tunnel-UDP), esn= FALSE, lifedur= 0s and 0kb, spi= 0x0(0), conn_id= 0, keysize= 0, flags= 0x0 Jan 16 14:13:02.840: IPSEC(ipsec_process_proposal): transform not supported: {esp-gcm 256 comp-lzs } Jan 16 14:13:02.840: IPSEC(validate_proposal_request): proposal part #1 Jan 16 14:13:02.840: IPSEC(validate_proposal_request): proposal part #1, (key eng. msg.) INBOUND local= 75.X.X.33:0, remote= 64.100.12.5:0, local_proxy= 0.0.0.0/0.0.0.0/256/0, remote_proxy= 192.168.20.147/255.255.255.255/256/0, protocol= ESP, transform= esp-gcm 256 (Tunnel-UDP), esn= FALSE, lifedur= 0s and 0kb, spi= 0x0(0), conn_id= 0, keysize= 256, flags= 0x0 Jan 16 14:13:02.840: map_db_find_best did not find matching map Jan 16 14:13:02.840: map_db_find_best did not find matching map Jan 16 14:13:02.840: IPSEC(ipsec_process_proposal): transform not supported: {esp-gcm 256 } Jan 16 14:13:02.840: IPSEC(validate_proposal_request): proposal part #1 Jan 16 14:13:02.840: IPSEC(validate_proposal_request): proposal part #1, (key eng. msg.) INBOUND local= 75.X.X.33:0, remote= 64.100.12.5:0, local_proxy= 0.0.0.0/0.0.0.0/256/0, remote_proxy= 0.0.0.0/0.0.0.0/256/0, protocol= ESP, transform= esp-gcm 256 (Tunnel-UDP), esn= FALSE, lifedur= 0s and 0kb, spi= 0x0(0), conn_id= 0, keysize= 256, flags= 0x0 Jan 16 14:13:02.840: map_db_find_best did not find matching map Jan 16 14:13:02.840: map_db_find_best did not find matching map Jan 16 14:13:02.840: IPSEC(ipsec_process_proposal): transform not supported: {esp-gcm 256 } Jan 16 14:13:02.840: IPSEC(validate_proposal_request): proposal part #1 Jan 16 14:13:02.840: IPSEC(validate_proposal_request): proposal part #1, (key eng. msg.) INBOUND local= 75.X.X.33:0, remote= 64.100.12.5:0, local_proxy= ::/0/256/0, remote_proxy= ::/0/256/0, protocol= ESP, transform= esp-gcm 256 (Tunnel-UDP), esn= FALSE, lifedur= 0s and 0kb, spi= 0x0(0), conn_id= 0, keysize= 256, flags= 0x0 Jan 16 14:13:02.841: IPSEC(ipsec_process_proposal): transform not supported: {esp-gcm 256 } Jan 16 14:13:02.841: IPSEC(validate_proposal_request): proposal part #1 Jan 16 14:13:02.841: IPSEC(validate_proposal_request): proposal part #1, (key eng. msg.) INBOUND local= 75.X.X.33:0, remote= 64.100.12.5:0, local_proxy= 0.0.0.0/0.0.0.0/256/0, remote_proxy= 192.168.20.147/255.255.255.255/256/0, protocol= ESP, transform= esp-gcm 192 (Tunnel-UDP), esn= FALSE, lifedur= 0s and 0kb, spi= 0x0(0), conn_id= 0, keysize= 192, flags= 0x0 Jan 16 14:13:02.841: IPSEC(validate_proposal_request): proposal part #2 Jan 16 14:13:02.841: IPSEC(validate_proposal_request): proposal part #2, (key eng. msg.) INBOUND local= 75.X.X.33:0, remote= 64.100.12.5:0, local_proxy= 0.0.0.0/0.0.0.0/256/0, remote_proxy= 192.168.20.147/255.255.255.255/256/0, protocol= PCP, transform= comp-lzs (Tunnel-UDP), esn= FALSE, lifedur= 0s and 0kb, spi= 0x0(0), conn_id= 0, keysize= 0, flags= 0x0 Jan 16 14:13:02.841: map_db_find_best did not find matching map Jan 16 14:13:02.841: map_db_find_best did not find matching map Jan 16 14:13:02.841: IPSEC(ipsec_process_proposal): transform not supported: {esp-gcm 192 comp-lzs } Jan 16 14:13:02.841: IPSEC(validate_proposal_request): proposal part #1 Jan 16 14:13:02.841: IPSEC(validate_proposal_request): proposal part #1, (key eng. msg.) INBOUND local= 75.X.X.33:0, remote= 64.100.12.5:0, local_proxy= 0.0.0.0/0.0.0.0/256/0, remote_proxy= 0.0.0.0/0.0.0.0/256/0 Jan 16 14:13:02.863: crypto_ipsec_hook_out_sa: ipsec_out_sa_hash_array[50]=0xFFFF63500968 Jan 16 14:13:02.864: IPSEC:(SESSION ID = 123) (create_sa) sa created, (sa) sa_dest= 64.100.12.5, sa_proto= 50, sa_spi= 0x96255ADD(2519030493), sa_trans= esp-aes 256 esp-sha256-hmac , sa_conn_id= 2024 sa_lifetime(k/sec)= (4608000/3600), (identity) local= 75.X.X.33:0, remote= 64.100.12.5:0, local_proxy= 0.0.0.0/0.0.0.0/256/0, remote_proxy= 192.168.20.147/255.255.255.255/256/0 Jan 16 14:13:02.890: IPSEC(rte_mgr): VPN Route Event Install new outbound sa: Create IPV4 route from ACL for 64.100.12.5 Jan 16 14:13:02.890: IPSEC(rte_mgr): VPN Route Refcount 1 Virtual-Access1 Jan 16 14:13:02.890: IPSEC(rte_mgr): VPN Route Added 192.168.20.147 255.255.255.255 via Virtual-Access1 in IP DEFAULT TABLE with tag 0 distance 1 Jan 16 14:13:02.890: IKEv2:(SESSION ID = 123,SA ID = 1):(SA ID = 1):[IPsec -> IKEv2] Creation of IPsec SA into IPsec database PASSED Jan 16 14:13:02.890: IKEv2-INTERNAL:Config request was received. Ignoring to send config set. Jan 16 14:13:02.891: %LINEPROTO-5-UPDOWN: Line protocol on Interface Virtual-Access1, changed state to up Jan 16 14:13:02.896: IKEv2-INTERNAL:(SESSION ID = 123,SA ID = 1):SM Trace-> SA: I_SPI=D48C7FB2206B81AF R_SPI=4EB60610A6D7FC09 (R) MsgID = 5 CurState: AUTH_DONE Event: EV_OK_RECD_LOAD_IPSEC Jan 16 14:13:02.896: IKEv2-INTERNAL:(SESSION ID = 123,SA ID = 1):Action: Action_Null Jan 16 14:13:02.896: IKEv2-INTERNAL:(SESSION ID = 123,SA ID = 1):SM Trace-> SA: I_SPI=D48C7FB2206B81AF R_SPI=4EB60610A6D7FC09 (R) MsgID = 5 CurState: AUTH_DONE Event: EV_START_ACCT Jan 16 14:13:02.896: IKEv2-INTERNAL:Accounting not enabled for this session Jan 16 14:13:02.896: IKEv2-INTERNAL:(SESSION ID = 123,SA ID = 1):SM Trace-> SA: I_SPI=D48C7FB2206B81AF R_SPI=4EB60610A6D7FC09 (R) MsgID = 5 CurState: AUTH_DONE Event: EV_CHECK_DUPE Jan 16 14:13:02.896: IKEv2:(SESSION ID = 123,SA ID = 1):Checking for duplicate IKEv2 SA Jan 16 14:13:02.896: IKEv2:(SESSION ID = 123,SA ID = 1):No duplicate IKEv2 SA found Jan 16 14:13:02.896: IKEv2-INTERNAL:(SESSION ID = 123,SA ID = 1):SM Trace-> SA: I_SPI=D48C7FB2206B81AF R_SPI=4EB60610A6D7FC09 (R) MsgID = 5 CurState: AUTH_DONE Event: EV_CHK4_ROLE Jan 16 14:13:02.896: IKEv2-INTERNAL:(SESSION ID = 123,SA ID = 1):SM Trace-> SA: I_SPI=D48C7FB2206B81AF R_SPI=4EB60610A6D7FC09 (R) MsgID = 5 CurState: READY Event: EV_R_OK Jan 16 14:13:02.896: IKEv2:(SESSION ID = 123,SA ID = 1):Starting timer (8 sec) to delete negotiation context Jan 16 14:13:02.896: IKEv2-INTERNAL:(SESSION ID = 123,SA ID = 1):SM Trace-> SA: I_SPI=D48C7FB2206B81AF R_SPI=4EB60610A6D7FC09 (R) MsgID = 5 CurState: READY Event: EV_NO_EVENT Jan 16 14:13:03.293: IKEv2-INTERNAL:Got a packet from dispatcher Jan 16 14:13:03.293: IKEv2-INTERNAL:Processing an item off the pak queue Jan 16 14:13:03.294: IKEv2-INTERNAL:(SESSION ID = 123,SA ID = 1):Request has mess_id 6; expected 6 through 10 Jan 16 14:13:03.294: IKEv2:(SESSION ID = 123,SA ID = 1):Received Packet [From 64.100.12.5:37841/To 75.X.X.33:4500/VRF i0:f0] Initiator SPI : D48C7FB2206B81AF - Responder SPI : 4EB60610A6D7FC09 Message id: 6 IKEv2 INFORMATIONAL Exchange REQUEST Jan 16 14:13:03.294: IKEv2-PAK:(SESSION ID = 123,SA ID = 1):Next payload: ENCR, version: 2.0 Exchange type: INFORMATIONAL, flags: INITIATOR Message id: 6, length: 96 Payload contents: Jan 16 14:13:03.294: IKEv2:(SESSION ID = 123,SA ID = 1):parsing ENCR payload Jan 16 14:13:03.294: IKEv2:(SESSION ID = 123,SA ID = 1):parsing DELETE payload DELETE Next payload: NOTIFY, reserved: 0x0, length: 8 Security protocol id: IKE, spi size: 0, num of spi: 0 Jan 16 14:13:03.294: IKEv2:(SESSION ID = 123,SA ID = 1):parsing NOTIFY payload Jan 16 14:13:03.294: IKEv2-INTERNAL:Parse Notify Payload: DELETE_REASON Jan 16 14:13:03.294: IKEv2-INTERNAL:Delete Reason received with error code:IKEV2_DELETE_GENERAL_ERROR severity:ERROR NOTIFY(DELETE_REASON) Next payload: NONE, reserved: 0x0, length: 16 Security protocol id: IKE, spi size: 0, type: DELETE_REASON Jan 16 14:13:03.294: IKEv2-INTERNAL:(SESSION ID = 123,SA ID = 1):SM Trace-> SA: I_SPI=D48C7FB2206B81AF R_SPI=4EB60610A6D7FC09 (R) MsgID = 6 CurState: READY Event: EV_RECV_INFO_REQ Jan 16 14:13:03.294: IKEv2-INTERNAL:(SESSION ID = 123,SA ID = 1):Action: Action_Null Jan 16 14:13:03.294: IKEv2-INTERNAL:(SESSION ID = 123,SA ID = 1):SM Trace-> SA: I_SPI=D48C7FB2206B81AF R_SPI=4EB60610A6D7FC09 (R) MsgID = 6 CurState: INFO_R Event: EV_RECV_INFO_REQ Jan 16 14:13:03.295: IKEv2:(SESSION ID = 123,SA ID = 1):Building packet for encryption. Jan 16 14:13:03.295: IKEv2:(SESSION ID = 123,SA ID = 1):Sending Packet [To 64.100.12.5:37841/From 75.X.X.33:4500/VRF i0:f0] Initiator SPI : D48C7FB2206B81AF - Responder SPI : 4EB60610A6D7FC09 Message id: 6 IKEv2 INFORMATIONAL Exchange RESPONSE Jan 16 14:13:03.295: IKEv2-PAK:(SESSION ID = 123,SA ID = 1):Next payload: ENCR, version: 2.0 Exchange type: INFORMATIONAL, flags: RESPONDER MSG-RESPONSE Message id: 6, length: 80 Payload contents: ENCR Next payload: NONE, reserved: 0x0, length: 52 Jan 16 14:13:03.295: IKEv2-INTERNAL:(SESSION ID = 123,SA ID = 1):SM Trace-> SA: I_SPI=D48C7FB2206B81AF R_SPI=4EB60610A6D7FC09 (R) MsgID = 6 CurState: INFO_R Event: EV_CHK_INFO_TYPE Jan 16 14:13:03.295: IKEv2-INTERNAL:(SESSION ID = 123,SA ID = 1):SM Trace-> SA: I_SPI=D48C7FB2206B81AF R_SPI=4EB60610A6D7FC09 (R) MsgID = 6 CurState: INFO_R Event: EV_RECV_DEL Jan 16 14:13:03.295: IKEv2:(SESSION ID = 123,SA ID = 1):Process delete request from peer Jan 16 14:13:03.295: IKEv2:(SESSION ID = 123,SA ID = 1):Processing DELETE INFO message for IKEv2 SA [ISPI: 0xD48C7FB2206B81AF RSPI: 0x4EB60610A6D7FC09] Jan 16 14:13:03.296: IKEv2-INTERNAL:Returned v4 config addr 192.168.20.147 to local pool Jan 16 14:13:03.296: IKEv2-INTERNAL:calling delete_routes Jan 16 14:13:03.296: IKEv2:IKEv2 removing route 192.168.20.147 255.255.255.255 via Virtual-Access1 in vrf global Jan 16 14:13:03.296: IKEv2-INTERNAL:(SESSION ID = 123,SA ID = 1):SM Trace-> SA: I_SPI=D48C7FB2206B81AF R_SPI=4EB60610A6D7FC09 (R) MsgID = 6 CurState: INFO_R Event: EV_CHK4_ACTIVE_SA Jan 16 14:13:03.296: IKEv2:(SESSION ID = 123,SA ID = 1):Check for existing active SA Jan 16 14:13:03.296: IKEv2-INTERNAL:(SESSION ID = 123,SA ID = 1):SM Trace-> SA: I_SPI=D48C7FB2206B81AF R_SPI=4EB60610A6D7FC09 (R) MsgID = 6 CurState: INFO_R Event: EV_STOP_ACCT Jan 16 14:13:03.296: IKEv2-INTERNAL:(SESSION ID = 123,SA ID = 1):SM Trace-> SA: I_SPI=D48C7FB2206B81AF R_SPI=4EB60610A6D7FC09 (R) MsgID = 6 CurState: INFO_R Event: EV_IPSEC_DEL Jan 16 14:13:03.296: IKEv2:(SESSION ID = 123,SA ID = 1):Delete all IKE SAs Jan 16 14:13:03.296: IKEv2-INTERNAL:Successfully removed child SAs Jan 16 14:13:03.296: IKEv2-INTERNAL:(SESSION ID = 123,SA ID = 1):SM Trace-> SA: I_SPI=D48C7FB2206B81AF R_SPI=4EB60610A6D7FC09 (R) MsgID = 6 CurState: INFO_R Event: EV_START_DEL_NEG_TMR Jan 16 14:13:03.297: IKEv2-INTERNAL:(SESSION ID = 123,SA ID = 1):Action: Action_Null Jan 16 14:13:03.297: IKEv2-INTERNAL:(SESSION ID = 123,SA ID = 1):SM Trace-> SA: I_SPI=D48C7FB2206B81AF R_SPI=4EB60610A6D7FC09 (R) MsgID = 6 CurState: EXIT Event: EV_CHK_PENDING Jan 16 14:13:03.297: IKEv2-INTERNAL:(SESSION ID = 123,SA ID = 1):Sent response with message id 6, Requests can be accepted from range 7 to 11 Jan 16 14:13:03.297: IKEv2-INTERNAL:(SESSION ID = 123,SA ID = 1):SM Trace-> SA: I_SPI=D48C7FB2206B81AF R_SPI=4EB60610A6D7FC09 (R) MsgID = 6 CurState: EXIT Event: EV_NO_EVENT Jan 16 14:13:03.297: IKEv2-INTERNAL:(SESSION ID = 123,SA ID = 1):SM Trace-> SA: I_SPI=D48C7FB2206B81AF R_SPI=4EB60610A6D7FC09 (I) MsgID = 1 CurState: READY Event: EV_RECV_DEL Jan 16 14:13:03.297: IKEv2-INTERNAL:(SESSION ID = 123,SA ID = 1):Action: Action_Null Jan 16 14:13:03.297: IKEv2-INTERNAL:(SESSION ID = 123,SA ID = 1):SM Trace-> SA: I_SPI=D48C7FB2206B81AF R_SPI=4EB60610A6D7FC09 (I) MsgID = 1 CurState: DELETE Event: EV_FREE_SA Jan 16 14:13:03.297: IKEv2-INTERNAL:(SESSION ID = 123,SA ID = 1):SM Trace-> SA: I_SPI=D48C7FB2206B81AF R_SPI=4EB60610A6D7FC09 (I) MsgID = 1 CurState: DELETE Event: EV_FREE_CHKD_SA Jan 16 14:13:03.297: IKEv2:(SESSION ID = 123,SA ID = 1):Deleting SA Jan 16 14:13:03.297: IKEv2-ERROR:IKEv2 tunnel stop failed tunnel info 0x80FFFF691CF508 Jan 16 14:13:03.299: IPSEC(key_engine): got a queue event with 1 KMI message(s) Jan 16 14:13:03.299: IDB is NULL : in crypto_ipsec_key_engine_delete_sas (), 6338 Jan 16 14:13:03.299: IPSEC:(SESSION ID = 123) (key_engine_delete_sas) rec'd delete notify from ISAKMP Jan 16 14:13:03.300: IPSEC:(SESSION ID = 123) (key_engine_delete_sas) delete SA with spi 0xDEA87819 proto 50 for 75.X.X.33 Jan 16 14:13:03.300: IPSEC:(SESSION ID = 123) (delete_sa) deleting SA, (sa) sa_dest= 75.X.X.33, sa_proto= 50, sa_spi= 0xDEA87819(3735582745), sa_trans= esp-aes 256 esp-sha256-hmac , sa_conn_id= 2023 sa_lifetime(k/sec)= (4608000/3600), (identity) local= 75.X.X.33:0, remote= 64.100.12.5:0, local_proxy= 0.0.0.0/0.0.0.0/256/0, remote_proxy= 192.168.20.147/255.255.255.255/256/0 Jan 16 14:13:03.300: IPSEC:(SESSION ID = 123) (delete_sa) deleting SA, (sa) sa_dest= 64.100.12.5, sa_proto= 50, sa_spi= 0x96255ADD(2519030493), sa_trans= esp-aes 256 esp-sha256-hmac , sa_conn_id= 2024 sa_lifetime(k/sec)= (4608000/3600), (identity) local= 75.X.X.33:0, remote= 64.100.12.5:0, local_proxy= 0.0.0.0/0.0.0.0/256/0, remote_proxy= 192.168.20.147/255.255.255.255/256/0 Jan 16 14:13:03.300: IPSEC(send_delete_notify_kmi): not sending KEY_ENGINE_DELETE_SAS Jan 16 14:13:03.300: IPSEC:(SESSION ID = 123) (sibling_delete_notify_ident_action) Info: Reverse Route ID Mismatch between Sibling and Ident Jan 16 14:13:03.300: IPSEC(rte_mgr): ID: 12 Event: Ident delete sa : Remove RRI route Jan 16 14:13:03.300: IPSEC(rte_mgr): Delete Route found ID 12 Jan 16 14:13:03.300: IPSEC(rte_mgr) Route delete: peer 0.0.0.0 , destination 192.168.20.147, rt_type 0 Jan 16 14:13:03.300: IPSEC(rte_mgr): VPN Route Refcount 0 Virtual-Access1 Jan 16 14:13:03.300: IKEv2-INTERNAL:KMI message 10 consumed. No action taken. Jan 16 14:13:03.301: ipsec_out_sa_hash_idx: sa=0xFFFF63500968, hash_idx=50, port=4500/37841, addr=0x4B379621/0x40640C05 Jan 16 14:13:03.301: IPSEC(key_engine): got a queue event with 1 KMI message(s) Jan 16 14:13:03.301: IDB is NULL : in crypto_ipsec_key_engine_delete_sas (), 6338 Jan 16 14:13:03.301: IPSEC:(SESSION ID = 123) (key_engine_delete_sas) rec'd delete notify from ISAKMP Jan 16 14:13:03.301: IPSEC(key_engine): got a queue event with 1 KMI message(s) Jan 16 14:13:03.313: %LINEPROTO-5-UPDOWN: Line protocol on Interface Virtual-Access1, changed state to down Jan 16 14:13:03.316: %LINK-3-UPDOWN: Interface Virtual-Access1, changed state to down Jan 16 14:13:03.317: IKEv2-INTERNAL:Active ike sa request deleted Jan 16 14:13:03.317: IKEv2-INTERNAL:Decrement count for incoming active Jan 16 14:13:03.323: IPSEC:(SESSION ID = 123) (ident_delete_notify_kmi) Failed to send KEY_ENG_DELETE_SAS Jan 16 14:13:03.323: IPSEC:(SESSION ID = 123) (ident_update_final_flow_stats) Collect Final Stats and update MIB IPSEC get IKMP peer index from peer 0xFFFF634FDBE8 ikmp handle 0x0 [ident_update_final_flow_stats] : Flow delete complete event received for flow id 0x24000017,peer index 0 Jan 16 14:13:03.326: Interface (Vi1) is getting freed. crypto_int_process_message (), 667 Jan 16 14:13:03.338: %SYS-5-CONFIG_P: Configured programmatically by process VTEMPLATE Background Mgr from console as console