[vpnc-devel] Just compiled and ran latest from repository
Mike Gofman
gofman.mike at gmail.com
Thu Jun 12 06:39:16 CEST 2008
Just compiled the last version with the Nortel stuff in it.
I do not have a group ID or a secret word.
According to the VPN admin our company does not use those.
We just have a straight login in Contivity.
Here is what I tried with corresponding results.
sudo ./vpnc --vendor nortel --gateway privategateway.org --username
someuser --domain someNTDomain --pfs dh5 --debug 3
And here is the debug trace.
Enter IPSec ID for privategateway.org:
Enter IPSec secret for @privategateway.org:
Enter password for someuser at privategateway.org:
vpnc version 0.5.1-292
hex_test: 00010203
S1 init_sockaddr
[2008-06-12 00:24:53]
S2 make_socket
[2008-06-12 00:24:53]
S3 setup_tunnel
[2008-06-12 00:24:53]
sh: /etc/vpnc/vpnc-script: not found
using interface tun0
S4 do_phase1
[2008-06-12 00:24:53]
S4.1 create_nonce
[2008-06-12 00:24:53]
i_cookie: ba51f99e 5dd34734
i_nonce:
888b4eea 22443020 ca50cfc4 687ad332 ae313f7e
S4.2 dh setup
[2008-06-12 00:24:53]
dh_public:
75c75641 8e4833da 34e94888 d6b63035 a2e6afed 19d6dafb 6d6b86ab 8bc130d9
5ccb36bb 4fd95f5d 24c72f2c 8df98900 f8ac35cf d823bbb1 67387446 c3f84e82
623ad3be b594d4be 9eb4b637 4580d981 a5448221 ceecdbc3 a10e21db c71932d8
b6a4c489 fa66b47c a5017622 23f0fe90 3fbd6231 ab7a215e 4b46e8f9 a15015b8
S4.3 AM packet_1
[2008-06-12 00:24:53]
sending: ========================>
BEGIN_PARSE
Recieved Packet Len: 748
i_cookie: ba51f99e 5dd34734
r_cookie: 00000000 00000000
payload: 01 (ISAKMP_PAYLOAD_SA)
isakmp_version: 10
exchange_type: 04 (ISAKMP_EXCHANGE_AGGRESSIVE)
flags: 00
message_id: 00000000
len: 000002ec
PARSING PAYLOAD type: 01 (ISAKMP_PAYLOAD_SA)
next_type: 04 (ISAKMP_PAYLOAD_KE)
length: 017c
sa.doi: 00000001 (ISAKMP_DOI_IPSEC)
sa.situation: 00000001 (ISAKMP_IPSEC_SIT_IDENTITY_ONLY)
PARSING PAYLOAD type: 02 (ISAKMP_PAYLOAD_P)
next_type: 00 (ISAKMP_PAYLOAD_NONE)
length: 0170
p.number: 00
p.prot_id: 01 (ISAKMP_IPSEC_PROTO_ISAKMP)
p.spi_size: 00
length: 0c
p.spi:
PARSING PAYLOAD type: 03 (ISAKMP_PAYLOAD_T)
next_type: 03 (ISAKMP_PAYLOAD_T)
length: 0020
t.number: 00
t.id: 01 (ISAKMP_IPSEC_KEY_IKE)
t.attributes.type: 000e (IKE_ATTRIB_KEY_LENGTH)
(not dumping xauth data)
t.attributes.type: 0001 (IKE_ATTRIB_ENC)
t.attributes.u.attr_16: 0007 (IKE_ENC_AES_CBC)
t.attributes.type: 0002 (IKE_ATTRIB_HASH)
t.attributes.u.attr_16: 0002 (IKE_HASH_SHA)
t.attributes.type: 0003 (IKE_ATTRIB_AUTH_METHOD)
t.attributes.u.attr_16: 0001 (IKE_AUTH_PRESHARED)
t.attributes.type: 0004 (IKE_ATTRIB_GROUP_DESC)
t.attributes.u.attr_16: 0002 (IKE_GROUP_MODP_1024)
t.attributes.type: 7fff (IKE_ATTRIB_NORTEL_UNKNOWN)
t.attributes.u.attr_16: 000a
DONE PARSING PAYLOAD type: 03 (ISAKMP_PAYLOAD_T)
PARSING PAYLOAD type: 03 (ISAKMP_PAYLOAD_T)
next_type: 03 (ISAKMP_PAYLOAD_T)
length: 0020
t.number: 01
t.id: 01 (ISAKMP_IPSEC_KEY_IKE)
t.attributes.type: 000e (IKE_ATTRIB_KEY_LENGTH)
(not dumping xauth data)
t.attributes.type: 0001 (IKE_ATTRIB_ENC)
t.attributes.u.attr_16: 0007 (IKE_ENC_AES_CBC)
t.attributes.type: 0002 (IKE_ATTRIB_HASH)
t.attributes.u.attr_16: 0001 (IKE_HASH_MD5)
t.attributes.type: 0003 (IKE_ATTRIB_AUTH_METHOD)
t.attributes.u.attr_16: 0001 (IKE_AUTH_PRESHARED)
t.attributes.type: 0004 (IKE_ATTRIB_GROUP_DESC)
t.attributes.u.attr_16: 0002 (IKE_GROUP_MODP_1024)
t.attributes.type: 7fff (IKE_ATTRIB_NORTEL_UNKNOWN)
t.attributes.u.attr_16: 000a
DONE PARSING PAYLOAD type: 03 (ISAKMP_PAYLOAD_T)
PARSING PAYLOAD type: 03 (ISAKMP_PAYLOAD_T)
next_type: 03 (ISAKMP_PAYLOAD_T)
length: 0020
t.number: 02
t.id: 01 (ISAKMP_IPSEC_KEY_IKE)
t.attributes.type: 000e (IKE_ATTRIB_KEY_LENGTH)
(not dumping xauth data)
t.attributes.type: 0001 (IKE_ATTRIB_ENC)
t.attributes.u.attr_16: 0007 (IKE_ENC_AES_CBC)
t.attributes.type: 0002 (IKE_ATTRIB_HASH)
t.attributes.u.attr_16: 0002 (IKE_HASH_SHA)
t.attributes.type: 0003 (IKE_ATTRIB_AUTH_METHOD)
t.attributes.u.attr_16: 0001 (IKE_AUTH_PRESHARED)
t.attributes.type: 0004 (IKE_ATTRIB_GROUP_DESC)
t.attributes.u.attr_16: 0002 (IKE_GROUP_MODP_1024)
t.attributes.type: 7fff (IKE_ATTRIB_NORTEL_UNKNOWN)
t.attributes.u.attr_16: 000a
DONE PARSING PAYLOAD type: 03 (ISAKMP_PAYLOAD_T)
PARSING PAYLOAD type: 03 (ISAKMP_PAYLOAD_T)
next_type: 03 (ISAKMP_PAYLOAD_T)
length: 0020
t.number: 03
t.id: 01 (ISAKMP_IPSEC_KEY_IKE)
t.attributes.type: 000e (IKE_ATTRIB_KEY_LENGTH)
(not dumping xauth data)
t.attributes.type: 0001 (IKE_ATTRIB_ENC)
t.attributes.u.attr_16: 0007 (IKE_ENC_AES_CBC)
t.attributes.type: 0002 (IKE_ATTRIB_HASH)
t.attributes.u.attr_16: 0001 (IKE_HASH_MD5)
t.attributes.type: 0003 (IKE_ATTRIB_AUTH_METHOD)
t.attributes.u.attr_16: 0001 (IKE_AUTH_PRESHARED)
t.attributes.type: 0004 (IKE_ATTRIB_GROUP_DESC)
t.attributes.u.attr_16: 0002 (IKE_GROUP_MODP_1024)
t.attributes.type: 7fff (IKE_ATTRIB_NORTEL_UNKNOWN)
t.attributes.u.attr_16: 000a
DONE PARSING PAYLOAD type: 03 (ISAKMP_PAYLOAD_T)
PARSING PAYLOAD type: 03 (ISAKMP_PAYLOAD_T)
next_type: 03 (ISAKMP_PAYLOAD_T)
length: 0020
t.number: 04
t.id: 01 (ISAKMP_IPSEC_KEY_IKE)
t.attributes.type: 000e (IKE_ATTRIB_KEY_LENGTH)
(not dumping xauth data)
t.attributes.type: 0001 (IKE_ATTRIB_ENC)
t.attributes.u.attr_16: 0007 (IKE_ENC_AES_CBC)
t.attributes.type: 0002 (IKE_ATTRIB_HASH)
t.attributes.u.attr_16: 0002 (IKE_HASH_SHA)
t.attributes.type: 0003 (IKE_ATTRIB_AUTH_METHOD)
t.attributes.u.attr_16: 0001 (IKE_AUTH_PRESHARED)
t.attributes.type: 0004 (IKE_ATTRIB_GROUP_DESC)
t.attributes.u.attr_16: 0002 (IKE_GROUP_MODP_1024)
t.attributes.type: 7fff (IKE_ATTRIB_NORTEL_UNKNOWN)
t.attributes.u.attr_16: 000a
DONE PARSING PAYLOAD type: 03 (ISAKMP_PAYLOAD_T)
PARSING PAYLOAD type: 03 (ISAKMP_PAYLOAD_T)
next_type: 03 (ISAKMP_PAYLOAD_T)
length: 0020
t.number: 05
t.id: 01 (ISAKMP_IPSEC_KEY_IKE)
t.attributes.type: 000e (IKE_ATTRIB_KEY_LENGTH)
(not dumping xauth data)
t.attributes.type: 0001 (IKE_ATTRIB_ENC)
t.attributes.u.attr_16: 0007 (IKE_ENC_AES_CBC)
t.attributes.type: 0002 (IKE_ATTRIB_HASH)
t.attributes.u.attr_16: 0001 (IKE_HASH_MD5)
t.attributes.type: 0003 (IKE_ATTRIB_AUTH_METHOD)
t.attributes.u.attr_16: 0001 (IKE_AUTH_PRESHARED)
t.attributes.type: 0004 (IKE_ATTRIB_GROUP_DESC)
t.attributes.u.attr_16: 0002 (IKE_GROUP_MODP_1024)
t.attributes.type: 7fff (IKE_ATTRIB_NORTEL_UNKNOWN)
t.attributes.u.attr_16: 000a
DONE PARSING PAYLOAD type: 03 (ISAKMP_PAYLOAD_T)
PARSING PAYLOAD type: 03 (ISAKMP_PAYLOAD_T)
next_type: 03 (ISAKMP_PAYLOAD_T)
length: 001c
t.number: 06
t.id: 01 (ISAKMP_IPSEC_KEY_IKE)
t.attributes.type: 0001 (IKE_ATTRIB_ENC)
t.attributes.u.attr_16: 0005 (IKE_ENC_3DES_CBC)
t.attributes.type: 0002 (IKE_ATTRIB_HASH)
t.attributes.u.attr_16: 0002 (IKE_HASH_SHA)
t.attributes.type: 0003 (IKE_ATTRIB_AUTH_METHOD)
t.attributes.u.attr_16: 0001 (IKE_AUTH_PRESHARED)
t.attributes.type: 0004 (IKE_ATTRIB_GROUP_DESC)
t.attributes.u.attr_16: 0002 (IKE_GROUP_MODP_1024)
t.attributes.type: 7fff (IKE_ATTRIB_NORTEL_UNKNOWN)
t.attributes.u.attr_16: 000a
DONE PARSING PAYLOAD type: 03 (ISAKMP_PAYLOAD_T)
PARSING PAYLOAD type: 03 (ISAKMP_PAYLOAD_T)
next_type: 03 (ISAKMP_PAYLOAD_T)
length: 001c
t.number: 07
t.id: 01 (ISAKMP_IPSEC_KEY_IKE)
t.attributes.type: 0001 (IKE_ATTRIB_ENC)
t.attributes.u.attr_16: 0005 (IKE_ENC_3DES_CBC)
t.attributes.type: 0002 (IKE_ATTRIB_HASH)
t.attributes.u.attr_16: 0001 (IKE_HASH_MD5)
t.attributes.type: 0003 (IKE_ATTRIB_AUTH_METHOD)
t.attributes.u.attr_16: 0001 (IKE_AUTH_PRESHARED)
t.attributes.type: 0004 (IKE_ATTRIB_GROUP_DESC)
t.attributes.u.attr_16: 0002 (IKE_GROUP_MODP_1024)
t.attributes.type: 7fff (IKE_ATTRIB_NORTEL_UNKNOWN)
t.attributes.u.attr_16: 000a
DONE PARSING PAYLOAD type: 03 (ISAKMP_PAYLOAD_T)
PARSING PAYLOAD type: 03 (ISAKMP_PAYLOAD_T)
next_type: 03 (ISAKMP_PAYLOAD_T)
length: 001c
t.number: 08
t.id: 01 (ISAKMP_IPSEC_KEY_IKE)
t.attributes.type: 0001 (IKE_ATTRIB_ENC)
t.attributes.u.attr_16: 0001 (IKE_ENC_DES_CBC)
t.attributes.type: 0002 (IKE_ATTRIB_HASH)
t.attributes.u.attr_16: 0002 (IKE_HASH_SHA)
t.attributes.type: 0003 (IKE_ATTRIB_AUTH_METHOD)
t.attributes.u.attr_16: 0001 (IKE_AUTH_PRESHARED)
t.attributes.type: 0004 (IKE_ATTRIB_GROUP_DESC)
t.attributes.u.attr_16: 0002 (IKE_GROUP_MODP_1024)
t.attributes.type: 7fff (IKE_ATTRIB_NORTEL_UNKNOWN)
t.attributes.u.attr_16: 000a
DONE PARSING PAYLOAD type: 03 (ISAKMP_PAYLOAD_T)
PARSING PAYLOAD type: 03 (ISAKMP_PAYLOAD_T)
next_type: 03 (ISAKMP_PAYLOAD_T)
length: 001c
t.number: 09
t.id: 01 (ISAKMP_IPSEC_KEY_IKE)
t.attributes.type: 0001 (IKE_ATTRIB_ENC)
t.attributes.u.attr_16: 0001 (IKE_ENC_DES_CBC)
t.attributes.type: 0002 (IKE_ATTRIB_HASH)
t.attributes.u.attr_16: 0001 (IKE_HASH_MD5)
t.attributes.type: 0003 (IKE_ATTRIB_AUTH_METHOD)
t.attributes.u.attr_16: 0001 (IKE_AUTH_PRESHARED)
t.attributes.type: 0004 (IKE_ATTRIB_GROUP_DESC)
t.attributes.u.attr_16: 0002 (IKE_GROUP_MODP_1024)
t.attributes.type: 7fff (IKE_ATTRIB_NORTEL_UNKNOWN)
t.attributes.u.attr_16: 000a
DONE PARSING PAYLOAD type: 03 (ISAKMP_PAYLOAD_T)
PARSING PAYLOAD type: 03 (ISAKMP_PAYLOAD_T)
next_type: 03 (ISAKMP_PAYLOAD_T)
length: 001c
t.number: 0a
t.id: 01 (ISAKMP_IPSEC_KEY_IKE)
t.attributes.type: 0001 (IKE_ATTRIB_ENC)
t.attributes.u.attr_16: 0000 (IKE_ENC_NO_CBC)
t.attributes.type: 0002 (IKE_ATTRIB_HASH)
t.attributes.u.attr_16: 0002 (IKE_HASH_SHA)
t.attributes.type: 0003 (IKE_ATTRIB_AUTH_METHOD)
t.attributes.u.attr_16: 0001 (IKE_AUTH_PRESHARED)
t.attributes.type: 0004 (IKE_ATTRIB_GROUP_DESC)
t.attributes.u.attr_16: 0002 (IKE_GROUP_MODP_1024)
t.attributes.type: 7fff (IKE_ATTRIB_NORTEL_UNKNOWN)
t.attributes.u.attr_16: 000a
DONE PARSING PAYLOAD type: 03 (ISAKMP_PAYLOAD_T)
PARSING PAYLOAD type: 03 (ISAKMP_PAYLOAD_T)
next_type: 00 (ISAKMP_PAYLOAD_NONE)
length: 001c
t.number: 0b
t.id: 01 (ISAKMP_IPSEC_KEY_IKE)
t.attributes.type: 0001 (IKE_ATTRIB_ENC)
t.attributes.u.attr_16: 0000 (IKE_ENC_NO_CBC)
t.attributes.type: 0002 (IKE_ATTRIB_HASH)
t.attributes.u.attr_16: 0001 (IKE_HASH_MD5)
t.attributes.type: 0003 (IKE_ATTRIB_AUTH_METHOD)
t.attributes.u.attr_16: 0001 (IKE_AUTH_PRESHARED)
t.attributes.type: 0004 (IKE_ATTRIB_GROUP_DESC)
t.attributes.u.attr_16: 0002 (IKE_GROUP_MODP_1024)
t.attributes.type: 7fff (IKE_ATTRIB_NORTEL_UNKNOWN)
t.attributes.u.attr_16: 000a
DONE PARSING PAYLOAD type: 03 (ISAKMP_PAYLOAD_T)
PARSING PAYLOAD type: 00 (ISAKMP_PAYLOAD_NONE)
DONE PARSING PAYLOAD type: 02 (ISAKMP_PAYLOAD_P)
PARSING PAYLOAD type: 00 (ISAKMP_PAYLOAD_NONE)
DONE PARSING PAYLOAD type: 01 (ISAKMP_PAYLOAD_SA)
PARSING PAYLOAD type: 04 (ISAKMP_PAYLOAD_KE)
next_type: 0a (ISAKMP_PAYLOAD_NONCE)
length: 0084
ke.data:
75c75641 8e4833da 34e94888 d6b63035 a2e6afed 19d6dafb 6d6b86ab 8bc130d9
5ccb36bb 4fd95f5d 24c72f2c 8df98900 f8ac35cf d823bbb1 67387446 c3f84e82
623ad3be b594d4be 9eb4b637 4580d981 a5448221 ceecdbc3 a10e21db c71932d8
b6a4c489 fa66b47c a5017622 23f0fe90 3fbd6231 ab7a215e 4b46e8f9 a15015b8
DONE PARSING PAYLOAD type: 04 (ISAKMP_PAYLOAD_KE)
PARSING PAYLOAD type: 0a (ISAKMP_PAYLOAD_NONCE)
next_type: 05 (ISAKMP_PAYLOAD_ID)
length: 0018
ke.data:
888b4eea 22443020 ca50cfc4 687ad332 ae313f7e
DONE PARSING PAYLOAD type: 0a (ISAKMP_PAYLOAD_NONCE)
PARSING PAYLOAD type: 05 (ISAKMP_PAYLOAD_ID)
next_type: 0d (ISAKMP_PAYLOAD_VID)
length: 0020
id.type: 0b (ISAKMP_IPSEC_ID_KEY_ID)
id.protocol: 11
id.port: 01f4
id.data:
da39a3ee 5e6b4b0d 3255bfef 95601890 afd80709 00000000
DONE PARSING PAYLOAD type: 05 (ISAKMP_PAYLOAD_ID)
PARSING PAYLOAD type: 0d (ISAKMP_PAYLOAD_VID)
next_type: 0d (ISAKMP_PAYLOAD_VID)
length: 000c
ke.data: 09002689 dfd6b712
(Xauth)
DONE PARSING PAYLOAD type: 0d (ISAKMP_PAYLOAD_VID)
PARSING PAYLOAD type: 0d (ISAKMP_PAYLOAD_VID)
next_type: 0d (ISAKMP_PAYLOAD_VID)
length: 0014
ke.data: 12f5f28c 457168a9 702d9fe2 74cc0100
(Cisco Unity)
DONE PARSING PAYLOAD type: 0d (ISAKMP_PAYLOAD_VID)
PARSING PAYLOAD type: 0d (ISAKMP_PAYLOAD_VID)
next_type: 0d (ISAKMP_PAYLOAD_VID)
length: 0014
ke.data: 4a131c81 07035845 5c5728f2 0e95452f
(Nat-T RFC)
DONE PARSING PAYLOAD type: 0d (ISAKMP_PAYLOAD_VID)
PARSING PAYLOAD type: 0d (ISAKMP_PAYLOAD_VID)
next_type: 0d (ISAKMP_PAYLOAD_VID)
length: 0014
ke.data: 90cb8091 3ebb696e 086381b5 ec427b1f
(Nat-T 02N)
DONE PARSING PAYLOAD type: 0d (ISAKMP_PAYLOAD_VID)
PARSING PAYLOAD type: 0d (ISAKMP_PAYLOAD_VID)
next_type: 0d (ISAKMP_PAYLOAD_VID)
length: 0014
ke.data: cd604643 35df21f8 7cfdb2fc 68b6a448
(Nat-T 02)
DONE PARSING PAYLOAD type: 0d (ISAKMP_PAYLOAD_VID)
PARSING PAYLOAD type: 0d (ISAKMP_PAYLOAD_VID)
next_type: 0d (ISAKMP_PAYLOAD_VID)
length: 0014
ke.data: 16f6ca16 e4a4066d 83821a0f 0aeaa862
(Nat-T 01)
DONE PARSING PAYLOAD type: 0d (ISAKMP_PAYLOAD_VID)
PARSING PAYLOAD type: 0d (ISAKMP_PAYLOAD_VID)
next_type: 0d (ISAKMP_PAYLOAD_VID)
length: 0014
ke.data: 4485152d 18b6bbcd 0be8a846 9579ddcc
(Nat-T 00)
DONE PARSING PAYLOAD type: 0d (ISAKMP_PAYLOAD_VID)
PARSING PAYLOAD type: 0d (ISAKMP_PAYLOAD_VID)
next_type: 00 (ISAKMP_PAYLOAD_NONE)
length: 0014
ke.data: afcad713 68a1f1c9 6b8696fc 77570100
(DPD)
DONE PARSING PAYLOAD type: 0d (ISAKMP_PAYLOAD_VID)
PARSING PAYLOAD type: 00 (ISAKMP_PAYLOAD_NONE)
PARSE_OK
receiving: <========================
[2008-06-12 00:24:53]
S4.4 AM_packet2
[2008-06-12 00:24:53]
BEGIN_PARSE
Recieved Packet Len: 44
i_cookie: ba51f99e 5dd34734
r_cookie: 20c2ee91 a22e5172
payload: 0b (ISAKMP_PAYLOAD_N)
isakmp_version: 10
exchange_type: 05 (ISAKMP_EXCHANGE_INFORMATIONAL)
flags: 00
message_id: 00000000
len: 0000002c
PARSING PAYLOAD type: 0b (ISAKMP_PAYLOAD_N)
next_type: 00 (ISAKMP_PAYLOAD_NONE)
length: 0010
n.doi: 00000001 (ISAKMP_DOI_IPSEC)
n.protocol: 01 (ISAKMP_IPSEC_PROTO_ISAKMP)
n.spi_length: 00
n.type: 000e (ISAKMP_N_NO_PROPOSAL_CHOSEN)
n.spi:
n.data: 00000004
DONE PARSING PAYLOAD type: 0b (ISAKMP_PAYLOAD_N)
PARSING PAYLOAD type: 00 (ISAKMP_PAYLOAD_NONE)
PARSE_OK
./vpnc: response was invalid [1]: (ISAKMP_N_INVALID_EXCHANGE_TYPE)(7)
More information about the vpnc-devel
mailing list