Home page logo
/

basics logo Security Basics mailing list archives

VPN-cisco-smc
From: mtzcesar () queretaro podernet com mx
Date: Wed, 1 Jun 2005 19:24:27 -0500

I have Cisco Systems, Inc./VPN 3000 Concentrator Version 4.0.4.A and SMC Router and Vpn
I need to do one vpm Lan to Lan 
But I obtain an errores in teh vpn concentrator
IKE QM Initiator FSM error history (struct &0x1d85348)

Between two equipments both  a firewall pix exixts


thi is my log


31214 06/01/2005 19:05:22.120 SEV=8 IKEDECODE/0 RPT=28389 12.34.56.78 
ISAKMP HEADER :         ( Version 1.0 )
  Initiator Cookie(8):  98 59 6D 72 DC FE B0 B7 
  Responder Cookie(8):  C2 FD 1D 75 83 06 AA A1 
  Next Payload  :       SA (1)
  Exchange Type :       Oakley Main Mode
  Flags         :       0 
  Message ID    :       0
  Length        :       84

31220 06/01/2005 19:05:22.120 SEV=8 IKEDBG/0 RPT=41554 12.34.56.78 
RECEIVED Message (msgid=0) with payloads : 
HDR + SA (1) + NONE (0)
total length : 84

31222 06/01/2005 19:05:22.120 SEV=8 IKEDBG/0 RPT=41555 12.34.56.78 
RECEIVED Message (msgid=0) with payloads : 
HDR + SA (1) + NONE (0)
total length : 84

31224 06/01/2005 19:05:22.120 SEV=9 IKEDBG/0 RPT=41556 12.34.56.78 
processing SA payload

31225 06/01/2005 19:05:22.120 SEV=8 IKEDECODE/0 RPT=28390 12.34.56.78 
SA Payload Decode :
  DOI           :       IPSEC (1)
  Situation     :       Identity Only (1)
  Length        :       56

31228 06/01/2005 19:05:22.120 SEV=8 IKEDECODE/0 RPT=28391 12.34.56.78 
Proposal Decode:
  Proposal #    :       1
  Protocol ID   :       ISAKMP (1)
  #of Transforms:       1
  Length        :       44

31231 06/01/2005 19:05:22.120 SEV=8 IKEDECODE/0 RPT=28392 12.34.56.78 
Transform # 1 Decode for Proposal # 1:
  Transform #   :       1
  Transform ID  :       IKE (1)
  Length        :       36

31233 06/01/2005 19:05:22.120 SEV=8 IKEDECODE/0 RPT=28393 12.34.56.78 
Phase 1 SA Attribute Decode for Transform # 1:
  Encryption Alg:       Triple-DES (5)
  Hash Alg      :       SHA (2)
  Auth Method   :       Preshared Key (1)
  DH Group      :       Oakley Group 2 (2)
  Life Time     :       86400 seconds


31238 06/01/2005 19:05:22.120 SEV=12 IKEDECODE/0 RPT=28394 
IKE Decode of received SA attributes follows:
0000: 80010005 80020002 80030001 80040002     ................
0010: 800B0001 000C0004 00015180              ..........Q.


31241 06/01/2005 19:05:22.120 SEV=7 IKEDBG/0 RPT=41557 12.34.56.78 
Oakley proposal is acceptable

31242 06/01/2005 19:05:22.230 SEV=9 IKEDBG/0 RPT=41558 12.34.56.78 
constructing ke payload

31243 06/01/2005 19:05:22.230 SEV=9 IKEDBG/1 RPT=8263 12.34.56.78 
constructing nonce payload

31244 06/01/2005 19:05:22.230 SEV=9 IKEDBG/46 RPT=12648 12.34.56.78 
constructing Cisco Unity VID payload

31245 06/01/2005 19:05:22.230 SEV=9 IKEDBG/46 RPT=12649 12.34.56.78 
constructing xauth V6 VID payload

31246 06/01/2005 19:05:22.230 SEV=9 IKEDBG/48 RPT=2265 12.34.56.78 
Send IOS VID

31247 06/01/2005 19:05:22.230 SEV=9 IKEDBG/38 RPT=1153 12.34.56.78 
Constructing VPN 3000 spoofing IOS Vendor ID payload (version: 1.0.0, capabiliti
es: 20000409)

31249 06/01/2005 19:05:22.230 SEV=9 IKEDBG/46 RPT=12650 12.34.56.78 
constructing VID payload

31250 06/01/2005 19:05:22.230 SEV=9 IKEDBG/48 RPT=2266 12.34.56.78 
Send Altiga GW VID

31251 06/01/2005 19:05:22.230 SEV=8 IKEDBG/0 RPT=41559 12.34.56.78 
SENDING Message (msgid=0) with payloads : 
HDR + KE (4) + NONCE (10) 
total length : 256

31253 06/01/2005 19:05:22.240 SEV=8 IKEDECODE/0 RPT=28395 12.34.56.78 
ISAKMP HEADER :         ( Version 1.0 )
  Initiator Cookie(8):  98 59 6D 72 DC FE B0 B7 
  Responder Cookie(8):  C2 FD 1D 75 83 06 AA A1 
  Next Payload  :       KE (4)
  Exchange Type :       Oakley Main Mode
  Flags         :       0 
  Message ID    :       0
  Length        :       184

31259 06/01/2005 19:05:22.240 SEV=8 IKEDBG/0 RPT=41560 12.34.56.78 
RECEIVED Message (msgid=0) with payloads : 
HDR + KE (4) + NONCE (10) + NONE (0)
total length : 184

31261 06/01/2005 19:05:22.240 SEV=8 IKEDBG/0 RPT=41561 12.34.56.78 
RECEIVED Message (msgid=0) with payloads : 
HDR + KE (4) + NONCE (10) + NONE (0)
total length : 184

31263 06/01/2005 19:05:22.240 SEV=9 IKEDBG/0 RPT=41562 12.34.56.78 
processing ke payload

31264 06/01/2005 19:05:22.240 SEV=9 IKEDBG/0 RPT=41563 12.34.56.78 
processing ISA_KE

31265 06/01/2005 19:05:22.240 SEV=9 IKEDBG/1 RPT=8264 12.34.56.78 
processing nonce payload

31266 06/01/2005 19:05:22.340 SEV=9 IKEDBG/0 RPT=41564 12.34.56.78 
Generating keys for Initiator...

31267 06/01/2005 19:05:22.360 SEV=9 IKEDBG/1 RPT=8265 12.34.56.78 
Group [L2L: Smc]
constructing ID

31268 06/01/2005 19:05:22.360 SEV=9 IKEDBG/0 RPT=41565 
Group [L2L: Smc]
construct hash payload

31269 06/01/2005 19:05:22.360 SEV=9 IKEDBG/0 RPT=41566 12.34.56.78 
Group [L2L: Smc]
computing hash

31270 06/01/2005 19:05:22.370 SEV=9 IKEDBG/46 RPT=12651 12.34.56.78 
Group [L2L: Smc]
constructing dpd vid payload

31271 06/01/2005 19:05:22.370 SEV=8 IKEDBG/0 RPT=41567 12.34.56.78 
SENDING Message (msgid=0) with payloads : 
HDR + ID (5) + HASH (8) 
total length : 84

31273 06/01/2005 19:05:22.450 SEV=8 IKEDECODE/0 RPT=28396 12.34.56.78 
ISAKMP HEADER :         ( Version 1.0 )
  Initiator Cookie(8):  98 59 6D 72 DC FE B0 B7 
  Responder Cookie(8):  C2 FD 1D 75 83 06 AA A1 
  Next Payload  :       ID (5)
  Exchange Type :       Oakley Main Mode
  Flags         :       1   (ENCRYPT )
  Message ID    :       0
  Length        :       68

31279 06/01/2005 19:05:22.460 SEV=8 IKEDBG/0 RPT=41568 12.34.56.78 
RECEIVED Message (msgid=0) with payloads : 
HDR + ID (5) + HASH (8) + NONE (0)
total length : 64

31281 06/01/2005 19:05:22.460 SEV=9 IKEDBG/1 RPT=8266 12.34.56.78 
Group [L2L: Smc]
Processing ID

31282 06/01/2005 19:05:22.460 SEV=12 IKEDECODE/11 RPT=1372 
ID_IPV4_ADDR ID received
12.34.56.78

31283 06/01/2005 19:05:22.460 SEV=9 IKEDBG/0 RPT=41569 12.34.56.78 
Group [L2L: Smc]
processing hash

31284 06/01/2005 19:05:22.460 SEV=9 IKEDBG/0 RPT=41570 12.34.56.78 
Group [L2L: Smc]
computing hash

31285 06/01/2005 19:05:22.460 SEV=9 IKEDBG/23 RPT=1142 12.34.56.78 
Group [L2L: Smc]
Starting group lookup for peer 12.34.56.78

31286 06/01/2005 19:05:22.460 SEV=8 AUTHDBG/1 RPT=1302 
AUTH_Open() returns 277

31287 06/01/2005 19:05:22.460 SEV=7 AUTH/12 RPT=1302 
Authentication session opened: handle = 277

31288 06/01/2005 19:05:22.460 SEV=8 AUTHDBG/3 RPT=1467 
AUTH_PutAttrTable(277, 9b150c)

31289 06/01/2005 19:05:22.460 SEV=8 AUTHDBG/6 RPT=1130 
AUTH_GroupAuthenticate(277, 1c18b7c, 605a14)

31290 06/01/2005 19:05:22.460 SEV=8 AUTHDBG/59 RPT=1469 
AUTH_BindServer(1f00018, 0, 0)

31291 06/01/2005 19:05:22.460 SEV=9 AUTHDBG/69 RPT=1467 
Auth Server eaf92c has been bound to ACB 1f00018, sessions = 1

31292 06/01/2005 19:05:22.460 SEV=8 AUTHDBG/65 RPT=1467 
AUTH_CreateTimer(1f00018, 0, 0)

31293 06/01/2005 19:05:22.460 SEV=9 AUTHDBG/72 RPT=1467 
Reply timer created: handle = 3B050018

31294 06/01/2005 19:05:22.460 SEV=8 AUTHDBG/179 RPT=1467 
AUTH_SyncToServer(1f00018, 0, 0)

31295 06/01/2005 19:05:22.460 SEV=8 AUTHDBG/180 RPT=1467 
AUTH_SendLockReq(1f00018, 0, 0)

31296 06/01/2005 19:05:22.460 SEV=8 AUTHDBG/61 RPT=1467 
AUTH_BuildMsg(1f00018, 0, 0)

31297 06/01/2005 19:05:22.460 SEV=8 AUTHDBG/64 RPT=1472 
AUTH_StartTimer(1f00018, 0, 0)

31298 06/01/2005 19:05:22.460 SEV=9 AUTHDBG/73 RPT=1472 
Reply timer started: handle = 3B050018, timestamp = 26554897, timeout = 30000

31299 06/01/2005 19:05:22.460 SEV=8 AUTHDBG/62 RPT=1472 
AUTH_SndRequest(1f00018, 0, 0)

31300 06/01/2005 19:05:22.460 SEV=8 AUTHDBG/50 RPT=2601 
IntDB_Decode(1c5dff8, 194)

31301 06/01/2005 19:05:22.460 SEV=8 AUTHDBG/47 RPT=1301 
IntDB_Xmt(1f00018)

31302 06/01/2005 19:05:22.460 SEV=9 AUTHDBG/71 RPT=1472 
xmit_cnt = 1

31303 06/01/2005 19:05:22.460 SEV=8 AUTHDBG/182 RPT=1301 
IntDB_ServiceRequest(1f00018)

31304 06/01/2005 19:05:22.560 SEV=8 AUTHDBG/49 RPT=1301 
IntDB_Match(1f00018, c6b2e4)

31305 06/01/2005 19:05:22.560 SEV=8 AUTHDBG/63 RPT=1465 
AUTH_RcvReply(1f00018, 0, 0)

31306 06/01/2005 19:05:22.560 SEV=8 AUTHDBG/50 RPT=2602 
IntDB_Decode(c6b2e4, 22223)

31307 06/01/2005 19:05:22.560 SEV=8 AUTHDBG/48 RPT=1301 
IntDB_Rcv(1f00018)

31308 06/01/2005 19:05:22.560 SEV=8 AUTHDBG/66 RPT=1466 
AUTH_DeleteTimer(1f00018, 0, 0)

31309 06/01/2005 19:05:22.560 SEV=9 AUTHDBG/74 RPT=1466 
Reply timer stopped: handle = 3B050018, timestamp = 26554907

31310 06/01/2005 19:05:22.560 SEV=8 AUTHDBG/58 RPT=1468 
AUTH_Callback(1f00018, 0, 0)

31311 06/01/2005 19:05:22.560 SEV=6 AUTH/41 RPT=1240 12.34.56.78 
Authentication successful: handle = 277, server = Internal, group = L2L: Smc

31312 06/01/2005 19:05:22.560 SEV=7 IKEDBG/0 RPT=41571 12.34.56.78 
Group [L2L: Smc]
Found Phase 1 Group (L2L: Smc)

31313 06/01/2005 19:05:22.560 SEV=8 AUTHDBG/4 RPT=1246 
AUTH_GetAttrTable(277, 1002ee4)

31314 06/01/2005 19:05:22.560 SEV=7 IKEDBG/14 RPT=833 12.34.56.78 
Group [L2L: Smc]
Authentication configured for Internal

31315 06/01/2005 19:05:22.560 SEV=9 IKEDBG/19 RPT=3261 12.34.56.78 
Group [L2L: Smc]
IKEGetUserAttributes: primary DNS = 192.168.0.4

31316 06/01/2005 19:05:22.560 SEV=9 IKEDBG/19 RPT=3262 12.34.56.78 
Group [L2L: Smc]
IKEGetUserAttributes: secondary DNS = 200.33.150.193

31317 06/01/2005 19:05:22.560 SEV=9 IKEDBG/19 RPT=3263 12.34.56.78 
Group [L2L: Smc]
IKEGetUserAttributes: IP Compression = disabled

31318 06/01/2005 19:05:22.560 SEV=7 IKEDBG/73 RPT=937 12.34.56.78 
Group [L2L: Smc]
Authorization configured for RADIUS, Authorization not required

31319 06/01/2005 19:05:22.560 SEV=8 AUTHDBG/2 RPT=1301 
AUTH_Close(277)

31320 06/01/2005 19:05:22.560 SEV=9 IKEDBG/0 RPT=41572 12.34.56.78 
Group [L2L: Smc]
Oakley begin quick mode

31321 06/01/2005 19:05:22.560 SEV=12 IKEDECODE/2 RPT=1047 
IKE Initiator starting QM: msg id = 8a5d20c8

31322 06/01/2005 19:05:22.560 SEV=4 IKE/119 RPT=1084 12.34.56.78 
Group [L2L: Smc]
PHASE 1 COMPLETED

31323 06/01/2005 19:05:22.560 SEV=6 IKE/121 RPT=1084 12.34.56.78 
Keep-alive type for this connection: None

31324 06/01/2005 19:05:22.560 SEV=7 IKEDBG/0 RPT=41573 12.34.56.78 
Group [L2L: Smc]
Starting phase 1 rekey timer: 64800000 (ms)

31325 06/01/2005 19:05:22.560 SEV=4 AUTH/22 RPT=1084 
User [L2L: Smc] Group [L2L: Smc] connected, Session Type: IPSec/LAN-to-LAN

31326 06/01/2005 19:05:22.570 SEV=4 AUTH/84 RPT=1029 
LAN-to-LAN tunnel to headend device 12.34.56.78 connected

31327 06/01/2005 19:05:22.570 SEV=9 IPSECDBG/6 RPT=2566 
IPSEC key message parse - msgtype 6, len 208, vers 1, pid 00000000, seq 1141, er
r 0, type 2, mode 0, state 32, label 0, pad 0, spi 00000000, encrKeyLen 0, hashK
eyLen 0, ivlen 0, alg 0, hmacAlg 0, lifetype 0, lifetime1 635968, lifetime2 0, d
sId 300

31331 06/01/2005 19:05:22.570 SEV=9 IPSECDBG/1 RPT=5017 
Processing KEY_GETSPI msg!

31332 06/01/2005 19:05:22.570 SEV=7 IPSECDBG/13 RPT=1141 
Reserved SPI 1557717501

31333 06/01/2005 19:05:22.570 SEV=8 IKEDBG/6 RPT=1141 
IKE got SPI from key engine: SPI = 0x5cd8e1fd

31334 06/01/2005 19:05:22.570 SEV=9 IKEDBG/0 RPT=41574 12.34.56.78 
Group [L2L: Smc]
oakley constucting quick mode

31335 06/01/2005 19:05:22.570 SEV=9 IKEDBG/0 RPT=41575 12.34.56.78 
Group [L2L: Smc]
constructing blank hash

31336 06/01/2005 19:05:22.570 SEV=9 IKEDBG/0 RPT=41576 12.34.56.78 
Group [L2L: Smc]
constructing ISA_SA for ipsec

31337 06/01/2005 19:05:22.570 SEV=9 IKEDBG/1 RPT=8267 12.34.56.78 
Group [L2L: Smc]
constructing ipsec nonce payload

31338 06/01/2005 19:05:22.570 SEV=9 IKEDBG/1 RPT=8268 12.34.56.78 
Group [L2L: Smc]
constructing proxy ID

31339 06/01/2005 19:05:22.570 SEV=7 IKEDBG/0 RPT=41577 12.34.56.78 
Group [L2L: Smc]
Transmitting Proxy Id:
  Local host:  192.168.0.190  Protocol 0  Port 0
  Remote host: 12.34.56.78  Protocol 0  Port 0

31343 06/01/2005 19:05:22.570 SEV=12 IKEDECODE/7 RPT=1029 
IKE Initiator sending Initial Contact

31344 06/01/2005 19:05:22.570 SEV=9 IKEDBG/0 RPT=41578 12.34.56.78 
Group [L2L: Smc]
constructing qm hash

31345 06/01/2005 19:05:22.570 SEV=12 IKEDECODE/4 RPT=1047 
IKE Initiator sending 1st QM pkt: msg id = 8a5d20c8

31346 06/01/2005 19:05:22.570 SEV=8 IKEDBG/0 RPT=41579 12.34.56.78 
SENDING Message (msgid=8a5d20c8) with payloads : 
HDR + HASH (8) + SA (1) 
total length : 176

31348 06/01/2005 19:05:22.580 SEV=8 AUTHDBG/60 RPT=1466 
AUTH_UnbindServer(1f00018, 0, 0)

31349 06/01/2005 19:05:22.580 SEV=9 AUTHDBG/70 RPT=1466 
Auth Server eaf92c has been unbound from ACB 1f00018, sessions = 0

31350 06/01/2005 19:05:22.580 SEV=8 AUTHDBG/10 RPT=1300 
AUTH_Int_FreeAuthCB(1f00018)

31351 06/01/2005 19:05:22.580 SEV=7 AUTH/13 RPT=1300 
Authentication session closed: handle = 277

31352 06/01/2005 19:05:25.540 SEV=4 EVENT/39 RPT=1915 
Event Manager erased file(s) LOG34591.TXT when saving file: log35028.txt

31353 06/01/2005 19:05:54.580 SEV=4 IKEDBG/0 RPT=41580 
QM FSM error (P2 struct &0x1d85348, mess id 0x8a5d20c8)!

31354 06/01/2005 19:05:54.580 SEV=7 IKEDBG/65 RPT=7816 12.34.56.78 
Group [L2L: Smc]
IKE QM Initiator FSM error history (struct &0x1d85348)
<state>, <event>:
QM_DONE, EV_ERROR
QM_WAIT_MSG2, EV_TIMEOUT
QM_WAIT_MSG2, NullEvent
QM_SND_MSG1, EV_SND_MSG

31359 06/01/2005 19:05:54.580 SEV=9 IKEDBG/0 RPT=41581 
sending delete/delete with reason message

31360 06/01/2005 19:05:54.580 SEV=9 IKEDBG/0 RPT=41582 12.34.56.78 
Group [L2L: Smc]
constructing blank hash

31361 06/01/2005 19:05:54.580 SEV=9 IKEDBG/0 RPT=41583 
constructing IPSec delete payload

31362 06/01/2005 19:05:54.580 SEV=9 IKEDBG/0 RPT=41584 12.34.56.78 
Group [L2L: Smc]
constructing qm hash

31363 06/01/2005 19:05:54.580 SEV=8 IKEDBG/0 RPT=41585 12.34.56.78 
SENDING Message (msgid=d5109d68) with payloads : 
HDR + HASH (8) + DELETE (12) 
total length : 68

31365 06/01/2005 19:05:54.580 SEV=7 IKEDBG/9 RPT=1141 12.34.56.78 
Group [L2L: Smc]
IKE Deleting SA: Remote Proxy 12.34.56.78, Local Proxy 192.168.0.190

31367 06/01/2005 19:05:54.580 SEV=6 IKE/0 RPT=1810 12.34.56.78 
Group [L2L: Smc]
Removing peer from correlator table failed, no match!

31368 06/01/2005 19:05:54.590 SEV=9 IKEDBG/0 RPT=41586 12.34.56.78 
Group [L2L: Smc]
IKE SA MM:98596d72 rcv'd Terminate: state MM_ACTIVE
flags 0x00000062, refcnt 1, tuncnt 0

31371 06/01/2005 19:05:54.590 SEV=9 IKEDBG/0 RPT=41587 12.34.56.78 
Group [L2L: Smc]
IKE SA MM:98596d72 terminating:
flags 0x01000022, refcnt 0, tuncnt 0

31373 06/01/2005 19:05:54.590 SEV=9 IKEDBG/0 RPT=41588 
sending delete/delete with reason message

31374 06/01/2005 19:05:54.590 SEV=9 IKEDBG/0 RPT=41589 12.34.56.78 
Group [L2L: Smc]
constructing blank hash

Thank you


  By Date           By Thread  

Current thread:
  • VPN-cisco-smc mtzcesar (Jun 03)
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]