2012:02:03-19:55:10 whity pluto[16081]: packet from 213.55.xxx.xxx:55346: received Vendor ID payload [RFC 3947]
2012:02:03-19:55:10 whity pluto[16081]: packet from 213.55.xxx.xxx:55346: ignoring Vendor ID payload [4df37928e9fc4fd1b3262170d515c662]
2012:02:03-19:55:10 whity pluto[16081]: packet from 213.55.xxx.xxx:55346: ignoring Vendor ID payload [8f8d83826d246b6fc7a8a6a428c11de8]
2012:02:03-19:55:10 whity pluto[16081]: packet from 213.55.xxx.xxx:55346: ignoring Vendor ID payload [439b59f8ba676c4c7737ae22eab8f582]
2012:02:03-19:55:10 whity pluto[16081]: packet from 213.55.xxx.xxx:55346: ignoring Vendor ID payload [4d1e0e136deafa34c4f3ea9f02ec7285]
2012:02:03-19:55:10 whity pluto[16081]: packet from 213.55.xxx.xxx:55346: ignoring Vendor ID payload [80d0bb3def54565ee84645d4c85ce3ee]
2012:02:03-19:55:10 whity pluto[16081]: packet from 213.55.xxx.xxx:55346: ignoring Vendor ID payload [9909b64eed937c6573de52ace952fa6b]
2012:02:03-19:55:10 whity pluto[16081]: packet from 213.55.xxx.xxx:55346: ignoring Vendor ID payload [draft-ietf-ipsec-nat-t-ike-03]
2012:02:03-19:55:10 whity pluto[16081]: packet from 213.55.xxx.xxx:55346: ignoring Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02]
2012:02:03-19:55:10 whity pluto[16081]: packet from 213.55.xxx.xxx:55346: ignoring Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02_n]
2012:02:03-19:55:10 whity pluto[16081]: packet from 213.55.xxx.xxx:55346: received Vendor ID payload [XAUTH]
2012:02:03-19:55:10 whity pluto[16081]: packet from 213.55.xxx.xxx:55346: ignoring Vendor ID payload [Cisco-Unity]
2012:02:03-19:55:10 whity pluto[16081]: packet from 213.55.xxx.xxx:55346: received Vendor ID payload [Dead Peer Detection]
2012:02:03-19:55:10 whity pluto[16081]: "D_for VPN Users Private to Internal (Network)"[5] 213.55.xxx.xxx:55346 #30: responding to Main Mode from unknown peer 213.55.xxx.xxx:55346
2012:02:03-19:55:10 whity pluto[16081]: "D_for VPN Users Private to Internal (Network)"[5] 213.55.xxx.xxx:55346 #30: NAT-Traversal: Result using RFC 3947: peer is NATed
2012:02:03-19:55:12 whity pluto[16081]: "D_for VPN Users Private to Internal (Network)"[5] 213.55.xxx.xxx:55346 #30: ignoring informational payload, type IPSEC_INITIAL_CONTACT
2012:02:03-19:55:12 whity pluto[16081]: "D_for VPN Users Private to Internal (Network)"[5] 213.55.xxx.xxx:55346 #30: Peer ID is ID_DER_ASN1_DN: 'C=ch, L=Nuerensdorf, O=Whity, CN=Foo Bar, E=foo@bar.ch'
2012:02:03-19:55:12 whity pluto[16081]: "D_for VPN Users Private to Internal (Network)"[5] 213.55.xxx.xxx:55346 #30: crl not found
2012:02:03-19:55:12 whity pluto[16081]: "D_for VPN Users Private to Internal (Network)"[5] 213.55.xxx.xxx:55346 #30: certificate status unknown
2012:02:03-19:55:12 whity pluto[16081]: "D_for VPN Users Private to Internal (Network)"[5] 213.55.xxx.xxx:55346 #30: we have a cert and are sending it
2012:02:03-19:55:12 whity pluto[16081]: "D_for VPN Users Private to Internal (Network)"[5] 213.55.xxx.xxx:55346 #30: Dead Peer Detection (RFC 3706) enabled
2012:02:03-19:55:12 whity pluto[16081]: | NAT-T: new mapping 213.55.xxx.xxx:55346/46726)
2012:02:03-19:55:12 whity pluto[16081]: "D_for VPN Users Private to Internal (Network)"[5] 213.55.xxx.xxx:46726 #30: sent MR3, ISAKMP SA established
2012:02:03-19:55:12 whity pluto[16081]: "D_for VPN Users Private to Internal (Network)"[5] 213.55.xxx.xxx:46726 #30: sending XAUTH request
2012:02:03-19:55:35 whity pluto[16081]: "D_for VPN Users Private to Internal (Network)"[5] 213.55.xxx.xxx:46726 #30: parsing XAUTH reply
2012:02:03-19:55:35 whity pluto[16081]: "D_for VPN Users Private to Internal (Network)"[5] 213.55.xxx.xxx:46726 #30: extended authentication was successful
2012:02:03-19:55:35 whity pluto[16081]: "D_for VPN Users Private to Internal (Network)"[5] 213.55.xxx.xxx:46726 #30: sending XAUTH status
2012:02:03-19:55:35 whity pluto[16081]: "D_for VPN Users Private to Internal (Network)"[5] 213.55.xxx.xxx:46726 #30: parsing XAUTH ack
2012:02:03-19:55:35 whity pluto[16081]: "D_for VPN Users Private to Internal (Network)"[5] 213.55.xxx.xxx:46726 #30: received XAUTH ack, established
2012:02:03-19:55:35 whity pluto[16081]: "D_for VPN Users Private to Internal (Network)"[5] 213.55.xxx.xxx:46726 #30: parsing ModeCfg request
2012:02:03-19:55:35 whity pluto[16081]: "D_for VPN Users Private to Internal (Network)"[5] 213.55.xxx.xxx:46726 #30: unknown attribute type (28683)
2012:02:03-19:55:35 whity pluto[16081]: "D_for VPN Users Private to Internal (Network)"[5] 213.55.xxx.xxx:46726 #30: peer requested virtual IP %any
2012:02:03-19:55:35 whity pluto[16081]: acquired existing lease for address 10.242.5.2 in pool 'VPN Pool (Cisco)'
2012:02:03-19:55:35 whity pluto[16081]: "D_for VPN Users Private to Internal (Network)"[5] 213.55.xxx.xxx:46726 #30: assigning virtual IP 10.242.5.2 to peer
2012:02:03-19:55:35 whity pluto[16081]: "D_for VPN Users Private to Internal (Network)"[5] 213.55.xxx.xxx:46726 #30: sending ModeCfg reply
2012:02:03-19:55:35 whity pluto[16081]: "D_for VPN Users Private to Internal (Network)"[5] 213.55.xxx.xxx:46726 #30: sent ModeCfg reply, established
2012:02:03-19:55:35 whity pluto[16081]: "D_for VPN Users Private to Internal (Network)"[5] 213.55.xxx.xxx:46726 #31: responding to Quick Mode
2012:02:03-19:55:35 whity pluto[16081]: id="2201" severity="info" sys="SecureNet" sub="vpn" event="Connection started" username="uweiss" variant="ipsec" srcip="213.55.xxx.xxx" virtual_ip="10.242.5.2"
2012:02:03-19:55:36 whity pluto[16081]: "D_for VPN Users Private to Internal (Network)"[5] 213.55.xxx.xxx:46726 #31: IPsec SA established {ESP=>0x00dcc23d <0x43f698cc NATOA=0.0.0.0 DPD}
2012:02:03-19:55:37 whity pluto[16081]: listening for IKE messages
2012:02:03-19:55:37 whity pluto[16081]: forgetting secrets
2012:02:03-19:55:37 whity pluto[16081]: loading secrets from "/etc/ipsec.secrets"
2012:02:03-19:55:37 whity pluto[16081]: loaded private key from 'Cisco VPN.pem'
2012:02:03-19:55:37 whity pluto[16081]: forgetting secrets
2012:02:03-19:55:37 whity pluto[16081]: loading secrets from "/etc/ipsec.secrets"
2012:02:03-19:55:37 whity pluto[16081]: loaded private key from 'Cisco VPN.pem'
2012:02:03-19:55:37 whity pluto[16081]: loading ca certificates from '/etc/ipsec.d/cacerts'
2012:02:03-19:55:37 whity pluto[16081]: loaded ca certificate from '/etc/ipsec.d/cacerts/VPN Signing CA.pem'
2012:02:03-19:55:37 whity pluto[16081]: loaded ca certificate from '/etc/ipsec.d/cacerts/VPN Signing CA (Fri Feb 3 17:50:09 2012).pem'
2012:02:03-19:55:37 whity pluto[16081]: loading aa certificates from '/etc/ipsec.d/aacerts'
2012:02:03-19:55:37 whity pluto[16081]: loading ocsp certificates from '/etc/ipsec.d/ocspcerts'
2012:02:03-19:55:37 whity pluto[16081]: loading attribute certificates from '/etc/ipsec.d/acerts'
2012:02:03-19:55:37 whity pluto[16081]: Changing to directory '/etc/ipsec.d/crls'
2012:02:03-19:57:09 whity pluto[16081]: listening for IKE messages
2012:02:03-19:57:09 whity pluto[16081]: forgetting secrets
2012:02:03-19:57:09 whity pluto[16081]: loading secrets from "/etc/ipsec.secrets"
2012:02:03-19:57:09 whity pluto[16081]: loaded private key from 'Cisco VPN.pem'
2012:02:03-19:57:09 whity pluto[16081]: forgetting secrets
2012:02:03-19:57:09 whity pluto[16081]: loading secrets from "/etc/ipsec.secrets"
2012:02:03-19:57:09 whity pluto[16081]: loaded private key from 'Cisco VPN.pem'
2012:02:03-19:57:09 whity pluto[16081]: loading ca certificates from '/etc/ipsec.d/cacerts'
2012:02:03-19:57:09 whity pluto[16081]: loaded ca certificate from '/etc/ipsec.d/cacerts/VPN Signing CA.pem'
2012:02:03-19:57:09 whity pluto[16081]: loaded ca certificate from '/etc/ipsec.d/cacerts/VPN Signing CA (Fri Feb 3 17:50:09 2012).pem'
2012:02:03-19:57:09 whity pluto[16081]: loading aa certificates from '/etc/ipsec.d/aacerts'
2012:02:03-19:57:09 whity pluto[16081]: loading ocsp certificates from '/etc/ipsec.d/ocspcerts'
2012:02:03-19:57:09 whity pluto[16081]: loading attribute certificates from '/etc/ipsec.d/acerts'
2012:02:03-19:57:09 whity pluto[16081]: Changing to directory '/etc/ipsec.d/crls'
2012:02:03-19:58:14 whity pluto[16081]: "D_for VPN Users Private to Any"[5] 213.55.xxx.xxx:46726 #30: received Delete SA(0x00dcc23d) payload: deleting IPSEC State #31
2012:02:03-19:58:14 whity pluto[16081]: id="2202" severity="info" sys="SecureNet" sub="vpn" event="Connection terminated" username="uweiss" variant="ipsec" srcip="213.55.xxx.xxx" virtual_ip="10.242.5.2"
2012:02:03-19:58:15 whity pluto[16081]: ERROR: asynchronous network error report on eth1 for message to 213.55.xxx.xxx port 46726, complainant 213.55.xxx.xxx: Connection refused [errno 111, origin ICMP type 3 code 3 (not authenticated)]
2012:02:03-19:58:15 whity pluto[16081]: "D_for VPN Users Private to Any"[5] 213.55.xxx.xxx:46726 #30: received Delete SA payload: deleting ISAKMP State #30
2012:02:03-19:58:15 whity pluto[16081]: "D_for VPN Users Private to Any"[5] 213.55.xxx.xxx:46726: deleting connection "D_for VPN Users Private to Any"[5] instance with peer 213.55.xxx.xxx {isakmp=#0/ipsec=#0}
2012:02:03-19:58:15 whity pluto[16081]: ERROR: asynchronous network error report on eth1 for message to 213.55.xxx.xxx port 46726, complainant 213.55.xxx.xxx: Connection refused [errno 111, origin ICMP type 3 code 3 (not authenticated)]
2012:02:03-19:58:15 whity pluto[16081]: listening for IKE messages
2012:02:03-19:58:15 whity pluto[16081]: forgetting secrets
2012:02:03-19:58:15 whity pluto[16081]: loading secrets from "/etc/ipsec.secrets"
2012:02:03-19:58:15 whity pluto[16081]: loaded private key from 'Cisco VPN.pem'
2012:02:03-19:58:15 whity pluto[16081]: forgetting secrets
2012:02:03-19:58:15 whity pluto[16081]: loading secrets from "/etc/ipsec.secrets"
2012:02:03-19:58:15 whity pluto[16081]: loaded private key from 'Cisco VPN.pem'
2012:02:03-19:58:15 whity pluto[16081]: loading ca certificates from '/etc/ipsec.d/cacerts'
2012:02:03-19:58:15 whity pluto[16081]: loaded ca certificate from '/etc/ipsec.d/cacerts/VPN Signing CA.pem'
2012:02:03-19:58:15 whity pluto[16081]: loaded ca certificate from '/etc/ipsec.d/cacerts/VPN Signing CA (Fri Feb 3 17:50:09 2012).pem'
2012:02:03-19:58:15 whity pluto[16081]: loading aa certificates from '/etc/ipsec.d/aacerts'
2012:02:03-19:58:15 whity pluto[16081]: loading ocsp certificates from '/etc/ipsec.d/ocspcerts'
2012:02:03-19:58:15 whity pluto[16081]: loading attribute certificates from '/etc/ipsec.d/acerts'
2012:02:03-19:58:15 whity pluto[16081]: Changing to directory '/etc/ipsec.d/crls'