Feb 29 19:54:38 sun pluto[13529]: Starting Pluto (strongSwan Version 4.1.11 THREADS LIBCURL LIBLDAP VENDORID)
Feb 29 19:54:38 sun pluto[13529]:   including NAT-Traversal patch (Version 0.6c) [disabled]
Feb 29 19:54:38 sun pluto[13529]: | xauth module: using default get_secret() function
Feb 29 19:54:38 sun pluto[13529]: | xauth module: using default verify_secret() function
Feb 29 19:54:38 sun pluto[13529]: | inserting event EVENT_REINIT_SECRET, timeout in 3600 seconds
Feb 29 19:54:38 sun pluto[13529]: ike_alg: Activating OAKLEY_AES_CBC encryption: Ok
Feb 29 19:54:38 sun pluto[13529]: ike_alg: Activating OAKLEY_BLOWFISH_CBC encryption: Ok
Feb 29 19:54:38 sun pluto[13529]: ike_alg: Activating OAKLEY_SERPENT_CBC encryption: Ok
Feb 29 19:54:38 sun pluto[13529]: ike_alg: Activating OAKLEY_SHA2_256 hash: Ok
Feb 29 19:54:38 sun pluto[13529]: ike_alg: Activating OAKLEY_SHA2_384 hash: Ok
Feb 29 19:54:38 sun pluto[13529]: ike_alg: Activating OAKLEY_SHA2_512 hash: Ok
Feb 29 19:54:38 sun pluto[13529]: ike_alg: Activating OAKLEY_TWOFISH_CBC encryption: Ok
Feb 29 19:54:38 sun pluto[13529]: ike_alg: Activating OAKLEY_TWOFISH_CBC_SSH encryption: Ok
Feb 29 19:54:38 sun pluto[13529]: Testing registered IKE encryption algorithms:
Feb 29 19:54:38 sun pluto[13529]:   OAKLEY_BLOWFISH_CBC self-test not available
Feb 29 19:54:38 sun pluto[13529]:   OAKLEY_3DES_CBC self-test not available
Feb 29 19:54:38 sun pluto[13529]:   OAKLEY_AES_CBC self-test not available
Feb 29 19:54:38 sun pluto[13529]:   OAKLEY_SERPENT_CBC self-test not available
Feb 29 19:54:38 sun pluto[13529]:   OAKLEY_TWOFISH_CBC self-test not available
Feb 29 19:54:38 sun pluto[13529]:   OAKLEY_TWOFISH_CBC_SSH self-test not available
Feb 29 19:54:38 sun pluto[13529]: Testing registered IKE hash algorithms:
Feb 29 19:54:38 sun pluto[13529]:   OAKLEY_MD5 hash self-test passed
Feb 29 19:54:38 sun pluto[13529]:   OAKLEY_MD5 hmac self-test passed
Feb 29 19:54:38 sun pluto[13529]:   OAKLEY_SHA hash self-test passed
Feb 29 19:54:39 sun pluto[13529]:   OAKLEY_SHA hmac self-test passed
Feb 29 19:54:39 sun pluto[13529]:   OAKLEY_SHA2_256 hash self-test passed
Feb 29 19:54:39 sun pluto[13529]:   OAKLEY_SHA2_256 hmac self-test passed
Feb 29 19:54:39 sun pluto[13529]:   OAKLEY_SHA2_384 hash self-test passed
Feb 29 19:54:39 sun pluto[13529]:   OAKLEY_SHA2_384 hmac self-test passed
Feb 29 19:54:39 sun pluto[13529]:   OAKLEY_SHA2_512 hash self-test passed
Feb 29 19:54:39 sun pluto[13529]:   OAKLEY_SHA2_512 hmac self-test passed
Feb 29 19:54:39 sun pluto[13529]: All crypto self-tests passed
Feb 29 19:54:39 sun pluto[13529]: Using Linux 2.6 IPsec interface code
Feb 29 19:54:39 sun pluto[13529]: | fetch thread started
Feb 29 19:54:39 sun pluto[13529]: | next regular crl check in 180 seconds
Feb 29 19:54:39 sun pluto[13529]: Changing to directory '/etc/ipsec.d/cacerts'
Feb 29 19:54:39 sun pluto[13529]:   loaded CA cert file 'strongswanCert.pem' (1346 bytes)
Feb 29 19:54:39 sun pluto[13529]: |   authcert inserted
Feb 29 19:54:39 sun pluto[13529]: Changing to directory '/etc/ipsec.d/aacerts'
Feb 29 19:54:39 sun pluto[13529]: Changing to directory '/etc/ipsec.d/ocspcerts'
Feb 29 19:54:39 sun pluto[13529]: Changing to directory '/etc/ipsec.d/crls'
Feb 29 19:54:39 sun pluto[13529]: Changing to directory '/etc/ipsec.d/acerts'
Feb 29 19:54:39 sun pluto[13529]: | inserting event EVENT_LOG_DAILY, timeout in 14721 seconds
Feb 29 19:54:39 sun pluto[13529]: | next event EVENT_REINIT_SECRET in 3599 seconds
Feb 29 19:54:39 sun pluto[13529]: | 
Feb 29 19:54:39 sun pluto[13529]: | *received whack message
Feb 29 19:54:39 sun pluto[13529]: listening for IKE messages
Feb 29 19:54:39 sun pluto[13529]: | found lo with address 127.0.0.1
Feb 29 19:54:39 sun pluto[13529]: | found eth0 with address 192.168.0.2
Feb 29 19:54:39 sun pluto[13529]: | found eth1 with address 10.2.0.1
Feb 29 19:54:39 sun pluto[13529]: adding interface eth1/eth1 10.2.0.1:500
Feb 29 19:54:39 sun pluto[13529]: adding interface eth0/eth0 192.168.0.2:500
Feb 29 19:54:39 sun pluto[13529]: adding interface lo/lo 127.0.0.1:500
Feb 29 19:54:39 sun pluto[13529]: | found eth1 with address fec2:0000:0000:0000:0000:0000:0000:0001
Feb 29 19:54:39 sun pluto[13529]: | found lo with address 0000:0000:0000:0000:0000:0000:0000:0001
Feb 29 19:54:39 sun pluto[13529]: | found eth0 with address fec0:0000:0000:0000:0000:0000:0000:0002
Feb 29 19:54:39 sun pluto[13529]: adding interface eth0/eth0 fec0::2:500
Feb 29 19:54:39 sun pluto[13529]: adding interface lo/lo ::1:500
Feb 29 19:54:39 sun pluto[13529]: adding interface eth1/eth1 fec2::1:500
Feb 29 19:54:39 sun pluto[13529]: loading secrets from "/etc/ipsec.secrets"
Feb 29 19:54:39 sun pluto[13529]:   loaded private key file '/etc/ipsec.d/private/sunKey.pem' (1675 bytes)
Feb 29 19:54:39 sun pluto[13529]: | next event EVENT_REINIT_SECRET in 3599 seconds
Feb 29 19:54:39 sun pluto[13529]: | 
Feb 29 19:54:39 sun pluto[13529]: | *received whack message
Feb 29 19:54:39 sun pluto[13529]: | from whack: got --esp=aes128-sha1, 3des-md5
Feb 29 19:54:39 sun pluto[13529]: | esp string values: 12_128-2, 3_000-1, 
Feb 29 19:54:39 sun pluto[13529]: | from whack: got --ike=aes128-sha-modp2048
Feb 29 19:54:39 sun pluto[13529]: | ike string values: 7_128-2-14, 
Feb 29 19:54:39 sun pluto[13529]:   loaded host cert file '/etc/ipsec.d/certs/sunCert.pem' (1464 bytes)
Feb 29 19:54:39 sun pluto[13529]: |   not before  : Sep 10 11:15:53 UTC 2004
Feb 29 19:54:39 sun pluto[13529]: |   current time: Feb 29 18:54:39 UTC 2008
Feb 29 19:54:39 sun pluto[13529]: |   not after   : Sep 09 11:15:53 UTC 2009
Feb 29 19:54:39 sun pluto[13529]: | certificate is valid
Feb 29 19:54:39 sun pluto[13529]: |   x509 cert inserted
Feb 29 19:54:39 sun pluto[13529]: added connection description "host-host"
Feb 29 19:54:39 sun pluto[13529]: | fec0::2[@sun.strongswan.org]...fec0::1[@moon.strongswan.org]
Feb 29 19:54:39 sun pluto[13529]: | ike_life: 3600s; ipsec_life: 1200s; rekey_margin: 180s; rekey_fuzz: 100%; keyingtries: 1; policy: RSASIG+ENCRYPT+PFS+MOBIKE
Feb 29 19:54:39 sun pluto[13529]: | next event EVENT_REINIT_SECRET in 3599 seconds
Feb 29 19:54:41 sun pluto[13529]: | 
Feb 29 19:54:41 sun pluto[13529]: | *received 136 bytes from fec0::1:500 on eth0
Feb 29 19:54:41 sun pluto[13529]: packet from fec0::1:500: ignoring Vendor ID payload [strongSwan 4.1.11]
Feb 29 19:54:41 sun pluto[13529]: packet from fec0::1:500: received Vendor ID payload [XAUTH]
Feb 29 19:54:41 sun pluto[13529]: packet from fec0::1:500: received Vendor ID payload [Dead Peer Detection]
Feb 29 19:54:41 sun pluto[13529]: | preparse_isakmp_policy: peer requests RSASIG authentication
Feb 29 19:54:41 sun pluto[13529]: | creating state object #1 at 0x81067d8
Feb 29 19:54:41 sun pluto[13529]: | ICOOKIE:  ae 11 80 ea  e5 02 5f a4
Feb 29 19:54:41 sun pluto[13529]: | RCOOKIE:  39 29 24 85  5e 74 3c 54
Feb 29 19:54:41 sun pluto[13529]: | peer:  fe c0 00 00  00 00 00 00  00 00 00 00  00 00 00 01
Feb 29 19:54:41 sun pluto[13529]: | state hash entry 13
Feb 29 19:54:41 sun pluto[13529]: | inserting event EVENT_SO_DISCARD, timeout in 0 seconds for #1
Feb 29 19:54:41 sun pluto[13529]: "host-host" #1: responding to Main Mode
Feb 29 19:54:41 sun pluto[13529]: | inserting event EVENT_RETRANSMIT, timeout in 10 seconds for #1
Feb 29 19:54:41 sun pluto[13529]: | next event EVENT_RETRANSMIT in 10 seconds for #1
Feb 29 19:54:41 sun pluto[13529]: | 
Feb 29 19:54:41 sun pluto[13529]: | *received 308 bytes from fec0::1:500 on eth0
Feb 29 19:54:41 sun pluto[13529]: | ICOOKIE:  ae 11 80 ea  e5 02 5f a4
Feb 29 19:54:41 sun pluto[13529]: | RCOOKIE:  39 29 24 85  5e 74 3c 54
Feb 29 19:54:41 sun pluto[13529]: | peer:  fe c0 00 00  00 00 00 00  00 00 00 00  00 00 00 01
Feb 29 19:54:41 sun pluto[13529]: | state hash entry 13
Feb 29 19:54:41 sun pluto[13529]: | state object #1 found, in STATE_MAIN_R1
Feb 29 19:54:41 sun pluto[13529]: | inserting event EVENT_RETRANSMIT, timeout in 10 seconds for #1
Feb 29 19:54:41 sun pluto[13529]: | next event EVENT_RETRANSMIT in 10 seconds for #1
Feb 29 19:54:41 sun pluto[13529]: | 
Feb 29 19:54:41 sun pluto[13529]: | *received 1372 bytes from fec0::1:500 on eth0
Feb 29 19:54:41 sun pluto[13529]: | ICOOKIE:  ae 11 80 ea  e5 02 5f a4
Feb 29 19:54:41 sun pluto[13529]: | RCOOKIE:  39 29 24 85  5e 74 3c 54
Feb 29 19:54:41 sun pluto[13529]: | peer:  fe c0 00 00  00 00 00 00  00 00 00 00  00 00 00 01
Feb 29 19:54:41 sun pluto[13529]: | state hash entry 13
Feb 29 19:54:41 sun pluto[13529]: | state object #1 found, in STATE_MAIN_R2
Feb 29 19:54:41 sun pluto[13529]: "host-host" #1: Peer ID is ID_FQDN: '@moon.strongswan.org'
Feb 29 19:54:41 sun pluto[13529]: | subject: 'C=CH, O=Linux strongSwan, CN=moon.strongswan.org'
Feb 29 19:54:41 sun pluto[13529]: | issuer:  'C=CH, O=Linux strongSwan, CN=strongSwan Root CA'
Feb 29 19:54:41 sun pluto[13529]: | authkey:  5d:a7:dd:70:06:51:32:7e:e7:b6:6d:b3:b5:e5:e0:60:ea:2e:4d:ef
Feb 29 19:54:41 sun pluto[13529]: |   not before  : Sep 10 11:17:25 UTC 2004
Feb 29 19:54:41 sun pluto[13529]: |   current time: Feb 29 18:54:41 UTC 2008
Feb 29 19:54:41 sun pluto[13529]: |   not after   : Sep 09 11:17:25 UTC 2009
Feb 29 19:54:41 sun pluto[13529]: | certificate is valid
Feb 29 19:54:41 sun pluto[13529]: | issuer cacert found
Feb 29 19:54:41 sun pluto[13529]: | certificate signature is valid
Feb 29 19:54:41 sun pluto[13529]: "host-host" #1: crl not found
Feb 29 19:54:41 sun pluto[13529]: | crl fetch request added
Feb 29 19:54:41 sun pluto[13529]: | fetch thread was woken up
Feb 29 19:54:41 sun pluto[13529]: | Trying cURL 'http://crl.strongswan.org/strongswan.crl'
Feb 29 19:54:41 sun pluto[13529]: "host-host" #1: certificate status unknown
Feb 29 19:54:41 sun pluto[13529]: | crl issuer cacert found
Feb 29 19:54:42 sun pluto[13529]: | crl signature is valid
Feb 29 19:54:42 sun pluto[13529]: | we have a valid crl
Feb 29 19:54:42 sun pluto[13529]: | next regular crl check in 180 seconds
Feb 29 19:54:41 sun pluto[13529]: | subject: 'C=CH, O=Linux strongSwan, CN=strongSwan Root CA'
Feb 29 19:54:42 sun pluto[13529]: | issuer:  'C=CH, O=Linux strongSwan, CN=strongSwan Root CA'
Feb 29 19:54:42 sun pluto[13529]: | authkey:  5d:a7:dd:70:06:51:32:7e:e7:b6:6d:b3:b5:e5:e0:60:ea:2e:4d:ef
Feb 29 19:54:42 sun pluto[13529]: |   not before  : Sep 10 11:01:45 UTC 2004
Feb 29 19:54:42 sun pluto[13529]: |   current time: Feb 29 18:54:42 UTC 2008
Feb 29 19:54:42 sun pluto[13529]: |   not after   : Sep 08 11:01:45 UTC 2014
Feb 29 19:54:42 sun pluto[13529]: | certificate is valid
Feb 29 19:54:42 sun pluto[13529]: | issuer cacert found
Feb 29 19:54:42 sun pluto[13529]: | certificate signature is valid
Feb 29 19:54:42 sun pluto[13529]: | reached self-signed root ca
Feb 29 19:54:42 sun pluto[13529]: | an RSA Sig check passed with *AwEAAa+uL [preloaded key]
Feb 29 19:54:42 sun pluto[13529]: | peer CA:      'C=CH, O=Linux strongSwan, CN=strongSwan Root CA'
Feb 29 19:54:42 sun pluto[13529]: | requested CA: '%any'
Feb 29 19:54:42 sun pluto[13529]: | offered CA:   'C=CH, O=Linux strongSwan, CN=strongSwan Root CA'
Feb 29 19:54:42 sun pluto[13529]: | our certificate policy is SEND_IF_ASKED
Feb 29 19:54:42 sun pluto[13529]: "host-host" #1: we have a cert and are sending it upon request
Feb 29 19:54:42 sun pluto[13529]: | signing hash with RSA Key *AwEAAeQ8f
Feb 29 19:54:42 sun pluto[13529]: | inserting event EVENT_SA_REPLACE, timeout in 3510 seconds for #1
Feb 29 19:54:42 sun pluto[13529]: "host-host" #1: sent MR3, ISAKMP SA established
Feb 29 19:54:42 sun pluto[13529]: | next event EVENT_SA_REPLACE in 3510 seconds for #1
Feb 29 19:54:43 sun pluto[13529]: | 
Feb 29 19:54:43 sun pluto[13529]: | *received 428 bytes from fec0::1:500 on eth0
Feb 29 19:54:43 sun pluto[13529]: | ICOOKIE:  ae 11 80 ea  e5 02 5f a4
Feb 29 19:54:43 sun pluto[13529]: | RCOOKIE:  39 29 24 85  5e 74 3c 54
Feb 29 19:54:43 sun pluto[13529]: | peer:  fe c0 00 00  00 00 00 00  00 00 00 00  00 00 00 01
Feb 29 19:54:43 sun pluto[13529]: | state hash entry 13
Feb 29 19:54:43 sun pluto[13529]: | state object not found
Feb 29 19:54:43 sun pluto[13529]: | ICOOKIE:  ae 11 80 ea  e5 02 5f a4
Feb 29 19:54:43 sun pluto[13529]: | RCOOKIE:  39 29 24 85  5e 74 3c 54
Feb 29 19:54:43 sun pluto[13529]: | peer:  fe c0 00 00  00 00 00 00  00 00 00 00  00 00 00 01
Feb 29 19:54:43 sun pluto[13529]: | state hash entry 13
Feb 29 19:54:43 sun pluto[13529]: | state object #1 found, in STATE_MAIN_R3
Feb 29 19:54:43 sun pluto[13529]: | no valid attribute cert found
Feb 29 19:54:43 sun pluto[13529]: | duplicating state object #1
Feb 29 19:54:43 sun pluto[13529]: | creating state object #2 at 0x8107430
Feb 29 19:54:43 sun pluto[13529]: | ICOOKIE:  ae 11 80 ea  e5 02 5f a4
Feb 29 19:54:43 sun pluto[13529]: | RCOOKIE:  39 29 24 85  5e 74 3c 54
Feb 29 19:54:43 sun pluto[13529]: | peer:  fe c0 00 00  00 00 00 00  00 00 00 00  00 00 00 01
Feb 29 19:54:43 sun pluto[13529]: | state hash entry 13
Feb 29 19:54:43 sun pluto[13529]: | inserting event EVENT_SO_DISCARD, timeout in 0 seconds for #2
Feb 29 19:54:43 sun pluto[13529]: "host-host" #2: responding to Quick Mode
Feb 29 19:54:43 sun pluto[13529]: | kernel_alg_esp_auth_keylen(auth=2, sadb_aalg=3): a_keylen=20
Feb 29 19:54:43 sun pluto[13529]: | install_inbound_ipsec_sa() checking if we can route
Feb 29 19:54:43 sun pluto[13529]: | route owner of "host-host" unrouted: NULL; eroute owner: NULL
Feb 29 19:54:43 sun pluto[13529]: | add inbound eroute fec0::1/128:0 -> fec0::2/128:0 => tun:10000@fec0::2:0
Feb 29 19:54:43 sun pluto[13529]: | inserting event EVENT_RETRANSMIT, timeout in 10 seconds for #2
Feb 29 19:54:43 sun pluto[13529]: | next event EVENT_RETRANSMIT in 10 seconds for #2
Feb 29 19:54:44 sun pluto[13529]: | 
Feb 29 19:54:44 sun pluto[13529]: | *received 60 bytes from fec0::1:500 on eth0
Feb 29 19:54:44 sun pluto[13529]: | ICOOKIE:  ae 11 80 ea  e5 02 5f a4
Feb 29 19:54:44 sun pluto[13529]: | RCOOKIE:  39 29 24 85  5e 74 3c 54
Feb 29 19:54:44 sun pluto[13529]: | peer:  fe c0 00 00  00 00 00 00  00 00 00 00  00 00 00 01
Feb 29 19:54:44 sun pluto[13529]: | state hash entry 13
Feb 29 19:54:44 sun pluto[13529]: | state object #2 found, in STATE_QUICK_R1
Feb 29 19:54:44 sun pluto[13529]: | install_ipsec_sa() for #2: outbound only
Feb 29 19:54:44 sun pluto[13529]: | route owner of "host-host" unrouted: NULL; eroute owner: NULL
Feb 29 19:54:44 sun pluto[13529]: | sr for #2: unrouted
Feb 29 19:54:44 sun pluto[13529]: | route owner of "host-host" unrouted: NULL; eroute owner: NULL
Feb 29 19:54:44 sun pluto[13529]: | eroute_connection add eroute fec0::2/128:0 -> fec0::1/128:0 => esp:a3e81fc4@fec0::1:0
Feb 29 19:54:44 sun pluto[13529]: | executing up-host-v6: 2>&1 PLUTO_VERSION='1.1' PLUTO_VERB='up-host-v6' PLUTO_CONNECTION='host-host' PLUTO_NEXT_HOP='fec0::1' PLUTO_INTERFACE='eth0' PLUTO_REQID='16385' PLUTO_ME='fec0::2' PLUTO_MY_ID='@sun.strongswan.org' PLUTO_MY_CLIENT='fec0::2/128' PLUTO_MY_CLIENT_NET='fec0::2' PLUTO_MY_CLIENT_MASK='ffff:ffff:ffff:ffff:ffff:ffff:ffff:ffff' PLUTO_MY_PORT='0' PLUTO_MY_PROTOCOL='0' PLUTO_PEER='fec0::1' PLUTO_PEER_ID='@moon.strongswan.org' PLUTO_PEER_CLIENT='fec0::1/128' PLUTO_PEER_CLIENT_NET='fec0::1' PLUTO_PEER_CLIENT_MASK='ffff:ffff:ffff:ffff:ffff:ffff:ffff:ffff' PLUTO_PEER_PORT='0' PLUTO_PEER_PROTOCOL='0' PLUTO_PEER_CA='C=CH, O=Linux strongSwan, CN=strongSwan Root CA' ipsec _updown iptables
Feb 29 19:54:44 sun pluto[13529]: | route_and_eroute: firewall_notified: true
Feb 29 19:54:44 sun pluto[13529]: | executing prepare-host-v6: 2>&1 PLUTO_VERSION='1.1' PLUTO_VERB='prepare-host-v6' PLUTO_CONNECTION='host-host' PLUTO_NEXT_HOP='fec0::1' PLUTO_INTERFACE='eth0' PLUTO_REQID='16385' PLUTO_ME='fec0::2' PLUTO_MY_ID='@sun.strongswan.org' PLUTO_MY_CLIENT='fec0::2/128' PLUTO_MY_CLIENT_NET='fec0::2' PLUTO_MY_CLIENT_MASK='ffff:ffff:ffff:ffff:ffff:ffff:ffff:ffff' PLUTO_MY_PORT='0' PLUTO_MY_PROTOCOL='0' PLUTO_PEER='fec0::1' PLUTO_PEER_ID='@moon.strongswan.org' PLUTO_PEER_CLIENT='fec0::1/128' PLUTO_PEER_CLIENT_NET='fec0::1' PLUTO_PEER_CLIENT_MASK='ffff:ffff:ffff:ffff:ffff:ffff:ffff:ffff' PLUTO_PEER_PORT='0' PLUTO_PEER_PROTOCOL='0' PLUTO_PEER_CA='C=CH, O=Linux strongSwan, CN=strongSwan Root CA' ipsec _updown iptables
Feb 29 19:54:44 sun pluto[13529]: | executing route-host-v6: 2>&1 PLUTO_VERSION='1.1' PLUTO_VERB='route-host-v6' PLUTO_CONNECTION='host-host' PLUTO_NEXT_HOP='fec0::1' PLUTO_INTERFACE='eth0' PLUTO_REQID='16385' PLUTO_ME='fec0::2' PLUTO_MY_ID='@sun.strongswan.org' PLUTO_MY_CLIENT='fec0::2/128' PLUTO_MY_CLIENT_NET='fec0::2' PLUTO_MY_CLIENT_MASK='ffff:ffff:ffff:ffff:ffff:ffff:ffff:ffff' PLUTO_MY_PORT='0' PLUTO_MY_PROTOCOL='0' PLUTO_PEER='fec0::1' PLUTO_PEER_ID='@moon.strongswan.org' PLUTO_PEER_CLIENT='fec0::1/128' PLUTO_PEER_CLIENT_NET='fec0::1' PLUTO_PEER_CLIENT_MASK='ffff:ffff:ffff:ffff:ffff:ffff:ffff:ffff' PLUTO_PEER_PORT='0' PLUTO_PEER_PROTOCOL='0' PLUTO_PEER_CA='C=CH, O=Linux strongSwan, CN=strongSwan Root CA' ipsec _updown iptables
Feb 29 19:54:44 sun pluto[13529]: | route_and_eroute: instance "host-host", setting eroute_owner {spd=0x810390c,sr=0x810390c} to #2 (was #0) (newest_ipsec_sa=#0)
Feb 29 19:54:44 sun pluto[13529]: | inserting event EVENT_SA_REPLACE, timeout in 1110 seconds for #2
Feb 29 19:54:44 sun pluto[13529]: "host-host" #2: IPsec SA established {ESP=>0xa3e81fc4 <0xb8d5b5ab}
Feb 29 19:54:44 sun pluto[13529]: | next event EVENT_SA_REPLACE in 1110 seconds for #2
Feb 29 19:54:44 sun pluto[13529]: | 
Feb 29 19:54:44 sun pluto[13529]: | *received whack message
Feb 29 19:54:44 sun pluto[13529]: | next event EVENT_SA_REPLACE in 1110 seconds for #2
Feb 29 19:54:45 sun pluto[13529]: | 
Feb 29 19:54:45 sun pluto[13529]: | *received whack message
Feb 29 19:54:45 sun pluto[13529]: | kernel_alg_esp_auth_keylen(auth=2, sadb_aalg=3): a_keylen=20
Feb 29 19:54:45 sun pluto[13529]: | kernel_alg_esp_auth_keylen(auth=1, sadb_aalg=2): a_keylen=16
Feb 29 19:54:45 sun pluto[13529]: | next event EVENT_SA_REPLACE in 1109 seconds for #2
Feb 29 19:54:45 sun pluto[13529]: | 
Feb 29 19:54:45 sun pluto[13529]: | *received whack message
Feb 29 19:54:45 sun pluto[13529]: | next event EVENT_SA_REPLACE in 1109 seconds for #2
Feb 29 19:54:46 sun pluto[13529]: | 
Feb 29 19:54:46 sun pluto[13529]: | *received 76 bytes from fec0::1:500 on eth0
Feb 29 19:54:46 sun pluto[13529]: | ICOOKIE:  ae 11 80 ea  e5 02 5f a4
Feb 29 19:54:46 sun pluto[13529]: | RCOOKIE:  39 29 24 85  5e 74 3c 54
Feb 29 19:54:46 sun pluto[13529]: | peer:  fe c0 00 00  00 00 00 00  00 00 00 00  00 00 00 01
Feb 29 19:54:46 sun pluto[13529]: | state hash entry 13
Feb 29 19:54:46 sun pluto[13529]: | state object #1 found, in STATE_MAIN_R3
Feb 29 19:54:46 sun pluto[13529]: "host-host" #1: received Delete SA(0xa3e81fc4) payload: deleting IPSEC State #2
Feb 29 19:54:46 sun pluto[13529]: | ICOOKIE:  ae 11 80 ea  e5 02 5f a4
Feb 29 19:54:46 sun pluto[13529]: | RCOOKIE:  39 29 24 85  5e 74 3c 54
Feb 29 19:54:46 sun pluto[13529]: | peer:  fe c0 00 00  00 00 00 00  00 00 00 00  00 00 00 01
Feb 29 19:54:46 sun pluto[13529]: | state hash entry 13
Feb 29 19:54:46 sun pluto[13529]: | executing down-host-v6: 2>&1 PLUTO_VERSION='1.1' PLUTO_VERB='down-host-v6' PLUTO_CONNECTION='host-host' PLUTO_NEXT_HOP='fec0::1' PLUTO_INTERFACE='eth0' PLUTO_REQID='16385' PLUTO_ME='fec0::2' PLUTO_MY_ID='@sun.strongswan.org' PLUTO_MY_CLIENT='fec0::2/128' PLUTO_MY_CLIENT_NET='fec0::2' PLUTO_MY_CLIENT_MASK='ffff:ffff:ffff:ffff:ffff:ffff:ffff:ffff' PLUTO_MY_PORT='0' PLUTO_MY_PROTOCOL='0' PLUTO_PEER='fec0::1' PLUTO_PEER_ID='@moon.strongswan.org' PLUTO_PEER_CLIENT='fec0::1/128' PLUTO_PEER_CLIENT_NET='fec0::1' PLUTO_PEER_CLIENT_MASK='ffff:ffff:ffff:ffff:ffff:ffff:ffff:ffff' PLUTO_PEER_PORT='0' PLUTO_PEER_PROTOCOL='0' PLUTO_PEER_CA='C=CH, O=Linux strongSwan, CN=strongSwan Root CA' ipsec _updown iptables
Feb 29 19:54:46 sun pluto[13529]: | replace with shunt eroute fec0::1/128:0 -> fec0::2/128:0 => int:104@fec0::2:0
Feb 29 19:54:46 sun pluto[13529]: | eroute_connection replace with shunt eroute fec0::2/128:0 -> fec0::1/128:0 => int:104@:::0
Feb 29 19:54:46 sun pluto[13529]: | delete inbound eroute fec0::1/128:0 -> fec0::2/128:0 => unk255:10000@fec0::2:0
Feb 29 19:54:46 sun pluto[13529]: | next event EVENT_SA_REPLACE in 3506 seconds for #1
Feb 29 19:54:46 sun pluto[13529]: | 
Feb 29 19:54:46 sun pluto[13529]: | *received 92 bytes from fec0::1:500 on eth0
Feb 29 19:54:46 sun pluto[13529]: | ICOOKIE:  ae 11 80 ea  e5 02 5f a4
Feb 29 19:54:46 sun pluto[13529]: | RCOOKIE:  39 29 24 85  5e 74 3c 54
Feb 29 19:54:46 sun pluto[13529]: | peer:  fe c0 00 00  00 00 00 00  00 00 00 00  00 00 00 01
Feb 29 19:54:46 sun pluto[13529]: | state hash entry 13
Feb 29 19:54:46 sun pluto[13529]: | state object #1 found, in STATE_MAIN_R3
Feb 29 19:54:46 sun pluto[13529]: | ICOOKIE:  ae 11 80 ea  e5 02 5f a4
Feb 29 19:54:46 sun pluto[13529]: | RCOOKIE:  39 29 24 85  5e 74 3c 54
Feb 29 19:54:46 sun pluto[13529]: | peer:  fe c0 00 00  00 00 00 00  00 00 00 00  00 00 00 01
Feb 29 19:54:46 sun pluto[13529]: | state hash entry 13
Feb 29 19:54:46 sun pluto[13529]: | state object #1 found, in STATE_MAIN_R3
Feb 29 19:54:46 sun pluto[13529]: "host-host" #1: received Delete SA payload: deleting ISAKMP State #1
Feb 29 19:54:46 sun pluto[13529]: | ICOOKIE:  ae 11 80 ea  e5 02 5f a4
Feb 29 19:54:46 sun pluto[13529]: | RCOOKIE:  39 29 24 85  5e 74 3c 54
Feb 29 19:54:46 sun pluto[13529]: | peer:  fe c0 00 00  00 00 00 00  00 00 00 00  00 00 00 01
Feb 29 19:54:46 sun pluto[13529]: | state hash entry 13
Feb 29 19:54:46 sun pluto[13529]: | next event EVENT_REINIT_SECRET in 3592 seconds
Feb 29 19:54:47 sun pluto[13529]: | 
Feb 29 19:54:47 sun pluto[13529]: | *received whack message
Feb 29 19:54:47 sun pluto[13529]: shutting down
Feb 29 19:54:47 sun pluto[13529]: forgetting secrets
Feb 29 19:54:47 sun pluto[13529]: "host-host": deleting connection
Feb 29 19:54:47 sun pluto[13529]: | delete eroute fec0::1/128:0 -> fec0::2/128:0 => int:0@fec0::2:0
Feb 29 19:54:47 sun pluto[13529]: | eroute_connection delete eroute fec0::2/128:0 -> fec0::1/128:0 => int:0@:::0
Feb 29 19:54:47 sun pluto[13529]: | route owner of "host-host" unrouted: NULL
Feb 29 19:54:47 sun pluto[13529]: | executing unroute-host-v6: 2>&1 PLUTO_VERSION='1.1' PLUTO_VERB='unroute-host-v6' PLUTO_CONNECTION='host-host' PLUTO_NEXT_HOP='fec0::1' PLUTO_INTERFACE='eth0' PLUTO_REQID='16385' PLUTO_ME='fec0::2' PLUTO_MY_ID='@sun.strongswan.org' PLUTO_MY_CLIENT='fec0::2/128' PLUTO_MY_CLIENT_NET='fec0::2' PLUTO_MY_CLIENT_MASK='ffff:ffff:ffff:ffff:ffff:ffff:ffff:ffff' PLUTO_MY_PORT='0' PLUTO_MY_PROTOCOL='0' PLUTO_PEER='fec0::1' PLUTO_PEER_ID='@moon.strongswan.org' PLUTO_PEER_CLIENT='fec0::1/128' PLUTO_PEER_CLIENT_NET='fec0::1' PLUTO_PEER_CLIENT_MASK='ffff:ffff:ffff:ffff:ffff:ffff:ffff:ffff' PLUTO_PEER_PORT='0' PLUTO_PEER_PROTOCOL='0' PLUTO_PEER_CA='' ipsec _updown iptables
Feb 29 19:54:47 sun pluto[13529]: shutting down interface eth1/eth1 fec2::1
Feb 29 19:54:47 sun pluto[13529]: shutting down interface lo/lo ::1
Feb 29 19:54:47 sun pluto[13529]: shutting down interface eth0/eth0 fec0::2
Feb 29 19:54:47 sun pluto[13529]: shutting down interface lo/lo 127.0.0.1
Feb 29 19:54:47 sun pluto[13529]: shutting down interface eth0/eth0 192.168.0.2
Feb 29 19:54:47 sun pluto[13529]: shutting down interface eth1/eth1 10.2.0.1