• 全部
  • 经验案例
  • 典型配置
  • 技术公告
  • FAQ
  • 漏洞说明
  • 全部
  • 全部
  • 大数据引擎
  • 知了引擎
产品线
搜索
取消
案例类型
发布者
是否解决
是否官方
时间
搜索引擎
匹配模式
高级搜索

ipsec vpn 建立过程解释

2021-04-28提问
  • 1关注
  • 4收藏,3084浏览
粉丝:11人 关注:0人

问题描述:

求一份ipsec vpn一二阶段建立过程中,debug报文输出的详细解释

组网及组网描述:


最佳答案

粉丝:0人 关注:0人

IPsec VPN主模式通常会有两个阶段,第一阶段为ike协商过程,建立ike saike sa的建立为第二阶段IPsec SA的协商提供保护。第一阶段ike sa建立,需要在两端设备上配置ike proposalike keychainike profile,并在接口上应用策略,两个阶段的协商过程如下:

 

ISAKMP报文中可以知道ike协商过程经历了6个过程,前两个报文为策略协商过程,随后两个报文为密钥交换过程,最后两个报文为身份验证过程,在ike sa成功建立后,IPsec sa协商模式为快速模式。分析报文的具体内容,会看到加密方式、验证方式等。

3 个回答
粉丝:94人 关注:0人

没人有

粉丝:122人 关注:6人

您好,请知:

可以参考下IPSEC VPN手册建立过程及原理。

debug的使用主要是在ipsec vpn无法建立的时候才使用,一般在设备正常使用的时候不用debug。

就是打算排查的时候用的

红烧牛肉面 发表时间:2021-04-29
粉丝:11人 关注:2人

<Branch-LXZ>sys
System View: return to User View with Ctrl+Z.
[Branch-LXZ]info-center enable
Information center is enabled.
[Branch-LXZ]quit
<Branch-LXZ>ter m
The current terminal is enabled to display logs.
<Branch-LXZ>ter de
The current terminal is enabled to display debugging logs.
<Branch-LXZ>debug ike all
This command is CPU intensive and might affect ongoing services. Are you sure you want to continue? [Y/N]:y
<Branch-LXZ>*Apr 28 17:05:30:884 2021 Branch-LXZ IKE/7/EVENT: Sent config set message.

<Branch-LXZ>debug ipsec all
This command is CPU intensive and might affect ongoing services. Are you sure you want to continue? [Y/N]:y
<Branch-LXZ>*Apr 28 17:05:42:054 2021 Branch-LXZ IPSEC/7/EVENT:
Sent debug message to all nodes, message type is 0x3.

<Branch-LXZ>
<Branch-LXZ>
<Branch-LXZ>
<Branch-LXZ>reset *Apr 28 17:05:44:579 2021 Branch-LXZ IPSEC/7/PACKET:
FS Check : fs sequence num in IPsec fast cache is 184, current fs sequence num is 184
*Apr 28 17:05:44:579 2021 Branch-LXZ IPSEC/7/PACKET:
FS Check : No Change. Tunnel index = 0, Tunnel seq = 1.
*Apr 28 17:05:44:579 2021 Branch-LXZ IPSEC/7/PACKET:
--- Sent packet by IPsec fast forwarding ---
*Apr 28 17:05:44:579 2021 Branch-LXZ IPSEC/7/PACKET:
Outbound IPsec processing: src IP = 192.168.88.1, dst IP = 192.168.10.1, SPI = 4082471212.
*Apr 28 17:05:44:579 2021 Branch-LXZ IPSEC/7/PACKET:
Outbound IPsec processing: ESP auth algorithm: SHA1, ESP encp algorithm: AES-CBC-128.
*Apr 28 17:05:44:579 2021 Branch-LXZ IPSEC/7/PACKET:
Packet will be sent to CCF for sync-encryption.
*Apr 28 17:05:44:579 2021 Branch-LXZ IPSEC/7/PACKET:
Outbound IPsec ESP processing: Encryption succeeded, anti-replay SN is 109.
*Apr 28 17:05:44:579 2021 Branch-LXZ IPSEC/7/PACKET:
Outbound IPsec processing: Packet encapsulated successfully.
*Apr 28 17:05:44:584 2021 Branch-LXZ IPSEC/7/PACKET:
--- Received IPsec packet from fast forwarding, Protocl : 50---
*Apr 28 17:05:44:584 2021 Branch-LXZ IPSEC/7/PACKET:
Inbound IPsec processing: src IP = 171.221.88.110, dst IP = 212.222.0.22, SPI = 2051047098.
*Apr 28 17:05:44:584 2021 Branch-LXZ IPSEC/7/PACKET:
Inbound IPsec processing: ESP auth algorithm: SHA1, ESP encp algorithm: AES-CBC-128.
*Apr 28 17:05:44:584 2021 Branch-LXZ IPSEC/7/PACKET:
Packet will be sent to CCF for sync-decryption.
*Apr 28 17:05:44:584 2021 Branch-LXZ IPSEC/7/PACKET:
Inbound fast IPsec ESP processing: Authentication succeeded.
*Apr 28 17:05:44:584 2021 Branch-LXZ IPSEC/7/PACKET:
Inbound fast IPsec ESP processing: Decryption succeeded.
*Apr 28 17:05:44:584 2021 Branch-LXZ IPSEC/7/PACKET:
IPsec processing: Tunnel mode.
*Apr 28 17:05:44:584 2021 Branch-LXZ IPSEC/7/PACKET:
Inbound IPsec processing: Sent packet back to IP forwarding.
ipsec sa
<Branch-LXZ>%Apr 28 17:05:47:436 2021 Branch-LXZ IPSEC/6/IPSEC_SA_TERMINATE: IPsec SA was deleted.
Reason: The reset command was executed.
SA information:
Role: initiator
Local address: 212.222.0.22
Remote address: 171.221.88.110
Sour addr: 192.168.88.0/255.255.255.0 Port: 0 Protocol: IP
Dest addr: 192.168.10.0/255.255.255.0 Port: 0 Protocol: IP
Inside VPN instance:
Outside VPN instance:
Outbound ESP SPI: 4082471212
ACL number: 3020

*Apr 28 17:05:47:437 2021 Branch-LXZ IPSEC/7/EVENT:
Sent delete SA message to all nodes, message type is 0x16.
*Apr 28 17:05:47:437 2021 Branch-LXZ IPSEC/7/EVENT:
Deleted outbound SA from IPsec tunnel(SA index = 0, SPI = 0xf355912c).
*Apr 28 17:05:47:437 2021 Branch-LXZ IPSEC/7/EVENT:
SA successfully deleted in kernel.
*Apr 28 17:05:47:437 2021 Branch-LXZ IPSEC/7/EVENT:
SA successfully deleted in kernel.
*Apr 28 17:05:47:437 2021 Branch-LXZ IPSEC/7/EVENT:
SA successfully deleted in kernel.
*Apr 28 17:05:47:437 2021 Branch-LXZ IPSEC/7/EVENT:
SA successfully deleted in kernel.
%Apr 28 17:05:47:437 2021 Branch-LXZ IPSEC/6/IPSEC_SA_TERMINATE: IPsec SA was deleted.
Reason: The reset command was executed.
SA information:
Role: initiator
Local address: 212.222.0.22
Remote address: 171.221.88.110
Sour addr: 192.168.88.0/255.255.255.0 Port: 0 Protocol: IP
Dest addr: 192.168.10.0/255.255.255.0 Port: 0 Protocol: IP
Inside VPN instance:
Outside VPN instance:
Inbound ESP SPI: 390326052
ACL number: 3020

*Apr 28 17:05:47:437 2021 Branch-LXZ IPSEC/7/EVENT:
Sent delete SA message to all nodes, message type is 0x16.
*Apr 28 17:05:47:437 2021 Branch-LXZ IPSEC/7/EVENT:
Sent delete tunnel message to all nodes, message type is 0x14.
*Apr 28 17:05:47:437 2021 Branch-LXZ IKE/7/EVENT: Received message from ipsec, message type is 4.
*Apr 28 17:05:47:438 2021 Branch-LXZ IPSEC/7/EVENT:
IPsec tunnel successfully deleted in kernel.
*Apr 28 17:05:47:439 2021 Branch-LXZ IPSEC/7/EVENT:
SA successfully deleted in kernel.
*Apr 28 17:05:47:439 2021 Branch-LXZ IPSEC/7/EVENT:
Deleted outbound SA from IPsec tunnel(SA index = 7, SPI = 0xd50c2e1d).
*Apr 28 17:05:47:439 2021 Branch-LXZ IPSEC/7/EVENT:
SA successfully deleted in kernel.
%Apr 28 17:05:47:438 2021 Branch-LXZ IPSEC/6/IPSEC_SA_TERMINATE: IPsec SA was deleted.
Reason: The reset command was executed.
SA information:
Role: initiator
Local address: 212.222.0.22
Remote address: 171.221.88.110
Sour addr: 192.168.88.0/255.255.255.0 Port: 0 Protocol: IP
Dest addr: 192.168.17.0/255.255.255.0 Port: 0 Protocol: IP
Inside VPN instance:
Outside VPN instance:
Inbound ESP SPI: 1885651256
ACL number: 3020

*Apr 28 17:05:47:439 2021 Branch-LXZ IPSEC/7/EVENT:
Sent delete SA message to all nodes, message type is 0x16.
*Apr 28 17:05:47:439 2021 Branch-LXZ IPSEC/7/EVENT:
IPsec tunnel successfully deleted in kernel.
*Apr 28 17:05:47:439 2021 Branch-LXZ IPSEC/7/EVENT:
Deleted outbound SA from IPsec tunnel(SA index = 8, SPI = 0xfb3b7295).
*Apr 28 17:05:47:439 2021 Branch-LXZ IPSEC/7/EVENT:
SA successfully deleted in kernel.
*Apr 28 17:05:47:439 2021 Branch-LXZ IPSEC/7/EVENT:
SA successfully deleted in kernel.
*Apr 28 17:05:47:440 2021 Branch-LXZ IPSEC/7/EVENT:
IPsec tunnel successfully deleted in kernel.
%Apr 28 17:05:47:439 2021 Branch-LXZ IPSEC/6/IPSEC_SA_TERMINATE: IPsec SA was deleted.
Reason: The reset command was executed.
SA information:
Role: initiator
Local address: 212.222.0.22
Remote address: 171.221.88.110
Sour addr: 192.168.88.0/255.255.255.0 Port: 0 Protocol: IP
Dest addr: 192.168.3.0/255.255.255.0 Port: 0 Protocol: IP
Inside VPN instance:
Outside VPN instance:
Outbound ESP SPI: 4214977173
ACL number: 3020

*Apr 28 17:05:47:439 2021 Branch-LXZ IPSEC/7/EVENT:
Sent delete tunnel message to all nodes, message type is 0x14.
*Apr 28 17:05:47:439 2021 Branch-LXZ IPSEC/7/EVENT:
Sent delete SA message to all nodes, message type is 0x16.
*Apr 28 17:05:47:439 2021 Branch-LXZ IPSEC/7/EVENT:
Sent delete tunnel message to all nodes, message type is 0x14.
%Apr 28 17:05:47:446 2021 Branch-LXZ IKE/6/IKE_P2_SA_TERMINATE: The IKE phase 2 SA was deleted.
Reason: All P2 SAs were deleted.
SA information:
Role: initiator
Local address: 212.222.0.22
Remote address: 171.221.88.110
Sour addr: 192.168.88.0/255.255.255.0 Port: 0 Protocol: IP
Dest addr: 192.168.10.0/255.255.255.0 Port: 0 Protocol: IP
Inside VPN instance:
Outside VPN instance:
Inbound AH SPI: 0
Outbound AH SPI: 0
Inbound ESP SPI: 2051047098
Outbound ESP SPI: 4082471212
Initiator COOKIE: b8349af1de22707a
Responder COOKIE: 2cfea10944c84f39
Message ID: 0x518d925a
Connection ID: 96
Tunnel ID: 1

*Apr 28 17:05:47:448 2021 Branch-LXZ IKE/7/EVENT: Begin to construct IPsec SA delete packet.
*Apr 28 17:05:47:448 2021 Branch-LXZ IKE/7/PACKET: vrf = 0, local = 212.222.0.22, remote = 171.221.88.110/500
Encrypt the packet.
*Apr 28 17:05:47:448 2021 Branch-LXZ IKE/7/PACKET: vrf = 0, local = 212.222.0.22, remote = 171.221.88.110/500
Construct delete payload.
*Apr 28 17:05:47:448 2021 Branch-LXZ IKE/7/PACKET: vrf = 0, local = 212.222.0.22, remote = 171.221.88.110/500
Sending packet to 171.221.88.110 remote port 500, local port 500.
*Apr 28 17:05:47:448 2021 Branch-LXZ IKE/7/PACKET: vrf = 0, local = 212.222.0.22, remote = 171.221.88.110/500

I-COOKIE: b8349af1de22707a
R-COOKIE: 2cfea10944c84f39
next payload: HASH
version: ISAKMP Version 1.0
exchange mode: Info
flags: ENCRYPT
message ID: d8844981
length: 76
*Apr 28 17:05:47:449 2021 Branch-LXZ IKE/7/PACKET: vrf = 0, local = 212.222.0.22, remote = 171.221.88.110/500
Sending an IPv4 packet.
*Apr 28 17:05:47:449 2021 Branch-LXZ IKE/7/EVENT: vrf = 0, local = 212.222.0.22, remote = 171.221.88.110/500
Sent data to socket successfully.
%Apr 28 17:05:47:449 2021 Branch-LXZ IKE/6/IKE_P2_SA_TERMINATE: The IKE phase 2 SA was deleted.
Reason: All P2 SAs were deleted.
SA information:
Role: initiator
Local address: 212.222.0.22
Remote address: 171.221.88.110
Sour addr: 192.168.88.0/255.255.255.0 Port: 0 Protocol: IP
Dest addr: 192.168.17.0/255.255.255.0 Port: 0 Protocol: IP
Inside VPN instance:
Outside VPN instance:
Inbound AH SPI: 0
Outbound AH SPI: 0
Inbound ESP SPI: 1885651256
Outbound ESP SPI: 3574345245
Initiator COOKIE: b8349af1de22707a
Responder COOKIE: 2cfea10944c84f39
Message ID: 0x3c143a84
Connection ID: 95
Tunnel ID: 1

*Apr 28 17:05:47:450 2021 Branch-LXZ IKE/7/EVENT: Begin to construct IPsec SA delete packet.
*Apr 28 17:05:47:450 2021 Branch-LXZ IKE/7/PACKET: vrf = 0, local = 212.222.0.22, remote = 171.221.88.110/500
Encrypt the packet.
*Apr 28 17:05:47:450 2021 Branch-LXZ IKE/7/PACKET: vrf = 0, local = 212.222.0.22, remote = 171.221.88.110/500
Construct delete payload.
*Apr 28 17:05:47:450 2021 Branch-LXZ IKE/7/PACKET: vrf = 0, local = 212.222.0.22, remote = 171.221.88.110/500
Sending packet to 171.221.88.110 remote port 500, local port 500.
*Apr 28 17:05:47:450 2021 Branch-LXZ IKE/7/PACKET: vrf = 0, local = 212.222.0.22, remote = 171.221.88.110/500

I-COOKIE: b8349af1de22707a
R-COOKIE: 2cfea10944c84f39
next payload: HASH
version: ISAKMP Version 1.0
exchange mode: Info
flags: ENCRYPT
message ID: 97660794
length: 76
*Apr 28 17:05:47:450 2021 Branch-LXZ IKE/7/PACKET: vrf = 0, local = 212.222.0.22, remote = 171.221.88.110/500
Sending an IPv4 packet.
*Apr 28 17:05:47:450 2021 Branch-LXZ IKE/7/EVENT: vrf = 0, local = 212.222.0.22, remote = 171.221.88.110/500
Sent data to socket successfully.
%Apr 28 17:05:47:451 2021 Branch-LXZ IKE/6/IKE_P2_SA_TERMINATE: The IKE phase 2 SA was deleted.
Reason: All P2 SAs were deleted.
SA information:
Role: initiator
Local address: 212.222.0.22
Remote address: 171.221.88.110
Sour addr: 192.168.88.0/255.255.255.0 Port: 0 Protocol: IP
Dest addr: 192.168.3.0/255.255.255.0 Port: 0 Protocol: IP
Inside VPN instance:
Outside VPN instance:
Inbound AH SPI: 0
Outbound AH SPI: 0
Inbound ESP SPI: 104537885
Outbound ESP SPI: 4214977173
Initiator COOKIE: b8349af1de22707a
Responder COOKIE: 2cfea10944c84f39
Message ID: 0xb338ba29
Connection ID: 94
Tunnel ID: 1

*Apr 28 17:05:47:459 2021 Branch-LXZ IKE/7/EVENT: Begin to construct IPsec SA delete packet.
*Apr 28 17:05:47:459 2021 Branch-LXZ IKE/7/PACKET: vrf = 0, local = 212.222.0.22, remote = 171.221.88.110/500
Encrypt the packet.
*Apr 28 17:05:47:459 2021 Branch-LXZ IKE/7/PACKET: vrf = 0, local = 212.222.0.22, remote = 171.221.88.110/500
Construct delete payload.
*Apr 28 17:05:47:459 2021 Branch-LXZ IKE/7/PACKET: vrf = 0, local = 212.222.0.22, remote = 171.221.88.110/500
Sending packet to 171.221.88.110 remote port 500, local port 500.
*Apr 28 17:05:47:459 2021 Branch-LXZ IKE/7/PACKET: vrf = 0, local = 212.222.0.22, remote = 171.221.88.110/500

I-COOKIE: b8349af1de22707a
R-COOKIE: 2cfea10944c84f39
next payload: HASH
version: ISAKMP Version 1.0
exchange mode: Info
flags: ENCRYPT
message ID: 231e79c5
length: 76
*Apr 28 17:05:47:460 2021 Branch-LXZ IKE/7/PACKET: vrf = 0, local = 212.222.0.22, remote = 171.221.88.110/500
Sending an IPv4 packet.
*Apr 28 17:05:47:460 2021 Branch-LXZ IKE/7/EVENT: vrf = 0, local = 212.222.0.22, remote = 171.221.88.110/500
Sent data to socket successfully.
%Apr 28 17:05:47:460 2021 Branch-LXZ IKE/6/IKE_P2_SA_TERMINATE: The IKE phase 2 SA was deleted.
Reason: All P2 SAs were deleted.
SA information:
Role: initiator
Local address: 212.222.0.22
Remote address: 171.221.88.110
Sour addr: 192.168.88.0/255.255.255.0 Port: 0 Protocol: IP
Dest addr: 192.168.10.0/255.255.255.0 Port: 0 Protocol: IP
Inside VPN instance:
Outside VPN instance:
Inbound AH SPI: 0
Outbound AH SPI: 0
Inbound ESP SPI: 390326052
Outbound ESP SPI: 3549482947
Initiator COOKIE: b8349af1de22707a
Responder COOKIE: 2cfea10944c84f39
Message ID: 0xa75218a5
Connection ID: 93
Tunnel ID: 1

*Apr 28 17:05:47:460 2021 Branch-LXZ IKE/7/EVENT: Begin to construct IPsec SA delete packet.
*Apr 28 17:05:47:461 2021 Branch-LXZ IKE/7/PACKET: vrf = 0, local = 212.222.0.22, remote = 171.221.88.110/500
Encrypt the packet.
*Apr 28 17:05:47:461 2021 Branch-LXZ IKE/7/PACKET: vrf = 0, local = 212.222.0.22, remote = 171.221.88.110/500
Construct delete payload.
*Apr 28 17:05:47:461 2021 Branch-LXZ IKE/7/PACKET: vrf = 0, local = 212.222.0.22, remote = 171.221.88.110/500
Sending packet to 171.221.88.110 remote port 500, local port 500.
*Apr 28 17:05:47:461 2021 Branch-LXZ IKE/7/PACKET: vrf = 0, local = 212.222.0.22, remote = 171.221.88.110/500

I-COOKIE: b8349af1de22707a
R-COOKIE: 2cfea10944c84f39
next payload: HASH
version: ISAKMP Version 1.0
exchange mode: Info
flags: ENCRYPT
message ID: cb51148a
length: 76
*Apr 28 17:05:47:461 2021 Branch-LXZ IKE/7/PACKET: vrf = 0, local = 212.222.0.22, remote = 171.221.88.110/500
Sending an IPv4 packet.
*Apr 28 17:05:47:461 2021 Branch-LXZ IKE/7/EVENT: vrf = 0, local = 212.222.0.22, remote = 171.221.88.110/500
Sent data to socket successfully.
*Apr 28 17:05:47:579 2021 Branch-LXZ IPSEC/7/PACKET:
FS Check : fs sequence num in IPsec fast cache is 184, current fs sequence num is 195
*Apr 28 17:05:47:579 2021 Branch-LXZ IPSEC/7/PACKET:
FS Check : Get IPsec Tunnel = (null).
*Apr 28 17:05:47:579 2021 Branch-LXZ IPSEC/7/PACKET:
IPsec fast cache is invalid, get ipsec tunnel again.
*Apr 28 17:05:47:579 2021 Branch-LXZ IPSEC/7/EVENT:
Can't find block-flow node.
*Apr 28 17:05:47:579 2021 Branch-LXZ IPSEC/7/PACKET:
Failed to find SA by SP, SP Index = 1, SP Convert-Seq = 65536.
*Apr 28 17:05:47:579 2021 Branch-LXZ IPSEC/7/ERROR:
The reason of dropping packet is no available IPsec tunnel.
*Apr 28 17:05:47:579 2021 Branch-LXZ IPSEC/7/PACKET:
Output fastword: convert to local output process.
*Apr 28 17:05:47:579 2021 Branch-LXZ IPSEC/7/EVENT:
Sent SA-Acquire message : SP ID = 1
*Apr 28 17:05:47:579 2021 Branch-LXZ IPSEC/7/EVENT:
Received negotiatiate SA message from IPsec kernel.
%Apr 28 17:05:47:579 2021 Branch-LXZ IPSEC/6/IPSEC_SA_INITIATION: Began to establish IPsec SA.
SA information:
Local address: 212.222.0.22
Remote address: 171.221.88.110
Sour addr: 192.168.88.0/255.255.255.0 Port: 0 Protocol: IP
Dest addr: 192.168.10.0/255.255.255.0 Port: 0 Protocol: IP
Inside VPN instance:
Outside VPN instance:
ACL number: 3020

*Apr 28 17:05:47:579 2021 Branch-LXZ IPSEC/7/EVENT:
Got SA time-based soft lifetime settings when filling Sp data.
Configured soft lifetime buffer : 0 seconds.
Configured global soft lifetime buffer : 0 seconds.
*Apr 28 17:05:47:580 2021 Branch-LXZ IKE/7/EVENT: Received message from ipsec, message type is 0.
*Apr 28 17:05:47:580 2021 Branch-LXZ IKE/7/EVENT: Received SA acquire message from IPsec.
*Apr 28 17:05:47:580 2021 Branch-LXZ IKE/7/EVENT: IKE thread 1099324379824 processes a job.
*Apr 28 17:05:47:580 2021 Branch-LXZ IKE/7/EVENT: Received SA acquire message from IPsec.
*Apr 28 17:05:47:580 2021 Branch-LXZ IKE/7/EVENT: vrf = 0, local = 212.222.0.22, remote = 171.221.88.110/500
Set IPsec SA state to IKE_P2_STATE_INIT.
*Apr 28 17:05:47:580 2021 Branch-LXZ IKE/7/EVENT: IKE thread 1099324379824 processes a job.
*Apr 28 17:05:47:580 2021 Branch-LXZ IKE/7/EVENT: vrf = 0, local = 212.222.0.22, remote = 171.221.88.110/500
Begin Quick mode exchange.
*Apr 28 17:05:47:580 2021 Branch-LXZ IKE/7/EVENT: vrf = 0, local = 212.222.0.22, remote = 171.221.88.110/500
IPsec SA state changed from IKE_P2_STATE_INIT to IKE_P2_STATE_GETSPI.
*Apr 28 17:05:47:581 2021 Branch-LXZ IKE/7/EVENT: Received message from ipsec, message type is 9.
*Apr 28 17:05:47:581 2021 Branch-LXZ IKE/7/EVENT: IKE thread 1099324379824 processes a job.
*Apr 28 17:05:47:581 2021 Branch-LXZ IKE/7/PACKET: vrf = 0, local = 212.222.0.22, remote = 171.221.88.110/500
Set attributes according to phase 2 transform.
*Apr 28 17:05:47:581 2021 Branch-LXZ IKE/7/PACKET: vrf = 0, local = 212.222.0.22, remote = 171.221.88.110/500
Encapsulation mode is Tunnel.
*Apr 28 17:05:47:581 2021 Branch-LXZ IKE/7/PACKET: vrf = 0, local = 212.222.0.22, remote = 171.221.88.110/500
in seconds
*Apr 28 17:05:47:581 2021 Branch-LXZ IKE/7/PACKET: vrf = 0, local = 212.222.0.22, remote = 171.221.88.110/500
Life duration is 3600.
*Apr 28 17:05:47:581 2021 Branch-LXZ IKE/7/PACKET: vrf = 0, local = 212.222.0.22, remote = 171.221.88.110/500
in kilobytes
*Apr 28 17:05:47:581 2021 Branch-LXZ IKE/7/PACKET: vrf = 0, local = 212.222.0.22, remote = 171.221.88.110/500
Life duration is 1843200.
*Apr 28 17:05:47:581 2021 Branch-LXZ IKE/7/PACKET: vrf = 0, local = 212.222.0.22, remote = 171.221.88.110/500
Authentication algorithm is HMAC-SHA1.
*Apr 28 17:05:47:581 2021 Branch-LXZ IKE/7/PACKET: vrf = 0, local = 212.222.0.22, remote = 171.221.88.110/500
Key length is 128 bytes.
*Apr 28 17:05:47:581 2021 Branch-LXZ IKE/7/PACKET: vrf = 0, local = 212.222.0.22, remote = 171.221.88.110/500
Transform ID is AES-CBC.
*Apr 28 17:05:47:581 2021 Branch-LXZ IKE/7/PACKET: vrf = 0, local = 212.222.0.22, remote = 171.221.88.110/500
Construct transform 1.
*Apr 28 17:05:47:581 2021 Branch-LXZ IKE/7/PACKET: vrf = 0, local = 212.222.0.22, remote = 171.221.88.110/500
Construct IPsec proposal 1.
*Apr 28 17:05:47:581 2021 Branch-LXZ IKE/7/PACKET: vrf = 0, local = 212.222.0.22, remote = 171.221.88.110/500
Construct IPsec SA payload.
*Apr 28 17:05:47:581 2021 Branch-LXZ IKE/7/PACKET: vrf = 0, local = 212.222.0.22, remote = 171.221.88.110/500
Construct NONCE payload.
*Apr 28 17:05:47:581 2021 Branch-LXZ IKE/7/PACKET: vrf = 0, local = 212.222.0.22, remote = 171.221.88.110/500
Construct IPsec ID payload.
*Apr 28 17:05:47:581 2021 Branch-LXZ IKE/7/PACKET: vrf = 0, local = 212.222.0.22, remote = 171.221.88.110/500
Construct IPsec ID payload.
*Apr 28 17:05:47:582 2021 Branch-LXZ IKE/7/PACKET: vrf = 0, local = 212.222.0.22, remote = 171.221.88.110/500
Construct HASH(1) payload.
*Apr 28 17:05:47:582 2021 Branch-LXZ IKE/7/PACKET: vrf = 0, local = 212.222.0.22, remote = 171.221.88.110/500
Encrypt the packet.
*Apr 28 17:05:47:582 2021 Branch-LXZ IKE/7/EVENT: vrf = 0, local = 212.222.0.22, remote = 171.221.88.110/500
IPsec SA state changed from IKE_P2_STATE_GETSPI to IKE_P2_STATE_SEND1.
*Apr 28 17:05:47:582 2021 Branch-LXZ IKE/7/PACKET: vrf = 0, local = 212.222.0.22, remote = 171.221.88.110/500
Sending packet to 171.221.88.110 remote port 500, local port 500.
*Apr 28 17:05:47:582 2021 Branch-LXZ IKE/7/PACKET: vrf = 0, local = 212.222.0.22, remote = 171.221.88.110/500

I-COOKIE: b8349af1de22707a
R-COOKIE: 2cfea10944c84f39
next payload: HASH
version: ISAKMP Version 1.0
exchange mode: Quick
flags: ENCRYPT
message ID: a5364612
length: 172
*Apr 28 17:05:47:582 2021 Branch-LXZ IKE/7/PACKET: vrf = 0, local = 212.222.0.22, remote = 171.221.88.110/500
Sending an IPv4 packet.
*Apr 28 17:05:47:583 2021 Branch-LXZ IKE/7/EVENT: vrf = 0, local = 212.222.0.22, remote = 171.221.88.110/500
Sent data to socket successfully.
*Apr 28 17:05:47:595 2021 Branch-LXZ IKE/7/EVENT: Received packet successfully.
*Apr 28 17:05:47:595 2021 Branch-LXZ IKE/7/PACKET: vrf = 0, local = 212.222.0.22, remote = 171.221.88.110/500
Received packet from 171.221.88.110 source port 500 destination port 500.
*Apr 28 17:05:47:595 2021 Branch-LXZ IKE/7/PACKET: vrf = 0, local = 212.222.0.22, remote = 171.221.88.110/500

I-COOKIE: b8349af1de22707a
R-COOKIE: 2cfea10944c84f39
next payload: HASH
version: ISAKMP Version 1.0
exchange mode: Quick
flags: ENCRYPT
message ID: a5364612
length: 172
*Apr 28 17:05:47:595 2021 Branch-LXZ IKE/7/EVENT: IKE thread 1099324379824 processes a job.
*Apr 28 17:05:47:595 2021 Branch-LXZ IKE/7/EVENT: Phase2 process started.
*Apr 28 17:05:47:595 2021 Branch-LXZ IKE/7/PACKET: vrf = 0, local = 212.222.0.22, remote = 171.221.88.110/500
Decrypt the packet.
*Apr 28 17:05:47:595 2021 Branch-LXZ IKE/7/PACKET: vrf = 0, local = 212.222.0.22, remote = 171.221.88.110/500
Received ISAKMP Hash Payload.
*Apr 28 17:05:47:595 2021 Branch-LXZ IKE/7/PACKET: vrf = 0, local = 212.222.0.22, remote = 171.221.88.110/500
Received ISAKMP Security Association Payload.
*Apr 28 17:05:47:595 2021 Branch-LXZ IKE/7/PACKET: vrf = 0, local = 212.222.0.22, remote = 171.221.88.110/500
Received ISAKMP Nonce Payload.
*Apr 28 17:05:47:596 2021 Branch-LXZ IKE/7/PACKET: vrf = 0, local = 212.222.0.22, remote = 171.221.88.110/500
Received ISAKMP Identification Payload (IPsec DOI).
*Apr 28 17:05:47:596 2021 Branch-LXZ IKE/7/PACKET: vrf = 0, local = 212.222.0.22, remote = 171.221.88.110/500
Received ISAKMP Identification Payload (IPsec DOI).
*Apr 28 17:05:47:596 2021 Branch-LXZ IKE/7/PACKET: vrf = 0, local = 212.222.0.22, remote = 171.221.88.110/500
Process HASH payload.
*Apr 28 17:05:47:596 2021 Branch-LXZ IKE/7/EVENT: vrf = 0, local = 212.222.0.22, remote = 171.221.88.110/500
Validated HASH(2) successfully.
*Apr 28 17:05:47:596 2021 Branch-LXZ IKE/7/PACKET: vrf = 0, local = 212.222.0.22, remote = 171.221.88.110/500
Process IPsec SA payload.
*Apr 28 17:05:47:596 2021 Branch-LXZ IKE/7/PACKET: vrf = 0, local = 212.222.0.22, remote = 171.221.88.110/500
Check IPsec proposal 1.
*Apr 28 17:05:47:597 2021 Branch-LXZ IKE/7/PACKET: vrf = 0, local = 212.222.0.22, remote = 171.221.88.110/500
Parse transform 1.
*Apr 28 17:05:47:597 2021 Branch-LXZ IKE/7/PACKET: vrf = 0, local = 212.222.0.22, remote = 171.221.88.110/500
Encapsulation mode is Tunnel.
*Apr 28 17:05:47:597 2021 Branch-LXZ IKE/7/PACKET: vrf = 0, local = 212.222.0.22, remote = 171.221.88.110/500
Lifetime type is in seconds.
*Apr 28 17:05:47:597 2021 Branch-LXZ IKE/7/PACKET: vrf = 0, local = 212.222.0.22, remote = 171.221.88.110/500
Life duration is 3600.
*Apr 28 17:05:47:597 2021 Branch-LXZ IKE/7/PACKET: vrf = 0, local = 212.222.0.22, remote = 171.221.88.110/500
Lifetime type is in kilobytes.
*Apr 28 17:05:47:597 2021 Branch-LXZ IKE/7/PACKET: vrf = 0, local = 212.222.0.22, remote = 171.221.88.110/500
Life duration is 1843200.
*Apr 28 17:05:47:597 2021 Branch-LXZ IKE/7/PACKET: vrf = 0, local = 212.222.0.22, remote = 171.221.88.110/500
Authentication algorithm is HMAC-SHA1.
*Apr 28 17:05:47:597 2021 Branch-LXZ IKE/7/PACKET: vrf = 0, local = 212.222.0.22, remote = 171.221.88.110/500
Key length is 128 bytes.
*Apr 28 17:05:47:597 2021 Branch-LXZ IKE/7/PACKET: vrf = 0, local = 212.222.0.22, remote = 171.221.88.110/500
Transform ID is AES-CBC.
*Apr 28 17:05:47:598 2021 Branch-LXZ IKE/7/PACKET: vrf = 0, local = 212.222.0.22, remote = 171.221.88.110/500
The proposal is acceptable.
*Apr 28 17:05:47:598 2021 Branch-LXZ IKE/7/PACKET: vrf = 0, local = 212.222.0.22, remote = 171.221.88.110/500
Process IPsec ID payload.
*Apr 28 17:05:47:598 2021 Branch-LXZ IKE/7/PACKET: vrf = 0, local = 212.222.0.22, remote = 171.221.88.110/500
Process IPsec ID payload.
*Apr 28 17:05:47:598 2021 Branch-LXZ IKE/7/EVENT: vrf = 0, local = 212.222.0.22, remote = 171.221.88.110/500
Install IPsec SAs.
*Apr 28 17:05:47:598 2021 Branch-LXZ IKE/7/EVENT: Inbound flow: 192.168.10.0/24->192.168.88.0/24
*Apr 28 17:05:47:598 2021 Branch-LXZ IKE/7/EVENT: Outbound flow: 192.168.88.0/24->192.168.10.0/24
*Apr 28 17:05:47:598 2021 Branch-LXZ IKE/7/EVENT: vrf = 0, local = 212.222.0.22, remote = 171.221.88.110/500
Lifetime in seconds: 3600
*Apr 28 17:05:47:598 2021 Branch-LXZ IKE/7/EVENT: vrf = 0, local = 212.222.0.22, remote = 171.221.88.110/500
Lifetime in kilobytes: 1843200
*Apr 28 17:05:47:598 2021 Branch-LXZ IKE/7/EVENT:
Protocol: 50
Inbound SPI: 0xb09f3700
Outbound SPI: 0x07cf6e34
*Apr 28 17:05:47:599 2021 Branch-LXZ IPSEC/7/EVENT:
Can not find IPsec tunnel in same flow hash table, and will create a new one.
*Apr 28 17:05:47:599 2021 Branch-LXZ IPSEC/7/EVENT:
IPsec tunnel successfully added in kernel.
*Apr 28 17:05:47:600 2021 Branch-LXZ IPSEC/7/EVENT:
SA successfully added in kernel.
*Apr 28 17:05:47:600 2021 Branch-LXZ IPSEC/7/EVENT:
SA successfully added in kernel.
*Apr 28 17:05:47:599 2021 Branch-LXZ IPSEC/7/EVENT:
Got default traffic-based lifetime settings for IPsec P2 SA when filling ISAKMP SA data:
Role : Initiator.
Default soft lifetime : 1509949440 bytes.
Hard lifetime : 1887436800 bytes.
*Apr 28 17:05:47:599 2021 Branch-LXZ IPSEC/7/EVENT:
Got traffic-based lifetime settings for IPsec P2 SA when filling ISAKMP SA data:
Role : Initiator.
Configured soft lifetime buffer : 0 bytes.
Configured global soft lifetime buffer : 0 bytes.
Default soft lifetime : 1509949440 bytes.
Hard lifetime after negotiation : 1887436800 bytes.
Actual soft lifetime : 1509949440 bytes.
*Apr 28 17:05:47:599 2021 Branch-LXZ IPSEC/7/EVENT:
Added tunnel to kernel successfully.
*Apr 28 17:05:47:599 2021 Branch-LXZ IPSEC/7/EVENT:
Sent add tunnel message to all nodes, message type is 0x13.
*Apr 28 17:05:47:599 2021 Branch-LXZ IPSEC/7/EVENT:
Save IPsec Tunnel to DBM, tunnelIndex 2, refreshCnt 0, createTime 119244
*Apr 28 17:05:47:600 2021 Branch-LXZ IPSEC/7/EVENT:
Added an IPsec tunnel when adding ISAKMP SA: tunnel index = 2, tunnel sequence number = 3.
*Apr 28 17:05:47:600 2021 Branch-LXZ IPSEC/7/EVENT:
Added SA to kernel successfully.
*Apr 28 17:05:47:600 2021 Branch-LXZ IPSEC/7/EVENT:
Added ISAKMP SAs. Number of SAs added is 2.
*Apr 28 17:05:47:600 2021 Branch-LXZ IPSEC/7/EVENT:
No.1 SA index: 8, sequence number: 9.
*Apr 28 17:05:47:600 2021 Branch-LXZ IPSEC/7/EVENT:
No.2 SA index: 9, sequence number: 9.
*Apr 28 17:05:47:600 2021 Branch-LXZ IPSEC/7/EVENT:
Added SA context to IKE.
*Apr 28 17:05:47:600 2021 Branch-LXZ IKE/7/EVENT: Received message from ipsec, message type is 11.
*Apr 28 17:05:47:600 2021 Branch-LXZ IKE/7/EVENT: vrf = 0, local = 212.222.0.22, remote = 171.221.88.110/500
IPsec SA state changed from IKE_P2_STATE_SEND1 to IKE_P2_STATE_SA_CREATED.
*Apr 28 17:05:47:600 2021 Branch-LXZ IKE/7/EVENT: IKE thread 1099324379824 processes a job.
*Apr 28 17:05:47:601 2021 Branch-LXZ IKE/7/PACKET: vrf = 0, local = 212.222.0.22, remote = 171.221.88.110/500
Construct HASH(3) payload.
*Apr 28 17:05:47:601 2021 Branch-LXZ IKE/7/PACKET: vrf = 0, local = 212.222.0.22, remote = 171.221.88.110/500
Encrypt the packet.
*Apr 28 17:05:47:601 2021 Branch-LXZ IPSEC/7/EVENT:
Updated outbound SA of IPsec tunnel(SA index = 8, SPI = 0x7cf6e34).
%Apr 28 17:05:47:601 2021 Branch-LXZ IPSEC/6/IPSEC_SA_ESTABLISH: IPsec SA was established.
SA information:
Role: initiator
Local address: 212.222.0.22
Remote address: 171.221.88.110
Sour addr: 192.168.88.0/255.255.255.0 Port: 0 Protocol: IP
Dest addr: 192.168.10.0/255.255.255.0 Port: 0 Protocol: IP
Inside VPN instance:
Outside VPN instance:
Inbound AH SPI: 0
Outbound AH SPI: 0
Inbound ESP SPI: 2963224320
Outbound ESP SPI: 131034676
ACL number: 3020

*Apr 28 17:05:47:601 2021 Branch-LXZ IPSEC/7/EVENT:
Sent switch SA message to all nodes, message type is 0x1a.
*Apr 28 17:05:47:601 2021 Branch-LXZ IPSEC/7/EVENT:
Switch SA and delete blockflow node. SA index : 9, SA Seq : 9.Block index : 0, Block seq : 7.
*Apr 28 17:05:47:601 2021 Branch-LXZ IPSEC/7/EVENT:
Switched SA successfully.
*Apr 28 17:05:47:601 2021 Branch-LXZ IKE/7/EVENT: Received message from ipsec, message type is 15.
*Apr 28 17:05:47:602 2021 Branch-LXZ IKE/7/EVENT: vrf = 0, local = 212.222.0.22, remote = 171.221.88.110/500
IPsec SA state changed from IKE_P2_STATE_SA_CREATED to IKE_P2_STATE_SA_SWITCH.
*Apr 28 17:05:47:602 2021 Branch-LXZ IKE/7/EVENT: IKE thread 1099324379824 processes a job.
*Apr 28 17:05:47:602 2021 Branch-LXZ IKE/7/EVENT: vrf = 0, local = 212.222.0.22, remote = 171.221.88.110/500
IPsec SA state changed from IKE_P2_STATE_SA_SWITCH to IKE_P2_STATE_ESTABLISHED.
*Apr 28 17:05:47:602 2021 Branch-LXZ IKE/7/PACKET: vrf = 0, local = 212.222.0.22, remote = 171.221.88.110/500
Sending packet to 171.221.88.110 remote port 500, local port 500.
*Apr 28 17:05:47:602 2021 Branch-LXZ IKE/7/PACKET: vrf = 0, local = 212.222.0.22, remote = 171.221.88.110/500

I-COOKIE: b8349af1de22707a
R-COOKIE: 2cfea10944c84f39
next payload: HASH
version: ISAKMP Version 1.0
exchange mode: Quick
flags: ENCRYPT
message ID: a5364612
length: 60
*Apr 28 17:05:47:602 2021 Branch-LXZ IKE/7/PACKET: vrf = 0, local = 212.222.0.22, remote = 171.221.88.110/500
Sending an IPv4 packet.
*Apr 28 17:05:47:602 2021 Branch-LXZ IKE/7/EVENT: vrf = 0, local = 212.222.0.22, remote = 171.221.88.110/500
Sent data to socket successfully.
*Apr 28 17:05:47:603 2021 Branch-LXZ IKE/7/EVENT: vrf = 0, local = 212.222.0.22, remote = 171.221.88.110/500
Got time-based lifetime settings for IKE P2 SA:
Role : Initiator.
Configured soft lifetime buffer : 0 seconds.
Hard lifetime after negotiation : 3600 seconds.
Default soft lifetime : 2700 seconds.
Actual soft lifetime : 2700 seconds.
*Apr 28 17:05:47:603 2021 Branch-LXZ IKE/7/EVENT: vrf = 0, local = 212.222.0.22, remote = 171.221.88.110/500
Add P2 SA to triple successfully.

<Branch-LXZ>
<Branch-LXZ>
<Branch-LXZ>reset ike sa
<Branch-LXZ>*Apr 28 17:05:51:743 2021 Branch-LXZ IKE/7/EVENT: vrf = 0, local = 212.222.0.22, remote = 171.221.88.110/500
Delete tunnel, reference count is [0], tunnel [1] has been freed.
*Apr 28 17:05:51:743 2021 Branch-LXZ IKE/7/PACKET: vrf = 0, local = 212.222.0.22, remote = 171.221.88.110/500
Encrypt the packet.
*Apr 28 17:05:51:743 2021 Branch-LXZ IKE/7/PACKET: vrf = 0, local = 212.222.0.22, remote = 171.221.88.110/500
Construct delete payload.
*Apr 28 17:05:51:744 2021 Branch-LXZ IKE/7/PACKET: vrf = 0, local = 212.222.0.22, remote = 171.221.88.110/500
Sending packet to 171.221.88.110 remote port 500, local port 500.
*Apr 28 17:05:51:744 2021 Branch-LXZ IKE/7/PACKET: vrf = 0, local = 212.222.0.22, remote = 171.221.88.110/500

I-COOKIE: b8349af1de22707a
R-COOKIE: 2cfea10944c84f39
next payload: HASH
version: ISAKMP Version 1.0
exchange mode: Info
flags: ENCRYPT
message ID: a9513b8d
length: 92
*Apr 28 17:05:51:744 2021 Branch-LXZ IKE/7/PACKET: vrf = 0, local = 212.222.0.22, remote = 171.221.88.110/500
Sending an IPv4 packet.
*Apr 28 17:05:51:744 2021 Branch-LXZ IKE/7/EVENT: vrf = 0, local = 212.222.0.22, remote = 171.221.88.110/500
Sent data to socket successfully.
*Apr 28 17:05:51:749 2021 Branch-LXZ IPSEC/7/EVENT:
Deleted DPD in kernel(DPD ID = 0).
*Apr 28 17:05:51:749 2021 Branch-LXZ IPSEC/7/EVENT:
DPD successfully deleted in kernel.
*Apr 28 17:05:51:750 2021 Branch-LXZ IPSEC/7/EVENT:
DPD of SA successfully set in kernel.
*Apr 28 17:05:51:750 2021 Branch-LXZ IPSEC/7/EVENT:
DPD of SA successfully set in kernel.
*Apr 28 17:05:51:749 2021 Branch-LXZ IPSEC/7/EVENT:
Sent update DPD index of SA message to all nodes, message type is 0x20.
*Apr 28 17:05:51:751 2021 Branch-LXZ IPSEC/7/EVENT:
Sent delete DPD message to all nodes, message type is 0x1f.
%Apr 28 17:05:51:751 2021 Branch-LXZ IKE/6/IKE_P1_SA_TERMINATE: The IKE phase 1 SA was deleted.
Reason: All IKE SAs were deleted.
SA information:
Role: initiator
Local IP: 212.222.0.22
Local ID type: IPV4_ADDR
Local ID: 212.222.0.22
Local port: 500
Retransmissions: 0
Remote IP: 171.221.88.110
Remote ID type: IPV4_ADDR
Remote ID: 171.221.88.110
Remote port: 500
Recived retransmissions: 0
Inside VPN instance:
Outside VPN instance:
Initiator COOKIE: b8349af1de22707a
Responder COOKIE: 2cfea10944c84f39
Connection ID: 77
Tunnel ID: 1
IKE profile name: 1

*Apr 28 17:05:51:752 2021 Branch-LXZ IKE/7/EVENT: Sent config reset message.

<Branch-LXZ>
<Branch-LXZ>*Apr 28 17:05:53:579 2021 Branch-LXZ IPSEC/7/PACKET:
--- Sent IPsec packet, pkt len : 128 ---
*Apr 28 17:05:53:579 2021 Branch-LXZ IPSEC/7/PACKET:
Attent to match Mqc(0), ifIndex is 132, digest is 0, no result.
*Apr 28 17:05:53:579 2021 Branch-LXZ IPSEC/7/PACKET:
Attent to match Mqc(1), ifIndex is 132, digest is 0, no result.
*Apr 28 17:05:53:579 2021 Branch-LXZ IPSEC/7/PACKET:
Last dest lip is NULL.
*Apr 28 17:05:53:579 2021 Branch-LXZ IPSEC/7/PACKET:
Outbound IPsec processing: src IP = 192.168.88.1, dst IP = 192.168.10.1, SPI = 131034676.
*Apr 28 17:05:53:579 2021 Branch-LXZ IPSEC/7/PACKET:
Alloc IPsec cache: Global fs seq : 195, Private index : 2, Private seq : 3.
*Apr 28 17:05:53:579 2021 Branch-LXZ IPSEC/7/EVENT:
Add ip fastforward cache : ulDirtection = 2, ifIndexOut = 135
*Apr 28 17:05:53:579 2021 Branch-LXZ IPSEC/7/EVENT:
Added IP fast forwarding entry.
*Apr 28 17:05:53:579 2021 Branch-LXZ IPSEC/7/PACKET:
Outbound IPsec processing: ESP auth algorithm: SHA1, ESP encp algorithm: AES-CBC-128.
*Apr 28 17:05:53:579 2021 Branch-LXZ IPSEC/7/PACKET:
Packet will be sent to CCF for sync-encryption.
*Apr 28 17:05:53:579 2021 Branch-LXZ IPSEC/7/PACKET:
Outbound IPsec ESP processing: Encryption succeeded, anti-replay SN is 1.
*Apr 28 17:05:53:579 2021 Branch-LXZ IPSEC/7/PACKET:
Outbound IPsec processing: Packet encapsulated successfully.
*Apr 28 17:05:53:579 2021 Branch-LXZ IPSEC/7/EVENT:
Start to fill reply cache key, SrcAddr : 212.222.0.22, DstAddr : 171.221.88.110, SPI :131034676, SrcPort : 1999, DstPort : 28212.
*Apr 28 17:05:53:579 2021 Branch-LXZ IPSEC/7/EVENT:
Fill output IPsec packet reply cache key.
*Apr 28 17:05:53:579 2021 Branch-LXZ IPSEC/7/EVENT:
Find another sa, spi : 0xb09f3700, SrcPort : 45215, DstPort : 14080.
*Apr 28 17:05:53:586 2021 Branch-LXZ IPSEC/7/PACKET:
--- Received IPsec(ESP) packet: packet length : 200 ---
*Apr 28 17:05:53:586 2021 Branch-LXZ IPSEC/7/EVENT:
Enter IPsec ESP input process, Data length : 200
*Apr 28 17:05:53:586 2021 Branch-LXZ IPSEC/7/PACKET:
Attent to match Mqc(0), ifIndex is 135, digest is 0, no result.
*Apr 28 17:05:53:586 2021 Branch-LXZ IPSEC/7/PACKET:
Attent to match Mqc(1), ifIndex is 135, digest is 0, no result.
*Apr 28 17:05:53:586 2021 Branch-LXZ IPSEC/7/PACKET:
Last dest lip is NULL.
*Apr 28 17:05:53:586 2021 Branch-LXZ IPSEC/7/PACKET:
Inbound IPsec processing: src IP = 171.221.88.110, dst IP = 212.222.0.22, SPI = 2963224320.
*Apr 28 17:05:53:586 2021 Branch-LXZ IPSEC/7/PACKET:
Alloc IPsec cache: Global fs seq : 195, Private index : 9, Private seq : 9.
*Apr 28 17:05:53:586 2021 Branch-LXZ IPSEC/7/EVENT:
Add ip fastforward cache : ulDirtection = 1, ifIndexOut = 0
*Apr 28 17:05:53:586 2021 Branch-LXZ IPSEC/7/EVENT:
Added IP fast forwarding entry.
*Apr 28 17:05:53:586 2021 Branch-LXZ IPSEC/7/PACKET:
Inbound IPsec processing: ESP auth algorithm: SHA1, ESP encp algorithm: AES-CBC-128.
*Apr 28 17:05:53:586 2021 Branch-LXZ IPSEC/7/PACKET:
Packet will be sent to CCF for sync-decryption.
*Apr 28 17:05:53:586 2021 Branch-LXZ IPSEC/7/PACKET:
Inbound IPsec ESP processing: Authentication succeeded.
*Apr 28 17:05:53:586 2021 Branch-LXZ IPSEC/7/PACKET:
Inbound IPsec ESP processing: Decryption succeeded.
*Apr 28 17:05:53:586 2021 Branch-LXZ IPSEC/7/PACKET:
IPsec processing: Tunnel mode.
*Apr 28 17:05:53:586 2021 Branch-LXZ IPSEC/7/PACKET:
Inbound ESP IPsec processing: Sent packet back to IP forwarding. Pkt len is 128.
*Apr 28 17:05:53:586 2021 Branch-LXZ IPSEC/7/PACKET:
Alloc IPsec cache: Global fs seq : 195, Private index : 0, Private seq : 0.
disp ike sa
Connection-ID Remote Flag DOI
------------------------------------------------------------------
<Branch-LXZ>disp*Apr 28 17:05:56:360 2021 Branch-LXZ IPSEC/7/EVENT:
Can't find block-flow node.
*Apr 28 17:05:56:360 2021 Branch-LXZ IPSEC/7/PACKET:
Failed to find SA by SP, SP Index = 1, SP Convert-Seq = 65536.
*Apr 28 17:05:56:360 2021 Branch-LXZ IPSEC/7/ERROR:
The reason of dropping packet is no available IPsec tunnel.
*Apr 28 17:05:56:360 2021 Branch-LXZ IPSEC/7/EVENT:
Sent SA-Acquire message : SP ID = 1
*Apr 28 17:05:56:360 2021 Branch-LXZ IPSEC/7/EVENT:
Received negotiatiate SA message from IPsec kernel.
%Apr 28 17:05:56:360 2021 Branch-LXZ IPSEC/6/IPSEC_SA_INITIATION: Began to establish IPsec SA.
SA information:
Local address: 212.222.0.22
Remote address: 171.221.88.110
Sour addr: 192.168.88.0/255.255.255.0 Port: 0 Protocol: IP
Dest addr: 192.168.17.0/255.255.255.0 Port: 0 Protocol: IP
Inside VPN instance:
Outside VPN instance:
ACL number: 3020

*Apr 28 17:05:56:360 2021 Branch-LXZ IPSEC/7/EVENT:
Got SA time-based soft lifetime settings when filling Sp data.
Configured soft lifetime buffer : 0 seconds.
Configured global soft lifetime buffer : 0 seconds.
*Apr 28 17:05:56:361 2021 Branch-LXZ IKE/7/EVENT: Received message from ipsec, message type is 0.
*Apr 28 17:05:56:361 2021 Branch-LXZ IKE/7/EVENT: Received SA acquire message from IPsec.
*Apr 28 17:05:56:361 2021 Branch-LXZ IKE/7/EVENT: IKE thread 1099324379824 processes a job.
*Apr 28 17:05:56:361 2021 Branch-LXZ IKE/7/EVENT: Received SA acquire message from IPsec.
*Apr 28 17:05:56:361 2021 Branch-LXZ IKE/7/EVENT: vrf = 0, local = 212.222.0.22, remote = 171.221.88.110/500
Set IPsec SA state to IKE_P2_STATE_INIT.
*Apr 28 17:05:56:361 2021 Branch-LXZ IKE/7/EVENT: IKE SA not found. Initiate IKE SA negotiation.
*Apr 28 17:05:56:361 2021 Branch-LXZ IKE/7/EVENT: vrf = 0, local = 212.222.0.22, remote = 171.221.88.110/500
Obtained profile 1.
*Apr 28 17:05:56:361 2021 Branch-LXZ IKE/7/EVENT: vrf = 0, local = 212.222.0.22, remote = 171.221.88.110/500
Initiator created an SA for peer 171.221.88.110, local port 500, remote port 500.
*Apr 28 17:05:56:361 2021 Branch-LXZ IKE/7/EVENT: vrf = 0, local = 212.222.0.22, remote = 171.221.88.110/500
Set IKE SA state to IKE_P1_STATE_INIT.
*Apr 28 17:05:56:361 2021 Branch-LXZ IKE/7/EVENT: IKE thread 1099324379824 processes a job.
*Apr 28 17:05:56:361 2021 Branch-LXZ IKE/7/EVENT: vrf = 0, local = 212.222.0.22, remote = 171.221.88.110/500
Begin Main mode exchange.
*Apr 28 17:05:56:361 2021 Branch-LXZ IKE/7/EVENT: vrf = 0, local = 212.222.0.22, remote = 171.221.88.110/500
Found pre-shared key that matches address 171.221.88.110 in keychain 1.
*Apr 28 17:05:56:361 2021 Branch-LXZ IKE/7/PACKET: vrf = 0, local = 212.222.0.22, remote = 171.221.88.110/500
Encryption algorithm is AES-CBC.
*Apr 28 17:05:56:362 2021 Branch-LXZ IKE/7/PACKET: vrf = 0, local = 212.222.0.22, remote = 171.221.88.110/500
Key length is 128 bits.
*Apr 28 17:05:56:362 2021 Branch-LXZ IKE/7/PACKET: vrf = 0, local = 212.222.0.22, remote = 171.221.88.110/500
Hash algorithm is HMAC-SHA1.
*Apr 28 17:05:56:362 2021 Branch-LXZ IKE/7/PACKET: vrf = 0, local = 212.222.0.22, remote = 171.221.88.110/500
DH group 2.
*Apr 28 17:05:56:362 2021 Branch-LXZ IKE/7/PACKET: vrf = 0, local = 212.222.0.22, remote = 171.221.88.110/500
Authentication method is Pre-shared key.
*Apr 28 17:05:56:362 2021 Branch-LXZ IKE/7/PACKET: vrf = 0, local = 212.222.0.22, remote = 171.221.88.110/500
Lifetime type is in seconds.
*Apr 28 17:05:56:362 2021 Branch-LXZ IKE/7/PACKET: vrf = 0, local = 212.222.0.22, remote = 171.221.88.110/500
Life duration is 86400.
*Apr 28 17:05:56:362 2021 Branch-LXZ IKE/7/PACKET: vrf = 0, local = 212.222.0.22, remote = 171.221.88.110/500
Construct transform payload for transform 1.
*Apr 28 17:05:56:362 2021 Branch-LXZ IKE/7/PACKET: vrf = 0, local = 212.222.0.22, remote = 171.221.88.110/500
Encryption algorithm is DES-CBC.
*Apr 28 17:05:56:362 2021 Branch-LXZ IKE/7/PACKET: vrf = 0, local = 212.222.0.22, remote = 171.221.88.110/500
Hash algorithm is HMAC-SHA1.
*Apr 28 17:05:56:362 2021 Branch-LXZ IKE/7/PACKET: vrf = 0, local = 212.222.0.22, remote = 171.221.88.110/500
DH group 1.
*Apr 28 17:05:56:362 2021 Branch-LXZ IKE/7/PACKET: vrf = 0, local = 212.222.0.22, remote = 171.221.88.110/500
Authentication method is Pre-shared key.
*Apr 28 17:05:56:362 2021 Branch-LXZ IKE/7/PACKET: vrf = 0, local = 212.222.0.22, remote = 171.221.88.110/500
Lifetime type is in seconds.
*Apr 28 17:05:56:362 2021 Branch-LXZ IKE/7/PACKET: vrf = 0, local = 212.222.0.22, remote = 171.221.88.110/500
Life duration is 86400.
*Apr 28 17:05:56:362 2021 Branch-LXZ IKE/7/PACKET: vrf = 0, local = 212.222.0.22, remote = 171.221.88.110/500
Construct transform payload for transform 2.
*Apr 28 17:05:56:362 2021 Branch-LXZ IKE/7/PACKET: vrf = 0, local = 212.222.0.22, remote = 171.221.88.110/500
Constructed SA payload.
*Apr 28 17:05:56:362 2021 Branch-LXZ IKE/7/PACKET: vrf = 0, local = 212.222.0.22, remote = 171.221.88.110/500
Construct NAT-T rfc3947 vendor ID payload.
*Apr 28 17:05:56:362 2021 Branch-LXZ IKE/7/PACKET: vrf = 0, local = 212.222.0.22, remote = 171.221.88.110/500
Construct NAT-T draft3 vendor ID payload.
*Apr 28 17:05:56:362 2021 Branch-LXZ IKE/7/PACKET: vrf = 0, local = 212.222.0.22, remote = 171.221.88.110/500
Construct NAT-T draft2 vendor ID payload.
*Apr 28 17:05:56:362 2021 Branch-LXZ IKE/7/PACKET: vrf = 0, local = 212.222.0.22, remote = 171.221.88.110/500
Construct NAT-T draft1 vendor ID payload.
*Apr 28 17:05:56:362 2021 Branch-LXZ IKE/7/PACKET: vrf = 0, local = 212.222.0.22, remote = 171.221.88.110/500
Construct XAUTH Cisco Unity 1.0 vendor ID payload.
*Apr 28 17:05:56:362 2021 Branch-LXZ IKE/7/PACKET: vrf = 0, local = 212.222.0.22, remote = 171.221.88.110/500
Construct XAUTH draft6 vendor ID payload.
*Apr 28 17:05:56:362 2021 Branch-LXZ IKE/7/EVENT: vrf = 0, local = 212.222.0.22, remote = 171.221.88.110/500
IKE SA state changed from IKE_P1_STATE_INIT to IKE_P1_STATE_SEND1.
*Apr 28 17:05:56:362 2021 Branch-LXZ IKE/7/PACKET: vrf = 0, local = 212.222.0.22, remote = 171.221.88.110/500
Sending packet to 171.221.88.110 remote port 500, local port 500.
*Apr 28 17:05:56:362 2021 Branch-LXZ IKE/7/PACKET: vrf = 0, local = 212.222.0.22, remote = 171.221.88.110/500

I-COOKIE: c0e46f144a222b28
R-COOKIE: 0000000000000000
next payload: SA
version: ISAKMP Version 1.0
exchange mode: Main
flags:
message ID: 0
length: 236
*Apr 28 17:05:56:363 2021 Branch-LXZ IKE/7/PACKET: vrf = 0, local = 212.222.0.22, remote = 171.221.88.110/500
Sending an IPv4 packet.
*Apr 28 17:05:56:363 2021 Branch-LXZ IKE/7/EVENT: vrf = 0, local = 212.222.0.22, remote = 171.221.88.110/500
Sent data to socket successfully.
*Apr 28 17:05:56:368 2021 Branch-LXZ IKE/7/EVENT: Received packet successfully.
*Apr 28 17:05:56:368 2021 Branch-LXZ IKE/7/PACKET: vrf = 0, local = 212.222.0.22, remote = 171.221.88.110/500
Received packet from 171.221.88.110 source port 500 destination port 500.
*Apr 28 17:05:56:368 2021 Branch-LXZ IKE/7/PACKET: vrf = 0, local = 212.222.0.22, remote = 171.221.88.110/500

I-COOKIE: c0e46f144a222b28
R-COOKIE: 0c1bb9d7e5fb3808
next payload: SA
version: ISAKMP Version 1.0
exchange mode: Main
flags:
message ID: 0
length: 140
*Apr 28 17:05:56:368 2021 Branch-LXZ IKE/7/EVENT: IKE thread 1099324379824 processes a job.
*Apr 28 17:05:56:368 2021 Branch-LXZ IKE/7/EVENT: Phase1 process started.
*Apr 28 17:05:56:369 2021 Branch-LXZ IKE/7/PACKET: vrf = 0, local = 212.222.0.22, remote = 171.221.88.110/500
Received ISAKMP Security Association Payload.
*Apr 28 17:05:56:369 2021 Branch-LXZ IKE/7/PACKET: vrf = 0, local = 212.222.0.22, remote = 171.221.88.110/500
Received ISAKMP Vendor ID Payload.
*Apr 28 17:05:56:369 2021 Branch-LXZ IKE/7/PACKET: vrf = 0, local = 212.222.0.22, remote = 171.221.88.110/500
Received ISAKMP Vendor ID Payload.
*Apr 28 17:05:56:369 2021 Branch-LXZ IKE/7/PACKET: vrf = 0, local = 212.222.0.22, remote = 171.221.88.110/500
Received ISAKMP Vendor ID Payload.
*Apr 28 17:05:56:369 2021 Branch-LXZ IKE/7/PACKET: vrf = 0, local = 212.222.0.22, remote = 171.221.88.110/500
Process SA payload.
*Apr 28 17:05:56:369 2021 Branch-LXZ IKE/7/PACKET: vrf = 0, local = 212.222.0.22, remote = 171.221.88.110/500
Check ISAKMP transform 1.
*Apr 28 17:05:56:369 2021 Branch-LXZ IKE/7/PACKET: vrf = 0, local = 212.222.0.22, remote = 171.221.88.110/500
Encryption algorithm is AES-CBC.
*Apr 28 17:05:56:369 2021 Branch-LXZ IKE/7/PACKET: vrf = 0, local = 212.222.0.22, remote = 171.221.88.110/500
Key length is 128 bytes.
*Apr 28 17:05:56:369 2021 Branch-LXZ IKE/7/PACKET: vrf = 0, local = 212.222.0.22, remote = 171.221.88.110/500
HASH algorithm is HMAC-SHA1.
*Apr 28 17:05:56:369 2021 Branch-LXZ IKE/7/PACKET: vrf = 0, local = 212.222.0.22, remote = 171.221.88.110/500
DH group is 2.
*Apr 28 17:05:56:369 2021 Branch-LXZ IKE/7/PACKET: vrf = 0, local = 212.222.0.22, remote = 171.221.88.110/500
Authentication method is Pre-shared key.
*Apr 28 17:05:56:369 2021 Branch-LXZ IKE/7/PACKET: vrf = 0, local = 212.222.0.22, remote = 171.221.88.110/500
Lifetime type is 1.
*Apr 28 17:05:56:369 2021 Branch-LXZ IKE/7/PACKET: vrf = 0, local = 212.222.0.22, remote = 171.221.88.110/500
Life duration is 86400.
*Apr 28 17:05:56:370 2021 Branch-LXZ IKE/7/PACKET: vrf = 0, local = 212.222.0.22, remote = 171.221.88.110/500
Attributes is acceptable.
*Apr 28 17:05:56:370 2021 Branch-LXZ IKE/7/EVENT: Oakley transform 1 is acceptable.
*Apr 28 17:05:56:370 2021 Branch-LXZ IKE/7/PACKET: vrf = 0, local = 212.222.0.22, remote = 171.221.88.110/500
Process vendor ID payload.
*Apr 28 17:05:56:370 2021 Branch-LXZ IKE/7/EVENT: Vendor ID NAT-T rfc3947 is matched.
*Apr 28 17:05:56:370 2021 Branch-LXZ IKE/7/EVENT: Vendor ID XAUTH Cisco Unity 1.0 is matched.
*Apr 28 17:05:56:370 2021 Branch-LXZ IKE/7/EVENT: Vendor ID XAUTH draft6 is matched.
*Apr 28 17:05:56:373 2021 Branch-LXZ IKE/7/PACKET: vrf = 0, local = 212.222.0.22, remote = 171.221.88.110/500
Construct KE payload.
*Apr 28 17:05:56:373 2021 Branch-LXZ IKE/7/PACKET: vrf = 0, local = 212.222.0.22, remote = 171.221.88.110/500
Construct NONCE payload.
*Apr 28 17:05:56:373 2021 Branch-LXZ IKE/7/PACKET: vrf = 0, local = 212.222.0.22, remote = 171.221.88.110/500
Construct NAT-D payload.
*Apr 28 17:05:56:373 2021 Branch-LXZ IKE/7/PACKET: vrf = 0, local = 212.222.0.22, remote = 171.221.88.110/500
Construct DPD vendor ID payload.
*Apr 28 17:05:56:374 2021 Branch-LXZ IKE/7/EVENT: vrf = 0, local = 212.222.0.22, remote = 171.221.88.110/500
IKE SA state changed from IKE_P1_STATE_SEND1 to IKE_P1_STATE_SEND3.
*Apr 28 17:05:56:374 2021 Branch-LXZ IKE/7/PACKET: vrf = 0, local = 212.222.0.22, remote = 171.221.88.110/500
Sending packet to 171.221.88.110 remote port 500, local port 500.
*Apr 28 17:05:56:374 2021 Branch-LXZ IKE/7/PACKET: vrf = 0, local = 212.222.0.22, remote = 171.221.88.110/500

I-COOKIE: c0e46f144a222b28
R-COOKIE: 0c1bb9d7e5fb3808
next payload: KE
version: ISAKMP Version 1.0
exchange mode: Main
flags:
message ID: 0
length: 248
*Apr 28 17:05:56:374 2021 Branch-LXZ IKE/7/PACKET: vrf = 0, local = 212.222.0.22, remote = 171.221.88.110/500
Sending an IPv4 packet.
*Apr 28 17:05:56:374 2021 Branch-LXZ IKE/7/EVENT: vrf = 0, local = 212.222.0.22, remote = 171.221.88.110/500
Sent data to socket successfully.
*Apr 28 17:05:56:475 2021 Branch-LXZ IKE/7/EVENT: Received packet successfully.
*Apr 28 17:05:56:475 2021 Branch-LXZ IKE/7/PACKET: vrf = 0, local = 212.222.0.22, remote = 171.221.88.110/500
Received packet from 171.221.88.110 source port 500 destination port 500.
*Apr 28 17:05:56:475 2021 Branch-LXZ IKE/7/PACKET: vrf = 0, local = 212.222.0.22, remote = 171.221.88.110/500

I-COOKIE: c0e46f144a222b28
R-COOKIE: 0c1bb9d7e5fb3808
next payload: KE
version: ISAKMP Version 1.0
exchange mode: Main
flags:
message ID: 0
length: 248
*Apr 28 17:05:56:475 2021 Branch-LXZ IKE/7/EVENT: IKE thread 1099324379824 processes a job.
*Apr 28 17:05:56:475 2021 Branch-LXZ IKE/7/EVENT: Phase1 process started.
*Apr 28 17:05:56:475 2021 Branch-LXZ IKE/7/PACKET: vrf = 0, local = 212.222.0.22, remote = 171.221.88.110/500
Received ISAKMP Key Exchange Payload.
*Apr 28 17:05:56:475 2021 Branch-LXZ IKE/7/PACKET: vrf = 0, local = 212.222.0.22, remote = 171.221.88.110/500
Received ISAKMP Nonce Payload.
*Apr 28 17:05:56:475 2021 Branch-LXZ IKE/7/PACKET: vrf = 0, local = 212.222.0.22, remote = 171.221.88.110/500
Received ISAKMP NAT-D Payload.
*Apr 28 17:05:56:475 2021 Branch-LXZ IKE/7/PACKET: vrf = 0, local = 212.222.0.22, remote = 171.221.88.110/500
Received ISAKMP NAT-D Payload.
*Apr 28 17:05:56:475 2021 Branch-LXZ IKE/7/PACKET: vrf = 0, local = 212.222.0.22, remote = 171.221.88.110/500
Received ISAKMP Vendor ID Payload.
*Apr 28 17:05:56:475 2021 Branch-LXZ IKE/7/PACKET: vrf = 0, local = 212.222.0.22, remote = 171.221.88.110/500
Process KE payload.
*Apr 28 17:05:56:476 2021 Branch-LXZ IKE/7/PACKET: vrf = 0, local = 212.222.0.22, remote = 171.221.88.110/500
Process NONCE payload.
*Apr 28 17:05:56:479 2021 Branch-LXZ IKE/7/PACKET: vrf = 0, local = 212.222.0.22, remote = 171.221.88.110/500
Received 2 NAT-D payload.
*Apr 28 17:05:56:479 2021 Branch-LXZ IKE/7/PACKET: vrf = 0, local = 212.222.0.22, remote = 171.221.88.110/500
Local ID type: IPV4_ADDR (1).
*Apr 28 17:05:56:479 2021 Branch-LXZ IKE/7/PACKET: vrf = 0, local = 212.222.0.22, remote = 171.221.88.110/500
Local ID value: 212.222.0.22.
*Apr 28 17:05:56:479 2021 Branch-LXZ IKE/7/PACKET: vrf = 0, local = 212.222.0.22, remote = 171.221.88.110/500
Construct ID payload.
*Apr 28 17:05:56:480 2021 Branch-LXZ IKE/7/PACKET: vrf = 0, local = 212.222.0.22, remote = 171.221.88.110/500
HASH:
14fddd59 26e9677b c96d5ebf dd7f516d abb9241a
*Apr 28 17:05:56:480 2021 Branch-LXZ IKE/7/PACKET: vrf = 0, local = 212.222.0.22, remote = 171.221.88.110/500
Construct authentication by pre-shared-key.
*Apr 28 17:05:56:480 2021 Branch-LXZ IKE/7/PACKET: vrf = 0, local = 212.222.0.22, remote = 171.221.88.110/500
Construct INITIAL-CONTACT payload.
*Apr 28 17:05:56:480 2021 Branch-LXZ IKE/7/PACKET: vrf = 0, local = 212.222.0.22, remote = 171.221.88.110/500
Encrypt the packet.
*Apr 28 17:05:56:480 2021 Branch-LXZ IKE/7/PACKET: vrf = 0, local = 212.222.0.22, remote = 171.221.88.110/500
Process vendor ID payload.
*Apr 28 17:05:56:480 2021 Branch-LXZ IKE/7/EVENT: Vendor ID DPD is matched.
*Apr 28 17:05:56:480 2021 Branch-LXZ IKE/7/EVENT: vrf = 0, local = 212.222.0.22, remote = 171.221.88.110/500
IKE SA state changed from IKE_P1_STATE_SEND3 to IKE_P1_STATE_SEND5.
*Apr 28 17:05:56:480 2021 Branch-LXZ IKE/7/PACKET: vrf = 0, local = 212.222.0.22, remote = 171.221.88.110/500
Sending packet to 171.221.88.110 remote port 500, local port 500.
*Apr 28 17:05:56:480 2021 Branch-LXZ IKE/7/PACKET: vrf = 0, local = 212.222.0.22, remote = 171.221.88.110/500

I-COOKIE: c0e46f144a222b28
R-COOKIE: 0c1bb9d7e5fb3808
next payload: ID
version: ISAKMP Version 1.0
exchange mode: Main
flags: ENCRYPT
message ID: 0
length: 92
*Apr 28 17:05:56:481 2021 Branch-LXZ IKE/7/PACKET: vrf = 0, local = 212.222.0.22, remote = 171.221.88.110/500
Sending an IPv4 packet.
*Apr 28 17:05:56:481 2021 Branch-LXZ IKE/7/EVENT: vrf = 0, local = 212.222.0.22, remote = 171.221.88.110/500
Sent data to socket successfully.
*Apr 28 17:05:56:487 2021 Branch-LXZ IKE/7/EVENT: Received packet successfully.
*Apr 28 17:05:56:487 2021 Branch-LXZ IKE/7/PACKET: vrf = 0, local = 212.222.0.22, remote = 171.221.88.110/500
Received packet from 171.221.88.110 source port 500 destination port 500.
*Apr 28 17:05:56:487 2021 Branch-LXZ IKE/7/PACKET: vrf = 0, local = 212.222.0.22, remote = 171.221.88.110/500

I-COOKIE: c0e46f144a222b28
R-COOKIE: 0c1bb9d7e5fb3808
next payload: ID
version: ISAKMP Version 1.0
exchange mode: Main
flags: ENCRYPT
message ID: 0
length: 76
*Apr 28 17:05:56:487 2021 Branch-LXZ IKE/7/EVENT: IKE thread 1099324379824 processes a job.
*Apr 28 17:05:56:487 2021 Branch-LXZ IKE/7/EVENT: Phase1 process started.
*Apr 28 17:05:56:487 2021 Branch-LXZ IKE/7/PACKET: vrf = 0, local = 212.222.0.22, remote = 171.221.88.110/500
Decrypt the packet.
*Apr 28 17:05:56:487 2021 Branch-LXZ IKE/7/PACKET: vrf = 0, local = 212.222.0.22, remote = 171.221.88.110/500
Received ISAKMP Identification Payload.
*Apr 28 17:05:56:487 2021 Branch-LXZ IKE/7/PACKET: vrf = 0, local = 212.222.0.22, remote = 171.221.88.110/500
Received ISAKMP Hash Payload.
*Apr 28 17:05:56:488 2021 Branch-LXZ IKE/7/PACKET: vrf = 0, local = 212.222.0.22, remote = 171.221.88.110/500
Process ID payload.
*Apr 28 17:05:56:488 2021 Branch-LXZ IKE/7/PACKET: vrf = 0, local = 212.222.0.22, remote = 171.221.88.110/500
Peer ID type: IPV4_ADDR (1).
*Apr 28 17:05:56:488 2021 Branch-LXZ IKE/7/PACKET: vrf = 0, local = 212.222.0.22, remote = 171.221.88.110/500
Peer ID value: address 171.221.88.110.
*Apr 28 17:05:56:488 2021 Branch-LXZ IKE/7/PACKET: vrf = 0, local = 212.222.0.22, remote = 171.221.88.110/500
Verify HASH payload.
*Apr 28 17:05:56:488 2021 Branch-LXZ IKE/7/PACKET: vrf = 0, local = 212.222.0.22, remote = 171.221.88.110/500
HASH:
ae8947e5 3831eaea 26cf94ab b28cdba6 9c4841d1
*Apr 28 17:05:56:488 2021 Branch-LXZ IKE/7/EVENT: vrf = 0, local = 212.222.0.22, remote = 171.221.88.110/500
HASH verification succeeded.
*Apr 28 17:05:56:488 2021 Branch-LXZ IKE/7/EVENT: vrf = 0, local = 212.222.0.22, remote = 171.221.88.110/500
IKE SA state changed from IKE_P1_STATE_SEND5 to IKE_P1_STATE_ESTABLISHED.
*Apr 28 17:05:56:488 2021 Branch-LXZ IKE/7/EVENT: vrf = 0, local = 212.222.0.22, remote = 171.221.88.110/500
The default soft lifetime 77760(seconds) was used for the IKE P1 SA.
*Apr 28 17:05:56:489 2021 Branch-LXZ IKE/7/EVENT: vrf = 0, local = 212.222.0.22, remote = 171.221.88.110/500
Add tunnel, alloc new tunnel with ID [1].
*Apr 28 17:05:56:489 2021 Branch-LXZ IPSEC/7/EVENT:
DPD successfully added in kernel.
*Apr 28 17:05:56:489 2021 Branch-LXZ IPSEC/7/EVENT:
DPD of SA successfully set in kernel.
*Apr 28 17:05:56:489 2021 Branch-LXZ IPSEC/7/EVENT:
DPD of SA successfully set in kernel.
*Apr 28 17:05:56:489 2021 Branch-LXZ IPSEC/7/EVENT:
Sent add DPD message to all nodes, message type is 0x1c.
*Apr 28 17:05:56:489 2021 Branch-LXZ IPSEC/7/EVENT:
Sent update DPD index of SA message to all nodes, message type is 0x20.
*Apr 28 17:05:56:491 2021 Branch-LXZ IKE/7/EVENT: Received message from ipsec, message type is 12.
*Apr 28 17:05:56:491 2021 Branch-LXZ IKE/7/EVENT: IKE thread 1099324379824 processes a job.
*Apr 28 17:05:56:492 2021 Branch-LXZ IKE/7/EVENT: vrf = 0, local = 212.222.0.22, remote = 171.221.88.110/500
Begin Quick mode exchange.
*Apr 28 17:05:56:492 2021 Branch-LXZ IKE/7/EVENT: Received message from ipsec, message type is 9.
*Apr 28 17:05:56:492 2021 Branch-LXZ IKE/7/EVENT: vrf = 0, local = 212.222.0.22, remote = 171.221.88.110/500
IPsec SA state changed from IKE_P2_STATE_INIT to IKE_P2_STATE_GETSPI.
*Apr 28 17:05:56:492 2021 Branch-LXZ IKE/7/EVENT: IKE thread 1099324379824 processes a job.
*Apr 28 17:05:56:492 2021 Branch-LXZ IKE/7/PACKET: vrf = 0, local = 212.222.0.22, remote = 171.221.88.110/500
Set attributes according to phase 2 transform.
*Apr 28 17:05:56:492 2021 Branch-LXZ IKE/7/PACKET: vrf = 0, local = 212.222.0.22, remote = 171.221.88.110/500
Encapsulation mode is Tunnel.
*Apr 28 17:05:56:492 2021 Branch-LXZ IKE/7/PACKET: vrf = 0, local = 212.222.0.22, remote = 171.221.88.110/500
in seconds
*Apr 28 17:05:56:493 2021 Branch-LXZ IKE/7/PACKET: vrf = 0, local = 212.222.0.22, remote = 171.221.88.110/500
Life duration is 3600.
*Apr 28 17:05:56:493 2021 Branch-LXZ IKE/7/PACKET: vrf = 0, local = 212.222.0.22, remote = 171.221.88.110/500
in kilobytes
*Apr 28 17:05:56:493 2021 Branch-LXZ IKE/7/PACKET: vrf = 0, local = 212.222.0.22, remote = 171.221.88.110/500
Life duration is 1843200.
*Apr 28 17:05:56:493 2021 Branch-LXZ IKE/7/PACKET: vrf = 0, local = 212.222.0.22, remote = 171.221.88.110/500
Authentication algorithm is HMAC-SHA1.
*Apr 28 17:05:56:493 2021 Branch-LXZ IKE/7/PACKET: vrf = 0, local = 212.222.0.22, remote = 171.221.88.110/500
Key length is 128 bytes.
*Apr 28 17:05:56:493 2021 Branch-LXZ IKE/7/PACKET: vrf = 0, local = 212.222.0.22, remote = 171.221.88.110/500
Transform ID is AES-CBC.
*Apr 28 17:05:56:493 2021 Branch-LXZ IKE/7/PACKET: vrf = 0, local = 212.222.0.22, remote = 171.221.88.110/500
Construct transform 1.
*Apr 28 17:05:56:493 2021 Branch-LXZ IKE/7/PACKET: vrf = 0, local = 212.222.0.22, remote = 171.221.88.110/500
Construct IPsec proposal 1.
*Apr 28 17:05:56:493 2021 Branch-LXZ IKE/7/PACKET: vrf = 0, local = 212.222.0.22, remote = 171.221.88.110/500
Construct IPsec SA payload.
*Apr 28 17:05:56:493 2021 Branch-LXZ IKE/7/PACKET: vrf = 0, local = 212.222.0.22, remote = 171.221.88.110/500
Construct NONCE payload.
*Apr 28 17:05:56:493 2021 Branch-LXZ IKE/7/PACKET: vrf = 0, local = 212.222.0.22, remote = 171.221.88.110/500
Construct IPsec ID payload.
*Apr 28 17:05:56:494 2021 Branch-LXZ IKE/7/PACKET: vrf = 0, local = 212.222.0.22, remote = 171.221.88.110/500
Construct IPsec ID payload.
*Apr 28 17:05:56:494 2021 Branch-LXZ IKE/7/PACKET: vrf = 0, local = 212.222.0.22, remote = 171.221.88.110/500
Construct HASH(1) payload.
*Apr 28 17:05:56:494 2021 Branch-LXZ IKE/7/PACKET: vrf = 0, local = 212.222.0.22, remote = 171.221.88.110/500
Encrypt the packet.
*Apr 28 17:05:56:494 2021 Branch-LXZ IKE/7/EVENT: vrf = 0, local = 212.222.0.22, remote = 171.221.88.110/500
IPsec SA state changed from IKE_P2_STATE_GETSPI to IKE_P2_STATE_SEND1.
*Apr 28 17:05:56:494 2021 Branch-LXZ IKE/7/PACKET: vrf = 0, local = 212.222.0.22, remote = 171.221.88.110/500
Sending packet to 171.221.88.110 remote port 500, local port 500.
*Apr 28 17:05:56:494 2021 Branch-LXZ IKE/7/PACKET: vrf = 0, local = 212.222.0.22, remote = 171.221.88.110/500

I-COOKIE: c0e46f144a222b28
R-COOKIE: 0c1bb9d7e5fb3808
next payload: HASH
version: ISAKMP Version 1.0
exchange mode: Quick
flags: ENCRYPT
message ID: 43a578ab
length: 172
*Apr 28 17:05:56:494 2021 Branch-LXZ IKE/7/PACKET: vrf = 0, local = 212.222.0.22, remote = 171.221.88.110/500
Sending an IPv4 packet.
*Apr 28 17:05:56:495 2021 Branch-LXZ IKE/7/EVENT: vrf = 0, local = 212.222.0.22, remote = 171.221.88.110/500
Sent data to socket successfully.
*Apr 28 17:05:56:506 2021 Branch-LXZ IKE/7/EVENT: Received packet successfully.
*Apr 28 17:05:56:506 2021 Branch-LXZ IKE/7/PACKET: vrf = 0, local = 212.222.0.22, remote = 171.221.88.110/500
Received packet from 171.221.88.110 source port 500 destination port 500.
*Apr 28 17:05:56:506 2021 Branch-LXZ IKE/7/PACKET: vrf = 0, local = 212.222.0.22, remote = 171.221.88.110/500

I-COOKIE: c0e46f144a222b28
R-COOKIE: 0c1bb9d7e5fb3808
next payload: HASH
version: ISAKMP Version 1.0
exchange mode: Quick
flags: ENCRYPT
message ID: 43a578ab
length: 172
*Apr 28 17:05:56:506 2021 Branch-LXZ IKE/7/EVENT: IKE thread 1099324379824 processes a job.
*Apr 28 17:05:56:506 2021 Branch-LXZ IKE/7/EVENT: Phase2 process started.
*Apr 28 17:05:56:506 2021 Branch-LXZ IKE/7/PACKET: vrf = 0, local = 212.222.0.22, remote = 171.221.88.110/500
Decrypt the packet.
*Apr 28 17:05:56:506 2021 Branch-LXZ IKE/7/PACKET: vrf = 0, local = 212.222.0.22, remote = 171.221.88.110/500
Received ISAKMP Hash Payload.
*Apr 28 17:05:56:506 2021 Branch-LXZ IKE/7/PACKET: vrf = 0, local = 212.222.0.22, remote = 171.221.88.110/500
Received ISAKMP Security Association Payload.
*Apr 28 17:05:56:507 2021 Branch-LXZ IKE/7/PACKET: vrf = 0, local = 212.222.0.22, remote = 171.221.88.110/500
Received ISAKMP Nonce Payload.
*Apr 28 17:05:56:507 2021 Branch-LXZ IKE/7/PACKET: vrf = 0, local = 212.222.0.22, remote = 171.221.88.110/500
Received ISAKMP Identification Payload (IPsec DOI).
*Apr 28 17:05:56:507 2021 Branch-LXZ IKE/7/PACKET: vrf = 0, local = 212.222.0.22, remote = 171.221.88.110/500
Received ISAKMP Identification Payload (IPsec DOI).
*Apr 28 17:05:56:507 2021 Branch-LXZ IKE/7/PACKET: vrf = 0, local = 212.222.0.22, remote = 171.221.88.110/500
Process HASH payload.
*Apr 28 17:05:56:507 2021 Branch-LXZ IKE/7/EVENT: vrf = 0, local = 212.222.0.22, remote = 171.221.88.110/500
Validated HASH(2) successfully.
*Apr 28 17:05:56:507 2021 Branch-LXZ IKE/7/PACKET: vrf = 0, local = 212.222.0.22, remote = 171.221.88.110/500
Process IPsec SA payload.
*Apr 28 17:05:56:508 2021 Branch-LXZ IKE/7/PACKET: vrf = 0, local = 212.222.0.22, remote = 171.221.88.110/500
Check IPsec proposal 1.
*Apr 28 17:05:56:508 2021 Branch-LXZ IKE/7/PACKET: vrf = 0, local = 212.222.0.22, remote = 171.221.88.110/500
Parse transform 1.
*Apr 28 17:05:56:508 2021 Branch-LXZ IKE/7/PACKET: vrf = 0, local = 212.222.0.22, remote = 171.221.88.110/500
Encapsulation mode is Tunnel.
*Apr 28 17:05:56:508 2021 Branch-LXZ IKE/7/PACKET: vrf = 0, local = 212.222.0.22, remote = 171.221.88.110/500
Lifetime type is in seconds.
*Apr 28 17:05:56:508 2021 Branch-LXZ IKE/7/PACKET: vrf = 0, local = 212.222.0.22, remote = 171.221.88.110/500
Life duration is 3600.
*Apr 28 17:05:56:508 2021 Branch-LXZ IKE/7/PACKET: vrf = 0, local = 212.222.0.22, remote = 171.221.88.110/500
Lifetime type is in kilobytes.
*Apr 28 17:05:56:508 2021 Branch-LXZ IKE/7/PACKET: vrf = 0, local = 212.222.0.22, remote = 171.221.88.110/500
Life duration is 1843200.
*Apr 28 17:05:56:509 2021 Branch-LXZ IKE/7/PACKET: vrf = 0, local = 212.222.0.22, remote = 171.221.88.110/500
Authentication algorithm is HMAC-SHA1.
*Apr 28 17:05:56:509 2021 Branch-LXZ IKE/7/PACKET: vrf = 0, local = 212.222.0.22, remote = 171.221.88.110/500
Key length is 128 bytes.
*Apr 28 17:05:56:509 2021 Branch-LXZ IKE/7/PACKET: vrf = 0, local = 212.222.0.22, remote = 171.221.88.110/500
Transform ID is AES-CBC.
*Apr 28 17:05:56:509 2021 Branch-LXZ IKE/7/PACKET: vrf = 0, local = 212.222.0.22, remote = 171.221.88.110/500
The proposal is acceptable.
*Apr 28 17:05:56:509 2021 Branch-LXZ IKE/7/PACKET: vrf = 0, local = 212.222.0.22, remote = 171.221.88.110/500
Process IPsec ID payload.
*Apr 28 17:05:56:509 2021 Branch-LXZ IKE/7/PACKET: vrf = 0, local = 212.222.0.22, remote = 171.221.88.110/500
Process IPsec ID payload.
*Apr 28 17:05:56:509 2021 Branch-LXZ IKE/7/EVENT: vrf = 0, local = 212.222.0.22, remote = 171.221.88.110/500
Install IPsec SAs.
*Apr 28 17:05:56:509 2021 Branch-LXZ IKE/7/EVENT: Inbound flow: 192.168.17.0/24->192.168.88.0/24
*Apr 28 17:05:56:509 2021 Branch-LXZ IKE/7/EVENT: Outbound flow: 192.168.88.0/24->192.168.17.0/24
*Apr 28 17:05:56:510 2021 Branch-LXZ IKE/7/EVENT: vrf = 0, local = 212.222.0.22, remote = 171.221.88.110/500
Lifetime in seconds: 3600
*Apr 28 17:05:56:510 2021 Branch-LXZ IKE/7/EVENT: vrf = 0, local = 212.222.0.22, remote = 171.221.88.110/500
Lifetime in kilobytes: 1843200
*Apr 28 17:05:56:510 2021 Branch-LXZ IKE/7/EVENT:
Protocol: 50
Inbound SPI: 0x71151493
Outbound SPI: 0x1ffabbb4
*Apr 28 17:05:56:510 2021 Branch-LXZ IPSEC/7/EVENT:
Can not find IPsec tunnel in same flow hash table, and will create a new one.
*Apr 28 17:05:56:510 2021 Branch-LXZ IPSEC/7/EVENT:
IPsec tunnel successfully added in kernel.
*Apr 28 17:05:56:511 2021 Branch-LXZ IPSEC/7/EVENT:
SA successfully added in kernel.
*Apr 28 17:05:56:511 2021 Branch-LXZ IPSEC/7/EVENT:
SA successfully added in kernel.
*Apr 28 17:05:56:510 2021 Branch-LXZ IPSEC/7/EVENT:
Got default traffic-based lifetime settings for IPsec P2 SA when filling ISAKMP SA data:
Role : Initiator.
Default soft lifetime : 1509949440 bytes.
Hard lifetime : 1887436800 bytes.
*Apr 28 17:05:56:510 2021 Branch-LXZ IPSEC/7/EVENT:
Got traffic-based lifetime settings for IPsec P2 SA when filling ISAKMP SA data:
Role : Initiator.
Configured soft lifetime buffer : 0 bytes.
Configured global soft lifetime buffer : 0 bytes.
Default soft lifetime : 1509949440 bytes.
Hard lifetime after negotiation : 1887436800 bytes.
Actual soft lifetime : 1509949440 bytes.
*Apr 28 17:05:56:510 2021 Branch-LXZ IPSEC/7/EVENT:
Added tunnel to kernel successfully.
*Apr 28 17:05:56:510 2021 Branch-LXZ IPSEC/7/EVENT:
Sent add tunnel message to all nodes, message type is 0x13.
*Apr 28 17:05:56:510 2021 Branch-LXZ IPSEC/7/EVENT:
Save IPsec Tunnel to DBM, tunnelIndex 1, refreshCnt 0, createTime 119253
*Apr 28 17:05:56:511 2021 Branch-LXZ IPSEC/7/EVENT:
Added an IPsec tunnel when adding ISAKMP SA: tunnel index = 1, tunnel sequence number = 3.
*Apr 28 17:05:56:511 2021 Branch-LXZ IPSEC/7/EVENT:
Added SA to kernel successfully.
*Apr 28 17:05:56:511 2021 Branch-LXZ IPSEC/7/EVENT:
Added ISAKMP SAs. Number of SAs added is 2.
*Apr 28 17:05:56:511 2021 Branch-LXZ IPSEC/7/EVENT:
No.1 SA index: 6, sequence number: 11.
*Apr 28 17:05:56:511 2021 Branch-LXZ IPSEC/7/EVENT:
No.2 SA index: 7, sequence number: 11.
*Apr 28 17:05:56:511 2021 Branch-LXZ IPSEC/7/EVENT:
Added SA context to IKE.
*Apr 28 17:05:56:511 2021 Branch-LXZ IKE/7/EVENT: Received message from ipsec, message type is 11.
*Apr 28 17:05:56:511 2021 Branch-LXZ IKE/7/EVENT: vrf = 0, local = 212.222.0.22, remote = 171.221.88.110/500
IPsec SA state changed from IKE_P2_STATE_SEND1 to IKE_P2_STATE_SA_CREATED.
*Apr 28 17:05:56:511 2021 Branch-LXZ IKE/7/EVENT: IKE thread 1099324379824 processes a job.
*Apr 28 17:05:56:512 2021 Branch-LXZ IKE/7/PACKET: vrf = 0, local = 212.222.0.22, remote = 171.221.88.110/500
Construct HASH(3) payload.
*Apr 28 17:05:56:512 2021 Branch-LXZ IKE/7/PACKET: vrf = 0, local = 212.222.0.22, remote = 171.221.88.110/500
Encrypt the packet.
*Apr 28 17:05:56:512 2021 Branch-LXZ IPSEC/7/EVENT:
Updated outbound SA of IPsec tunnel(SA index = 6, SPI = 0x1ffabbb4).
%Apr 28 17:05:56:512 2021 Branch-LXZ IPSEC/6/IPSEC_SA_ESTABLISH: IPsec SA was established.
SA information:
Role: initiator
Local address: 212.222.0.22
Remote address: 171.221.88.110
Sour addr: 192.168.88.0/255.255.255.0 Port: 0 Protocol: IP
Dest addr: 192.168.17.0/255.255.255.0 Port: 0 Protocol: IP
Inside VPN instance:
Outside VPN instance:
Inbound AH SPI: 0
Outbound AH SPI: 0
Inbound ESP SPI: 1897206931
Outbound ESP SPI: 536525748
ACL number: 3020

*Apr 28 17:05:56:512 2021 Branch-LXZ IPSEC/7/EVENT:
Sent switch SA message to all nodes, message type is 0x1a.
*Apr 28 17:05:56:512 2021 Branch-LXZ IPSEC/7/EVENT:
Switch SA and delete blockflow node. SA index : 7, SA Seq : 11.Block index : 0, Block seq : 9.
*Apr 28 17:05:56:512 2021 Branch-LXZ IPSEC/7/EVENT:
Switched SA successfully.
*Apr 28 17:05:56:512 2021 Branch-LXZ IKE/7/EVENT: Received message from ipsec, message type is 15.
*Apr 28 17:05:56:513 2021 Branch-LXZ IKE/7/EVENT: vrf = 0, local = 212.222.0.22, remote = 171.221.88.110/500
IPsec SA state changed from IKE_P2_STATE_SA_CREATED to IKE_P2_STATE_SA_SWITCH.
*Apr 28 17:05:56:513 2021 Branch-LXZ IKE/7/EVENT: IKE thread 1099324379824 processes a job.
*Apr 28 17:05:56:513 2021 Branch-LXZ IKE/7/EVENT: vrf = 0, local = 212.222.0.22, remote = 171.221.88.110/500
IPsec SA state changed from IKE_P2_STATE_SA_SWITCH to IKE_P2_STATE_ESTABLISHED.
*Apr 28 17:05:56:513 2021 Branch-LXZ IKE/7/PACKET: vrf = 0, local = 212.222.0.22, remote = 171.221.88.110/500
Sending packet to 171.221.88.110 remote port 500, local port 500.
*Apr 28 17:05:56:513 2021 Branch-LXZ IKE/7/PACKET: vrf = 0, local = 212.222.0.22, remote = 171.221.88.110/500

I-COOKIE: c0e46f144a222b28
R-COOKIE: 0c1bb9d7e5fb3808
next payload: HASH
version: ISAKMP Version 1.0
exchange mode: Quick
flags: ENCRYPT
message ID: 43a578ab
length: 60
*Apr 28 17:05:56:513 2021 Branch-LXZ IKE/7/PACKET: vrf = 0, local = 212.222.0.22, remote = 171.221.88.110/500
Sending an IPv4 packet.
*Apr 28 17:05:56:513 2021 Branch-LXZ IKE/7/EVENT: vrf = 0, local = 212.222.0.22, remote = 171.221.88.110/500
Sent data to socket successfully.
*Apr 28 17:05:56:514 2021 Branch-LXZ IKE/7/EVENT: vrf = 0, local = 212.222.0.22, remote = 171.221.88.110/500
Got time-based lifetime settings for IKE P2 SA:
Role : Initiator.
Configured soft lifetime buffer : 0 seconds.
Hard lifetime after negotiation : 3600 seconds.
Default soft lifetime : 2700 seconds.
Actual soft lifetime : 2700 seconds.
*Apr 28 17:05:56:514 2021 Branch-LXZ IKE/7/EVENT: vrf = 0, local = 212.222.0.22, remote = 171.221.88.110/500
Add P2 SA to triple successfully.
*Apr 28 17:05:56:579 2021 Branch-LXZ IPSEC/7/PACKET:
FS Check : fs sequence num in IPsec fast cache is 195, current fs sequence num is 195
*Apr 28 17:05:56:579 2021 Branch-LXZ IPSEC/7/PACKET:
FS Check : No Change. Tunnel index = 2, Tunnel seq = 3.
*Apr 28 17:05:56:579 2021 Branch-LXZ IPSEC/7/PACKET:
--- Sent packet by IPsec fast forwarding ---
*Apr 28 17:05:56:579 2021 Branch-LXZ IPSEC/7/PACKET:
Outbound IPsec processing: src IP = 192.168.88.1, dst IP = 192.168.10.1, SPI = 131034676.
*Apr 28 17:05:56:579 2021 Branch-LXZ IPSEC/7/PACKET:
Outbound IPsec processing: ESP auth algorithm: SHA1, ESP encp algorithm: AES-CBC-128.
*Apr 28 17:05:56:579 2021 Branch-LXZ IPSEC/7/PACKET:
Packet will be sent to CCF for sync-encryption.
*Apr 28 17:05:56:579 2021 Branch-LXZ IPSEC/7/PACKET:
Outbound IPsec ESP processing: Encryption succeeded, anti-replay SN is 2.
*Apr 28 17:05:56:579 2021 Branch-LXZ IPSEC/7/PACKET:
Outbound IPsec processing: Packet encapsulated successfully.
*Apr 28 17:05:56:584 2021 Branch-LXZ IPSEC/7/PACKET:
--- Received IPsec packet from fast forwarding, Protocl : 50---
*Apr 28 17:05:56:584 2021 Branch-LXZ IPSEC/7/PACKET:
Inbound IPsec processing: src IP = 171.221.88.110, dst IP = 212.222.0.22, SPI = 2963224320.
*Apr 28 17:05:56:584 2021 Branch-LXZ IPSEC/7/PACKET:
Inbound IPsec processing: ESP auth algorithm: SHA1, ESP encp algorithm: AES-CBC-128.
*Apr 28 17:05:56:584 2021 Branch-LXZ IPSEC/7/PACKET:
Packet will be sent to CCF for sync-decryption.
*Apr 28 17:05:56:584 2021 Branch-LXZ IPSEC/7/PACKET:
Inbound fast IPsec ESP processing: Authentication succeeded.
*Apr 28 17:05:56:584 2021 Branch-LXZ IPSEC/7/PACKET:
Inbound fast IPsec ESP processing: Decryption succeeded.
*Apr 28 17:05:56:584 2021 Branch-LXZ IPSEC/7/PACKET:
IPsec processing: Tunnel mode.
*Apr 28 17:05:56:584 2021 Branch-LXZ IPSEC/7/PACKET:
Inbound IPsec processing: Sent packet back to IP forwarding.
ike sa
Connection-ID Remote Flag DOI
------------------------------------------------------------------
79 171.221.88.110 RD IPsec
Flags:
RD--READY RL--REPLACED FD-FADING RK-REKEY
<Branch-LXZ>disp ipsec s*Apr 28 17:05:59:579 2021 Branch-LXZ IPSEC/7/PACKET:
FS Check : fs sequence num in IPsec fast cache is 195, current fs sequence num is 195
*Apr 28 17:05:59:579 2021 Branch-LXZ IPSEC/7/PACKET:
FS Check : No Change. Tunnel index = 2, Tunnel seq = 3.
*Apr 28 17:05:59:579 2021 Branch-LXZ IPSEC/7/PACKET:
--- Sent packet by IPsec fast forwarding ---
*Apr 28 17:05:59:579 2021 Branch-LXZ IPSEC/7/PACKET:
Outbound IPsec processing: src IP = 192.168.88.1, dst IP = 192.168.10.1, SPI = 131034676.
*Apr 28 17:05:59:579 2021 Branch-LXZ IPSEC/7/PACKET:
Outbound IPsec processing: ESP auth algorithm: SHA1, ESP encp algorithm: AES-CBC-128.
*Apr 28 17:05:59:579 2021 Branch-LXZ IPSEC/7/PACKET:
Packet will be sent to CCF for sync-encryption.
*Apr 28 17:05:59:579 2021 Branch-LXZ IPSEC/7/PACKET:
Outbound IPsec ESP processing: Encryption succeeded, anti-replay SN is 3.
*Apr 28 17:05:59:579 2021 Branch-LXZ IPSEC/7/PACKET:
Outbound IPsec processing: Packet encapsulated successfully.
*Apr 28 17:05:59:585 2021 Branch-LXZ IPSEC/7/PACKET:
--- Received IPsec packet from fast forwarding, Protocl : 50---
*Apr 28 17:05:59:585 2021 Branch-LXZ IPSEC/7/PACKET:
Inbound IPsec processing: src IP = 171.221.88.110, dst IP = 212.222.0.22, SPI = 2963224320.
*Apr 28 17:05:59:585 2021 Branch-LXZ IPSEC/7/PACKET:
Inbound IPsec processing: ESP auth algorithm: SHA1, ESP encp algorithm: AES-CBC-128.
*Apr 28 17:05:59:585 2021 Branch-LXZ IPSEC/7/PACKET:
Packet will be sent to CCF for sync-decryption.
*Apr 28 17:05:59:585 2021 Branch-LXZ IPSEC/7/PACKET:
Inbound fast IPsec ESP processing: Authentication succeeded.
*Apr 28 17:05:59:585 2021 Branch-LXZ IPSEC/7/PACKET:
Inbound fast IPsec ESP processing: Decryption succeeded.
*Apr 28 17:05:59:585 2021 Branch-LXZ IPSEC/7/PACKET:
IPsec processing: Tunnel mode.
*Apr 28 17:05:59:585 2021 Branch-LXZ IPSEC/7/PACKET:
Inbound IPsec processing: Sent packet back to IP forwarding.
a
-------------------------------
Interface: Dialer1
-------------------------------

-----------------------------
IPsec policy: 1
Sequence number: 1
Mode: ISAKMP
-----------------------------
Tunnel id: 1
Encapsulation mode: tunnel
Perfect Forward Secrecy:
Inside VPN:
Extended Sequence Numbers enable: N
Traffic Flow Confidentiality enable: N
Path MTU: 1420
Tunnel:
local address: 212.222.0.22
remote address: 171.221.88.110
Flow:
sour addr: 192.168.88.0/255.255.255.0 port: 0 protocol: ip
dest addr: 192.168.17.0/255.255.255.0 port: 0 protocol: ip

[Inbound ESP SAs]
SPI: 1897206931 (0x71151493)
Connection ID: 47244640263
Transform set: ESP-ENCRYPT-AES-CBC-128 ESP-AUTH-SHA1
SA duration (kilobytes/sec): 1843200/3600
SA remaining duration (kilobytes/sec): 1843200/3597
Max received sequence-number: 0
Anti-replay check enable: Y
Anti-replay window size: 64
UDP encapsulation used for NAT traversal: N
Status: Active

[Outbound ESP SAs]
SPI: 536525748 (0x1ffabbb4)
Connection ID: 47244640262
Transform set: ESP-ENCRYPT-AES-CBC-128 ESP-AUTH-SHA1
SA duration (kilobytes/sec): 1843200/3600
SA remaining duration (kilobytes/sec): 1843200/3597
Max sent sequence-number: 0
UDP encapsulation used for NAT traversal: N
Status: Active

-----------------------------
IPsec policy: 1
Sequence number: 1
Mode: ISAKMP
-----------------------------
Tunnel id: 2
Encapsulation mode: tunnel
Perfect Forward Secrecy:
Inside VPN:
Extended Sequence Numbers enable: N
Traffic Flow Confidentiality enable: N
Path MTU: 1420
Tunnel:
local address: 212.222.0.22
remote address: 171.221.88.110
Flow:
sour addr: 192.168.88.0/255.255.255.0 port: 0 protocol: ip
dest addr: 192.168.10.0/255.255.255.0 port: 0 protocol: ip

[Inbound ESP SAs]
SPI: 2963224320 (0xb09f3700)
Connection ID: 38654705673
Transform set: ESP-ENCRYPT-AES-CBC-128 ESP-AUTH-SHA1
SA duration (kilobytes/sec): 1843200/3600
SA remaining duration (kilobytes/sec): 1843199/3588
Max received sequence-number: 3
Anti-replay check enable: Y
Anti-replay window size: 64
UDP encapsulation used for NAT traversal: N
Status: Active

[Outbound ESP SAs]
SPI: 131034676 (0x07cf6e34)
Connection ID: 38654705672
Transform set: ESP-ENCRYPT-AES-CBC-128 ESP-AUTH-SHA1
SA duration (kilobytes/sec): 1843200/3600
SA remaining duration (kilobytes/sec): 1843199/3588
Max sent sequence-number: 3
UDP encapsulation used for NAT traversal: N
Status: Active
<Branch-LXZ>
<Branch-LXZ>*Apr 28 17:06:02:579 2021 Branch-LXZ IPSEC/7/PACKET:
FS Check : fs sequence num in IPsec fast cache is 195, current fs sequence num is 195
*Apr 28 17:06:02:579 2021 Branch-LXZ IPSEC/7/PACKET:
FS Check : No Change. Tunnel index = 2, Tunnel seq = 3.
*Apr 28 17:06:02:579 2021 Branch-LXZ IPSEC/7/PACKET:
--- Sent packet by IPsec fast forwarding ---
*Apr 28 17:06:02:579 2021 Branch-LXZ IPSEC/7/PACKET:
Outbound IPsec processing: src IP = 192.168.88.1, dst IP = 192.168.10.1, SPI = 131034676.
*Apr 28 17:06:02:579 2021 Branch-LXZ IPSEC/7/PACKET:
Outbound IPsec processing: ESP auth algorithm: SHA1, ESP encp algorithm: AES-CBC-128.
*Apr 28 17:06:02:579 2021 Branch-LXZ IPSEC/7/PACKET:
Packet will be sent to CCF for sync-encryption.
*Apr 28 17:06:02:579 2021 Branch-LXZ IPSEC/7/PACKET:
Outbound IPsec ESP processing: Encryption succeeded, anti-replay SN is 4.
*Apr 28 17:06:02:579 2021 Branch-LXZ IPSEC/7/PACKET:
Outbound IPsec processing: Packet encapsulated successfully.
*Apr 28 17:06:02:585 2021 Branch-LXZ IPSEC/7/PACKET:
--- Received IPsec packet from fast forwarding, Protocl : 50---
*Apr 28 17:06:02:585 2021 Branch-LXZ IPSEC/7/PACKET:
Inbound IPsec processing: src IP = 171.221.88.110, dst IP = 212.222.0.22, SPI = 2963224320.
*Apr 28 17:06:02:585 2021 Branch-LXZ IPSEC/7/PACKET:
Inbound IPsec processing: ESP auth algorithm: SHA1, ESP encp algorithm: AES-CBC-128.
*Apr 28 17:06:02:585 2021 Branch-LXZ IPSEC/7/PACKET:
Packet will be sent to CCF for sync-decryption.
*Apr 28 17:06:02:585 2021 Branch-LXZ IPSEC/7/PACKET:
Inbound fast IPsec ESP processing: Authentication succeeded.
*Apr 28 17:06:02:585 2021 Branch-LXZ IPSEC/7/PACKET:
Inbound fast IPsec ESP processing: Decryption succeeded.
*Apr 28 17:06:02:585 2021 Branch-LXZ IPSEC/7/PACKET:
IPsec processing: Tunnel mode.
*Apr 28 17:06:02:585 2021 Branch-LXZ IPSEC/7/PACKET:
Inbound IPsec processing: Sent packet back to IP forwarding.
*Apr 28 17:06:05:579 2021 Branch-LXZ IPSEC/7/PACKET:
FS Check : fs sequence num in IPsec fast cache is 195, current fs sequence num is 195
*Apr 28 17:06:05:579 2021 Branch-LXZ IPSEC/7/PACKET:
FS Check : No Change. Tunnel index = 2, Tunnel seq = 3.
*Apr 28 17:06:05:579 2021 Branch-LXZ IPSEC/7/PACKET:
--- Sent packet by IPsec fast forwarding ---
*Apr 28 17:06:05:579 2021 Branch-LXZ IPSEC/7/PACKET:
Outbound IPsec processing: src IP = 192.168.88.1, dst IP = 192.168.10.1, SPI = 131034676.
*Apr 28 17:06:05:579 2021 Branch-LXZ IPSEC/7/PACKET:
Outbound IPsec processing: ESP auth algorithm: SHA1, ESP encp algorithm: AES-CBC-128.
*Apr 28 17:06:05:579 2021 Branch-LXZ IPSEC/7/PACKET:
Packet will be sent to CCF for sync-encryption.
*Apr 28 17:06:05:579 2021 Branch-LXZ IPSEC/7/PACKET:
Outbound IPsec ESP processing: Encryption succeeded, anti-replay SN is 5.
*Apr 28 17:06:05:579 2021 Branch-LXZ IPSEC/7/PACKET:
Outbound IPsec processing: Packet encapsulated successfully.
*Apr 28 17:06:05:584 2021 Branch-LXZ IPSEC/7/PACKET:
--- Received IPsec packet from fast forwarding, Protocl : 50---
*Apr 28 17:06:05:584 2021 Branch-LXZ IPSEC/7/PACKET:
Inbound IPsec processing: src IP = 171.221.88.110, dst IP = 212.222.0.22, SPI = 2963224320.
*Apr 28 17:06:05:584 2021 Branch-LXZ IPSEC/7/PACKET:
Inbound IPsec processing: ESP auth algorithm: SHA1, ESP encp algorithm: AES-CBC-128.
*Apr 28 17:06:05:584 2021 Branch-LXZ IPSEC/7/PACKET:
Packet will be sent to CCF for sync-decryption.
*Apr 28 17:06:05:584 2021 Branch-LXZ IPSEC/7/PACKET:
Inbound fast IPsec ESP processing: Authentication succeeded.
*Apr 28 17:06:05:584 2021 Branch-LXZ IPSEC/7/PACKET:
Inbound fast IPsec ESP processing: Decryption succeeded.
*Apr 28 17:06:05:584 2021 Branch-LXZ IPSEC/7/PACKET:
IPsec processing: Tunnel mode.
*Apr 28 17:06:05:584 2021 Branch-LXZ IPSEC/7/PACKET:
Inbound IPsec processing: Sent packet back to IP forwarding.
*Apr 28 17:06:06:731 2021 Branch-LXZ IPSEC/7/PACKET:
--- Sent IPsec packet, pkt len : 106 ---
*Apr 28 17:06:06:731 2021 Branch-LXZ IPSEC/7/PACKET:
Attent to match Mqc(0), ifIndex is 134, digest is 0, no result.
*Apr 28 17:06:06:731 2021 Branch-LXZ IPSEC/7/PACKET:
Attent to match Mqc(1), ifIndex is 134, digest is 0, no result.
*Apr 28 17:06:06:731 2021 Branch-LXZ IPSEC/7/PACKET:
Last dest lip is NULL.
*Apr 28 17:06:06:731 2021 Branch-LXZ IPSEC/7/PACKET:
Outbound IPsec processing: src IP = 192.168.88.28, dst IP = 192.168.17.31, SPI = 536525748.
*Apr 28 17:06:06:731 2021 Branch-LXZ IPSEC/7/PACKET:
Alloc IPsec cache: Global fs seq : 195, Private index : 1, Private seq : 3.
*Apr 28 17:06:06:731 2021 Branch-LXZ IPSEC/7/EVENT:
Add ip fastforward cache : ulDirtection = 2, ifIndexOut = 135
*Apr 28 17:06:06:731 2021 Branch-LXZ IPSEC/7/EVENT:
Added IP fast forwarding entry.
*Apr 28 17:06:06:731 2021 Branch-LXZ IPSEC/7/PACKET:
Outbound IPsec processing: ESP auth algorithm: SHA1, ESP encp algorithm: AES-CBC-128.
*Apr 28 17:06:06:731 2021 Branch-LXZ IPSEC/7/PACKET:
Packet will be sent to CCF for sync-encryption.
*Apr 28 17:06:06:731 2021 Branch-LXZ IPSEC/7/PACKET:
Outbound IPsec ESP processing: Encryption succeeded, anti-replay SN is 1.
*Apr 28 17:06:06:731 2021 Branch-LXZ IPSEC/7/PACKET:
Outbound IPsec processing: Packet encapsulated successfully.
*Apr 28 17:06:06:731 2021 Branch-LXZ IPSEC/7/EVENT:
Start to fill reply cache key, SrcAddr : 212.222.0.22, DstAddr : 171.221.88.110, SPI :536525748, SrcPort : 8186, DstPort : 48052.
*Apr 28 17:06:06:731 2021 Branch-LXZ IPSEC/7/EVENT:
Fill output IPsec packet reply cache key.
*Apr 28 17:06:06:731 2021 Branch-LXZ IPSEC/7/EVENT:
Find another sa, spi : 0x71151493, SrcPort : 28949, DstPort : 5267.

<Branch-LXZ>
<Branch-LXZ>*Apr 28 17:06:08:579 2021 Branch-LXZ IPSEC/7/PACKET:
FS Check : fs sequence num in IPsec fast cache is 195, current fs sequence num is 195
*Apr 28 17:06:08:579 2021 Branch-LXZ IPSEC/7/PACKET:
FS Check : No Change. Tunnel index = 2, Tunnel seq = 3.
*Apr 28 17:06:08:579 2021 Branch-LXZ IPSEC/7/PACKET:
--- Sent packet by IPsec fast forwarding ---
*Apr 28 17:06:08:579 2021 Branch-LXZ IPSEC/7/PACKET:
Outbound IPsec processing: src IP = 192.168.88.1, dst IP = 192.168.10.1, SPI = 131034676.
*Apr 28 17:06:08:579 2021 Branch-LXZ IPSEC/7/PACKET:
Outbound IPsec processing: ESP auth algorithm: SHA1, ESP encp algorithm: AES-CBC-128.
*Apr 28 17:06:08:579 2021 Branch-LXZ IPSEC/7/PACKET:
Packet will be sent to CCF for sync-encryption.
*Apr 28 17:06:08:579 2021 Branch-LXZ IPSEC/7/PACKET:
Outbound IPsec ESP processing: Encryption succeeded, anti-replay SN is 6.
*Apr 28 17:06:08:579 2021 Branch-LXZ IPSEC/7/PACKET:
Outbound IPsec processing: Packet encapsulated successfully.
*Apr 28 17:06:08:585 2021 Branch-LXZ IPSEC/7/PACKET:
--- Received IPsec packet from fast forwarding, Protocl : 50---
*Apr 28 17:06:08:585 2021 Branch-LXZ IPSEC/7/PACKET:
Inbound IPsec processing: src IP = 171.221.88.110, dst IP = 212.222.0.22, SPI = 2963224320.
*Apr 28 17:06:08:585 2021 Branch-LXZ IPSEC/7/PACKET:
Inbound IPsec processing: ESP auth algorithm: SHA1, ESP encp algorithm: AES-CBC-128.
*Apr 28 17:06:08:585 2021 Branch-LXZ IPSEC/7/PACKET:
Packet will be sent to CCF for sync-decryption.
*Apr 28 17:06:08:585 2021 Branch-LXZ IPSEC/7/PACKET:
Inbound fast IPsec ESP processing: Authentication succeeded.
*Apr 28 17:06:08:585 2021 Branch-LXZ IPSEC/7/PACKET:
Inbound fast IPsec ESP processing: Decryption succeeded.
*Apr 28 17:06:08:585 2021 Branch-LXZ IPSEC/7/PACKET:
IPsec processing: Tunnel mode.
*Apr 28 17:06:08:585 2021 Branch-LXZ IPSEC/7/PACKET:
Inbound IPsec processing: Sent packet back to IP forwarding.

<Branch-LXZ>
<Branch-LXZ>
<Branch-LXZ>

能标注下,主要的几个阶段

红烧牛肉面 发表时间:2021-04-29

编辑答案

你正在编辑答案

如果你要对问题或其他回答进行点评或询问,请使用评论功能。

分享扩散:

提出建议

    +

亲~登录后才可以操作哦!

确定

亲~检测到您登陆的账号未在http://hclhub.h3c.com进行注册

注册后可访问此模块

跳转hclhub

你的邮箱还未认证,请认证邮箱或绑定手机后进行当前操作

举报

×

侵犯我的权益 >
对根叔社区有害的内容 >
辱骂、歧视、挑衅等(不友善)

侵犯我的权益

×

泄露了我的隐私 >
侵犯了我企业的权益 >
抄袭了我的内容 >
诽谤我 >
辱骂、歧视、挑衅等(不友善)
骚扰我

泄露了我的隐私

×

您好,当您发现根叔知了上有泄漏您隐私的内容时,您可以向根叔知了进行举报。 请您把以下内容通过邮件发送到zhiliao@h3c.com 邮箱,我们会尽快处理。
  • 1. 您认为哪些内容泄露了您的隐私?(请在邮件中列出您举报的内容、链接地址,并给出简短的说明)
  • 2. 您是谁?(身份证明材料,可以是身份证或护照等证件)

侵犯了我企业的权益

×

您好,当您发现根叔知了上有关于您企业的造谣与诽谤、商业侵权等内容时,您可以向根叔知了进行举报。 请您把以下内容通过邮件发送到 zhiliao@h3c.com 邮箱,我们会在审核后尽快给您答复。
  • 1. 您举报的内容是什么?(请在邮件中列出您举报的内容和链接地址)
  • 2. 您是谁?(身份证明材料,可以是身份证或护照等证件)
  • 3. 是哪家企业?(营业执照,单位登记证明等证件)
  • 4. 您与该企业的关系是?(您是企业法人或被授权人,需提供企业委托授权书)
我们认为知名企业应该坦然接受公众讨论,对于答案中不准确的部分,我们欢迎您以正式或非正式身份在根叔知了上进行澄清。

抄袭了我的内容

×

原文链接或出处

诽谤我

×

您好,当您发现根叔知了上有诽谤您的内容时,您可以向根叔知了进行举报。 请您把以下内容通过邮件发送到zhiliao@h3c.com 邮箱,我们会尽快处理。
  • 1. 您举报的内容以及侵犯了您什么权益?(请在邮件中列出您举报的内容、链接地址,并给出简短的说明)
  • 2. 您是谁?(身份证明材料,可以是身份证或护照等证件)
我们认为知名企业应该坦然接受公众讨论,对于答案中不准确的部分,我们欢迎您以正式或非正式身份在根叔知了上进行澄清。

对根叔社区有害的内容

×

垃圾广告信息
色情、暴力、血腥等违反法律法规的内容
政治敏感
不规范转载 >
辱骂、歧视、挑衅等(不友善)
骚扰我
诱导投票

不规范转载

×

举报说明