IKEv1 TS 2 - IKE version mismatch

Group Policy VPN protocol mismatch, responsder is configured with IKEv2 only

Phase 1 actually is completed, but show crypto isakmp sa doesn't display anything on both initiator and responder.
Negotiation failed at QM. Only responder debug gives real reason.

Initiator:

Buffer log:
Jan 20 2020 15:35:04: %ASA-3-713902: Group = 10.0.0.2, IP = 10.0.0.2, Removing peer from correlator table failed, no match!
Jan 20 2020 15:35:04: %ASA-4-113019: Group = 10.0.0.2, Username = 10.0.0.2, IP = 10.0.0.2, Session disconnected. Session Type: LAN-to-LAN, Duration: 0h:00m:00s, Bytes xmt: 0, Bytes rcv: 0, Reason: User Requested
Jan 20 2020 15:35:04: %ASA-4-752012: IKEv1 was unsuccessful at setting up a tunnel. Map Tag = MAP. Map Sequence Number = 10.
Jan 20 2020 15:35:04: %ASA-3-752015: Tunnel Manager has failed to establish an L2L SA. All configured IKE versions failed to establish the tunnel. Map Tag= MAP. Map Sequence Number = 10.

Debug

ASAv1# Dec 23 17:59:13 [IKEv1 DEBUG]Pitcher: received a key acquire message, spi 0x0

Dec 23 17:59:13 [IKEv1]IP = 10.0.0.2, IKE Initiator: New Phase 1, Intf inside, IKE Peer 10.0.0.2 local Proxy Address 192.168.1.0, remote Proxy Address 192.168.2.0, Crypto map (MAP)

Dec 23 17:59:13 [IKEv1 DEBUG]IP = 10.0.0.2, constructing ISAKMP SA payload

Dec 23 17:59:13 [IKEv1 DEBUG]IP = 10.0.0.2, constructing NAT-Traversal VID ver 02 payload

Dec 23 17:59:13 [IKEv1 DEBUG]IP = 10.0.0.2, constructing NAT-Traversal VID ver 03 payload

Dec 23 17:59:13 [IKEv1 DEBUG]IP = 10.0.0.2, constructing NAT-Traversal VID ver RFC payload

Dec 23 17:59:13 [IKEv1 DEBUG]IP = 10.0.0.2, constructing Fragmentation VID + extended capabilities payload

Dec 23 17:59:13 [IKEv1]IP = 10.0.0.2, IKE_DECODE SENDING Message (msgid=0) with payloads : HDR + SA (1) + VENDOR (13) + VENDOR (13) + VENDOR (13) + VENDOR (13) + NONE (0) total length : 168

Dec 23 17:59:13 [IKEv1]IKE Receiver: Packet received on 10.0.0.1:500 from 10.0.0.2:500

Dec 23 17:59:13 [IKEv1]IP = 10.0.0.2, IKE_DECODE RECEIVED Message (msgid=0) with payloads : HDR + SA (1) + VENDOR (13) + VENDOR (13) + NONE (0) total length : 128

Dec 23 17:59:13 [IKEv1 DEBUG]IP = 10.0.0.2, processing SA payload

Dec 23 17:59:13 [IKEv1 DEBUG]IP = 10.0.0.2, Oakley proposal is acceptable

Dec 23 17:59:13 [IKEv1 DEBUG]IP = 10.0.0.2, processing VID payload

Dec 23 17:59:13 [IKEv1 DEBUG]IP = 10.0.0.2, Received NAT-Traversal RFC VID

Dec 23 17:59:13 [IKEv1 DEBUG]IP = 10.0.0.2, processing VID payload

Dec 23 17:59:13 [IKEv1 DEBUG]IP = 10.0.0.2, Received Fragmentation VID

Dec 23 17:59:13 [IKEv1 DEBUG]IP = 10.0.0.2, IKE Peer included IKE fragmentation capability flags: Main Mode: True Aggressive Mode: True

Dec 23 17:59:13 [IKEv1 DEBUG]IP = 10.0.0.2, constructing ke payload

Dec 23 17:59:13 [IKEv1 DEBUG]IP = 10.0.0.2, constructing nonce payload

Dec 23 17:59:13 [IKEv1 DEBUG]IP = 10.0.0.2, constructing Cisco Unity VID payload

Dec 23 17:59:13 [IKEv1 DEBUG]IP = 10.0.0.2, constructing xauth V6 VID payload

Dec 23 17:59:13 [IKEv1 DEBUG]IP = 10.0.0.2, Send IOS VID

Dec 23 17:59:13 [IKEv1 DEBUG]IP = 10.0.0.2, Constructing ASA spoofing IOS Vendor ID payload (version: 1.0.0, capabilities: 20000001)

Dec 23 17:59:13 [IKEv1 DEBUG]IP = 10.0.0.2, constructing VID payload

Dec 23 17:59:13 [IKEv1 DEBUG]IP = 10.0.0.2, Send Altiga/Cisco VPN3000/Cisco ASA GW VID

Dec 23 17:59:13 [IKEv1 DEBUG]IP = 10.0.0.2, constructing NAT-Discovery payload

Dec 23 17:59:13 [IKEv1 DEBUG]IP = 10.0.0.2, computing NAT Discovery hash

Dec 23 17:59:13 [IKEv1 DEBUG]IP = 10.0.0.2, constructing NAT-Discovery payload

Dec 23 17:59:13 [IKEv1 DEBUG]IP = 10.0.0.2, computing NAT Discovery hash

Dec 23 17:59:13 [IKEv1]IP = 10.0.0.2, IKE_DECODE SENDING Message (msgid=0) with payloads : HDR + KE (4) + NONCE (10) + VENDOR (13) + VENDOR (13) + VENDOR (13) + VENDOR (13) + NAT-D (20) + NAT-D (20) + NONE (0) total length : 304

Dec 23 17:59:13 [IKEv1]IKE Receiver: Packet received on 10.0.0.1:500 from 10.0.0.2:500

Dec 23 17:59:13 [IKEv1]IP = 10.0.0.2, IKE_DECODE RECEIVED Message (msgid=0) with payloads : HDR + KE (4) + NONCE (10) + VENDOR (13) + VENDOR (13) + VENDOR (13) + VENDOR (13) + NAT-D (20) + NAT-D (20) + NONE (0) total length : 304

Dec 23 17:59:13 [IKEv1 DEBUG]IP = 10.0.0.2, processing ke payload

Dec 23 17:59:13 [IKEv1 DEBUG]IP = 10.0.0.2, processing ISA_KE payload

Dec 23 17:59:13 [IKEv1 DEBUG]IP = 10.0.0.2, processing nonce payload

Dec 23 17:59:13 [IKEv1 DEBUG]IP = 10.0.0.2, processing VID payload

Dec 23 17:59:13 [IKEv1 DEBUG]IP = 10.0.0.2, Received Cisco Unity client VID

Dec 23 17:59:13 [IKEv1 DEBUG]IP = 10.0.0.2, processing VID payload

Dec 23 17:59:13 [IKEv1 DEBUG]IP = 10.0.0.2, Received xauth V6 VID

Dec 23 17:59:13 [IKEv1 DEBUG]IP = 10.0.0.2, processing VID payload

Dec 23 17:59:13 [IKEv1 DEBUG]IP = 10.0.0.2, Processing VPN3000/ASA spoofing IOS Vendor ID payload (version: 1.0.0, capabilities: 20000001)

Dec 23 17:59:13 [IKEv1 DEBUG]IP = 10.0.0.2, processing VID payload

Dec 23 17:59:13 [IKEv1 DEBUG]IP = 10.0.0.2, Received Altiga/Cisco VPN3000/Cisco ASA GW VID

Dec 23 17:59:13 [IKEv1 DEBUG]IP = 10.0.0.2, processing NAT-Discovery payload

Dec 23 17:59:13 [IKEv1 DEBUG]IP = 10.0.0.2, computing NAT Discovery hash

Dec 23 17:59:13 [IKEv1 DEBUG]IP = 10.0.0.2, processing NAT-Discovery payload

Dec 23 17:59:13 [IKEv1 DEBUG]IP = 10.0.0.2, computing NAT Discovery hash

Dec 23 17:59:13 [IKEv1]IP = 10.0.0.2, Connection landed on tunnel_group 10.0.0.2

Dec 23 17:59:13 [IKEv1 DEBUG]Group = 10.0.0.2, IP = 10.0.0.2, Generating keys for Initiator...

Dec 23 17:59:13 [IKEv1 DEBUG]Group = 10.0.0.2, IP = 10.0.0.2, constructing ID payload

Dec 23 17:59:13 [IKEv1 DEBUG]Group = 10.0.0.2, IP = 10.0.0.2, constructing hash payload

Dec 23 17:59:13 [IKEv1 DEBUG]Group = 10.0.0.2, IP = 10.0.0.2, Computing hash for ISAKMP

Dec 23 17:59:13 [IKEv1 DEBUG]IP = 10.0.0.2, Constructing IOS keep alive payload: proposal=32767/32767 sec.

Dec 23 17:59:13 [IKEv1 DEBUG]Group = 10.0.0.2, IP = 10.0.0.2, constructing dpd vid payload

Dec 23 17:59:13 [IKEv1]IP = 10.0.0.2, IKE_DECODE SENDING Message (msgid=0) with payloads : HDR + ID (5) + HASH (8) + IOS KEEPALIVE (128) + VENDOR (13) + NONE (0) total length : 96

Dec 23 17:59:13 [IKEv1]Group = 10.0.0.2, IP = 10.0.0.2, Automatic NAT Detection Status: Remote end is NOT behind a NAT device This end is NOT behind a NAT device

Dec 23 17:59:13 [IKEv1]IKE Receiver: Packet received on 10.0.0.1:500 from 10.0.0.2:500

Dec 23 17:59:13 [IKEv1]IP = 10.0.0.2, IKE_DECODE RECEIVED Message (msgid=0) with payloads : HDR + ID (5) + HASH (8) + IOS KEEPALIVE (128) + VENDOR (13) + NONE (0) total length : 96

Dec 23 17:59:13 [IKEv1 DEBUG]Group = 10.0.0.2, IP = 10.0.0.2, processing ID payload

Dec 23 17:59:13 [IKEv1 DECODE]Group = 10.0.0.2, IP = 10.0.0.2, ID_IPV4_ADDR ID received

10.0.0.2

Dec 23 17:59:13 [IKEv1 DEBUG]Group = 10.0.0.2, IP = 10.0.0.2, processing hash payload

Dec 23 17:59:13 [IKEv1 DEBUG]Group = 10.0.0.2, IP = 10.0.0.2, Computing hash for ISAKMP

Dec 23 17:59:13 [IKEv1 DEBUG]IP = 10.0.0.2, Processing IOS keep alive payload: proposal=32767/32767 sec.

Dec 23 17:59:13 [IKEv1 DEBUG]Group = 10.0.0.2, IP = 10.0.0.2, processing VID payload

Dec 23 17:59:13 [IKEv1 DEBUG]Group = 10.0.0.2, IP = 10.0.0.2, Received DPD VID

Dec 23 17:59:13 [IKEv1]IP = 10.0.0.2, Connection landed on tunnel_group 10.0.0.2

Dec 23 17:59:13 [IKEv1 DEBUG]Group = 10.0.0.2, IP = 10.0.0.2, Oakley begin quick mode

Dec 23 17:59:13 [IKEv1 DECODE]Group = 10.0.0.2, IP = 10.0.0.2, IKE Initiator starting QM: msg id = 39665a54

Dec 23 17:59:13 [IKEv1]Group = 10.0.0.2, IP = 10.0.0.2, PHASE 1 COMPLETED

Dec 23 17:59:13 [IKEv1]IP = 10.0.0.2, Keep-alive type for this connection: DPD

Dec 23 17:59:13 [IKEv1 DEBUG]Group = 10.0.0.2, IP = 10.0.0.2, Starting P1 rekey timer: 73440 seconds.

Dec 23 17:59:13 [IKEv1]Group = 10.0.0.2, IP = 10.0.0.2, Add to IKEv1 Tunnel Table succeeded for SA with logical ID 49152

Dec 23 17:59:13 [IKEv1]Group = 10.0.0.2, IP = 10.0.0.2, Add to IKEv1 MIB Table succeeded for SA with logical ID 49152

Dec 23 17:59:13 [IKEv1 DEBUG]Group = 10.0.0.2, IP = 10.0.0.2, IKE got SPI from key engine: SPI = 0xc0d3668a

Dec 23 17:59:13 [IKEv1 DEBUG]Group = 10.0.0.2, IP = 10.0.0.2, oakley constructing quick mode

Dec 23 17:59:13 [IKEv1 DEBUG]Group = 10.0.0.2, IP = 10.0.0.2, constructing blank hash payload

Dec 23 17:59:13 [IKEv1 DEBUG]Group = 10.0.0.2, IP = 10.0.0.2, constructing IPSec SA payload

Dec 23 17:59:13 [IKEv1 DEBUG]Group = 10.0.0.2, IP = 10.0.0.2, constructing IPSec nonce payload

Dec 23 17:59:13 [IKEv1 DEBUG]Group = 10.0.0.2, IP = 10.0.0.2, constructing proxy ID

Dec 23 17:59:13 [IKEv1 DEBUG]Group = 10.0.0.2, IP = 10.0.0.2, Transmitting Proxy Id:

Local subnet: 192.168.1.0 mask 255.255.255.0 Protocol 0 Port 0

Remote subnet: 192.168.2.0 Mask 255.255.255.0 Protocol 0 Port 0

Dec 23 17:59:13 [IKEv1 DECODE]Group = 10.0.0.2, IP = 10.0.0.2, IKE Initiator sending Initial Contact

Dec 23 17:59:13 [IKEv1 DEBUG]Group = 10.0.0.2, IP = 10.0.0.2, constructing qm hash payload

Dec 23 17:59:13 [IKEv1 DECODE]Group = 10.0.0.2, IP = 10.0.0.2, IKE Initiator sending 1st QM pkt: msg id = 39665a54

Dec 23 17:59:13 [IKEv1]IP = 10.0.0.2, IKE_DECODE SENDING Message (msgid=39665a54) with payloads : HDR + HASH (8) + SA (1) + NONCE (10) + ID (5) + ID (5) + NOTIFY (11) + NONE (0) total length : 200

Dec 23 17:59:13 [IKEv1]IKE Receiver: Packet received on 10.0.0.1:500 from 10.0.0.2:500

Dec 23 17:59:13 [IKEv1]IP = 10.0.0.2, IKE_DECODE RECEIVED Message (msgid=ec8d2430) with payloads : HDR + HASH (8) + DELETE (12) + NONE (0) total length : 80

Dec 23 17:59:13 [IKEv1 DEBUG]Group = 10.0.0.2, IP = 10.0.0.2, processing hash payload

Dec 23 17:59:13 [IKEv1 DEBUG]Group = 10.0.0.2, IP = 10.0.0.2, processing delete

Dec 23 17:59:13 [IKEv1]Group = 10.0.0.2, IP = 10.0.0.2, Connection terminated for peer 10.0.0.2. Reason: Peer Terminate Remote Proxy 0.0.0.0, Local Proxy 0.0.0.0

Dec 23 17:59:13 [IKEv1]Group = 10.0.0.2, IP = 10.0.0.2, Remove from IKEv1 Tunnel Table succeeded for SA with logicalId 49152

Dec 23 17:59:13 [IKEv1]Group = 10.0.0.2, IP = 10.0.0.2, Remove from IKEv1 MIB Table succeeded for SA with logical ID 49152

Dec 23 17:59:13 [IKEv1 DEBUG]Group = 10.0.0.2, IP = 10.0.0.2, sending delete/delete with reason message

Dec 23 17:59:13 [IKEv1 DEBUG]Group = 10.0.0.2, IP = 10.0.0.2, constructing blank hash payload

Dec 23 17:59:13 [IKEv1 DEBUG]Group = 10.0.0.2, IP = 10.0.0.2, constructing IPSec delete payload

Dec 23 17:59:13 [IKEv1 DEBUG]Group = 10.0.0.2, IP = 10.0.0.2, constructing qm hash payload

Dec 23 17:59:13 [IKEv1]IP = 10.0.0.2, IKE_DECODE SENDING Message (msgid=c4ad7e13) with payloads : HDR + HASH (8) + DELETE (12) + NONE (0) total length : 68

Dec 23 17:59:13 [IKEv1 DEBUG]Group = 10.0.0.2, IP = 10.0.0.2, IKE Deleting SA: Remote Proxy 192.168.2.0, Local Proxy 192.168.1.0

Dec 23 17:59:13 [IKEv1]Group = 10.0.0.2, IP = 10.0.0.2, Removing peer from correlator table failed, no match!

Dec 23 17:59:13 [IKEv1 DEBUG]Group = 10.0.0.2, IP = 10.0.0.2, IKE SA MM:32c45f0d terminating: flags 0x0100c822, refcnt 0, tuncnt 0

Dec 23 17:59:13 [IKEv1]Group = 10.0.0.2, IP = 10.0.0.2, Session is being torn down. Reason: User Requested

Dec 23 17:59:13 [IKEv1]Ignoring msg to mark SA with dsID 49152 dead because SA deleted

Dec 23 17:59:13 [IKEv1 DEBUG]Pitcher: received key delete msg, spi 0xc0d3668a

Responder:

Buffer log:
Jan 20 2020 15:32:25: %ASA-3-713206: Group = 10.0.0.1, IP = 10.0.0.1, Tunnel Rejected: Conflicting protocols specified by tunnel-group and group-policy
Jan 20 2020 15:32:25: %ASA-3-713902: Group = 10.0.0.1, IP = 10.0.0.1, QM FSM error (P2 struct &0x00007f48d93d67c0, mess id 0xa2616fb9)!
Jan 20 2020 15:32:25: %ASA-3-713902: Group = 10.0.0.1, IP = 10.0.0.1, Removing peer from correlator table failed, no match!

Jan 20 2020 15:32:25: %ASA-4-113019: Group = 10.0.0.1, Username = 10.0.0.1, IP = 10.0.0.1, Session disconnected. Session Type: LAN-to-LAN, Duration: 0h:00m:00s, Bytes xmt: 0, Bytes rcv: 0, Reason: Unknown

Debug:

ASAv2# Dec 23 17:59:13 [IKEv1]IKE Receiver: Packet received on 10.0.0.2:500 from 10.0.0.1:500

Dec 23 17:59:13 [IKEv1]IP = 10.0.0.1, IKE_DECODE RECEIVED Message (msgid=0) with payloads : HDR + SA (1) + VENDOR (13) + VENDOR (13) + VENDOR (13) + VENDOR (13) + NONE (0) total length : 168

Dec 23 17:59:13 [IKEv1 DEBUG]IP = 10.0.0.1, processing SA payload

Dec 23 17:59:13 [IKEv1 DEBUG]IP = 10.0.0.1, Oakley proposal is acceptable

Dec 23 17:59:13 [IKEv1 DEBUG]IP = 10.0.0.1, processing VID payload

Dec 23 17:59:13 [IKEv1 DEBUG]IP = 10.0.0.1, Received NAT-Traversal ver 02 VID

Dec 23 17:59:13 [IKEv1 DEBUG]IP = 10.0.0.1, processing VID payload

Dec 23 17:59:13 [IKEv1 DEBUG]IP = 10.0.0.1, Received NAT-Traversal ver 03 VID

Dec 23 17:59:13 [IKEv1 DEBUG]IP = 10.0.0.1, processing VID payload

Dec 23 17:59:13 [IKEv1 DEBUG]IP = 10.0.0.1, Received NAT-Traversal RFC VID

Dec 23 17:59:13 [IKEv1 DEBUG]IP = 10.0.0.1, processing VID payload

Dec 23 17:59:13 [IKEv1 DEBUG]IP = 10.0.0.1, Received Fragmentation VID

Dec 23 17:59:13 [IKEv1 DEBUG]IP = 10.0.0.1, IKE Peer included IKE fragmentation capability flags: Main Mode: True Aggressive Mode: True

Dec 23 17:59:13 [IKEv1 DEBUG]IP = 10.0.0.1, processing IKE SA payload

Dec 23 17:59:13 [IKEv1 DEBUG]IP = 10.0.0.1, IKE SA Proposal # 1, Transform # 1 acceptable Matches global IKE entry # 2

Dec 23 17:59:13 [IKEv1 DEBUG]IP = 10.0.0.1, constructing ISAKMP SA payload

Dec 23 17:59:13 [IKEv1 DEBUG]IP = 10.0.0.1, constructing NAT-Traversal VID ver RFC payload

Dec 23 17:59:13 [IKEv1 DEBUG]IP = 10.0.0.1, constructing Fragmentation VID + extended capabilities payload

Dec 23 17:59:13 [IKEv1]IP = 10.0.0.1, IKE_DECODE SENDING Message (msgid=0) with payloads : HDR + SA (1) + VENDOR (13) + VENDOR (13) + NONE (0) total length : 128

Dec 23 17:59:13 [IKEv1]IKE Receiver: Packet received on 10.0.0.2:500 from 10.0.0.1:500

Dec 23 17:59:13 [IKEv1]IP = 10.0.0.1, IKE_DECODE RECEIVED Message (msgid=0) with payloads : HDR + KE (4) + NONCE (10) + VENDOR (13) + VENDOR (13) + VENDOR (13) + VENDOR (13) + NAT-D (20) + NAT-D (20) + NONE (0) total length : 304

Dec 23 17:59:13 [IKEv1 DEBUG]IP = 10.0.0.1, processing ke payload

Dec 23 17:59:13 [IKEv1 DEBUG]IP = 10.0.0.1, processing ISA_KE payload

Dec 23 17:59:13 [IKEv1 DEBUG]IP = 10.0.0.1, processing nonce payload

Dec 23 17:59:13 [IKEv1 DEBUG]IP = 10.0.0.1, processing VID payload

Dec 23 17:59:13 [IKEv1 DEBUG]IP = 10.0.0.1, Received Cisco Unity client VID

Dec 23 17:59:13 [IKEv1 DEBUG]IP = 10.0.0.1, processing VID payload

Dec 23 17:59:13 [IKEv1 DEBUG]IP = 10.0.0.1, Received xauth V6 VID

Dec 23 17:59:13 [IKEv1 DEBUG]IP = 10.0.0.1, processing VID payload

Dec 23 17:59:13 [IKEv1 DEBUG]IP = 10.0.0.1, Processing VPN3000/ASA spoofing IOS Vendor ID payload (version: 1.0.0, capabilities: 20000001)

Dec 23 17:59:13 [IKEv1 DEBUG]IP = 10.0.0.1, processing VID payload

Dec 23 17:59:13 [IKEv1 DEBUG]IP = 10.0.0.1, Received Altiga/Cisco VPN3000/Cisco ASA GW VID

Dec 23 17:59:13 [IKEv1 DEBUG]IP = 10.0.0.1, processing NAT-Discovery payload

Dec 23 17:59:13 [IKEv1 DEBUG]IP = 10.0.0.1, computing NAT Discovery hash

Dec 23 17:59:13 [IKEv1 DEBUG]IP = 10.0.0.1, processing NAT-Discovery payload

Dec 23 17:59:13 [IKEv1 DEBUG]IP = 10.0.0.1, computing NAT Discovery hash

Dec 23 17:59:13 [IKEv1 DEBUG]IP = 10.0.0.1, constructing ke payload

Dec 23 17:59:13 [IKEv1 DEBUG]IP = 10.0.0.1, constructing nonce payload

Dec 23 17:59:13 [IKEv1 DEBUG]IP = 10.0.0.1, constructing Cisco Unity VID payload

Dec 23 17:59:13 [IKEv1 DEBUG]IP = 10.0.0.1, constructing xauth V6 VID payload

Dec 23 17:59:13 [IKEv1 DEBUG]IP = 10.0.0.1, Send IOS VID

Dec 23 17:59:13 [IKEv1 DEBUG]IP = 10.0.0.1, Constructing ASA spoofing IOS Vendor ID payload (version: 1.0.0, capabilities: 20000001)

Dec 23 17:59:13 [IKEv1 DEBUG]IP = 10.0.0.1, constructing VID payload

Dec 23 17:59:13 [IKEv1 DEBUG]IP = 10.0.0.1, Send Altiga/Cisco VPN3000/Cisco ASA GW VID

Dec 23 17:59:13 [IKEv1 DEBUG]IP = 10.0.0.1, constructing NAT-Discovery payload

Dec 23 17:59:13 [IKEv1 DEBUG]IP = 10.0.0.1, computing NAT Discovery hash

Dec 23 17:59:13 [IKEv1 DEBUG]IP = 10.0.0.1, constructing NAT-Discovery payload

Dec 23 17:59:13 [IKEv1 DEBUG]IP = 10.0.0.1, computing NAT Discovery hash

Dec 23 17:59:13 [IKEv1]IP = 10.0.0.1, Connection landed on tunnel_group 10.0.0.1

Dec 23 17:59:13 [IKEv1 DEBUG]Group = 10.0.0.1, IP = 10.0.0.1, Generating keys for Responder...

Dec 23 17:59:13 [IKEv1]IP = 10.0.0.1, IKE_DECODE SENDING Message (msgid=0) with payloads : HDR + KE (4) + NONCE (10) + VENDOR (13) + VENDOR (13) + VENDOR (13) + VENDOR (13) + NAT-D (20) + NAT-D (20) + NONE (0) total length : 304

Dec 23 17:59:13 [IKEv1]IKE Receiver: Packet received on 10.0.0.2:500 from 10.0.0.1:500

Dec 23 17:59:13 [IKEv1]IP = 10.0.0.1, IKE_DECODE RECEIVED Message (msgid=0) with payloads : HDR + ID (5) + HASH (8) + IOS KEEPALIVE (128) + VENDOR (13) + NONE (0) total length : 96

Dec 23 17:59:13 [IKEv1 DEBUG]Group = 10.0.0.1, IP = 10.0.0.1, processing ID payload

Dec 23 17:59:13 [IKEv1 DECODE]Group = 10.0.0.1, IP = 10.0.0.1, ID_IPV4_ADDR ID received

10.0.0.1

Dec 23 17:59:13 [IKEv1 DEBUG]Group = 10.0.0.1, IP = 10.0.0.1, processing hash payload

Dec 23 17:59:13 [IKEv1 DEBUG]Group = 10.0.0.1, IP = 10.0.0.1, Computing hash for ISAKMP

Dec 23 17:59:13 [IKEv1 DEBUG]IP = 10.0.0.1, Processing IOS keep alive payload: proposal=32767/32767 sec.

Dec 23 17:59:13 [IKEv1 DEBUG]Group = 10.0.0.1, IP = 10.0.0.1, processing VID payload

Dec 23 17:59:13 [IKEv1 DEBUG]Group = 10.0.0.1, IP = 10.0.0.1, Received DPD VID

Dec 23 17:59:13 [IKEv1]Group = 10.0.0.1, IP = 10.0.0.1, Automatic NAT Detection Status: Remote end is NOT behind a NAT device This end is NOT behind a NAT device

Dec 23 17:59:13 [IKEv1]IP = 10.0.0.1, Connection landed on tunnel_group 10.0.0.1

Dec 23 17:59:13 [IKEv1 DEBUG]Group = 10.0.0.1, IP = 10.0.0.1, constructing ID payload

Dec 23 17:59:13 [IKEv1 DEBUG]Group = 10.0.0.1, IP = 10.0.0.1, constructing hash payload

Dec 23 17:59:13 [IKEv1 DEBUG]Group = 10.0.0.1, IP = 10.0.0.1, Computing hash for ISAKMP

Dec 23 17:59:13 [IKEv1 DEBUG]IP = 10.0.0.1, Constructing IOS keep alive payload: proposal=32767/32767 sec.

Dec 23 17:59:13 [IKEv1 DEBUG]Group = 10.0.0.1, IP = 10.0.0.1, constructing dpd vid payload

Dec 23 17:59:13 [IKEv1]IP = 10.0.0.1, IKE_DECODE SENDING Message (msgid=0) with payloads : HDR + ID (5) + HASH (8) + IOS KEEPALIVE (128) + VENDOR (13) + NONE (0) total length : 96

Dec 23 17:59:13 [IKEv1]Group = 10.0.0.1, IP = 10.0.0.1, PHASE 1 COMPLETED

Dec 23 17:59:13 [IKEv1]IP = 10.0.0.1, Keep-alive type for this connection: DPD

Dec 23 17:59:13 [IKEv1 DEBUG]Group = 10.0.0.1, IP = 10.0.0.1, Starting P1 rekey timer: 41040 seconds.

Dec 23 17:59:13 [IKEv1 DEBUG]Group = 10.0.0.1, IP = 10.0.0.1, sending notify message

Dec 23 17:59:13 [IKEv1 DEBUG]Group = 10.0.0.1, IP = 10.0.0.1, constructing blank hash payload

Dec 23 17:59:13 [IKEv1 DEBUG]Group = 10.0.0.1, IP = 10.0.0.1, constructing qm hash payload

Dec 23 17:59:13 [IKEv1]IP = 10.0.0.1, IKE_DECODE SENDING Message (msgid=72b966fa) with payloads : HDR + HASH (8) + NOTIFY (11) + NONE (0) total length : 88

Dec 23 17:59:13 [IKEv1]Group = 10.0.0.1, IP = 10.0.0.1, Add to IKEv1 Tunnel Table succeeded for SA with logical ID 49152

Dec 23 17:59:13 [IKEv1]Group = 10.0.0.1, IP = 10.0.0.1, Add to IKEv1 MIB Table succeeded for SA with logical ID 49152

Dec 23 17:59:13 [IKEv1]IKE Receiver: Packet received on 10.0.0.2:500 from 10.0.0.1:500

Dec 23 17:59:13 [IKEv1 DECODE]IP = 10.0.0.1, IKE Responder starting QM: msg id = 39665a54

Dec 23 17:59:13 [IKEv1]IP = 10.0.0.1, IKE_DECODE RECEIVED Message (msgid=39665a54) with payloads : HDR + HASH (8) + SA (1) + NONCE (10) + ID (5) + ID (5) + NOTIFY (11) + NONE (0) total length : 200

Dec 23 17:59:13 [IKEv1 DEBUG]Group = 10.0.0.1, IP = 10.0.0.1, processing hash payload

Dec 23 17:59:13 [IKEv1 DEBUG]Group = 10.0.0.1, IP = 10.0.0.1, processing SA payload

Dec 23 17:59:13 [IKEv1 DEBUG]Group = 10.0.0.1, IP = 10.0.0.1, processing nonce payload

Dec 23 17:59:13 [IKEv1 DEBUG]Group = 10.0.0.1, IP = 10.0.0.1, processing ID payload

Dec 23 17:59:13 [IKEv1 DECODE]Group = 10.0.0.1, IP = 10.0.0.1, ID_IPV4_ADDR_SUBNET ID received--192.168.1.0--255.255.255.0

Dec 23 17:59:13 [IKEv1]Group = 10.0.0.1, IP = 10.0.0.1, Received remote IP Proxy Subnet data in ID Payload: Address 192.168.1.0, Mask 255.255.255.0, Protocol 0, Port 0

Dec 23 17:59:13 [IKEv1 DEBUG]Group = 10.0.0.1, IP = 10.0.0.1, processing ID payload

Dec 23 17:59:13 [IKEv1 DECODE]Group = 10.0.0.1, IP = 10.0.0.1, ID_IPV4_ADDR_SUBNET ID received--192.168.2.0--255.255.255.0

Dec 23 17:59:13 [IKEv1]Group = 10.0.0.1, IP = 10.0.0.1, Received local IP Proxy Subnet data in ID Payload: Address 192.168.2.0, Mask 255.255.255.0, Protocol 0, Port 0

Dec 23 17:59:13 [IKEv1 DEBUG]Group = 10.0.0.1, IP = 10.0.0.1, processing notify payload

Dec 23 17:59:13 [IKEv1]Group = 10.0.0.1, IP = 10.0.0.1, Tunnel Rejected: Conflicting protocols specified by tunnel-group and group-policy

Dec 23 17:59:13 [IKEv1]Group = 10.0.0.1, IP = 10.0.0.1, QM FSM error (P2 struct &0x00007f48d93eea20, mess id 0x39665a54)!

Dec 23 17:59:13 [IKEv1 DEBUG]Group = 10.0.0.1, IP = 10.0.0.1, IKE QM Responder FSM error history (struct &0x00007f48d93eea20) , : QM_DONE, EV_ERROR-->QM_BLD_MSG2, EV_PROC_MSG-->QM_BLD_MSG2, EV_HASH_OK-->QM_BLD_MSG2, NullEvent-->QM_BLD_MSG2, EV_COMP_HASH-->QM_BLD_MSG2, EV_VALIDATE_MSG-->QM_BLD_MSG2, EV_DECRYPT_OK-->QM_BLD_MSG2, NullEvent

Dec 23 17:59:13 [IKEv1 DEBUG]Group = 10.0.0.1, IP = 10.0.0.1, sending delete/delete with reason message

Dec 23 17:59:13 [IKEv1]Group = 10.0.0.1, IP = 10.0.0.1, Removing peer from correlator table failed, no match!

Dec 23 17:59:13 [IKEv1 DEBUG]Group = 10.0.0.1, IP = 10.0.0.1, IKE SA MM:e8cb38d2 rcv'd Terminate: state MM_ACTIVE flags 0x0001c042, refcnt 1, tuncnt 0

Dec 23 17:59:13 [IKEv1]Group = 10.0.0.1, IP = 10.0.0.1, Remove from IKEv1 Tunnel Table succeeded for SA with logicalId 49152

Dec 23 17:59:13 [IKEv1]Group = 10.0.0.1, IP = 10.0.0.1, Remove from IKEv1 MIB Table succeeded for SA with logical ID 49152

Dec 23 17:59:13 [IKEv1 DEBUG]Group = 10.0.0.1, IP = 10.0.0.1, IKE SA MM:e8cb38d2 terminating: flags 0x0101c002, refcnt 0, tuncnt 0

Dec 23 17:59:13 [IKEv1 DEBUG]Group = 10.0.0.1, IP = 10.0.0.1, sending delete/delete with reason message

Dec 23 17:59:13 [IKEv1 DEBUG]Group = 10.0.0.1, IP = 10.0.0.1, constructing blank hash payload

Dec 23 17:59:13 [IKEv1 DEBUG]Group = 10.0.0.1, IP = 10.0.0.1, constructing IKE delete payload

Dec 23 17:59:13 [IKEv1 DEBUG]Group = 10.0.0.1, IP = 10.0.0.1, constructing qm hash payload

Dec 23 17:59:13 [IKEv1]IP = 10.0.0.1, IKE_DECODE SENDING Message (msgid=ec8d2430) with payloads : HDR + HASH (8) + DELETE (12) + NONE (0) total length : 80

Dec 23 17:59:13 [IKEv1]Group = 10.0.0.1, IP = 10.0.0.1, Session is being torn down. Reason: Unknown

Dec 23 17:59:13 [IKEv1]Ignoring msg to mark SA with dsID 49152 dead because SA deleted

Dec 23 17:59:13 [IKEv1]IKE Receiver: Packet received on 10.0.0.2:500 from 10.0.0.1:500

Dec 23 17:59:13 [IKEv1]IP = 10.0.0.1, Received encrypted packet with no matching SA, dropping

Net Worker World

Search This Blog