ISAKMP报文解密

使用wireshark抓包

***No. Time Source Destination Protocol Length Info
3 1.735352000 192.168.1.102 192.168.1.101 ISAKMP 878 IKE_SA_INIT***

Frame 3: 878 bytes on wire (7024 bits), 878 bytes captured (7024 bits) on interface 0
Ethernet II, Src: Vmware_d4:27:ab (00:0c:29:d4:27:ab), Dst: Vmware_b0:1b:7f (00:0c:29:b0:1b:7f)
Internet Protocol Version 4, Src: 192.168.1.102 (192.168.1.102), Dst: 192.168.1.101 (192.168.1.101)
User Datagram Protocol, Src Port: isakmp (500), Dst Port: isakmp (500)
Internet Security Association and Key Management Protocol
Initiator cookie: 8fd87d3bc5f0f10b
Responder cookie: 0000000000000000
Next payload: Security Association (33)
Version: 2.0
Exchange type: IKE_SA_INIT (34)
Flags: 0x08
Message ID: 0x00000000
Length: 836
Type Payload: Security Association (33)
Next payload: Key Exchange (34)
0… …. = Critical Bit: Not Critical
Payload length: 508
Type Payload: Proposal (2) # 1
Next payload: Proposal (2)
0… …. = Critical Bit: Not Critical
Payload length: 44
Proposal number: 1
Protocol ID: IKE (1)
SPI Size: 0
Proposal transforms: 4
Type Payload: Transform (3)
Next payload: Transform (3)
0… …. = Critical Bit: Not Critical
Payload length: 12
Transform Type: Encryption Algorithm (ENCR) (1)
Transform ID (ENCR): ENCR_AES_CBC (12)
Transform IKE2 Attribute Type (t=14,l=2) Key-Length : 128
Type Payload: Transform (3)
Next payload: Transform (3)
0… …. = Critical Bit: Not Critical
Payload length: 8
Transform Type: Integrity Algorithm (INTEG) (3)
Transform ID (INTEG): AUTH_HMAC_SHA1_96 (2)
Type Payload: Transform (3)
Next payload: Transform (3)
0… …. = Critical Bit: Not Critical
Payload length: 8
Transform Type: Pseudo-random Function (PRF) (2)
Transform ID (PRF): PRF_HMAC_SHA1 (2)
Type Payload: Transform (3)
Next payload: NONE / No Next Payload (0)
0… …. = Critical Bit: Not Critical
Payload length: 8
Transform Type: Diffie-Hellman Group (D-H) (4)
Transform ID (D-H): 2048 bit MODP group (14)
Type Payload: Proposal (2) # 2
Next payload: Proposal (2)
0… …. = Critical Bit: Not Critical
Payload length: 44
Proposal number: 2
Protocol ID: IKE (1)
SPI Size: 0
Proposal transforms: 4
Type Payload: Transform (3)
Next payload: Transform (3)
0… …. = Critical Bit: Not Critical
Payload length: 12
Transform Type: Encryption Algorithm (ENCR) (1)
Transform ID (ENCR): ENCR_AES_CBC (12)
Transform IKE2 Attribute Type (t=14,l=2) Key-Length : 128
Type Payload: Transform (3)
Next payload: Transform (3)
0… …. = Critical Bit: Not Critical
Payload length: 8
Transform Type: Integrity Algorithm (INTEG) (3)
Transform ID (INTEG): AUTH_HMAC_MD5_96 (1)
Type Payload: Transform (3)
Next payload: Transform (3)
0… …. = Critical Bit: Not Critical
Payload length: 8
Transform Type: Pseudo-random Function (PRF) (2)
Transform ID (PRF): PRF_HMAC_MD5 (1)
Type Payload: Transform (3)
Next payload: NONE / No Next Payload (0)
0… …. = Critical Bit: Not Critical
Payload length: 8
Transform Type: Diffie-Hellman Group (D-H) (4)
Transform ID (D-H): 2048 bit MODP group (14)
Type Payload: Proposal (2) # 3
Next payload: Proposal (2)
0… …. = Critical Bit: Not Critical
Payload length: 40
Proposal number: 3
Protocol ID: IKE (1)
SPI Size: 0
Proposal transforms: 4
Type Payload: Transform (3)
Next payload: Transform (3)
0… …. = Critical Bit: Not Critical
Payload length: 8
Transform Type: Encryption Algorithm (ENCR) (1)
Transform ID (ENCR): ENCR_3DES (3)
Type Payload: Transform (3)
Next payload: Transform (3)
0… …. = Critical Bit: Not Critical
Payload length: 8
Transform Type: Integrity Algorithm (INTEG) (3)
Transform ID (INTEG): AUTH_HMAC_SHA1_96 (2)
Type Payload: Transform (3)
Next payload: Transform (3)
0… …. = Critical Bit: Not Critical
Payload length: 8
Transform Type: Pseudo-random Function (PRF) (2)
Transform ID (PRF): PRF_HMAC_SHA1 (2)
Type Payload: Transform (3)
Next payload: NONE / No Next Payload (0)
0… …. = Critical Bit: Not Critical
Payload length: 8
Transform Type: Diffie-Hellman Group (D-H) (4)
Transform ID (D-H): 2048 bit MODP group (14)
Type Payload: Proposal (2) # 4
Next payload: Proposal (2)
0… …. = Critical Bit: Not Critical
Payload length: 40
Proposal number: 4
Protocol ID: IKE (1)
SPI Size: 0
Proposal transforms: 4
Type Payload: Transform (3)
Next payload: Transform (3)
0… …. = Critical Bit: Not Critical
Payload length: 8
Transform Type: Encryption Algorithm (ENCR) (1)
Transform ID (ENCR): ENCR_3DES (3)
Type Payload: Transform (3)
Next payload: Transform (3)
0… …. = Critical Bit: Not Critical
Payload length: 8
Transform Type: Integrity Algorithm (INTEG) (3)
Transform ID (INTEG): AUTH_HMAC_MD5_96 (1)
Type Payload: Transform (3)
Next payload: Transform (3)
0… …. = Critical Bit: Not Critical
Payload length: 8
Transform Type: Pseudo-random Function (PRF) (2)
Transform ID (PRF): PRF_HMAC_MD5 (1)
Type Payload: Transform (3)
Next payload: NONE / No Next Payload (0)
0… …. = Critical Bit: Not Critical
Payload length: 8
Transform Type: Diffie-Hellman Group (D-H) (4)
Transform ID (D-H): 2048 bit MODP group (14)
Type Payload: Proposal (2) # 5
Next payload: Proposal (2)
0… …. = Critical Bit: Not Critical
Payload length: 44
Proposal number: 5
Protocol ID: IKE (1)
SPI Size: 0
Proposal transforms: 4
Type Payload: Transform (3)
Next payload: Transform (3)
0… …. = Critical Bit: Not Critical
Payload length: 12
Transform Type: Encryption Algorithm (ENCR) (1)
Transform ID (ENCR): ENCR_AES_CBC (12)
Transform IKE2 Attribute Type (t=14,l=2) Key-Length : 128
Type Payload: Transform (3)
Next payload: Transform (3)
0… …. = Critical Bit: Not Critical
Payload length: 8
Transform Type: Integrity Algorithm (INTEG) (3)
Transform ID (INTEG): AUTH_HMAC_SHA1_96 (2)
Type Payload: Transform (3)
Next payload: Transform (3)
0… …. = Critical Bit: Not Critical
Payload length: 8
Transform Type: Pseudo-random Function (PRF) (2)
Transform ID (PRF): PRF_HMAC_SHA1 (2)
Type Payload: Transform (3)
Next payload: NONE / No Next Payload (0)
0… …. = Critical Bit: Not Critical
Payload length: 8
Transform Type: Diffie-Hellman Group (D-H) (4)
Transform ID (D-H): 1536 bit MODP group (5)
Type Payload: Proposal (2) # 6
Next payload: Proposal (2)
0… …. = Critical Bit: Not Critical
Payload length: 44
Proposal number: 6
Protocol ID: IKE (1)
SPI Size: 0
Proposal transforms: 4
Type Payload: Transform (3)
Next payload: Transform (3)
0… …. = Critical Bit: Not Critical
Payload length: 12
Transform Type: Encryption Algorithm (ENCR) (1)
Transform ID (ENCR): ENCR_AES_CBC (12)
Transform IKE2 Attribute Type (t=14,l=2) Key-Length : 128
Type Payload: Transform (3)
Next payload: Transform (3)
0… …. = Critical Bit: Not Critical
Payload length: 8
Transform Type: Integrity Algorithm (INTEG) (3)
Transform ID (INTEG): AUTH_HMAC_MD5_96 (1)
Type Payload: Transform (3)
Next payload: Transform (3)
0… …. = Critical Bit: Not Critical
Payload length: 8
Transform Type: Pseudo-random Function (PRF) (2)
Transform ID (PRF): PRF_HMAC_MD5 (1)
Type Payload: Transform (3)
Next payload: NONE / No Next Payload (0)
0… …. = Critical Bit: Not Critical
Payload length: 8
Transform Type: Diffie-Hellman Group (D-H) (4)
Transform ID (D-H): 1536 bit MODP group (5)
Type Payload: Proposal (2) # 7
Next payload: Proposal (2)
0… …. = Critical Bit: Not Critical
Payload length: 40
Proposal number: 7
Protocol ID: IKE (1)
SPI Size: 0
Proposal transforms: 4
Type Payload: Transform (3)
Next payload: Transform (3)
0… …. = Critical Bit: Not Critical
Payload length: 8
Transform Type: Encryption Algorithm (ENCR) (1)
Transform ID (ENCR): ENCR_3DES (3)
Type Payload: Transform (3)
Next payload: Transform (3)
0… …. = Critical Bit: Not Critical
Payload length: 8
Transform Type: Integrity Algorithm (INTEG) (3)
Transform ID (INTEG): AUTH_HMAC_SHA1_96 (2)
Type Payload: Transform (3)
Next payload: Transform (3)
0… …. = Critical Bit: Not Critical
Payload length: 8
Transform Type: Pseudo-random Function (PRF) (2)
Transform ID (PRF): PRF_HMAC_SHA1 (2)
Type Payload: Transform (3)
Next payload: NONE / No Next Payload (0)
0… …. = Critical Bit: Not Critical
Payload length: 8
Transform Type: Diffie-Hellman Group (D-H) (4)
Transform ID (D-H): 1536 bit MODP group (5)
Type Payload: Proposal (2) # 8
Next payload: Proposal (2)
0… …. = Critical Bit: Not Critical
Payload length: 40
Proposal number: 8
Protocol ID: IKE (1)
SPI Size: 0
Proposal transforms: 4
Type Payload: Transform (3)
Next payload: Transform (3)
0… …. = Critical Bit: Not Critical
Payload length: 8
Transform Type: Encryption Algorithm (ENCR) (1)
Transform ID (ENCR): ENCR_3DES (3)
Type Payload: Transform (3)
Next payload: Transform (3)
0… …. = Critical Bit: Not Critical
Payload length: 8
Transform Type: Integrity Algorithm (INTEG) (3)
Transform ID (INTEG): AUTH_HMAC_MD5_96 (1)
Type Payload: Transform (3)
Next payload: Transform (3)
0… …. = Critical Bit: Not Critical
Payload length: 8
Transform Type: Pseudo-random Function (PRF) (2)
Transform ID (PRF): PRF_HMAC_MD5 (1)
Type Payload: Transform (3)
Next payload: NONE / No Next Payload (0)
0… …. = Critical Bit: Not Critical
Payload length: 8
Transform Type: Diffie-Hellman Group (D-H) (4)
Transform ID (D-H): 1536 bit MODP group (5)
Type Payload: Proposal (2) # 9
Next payload: Proposal (2)
0… …. = Critical Bit: Not Critical
Payload length: 40
Proposal number: 9
Protocol ID: IKE (1)
SPI Size: 0
Proposal transforms: 4
Type Payload: Transform (3)
Next payload: Transform (3)
0… …. = Critical Bit: Not Critical
Payload length: 8
Transform Type: Encryption Algorithm (ENCR) (1)
Transform ID (ENCR): ENCR_3DES (3)
Type Payload: Transform (3)
Next payload: Transform (3)
0… …. = Critical Bit: Not Critical
Payload length: 8
Transform Type: Integrity Algorithm (INTEG) (3)
Transform ID (INTEG): AUTH_HMAC_SHA1_96 (2)
Type Payload: Transform (3)
Next payload: Transform (3)
0… …. = Critical Bit: Not Critical
Payload length: 8
Transform Type: Pseudo-random Function (PRF) (2)
Transform ID (PRF): PRF_HMAC_SHA1 (2)
Type Payload: Transform (3)
Next payload: NONE / No Next Payload (0)
0… …. = Critical Bit: Not Critical
Payload length: 8
Transform Type: Diffie-Hellman Group (D-H) (4)
Transform ID (D-H): Alternate 1024-bit MODP group (2)
Type Payload: Proposal (2) # 10
Next payload: Proposal (2)
0… …. = Critical Bit: Not Critical
Payload length: 40
Proposal number: 10
Protocol ID: IKE (1)
SPI Size: 0
Proposal transforms: 4
Type Payload: Transform (3)
Next payload: Transform (3)
0… …. = Critical Bit: Not Critical
Payload length: 8
Transform Type: Encryption Algorithm (ENCR) (1)
Transform ID (ENCR): ENCR_3DES (3)
Type Payload: Transform (3)
Next payload: Transform (3)
0… …. = Critical Bit: Not Critical
Payload length: 8
Transform Type: Integrity Algorithm (INTEG) (3)
Transform ID (INTEG): AUTH_HMAC_MD5_96 (1)
Type Payload: Transform (3)
Next payload: Transform (3)
0… …. = Critical Bit: Not Critical
Payload length: 8
Transform Type: Pseudo-random Function (PRF) (2)
Transform ID (PRF): PRF_HMAC_MD5 (1)
Type Payload: Transform (3)
Next payload: NONE / No Next Payload (0)
0… …. = Critical Bit: Not Critical
Payload length: 8
Transform Type: Diffie-Hellman Group (D-H) (4)
Transform ID (D-H): Alternate 1024-bit MODP group (2)
Type Payload: Proposal (2) # 11
Next payload: Proposal (2)
0… …. = Critical Bit: Not Critical
Payload length: 44
Proposal number: 11
Protocol ID: IKE (1)
SPI Size: 0
Proposal transforms: 4
Type Payload: Transform (3)
Next payload: Transform (3)
0… …. = Critical Bit: Not Critical
Payload length: 12
Transform Type: Encryption Algorithm (ENCR) (1)
Transform ID (ENCR): ENCR_AES_CBC (12)
Transform IKE2 Attribute Type (t=14,l=2) Key-Length : 128
Type Payload: Transform (3)
Next payload: Transform (3)
0… …. = Critical Bit: Not Critical
Payload length: 8
Transform Type: Integrity Algorithm (INTEG) (3)
Transform ID (INTEG): AUTH_HMAC_SHA1_96 (2)
Type Payload: Transform (3)
Next payload: Transform (3)
0… …. = Critical Bit: Not Critical
Payload length: 8
Transform Type: Pseudo-random Function (PRF) (2)
Transform ID (PRF): PRF_HMAC_SHA1 (2)
Type Payload: Transform (3)
Next payload: NONE / No Next Payload (0)
0… …. = Critical Bit: Not Critical
Payload length: 8
Transform Type: Diffie-Hellman Group (D-H) (4)
Transform ID (D-H): Alternate 1024-bit MODP group (2)
Type Payload: Proposal (2) # 12
Next payload: NONE / No Next Payload (0)
0… …. = Critical Bit: Not Critical
Payload length: 44
Proposal number: 12
Protocol ID: IKE (1)
SPI Size: 0
Proposal transforms: 4
Type Payload: Transform (3)
Next payload: Transform (3)
0… …. = Critical Bit: Not Critical
Payload length: 12
Transform Type: Encryption Algorithm (ENCR) (1)
Transform ID (ENCR): ENCR_AES_CBC (12)
Transform IKE2 Attribute Type (t=14,l=2) Key-Length : 128
Type Payload: Transform (3)
Next payload: Transform (3)
0… …. = Critical Bit: Not Critical
Payload length: 8
Transform Type: Integrity Algorithm (INTEG) (3)
Transform ID (INTEG): AUTH_HMAC_MD5_96 (1)
Type Payload: Transform (3)
Next payload: Transform (3)
0… …. = Critical Bit: Not Critical
Payload length: 8
Transform Type: Pseudo-random Function (PRF) (2)
Transform ID (PRF): PRF_HMAC_MD5 (1)
Type Payload: Transform (3)
Next payload: NONE / No Next Payload (0)
0… …. = Critical Bit: Not Critical
Payload length: 8
Transform Type: Diffie-Hellman Group (D-H) (4)
Transform ID (D-H): Alternate 1024-bit MODP group (2)
Type Payload: Key Exchange (34)
Next payload: Nonce (40)
0… …. = Critical Bit: Not Critical
Payload length: 264
DH Group #: 2048 bit MODP group (14)
Key Exchange Data: db03a0179833185cd9690bd9168eff145cf850a8bcee80e2…
Type Payload: Nonce (40)
Next payload: Vendor ID (43)
0… …. = Critical Bit: Not Critical
Payload length: 20
Nonce DATA: 29d410563ce6e9dcb502fc5d424b997c
Type Payload: Vendor ID (43) : Unknown Vendor ID
Next payload: NONE / No Next Payload (0)
0… …. = Critical Bit: Not Critical
Payload length: 16
Vendor ID: 4f5357684b616369574d7d67
Vendor ID: Unknown Vendor ID

***No. Time Source Destination Protocol Length Info
4 1.740984000 192.168.1.101 192.168.1.102 ISAKMP 418 IKE_SA_INIT***

Frame 4: 418 bytes on wire (3344 bits), 418 bytes captured (3344 bits) on interface 0
Ethernet II, Src: Vmware_b0:1b:7f (00:0c:29:b0:1b:7f), Dst: Vmware_d4:27:ab (00:0c:29:d4:27:ab)
Internet Protocol Version 4, Src: 192.168.1.101 (192.168.1.101), Dst: 192.168.1.102 (192.168.1.102)
User Datagram Protocol, Src Port: isakmp (500), Dst Port: isakmp (500)
Internet Security Association and Key Management Protocol
Initiator cookie: 8fd87d3bc5f0f10b
Responder cookie: 9833a02448779682
Next payload: Security Association (33)
Version: 2.0
Exchange type: IKE_SA_INIT (34)
Flags: 0x20
Message ID: 0x00000000
Length: 376
Type Payload: Security Association (33)
Next payload: Key Exchange (34)
0… …. = Critical Bit: Not Critical
Payload length: 48
Type Payload: Proposal (2) # 1
Next payload: NONE / No Next Payload (0)
0… …. = Critical Bit: Not Critical
Payload length: 44
Proposal number: 1
Protocol ID: IKE (1)
SPI Size: 0
Proposal transforms: 4
Type Payload: Transform (3)
Next payload: Transform (3)
0… …. = Critical Bit: Not Critical
Payload length: 12
Transform Type: Encryption Algorithm (ENCR) (1)
Transform ID (ENCR): ENCR_AES_CBC (12)
Transform IKE2 Attribute Type (t=14,l=2) Key-Length : 128
Type Payload: Transform (3)
Next payload: Transform (3)
0… …. = Critical Bit: Not Critical
Payload length: 8
Transform Type: Integrity Algorithm (INTEG) (3)
Transform ID (INTEG): AUTH_HMAC_SHA1_96 (2)
Type Payload: Transform (3)
Next payload: Transform (3)
0… …. = Critical Bit: Not Critical
Payload length: 8
Transform Type: Pseudo-random Function (PRF) (2)
Transform ID (PRF): PRF_HMAC_SHA1 (2)
Type Payload: Transform (3)
Next payload: NONE / No Next Payload (0)
0… …. = Critical Bit: Not Critical
Payload length: 8
Transform Type: Diffie-Hellman Group (D-H) (4)
Transform ID (D-H): 2048 bit MODP group (14)
Type Payload: Key Exchange (34)
Next payload: Nonce (40)
0… …. = Critical Bit: Not Critical
Payload length: 264
DH Group #: 2048 bit MODP group (14)
Key Exchange Data: 5be04705a457160925fc243ccc2e3cfddfdf36a2c6fc4184…
Type Payload: Nonce (40)
Next payload: Vendor ID (43)
0… …. = Critical Bit: Not Critical
Payload length: 20
Nonce DATA: 608eb48971410778626175e210b56934
Type Payload: Vendor ID (43) : Unknown Vendor ID
Next payload: NONE / No Next Payload (0)
0… …. = Critical Bit: Not Critical
Payload length: 16
Vendor ID: 4f5357684b616369574d7d67
Vendor ID: Unknown Vendor ID

***No. Time Source Destination Protocol Length Info
5 1.765534000 192.168.1.102 192.168.1.101 ISAKMP 1046 IKE_AUTH***

Frame 5: 1046 bytes on wire (8368 bits), 1046 bytes captured (8368 bits) on interface 0
Ethernet II, Src: Vmware_d4:27:ab (00:0c:29:d4:27:ab), Dst: Vmware_b0:1b:7f (00:0c:29:b0:1b:7f)
Internet Protocol Version 4, Src: 192.168.1.102 (192.168.1.102), Dst: 192.168.1.101 (192.168.1.101)
User Datagram Protocol, Src Port: isakmp (500), Dst Port: isakmp (500)
Internet Security Association and Key Management Protocol
Initiator cookie: 8fd87d3bc5f0f10b
Responder cookie: 9833a02448779682
Next payload: Encrypted and Authenticated (46)
Version: 2.0
Exchange type: IKE_AUTH (35)
Flags: 0x08
Message ID: 0x00000001
Length: 1004
Type Payload: Encrypted and Authenticated (46)
Next payload: Identification - Initiator (35)
0… …. = Critical Bit: Not Critical
Payload length: 976
Initialization Vector: 8f428fcb82a63f4e75b7fb514881d2d7 (16 bytes)
Encrypted Data (944 bytes)
Decrypted Data (944 bytes)
Contained Data (933 bytes)
Type Payload: Identification - Initiator (35)
Next payload: Certificate (37)
0… …. = Critical Bit: Not Critical
Payload length: 50
ID type: DER_ASN1_DN (9)
Protocol ID: Unused
Port: Unused
Identification Data:
ID_DER_ASN1_DN: 0
Type Payload: Certificate (37)
Next payload: Certificate Request (38)
0… …. = Critical Bit: Not Critical
Payload length: 495
Certificate Encoding: X.509 Certificate - Signature (4)
Certificate Data (id-at-commonName=hd,id-at-organizationName=zte,id-at-countryName=cn)
Type Payload: Certificate Request (38)
Next payload: Authentication (39)
0… …. = Critical Bit: Not Critical
Payload length: 48
Certificate Type: X.509 Certificate - Signature (4)
Certificate Authority Data: 3029310b300906035504061302434e310b300906
Certificate Authority Data: 0355040a13025a47310d300b0603550403130472
Certificate Authority Data: 6f6f7421000088010000006d36f1227bd1f63b23
Type Payload: Authentication (39)
Next payload: Security Association (33)
0… …. = Critical Bit: Not Critical
Payload length: 136
Authentication Method: RSA Digital Signature (1)
Authentication Data: 6d36f1227bd1f63b23c92ecb0514a19c8f5699805637c365…
Type Payload: Security Association (33)
Next payload: Traffic Selector - Initiator (44)
0… …. = Critical Bit: Not Critical
Payload length: 156
Type Payload: Proposal (2) # 1
Next payload: Proposal (2)
0… …. = Critical Bit: Not Critical
Payload length: 40
Proposal number: 1
Protocol ID: ESP (3)
SPI Size: 4
Proposal transforms: 3
SPI Size: cb0a8537
Type Payload: Transform (3)
Next payload: Transform (3)
0… …. = Critical Bit: Not Critical
Payload length: 12
Transform Type: Encryption Algorithm (ENCR) (1)
Transform ID (ENCR): ENCR_AES_CBC (12)
Transform IKE2 Attribute Type (t=14,l=2) Key-Length : 128
Type Payload: Transform (3)
Next payload: Transform (3)
0… …. = Critical Bit: Not Critical
Payload length: 8
Transform Type: Integrity Algorithm (INTEG) (3)
Transform ID (INTEG): AUTH_HMAC_SHA1_96 (2)
Type Payload: Transform (3)
Next payload: NONE / No Next Payload (0)
0… …. = Critical Bit: Not Critical
Payload length: 8
Transform Type: Extended Sequence Numbers (ESN) (5)
Transform ID (ESN): No Extended Sequence Numbers (0)
Type Payload: Proposal (2) # 2
Next payload: Proposal (2)
0… …. = Critical Bit: Not Critical
Payload length: 40
Proposal number: 2
Protocol ID: ESP (3)
SPI Size: 4
Proposal transforms: 3
SPI Size: cb0a8537
Type Payload: Transform (3)
Next payload: Transform (3)
0… …. = Critical Bit: Not Critical
Payload length: 12
Transform Type: Encryption Algorithm (ENCR) (1)
Transform ID (ENCR): ENCR_AES_CBC (12)
Transform IKE2 Attribute Type (t=14,l=2) Key-Length : 128
Type Payload: Transform (3)
Next payload: Transform (3)
0… …. = Critical Bit: Not Critical
Payload length: 8
Transform Type: Integrity Algorithm (INTEG) (3)
Transform ID (INTEG): AUTH_HMAC_MD5_96 (1)
Type Payload: Transform (3)
Next payload: NONE / No Next Payload (0)
0… …. = Critical Bit: Not Critical
Payload length: 8
Transform Type: Extended Sequence Numbers (ESN) (5)
Transform ID (ESN): No Extended Sequence Numbers (0)
Type Payload: Proposal (2) # 3
Next payload: Proposal (2)
0… …. = Critical Bit: Not Critical
Payload length: 36
Proposal number: 3
Protocol ID: ESP (3)
SPI Size: 4
Proposal transforms: 3
SPI Size: cb0a8537
Type Payload: Transform (3)
Next payload: Transform (3)
0… …. = Critical Bit: Not Critical
Payload length: 8
Transform Type: Encryption Algorithm (ENCR) (1)
Transform ID (ENCR): ENCR_3DES (3)
Type Payload: Transform (3)
Next payload: Transform (3)
0… …. = Critical Bit: Not Critical
Payload length: 8
Transform Type: Integrity Algorithm (INTEG) (3)
Transform ID (INTEG): AUTH_HMAC_SHA1_96 (2)
Type Payload: Transform (3)
Next payload: NONE / No Next Payload (0)
0… …. = Critical Bit: Not Critical
Payload length: 8
Transform Type: Extended Sequence Numbers (ESN) (5)
Transform ID (ESN): No Extended Sequence Numbers (0)
Type Payload: Proposal (2) # 4
Next payload: NONE / No Next Payload (0)
0… …. = Critical Bit: Not Critical
Payload length: 36
Proposal number: 4
Protocol ID: ESP (3)
SPI Size: 4
Proposal transforms: 3
SPI Size: cb0a8537
Type Payload: Transform (3)
Next payload: Transform (3)
0… …. = Critical Bit: Not Critical
Payload length: 8
Transform Type: Encryption Algorithm (ENCR) (1)
Transform ID (ENCR): ENCR_3DES (3)
Type Payload: Transform (3)
Next payload: Transform (3)
0… …. = Critical Bit: Not Critical
Payload length: 8
Transform Type: Integrity Algorithm (INTEG) (3)
Transform ID (INTEG): AUTH_HMAC_MD5_96 (1)
Type Payload: Transform (3)
Next payload: NONE / No Next Payload (0)
0… …. = Critical Bit: Not Critical
Payload length: 8
Transform Type: Extended Sequence Numbers (ESN) (5)
Transform ID (ESN): No Extended Sequence Numbers (0)
Type Payload: Traffic Selector - Initiator (44) # 1
Next payload: Traffic Selector - Responder (45)
0… …. = Critical Bit: Not Critical
Payload length: 24
Number of Traffic Selector: 1
Traffic Selector Type: TS_IPV4_ADDR_RANGE (7)
Protocol ID: Unused
Selector Length: 16
Start Port: 0
End Port: 65535
Starting Addr: 192.168.1.102 (192.168.1.102)
Ending Addr: 192.168.1.102 (192.168.1.102)
Type Payload: Traffic Selector - Responder (45) # 1
Next payload: NONE / No Next Payload (0)
0… …. = Critical Bit: Not Critical
Payload length: 24
Number of Traffic Selector: 1
Traffic Selector Type: TS_IPV4_ADDR_RANGE (7)
Protocol ID: Unused
Selector Length: 16
Start Port: 0
End Port: 65535
Starting Addr: 192.168.1.101 (192.168.1.101)
Ending Addr: 192.168.1.101 (192.168.1.101)
Padding (10 bytes)
Pad Length: 10
Integrity Checksum Data: 1fff4cadea560561bdd4947a (12 bytes)[correct]

***No. Time Source Destination Protocol Length Info
6 1.800307000 192.168.1.101 192.168.1.102 ISAKMP 886 IKE_AUTH***

Frame 6: 886 bytes on wire (7088 bits), 886 bytes captured (7088 bits) on interface 0
Ethernet II, Src: Vmware_b0:1b:7f (00:0c:29:b0:1b:7f), Dst: Vmware_d4:27:ab (00:0c:29:d4:27:ab)
Internet Protocol Version 4, Src: 192.168.1.101 (192.168.1.101), Dst: 192.168.1.102 (192.168.1.102)
User Datagram Protocol, Src Port: isakmp (500), Dst Port: isakmp (500)
Internet Security Association and Key Management Protocol
Initiator cookie: 8fd87d3bc5f0f10b
Responder cookie: 9833a02448779682
Next payload: Encrypted and Authenticated (46)
Version: 2.0
Exchange type: IKE_AUTH (35)
Flags: 0x20
Message ID: 0x00000001
Length: 844
Type Payload: Encrypted and Authenticated (46)
Next payload: Identification - Responder (36)
0… …. = Critical Bit: Not Critical
Payload length: 816
Initialization Vector: c8916cf9753bd8ca2f981f2a0ba91cf9 (16 bytes)
Encrypted Data (784 bytes)
Decrypted Data (784 bytes)
Contained Data (773 bytes)
Type Payload: Identification - Responder (36)
Next payload: Certificate (37)
0… …. = Critical Bit: Not Critical
Payload length: 50
ID type: DER_ASN1_DN (9)
Protocol ID: Unused
Port: Unused
Identification Data:
ID_DER_ASN1_DN: 0
Type Payload: Certificate (37)
Next payload: Authentication (39)
0… …. = Critical Bit: Not Critical
Payload length: 495
Certificate Encoding: X.509 Certificate - Signature (4)
Certificate Data (id-at-commonName=wq,id-at-organizationName=zte,id-at-countryName=cn)
Type Payload: Authentication (39)
Next payload: Security Association (33)
0… …. = Critical Bit: Not Critical
Payload length: 136
Authentication Method: RSA Digital Signature (1)
Authentication Data: 617ca8e1fa9e9927ce918a0b69f558103637f4b10639b861…
Type Payload: Security Association (33)
Next payload: Traffic Selector - Initiator (44)
0… …. = Critical Bit: Not Critical
Payload length: 44
Type Payload: Proposal (2) # 1
Next payload: NONE / No Next Payload (0)
0… …. = Critical Bit: Not Critical
Payload length: 40
Proposal number: 1
Protocol ID: ESP (3)
SPI Size: 4
Proposal transforms: 3
SPI Size: de6d7a95
Type Payload: Transform (3)
Next payload: Transform (3)
0… …. = Critical Bit: Not Critical
Payload length: 12
Transform Type: Encryption Algorithm (ENCR) (1)
Transform ID (ENCR): ENCR_AES_CBC (12)
Transform IKE2 Attribute Type (t=14,l=2) Key-Length : 128
Type Payload: Transform (3)
Next payload: Transform (3)
0… …. = Critical Bit: Not Critical
Payload length: 8
Transform Type: Integrity Algorithm (INTEG) (3)
Transform ID (INTEG): AUTH_HMAC_SHA1_96 (2)
Type Payload: Transform (3)
Next payload: NONE / No Next Payload (0)
0… …. = Critical Bit: Not Critical
Payload length: 8
Transform Type: Extended Sequence Numbers (ESN) (5)
Transform ID (ESN): No Extended Sequence Numbers (0)
Type Payload: Traffic Selector - Initiator (44) # 1
Next payload: Traffic Selector - Responder (45)
0… …. = Critical Bit: Not Critical
Payload length: 24
Number of Traffic Selector: 1
Traffic Selector Type: TS_IPV4_ADDR_RANGE (7)
Protocol ID: Unused
Selector Length: 16
Start Port: 0
End Port: 65535
Starting Addr: 192.168.1.102 (192.168.1.102)
Ending Addr: 192.168.1.102 (192.168.1.102)
Type Payload: Traffic Selector - Responder (45) # 1
Next payload: NONE / No Next Payload (0)
0… …. = Critical Bit: Not Critical
Payload length: 24
Number of Traffic Selector: 1
Traffic Selector Type: TS_IPV4_ADDR_RANGE (7)
Protocol ID: Unused
Selector Length: 16
Start Port: 0
End Port: 65535
Starting Addr: 192.168.1.101 (192.168.1.101)
Ending Addr: 192.168.1.101 (192.168.1.101)
Padding (10 bytes)
Pad Length: 10
Integrity Checksum Data: 3262107da4667fe2d255cd68 (12 bytes)[correct]

***No. Time Source Destination Protocol Length Info
7 11.654390000 192.168.1.102 192.168.1.101 ISAKMP 118 INFORMATIONAL***

Frame 7: 118 bytes on wire (944 bits), 118 bytes captured (944 bits) on interface 0
Ethernet II, Src: Vmware_d4:27:ab (00:0c:29:d4:27:ab), Dst: Vmware_b0:1b:7f (00:0c:29:b0:1b:7f)
Internet Protocol Version 4, Src: 192.168.1.102 (192.168.1.102), Dst: 192.168.1.101 (192.168.1.101)
User Datagram Protocol, Src Port: isakmp (500), Dst Port: isakmp (500)
Internet Security Association and Key Management Protocol
Initiator cookie: 8fd87d3bc5f0f10b
Responder cookie: 9833a02448779682
Next payload: Encrypted and Authenticated (46)
Version: 2.0
Exchange type: INFORMATIONAL (37)
Flags: 0x08
Message ID: 0x00000002
Length: 76
Type Payload: Encrypted and Authenticated (46)
Next payload: Delete (42)
0… …. = Critical Bit: Not Critical
Payload length: 48
Initialization Vector: 22def461ee321aaa7082baf30ae10389 (16 bytes)
Encrypted Data (16 bytes)
Decrypted Data (16 bytes)
Contained Data (12 bytes)
Type Payload: Delete (42)
Next payload: NONE / No Next Payload (0)
0… …. = Critical Bit: Not Critical
Payload length: 12
Protocol ID: ESP (3)
SPI Size: 4
Port: 1
Delete SPI: cb0a8537
Padding (3 bytes)
Pad Length: 3
Integrity Checksum Data: f3b4f5b7c689f106eee20fdd (12 bytes)[correct]

***No. Time Source Destination Protocol Length Info
8 11.655088000 192.168.1.102 192.168.1.101 ISAKMP 118 INFORMATIONAL***

Frame 8: 118 bytes on wire (944 bits), 118 bytes captured (944 bits) on interface 0
Ethernet II, Src: Vmware_d4:27:ab (00:0c:29:d4:27:ab), Dst: Vmware_b0:1b:7f (00:0c:29:b0:1b:7f)
Internet Protocol Version 4, Src: 192.168.1.102 (192.168.1.102), Dst: 192.168.1.101 (192.168.1.101)
User Datagram Protocol, Src Port: isakmp (500), Dst Port: isakmp (500)
Internet Security Association and Key Management Protocol
Initiator cookie: 8fd87d3bc5f0f10b
Responder cookie: 9833a02448779682
Next payload: Encrypted and Authenticated (46)
Version: 2.0
Exchange type: INFORMATIONAL (37)
Flags: 0x08
Message ID: 0x00000003
Length: 76
Type Payload: Encrypted and Authenticated (46)
Next payload: Delete (42)
0… …. = Critical Bit: Not Critical
Payload length: 48
Initialization Vector: 3b1c97ae0c35cc26247aa4c593af87ec (16 bytes)
Encrypted Data (16 bytes)
Decrypted Data (16 bytes)
Contained Data (8 bytes)
Type Payload: Delete (42)
Next payload: NONE / No Next Payload (0)
0… …. = Critical Bit: Not Critical
Payload length: 8
Protocol ID: IKE (1)
SPI Size: 0
Port: 0
Padding (7 bytes)
Pad Length: 7
Integrity Checksum Data: 5784c5ebd38b777af5ea37b2 (12 bytes)[correct]

No. Time Source Destination Protocol Length Info
9 11.655559000 192.168.1.101 192.168.1.102 ISAKMP 118 INFORMATIONAL

Frame 9: 118 bytes on wire (944 bits), 118 bytes captured (944 bits) on interface 0
Ethernet II, Src: Vmware_b0:1b:7f (00:0c:29:b0:1b:7f), Dst: Vmware_d4:27:ab (00:0c:29:d4:27:ab)
Internet Protocol Version 4, Src: 192.168.1.101 (192.168.1.101), Dst: 192.168.1.102 (192.168.1.102)
User Datagram Protocol, Src Port: isakmp (500), Dst Port: isakmp (500)
Internet Security Association and Key Management Protocol
Initiator cookie: 8fd87d3bc5f0f10b
Responder cookie: 9833a02448779682
Next payload: Encrypted and Authenticated (46)
Version: 2.0
Exchange type: INFORMATIONAL (37)
Flags: 0x20
Message ID: 0x00000002
Length: 76
Type Payload: Encrypted and Authenticated (46)
Next payload: Delete (42)
0… …. = Critical Bit: Not Critical
Payload length: 48
Initialization Vector: 5f2f3aa54b1fff9576c314b3fa008561 (16 bytes)
Encrypted Data (16 bytes)
Decrypted Data (16 bytes)
Contained Data (12 bytes)
Type Payload: Delete (42)
Next payload: NONE / No Next Payload (0)
0… …. = Critical Bit: Not Critical
Payload length: 12
Protocol ID: ESP (3)
SPI Size: 4
Port: 1
Delete SPI: de6d7a95
Padding (3 bytes)
Pad Length: 3
Integrity Checksum Data: e7abca9b6eb088bb990e1ceb (12 bytes)[correct]

No. Time Source Destination Protocol Length Info
10 11.660398000 192.168.1.101 192.168.1.102 ISAKMP 118 INFORMATIONAL

Frame 10: 118 bytes on wire (944 bits), 118 bytes captured (944 bits) on interface 0
Ethernet II, Src: Vmware_b0:1b:7f (00:0c:29:b0:1b:7f), Dst: Vmware_d4:27:ab (00:0c:29:d4:27:ab)
Internet Protocol Version 4, Src: 192.168.1.101 (192.168.1.101), Dst: 192.168.1.102 (192.168.1.102)
User Datagram Protocol, Src Port: isakmp (500), Dst Port: isakmp (500)
Internet Security Association and Key Management Protocol
Initiator cookie: 8fd87d3bc5f0f10b
Responder cookie: 9833a02448779682
Next payload: Encrypted and Authenticated (46)
Version: 2.0
Exchange type: INFORMATIONAL (37)
Flags: 0x00
Message ID: 0x00000001
Length: 76
Type Payload: Encrypted and Authenticated (46)
Next payload: Delete (42)
0… …. = Critical Bit: Not Critical
Payload length: 48
Initialization Vector: 7c19efc4e3c5960893aee70d99869508 (16 bytes)
Encrypted Data (16 bytes)
Decrypted Data (16 bytes)
Contained Data (8 bytes)
Type Payload: Delete (42)
Next payload: NONE / No Next Payload (0)
0… …. = Critical Bit: Not Critical
Payload length: 8
Protocol ID: IKE (1)
SPI Size: 0
Port: 0
Padding (7 bytes)
Pad Length: 7
Integrity Checksum Data: 88b626d4c9876175e728d025 (12 bytes)[correct]

No. Time Source Destination Protocol Length Info
11 11.661062000 192.168.1.101 192.168.1.102 ISAKMP 118 INFORMATIONAL

Frame 11: 118 bytes on wire (944 bits), 118 bytes captured (944 bits) on interface 0
Ethernet II, Src: Vmware_b0:1b:7f (00:0c:29:b0:1b:7f), Dst: Vmware_d4:27:ab (00:0c:29:d4:27:ab)
Internet Protocol Version 4, Src: 192.168.1.101 (192.168.1.101), Dst: 192.168.1.102 (192.168.1.102)
User Datagram Protocol, Src Port: isakmp (500), Dst Port: isakmp (500)
Internet Security Association and Key Management Protocol
Initiator cookie: 8fd87d3bc5f0f10b
Responder cookie: 9833a02448779682
Next payload: Encrypted and Authenticated (46)
Version: 2.0
Exchange type: INFORMATIONAL (37)
Flags: 0x20
Message ID: 0x00000003
Length: 76
Type Payload: Encrypted and Authenticated (46)
Next payload: NONE / No Next Payload (0)
0… …. = Critical Bit: Not Critical
Payload length: 48
Initialization Vector: 0d16760e3d8f15684c8445183f27a198 (16 bytes)
Encrypted Data (16 bytes)
Decrypted Data (16 bytes)
Padding (15 bytes)
Pad Length: 15
Integrity Checksum Data: cab84c85e380ca94e6dc0b13 (12 bytes)[correct]

No. Time Source Destination Protocol Length Info
12 11.672374000 192.168.1.101 192.168.1.102 ISAKMP 878 IKE_SA_INIT

Frame 12: 878 bytes on wire (7024 bits), 878 bytes captured (7024 bits) on interface 0
Ethernet II, Src: Vmware_b0:1b:7f (00:0c:29:b0:1b:7f), Dst: Vmware_d4:27:ab (00:0c:29:d4:27:ab)
Internet Protocol Version 4, Src: 192.168.1.101 (192.168.1.101), Dst: 192.168.1.102 (192.168.1.102)
User Datagram Protocol, Src Port: isakmp (500), Dst Port: isakmp (500)
Internet Security Association and Key Management Protocol
Initiator cookie: ca71382f459c8443
Responder cookie: 0000000000000000
Next payload: Security Association (33)
Version: 2.0
Exchange type: IKE_SA_INIT (34)
Flags: 0x08
Message ID: 0x00000000
Length: 836
Type Payload: Security Association (33)
Next payload: Key Exchange (34)
0… …. = Critical Bit: Not Critical
Payload length: 508
Type Payload: Proposal (2) # 1
Next payload: Proposal (2)
0… …. = Critical Bit: Not Critical
Payload length: 44
Proposal number: 1
Protocol ID: IKE (1)
SPI Size: 0
Proposal transforms: 4
Type Payload: Transform (3)
Next payload: Transform (3)
0… …. = Critical Bit: Not Critical
Payload length: 12
Transform Type: Encryption Algorithm (ENCR) (1)
Transform ID (ENCR): ENCR_AES_CBC (12)
Transform IKE2 Attribute Type (t=14,l=2) Key-Length : 128
Type Payload: Transform (3)
Next payload: Transform (3)
0… …. = Critical Bit: Not Critical
Payload length: 8
Transform Type: Integrity Algorithm (INTEG) (3)
Transform ID (INTEG): AUTH_HMAC_SHA1_96 (2)
Type Payload: Transform (3)
Next payload: Transform (3)
0… …. = Critical Bit: Not Critical
Payload length: 8
Transform Type: Pseudo-random Function (PRF) (2)
Transform ID (PRF): PRF_HMAC_SHA1 (2)
Type Payload: Transform (3)
Next payload: NONE / No Next Payload (0)
0… …. = Critical Bit: Not Critical
Payload length: 8
Transform Type: Diffie-Hellman Group (D-H) (4)
Transform ID (D-H): 2048 bit MODP group (14)
Type Payload: Proposal (2) # 2
Next payload: Proposal (2)
0… …. = Critical Bit: Not Critical
Payload length: 44
Proposal number: 2
Protocol ID: IKE (1)
SPI Size: 0
Proposal transforms: 4
Type Payload: Transform (3)
Next payload: Transform (3)
0… …. = Critical Bit: Not Critical
Payload length: 12
Transform Type: Encryption Algorithm (ENCR) (1)
Transform ID (ENCR): ENCR_AES_CBC (12)
Transform IKE2 Attribute Type (t=14,l=2) Key-Length : 128
Type Payload: Transform (3)
Next payload: Transform (3)
0… …. = Critical Bit: Not Critical
Payload length: 8
Transform Type: Integrity Algorithm (INTEG) (3)
Transform ID (INTEG): AUTH_HMAC_MD5_96 (1)
Type Payload: Transform (3)
Next payload: Transform (3)
0… …. = Critical Bit: Not Critical
Payload length: 8
Transform Type: Pseudo-random Function (PRF) (2)
Transform ID (PRF): PRF_HMAC_MD5 (1)
Type Payload: Transform (3)
Next payload: NONE / No Next Payload (0)
0… …. = Critical Bit: Not Critical
Payload length: 8
Transform Type: Diffie-Hellman Group (D-H) (4)
Transform ID (D-H): 2048 bit MODP group (14)
Type Payload: Proposal (2) # 3
Next payload: Proposal (2)
0… …. = Critical Bit: Not Critical
Payload length: 40
Proposal number: 3
Protocol ID: IKE (1)
SPI Size: 0
Proposal transforms: 4
Type Payload: Transform (3)
Next payload: Transform (3)
0… …. = Critical Bit: Not Critical
Payload length: 8
Transform Type: Encryption Algorithm (ENCR) (1)
Transform ID (ENCR): ENCR_3DES (3)
Type Payload: Transform (3)
Next payload: Transform (3)
0… …. = Critical Bit: Not Critical
Payload length: 8
Transform Type: Integrity Algorithm (INTEG) (3)
Transform ID (INTEG): AUTH_HMAC_SHA1_96 (2)
Type Payload: Transform (3)
Next payload: Transform (3)
0… …. = Critical Bit: Not Critical
Payload length: 8
Transform Type: Pseudo-random Function (PRF) (2)
Transform ID (PRF): PRF_HMAC_SHA1 (2)
Type Payload: Transform (3)
Next payload: NONE / No Next Payload (0)
0… …. = Critical Bit: Not Critical
Payload length: 8
Transform Type: Diffie-Hellman Group (D-H) (4)
Transform ID (D-H): 2048 bit MODP group (14)
Type Payload: Proposal (2) # 4
Next payload: Proposal (2)
0… …. = Critical Bit: Not Critical
Payload length: 40
Proposal number: 4
Protocol ID: IKE (1)
SPI Size: 0
Proposal transforms: 4
Type Payload: Transform (3)
Next payload: Transform (3)
0… …. = Critical Bit: Not Critical
Payload length: 8
Transform Type: Encryption Algorithm (ENCR) (1)
Transform ID (ENCR): ENCR_3DES (3)
Type Payload: Transform (3)
Next payload: Transform (3)
0… …. = Critical Bit: Not Critical
Payload length: 8
Transform Type: Integrity Algorithm (INTEG) (3)
Transform ID (INTEG): AUTH_HMAC_MD5_96 (1)
Type Payload: Transform (3)
Next payload: Transform (3)
0… …. = Critical Bit: Not Critical
Payload length: 8
Transform Type: Pseudo-random Function (PRF) (2)
Transform ID (PRF): PRF_HMAC_MD5 (1)
Type Payload: Transform (3)
Next payload: NONE / No Next Payload (0)
0… …. = Critical Bit: Not Critical
Payload length: 8
Transform Type: Diffie-Hellman Group (D-H) (4)
Transform ID (D-H): 2048 bit MODP group (14)
Type Payload: Proposal (2) # 5
Next payload: Proposal (2)
0… …. = Critical Bit: Not Critical
Payload length: 44
Proposal number: 5
Protocol ID: IKE (1)
SPI Size: 0
Proposal transforms: 4
Type Payload: Transform (3)
Next payload: Transform (3)
0… …. = Critical Bit: Not Critical
Payload length: 12
Transform Type: Encryption Algorithm (ENCR) (1)
Transform ID (ENCR): ENCR_AES_CBC (12)
Transform IKE2 Attribute Type (t=14,l=2) Key-Length : 128
Type Payload: Transform (3)
Next payload: Transform (3)
0… …. = Critical Bit: Not Critical
Payload length: 8
Transform Type: Integrity Algorithm (INTEG) (3)
Transform ID (INTEG): AUTH_HMAC_SHA1_96 (2)
Type Payload: Transform (3)
Next payload: Transform (3)
0… …. = Critical Bit: Not Critical
Payload length: 8
Transform Type: Pseudo-random Function (PRF) (2)
Transform ID (PRF): PRF_HMAC_SHA1 (2)
Type Payload: Transform (3)
Next payload: NONE / No Next Payload (0)
0… …. = Critical Bit: Not Critical
Payload length: 8
Transform Type: Diffie-Hellman Group (D-H) (4)
Transform ID (D-H): 1536 bit MODP group (5)
Type Payload: Proposal (2) # 6
Next payload: Proposal (2)
0… …. = Critical Bit: Not Critical
Payload length: 44
Proposal number: 6
Protocol ID: IKE (1)
SPI Size: 0
Proposal transforms: 4
Type Payload: Transform (3)
Next payload: Transform (3)
0… …. = Critical Bit: Not Critical
Payload length: 12
Transform Type: Encryption Algorithm (ENCR) (1)
Transform ID (ENCR): ENCR_AES_CBC (12)
Transform IKE2 Attribute Type (t=14,l=2) Key-Length : 128
Type Payload: Transform (3)
Next payload: Transform (3)
0… …. = Critical Bit: Not Critical
Payload length: 8
Transform Type: Integrity Algorithm (INTEG) (3)
Transform ID (INTEG): AUTH_HMAC_MD5_96 (1)
Type Payload: Transform (3)
Next payload: Transform (3)
0… …. = Critical Bit: Not Critical
Payload length: 8
Transform Type: Pseudo-random Function (PRF) (2)
Transform ID (PRF): PRF_HMAC_MD5 (1)
Type Payload: Transform (3)
Next payload: NONE / No Next Payload (0)
0… …. = Critical Bit: Not Critical
Payload length: 8
Transform Type: Diffie-Hellman Group (D-H) (4)
Transform ID (D-H): 1536 bit MODP group (5)
Type Payload: Proposal (2) # 7
Next payload: Proposal (2)
0… …. = Critical Bit: Not Critical
Payload length: 40
Proposal number: 7
Protocol ID: IKE (1)
SPI Size: 0
Proposal transforms: 4
Type Payload: Transform (3)
Next payload: Transform (3)
0… …. = Critical Bit: Not Critical
Payload length: 8
Transform Type: Encryption Algorithm (ENCR) (1)
Transform ID (ENCR): ENCR_3DES (3)
Type Payload: Transform (3)
Next payload: Transform (3)
0… …. = Critical Bit: Not Critical
Payload length: 8
Transform Type: Integrity Algorithm (INTEG) (3)
Transform ID (INTEG): AUTH_HMAC_SHA1_96 (2)
Type Payload: Transform (3)
Next payload: Transform (3)
0… …. = Critical Bit: Not Critical
Payload length: 8
Transform Type: Pseudo-random Function (PRF) (2)
Transform ID (PRF): PRF_HMAC_SHA1 (2)
Type Payload: Transform (3)
Next payload: NONE / No Next Payload (0)
0… …. = Critical Bit: Not Critical
Payload length: 8
Transform Type: Diffie-Hellman Group (D-H) (4)
Transform ID (D-H): 1536 bit MODP group (5)
Type Payload: Proposal (2) # 8
Next payload: Proposal (2)
0… …. = Critical Bit: Not Critical
Payload length: 40
Proposal number: 8
Protocol ID: IKE (1)
SPI Size: 0
Proposal transforms: 4
Type Payload: Transform (3)
Next payload: Transform (3)
0… …. = Critical Bit: Not Critical
Payload length: 8
Transform Type: Encryption Algorithm (ENCR) (1)
Transform ID (ENCR): ENCR_3DES (3)
Type Payload: Transform (3)
Next payload: Transform (3)
0… …. = Critical Bit: Not Critical
Payload length: 8
Transform Type: Integrity Algorithm (INTEG) (3)
Transform ID (INTEG): AUTH_HMAC_MD5_96 (1)
Type Payload: Transform (3)
Next payload: Transform (3)
0… …. = Critical Bit: Not Critical
Payload length: 8
Transform Type: Pseudo-random Function (PRF) (2)
Transform ID (PRF): PRF_HMAC_MD5 (1)
Type Payload: Transform (3)
Next payload: NONE / No Next Payload (0)
0… …. = Critical Bit: Not Critical
Payload length: 8
Transform Type: Diffie-Hellman Group (D-H) (4)
Transform ID (D-H): 1536 bit MODP group (5)
Type Payload: Proposal (2) # 9
Next payload: Proposal (2)
0… …. = Critical Bit: Not Critical
Payload length: 40
Proposal number: 9
Protocol ID: IKE (1)
SPI Size: 0
Proposal transforms: 4
Type Payload: Transform (3)
Next payload: Transform (3)
0… …. = Critical Bit: Not Critical
Payload length: 8
Transform Type: Encryption Algorithm (ENCR) (1)
Transform ID (ENCR): ENCR_3DES (3)
Type Payload: Transform (3)
Next payload: Transform (3)
0… …. = Critical Bit: Not Critical
Payload length: 8
Transform Type: Integrity Algorithm (INTEG) (3)
Transform ID (INTEG): AUTH_HMAC_SHA1_96 (2)
Type Payload: Transform (3)
Next payload: Transform (3)
0… …. = Critical Bit: Not Critical
Payload length: 8
Transform Type: Pseudo-random Function (PRF) (2)
Transform ID (PRF): PRF_HMAC_SHA1 (2)
Type Payload: Transform (3)
Next payload: NONE / No Next Payload (0)
0… …. = Critical Bit: Not Critical
Payload length: 8
Transform Type: Diffie-Hellman Group (D-H) (4)
Transform ID (D-H): Alternate 1024-bit MODP group (2)
Type Payload: Proposal (2) # 10
Next payload: Proposal (2)
0… …. = Critical Bit: Not Critical
Payload length: 40
Proposal number: 10
Protocol ID: IKE (1)
SPI Size: 0
Proposal transforms: 4
Type Payload: Transform (3)
Next payload: Transform (3)
0… …. = Critical Bit: Not Critical
Payload length: 8
Transform Type: Encryption Algorithm (ENCR) (1)
Transform ID (ENCR): ENCR_3DES (3)
Type Payload: Transform (3)
Next payload: Transform (3)
0… …. = Critical Bit: Not Critical
Payload length: 8
Transform Type: Integrity Algorithm (INTEG) (3)
Transform ID (INTEG): AUTH_HMAC_MD5_96 (1)
Type Payload: Transform (3)
Next payload: Transform (3)
0… …. = Critical Bit: Not Critical
Payload length: 8
Transform Type: Pseudo-random Function (PRF) (2)
Transform ID (PRF): PRF_HMAC_MD5 (1)
Type Payload: Transform (3)
Next payload: NONE / No Next Payload (0)
0… …. = Critical Bit: Not Critical
Payload length: 8
Transform Type: Diffie-Hellman Group (D-H) (4)
Transform ID (D-H): Alternate 1024-bit MODP group (2)
Type Payload: Proposal (2) # 11
Next payload: Proposal (2)
0… …. = Critical Bit: Not Critical
Payload length: 44
Proposal number: 11
Protocol ID: IKE (1)
SPI Size: 0
Proposal transforms: 4
Type Payload: Transform (3)
Next payload: Transform (3)
0… …. = Critical Bit: Not Critical
Payload length: 12
Transform Type: Encryption Algorithm (ENCR) (1)
Transform ID (ENCR): ENCR_AES_CBC (12)
Transform IKE2 Attribute Type (t=14,l=2) Key-Length : 128
Type Payload: Transform (3)
Next payload: Transform (3)
0… …. = Critical Bit: Not Critical
Payload length: 8
Transform Type: Integrity Algorithm (INTEG) (3)
Transform ID (INTEG): AUTH_HMAC_SHA1_96 (2)
Type Payload: Transform (3)
Next payload: Transform (3)
0… …. = Critical Bit: Not Critical
Payload length: 8
Transform Type: Pseudo-random Function (PRF) (2)
Transform ID (PRF): PRF_HMAC_SHA1 (2)
Type Payload: Transform (3)
Next payload: NONE / No Next Payload (0)
0… …. = Critical Bit: Not Critical
Payload length: 8
Transform Type: Diffie-Hellman Group (D-H) (4)
Transform ID (D-H): Alternate 1024-bit MODP group (2)
Type Payload: Proposal (2) # 12
Next payload: NONE / No Next Payload (0)
0… …. = Critical Bit: Not Critical
Payload length: 44
Proposal number: 12
Protocol ID: IKE (1)
SPI Size: 0
Proposal transforms: 4
Type Payload: Transform (3)
Next payload: Transform (3)
0… …. = Critical Bit: Not Critical
Payload length: 12
Transform Type: Encryption Algorithm (ENCR) (1)
Transform ID (ENCR): ENCR_AES_CBC (12)
Transform IKE2 Attribute Type (t=14,l=2) Key-Length : 128
Type Payload: Transform (3)
Next payload: Transform (3)
0… …. = Critical Bit: Not Critical
Payload length: 8
Transform Type: Integrity Algorithm (INTEG) (3)
Transform ID (INTEG): AUTH_HMAC_MD5_96 (1)
Type Payload: Transform (3)
Next payload: Transform (3)
0… …. = Critical Bit: Not Critical
Payload length: 8
Transform Type: Pseudo-random Function (PRF) (2)
Transform ID (PRF): PRF_HMAC_MD5 (1)
Type Payload: Transform (3)
Next payload: NONE / No Next Payload (0)
0… …. = Critical Bit: Not Critical
Payload length: 8
Transform Type: Diffie-Hellman Group (D-H) (4)
Transform ID (D-H): Alternate 1024-bit MODP group (2)
Type Payload: Key Exchange (34)
Next payload: Nonce (40)
0… …. = Critical Bit: Not Critical
Payload length: 264
DH Group #: 2048 bit MODP group (14)
Key Exchange Data: 9ba34256314fbfa5cd5579023f028cebc788e6c1114dd113…
Type Payload: Nonce (40)
Next payload: Vendor ID (43)
0… …. = Critical Bit: Not Critical
Payload length: 20
Nonce DATA: f48d40d373a477d9c89892b150b2c012
Type Payload: Vendor ID (43) : Unknown Vendor ID
Next payload: NONE / No Next Payload (0)
0… …. = Critical Bit: Not Critical
Payload length: 16
Vendor ID: 4f5357684b616369574d7d67
Vendor ID: Unknown Vendor ID

No. Time Source Destination Protocol Length Info
13 23.225801000 192.168.1.101 192.168.1.102 ISAKMP 878 IKE_SA_INIT

Frame 13: 878 bytes on wire (7024 bits), 878 bytes captured (7024 bits) on interface 0
Ethernet II, Src: Vmware_b0:1b:7f (00:0c:29:b0:1b:7f), Dst: Vmware_d4:27:ab (00:0c:29:d4:27:ab)
Internet Protocol Version 4, Src: 192.168.1.101 (192.168.1.101), Dst: 192.168.1.102 (192.168.1.102)
User Datagram Protocol, Src Port: isakmp (500), Dst Port: isakmp (500)
Internet Security Association and Key Management Protocol
Initiator cookie: b3e7eac2f81dcb23
Responder cookie: 0000000000000000
Next payload: Security Association (33)
Version: 2.0
Exchange type: IKE_SA_INIT (34)
Flags: 0x08
Message ID: 0x00000000
Length: 836
Type Payload: Security Association (33)
Next payload: Key Exchange (34)
0… …. = Critical Bit: Not Critical
Payload length: 508
Type Payload: Proposal (2) # 1
Next payload: Proposal (2)
0… …. = Critical Bit: Not Critical
Payload length: 44
Proposal number: 1
Protocol ID: IKE (1)
SPI Size: 0
Proposal transforms: 4
Type Payload: Transform (3)
Next payload: Transform (3)
0… …. = Critical Bit: Not Critical
Payload length: 12
Transform Type: Encryption Algorithm (ENCR) (1)
Transform ID (ENCR): ENCR_AES_CBC (12)
Transform IKE2 Attribute Type (t=14,l=2) Key-Length : 128
Type Payload: Transform (3)
Next payload: Transform (3)
0… …. = Critical Bit: Not Critical
Payload length: 8
Transform Type: Integrity Algorithm (INTEG) (3)
Transform ID (INTEG): AUTH_HMAC_SHA1_96 (2)
Type Payload: Transform (3)
Next payload: Transform (3)
0… …. = Critical Bit: Not Critical
Payload length: 8
Transform Type: Pseudo-random Function (PRF) (2)
Transform ID (PRF): PRF_HMAC_SHA1 (2)
Type Payload: Transform (3)
Next payload: NONE / No Next Payload (0)
0… …. = Critical Bit: Not Critical
Payload length: 8
Transform Type: Diffie-Hellman Group (D-H) (4)
Transform ID (D-H): 2048 bit MODP group (14)
Type Payload: Proposal (2) # 2
Next payload: Proposal (2)
0… …. = Critical Bit: Not Critical
Payload length: 44
Proposal number: 2
Protocol ID: IKE (1)
SPI Size: 0
Proposal transforms: 4
Type Payload: Transform (3)
Next payload: Transform (3)
0… …. = Critical Bit: Not Critical
Payload length: 12
Transform Type: Encryption Algorithm (ENCR) (1)
Transform ID (ENCR): ENCR_AES_CBC (12)
Transform IKE2 Attribute Type (t=14,l=2) Key-Length : 128
Type Payload: Transform (3)
Next payload: Transform (3)
0… …. = Critical Bit: Not Critical
Payload length: 8
Transform Type: Integrity Algorithm (INTEG) (3)
Transform ID (INTEG): AUTH_HMAC_MD5_96 (1)
Type Payload: Transform (3)
Next payload: Transform (3)
0… …. = Critical Bit: Not Critical
Payload length: 8
Transform Type: Pseudo-random Function (PRF) (2)
Transform ID (PRF): PRF_HMAC_MD5 (1)
Type Payload: Transform (3)
Next payload: NONE / No Next Payload (0)
0… …. = Critical Bit: Not Critical
Payload length: 8
Transform Type: Diffie-Hellman Group (D-H) (4)
Transform ID (D-H): 2048 bit MODP group (14)
Type Payload: Proposal (2) # 3
Next payload: Proposal (2)
0… …. = Critical Bit: Not Critical
Payload length: 40
Proposal number: 3
Protocol ID: IKE (1)
SPI Size: 0
Proposal transforms: 4
Type Payload: Transform (3)
Next payload: Transform (3)
0… …. = Critical Bit: Not Critical
Payload length: 8
Transform Type: Encryption Algorithm (ENCR) (1)
Transform ID (ENCR): ENCR_3DES (3)
Type Payload: Transform (3)
Next payload: Transform (3)
0… …. = Critical Bit: Not Critical
Payload length: 8
Transform Type: Integrity Algorithm (INTEG) (3)
Transform ID (INTEG): AUTH_HMAC_SHA1_96 (2)
Type Payload: Transform (3)
Next payload: Transform (3)
0… …. = Critical Bit: Not Critical
Payload length: 8
Transform Type: Pseudo-random Function (PRF) (2)
Transform ID (PRF): PRF_HMAC_SHA1 (2)
Type Payload: Transform (3)
Next payload: NONE / No Next Payload (0)
0… …. = Critical Bit: Not Critical
Payload length: 8
Transform Type: Diffie-Hellman Group (D-H) (4)
Transform ID (D-H): 2048 bit MODP group (14)
Type Payload: Proposal (2) # 4
Next payload: Proposal (2)
0… …. = Critical Bit: Not Critical
Payload length: 40
Proposal number: 4
Protocol ID: IKE (1)
SPI Size: 0
Proposal transforms: 4
Type Payload: Transform (3)
Next payload: Transform (3)
0… …. = Critical Bit: Not Critical
Payload length: 8
Transform Type: Encryption Algorithm (ENCR) (1)
Transform ID (ENCR): ENCR_3DES (3)
Type Payload: Transform (3)
Next payload: Transform (3)
0… …. = Critical Bit: Not Critical
Payload length: 8
Transform Type: Integrity Algorithm (INTEG) (3)
Transform ID (INTEG): AUTH_HMAC_MD5_96 (1)
Type Payload: Transform (3)
Next payload: Transform (3)
0… …. = Critical Bit: Not Critical
Payload length: 8
Transform Type: Pseudo-random Function (PRF) (2)
Transform ID (PRF): PRF_HMAC_MD5 (1)
Type Payload: Transform (3)
Next payload: NONE / No Next Payload (0)
0… …. = Critical Bit: Not Critical
Payload length: 8
Transform Type: Diffie-Hellman Group (D-H) (4)
Transform ID (D-H): 2048 bit MODP group (14)
Type Payload: Proposal (2) # 5
Next payload: Proposal (2)
0… …. = Critical Bit: Not Critical
Payload length: 44
Proposal number: 5
Protocol ID: IKE (1)
SPI Size: 0
Proposal transforms: 4
Type Payload: Transform (3)
Next payload: Transform (3)
0… …. = Critical Bit: Not Critical
Payload length: 12
Transform Type: Encryption Algorithm (ENCR) (1)
Transform ID (ENCR): ENCR_AES_CBC (12)
Transform IKE2 Attribute Type (t=14,l=2) Key-Length : 128
Type Payload: Transform (3)
Next payload: Transform (3)
0… …. = Critical Bit: Not Critical
Payload length: 8
Transform Type: Integrity Algorithm (INTEG) (3)
Transform ID (INTEG): AUTH_HMAC_SHA1_96 (2)
Type Payload: Transform (3)
Next payload: Transform (3)
0… …. = Critical Bit: Not Critical
Payload length: 8
Transform Type: Pseudo-random Function (PRF) (2)
Transform ID (PRF): PRF_HMAC_SHA1 (2)
Type Payload: Transform (3)
Next payload: NONE / No Next Payload (0)
0… …. = Critical Bit: Not Critical
Payload length: 8
Transform Type: Diffie-Hellman Group (D-H) (4)
Transform ID (D-H): 1536 bit MODP group (5)
Type Payload: Proposal (2) # 6
Next payload: Proposal (2)
0… …. = Critical Bit: Not Critical
Payload length: 44
Proposal number: 6
Protocol ID: IKE (1)
SPI Size: 0
Proposal transforms: 4
Type Payload: Transform (3)
Next payload: Transform (3)
0… …. = Critical Bit: Not Critical
Payload length: 12
Transform Type: Encryption Algorithm (ENCR) (1)
Transform ID (ENCR): ENCR_AES_CBC (12)
Transform IKE2 Attribute Type (t=14,l=2) Key-Length : 128
Type Payload: Transform (3)
Next payload: Transform (3)
0… …. = Critical Bit: Not Critical
Payload length: 8
Transform Type: Integrity Algorithm (INTEG) (3)
Transform ID (INTEG): AUTH_HMAC_MD5_96 (1)
Type Payload: Transform (3)
Next payload: Transform (3)
0… …. = Critical Bit: Not Critical
Payload length: 8
Transform Type: Pseudo-random Function (PRF) (2)
Transform ID (PRF): PRF_HMAC_MD5 (1)
Type Payload: Transform (3)
Next payload: NONE / No Next Payload (0)
0… …. = Critical Bit: Not Critical
Payload length: 8
Transform Type: Diffie-Hellman Group (D-H) (4)
Transform ID (D-H): 1536 bit MODP group (5)
Type Payload: Proposal (2) # 7
Next payload: Proposal (2)
0… …. = Critical Bit: Not Critical
Payload length: 40
Proposal number: 7
Protocol ID: IKE (1)
SPI Size: 0
Proposal transforms: 4
Type Payload: Transform (3)
Next payload: Transform (3)
0… …. = Critical Bit: Not Critical
Payload length: 8
Transform Type: Encryption Algorithm (ENCR) (1)
Transform ID (ENCR): ENCR_3DES (3)
Type Payload: Transform (3)
Next payload: Transform (3)
0… …. = Critical Bit: Not Critical
Payload length: 8
Transform Type: Integrity Algorithm (INTEG) (3)
Transform ID (INTEG): AUTH_HMAC_SHA1_96 (2)
Type Payload: Transform (3)
Next payload: Transform (3)
0… …. = Critical Bit: Not Critical
Payload length: 8
Transform Type: Pseudo-random Function (PRF) (2)
Transform ID (PRF): PRF_HMAC_SHA1 (2)
Type Payload: Transform (3)
Next payload: NONE / No Next Payload (0)
0… …. = Critical Bit: Not Critical
Payload length: 8
Transform Type: Diffie-Hellman Group (D-H) (4)
Transform ID (D-H): 1536 bit MODP group (5)
Type Payload: Proposal (2) # 8
Next payload: Proposal (2)
0… …. = Critical Bit: Not Critical
Payload length: 40
Proposal number: 8
Protocol ID: IKE (1)
SPI Size: 0
Proposal transforms: 4
Type Payload: Transform (3)
Next payload: Transform (3)
0… …. = Critical Bit: Not Critical
Payload length: 8
Transform Type: Encryption Algorithm (ENCR) (1)
Transform ID (ENCR): ENCR_3DES (3)
Type Payload: Transform (3)
Next payload: Transform (3)
0… …. = Critical Bit: Not Critical
Payload length: 8
Transform Type: Integrity Algorithm (INTEG) (3)
Transform ID (INTEG): AUTH_HMAC_MD5_96 (1)
Type Payload: Transform (3)
Next payload: Transform (3)
0… …. = Critical Bit: Not Critical
Payload length: 8
Transform Type: Pseudo-random Function (PRF) (2)
Transform ID (PRF): PRF_HMAC_MD5 (1)
Type Payload: Transform (3)
Next payload: NONE / No Next Payload (0)
0… …. = Critical Bit: Not Critical
Payload length: 8
Transform Type: Diffie-Hellman Group (D-H) (4)
Transform ID (D-H): 1536 bit MODP group (5)
Type Payload: Proposal (2) # 9
Next payload: Proposal (2)
0… …. = Critical Bit: Not Critical
Payload length: 40
Proposal number: 9
Protocol ID: IKE (1)
SPI Size: 0
Proposal transforms: 4
Type Payload: Transform (3)
Next payload: Transform (3)
0… …. = Critical Bit: Not Critical
Payload length: 8
Transform Type: Encryption Algorithm (ENCR) (1)
Transform ID (ENCR): ENCR_3DES (3)
Type Payload: Transform (3)
Next payload: Transform (3)
0… …. = Critical Bit: Not Critical
Payload length: 8
Transform Type: Integrity Algorithm (INTEG) (3)
Transform ID (INTEG): AUTH_HMAC_SHA1_96 (2)
Type Payload: Transform (3)
Next payload: Transform (3)
0… …. = Critical Bit: Not Critical
Payload length: 8
Transform Type: Pseudo-random Function (PRF) (2)
Transform ID (PRF): PRF_HMAC_SHA1 (2)
Type Payload: Transform (3)
Next payload: NONE / No Next Payload (0)
0… …. = Critical Bit: Not Critical
Payload length: 8
Transform Type: Diffie-Hellman Group (D-H) (4)
Transform ID (D-H): Alternate 1024-bit MODP group (2)
Type Payload: Proposal (2) # 10
Next payload: Proposal (2)
0… …. = Critical Bit: Not Critical
Payload length: 40
Proposal number: 10
Protocol ID: IKE (1)
SPI Size: 0
Proposal transforms: 4
Type Payload: Transform (3)
Next payload: Transform (3)
0… …. = Critical Bit: Not Critical
Payload length: 8
Transform Type: Encryption Algorithm (ENCR) (1)
Transform ID (ENCR): ENCR_3DES (3)
Type Payload: Transform (3)
Next payload: Transform (3)
0… …. = Critical Bit: Not Critical
Payload length: 8
Transform Type: Integrity Algorithm (INTEG) (3)
Transform ID (INTEG): AUTH_HMAC_MD5_96 (1)
Type Payload: Transform (3)
Next payload: Transform (3)
0… …. = Critical Bit: Not Critical
Payload length: 8
Transform Type: Pseudo-random Function (PRF) (2)
Transform ID (PRF): PRF_HMAC_MD5 (1)
Type Payload: Transform (3)
Next payload: NONE / No Next Payload (0)
0… …. = Critical Bit: Not Critical
Payload length: 8
Transform Type: Diffie-Hellman Group (D-H) (4)
Transform ID (D-H): Alternate 1024-bit MODP group (2)
Type Payload: Proposal (2) # 11
Next payload: Proposal (2)
0… …. = Critical Bit: Not Critical
Payload length: 44
Proposal number: 11
Protocol ID: IKE (1)
SPI Size: 0
Proposal transforms: 4
Type Payload: Transform (3)
Next payload: Transform (3)
0… …. = Critical Bit: Not Critical
Payload length: 12
Transform Type: Encryption Algorithm (ENCR) (1)
Transform ID (ENCR): ENCR_AES_CBC (12)
Transform IKE2 Attribute Type (t=14,l=2) Key-Length : 128
Type Payload: Transform (3)
Next payload: Transform (3)
0… …. = Critical Bit: Not Critical
Payload length: 8
Transform Type: Integrity Algorithm (INTEG) (3)
Transform ID (INTEG): AUTH_HMAC_SHA1_96 (2)
Type Payload: Transform (3)
Next payload: Transform (3)
0… …. = Critical Bit: Not Critical
Payload length: 8
Transform Type: Pseudo-random Function (PRF) (2)
Transform ID (PRF): PRF_HMAC_SHA1 (2)
Type Payload: Transform (3)
Next payload: NONE / No Next Payload (0)
0… …. = Critical Bit: Not Critical
Payload length: 8
Transform Type: Diffie-Hellman Group (D-H) (4)
Transform ID (D-H): Alternate 1024-bit MODP group (2)
Type Payload: Proposal (2) # 12
Next payload: NONE / No Next Payload (0)
0… …. = Critical Bit: Not Critical
Payload length: 44
Proposal number: 12
Protocol ID: IKE (1)
SPI Size: 0
Proposal transforms: 4
Type Payload: Transform (3)
Next payload: Transform (3)
0… …. = Critical Bit: Not Critical
Payload length: 12
Transform Type: Encryption Algorithm (ENCR) (1)
Transform ID (ENCR): ENCR_AES_CBC (12)
Transform IKE2 Attribute Type (t=14,l=2) Key-Length : 128
Type Payload: Transform (3)
Next payload: Transform (3)
0… …. = Critical Bit: Not Critical
Payload length: 8
Transform Type: Integrity Algorithm (INTEG) (3)
Transform ID (INTEG): AUTH_HMAC_MD5_96 (1)
Type Payload: Transform (3)
Next payload: Transform (3)
0… …. = Critical Bit: Not Critical
Payload length: 8
Transform Type: Pseudo-random Function (PRF) (2)
Transform ID (PRF): PRF_HMAC_MD5 (1)
Type Payload: Transform (3)
Next payload: NONE / No Next Payload (0)
0… …. = Critical Bit: Not Critical
Payload length: 8
Transform Type: Diffie-Hellman Group (D-H) (4)
Transform ID (D-H): Alternate 1024-bit MODP group (2)
Type Payload: Key Exchange (34)
Next payload: Nonce (40)
0… …. = Critical Bit: Not Critical
Payload length: 264
DH Group #: 2048 bit MODP group (14)
Key Exchange Data: 25ec23221163a34b5b6f70ae97ccbfd32fb421f56b65013d…
Type Payload: Nonce (40)
Next payload: Vendor ID (43)
0… …. = Critical Bit: Not Critical
Payload length: 20
Nonce DATA: 91607b5abc8b606996f12d18c34161cc
Type Payload: Vendor ID (43) : Unknown Vendor ID
Next payload: NONE / No Next Payload (0)
0… …. = Critical Bit: Not Critical
Payload length: 16
Vendor ID: 4f5357684b616369574d7d67
Vendor ID: Unknown Vendor ID

No. Time Source Destination Protocol Length Info
14 23.225834000 192.168.1.102 192.168.1.101 ICMP 590 Destination unreachable (Port unreachable)

Frame 14: 590 bytes on wire (4720 bits), 590 bytes captured (4720 bits) on interface 0
Ethernet II, Src: Vmware_d4:27:ab (00:0c:29:d4:27:ab), Dst: Vmware_b0:1b:7f (00:0c:29:b0:1b:7f)
Internet Protocol Version 4, Src: 192.168.1.102 (192.168.1.102), Dst: 192.168.1.101 (192.168.1.101)
Internet Control Message Protocol

No. Time Source Destination Protocol Length Info
15 33.239501000 192.168.1.101 192.168.1.102 ISAKMP 878 IKE_SA_INIT

Frame 15: 878 bytes on wire (7024 bits), 878 bytes captured (7024 bits) on interface 0
Ethernet II, Src: Vmware_b0:1b:7f (00:0c:29:b0:1b:7f), Dst: Vmware_d4:27:ab (00:0c:29:d4:27:ab)
Internet Protocol Version 4, Src: 192.168.1.101 (192.168.1.101), Dst: 192.168.1.102 (192.168.1.102)
User Datagram Protocol, Src Port: isakmp (500), Dst Port: isakmp (500)
Internet Security Association and Key Management Protocol
Initiator cookie: b3e7eac2f81dcb23
Responder cookie: 0000000000000000
Next payload: Security Association (33)
Version: 2.0
Exchange type: IKE_SA_INIT (34)
Flags: 0x08
Message ID: 0x00000000
Length: 836
Type Payload: Security Association (33)
Next payload: Key Exchange (34)
0… …. = Critical Bit: Not Critical
Payload length: 508
Type Payload: Proposal (2) # 1
Next payload: Proposal (2)
0… …. = Critical Bit: Not Critical
Payload length: 44
Proposal number: 1
Protocol ID: IKE (1)
SPI Size: 0
Proposal transforms: 4
Type Payload: Transform (3)
Next payload: Transform (3)
0… …. = Critical Bit: Not Critical
Payload length: 12
Transform Type: Encryption Algorithm (ENCR) (1)
Transform ID (ENCR): ENCR_AES_CBC (12)
Transform IKE2 Attribute Type (t=14,l=2) Key-Length : 128
Type Payload: Transform (3)
Next payload: Transform (3)
0… …. = Critical Bit: Not Critical
Payload length: 8
Transform Type: Integrity Algorithm (INTEG) (3)
Transform ID (INTEG): AUTH_HMAC_SHA1_96 (2)
Type Payload: Transform (3)
Next payload: Transform (3)
0… …. = Critical Bit: Not Critical
Payload length: 8
Transform Type: Pseudo-random Function (PRF) (2)
Transform ID (PRF): PRF_HMAC_SHA1 (2)
Type Payload: Transform (3)
Next payload: NONE / No Next Payload (0)
0… …. = Critical Bit: Not Critical
Payload length: 8
Transform Type: Diffie-Hellman Group (D-H) (4)
Transform ID (D-H): 2048 bit MODP group (14)
Type Payload: Proposal (2) # 2
Next payload: Proposal (2)
0… …. = Critical Bit: Not Critical
Payload length: 44
Proposal number: 2
Protocol ID: IKE (1)
SPI Size: 0
Proposal transforms: 4
Type Payload: Transform (3)
Next payload: Transform (3)
0… …. = Critical Bit: Not Critical
Payload length: 12
Transform Type: Encryption Algorithm (ENCR) (1)
Transform ID (ENCR): ENCR_AES_CBC (12)
Transform IKE2 Attribute Type (t=14,l=2) Key-Length : 128
Type Payload: Transform (3)
Next payload: Transform (3)
0… …. = Critical Bit: Not Critical
Payload length: 8
Transform Type: Integrity Algorithm (INTEG) (3)
Transform ID (INTEG): AUTH_HMAC_MD5_96 (1)
Type Payload: Transform (3)
Next payload: Transform (3)
0… …. = Critical Bit: Not Critical
Payload length: 8
Transform Type: Pseudo-random Function (PRF) (2)
Transform ID (PRF): PRF_HMAC_MD5 (1)
Type Payload: Transform (3)
Next payload: NONE / No Next Payload (0)
0… …. = Critical Bit: Not Critical
Payload length: 8
Transform Type: Diffie-Hellman Group (D-H) (4)
Transform ID (D-H): 2048 bit MODP group (14)
Type Payload: Proposal (2) # 3
Next payload: Proposal (2)
0… …. = Critical Bit: Not Critical
Payload length: 40
Proposal number: 3
Protocol ID: IKE (1)
SPI Size: 0
Proposal transforms: 4
Type Payload: Transform (3)
Next payload: Transform (3)
0… …. = Critical Bit: Not Critical
Payload length: 8
Transform Type: Encryption Algorithm (ENCR) (1)
Transform ID (ENCR): ENCR_3DES (3)
Type Payload: Transform (3)
Next payload: Transform (3)
0… …. = Critical Bit: Not Critical
Payload length: 8
Transform Type: Integrity Algorithm (INTEG) (3)
Transform ID (INTEG): AUTH_HMAC_SHA1_96 (2)
Type Payload: Transform (3)
Next payload: Transform (3)
0… …. = Critical Bit: Not Critical
Payload length: 8
Transform Type: Pseudo-random Function (PRF) (2)
Transform ID (PRF): PRF_HMAC_SHA1 (2)
Type Payload: Transform (3)
Next payload: NONE / No Next Payload (0)
0… …. = Critical Bit: Not Critical
Payload length: 8
Transform Type: Diffie-Hellman Group (D-H) (4)
Transform ID (D-H): 2048 bit MODP group (14)
Type Payload: Proposal (2) # 4
Next payload: Proposal (2)
0… …. = Critical Bit: Not Critical
Payload length: 40
Proposal number: 4
Protocol ID: IKE (1)
SPI Size: 0
Proposal transforms: 4
Type Payload: Transform (3)
Next payload: Transform (3)
0… …. = Critical Bit: Not Critical
Payload length: 8
Transform Type: Encryption Algorithm (ENCR) (1)
Transform ID (ENCR): ENCR_3DES (3)
Type Payload: Transform (3)
Next payload: Transform (3)
0… …. = Critical Bit: Not Critical
Payload length: 8
Transform Type: Integrity Algorithm (INTEG) (3)
Transform ID (INTEG): AUTH_HMAC_MD5_96 (1)
Type Payload: Transform (3)
Next payload: Transform (3)
0… …. = Critical Bit: Not Critical
Payload length: 8
Transform Type: Pseudo-random Function (PRF) (2)
Transform ID (PRF): PRF_HMAC_MD5 (1)
Type Payload: Transform (3)
Next payload: NONE / No Next Payload (0)
0… …. = Critical Bit: Not Critical
Payload length: 8
Transform Type: Diffie-Hellman Group (D-H) (4)
Transform ID (D-H): 2048 bit MODP group (14)
Type Payload: Proposal (2) # 5
Next payload: Proposal (2)
0… …. = Critical Bit: Not Critical
Payload length: 44
Proposal number: 5
Protocol ID: IKE (1)
SPI Size: 0
Proposal transforms: 4
Type Payload: Transform (3)
Next payload: Transform (3)
0… …. = Critical Bit: Not Critical
Payload length: 12
Transform Type: Encryption Algorithm (ENCR) (1)
Transform ID (ENCR): ENCR_AES_CBC (12)
Transform IKE2 Attribute Type (t=14,l=2) Key-Length : 128
Type Payload: Transform (3)
Next payload: Transform (3)
0… …. = Critical Bit: Not Critical
Payload length: 8
Transform Type: Integrity Algorithm (INTEG) (3)
Transform ID (INTEG): AUTH_HMAC_SHA1_96 (2)
Type Payload: Transform (3)
Next payload: Transform (3)
0… …. = Critical Bit: Not Critical
Payload length: 8
Transform Type: Pseudo-random Function (PRF) (2)
Transform ID (PRF): PRF_HMAC_SHA1 (2)
Type Payload: Transform (3)
Next payload: NONE / No Next Payload (0)
0… …. = Critical Bit: Not Critical
Payload length: 8
Transform Type: Diffie-Hellman Group (D-H) (4)
Transform ID (D-H): 1536 bit MODP group (5)
Type Payload: Proposal (2) # 6
Next payload: Proposal (2)
0… …. = Critical Bit: Not Critical
Payload length: 44
Proposal number: 6
Protocol ID: IKE (1)
SPI Size: 0
Proposal transforms: 4
Type Payload: Transform (3)
Next payload: Transform (3)
0… …. = Critical Bit: Not Critical
Payload length: 12
Transform Type: Encryption Algorithm (ENCR) (1)
Transform ID (ENCR): ENCR_AES_CBC (12)
Transform IKE2 Attribute Type (t=14,l=2) Key-Length : 128
Type Payload: Transform (3)
Next payload: Transform (3)
0… …. = Critical Bit: Not Critical
Payload length: 8
Transform Type: Integrity Algorithm (INTEG) (3)
Transform ID (INTEG): AUTH_HMAC_MD5_96 (1)
Type Payload: Transform (3)
Next payload: Transform (3)
0… …. = Critical Bit: Not Critical
Payload length: 8
Transform Type: Pseudo-random Function (PRF) (2)
Transform ID (PRF): PRF_HMAC_MD5 (1)
Type Payload: Transform (3)
Next payload: NONE / No Next Payload (0)
0… …. = Critical Bit: Not Critical
Payload length: 8
Transform Type: Diffie-Hellman Group (D-H) (4)
Transform ID (D-H): 1536 bit MODP group (5)
Type Payload: Proposal (2) # 7
Next payload: Proposal (2)
0… …. = Critical Bit: Not Critical
Payload length: 40
Proposal number: 7
Protocol ID: IKE (1)
SPI Size: 0
Proposal transforms: 4
Type Payload: Transform (3)
Next payload: Transform (3)
0… …. = Critical Bit: Not Critical
Payload length: 8
Transform Type: Encryption Algorithm (ENCR) (1)
Transform ID (ENCR): ENCR_3DES (3)
Type Payload: Transform (3)
Next payload: Transform (3)
0… …. = Critical Bit: Not Critical
Payload length: 8
Transform Type: Integrity Algorithm (INTEG) (3)
Transform ID (INTEG): AUTH_HMAC_SHA1_96 (2)
Type Payload: Transform (3)
Next payload: Transform (3)
0… …. = Critical Bit: Not Critical
Payload length: 8
Transform Type: Pseudo-random Function (PRF) (2)
Transform ID (PRF): PRF_HMAC_SHA1 (2)
Type Payload: Transform (3)
Next payload: NONE / No Next Payload (0)
0… …. = Critical Bit: Not Critical
Payload length: 8
Transform Type: Diffie-Hellman Group (D-H) (4)
Transform ID (D-H): 1536 bit MODP group (5)
Type Payload: Proposal (2) # 8
Next payload: Proposal (2)
0… …. = Critical Bit: Not Critical
Payload length: 40
Proposal number: 8
Protocol ID: IKE (1)
SPI Size: 0
Proposal transforms: 4
Type Payload: Transform (3)
Next payload: Transform (3)
0… …. = Critical Bit: Not Critical
Payload length: 8
Transform Type: Encryption Algorithm (ENCR) (1)
Transform ID (ENCR): ENCR_3DES (3)
Type Payload: Transform (3)
Next payload: Transform (3)
0… …. = Critical Bit: Not Critical
Payload length: 8
Transform Type: Integrity Algorithm (INTEG) (3)
Transform ID (INTEG): AUTH_HMAC_MD5_96 (1)
Type Payload: Transform (3)
Next payload: Transform (3)
0… …. = Critical Bit: Not Critical
Payload length: 8
Transform Type: Pseudo-random Function (PRF) (2)
Transform ID (PRF): PRF_HMAC_MD5 (1)
Type Payload: Transform (3)
Next payload: NONE / No Next Payload (0)
0… …. = Critical Bit: Not Critical
Payload length: 8
Transform Type: Diffie-Hellman Group (D-H) (4)
Transform ID (D-H): 1536 bit MODP group (5)
Type Payload: Proposal (2) # 9
Next payload: Proposal (2)
0… …. = Critical Bit: Not Critical
Payload length: 40
Proposal number: 9
Protocol ID: IKE (1)
SPI Size: 0
Proposal transforms: 4
Type Payload: Transform (3)
Next payload: Transform (3)
0… …. = Critical Bit: Not Critical
Payload length: 8
Transform Type: Encryption Algorithm (ENCR) (1)
Transform ID (ENCR): ENCR_3DES (3)
Type Payload: Transform (3)
Next payload: Transform (3)
0… …. = Critical Bit: Not Critical
Payload length: 8
Transform Type: Integrity Algorithm (INTEG) (3)
Transform ID (INTEG): AUTH_HMAC_SHA1_96 (2)
Type Payload: Transform (3)
Next payload: Transform (3)
0… …. = Critical Bit: Not Critical
Payload length: 8
Transform Type: Pseudo-random Function (PRF) (2)
Transform ID (PRF): PRF_HMAC_SHA1 (2)
Type Payload: Transform (3)
Next payload: NONE / No Next Payload (0)
0… …. = Critical Bit: Not Critical
Payload length: 8
Transform Type: Diffie-Hellman Group (D-H) (4)
Transform ID (D-H): Alternate 1024-bit MODP group (2)
Type Payload: Proposal (2) # 10
Next payload: Proposal (2)
0… …. = Critical Bit: Not Critical
Payload length: 40
Proposal number: 10
Protocol ID: IKE (1)
SPI Size: 0
Proposal transforms: 4
Type Payload: Transform (3)
Next payload: Transform (3)
0… …. = Critical Bit: Not Critical
Payload length: 8
Transform Type: Encryption Algorithm (ENCR) (1)
Transform ID (ENCR): ENCR_3DES (3)
Type Payload: Transform (3)
Next payload: Transform (3)
0… …. = Critical Bit: Not Critical
Payload length: 8
Transform Type: Integrity Algorithm (INTEG) (3)
Transform ID (INTEG): AUTH_HMAC_MD5_96 (1)
Type Payload: Transform (3)
Next payload: Transform (3)
0… …. = Critical Bit: Not Critical
Payload length: 8
Transform Type: Pseudo-random Function (PRF) (2)
Transform ID (PRF): PRF_HMAC_MD5 (1)
Type Payload: Transform (3)
Next payload: NONE / No Next Payload (0)
0… …. = Critical Bit: Not Critical
Payload length: 8
Transform Type: Diffie-Hellman Group (D-H) (4)
Transform ID (D-H): Alternate 1024-bit MODP group (2)
Type Payload: Proposal (2) # 11
Next payload: Proposal (2)
0… …. = Critical Bit: Not Critical
Payload length: 44
Proposal number: 11
Protocol ID: IKE (1)
SPI Size: 0
Proposal transforms: 4
Type Payload: Transform (3)
Next payload: Transform (3)
0… …. = Critical Bit: Not Critical
Payload length: 12
Transform Type: Encryption Algorithm (ENCR) (1)
Transform ID (ENCR): ENCR_AES_CBC (12)
Transform IKE2 Attribute Type (t=14,l=2) Key-Length : 128
Type Payload: Transform (3)
Next payload: Transform (3)
0… …. = Critical Bit: Not Critical
Payload length: 8
Transform Type: Integrity Algorithm (INTEG) (3)
Transform ID (INTEG): AUTH_HMAC_SHA1_96 (2)
Type Payload: Transform (3)
Next payload: Transform (3)
0… …. = Critical Bit: Not Critical
Payload length: 8
Transform Type: Pseudo-random Function (PRF) (2)
Transform ID (PRF): PRF_HMAC_SHA1 (2)
Type Payload: Transform (3)
Next payload: NONE / No Next Payload (0)
0… …. = Critical Bit: Not Critical
Payload length: 8
Transform Type: Diffie-Hellman Group (D-H) (4)
Transform ID (D-H): Alternate 1024-bit MODP group (2)
Type Payload: Proposal (2) # 12
Next payload: NONE / No Next Payload (0)
0… …. = Critical Bit: Not Critical
Payload length: 44
Proposal number: 12
Protocol ID: IKE (1)
SPI Size: 0
Proposal transforms: 4
Type Payload: Transform (3)
Next payload: Transform (3)
0… …. = Critical Bit: Not Critical
Payload length: 12
Transform Type: Encryption Algorithm (ENCR) (1)
Transform ID (ENCR): ENCR_AES_CBC (12)
Transform IKE2 Attribute Type (t=14,l=2) Key-Length : 128
Type Payload: Transform (3)
Next payload: Transform (3)
0… …. = Critical Bit: Not Critical
Payload length: 8
Transform Type: Integrity Algorithm (INTEG) (3)
Transform ID (INTEG): AUTH_HMAC_MD5_96 (1)
Type Payload: Transform (3)
Next payload: Transform (3)
0… …. = Critical Bit: Not Critical
Payload length: 8
Transform Type: Pseudo-random Function (PRF) (2)
Transform ID (PRF): PRF_HMAC_MD5 (1)
Type Payload: Transform (3)
Next payload: NONE / No Next Payload (0)
0… …. = Critical Bit: Not Critical
Payload length: 8
Transform Type: Diffie-Hellman Group (D-H) (4)
Transform ID (D-H): Alternate 1024-bit MODP group (2)
Type Payload: Key Exchange (34)
Next payload: Nonce (40)
0… …. = Critical Bit: Not Critical
Payload length: 264
DH Group #: 2048 bit MODP group (14)
Key Exchange Data: 25ec23221163a34b5b6f70ae97ccbfd32fb421f56b65013d…
Type Payload: Nonce (40)
Next payload: Vendor ID (43)
0… …. = Critical Bit: Not Critical
Payload length: 20
Nonce DATA: 91607b5abc8b606996f12d18c34161cc
Type Payload: Vendor ID (43) : Unknown Vendor ID
Next payload: NONE / No Next Payload (0)
0… …. = Critical Bit: Not Critical
Payload length: 16
Vendor ID: 4f5357684b616369574d7d67
Vendor ID: Unknown Vendor ID

No. Time Source Destination Protocol Length Info
16 33.239564000 192.168.1.102 192.168.1.101 ICMP 590 Destination unreachable (Port unreachable)

Frame 16: 590 bytes on wire (4720 bits), 590 bytes captured (4720 bits) on interface 0
Ethernet II, Src: Vmware_d4:27:ab (00:0c:29:d4:27:ab), Dst: Vmware_b0:1b:7f (00:0c:29:b0:1b:7f)
Internet Protocol Version 4, Src: 192.168.1.102 (192.168.1.102), Dst: 192.168.1.101 (192.168.1.101)
Internet Control Message Protocol

你可能感兴趣的:(openswan)