Estou tentando entender os logs IPSec. Seria ótimo se alguém pudesse me ajudar a entender as principais coisas que eu procuro e como solucionar qualquer problema de ipsec. Seria ótimo se alguém pudesse me ajudar a visualizar como esse túnel IPSec é configurado
Eu particularmente quero saber este bit: 166.83.21.33 == [114.23.239.222] < 4500 > < ----- > [210.54.48.233] == 166.83.0.0
SNAT: 166.83.21.33
IP público: 114.23.239.222
ip público do lado direito: 210.54.48.233
166.83.0.0 - ??
Tunnel Id=35180 State=STATE_QUICK_R2 - ISAKMP Header, Connected Notification
166.83.21.33==[114.23.239.222]<4500><----->[210.54.48.233]==166.83.0.0
Connection argument used: --name tun35180 --id 114.23.239.222 --host 114.23.239.222 --client 166.83.21.33/255.255.255.255 --nexthop 114.23.3.254 --updown /lib/ipsec/_updown --to --id 210.54.48.233 --host 210.54.48.233 --client 166.83.0.0/255.255.0.0 --pfs --pfsgroup=modp1024 --esp=aes128-sha1 --ipseclifetime=10800 --ikelifetime=14400 --keyingtries=5 --encrypt --psk --updown /lib/ipsec/_updown --delete
Log:
2016-10-06 06:37:04 added connection description "tun35180"
2016-10-06 06:37:04 "tun35180" #1: initiating Main Mode
2016-10-06 06:37:04 ERROR: "tun35180" #1: sendto on ppp2 to 210.54.48.233:500 failed in main_outI1. Errno 1: Operation not permitted
2016-10-06 06:37:14 "tun35180" #1: ignoring unknown Vendor ID payload [4f45755c645c6a795c5c6170]
2016-10-06 06:37:14 "tun35180" #1: received Vendor ID payload [Dead Peer Detection]
2016-10-06 06:37:14 "tun35180" #1: received Vendor ID payload [RFC 3947] method set to=115
2016-10-06 06:37:14 "tun35180" #1: enabling possible NAT-traversal with method RFC 3947 (NAT-Traversal)
2016-10-06 06:37:14 "tun35180" #1: transition from state STATE_MAIN_I1 to state STATE_MAIN_I2
2016-10-06 06:37:14 "tun35180" #1: STATE_MAIN_I2: sent MI2, expecting MR2
2016-10-06 06:37:15 "tun35180" #1: NAT-Traversal: Result using draft-ietf-ipsec-nat-t-ike (MacOS X): no NAT detected
2016-10-06 06:37:15 "tun35180" #1: transition from state STATE_MAIN_I2 to state STATE_MAIN_I3
2016-10-06 06:37:15 "tun35180" #1: STATE_MAIN_I3: sent MI3, expecting MR3
2016-10-06 06:37:15 "tun35180" #1: Main mode peer ID is ID_IPV4_ADDR: '210.54.48.233'
2016-10-06 06:37:15 "tun35180" #1: transition from state STATE_MAIN_I3 to state STATE_MAIN_I4
2016-10-06 06:37:15 "tun35180" #1: STATE_MAIN_I4: ISAKMP SA established {auth=OAKLEY_PRESHARED_KEY cipher=aes_128 prf=oakley_sha group=modp2048}
2016-10-06 06:37:15 "tun35180" #4: initiating Quick Mode PSK+ENCRYPT+TUNNEL+PFS+UP {using isakmp#1 msgid:c49a6cd8 proposal=AES(12)_128-SHA1(2)_160 pfsgroup=OAKLEY_GROUP_MODP1024}
2016-10-06 06:37:15 "tun35180" #4: transition from state STATE_QUICK_I1 to state STATE_QUICK_I2
2016-10-06 06:37:15 "tun35180" #4: STATE_QUICK_I2: sent QI2, IPsec SA established tunnel mode {ESP=>0x46eba4aa <0x334fea87 xfrm