cjac

cjac@edge:~$ sudo ipsec statusall cabin
Status of IKE charon daemon (strongSwan 5.5.0, Linux 4.4.0-1-amd64, x86_64):
  uptime: 48 minutes, since Oct 27 18:46:06 2016
  malloc: sbrk 1458176, mmap 0, used 419120, free 1039056
  worker threads: 11 of 16 idle, 5/0/0/0 working, job queue: 0/0/0/0, scheduled: 11
  loaded plugins: charon aes rc2 sha2 sha1 md5 random nonce x509 revocation constraints pubkey pkcs1 pkcs7 pkcs8 pkcs12 pgp dnskey sshkey pem openssl fips-prf gmp agent xcbc hmac gcm attr kernel-netlink resolve socket-default connmark stroke updown
Listening IP addresses:
  208.115.126.77
  2607:ff08:f5:0:ffff:ffff:ffff:ffff
  2607:ff08:f5:7::5

cjac

oct/27 22:37:49 system,error,critical login failure for user admin from 172.16.67.42 via web 
oct/27 22:38:10 system,info,account user admin logged in from 172.16.67.42 via web 
oct/27 22:38:10 system,info,account user admin logged in via local 
oct/27 22:38:30 system,info log rule added by admin 
oct/27 22:38:44 ipsec,debug,packet ========== 
oct/27 22:38:44 ipsec,debug,packet 108 bytes message received from 208.115.126.77[500] to 192.168.1.3
9[500] 
oct/27 22:38:44 ipsec,debug,packet 1b6b1bfe a9a57960 12ee8431 d7f72456 08100501 ae47881e 0000006c 233
11ff5 
oct/27 22:38:44 ipsec,debug,packet f521582e 7deceb57 949724d2 5297c2ad bc60a7d2 058cc505 c1ef2743 ae0

cjac

oct/27 22:40:29 ipsec,debug,packet 46e9f5a3 b3c2542f 6e9afe04 ef6225a6 a3df
1ec5 
oct/27 22:40:29 ipsec,debug,packet hash(sha2_256) 
oct/27 22:40:29 ipsec,debug,packet encryption(aes) 
oct/27 22:40:29 ipsec,debug,packet phase2 IV computed: 
oct/27 22:40:29 ipsec,debug,packet 601b8f45 65746cf9 28128b5d 0ef86ffa 
oct/27 22:40:29 ipsec,debug,packet encryption(aes) 
oct/27 22:40:29 ipsec,debug,packet IV was saved for next processing: 
oct/27 22:40:29 ipsec,debug,packet f52f2d3e b4b2f7b2 35cfbd96 90376438 

cjac

Nov  1 17:19:17 edge charon: 09[IKE] sending DPD request
Nov  1 17:19:17 edge charon: 09[ENC] generating INFORMATIONAL_V1 request 202552449 [ HASH N(DPD) ]
Nov  1 17:19:17 edge charon: 09[NET] sending packet: from 208.115.126.77[500] to 98.125.208.92[500] (108 bytes)
Nov  1 17:19:17 edge charon: 12[NET] received packet: from 98.125.208.92[500] to 208.115.126.77[500] (108 bytes)
Nov  1 17:19:17 edge charon: 12[ENC] parsed INFORMATIONAL_V1 request 3802977303 [ HASH N(DPD_ACK) ]
Nov  1 17:19:38 edge charon: 10[IKE] sending DPD request
Nov  1 17:19:38 edge charon: 10[ENC] generating INFORMATIONAL request 29 [ ]
Nov  1 17:19:38 edge charon: 10[NET] sending packet: from 208.115.126.77[4500] to 104.36.247.62[1025] (80 bytes)
Nov  1 17:19:38 edge charon: 13[NET] received packet: from 104.36.247.62[1025] to 208.115.126.77[4500] (80 bytes)
Nov  1 17:19:38 edge charon: 13[ENC] parsed INFORMATIONAL response 29 [ ]

cjac

I/Vpn     (  750): Switched from [Legacy VPN] to [Legacy VPN]
D/Vpn     (  750): setting state=IDLE, reason=prepare
I/Vpn     (  750): Switched from [Legacy VPN] to [Legacy VPN]
D/Vpn     (  750): setting state=IDLE, reason=prepare
D/Vpn     (  750): setting state=CONNECTING, reason=startLegacyVpn
V/LegacyVpnRunner(  750): Waiting
V/LegacyVpnRunner(  750): Executing
D/Vpn     (  750): setting state=CONNECTING, reason=execute
D/racoon  (25311): Waiting for control socket
D/racoon  (25311): Received 11 arguments

cjac

conn cjac-mobile
#     keyexchange=ikev1                                                                                                                                  
     leftcert=edge.colliertech.org-cert.der
     leftid="fqdn:edge.colliertech.org"
     left=208.115.126.77
     leftsubnet=100.65.12.0/32
     leftauth=pubkey
     rightcert=cjac-mobile.colliertech.org-cert.pem
     rightid="fqdn:cjac-mobile.colliertech.org"
     right=%any

cjac

   <b:bean
       id="casEntryPoint"
       class="org.springframework.security.cas.web.CasAuthenticationEntryPoint"
-      >
-    <b:property
-        name="loginUrl"
-        value="https://identity.linuxfoundation.org/cas/login"
+      p:loginUrl="https://identity.linuxfoundation.org/cas/login"
+      p:serviceProperties-ref="serviceProperties"
         />

cjac

   <b:bean
       id="casFilter"
       class="org.springframework.security.cas.web.CasAuthenticationFilter"
-      >
-    <b:property
-        name="authenticationManager"
-        ref="casAuthenticationManager"
+      p:authenticationManager-ref="casAuthenticationManager"
         />
-  </b:bean>

cjac

   <b:bean
       id="casAuthenticationProvider"
       class="org.springframework.security.cas.authentication.CasAuthenticationProvider"
+      p:serviceProperties-ref="serviceProperties"
+      p:key="casAuthProviderKey"
       >
     <b:property name="authenticationUserDetailsService">
-      <b:bean class="org.springframework.security.core.userdetails.UserDetailsByNameServiceWrapper">
+      <b:bean
+          class="org.springframework.security.core.userdetails.UserDetailsByNameServiceWrapper"

cjac

cjac@edge:~$ sudo arp -ni eth1
Address                  HWtype  HWaddress           Flags Mask            Iface
208.115.126.69           ether   00:c0:9f:41:ca:a0   C                     eth1
100.65.12.70             ether   fe:16:3e:3b:ba:84   C                     eth1
100.65.12.78             ether   00:16:3e:71:37:79   C                     eth1
100.65.12.30             ether   52:54:00:56:be:48   C                     eth1
100.65.12.3              ether   00:16:3e:3b:ba:84   C                     eth1
208.115.126.65           *       <from_interface>    MP                    eth1
208.115.126.66           *       <from_interface>    MP                    eth1