From: swun2010 on 5 Sep 2007 19:37 Hi, I am not sure what s wrong with my racoon ipsec setup, I can't get the ipsec SA entries populate properly at my home router. The problem is at my home router (named bemore 12x.xx.xx.xx) has only one SAD entry, while the remote VPN router has both SAD entries. I have setup the manual keys at both end before, and it works great. After changed to racoon with pre-shared key, the home end router has only one SA entry. Here is the error msg in the racoon log at Belmore router: 2007-09-02 09:51:02: ERROR: pfkey UPDATE failed: No such file or directory 2007-09-02 09:51:02: INFO: IPsec-SA established: ESP 12x.xx.xx.xx[0]->19x.xx.xx.xx[0] spi=188927177(0xb42ccc9) 2007-09-02 09:51:17: ERROR: 19x.xx.xx.xx give up to get IPsec-SA due to time up to wait. belmore# setkey -D 12x.xx.xx.xx 19x.xx.xx.xx esp mode=any spi=188927177(0x0b42ccc9) reqid=0(0x00000000) E: 3des-cbc 5780cb44 4a0db68e dd5a1693 6ab11209 73232f41 51309540 A: hmac-md5 c0c79a4a 70846358 67849856 717fa620 seq=0x00000000 replay=4 flags=0x00000000 state=mature created: Sep 2 09:51:02 2007 current: Sep 2 09:51:42 2007 diff: 40(s) hard: 28800(s) soft: 23040(s) last: hard: 0(s) soft: 0(s) current: 0(bytes) hard: 0(bytes) soft: 0(bytes) allocated: 0 hard: 0 soft: 0 sadb_seq=0 pid=1571 refcnt=1 core:~ # setkey -D 19x.xx.xx.xx 12x.xx.xx.xx esp mode=tunnel spi=195433077(0x0ba61275) reqid=0(0x00000000) E: 3des-cbc 3c761adc 83d4a518 e74702d6 b325830b ec5ce317 c7fd2367 A: hmac-md5 a07d8b9b 134b73d6 d95b79c2 8b587bd1 seq=0x00000000 replay=4 flags=0x00000000 state=mature created: Sep 2 09:51:00 2007 current: Sep 2 09:51:52 2007 diff: 52(s) hard: 28800(s) soft: 23040(s) last: hard: 0(s) soft: 0(s) current: 0(bytes) hard: 0(bytes) soft: 0(bytes) allocated: 0 hard: 0 soft: 0 sadb_seq=1 pid=12300 refcnt=1 12x.xx.xx.xx 19x.xx.xx.xx esp mode=tunnel spi=188927177(0x0b42ccc9) reqid=0(0x00000000) E: 3des-cbc 5780cb44 4a0db68e dd5a1693 6ab11209 73232f41 51309540 A: hmac-md5 c0c79a4a 70846358 67849856 717fa620 seq=0x00000000 replay=4 flags=0x00000000 state=mature created: Sep 2 09:51:00 2007 current: Sep 2 09:51:52 2007 diff: 52(s) hard: 28800(s) soft: 23040(s) last: hard: 0(s) soft: 0(s) current: 0(bytes) hard: 0(bytes) soft: 0(bytes) allocated: 0 hard: 0 soft: 0 sadb_seq=0 pid=12300 refcnt=1 Where in my configuration files could be wrong? Thanks P
|
Pages: 1 Prev: Can an SGI IRIS compiled program run on free BSD ? Next: acd0: TIMEOUT |