On Sun, Feb 15, 2004 at 01:37:00AM +0000, Bruce M Simpson wrote: > On Sun, Feb 15, 2004 at 12:54:26AM +0100, Tobias Roth wrote: > > yes, setkey -D never outputs anything, no SAs get created at all. > > This would tend to suggest either IPSEC support is missing from the kernel, > or there has been a problem when racoon is issuing PF_KEY socket writes. > > Can you recompile with IPSEC_DEBUG enabled and try to replicate the problem? IIRC IPSEC currentky has the porblem that if you happen to use require in your policies, even the ISAKMP packets do not gte out. I switched to FAST_IPSEC, which doesnt have this problem. You can of course also use "use" in stead of "require". -GuidoReceived on Mon Feb 16 2004 - 03:52:33 UTC
This archive was generated by hypermail 2.4.0 : Wed May 19 2021 - 11:37:43 UTC