IPSEC with racoon on FreeBSD 5.2-CURRENT

From: Sessler, Enrico <Enrico.Sessler_at_sca.com>
Date: Wed, 14 Jan 2004 16:59:36 +0100
Hello,

have set up IPSEC VPN tunnels between FreeBSD 5.1-RELEASE boxes
using racoon - no problem.

A few days ago I installed 2 new servers with FreeBSD 5.2-CURRENT
(compiled with IPSEC and IPFW options) and racoon with the same
configuration. Now racoon stop after phase1. Below what it tells
me in verbose mode (ip addresses forged).

Any idea what can be the problem?
Did anybody get IPSEC with racoon running on FreeBSD 5.2-CURRENT?


###############################################################
Foreground mode.
2004-01-12 16:12:10: INFO: main.c:172:main(): _at_(#)package version
freebsd-20030826a
2004-01-12 16:12:10: INFO: main.c:174:main(): _at_(#)internal version 20001216
sakane_at_kame.net
2004-01-12 16:12:10: INFO: main.c:175:main(): _at_(#)This product linked
OpenSSL 0.9.7c 30 Sep 2003 (http://www.openssl.org/)
2004-01-12 16:12:10: WARNING: cftoken.l:514:yywarn():
/usr/local/etc/racoon/racoon.conf:54: "support_mip6" it is obsoleted.  use
"support_proxy".
2004-01-12 16:12:10: INFO: isakmp.c:1358:isakmp_open(): fe80::1%lo0[500]
used as isakmp port (fd=5)
2004-01-12 16:12:10: INFO: isakmp.c:1358:isakmp_open(): ::1[500] used as
isakmp port (fd=6)
2004-01-12 16:12:10: INFO: isakmp.c:1358:isakmp_open(): 127.0.0.1[500] used
as isakmp port (fd=7)
2004-01-12 16:12:10: INFO: isakmp.c:1358:isakmp_open():
fe80::202:b3ff:fed9:b8fa%fxp0[500] used as isakmp port (fd=8)
2004-01-12 16:12:10: INFO: isakmp.c:1358:isakmp_open(): 11.11.11.11[500]
used as isakmp port (fd=9)
2004-01-12 16:12:10: INFO: isakmp.c:1358:isakmp_open():
fe80::20b:cdff:fe6d:2ae1%bge0[500] used as isakmp port (fd=10)
2004-01-12 16:12:10: INFO: isakmp.c:1358:isakmp_open(): 10.113.2.2[500] used
as isakmp port (fd=11)


2004-01-12 16:12:14: INFO: isakmp.c:894:isakmp_ph1begin_r(): respond new
phase 1 negotiation: 11.11.11.11[500]<=>22.22.22.22[500]
2004-01-12 16:12:14: INFO: isakmp.c:899:isakmp_ph1begin_r(): begin
Aggressive mode.
2004-01-12 16:12:14: NOTIFY: oakley.c:2040:oakley_skeyid(): couldn't find
the proper pskey, try to get one by the peer's address.
2004-01-12 16:12:14: INFO: isakmp.c:1703:isakmp_post_acquire(): request for
establishing IPsec-SA was queued due to no phase1 found.
#################################################################

Mit freundlichen Grüssen / Best regards

 Enrico Sessler 

 SGN - SCA Global Network

 Tel.:   +49 (0) 8035 80-611
 Mobile: +49 (0) 172 86 59 723
 Fax:    +49 (0) 8035 80-610
 mailto:Enrico.Sessler_at_sca.com
Received on Wed Jan 14 2004 - 07:00:30 UTC

This archive was generated by hypermail 2.4.0 : Wed May 19 2021 - 11:37:38 UTC