Re: 5.2 IPSec problems & crash

From: Bjoern A. Zeeb <bzeeb-lists_at_lists.zabbadoz.net>
Date: Sun, 18 Jan 2004 21:30:23 +0000 (UTC)
On Sun, 18 Jan 2004, Branko F. [iso-8859-2] Gra?nar wrote:

> I'm having big troubles with IPSec after upgrading from 5.1 to 5.2.
> IPSec tunnels stoped working after upgrade of the base system (i didn't
> change racoon or setkey configuration) I'm using the latest racoon.
>
> # pkg_info | grep racoon
> racoon-20040114a    KAME racoon IKE daemon

I think this racoon is known to have endian bugs and won't work as
expected on i386.

You should add this patch:
http://www.kame.net/dev/cvsweb2.cgi/kame/kame/kame/racoon/isakmp_inf.c.diff?r1=1.83&r2=1.84

or upgrade port to use this:
ftp://ftp.kame.net/pub/kame/misc/racoon-20040116a.tar.gz


apart from that IPSEC is known to be buggy in 5.2R. do not flush your
spd ... search thread 'IPSec fixes' on this mailing list for more
information.

-- 
Greetings

Bjoern A. Zeeb				bzeeb at Zabbadoz dot NeT
56 69 73 69 74				http://www.zabbadoz.net/
Received on Sun Jan 18 2004 - 12:31:05 UTC

This archive was generated by hypermail 2.4.0 : Wed May 19 2021 - 11:37:38 UTC