[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

(racoon 66) Re: Phase 1 problem

To: mithomp4@vt.edu
Subject: (racoon 66) Re: Phase 1 problem
From: Shoichi Sakane <sakane@tanu.org>
Date: Fri, 28 Mar 2003 15:13:52 +0900
Cc: racoon@kame.net
Delivered-to: racoon-archive@kame.net
Delivered-to: racoon-outgoing@kame.net
Delivered-to: racoon@orange.kame.net
Delivered-to: racoon@kame.net
In-reply-to: Your message of "Mon, 24 Mar 2003 12:16:51 -0500" <3E89FE96@zathras>
References: <3E89FE96@zathras>
Reply-to: racoon@kame.net
Sender: owner-racoon@kame.net

> I have 2 FreeBSD 4.7 hosts running ipv6 and ipsec with racoon version 
> 20001216. 
> When host 1 tries to start the ipsec-sa, racoon says:
> 
> 2003-03-24 11:44:07: INFO: isakmp.c:1681:isakmp_post_acquire(): IPsec-SA 
> request for fec0:2222::1 queued due to no phase1 found.
> 2003-03-24 11:44:07: INFO: isakmp.c:795:isakmp_ph1begin_i(): initiate new 
> phase 1 negotiation: fec0:1111::2[500]<=>fec0:2222::1[500]
> 2003-03-24 11:44:07: INFO: isakmp.c:800:isakmp_ph1begin_i(): begin Aggressive 
> mode.
> 
> During that time, a packet is sent to host 2
> Host 2 says:
> 
> 2003-03-24 11:43:12: DEBUG: pfkey.c:192:pfkey_handler(): get pfkey ACQUIRE 
> message

I don't think that racoon on the host 2 received any IKE packet
from the host 1.  if racoon received a packet, the log must have said
like "nnn bytes message received from x::x".

try tcpdump on your network.

References:
- (racoon 64) Phase 1 problem
  - From: Michael Thompson <mithomp4@vt.edu>

Prev by Date: (racoon 65) Re: racoon + setkey for Linux -- cvs access / forking?
Next by Date: (racoon 67) Re: How trust a certification authotiry
Previous by thread: (racoon 64) Phase 1 problem
Next by thread: (racoon 65) Re: racoon + setkey for Linux -- cvs access / forking?
Index(es):
- Date
- Thread