[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
(racoon 782) WARNING: CR received, ignore it. It should be in other exchange.
- To: firstname.lastname@example.org
- Subject: (racoon 782) WARNING: CR received, ignore it. It should be in other exchange.
- From: Hans Fugal <email@example.com>
- Date: Thu, 30 Sep 2004 13:18:30 -0600
- Delivered-to: firstname.lastname@example.org
- Delivered-to: email@example.com
- Delivered-to: firstname.lastname@example.org
- Reply-to: Hans Fugal <email@example.com>
- Sender: firstname.lastname@example.org
I have set up racoon to racoon with certificates and it works well.
Now I'm trying to connect to the Netscreen (NS25) at work, and I get
this from racoon:
2004-09-30 13:10:36: INFO: respond new phase 1 negotiation:
2004-09-30 13:10:36: INFO: begin Identity Protection mode.
2004-09-30 13:10:36: WARNING: CR received, ignore it. It should be in
2004-09-30 13:10:37: INFO: ISAKMP-SA established
And then nothing. The netscreen's logs are less verbose, but there is this:
Rejected an IKE packet on ethernet3 from 184.108.40.206:500 to
220.127.116.11:500 with cookies f454d055c4b3642d and b9b0a3f4ccc81cd9
because received a packet with a message ID before Phase 1
authentication was done.
And a little later, this:
PKI: No response for status inquiry for cert with subject name
Emailemail@example.com,CN=Hans Fugal,OU=IT,O=Wencor West,
I tried peers_certfile with no luck.
Am I stuck with psk to the netscreen? (Yes, psk works fine)
De gustibus non disputandum est.