[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

(racoon 941) Re: Repeated error message on VPN server's log

To: racoon@kame.net
Subject: (racoon 941) Re: Repeated error message on VPN server's log
From: VANHULLEBUS Yvan <vanhu@free.fr>
Date: Mon, 9 May 2005 09:32:45 +0200
Delivered-to: racoon-archive@kame.net
Delivered-to: racoon-outgo@kame.net
Delivered-to: racoon@kame.net
In-reply-to: <427AEFDE.30607@xsb.com>
References: <427AEFDE.30607@xsb.com>
Reply-to: racoon@kame.net
Sender: owner-racoon@kame.net
User-agent: Mutt/1.3.28i

On Fri, May 06, 2005 at 12:17:34AM -0400, Christopher Rued wrote:
> Hi all,
> 
> I'm using FreeBSD 4.11 with the latest racoon port (racoon-20040818a_1) 
> and the VPN device
> I connect to (a NetScreen firewall/VPN) sends a bunch of error messages 
> to my sys admin that look
> like this:
> 
> [00001] 2005-04-15 13:47:09 [Root]system-alert-00026: IPSec tunnel on int
> ethernet3 with tunnel ID 0x80aa received a packet with a bad SPI.
> xxx.xxx.xxx.xxx->xxx.xxx.xxx.xxx/120, ESP, SPI 0xc752f16d, SEQ 0xc
> 
> Any idea what might be causing these messages?

Looks like your FreeBSD device uses an SA with a SPI which is not
known by your netscreen.


Now, the new question is "how can this happen", and we can't answer
that question without more informations on your configuration.


Yvan.

References:
- (racoon 940) Repeated error message on VPN server's log
  - From: Christopher Rued <c.rued@xsb.com>

Prev by Date: (racoon 940) Repeated error message on VPN server's log
Next by Date: (racoon 942) Re: interoperability
Previous by thread: (racoon 940) Repeated error message on VPN server's log
Next by thread: (racoon 945) racoon + Cisco VPN Client
Index(es):
- Date
- Thread