[5.3-BETA3] no IPSEC connection to 5.2.1 box

Simon L. Nielsen simon at FreeBSD.org
Sat Sep 11 16:43:32 PDT 2004

On 2004.09.12 01:35:09 +0200, Georg-W. Koltermann wrote:

> I don't get my IPSEC connection to run. This system is 5.3-BETA3, the
> other system is 5.2.1.  Both use FAST_IPSEC.  Keys are negotiated by
> racoon.
> This system logs:
>         Sep 12 01:30:29 hunter racoon: INFO: isakmp.c:952:isakmp_ph2begin_i(): initiate new phase 2 negotiation:[0]<=>[0]
>         Sep 12 01:30:29 hunter racoon: ERROR: pfkey.c:1076:pk_sendupdate(): libipsec failed send update (No buffer space available)

This is a known problem.  A workaround is to set
options MSIZE=512
in your kernel configuration file.

Simon L. Nielsen
FreeBSD Documentation Team
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 187 bytes
Desc: not available
Url : http://lists.freebsd.org/pipermail/freebsd-current/attachments/20040912/136d8895/attachment.bin

More information about the freebsd-current mailing list