[Bug 203308] wildcard patch in ipsec-tools breaks aggressive tunnels
bugzilla-noreply at freebsd.org
bugzilla-noreply at freebsd.org
Thu Sep 24 23:48:30 UTC 2015
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=203308
--- Comment #2 from andywhite at gmail.com ---
log now looks like this with a wildcard entry.
Note that "NOTIFY: couldn't find the proper pskey, try to get one by the peer's
address." entry is not displayed anymore in the log, as was previously.
racoon: INFO: IPsec-SA established: ESP/Tunnel
X.X.255.166[500]->X.X.255.164[500] spi=222490682(0xd42f03a)
racoon: INFO: IPsec-SA established: ESP/Tunnel
X.X.255.166[500]->X.X.255.164[500] spi=114112937(0x6cd39a9)
racoon: INFO: initiate new phase 2 negotiation:
X.X.255.166[500]<=>X.X.255.164[500]
racoon: INFO: ISAKMP-SA established X.X.255.166[500]-X.X.255.164[500]
spi:e44202367c108922:e6b336ca8ab4a244
racoon: [X.X.255.166] INFO: Hashing X.X.255.166[500] with algo #2
racoon: [X.X.255.164] INFO: Hashing X.X.255.164[500] with algo #2
racoon: INFO: Adding remote and local NAT-D payloads.
racoon: INFO: NAT not detected
racoon: INFO: NAT-D payload #0 verified
racoon: [X.X.255.164] INFO: Hashing X.X.255.164[500] with algo #2
racoon: INFO: NAT-D payload #-1 verified
racoon: [X.X.255.166] INFO: Hashing X.X.255.166[500] with algo #2
racoon: [X.X.255.164] INFO: Selected NAT-T version: RFC 3947
racoon: INFO: received Vendor ID: DPD
racoon: INFO: received Vendor ID: RFC 3947
racoon: INFO: begin Aggressive mode.
racoon: INFO: initiate new phase 1 negotiation:
X.X.255.166[500]<=>X.X.255.164[500]
racoon: INFO: IPsec-SA request for X.X.255.164 queued due to no phase1 found.
--
You are receiving this mail because:
You are the assignee for the bug.
More information about the freebsd-ports-bugs
mailing list