From owner-freebsd-questions Wed Jan 29 20:17: 0 2003 Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 060EE37B401 for ; Wed, 29 Jan 2003 20:16:59 -0800 (PST) Received: from mercury.gennex.com.au (CPE-144-132-31-160.vic.bigpond.net.au [144.132.31.160]) by mx1.FreeBSD.org (Postfix) with ESMTP id 3E5C743F75 for ; Wed, 29 Jan 2003 20:16:52 -0800 (PST) (envelope-from scott.penno@gennex.com.au) Received: from jupiter (jupiter.gennex.com.au [210.49.162.36]) by mercury.gennex.com.au (8.12.3/8.12.3) with SMTP id h0U4G4Ih004231; Thu, 30 Jan 2003 15:16:25 +1100 (EST) (envelope-from scott.penno@gennex.com.au) Message-ID: <012501c2c816$56ec7d10$24a231d2@jupiter> From: "Scott Penno" To: Cc: "Ben" References: <20030129222542.GA412@wake.poo.pants> Subject: Re: Problems with IPSec Date: Thu, 30 Jan 2003 15:15:53 +1100 MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 6.00.2800.1106 X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1106 Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG Thanks for the information Ben. I have upgraded racoon and everything is working fine. Regards, Scott. ----- Original Message ----- From: "Ben" To: "Scott Penno" Cc: Sent: Thursday, January 30, 2003 9:25 AM Subject: Re: Problems with IPSec On Tue, Oct 01, 2002 at 02:41:24PM +0000, Scott Penno wrote: > I have a FreeBSD box running -STABLE which has had IPSec working with other > hosts for quite some time without a problem. I've just setup another > FreeBSD box running 5.0-RC1 and am trying to establish a VPN tunnel but am > not getting too far. I'm using racoon and when attempting the negotiation > with debugging enabled, the following message appears: > 2003-01-20 12:00:23: ERROR: pfkey.c:207:pfkey_handler(): pfkey ADD failed: > Invalid argument > and the following message is logged via syslog: > Jan 20 12:00:23 atlas kernel: key_mature: invalid AH key length 160 (128-128 > allowed) Tried rebuilding racoon? i had just upgraded a machine that was following -STABLE and blowfish suddenly wasn't supported, and if i used aes or 3des it complained like you've got. I did a "portupgrade -f racoon" suddenly all worked fine again.. YMMV (: [not subscribed to -questions either] -- Ben. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message