From owner-freebsd-stable  Fri May  3 13:13:12 2002
Delivered-To: freebsd-stable@freebsd.org
Received: from leviathan.inethouston.net (leviathan.inethouston.net [66.64.12.249])
	by hub.freebsd.org (Postfix) with ESMTP
	id 6971B37B419; Fri,  3 May 2002 13:13:08 -0700 (PDT)
Received: by leviathan.inethouston.net (Postfix, from userid 1001)
	id B35CE319931; Fri,  3 May 2002 15:13:11 -0500 (CDT)
Date: Fri, 3 May 2002 15:13:11 -0500
From: "David W. Chapman Jr." <dwcjr@inethouston.net>
To: David Kelly <dkelly@hiwaay.net>
Cc: Birk <ari@snafu.de>,
	"'freebsd-stable@freebsd.org'" <freebsd-stable@FreeBSD.ORG>,
	sumikawa@FreeBSD.org
Subject: Re: port/racoon broken
Message-ID: <20020503201311.GB33112@leviathan.inethouston.net>
Reply-To: "David W. Chapman Jr." <dwcjr@inethouston.net>
Mail-Followup-To: David Kelly <dkelly@hiwaay.net>,
	Birk <ari@snafu.de>,
	"'freebsd-stable@freebsd.org'" <freebsd-stable@FreeBSD.ORG>,
	sumikawa@FreeBSD.org
References: <20020503122630.E65394@grumpy.dyndns.org>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <20020503122630.E65394@grumpy.dyndns.org>
User-Agent: Mutt/1.3.28i
X-Operating-System: FreeBSD 4.5-STABLE i386
Sender: owner-freebsd-stable@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-stable.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-stable>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-stable>
X-Loop: FreeBSD.ORG

On Fri, May 03, 2002 at 12:26:30PM -0500, David Kelly wrote:
> On Fri, May 03, 2002 at 01:08:05PM +0200, Birk wrote:
> > Hi,
> > 
> > The latest racoon (20020426a) seems to be broken.
> > >From the log:
> > 
> > | isakmp_quick.c:2028:get_proposal_r():
> > |	no policy found: ??	^H4???<????u^E^H4???^V
> > | pfkey.c:738:pfkey_timeover():
> > |	M-^@?	^H`M-^S ^H give up to get IPsec-SA due to time up to wait.
> 
> Where is this log? I can't find it. Then again may not have it enabled.
> 
> On the other hand the above version of racoon is talking to another of
> the same for me. Or at least I think so.
> 
> I get some of these now and then in /var/log/messages which I'd
> appreciate somebody explaining. Have "log debug2;" in racoon.conf on one
> end but not the other, both get this message but not in sync:
> 
> May  3 03:09:44 Frisket /kernel: IPv4 ESP input: no key association found for spi 37447490

I'm having the same problem, I tried to get two sites with ipsec and 
racoon to talk and they just wouldn't.  My screen showed the same 
thing

FYI, if you want output you can run racoon -F

I must warn you though, racoon -dF seems to core dump sometimes

-- 
David W. Chapman Jr.
dwcjr@inethouston.net	Raintree Network Services, Inc. <www.inethouston.net>
dwcjr@freebsd.org	FreeBSD Committer <www.FreeBSD.org>

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-stable" in the body of the message