From owner-freebsd-ports-bugs@freebsd.org Thu Aug 17 20:21:41 2017 Return-Path: Delivered-To: freebsd-ports-bugs@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 1A7D8DD4832 for ; Thu, 17 Aug 2017 20:21:41 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from kenobi.freebsd.org (kenobi.freebsd.org [IPv6:2001:1900:2254:206a::16:76]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 072DE3C39 for ; Thu, 17 Aug 2017 20:21:41 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from bugs.freebsd.org ([127.0.1.118]) by kenobi.freebsd.org (8.15.2/8.15.2) with ESMTP id v7HKLe6h055456 for ; Thu, 17 Aug 2017 20:21:40 GMT (envelope-from bugzilla-noreply@freebsd.org) From: bugzilla-noreply@freebsd.org To: freebsd-ports-bugs@FreeBSD.org Subject: [Bug 221091] security/ike: iked fails to run after FreeBSD 11.1 upgrade (socket set udp-encap non-ike option failed) Date: Thu, 17 Aug 2017 20:21:40 +0000 X-Bugzilla-Reason: AssignedTo X-Bugzilla-Type: changed X-Bugzilla-Watch-Reason: None X-Bugzilla-Product: Ports & Packages X-Bugzilla-Component: Individual Port(s) X-Bugzilla-Version: Latest X-Bugzilla-Keywords: needs-qa X-Bugzilla-Severity: Affects Only Me X-Bugzilla-Who: geezabiscuit2@hotmail.com X-Bugzilla-Status: Open X-Bugzilla-Resolution: X-Bugzilla-Priority: --- X-Bugzilla-Assigned-To: freebsd-ports-bugs@FreeBSD.org X-Bugzilla-Flags: maintainer-feedback? merge-quarterly? X-Bugzilla-Changed-Fields: Message-ID: In-Reply-To: References: Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Bugzilla-URL: https://bugs.freebsd.org/bugzilla/ Auto-Submitted: auto-generated MIME-Version: 1.0 X-BeenThere: freebsd-ports-bugs@freebsd.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: Ports bug reports List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 17 Aug 2017 20:21:41 -0000 https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D221091 --- Comment #5 from Darryn Nicol --- (In reply to Andrey V. Elsukov from comment #4) if_enc doesn't appear to ever be configured. When connected to the VPN and trying tcpdump -i enc0 I get the following error: tcpdump: enc0: No such device exists (BIOCSETIF failed: Device not configured) The only interface that seems to be related to the VPN is tap0, which is the interface that gets an IP on the remote network. I assume it is iked or qik= ea that is handling this as it isn't something I've set up manually. (I've replaced the true IPs below with generic ones. 192.168.0.x represents= my local LAN. 10.0.0.x represents the remote network I'm connecting to. x.x.x.= x is the external IP of the network I'm connecting to. I'm on a laptop and wlan0= is the only interface connected to my LAN.) % netstat -rn Routing tables Internet: Destination Gateway Flags Netif Expire default 10.0.0.28 UGS tap0 10.0.0.0/24 link#4 U tap0 10.0.0.28 link#4 UHS lo0 x.x.x.x/32 192.168.0.254 UGS wlan0 127.0.0.1 link#2 UH lo0 192.168.0.0/24 link#3 U wlan0 192.168.0.162 link#3 UHS lo0 % setkey -D x.x.x.x[4500] 192.168.0.162[4500] esp-udp mode=3Dtunnel spi=3D224509524(0x0d61be54) reqid=3D5(0x00000= 005) E: rijndael-cbc fff59406 69560088 a683d1d4 9612386a 7c4c6b1c 7bda9= 658 6d18f009 f451c586 A: hmac-sha1 5ad72b10 e5e2b0d6 9d80b90a cf49022b 38e432fd seq=3D0x00000000 replay=3D4 flags=3D0x00000000 state=3Dmature=20 created: Aug 17 20:46:27 2017 current: Aug 17 21:12:13 2017 diff: 1546(s) hard: 28800(s) soft: 23040(s) last: hard: 0(s) soft: 0(s) current: 0(bytes) hard: 131072000(bytes) soft: 104857600(byt= es) allocated: 0 hard: 0 soft: 0 sadb_seq=3D4 pid=3D1727 refcnt=3D1 x.x.x.x[4500] 192.168.0.162[4500] esp-udp mode=3Dtunnel spi=3D244631220(0x0e94c6b4) reqid=3D3(0x00000= 003) E: rijndael-cbc 0e89c15a 6a7fc7aa d2e22e9a 64c021df d41c93a4 220d1= d70 f9016cbf 627aca7c A: hmac-sha1 7e102220 f6254dd4 650c5633 8843a782 a0cb421d seq=3D0x00000000 replay=3D4 flags=3D0x00000000 state=3Dmature=20 created: Aug 17 20:42:54 2017 current: Aug 17 21:12:13 2017 diff: 1759(s) hard: 28800(s) soft: 23040(s) last: hard: 0(s) soft: 0(s) current: 0(bytes) hard: 131072000(bytes) soft: 104857600(byt= es) allocated: 0 hard: 0 soft: 0 sadb_seq=3D3 pid=3D1727 refcnt=3D1 x.x.x.x[4500] 192.168.0.162[4500] esp-udp mode=3Dtunnel spi=3D118747594(0x0713f1ca) reqid=3D3(0x00000= 003) E: rijndael-cbc 7d2949ed 6cb9afdb 0c3c493d 41850191 aa117782 eacf2= be9 28877d34 1d8c7b4b A: hmac-sha1 fc0ac30b fbd59aa0 a40da09e c9af2252 41f90467 seq=3D0x00000000 replay=3D4 flags=3D0x00000000 state=3Dmature=20 created: Aug 17 20:41:59 2017 current: Aug 17 21:12:13 2017 diff: 1814(s) hard: 28800(s) soft: 23040(s) last: hard: 0(s) soft: 0(s) current: 0(bytes) hard: 131072000(bytes) soft: 104857600(byt= es) allocated: 0 hard: 0 soft: 0 sadb_seq=3D2 pid=3D1727 refcnt=3D1 x.x.x.x[4500] 192.168.0.162[4500] esp-udp mode=3Dtunnel spi=3D16425421(0x00faa1cd) reqid=3D3(0x000000= 03) E: rijndael-cbc 66243414 6e559e44 a6545e2f 303e2bd4 74dc67f8 f40f9= f97 6346493e b986d50a A: hmac-sha1 6ee0d23f 8a1f7aae 33254fdb ee74a1b9 1c929dbd seq=3D0x00000000 replay=3D4 flags=3D0x00000000 state=3Dmature=20 created: Aug 17 20:39:44 2017 current: Aug 17 21:12:13 2017 diff: 1949(s) hard: 28800(s) soft: 23040(s) last: hard: 0(s) soft: 0(s) current: 0(bytes) hard: 131072000(bytes) soft: 104857600(byt= es) allocated: 0 hard: 0 soft: 0 sadb_seq=3D1 pid=3D1727 refcnt=3D1 x.x.x.x[4500] 192.168.0.162[4500] esp-udp mode=3Dtunnel spi=3D187208468(0x0b289314) reqid=3D1(0x00000= 001) E: rijndael-cbc b083703e 29f137c1 0b4163f2 88e12d15 9a1f6412 11022= d61 b2894d21 884509a2 A: hmac-sha1 bfb27e00 ce35a45b fb5fce7c 84999447 7ec168a0 seq=3D0x00000000 replay=3D4 flags=3D0x00000000 state=3Dmature=20 created: Aug 17 20:38:46 2017 current: Aug 17 21:12:13 2017 diff: 2007(s) hard: 28800(s) soft: 23040(s) last: hard: 0(s) soft: 0(s) current: 0(bytes) hard: 131072000(bytes) soft: 104857600(byt= es) allocated: 0 hard: 0 soft: 0 sadb_seq=3D0 pid=3D1727 refcnt=3D1 % setkey -DP x.x.x.x[any] 192.168.0.162[any] any in none spid=3D25 seq=3D3 pid=3D1734 scope=3Dglobal=20 refcnt=3D1 0.0.0.0/0[any] 10.0.0.28[any] any in ipsec esp/tunnel/x.x.x.x-192.168.0.162/unique:3 spid=3D27 seq=3D2 pid=3D1734 scope=3Dglobal=20 refcnt=3D1 192.168.0.162[any] x.x.x.x[any] any out none spid=3D26 seq=3D1 pid=3D1734 scope=3Dglobal=20 refcnt=3D1 10.0.0.28[any] 0.0.0.0/0[any] any out ipsec esp/tunnel/192.168.0.162-x.x.x.x/unique:4 spid=3D28 seq=3D0 pid=3D1734 scope=3Dglobal=20 refcnt=3D1 --=20 You are receiving this mail because: You are the assignee for the bug.=