Date: Mon, 13 Jan 2003 12:11:17 +0000 From: Bob Bishop <rb@gid.co.uk> To: current@freebsd.org Subject: FAST_IPSEC/racoon vs CISCO PIX anyone? Message-ID: <4.3.2.7.2.20030113120239.03397190@gid.co.uk>
next in thread | raw e-mail | index | archive | help
Hi, Problems interworking this combination, with ESP tunnel. SA gets negotiated OK, but ESP packets get rejected by the PIX: it says "host not found a.b.c.d" where a.b.c.d is its own endpoint address, and sends "invalid SPI" back to our end, even thought the SPI on the rejected ESP packet is the one just negitiated. This is RC2, racoon-20021120a. FWIW the same problem occurs on 4.7 with 'ordinary' IPSEC too. Any suggestions? TIA -- Bob Bishop +44 (0)118 977 4017 rb@gid.co.uk fax +44 (0)118 989 4254 To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-current" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?4.3.2.7.2.20030113120239.03397190>