From owner-freebsd-current@FreeBSD.ORG Sat Sep 25 10:31:38 2004 Return-Path: Delivered-To: freebsd-current@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 9E18316A4CE for ; Sat, 25 Sep 2004 10:31:38 +0000 (GMT) Received: from mallaury.noc.nerim.net (smtp-106-saturday.noc.nerim.net [62.4.17.106]) by mx1.FreeBSD.org (Postfix) with ESMTP id 5B06243D49 for ; Sat, 25 Sep 2004 10:31:37 +0000 (GMT) (envelope-from bettan@nerim.net) Received: from danielle (linux-win.com [62.212.121.38]) by mallaury.noc.nerim.net (Postfix) with SMTP id 5B7E262DA7 for ; Sat, 25 Sep 2004 12:31:34 +0200 (CEST) Message-ID: <003601c4a2ea$d660c690$0301a8c0@danielle> From: "cell" To: Date: Sat, 25 Sep 2004 12:31:37 +0200 MIME-Version: 1.0 X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 6.00.2800.1437 X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1441 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable X-Content-Filtered-By: Mailman/MimeDel 2.1.1 Subject: ipsec and freebsd 5.3-beta X-BeenThere: freebsd-current@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Discussions about the use of FreeBSD-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 25 Sep 2004 10:31:38 -0000 hello , i tried to configure ipsec in my freebsd with racoon for a wifi = connection with a laptop on windows xp home but i have problem.I have = used this tutorial http://ezine.daemonnews.org/200401/wifi-ipsec.html = and when i run racoon with "racoon -F -v" j'ai : # racoon -F -v Foreground mode. 2004-09-25 12:19:27: INFO: main.c:172:main(): @(#)package version = freebsd-20040818a 2004-09-25 12:19:27: INFO: main.c:174:main(): @(#)internal version = 20001216 sakane@kame.net 2004-09-25 12:19:27: INFO: main.c:175:main(): @(#)This product linked = OpenSSL 0.9.7d 17 Mar 2004 (http://www.openssl.org/) 2004-09-25 12:19:27: WARNING: cftoken.l:514:yywarn(): = /usr/local/etc/racoon/racoon.conf:66: "support_mip6" it is obsoleted. = use "support_proxy". 2004-09-25 12:19:27: INFO: isakmp.c:1368:isakmp_open(): = fe80::2bd:fbff:fe03:1%tap1[500] used as isakmp port (fd=3D5) 2004-09-25 12:19:27: INFO: isakmp.c:1368:isakmp_open(): = fe80::2bd:f7ff:fe03:0%tap0[500] used as isakmp port (fd=3D6) 2004-09-25 12:19:27: INFO: isakmp.c:1368:isakmp_open(): = 62.212.121.38[500] used as isakmp port (fd=3D7) 2004-09-25 12:19:27: INFO: isakmp.c:1368:isakmp_open(): = fe80::20a:5eff:fe3e:ebf7%tun0[500] used as isakmp port (fd=3D8) 2004-09-25 12:19:27: INFO: isakmp.c:1368:isakmp_open(): fe80::1%lo0[500] = used as isakmp port (fd=3D9) 2004-09-25 12:19:27: INFO: isakmp.c:1368:isakmp_open(): ::1[500] used as = isakmp port (fd=3D10) 2004-09-25 12:19:27: INFO: isakmp.c:1368:isakmp_open(): 127.0.0.1[500] = used as isakmp port (fd=3D11) 2004-09-25 12:19:27: INFO: isakmp.c:1368:isakmp_open(): = fe80::205:5dff:fea2:98ef%vr1[500] used as isakmp port (fd=3D12) 2004-09-25 12:19:27: INFO: isakmp.c:1368:isakmp_open(): 10.0.0.1[500] = used as isakmp port (fd=3D13) 2004-09-25 12:19:27: INFO: isakmp.c:1368:isakmp_open(): = fe80::205:5dff:fe64:5a87%vr0[500] used as isakmp port (fd=3D14) 2004-09-25 12:19:27: INFO: isakmp.c:1368:isakmp_open(): 192.168.3.1[500] = used as isakmp port (fd=3D15) 2004-09-25 12:19:27: INFO: isakmp.c:1368:isakmp_open(): = 2001:7a8:3d26::1[500] used as isakmp port (fd=3D16) 2004-09-25 12:19:27: INFO: isakmp.c:1368:isakmp_open(): = fe80::20a:5eff:fe3e:ebf7%xl0[500] used as isakmp port (fd=3D17) 2004-09-25 12:19:27: INFO: isakmp.c:1368:isakmp_open(): 192.168.1.1[500] = used as isakmp port (fd=3D18) 2004-09-25 12:20:07: INFO: isakmp.c:904:isakmp_ph1begin_r(): respond new = phase 1 negotiation: 192.168.3.1[500]<=3D>192.168.3.3[500] 2004-09-25 12:20:07: INFO: isakmp.c:909:isakmp_ph1begin_r(): begin = Identity Protection mode. 2004-09-25 12:20:07: INFO: vendorid.c:128:check_vendorid(): received = Vendor ID: MS NT5 ISAKMPOAKLEY 2004-09-25 12:20:07: WARNING: ipsec_doi.c:3064:ipsecdoi_checkid1(): ID = type mismatched. 2004-09-25 12:20:07: WARNING: ipsec_doi.c:3112:ipsecdoi_checkid1(): ID = value mismatched. 2004-09-25 12:20:07: INFO: isakmp.c:2459:log_ph1established(): ISAKMP-SA = established 192.168.3.1[500]-192.168.3.3[500] = spi:0ae2df7beb89619e:2202b5a1db9ba88a 2004-09-25 12:20:07: INFO: isakmp.c:1059:isakmp_ph2begin_r(): respond = new phase 2 negotiation: 192.168.3.1[0]<=3D>192.168.3.3[0] 2004-09-25 12:20:07: ERROR: pfkey.c:1076:pk_sendupdate(): libipsec = failed send update (No buffer space available) 2004-09-25 12:20:07: ERROR: isakmp_quick.c:1615:quick_r3prep(): pfkey = update failed. 2004-09-25 12:20:07: ERROR: isakmp.c:750:quick_main(): failed to process = packet. 2004-09-25 12:20:07: ERROR: isakmp.c:541:isakmp_main(): phase2 = negotiation failed. I have put the good key in freebsd and laptop on windows xp home.I have = allowed esp in my pf.conf with pass quick log inet proto esp $ks . I don't understand why racoon says this error.