From owner-freebsd-security Mon Dec 17 9:10:22 2001 Delivered-To: freebsd-security@freebsd.org Received: from enigma.whacky.net (enigma.whacky.net [194.109.204.120]) by hub.freebsd.org (Postfix) with ESMTP id 48C5F37B41A for ; Mon, 17 Dec 2001 09:10:15 -0800 (PST) Received: from localhost (localhost [127.0.0.1]) by enigma.whacky.net (Postfix) with ESMTP id 3B6BB210F0 for ; Mon, 17 Dec 2001 18:10:12 +0100 (CET) Received: by enigma.whacky.net (Postfix, from userid 1009) id D24F72153F; Mon, 17 Dec 2001 18:10:09 +0100 (CET) Date: Mon, 17 Dec 2001 18:10:09 +0100 From: Marco Walraven To: freebsd-security@freebsd.org Subject: isakmpd & ssh sentinel Message-ID: <20011217181009.A62958@enigma.whacky.net> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5i Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org Hi, I'm trying to setup a VPN connection between isakmpd and a few road warriors who run ssh sentinel. I installed isamkpd and tried some of the configuration files. Everytime I start isakmpd with 'isakmpd -d -DA=99' i get these messages(see below). It also chokes up the CPU. Furthermore, if I try to connect from a ssh sentinel client, it does not accept a connection which should be normal if this was indeed an error (which I think it is). The kernel I use has, IPSEC compiled in it and the system also forwards packets, which are needed to run isakmpd. However, does anyone recognize these problems or know how to fix ehm and has anyone successfully established a VPN(with pre shared keys) between isakmpd and ssh sentinel ? I know there are some issues between the two, but is it possible in the first place, or should someone try racoon instead ?. Regards, Marco Walraven isakmpd -d -DA=99 175249.982251 Misc 60 conf_get_str: [General]:Listen-on->192.168.2.1 175249.982395 Misc 60 conf_get_str: [General]:Listen-on->192.168.2.1 175249.982483 Misc 60 conf_get_str: [General]:Listen-on->192.168.2.1 175249.982570 Trpt 70 transport_add: adding 0x8076080 175249.988149 Trpt 90 transport_reference: transport 0x8076080 now has 1 references 175249.988206 Misc 60 conf_get_str: [General]:Listen-on->192.168.2.1 175250.015566 Trpt 90 transport_reference: transport 0x8076080 now has 2 references 175250.016079 Trpt 90 transport_release: transport 0x8076080 had 2 references 175250.016420 Trpt 90 transport_reference: transport 0x8076080 now has 2 referen ces Which keeps on going. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message