From owner-freebsd-security  Fri Jan 17  8:52:59 2003
Delivered-To: freebsd-security@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP
	id 7078A37B401; Fri, 17 Jan 2003 08:52:54 -0800 (PST)
Received: from mail.online.ie (mail.online.ie [213.159.130.68])
	by mx1.FreeBSD.org (Postfix) with ESMTP
	id 2DE8843EB2; Fri, 17 Jan 2003 08:52:53 -0800 (PST)
	(envelope-from relyod@cooperationireland.org)
Received: from cooperationireland.org (unknown [217.67.143.158])
	by mail.online.ie (Postfix) with ESMTP
	id 00F887046; Fri, 17 Jan 2003 16:52:46 +0000 (GMT)
Received: from IT3 (it3 [199.107.2.144])
	by cooperationireland.org (8.11.1/8.11.1) with SMTP id h0HGqhX03948;
	Fri, 17 Jan 2003 16:52:44 GMT
	(envelope-from relyod@cooperationireland.org)
Message-Id: <3.0.5.32.20030117165243.00ba6ca0@199.107.2.1>
X-Sender: relyod@199.107.2.1
X-Mailer: QUALCOMM Windows Eudora Light Version 3.0.5 (32)
Date: Fri, 17 Jan 2003 16:52:43 +0000
To: questions@freebsd.org, security@freebsd.org
From: Mike Doyle <relyod@cooperationireland.org>
Subject: Help needed configuring racoon
Mime-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-security.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-security>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-security>
X-Loop: FreeBSD.org

Hi,

I think I need a little help configuring a VPN using FreeBSD and
racoon. At the moment I have got as far as compiling an IPSec
enabled kernel, and running racoon. When I try to ping a
machine on the other end of the tunnel, racoon fails to negotiate
key exchange. On debug level 1, the message in the log file is:

> ERROR: pfkey.c:1604:pk_recvacquire(): failed to get sainfo.

For any experts out there, I would be happy to send copies of any
relevant log files and/or config files. However, given that these are
the two firewalls protecting my LANs, I don't want to post configuration
info to a public forum.

PS: I'm not subscribed to questions, but I do check the web-archives
so please email me directly if you're prepared to help.

<>< ============================================================= ><>
Michael Doyle                    email: relyod@cooperationireland.org
Network Administrator            personal email:     relyod@indigo.ie
Co-operation Ireland	           http://www.cooperationireland.org/
Phone: +353-1-661 0588                           Fax: +353-1-661 8456

*********************************************************************

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message