From owner-freebsd-security@FreeBSD.ORG Thu Nov 22 15:08:35 2007 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 3354516A475 for ; Thu, 22 Nov 2007 15:08:35 +0000 (UTC) (envelope-from johndecot@yahoo.com) Received: from web55408.mail.re4.yahoo.com (web55408.mail.re4.yahoo.com [206.190.58.202]) by mx1.freebsd.org (Postfix) with SMTP id A7B5E13C4D5 for ; Thu, 22 Nov 2007 15:08:34 +0000 (UTC) (envelope-from johndecot@yahoo.com) Received: (qmail 16955 invoked by uid 60001); 22 Nov 2007 15:08:22 -0000 DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws; s=s1024; d=yahoo.com; h=X-YMail-OSG:Received:Date:From:Subject:To:Cc:In-Reply-To:MIME-Version:Content-Type:Content-Transfer-Encoding:Message-ID; b=M4sxi3VHdDbyJd8BaJmmd0dhQ/vdsAttewcZWsXBzPH48KHNIaR9zEWqh3Eh/SNAWgpvfQ4cyKoD9bRcJEZ2Ltm10O8VMmj+cL37X4mNUgPJlfrPlqTpKuiH0lCcJ5bhoYcVfx/bwDovZWvu9Mu28kDAiZ7mLkQlo3mXYyaffEk=; X-YMail-OSG: .KyiKVQVM1nO27t8rsglm_5U6BEEKuPROxA7ytfPUrTIqbI0djPG8pUKXlkX7VOj070UcuwZvZ8Fo_Zs1lhrbAyH7n.k.KSqQQrdaDpxbM6YYymT_bYCtWVMhBJ4eHZieE4.Obtj5PcK82QCqeR1IIJ1Zg-- Received: from [203.91.130.173] by web55408.mail.re4.yahoo.com via HTTP; Thu, 22 Nov 2007 07:08:21 PST Date: Thu, 22 Nov 2007 07:08:21 -0800 (PST) From: john decot To: VANHULLEBUS Yvan In-Reply-To: <20071120165659.GA1949@zen.inc> MIME-Version: 1.0 Message-ID: <201510.15632.qm@web55408.mail.re4.yahoo.com> Content-Type: text/plain; charset=iso-8859-1 Content-Transfer-Encoding: 8bit X-Content-Filtered-By: Mailman/MimeDel 2.1.5 Cc: freebsd-security@freebsd.org Subject: Re: IPSEC help X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Security issues \[members-only posting\]" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 22 Nov 2007 15:08:35 -0000 Hi, tcpdump shows only isakmp information , there is no information about esp and AH header. 08:05:55.761245 IP 202.70.87.123.isakmp > ws130173.corporate-access.com.isakmp: isakmp: phase 1 ? ident[E] 08:05:55.775403 IP 202.70.87.121 > 202.70.87.123: ICMP redirect ws130173.corporate-access.com to host ws130173.corporate-access.com, length 556 08:05:55.778172 IP 202.70.87.123.isakmp > ws130173.corporate-access.com.isakmp: isakmp: phase 1 ? ident[E] Regards, John VANHULLEBUS Yvan wrote: On Tue, Nov 20, 2007 at 08:46:28AM -0800, john decot wrote: > Hi, > > I have change life time in both side i.e 28800 sec but unlucky again. > [ > 2007-11-20 20:27:31: ERROR: ignore information because ISAKMP-SA has not been established yet. Do a tcpdump/wireshark and have a look at what's in that informational message... Yvan. -- NETASQ http://www.netasq.com --------------------------------- Be a better sports nut! Let your teams follow you with Yahoo Mobile. Try it now.