From owner-freebsd-net  Tue Sep 25 20:29: 0 2001
Delivered-To: freebsd-net@freebsd.org
Received: from mine.kame.net (kame195.kame.net [203.178.141.195])
	by hub.freebsd.org (Postfix) with ESMTP id 2B15137B413
	for <freebsd-net@FreeBSD.ORG>; Tue, 25 Sep 2001 20:28:57 -0700 (PDT)
Received: from localhost ([3ffe:501:4819:1000:260:1dff:fef7:1d80])
	by mine.kame.net (8.11.1/3.7W) with ESMTP id f8Q3UZH58365;
	Wed, 26 Sep 2001 12:30:35 +0900 (JST)
To: swb@grasslake.net
Cc: freebsd-net@FreeBSD.ORG
Subject: Re: IPSec problem, racoon can't transmit?
In-Reply-To: Your message of "Sun, 23 Sep 2001 17:51:33 -0500"
	<001201c14482$4b2d45e0$021ea8c0@twinstar>
References: <001201c14482$4b2d45e0$021ea8c0@twinstar>
X-Mailer: Cue version 0.6 (010810-1737/sakane)
Mime-Version: 1.0
Content-Type: Text/Plain; charset=us-ascii
Message-Id: <20010926122828R.sakane@kame.net>
Date: Wed, 26 Sep 2001 12:28:28 +0900
From: Shoichi Sakane <sakane@kame.net>
X-Dispatcher: imput version 20000228(IM140)
Lines: 17
Sender: owner-freebsd-net@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-net.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-net>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-net>
X-Loop: FreeBSD.org

> When I start racoon on both machines, all appears fine.  To make a long
> story short, Machine A never seems to generate ANY isakmp packets.  Machine
> B's racoon run-time info never indicates it's gotten a phase I initiation
> from A if the session was originated from A.  I've run tcpdump on both
> machines, and A never sends any isakmp packets, although it does get them
> from B if B originates traffic first and appears to generate a response
> according to racoon debug info, but B never gets the responses (and if
> tcpdump is to believed A never sends them).

> Both machines are running racoon-20010831a and 4.4-STABLE built yesterday.

do you mean Machine A didn't send only isakmp packets ?
or machine A couldn't send all of packets to machine B ?

the re-keying might failed.  could you check the log file of racoon
on both side ?  if you picked ERROR tag from the file, you could find
the problem.

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-net" in the body of the message