* racoon and usbnet nic = no IPSEC
@ 2005-03-08 19:09 Konstantin V. Gavrilenko
0 siblings, 0 replies; only message in thread
From: Konstantin V. Gavrilenko @ 2005-03-08 19:09 UTC (permalink / raw)
To: racoon, linux-kernel
Hi guys,
just thought I'd share my experience of last several days.
Had to change the external nic on the gateway box from standard pci device, to a
usb nic. turned the machine on, everything goes as planned, but no ipsec tunnels
go up.
Spent couple of days solving the f*^&king problem, tried different kernels
(2.6.9-2.6.11) and ipsec-tools versions, thought I was going mental.
Only to to find out that my USB Netgear FA-120 would not "work with ipsec".
for some reason, kernel can no create SAs.
Even if you set the tunnels manually, it is still a no go.
The logs are full of:
2005-03-07 15:17:20: ERROR: phase2 negotiation failed due to time up waiting for
phase1. ESP xxx.xxx.xxx.bbb->xxx.xxx.xxx.aaa
2005-03-07 15:17:20: INFO: delete phase 2 handler.
2005-03-07 15:17:24: ERROR: can't start the quick mode, there is no valid
ISAKMP-SA, 530bc0362f36f1ed:9673792c0daa890f
Anyone has any suggestions of why this was happening?
I can post more info if developers are interested.
--
Respectfully,
Konstantin V. Gavrilenko
Arhont Ltd - Information Security
web: http://www.arhont.com
http://www.wi-foo.com
e-mail: k.gavrilenko@arhont.com
tel: +44 (0) 870 44 31337
fax: +44 (0) 117 969 0141
PGP: Key ID - 0x4F3608F7
PGP: Server - keyserver.pgp.com
^ permalink raw reply [flat|nested] only message in thread
only message in thread, other threads:[~2005-03-08 19:18 UTC | newest]
Thread overview: (only message) (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2005-03-08 19:09 racoon and usbnet nic = no IPSEC Konstantin V. Gavrilenko
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.