(usagi-users 02403) Compatibility problems IPsec 2.5.70 against FreeS/WAN 1.99

netdev.vger.kernel.org archive mirror
 help / color / mirror / Atom feed

* (usagi-users 02403) Compatibility problems IPsec 2.5.70 against FreeS/WAN 1.99
@ 2003-06-04 14:53 Dr. Peter Bieringer 
  2003-07-27 11:07 ` bert hubert
  0 siblings, 1 reply; 2+ messages in thread
From: Dr. Peter Bieringer  @ 2003-06-04 14:53 UTC (permalink / raw)
  To: Maillist netdev; +Cc: Maillist USAGI-users

Hi, 

has anyone successful examples of configuration settings for 2.5.70 IPsec 
(racoon/SAD/SPD) and FreeS/WAN? 

I got no success between 2 hosts, neither in tunnel nor in transport mode. 

(racoon and pluto config looks like ok, the IPsec-SA was proper established, 
also both hosts send packets with related spi). 

In transport mode, the comment of Andreas came true that in the ESP packet 
an IP-in-IP tunnel packet is transported (sent from the 2.5.70-ipsec host): 

16:42:06.215546 [|ip]
0x0000   45                                             E
16:42:08.215348 [|ip]
0x0000   4500 0007 0004 40                              E.....@ 

Looks like FreeS/WAN don't like this. 

In tunnel mode, ipsec0 interface of FreeS/WAN drops all received packages by 
the 2.5.70-ipsec host (seen in ifconfig stat). 

On 2.5.70-ipsec side I currently don't know how to debug, but I only see the 
ESP packet on the interface, nothing decrpyted. 

Very strange at all... 

Any hints available how to let FreeS/WAN communicate with 2.5.70-ipsec? 

Thank you very much,
Peter 

-- 
Dr. Peter Bieringer                     http://www.bieringer.de/pb/
GPG/PGP Key 0x958F422D               mailto: pb at bieringer dot de
Deep Space 6 Co-Founder and Core Member  http://www.deepspace6.net/ 

^ permalink raw reply	[flat|nested] 2+ messages in thread

* Re: Compatibility problems IPsec 2.5.70 against FreeS/WAN 1.99
  2003-06-04 14:53 (usagi-users 02403) Compatibility problems IPsec 2.5.70 against FreeS/WAN 1.99 Dr. Peter Bieringer 
@ 2003-07-27 11:07 ` bert hubert
  0 siblings, 0 replies; 2+ messages in thread
From: bert hubert @ 2003-07-27 11:07 UTC (permalink / raw)
  To: Dr. Peter Bieringer ; +Cc: Maillist netdev, Maillist USAGI-users

On Wed, Jun 04, 2003 at 04:53:50PM +0200, Dr. Peter Bieringer  wrote:
> Hi, 
> 
> has anyone successful examples of configuration settings for 2.5.70 IPsec 
> (racoon/SAD/SPD) and FreeS/WAN? 

I've heard reports that it worked at one stage so if it doesn't now,
something must've broken recently.

> I got no success between 2 hosts, neither in tunnel nor in transport mode. 

I'll try to roust some FreeS/WAN fanatics I know to help test.

	Bert

-- 
http://www.PowerDNS.com      Open source, database driven DNS Software 
http://lartc.org           Linux Advanced Routing & Traffic Control HOWTO

^ permalink raw reply	[flat|nested] 2+ messages in thread

end of thread, other threads:[~2003-07-27 11:07 UTC | newest]

Thread overview: 2+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2003-06-04 14:53 (usagi-users 02403) Compatibility problems IPsec 2.5.70 against FreeS/WAN 1.99 Dr. Peter Bieringer 
2003-07-27 11:07 ` bert hubert

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).