[Openswan Users] Fw: [Ipsec-tools-devel] ipcomp between racoon and FreeS/WAN 2.04

Marco Berizzi pupilla at hotmail.com
Mon Mar 29 12:56:59 CEST 2004


Herbert Xu wrote:

> > spdadd 10.1.2.0/24 10.1.1.0/24 any -P in ipsec
> >      ipcomp/tunnel/172.16.1.247-172.16.1.226/use
> >      esp/tunnel/172.16.1.247-172.16.1.226/require; 
> 
> Change the second esp to transport and the kernel will talk
> to *swan.

No. Racoon will not negotiate any tunnel:

Cocorita racoon: INFO: respond new phase 2 negotiation: 172.16.1.247[0]<=>172.16.1.226[0]
Cocorita racoon: ERROR: encmode mismatched: my:Transport peer:Tunnel
Cocorita racoon: ERROR: not matched
Cocorita racoon: ERROR: no suitable policy found.
Cocorita racoon: ERROR: failed to pre-process packet.



More information about the Users mailing list