<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<meta content="text/html;charset=ISO-8859-1" http-equiv="Content-Type">
<title></title>
</head>
<body bgcolor="#ffffff" text="#000000">
<br>
on 16/08/2004 18:27 Paul Wouters said the following:<br>
<blockquote
cite="midPine.LNX.4.44.0408161925300.10419-100000@expansionpack.xtdnet.nl"
type="cite">
<pre wrap="">On Mon, 16 Aug 2004, Matthew Claridge wrote:
</pre>
<blockquote type="cite">
<pre wrap="">on 16/08/2004 16:55 Paul Wouters said the following:
ok, found an error by restarting the ipsec service:
FATAL ERROR: bind() failed in find_raw_ifaces4(). Errno 98: Address
already in use
</pre>
</blockquote>
<pre wrap=""><!---->
So something seems to be running. Do a ps -aux and see if anything like
pluto, racoon or isakmpd is running?
Or check with 'netstat -an | grep :500' to see if something is using
port 500 udp. You can then check with lsof to see which process this is.
Other explanations might be missing kernel components, but if the above doesn't
answer it, please post an 'ipsec barf' for us to have a look at.
Paul
</pre>
</blockquote>
Hi Paul,<br>
<br>
I found racoon running, bound to port 500 (forgot that racoon is part
of the ipsec-tools package so never even checked for this until you
suggested it!) - having killed the process, Pluto starts fine ;o) I'm
not sure how to stop racoon running permanently though, without killing
the whole ipsec process....or deleting the racoon binary ;o)<br>
<br>
Anyway, once pluto was up and running, I tried bringing the tunnel up
and got a pile of messages in the log, some good, some bad. The lines
that seem most important are:<br>
<br>
"tunnelipsec" #3: ignoring informational payload, type PAYLOAD_MALFORMED<br>
"tunnelipsec" #3: discarding duplicate packet; already STATE_MAIN_I3<br>
"tunnelipsec" #3: encrypted Informational Exchange message is invalid
because it is for incomplete ISAKMP SA<br>
<br>
bearing in mind this is going to a Cisco router, it may be that some
tweaks are needed in the configuration at that end, but I'd like to
confirm that and know that everything's ok at my end, if possible,
before I start delving into that.<br>
<br>
I've attached an 'ipsec barf' on the off-chance it'll be useful.....<br>
<br>
Matt<br>
<br>
<br>
</body>
</html>