[Openswan dev] 2.3.1 on netkey 2.6.12-rc3 failure
Paul Wouters
paul at xelerance.com
Wed Apr 27 02:28:30 CEST 2005
I was trying to use NETKEY based on 2.6.12-rc3 using openswan-2.3.1 to
interop to another NETKEY based openswan running 2.3.1 on 2.6.11-1.14_FC3
I Received the following error on the 2.6.12-rc3 end:
Apr 27 01:05:22 hal pluto[3448]: "phenome--extrude" #3: ERROR: netlink response for Add SA esp.98650ce8 at 213.84.21.108 included errno 38: Function not implemented
af_key, esp4, ipcomp, and xfrm_user and xfrm4_tunnel were loaded.
full logs:
Apr 27 01:05:18 hal pluto[3448]: starting up 1 cryptographic helpers
Apr 27 01:05:18 hal pluto[3448]: started helper pid=3478 (fd:6)
Apr 27 01:05:18 hal pluto[3448]: Using Linux 2.6 IPsec interface code on 2.6.12-rc3
Apr 27 01:05:18 hal pluto[3448]: Changing to directory '/etc/ipsec.d/cacerts'
Apr 27 01:05:18 hal pluto[3448]: loaded CA cert file 'private' (0 bytes)
Apr 27 01:05:18 hal pluto[3448]: file coded in unknown format, discarded
Apr 27 01:05:18 hal pluto[3448]: loaded CA cert file 'cacert.pem' (985 bytes)
Apr 27 01:05:18 hal pluto[3448]: Changing to directory '/etc/ipsec.d/aacerts'
Apr 27 01:05:18 hal pluto[3448]: Changing to directory '/etc/ipsec.d/ocspcerts'
Apr 27 01:05:18 hal pluto[3448]: Changing to directory '/etc/ipsec.d/crls'
Apr 27 01:05:18 hal pluto[3448]: loaded crl file 'crl.pem' (418 bytes)
Apr 27 01:05:18 hal pluto[3448]: loaded crl file 'cacert.pem' (985 bytes)
Apr 27 01:05:18 hal pluto[3448]: error in X.509 crl
Apr 27 01:05:20 hal pluto[3448]: added connection description "phenome--unreachable"
Apr 27 01:05:20 hal pluto[3448]: added connection description "phenome--extrude"
Apr 27 01:05:20 hal pluto[3448]: added connection description "ureachable-phenome-base"
Apr 27 01:05:21 hal pluto[3448]: listening for IKE messages
Apr 27 01:05:21 hal pluto[3448]: adding interface ppp0/ppp0 213.84.21.108:500
Apr 27 01:05:21 hal pluto[3448]: adding interface eth0:2/eth0:2 10.0.0.42:500
Apr 27 01:05:21 hal pluto[3448]: adding interface eth0/eth0 193.110.157.62:500
Apr 27 01:05:21 hal pluto[3448]: adding interface lo/lo 127.0.0.1:500
Apr 27 01:05:21 hal pluto[3448]: adding interface lo/lo ::1:500
Apr 27 01:05:21 hal pluto[3448]: loading secrets from "/etc/ipsec.secrets"
Apr 27 01:05:21 hal pluto[3448]: loaded private key file '/etc/ipsec.d/private/hal.key' (1631 bytes)
Apr 27 01:05:22 hal pluto[3448]: "phenome--unreachable" #1: initiating Main Mode
Apr 27 01:05:22 hal pluto[3448]: "phenome--unreachable" #1: ignoring unknown Vendor ID payload [4f454578616c467b5f6f606d]
Apr 27 01:05:22 hal pluto[3448]: "phenome--unreachable" #1: received Vendor ID payload [Dead Peer Detection]
Apr 27 01:05:22 hal pluto[3448]: "phenome--unreachable" #1: transition from state STATE_MAIN_I1 to state STATE_MAIN_I2
Apr 27 01:05:22 hal pluto[3448]: "phenome--extrude" #2: initiating Main Mode
Apr 27 01:05:22 hal pluto[3448]: "phenome--extrude" #2: ignoring unknown Vendor ID payload [4f454578616c467b5f6f606d]
Apr 27 01:05:22 hal pluto[3448]: "phenome--extrude" #2: received Vendor ID payload [Dead Peer Detection]
Apr 27 01:05:22 hal pluto[3448]: "phenome--extrude" #2: discarding packet received during asynchronous work (DNS or crypto) in STATE_MAIN_I1
Apr 27 01:05:22 hal pluto[3448]: "phenome--extrude" #2: transition from state STATE_MAIN_I1 to state STATE_MAIN_I2
Apr 27 01:05:22 hal pluto[3448]: "phenome--extrude" #2: I did not send a certificate because I do not have one.
Apr 27 01:05:22 hal pluto[3448]: "phenome--extrude" #2: multiple ipsec.secrets entries with distinct secrets match endpoints: first secret used
Apr 27 01:05:22 hal pluto[3448]: "phenome--extrude" #2: transition from state STATE_MAIN_I2 to state STATE_MAIN_I3
Apr 27 01:05:22 hal pluto[3448]: "phenome--extrude" #2: Main mode peer ID is ID_FQDN: '@unreachable'
Apr 27 01:05:22 hal pluto[3448]: "phenome--extrude" #2: transition from state STATE_MAIN_I3 to state STATE_MAIN_I4
Apr 27 01:05:22 hal pluto[3448]: "phenome--extrude" #2: ISAKMP SA established
Apr 27 01:05:22 hal pluto[3448]: "phenome--extrude" #3: initiating Quick Mode RSASIG+ENCRYPT+TUNNEL+PFS+UP {using isakmp#2}
Apr 27 01:05:22 hal pluto[3448]: "phenome--extrude" #3: ERROR: netlink response for Add SA esp.98650ce8 at 213.84.21.108 included errno 38: Function not implemented
Apr 27 01:05:31 hal pluto[3448]: "phenome--extrude" #2: packet rejected: should have been encrypted
Apr 27 01:05:31 hal pluto[3448]: "phenome--extrude" #2: sending notification INVALID_FLAGS to 194.109.7.250:500
Apr 27 01:05:31 hal pluto[3448]: "phenome--extrude" #2: failed to build notification for spisize=0
Apr 27 01:05:32 hal pluto[3448]: "phenome--extrude" #3: ERROR: netlink response for Add SA esp.98650ce8 at 213.84.21.108 included errno 38: Function not implemented
Apr 27 01:05:34 hal pluto[3448]: "phenome--extrude" #4: initiating Quick Mode RSASIG+ENCRYPT+TUNNEL+PFS+UP {using isakmp#2}
Apr 27 01:05:34 hal pluto[3448]: "phenome--extrude" #4: ERROR: netlink response for Add SA esp.18163750 at 213.84.21.108 included errno 38: Function not implemented
Apr 27 01:05:34 hal pluto[3448]: "phenome--extrude" #5: initiating Quick Mode RSASIG+ENCRYPT+TUNNEL+PFS+UP {using isakmp#2}
Apr 27 01:05:35 hal pluto[3448]: "phenome--extrude" #5: ERROR: netlink response for Add SA esp.a0af522 at 213.84.21.108 included errno 38: Function not implemented
Apr 27 01:05:35 hal pluto[3448]: "phenome--extrude" #6: initiating Quick Mode RSASIG+ENCRYPT+TUNNEL+PFS+UP {using isakmp#2}
Apr 27 01:05:35 hal pluto[3448]: "phenome--extrude" #6: ERROR: netlink response for Add SA esp.561bbea0 at 213.84.21.108 included errno 38: Function not implemented
Apr 27 01:05:44 hal pluto[3448]: "phenome--extrude" #5: ERROR: netlink response for Add SA esp.a0af522 at 213.84.21.108 included errno 38: Function not implemented
Apr 27 01:05:44 hal pluto[3448]: "phenome--extrude" #4: ERROR: netlink response for Add SA esp.18163750 at 213.84.21.108 included errno 38: Function not implemented
Apr 27 01:05:45 hal pluto[3448]: "phenome--extrude" #6: ERROR: netlink response for Add SA esp.561bbea0 at 213.84.21.108 included errno 38: Function not implemented
Apr 27 01:05:45 hal pluto[3448]: "phenome--extrude" #7: initiating Quick Mode RSASIG+ENCRYPT+TUNNEL+PFS+UP {using isakmp#2}
Apr 27 01:05:46 hal pluto[3448]: "phenome--extrude" #7: ERROR: netlink response for Add SA esp.a9424ca3 at 213.84.21.108 included errno 38: Function not implemented
Apr 27 01:05:46 hal pluto[3448]: "phenome--extrude" #8: initiating Quick Mode RSASIG+ENCRYPT+TUNNEL+PFS+UP {using isakmp#2}
Apr 27 01:05:47 hal pluto[3448]: "phenome--extrude" #8: ERROR: netlink response for Add SA esp.9a0c40de at 213.84.21.108 included errno 38: Function not implemented
Apr 27 01:05:50 hal pluto[3448]: "phenome--extrude" #9: initiating Quick Mode RSASIG+ENCRYPT+TUNNEL+PFS+UP {using isakmp#2}
Apr 27 01:05:51 hal pluto[3448]: "phenome--extrude" #9: ERROR: netlink response for Add SA esp.f3fecef7 at 213.84.21.108 included errno 38: Function not implemented
Apr 27 01:05:51 hal pluto[3448]: "phenome--extrude" #2: packet rejected: should have been encrypted
Apr 27 01:05:51 hal pluto[3448]: "phenome--extrude" #2: sending notification INVALID_FLAGS to 194.109.7.250:500
Apr 27 01:05:51 hal pluto[3448]: "phenome--extrude" #2: failed to build notification for spisize=0
Apr 27 01:05:52 hal pluto[3448]: "phenome--extrude" #3: ERROR: netlink response for Add SA esp.98650ce8 at 213.84.21.108 included errno 38: Function not implemented
Apr 27 01:05:56 hal pluto[3448]: "phenome--extrude" #8: ERROR: netlink response for Add SA esp.9a0c40de at 213.84.21.108 included errno 38: Function not implemented
Apr 27 01:05:56 hal pluto[3448]: "phenome--extrude" #7: ERROR: netlink response for Add SA esp.a9424ca3 at 213.84.21.108 included errno 38: Function not implemented
Apr 27 01:06:01 hal pluto[3448]: "phenome--extrude" #9: ERROR: netlink response for Add SA esp.f3fecef7 at 213.84.21.108 included errno 38: Function not implemented
Apr 27 01:06:02 hal pluto[3448]: "phenome--extrude" #10: initiating Quick Mode RSASIG+ENCRYPT+TUNNEL+PFS+UP {using isakmp#2}
Apr 27 01:06:02 hal pluto[3448]: "phenome--extrude" #10: ERROR: netlink response for Add SA esp.be035022 at 213.84.21.108 included errno 38: Function not implemented
Apr 27 01:06:04 hal pluto[3448]: "phenome--extrude" #4: ERROR: netlink response for Add SA esp.18163750 at 213.84.21.108 included errno 38: Function not implemented
Apr 27 01:06:04 hal pluto[3448]: "phenome--extrude" #5: ERROR: netlink response for Add SA esp.a0af522 at 213.84.21.108 included errno 38: Function not implemented
Apr 27 01:06:05 hal pluto[3448]: "phenome--extrude" #6: ERROR: netlink response for Add SA esp.561bbea0 at 213.84.21.108 included errno 38: Function not implemented
Apr 27 01:06:07 hal pluto[3448]: "phenome--extrude" #11: initiating Quick Mode RSASIG+ENCRYPT+TUNNEL+PFS+UP {using isakmp#2}
Apr 27 01:06:07 hal pluto[3448]: "phenome--extrude" #11: ERROR: netlink response for Add SA esp.685044f7 at 213.84.21.108 included errno 38: Function not implemented
Apr 27 01:06:08 hal kdm: :0[3855]: (pam_unix) session opened for user a by (uid=0)
Apr 27 01:06:11 hal pluto[3448]: "phenome--extrude" #12: initiating Quick Mode RSASIG+ENCRYPT+TUNNEL+PFS+UP {using isakmp#2}
Apr 27 01:06:11 hal pluto[3448]: "phenome--extrude" #12: ERROR: netlink response for Add SA esp.c22c63a5 at 213.84.21.108 included errno 38: Function not implemented
Apr 27 01:06:12 hal pluto[3448]: "phenome--extrude" #10: ERROR: netlink response for Add SA esp.be035022 at 213.84.21.108 included errno 38: Function not implemented
Apr 27 01:06:13 hal pluto[3448]: "phenome--extrude" #13: initiating Quick Mode RSASIG+ENCRYPT+TUNNEL+PFS+UP {using isakmp#2}
Apr 27 01:06:13 hal pluto[3448]: "phenome--extrude" #13: ERROR: netlink response for Add SA esp.546c92b1 at 213.84.21.108 included errno 38: Function not implemented
Apr 27 01:06:17 hal pluto[3448]: "phenome--extrude" #7: ERROR: netlink response for Add SA esp.a9424ca3 at 213.84.21.108 included errno 38: Function not implemented
Apr 27 01:06:17 hal pluto[3448]: "phenome--extrude" #8: ERROR: netlink response for Add SA esp.9a0c40de at 213.84.21.108 included errno 38: Function not implemented
Apr 27 01:06:18 hal pluto[3448]: "phenome--extrude" #11: ERROR: netlink response for Add SA esp.685044f7 at 213.84.21.108 included errno 38: Function not implemented
Apr 27 01:06:19 hal pluto[3448]: "phenome--extrude" #14: initiating Quick Mode RSASIG+ENCRYPT+TUNNEL+PFS+UP {using isakmp#2}
Apr 27 01:06:20 hal pluto[3448]: "phenome--extrude" #14: ERROR: netlink response for Add SA esp.487132b4 at 213.84.21.108 included errno 38: Function not implemented
Apr 27 01:06:20 hal pluto[3448]: "phenome--extrude" #15: initiating Quick Mode RSASIG+ENCRYPT+TUNNEL+PFS+UP {using isakmp#2}
Apr 27 01:06:20 hal pluto[3448]: "phenome--extrude" #15: ERROR: netlink response for Add SA esp.72f5c5d at 213.84.21.108 included errno 38: Function not implemented
Apr 27 01:06:22 hal pluto[3448]: "phenome--extrude" #12: ERROR: netlink response for Add SA esp.c22c63a5 at 213.84.21.108 included errno 38: Function not implemented
Apr 27 01:06:22 hal pluto[3448]: "phenome--extrude" #9: ERROR: netlink response for Add SA esp.f3fecef7 at 213.84.21.108 included errno 38: Function not implemented
Apr 27 01:06:23 hal pluto[3448]: "phenome--extrude" #13: ERROR: netlink response for Add SA esp.546c92b1 at 213.84.21.108 included errno 38: Function not implemented
Apr 27 01:06:25 hal pluto[3448]: "phenome--extrude" #16: initiating Quick Mode RSASIG+ENCRYPT+TUNNEL+PFS+UP {using isakmp#2}
Apr 27 01:06:26 hal pluto[3448]: "phenome--extrude" #16: ERROR: netlink response for Add SA esp.867805d8 at 213.84.21.108 included errno 38: Function not implemented
Apr 27 01:06:29 hal pluto[3448]: "phenome--extrude" #14: ERROR: netlink response for Add SA esp.487132b4 at 213.84.21.108 included errno 38: Function not implemented
Apr 27 01:06:29 hal su[3997]: + pts/0 a:root
Apr 27 01:06:29 hal su[3997]: (pam_unix) session opened for user root by a(uid=1000)
Apr 27 01:06:30 hal pluto[3448]: "phenome--extrude" #15: ERROR: netlink response for Add SA esp.72f5c5d at 213.84.21.108 included errno 38: Function not implemented
Apr 27 01:06:30 hal pluto[3448]: "phenome--extrude" #17: initiating Quick Mode RSASIG+ENCRYPT+TUNNEL+PFS+UP {using isakmp#2}
Apr 27 01:06:31 hal pluto[3448]: "phenome--extrude" #17: ERROR: netlink response for Add SA esp.32b9b6ee at 213.84.21.108 included errno 38: Function not implemented
Apr 27 01:06:31 hal pluto[3448]: "phenome--unreachable" #1: max number of retransmissions (2) reached STATE_MAIN_I2
Apr 27 01:06:31 hal pluto[3448]: "phenome--unreachable" #1: starting keying attempt 2 of an unlimited number
Apr 27 01:06:31 hal pluto[3448]: "phenome--unreachable" #18: initiating Main Mode to replace #1
Apr 27 01:06:31 hal pluto[3448]: "phenome--unreachable" #18: ignoring unknown Vendor ID payload [4f454578616c467b5f6f606d]
Apr 27 01:06:31 hal pluto[3448]: "phenome--unreachable" #18: received Vendor ID payload [Dead Peer Detection]
Apr 27 01:06:31 hal pluto[3448]: "phenome--unreachable" #18: transition from state STATE_MAIN_I1 to state STATE_MAIN_I2
Apr 27 01:06:31 hal pluto[3448]: "phenome--unreachable" #18: I did not send a certificate because I do not have one.
Apr 27 01:06:31 hal pluto[3448]: "phenome--unreachable" #18: multiple ipsec.secrets entries with distinct secrets match endpoints: first secret used
Apr 27 01:06:31 hal pluto[3448]: "phenome--unreachable" #18: transition from state STATE_MAIN_I2 to state STATE_MAIN_I3
Apr 27 01:06:31 hal pluto[3448]: "phenome--unreachable" #18: Main mode peer ID is ID_IPV4_ADDR: '194.109.7.250'
Apr 27 01:06:31 hal pluto[3448]: "phenome--unreachable" #18: transition from state STATE_MAIN_I3 to state STATE_MAIN_I4
Apr 27 01:06:31 hal pluto[3448]: "phenome--unreachable" #18: ISAKMP SA established
Apr 27 01:06:31 hal pluto[3448]: "phenome--unreachable" #19: initiating Quick Mode RSASIG+ENCRYPT+TUNNEL+PFS+UP {using isakmp#18}
Apr 27 01:06:31 hal pluto[3448]: "phenome--unreachable" #19: ERROR: netlink response for Add SA esp.1de69574 at 213.84.21.108 included errno 38: Function not implemented
Apr 27 01:06:32 hal pluto[3448]: "phenome--extrude" #10: ERROR: netlink response for Add SA esp.be035022 at 213.84.21.108 included errno 38: Function not implemented
Apr 27 01:06:32 hal pluto[3448]: "phenome--extrude" #3: max number of retransmissions (2) reached STATE_QUICK_I1. No acceptable response to our first Quick Mode message: perhaps peer likes no proposal
Apr 27 01:06:32 hal pluto[3448]: "phenome--extrude" #3: starting keying attempt 2 of an unlimited number
Apr 27 01:06:32 hal pluto[3448]: "phenome--extrude" #20: initiating Quick Mode RSASIG+ENCRYPT+TUNNEL+PFS+UP to replace #3 {using isakmp#2}
Apr 27 01:06:32 hal pluto[3448]: "phenome--extrude" #2: Quick Mode I1 message is unacceptable because it uses a previously used Message ID 0x0ecfb85e (perhaps this is a duplicated packet)
Apr 27 01:06:32 hal pluto[3448]: "phenome--extrude" #2: sending encrypted notification INVALID_MESSAGE_ID to 194.109.7.250:500
Apr 27 01:06:32 hal pluto[3448]: "phenome--extrude" #2: failed to build notification for spisize=0
Apr 27 01:06:32 hal pluto[3448]: "phenome--extrude" #20: ERROR: netlink response for Add SA esp.2c23c3b4 at 213.84.21.108 included errno 38: Function not implemented
Apr 27 01:06:35 hal pluto[3448]: "phenome--extrude" #16: ERROR: netlink response for Add SA esp.867805d8 at 213.84.21.108 included errno 38: Function not implemented
Apr 27 01:06:37 hal pluto[3448]: "phenome--extrude" #11: ERROR: netlink response for Add SA esp.685044f7 at 213.84.21.108 included errno 38: Function not implemented
etc etc
Paul
More information about the Dev
mailing list