[Openswan Users] OpenBSD interop problem

Nels Lindquist nlindq at maei.ca
Mon May 10 10:34:44 CEST 2004


Hi there.

I'm trying to get OpenSWAN v1.0.3 to talk to OpenBSD.  Things are 
very close to working; Main mode works, SA established.

However, right after "responding to Quick Mode" I see the following 
error, and then pluto restarts:

> ip-39 pluto[3382]: "maei-darrnet" #11: ASSERTION FAILED at
> kernel.c:2222: st->st_esp.keymat_len == key_len + ei->authkeylen 
> ip-39 ipsec__plutorun: Restarting Pluto subsystem...

I set things up according to Hans-Jörg Höxer's HOWTO at 
http://www.rommel.stw.uni-erlangen.de/~hshoexer/ipsec-
howto/HOWTO.html

I'm using the following algorithms for esp on the Linux side:

> esp=aes128-sha1,aes128-md5,3des-md5

I have no problem connecting to Linux SFS or Windows (still working 
on NAT traversal there, though... :-)

How can I diagnose this problem?

----
Nels Lindquist <*>
Information Systems Manager
Morningstar Air Express Inc.



More information about the Users mailing list