[Openswan Users] OpenBSD interop problem
Ken Bantoft
ken at xelerance.com
Mon May 10 23:00:14 CEST 2004
You might also try plutodebug=control in ipsec.conf to see what the
various logging messages say about key_lens while parsing the packets.
Try commenting out the passert() call, and seeing what happens - this
might be a temporary fix
On Mon, 10 May 2004, Nels Lindquist wrote:
> Hi there.
>
> I'm trying to get OpenSWAN v1.0.3 to talk to OpenBSD. Things are
> very close to working; Main mode works, SA established.
>
> However, right after "responding to Quick Mode" I see the following
> error, and then pluto restarts:
>
> > ip-39 pluto[3382]: "maei-darrnet" #11: ASSERTION FAILED at
> > kernel.c:2222: st->st_esp.keymat_len == key_len + ei->authkeylen
> > ip-39 ipsec__plutorun: Restarting Pluto subsystem...
>
> I set things up according to Hans-Jörg Höxer's HOWTO at
> http://www.rommel.stw.uni-erlangen.de/~hshoexer/ipsec-
> howto/HOWTO.html
>
> I'm using the following algorithms for esp on the Linux side:
>
> > esp=aes128-sha1,aes128-md5,3des-md5
>
> I have no problem connecting to Linux SFS or Windows (still working
> on NAT traversal there, though... :-)
>
> How can I diagnose this problem?
--
Ken Bantoft VP Business Development
ken at xelerance.com Xelerance Corporation
sip://toronto.xelerance.com http://www.xelerance.com
The future is here. It's just not evenly distributed yet.
-- William Gibson
More information about the Users
mailing list