[Openswan Users]
Brian Candler
B.Candler at pobox.com
Thu Apr 6 22:21:35 CEST 2006
On Thu, Apr 06, 2006 at 04:45:23PM +0100, Brian Candler wrote:
> > I'm not sure I understand what is going wrong here :(
I've cranked up the debugging further on the Cisco side. Now I get:
Apr 6 20:51:19 devlns1-1 53928: Apr 6 19:51:19.315: Before decryption:
Apr 6 20:51:19 devlns1-1 53929: 072CD310: 4500 00700000 40003B11 1C4AXXXX E..p.. at .;..JXX
Apr 6 20:51:19 devlns1-1 53930: 072CD320: XXXXYYYY YYYYC38A 1194005C 0000E98D XXYYYYC....\..i.
Apr 6 20:51:19 devlns1-1 53931: 072CD330: E8C30000 000AA23F 6B450FB9 BD7317D1 hC...."?kE.9=s.Q Apr 6 20:51:19 devlns1-1 53932: 072CD340: 2006 . ...
Apr 6 20:51:19 devlns1-1 53933: Apr 6 19:51:19.315: After decryption:
Apr 6 20:51:19 devlns1-1 53934: 07149F20: 45000049 00004000 3B111C71 E..I.. at .;..q
Apr 6 20:51:19 devlns1-1 53935: 07149F30: XXXXXXXX YYYYYYYY 06A506A5 00350000 XXXXYYYY.%.%.5..
Apr 6 20:51:19 devlns1-1 53936: 07149F40: C802002D 00000000 00010000 80080000 H..-............
Apr 6 20:51:19 devlns1-1 53937: 07149F50: 00000004 .... ...
Apr 6 20:51:20 devlns1-1 53938: Apr 6 19:51:19.315: IPSEC(epa_des_crypt): decrypted packet failed SA identity check
"Before decryption" shows a UDP packet from port 50058 to port 4500.
The "after decryption" packet decodes as:
[RFC 791]
45000049 IPv4, 73 bytes
00004000 flags=DF
3B111C71 TTL=59, protocol=17 (UDP), checksum
XXXXXXXX src = XX.XX.XX.XX
YYYYYYYY dst = YY.YY.YY.YY
[RFC 768]
06A506A5 src port=1701, dst port = 1701
00350000 length=53, checksum=0
C802002D ... rest of data
00000000
00010000
80080000
00000004
I really can't see what's wrong there. Maybe I'll have to revert to 2.4.4
and see what's different.
Hmmm...
Brian.
More information about the Users
mailing list