[Openswan Users] PROTO_IPSEC_ESP SA(0xa81d907f) not found

Fabio Corazza fabio at newbay.com
Mon Jun 12 22:14:49 CEST 2006


Sorry again.

I have the tunnel established but no traffic passing through (can't ping
or connect to remote hosts).

I noticed that I have an error in the secure log:

Jun 12 20:52:33 stratus pluto[27490]: "ericsson" #1: ignoring Delete SA
payload: PROTO_IPSEC_ESP SA(0xa81d907f) not found (maybe expired)
Jun 12 20:52:33 stratus pluto[27490]: | del:  a8 1d 90 7f
Jun 12 20:52:33 stratus pluto[27490]: "ericsson" #1: received and
ignored informational message
Jun 12 20:52:33 stratus pluto[27490]: | complete state transition with
STF_IGNORE

This is just after the connection is established.

Is this that is preventing the traffic to come through the tunnel? (no
traffic being deciphered with ESP).

If I put forceencaps=yes in the configuration this error does not appear
anymore but I still get no traffic passing through the tunnel.

Putting tcpdump on ppp0 reveals ESP packets going only from one directly
(my peer to the other). This mean that I don't receive any response.

I'm going crazy since 3 days and all of this is going to be very
frustrating.

The remote device is a Netscreen 5xt.


Thanks,
Fabio


More information about the Users mailing list