[Openswan Users] vpn problem with openswan 2.6.14: STATE_QUICK_I1 had internal error

Oguz Yilmaz oguzyilmazlist at gmail.com
Sat Dec 6 08:22:23 EST 2008


On a Centos 5 box with openswan-2.6.14-1.el5_2.1.
Kernel is 2.6.18

I have problem with Quick mode.

ipsec auto --up product
104 "product" #1: STATE_MAIN_I1: initiate
003 "product" #1: ignoring unknown Vendor ID payload
[625027749d5ab97f5616c1602765cf480a3b7d0b]
106 "product" #1: STATE_MAIN_I2: sent MI2, expecting MR2
108 "product" #1: STATE_MAIN_I3: sent MI3, expecting MR3
003 "product" #1: ignoring informational payload, type IPSEC_INITIAL_CONTACT
msgid=00000000
004 "product" #1: STATE_MAIN_I4: ISAKMP SA established
{auth=OAKLEY_PRESHARED_KEY cipher=oakley_3des_cbc_192 prf=oakley_md5
group=modp1024}
117 "product" #2: STATE_QUICK_I1: initiate
003 "product" #2: ERROR: netlink response for Add SA
esp.b6ff9135 at 85.105.105.105 included errno 2: No such file or directory
032 "product" #2: STATE_QUICK_I1: internal error
003 "product" #2: ERROR: netlink response for Add SA
esp.b6ff9135 at 85.105.105.105 included errno 2: No such file or directory
032 "product" #2: STATE_QUICK_I1: internal error
003 "product" #2: ERROR: netlink response for Add SA
esp.b6ff9135 at 85.105.105.105 included errno 2: No such file or directory
032 "product" #2: STATE_QUICK_I1: internal error

Phase 1 is OK but on the phase 2, I have problem above.

When I look at the debug logs:

Dec  6 14:34:11 2008 pluto[10446]: | install_ipsec_sa() for #2: inbound
and outbound
Dec  6 14:34:11 2008 pluto[10446]: | route owner of \"product\"
unrouted: NULL; eroute owner: NULL
Dec  6 14:34:11 2008 pluto[10446]: | could_route called for product
(kind=CK_PERMANENT)
Dec  6 14:34:11 2008 pluto[10446]: | looking for alg with transid: 3
keylen: 0 auth: 1
Dec  6 14:34:11 2008 pluto[10446]: | checking transid: 11 keylen: 0 auth: 1
Dec  6 14:34:11 2008 pluto[10446]: | checking transid: 11 keylen: 0 auth: 2
Dec  6 14:34:11 2008 pluto[10446]: | checking transid: 2 keylen: 8 auth: 0
Dec  6 14:34:11 2008 pluto[10446]: | checking transid: 2 keylen: 8 auth: 1
Dec  6 14:34:11 2008 pluto[10446]: | checking transid: 2 keylen: 8 auth: 2
Dec  6 14:34:11 2008 pluto[10446]: | checking transid: 3 keylen: 24 auth: 0
Dec  6 14:34:11 2008 pluto[10446]: | checking transid: 3 keylen: 24 auth: 1
Dec  6 14:34:11 2008 pluto[10446]: \"product\" #2: ERROR: netlink response
for Add SA esp.b6ff9135 at 85.105.105.105 included errno 2: No such file or
directory
Dec  6 14:34:11 2008 pluto[10446]: | complete state transition with
STF_INTERNAL_ERROR
Dec  6 14:34:11 2008 pluto[10446]: | state transition function for
STATE_QUICK_I1 had internal error
Dec  6 14:34:11 2008 pluto[10446]: | * processed 1 messages from
cryptographic helpers
Dec  6 14:34:11 2008 pluto[10446]: | next event EVENT_PENDING_PHASE2 in 107
seconds

Also barf output is attached. Anybody has the solution for the problem?

Thanks.

Oğuz Yılmaz.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.openswan.org/pipermail/users/attachments/20081206/878b3258/attachment-0001.html 
-------------- next part --------------
An embedded and charset-unspecified text was scrubbed...
Name: ipsec.txt
Url: http://lists.openswan.org/pipermail/users/attachments/20081206/878b3258/attachment-0001.txt 


More information about the Users mailing list