[Openswan Users] Openswan + saref

Ronald loloski at yahoo.com
Wed Jan 20 07:56:01 EST 2010


Hi List,

I'm desperately trying to wrestle this for two days now without success, I really thank Paul for his insight on this, but for the life of me I can't really figure out 
what I have done wrong,

I already do what Paul says, i compiled a self build kernel with Openswan U2.6.ikev2-201003.git-g091ae037-dirty + 2.6.23  kernel + natt + saref patch but I'm still getting this error

19 03:15:14 sti-fw2 ipsec__plutorun: 003 ERROR: PF_KEY K_SADB_X_PLUMBIFresponse for configure_mast_device  included errno 2: No such file or directory.

could anyone shed some light on this????  I build openswan with the following information


USE_MAST?=true

# MAST is generally a prerequisite for SAREF support in applications
USE_SAREF_KERNEL=true



then rpmbuild -bb openswan-2/packaging/centos5/openswan.spec --define 'buildklips 0'


Jan 19 03:15:13 sti-fw2 kernel: NET: Registered protocol family 15
Jan 19 03:15:14 sti-fw2 ipsec__plutorun: 002 added connection description "roadwarrior-net"
Jan 19 03:15:14 sti-fw2 ipsec__plutorun: 002 added connection description "roadwarrior-all"
Jan 19 03:15:14 sti-fw2 ipsec__plutorun: 002 added connection description "roadwarrior-l2tp"
Jan 19 03:15:14 sti-fw2 ipsec__plutorun: 002 added connection description "roadwarrior"
Jan
19 03:15:14 sti-fw2 ipsec__plutorun: 003 ERROR: PF_KEY K_SADB_X_PLUMBIF
response for configure_mast_device  included errno 2: No such file or
directory
Jan 19 03:15:14 sti-fw2 ipsec__plutorun: 003 plumb command exited with status 1
Jan 19 03:15:14 sti-fw2 ipsec__plutorun: 003 NAT-Traversal: Trying new style NAT-T
Jan 19 03:15:14 sti-fw2 ipsec__plutorun: 003 NAT-Traversal: ESPINUDP(1) setup failed for new style NAT-T family IPv4 (errno=19)
Jan 19 03:15:14 sti-fw2 ipsec__plutorun: 003 NAT-Traversal: Trying old style NAT-T



Jan 18 17:58:33 sti-fw2 pluto[14946]: | NAT-OA: 32 tunnel: 1
Jan
18 17:58:33 sti-fw2 pluto[14946]: "roadwarrior-l2tp"[1] 124.106.205.249
#2: pfkey_lib_debug:pfkey_sa_parse: SAref=196612 must be (SAref ==
IPSEC_SAREF_NULL(0) || SAref <
IPSEC_SA_REF_TABLE_NUM_ENTRIES(32768)).
Jan 18 17:58:33 sti-fw2
pluto[14946]: "roadwarrior-l2tp"[1] 124.106.205.249 #2:
pfkey_lib_debug:pfkey_msg_parse: extension parsing for type
1(security-association) failed with error -22.
Jan
18 17:58:33 sti-fw2 pluto[14946]: "roadwarrior-l2tp"[1] 124.106.205.249
#2: pfkey_lib_debug:pfkey_sa_parse: SAref=196612 must be (SAref ==
IPSEC_SAREF_NULL(0) || SAref <
IPSEC_SA_REF_TABLE_NUM_ENTRIES(32768)).
Jan
18 17:58:33 sti-fw2 pluto[14946]: "roadwarrior-l2tp"[1] 124.106.205.249
#2: pfkey_lib_debug:pfkey_msg_parse: extension parsing for type
1(security-association) failed with error -22.
Jan 18 17:58:33
sti-fw2 pluto[14946]: "roadwarrior-l2tp"[1] 124.106.205.249 #2:
transition from state STATE_QUICK_R0 to state STATE_QUICK_R1
Jan
18 17:58:33 sti-fw2 pluto[14946]: "roadwarrior-l2tp"[1] 124.106.205.249
#2: STATE_QUICK_R1: sent QR1, inbound IPsec SA installed, expecting QI2
Jan
18 17:58:33 sti-fw2 pluto[14946]: "roadwarrior-l2tp"[1] 124.106.205.249
#2: transition from state STATE_QUICK_R1 to state STATE_QUICK_R2
Jan
18 17:58:33 sti-fw2 pluto[14946]: "roadwarrior-l2tp"[1] 124.106.205.249
#2: STATE_QUICK_R2: IPsec SA established transport mode
{ESP=>0xbc38cb24 <0x53846cb9 xfrm=AES_128-HMAC_SHA1
NATOA=192.168.2.254 NATD=124.106.205.249:36866 DPD=none}
Jan
18 17:59:08 sti-fw2 pluto[14946]: "roadwarrior-net"[2] 124.106.205.249
#1: received Delete SA(0xbc38cb24) payload: deleting IPSEC State #2
Jan
18 17:59:08 sti-fw2 pluto[14946]: "roadwarrior-net"[2] 124.106.205.249
#1: deleting connection "roadwarrior-l2tp" instance with peer
124.106.205.249 {isakmp=#0/ipsec=#0}
Jan 18 17:59:08 sti-fw2 pluto[14946]: "roadwarrior-net"[2] 124.106.205.249 #1: received and ignored informational message
Jan
18 17:59:08 sti-fw2 pluto[14946]: "roadwarrior-net"[2] 124.106.205.249
#1: received Delete SA payload: deleting ISAKMP State #1
Jan 18
17:59:08 sti-fw2 pluto[14946]: "roadwarrior-net"[2] 124.106.205.249:
deleting connection "roadwarrior-net" instance with peer
124.106.205.249 {isakmp=#0/ipsec=#0}
Jan 18 17:59:08 sti-fw2 pluto[14946]: packet from 124.106.205.249:36866: received and ignored informational message


Thanks for your patience and time :)

Best regards,

Ronald



      
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.openswan.org/pipermail/users/attachments/20100120/cc1d9c67/attachment.html 


More information about the Users mailing list