[Openswan Users] [IPv6]Interoperability issue between openswan and Racoon2
Paul Wouters
paul at xelerance.com
Mon Oct 18 09:54:26 EDT 2010
On Mon, 18 Oct 2010, Yatong Cui wrote:
> 2.On Freebsd8.1
> ================
> [PROTO_WARN]: ikev2.c:1003:ikev2_check_new_request(): 0:2001:db8:1:2:20c:29ff:fe4d:489[500] - 2001:db8:1:1:20c:29ff:fe0c:3ed1[500]:0x284022f0:message to a nonexistent ike_sa
>
> Except this message on the remote SSH login session,i also found another message on the console:
> iked:[PROTO_ERR]:ikev2_auth.c:615:ikev2_verify():1:2001:db8:1:2:20c:29ff:fe4d:489[500] -
> 2001:db8:1:1:20c:29ff:fe0c:3ed1[500]:0x28402348:authentication failure.
>
> 3.Analysis
> ================
> So does it mean it's because the unmatching ID cause the connection crashes. My current ID configuration is
> 1>on RHEL
> left=2001:db8:1:1:20c:29ff:fe0c:3ed1
> right=2001:db8:1:2:20c:29ff:fe4d:489
> leftid=2001:db8:1:1:20c:29ff:fe0c:3ed1
> rightid=2001:db8:1:2:20c:29ff:fe4d:489
> 2>on Freebsd 8.1
> my_id ipaddr 2001:db8:1:2:20c:29ff:fe4d:489;
> peers_id ipaddr 2001:db8:1:1:20c:29ff:fe0c:3ed1;
>
> Is there anywhere else that i need to specify the ID they use.(Because the test specification states i have to use the ipaddr as the ID,so i cannot use the FQDN as the ID).
This is probably a bug on the openswan side. I've filed this as a new bug:
https://bugs.openswan.org/issues/1157
Paul
More information about the Users
mailing list