[Openswan Users] [IPv6]Interoperability issue between openswan and Racoon2

Paul Wouters paul at xelerance.com
Mon Oct 18 09:54:26 EDT 2010

On Mon, 18 Oct 2010, Yatong Cui wrote:

> 2.On Freebsd8.1
> ================
> [PROTO_WARN]: ikev2.c:1003:ikev2_check_new_request(): 0:2001:db8:1:2:20c:29ff:fe4d:489[500] - 2001:db8:1:1:20c:29ff:fe0c:3ed1[500]:0x284022f0:message to a nonexistent ike_sa
> Except this message on the remote SSH login session,i also found another message on the console:
> iked:[PROTO_ERR]:ikev2_auth.c:615:ikev2_verify():1:2001:db8:1:2:20c:29ff:fe4d:489[500] -
> 2001:db8:1:1:20c:29ff:fe0c:3ed1[500]:0x28402348:authentication failure.
> 3.Analysis
> ================
> So does it mean it's because the unmatching ID cause the connection crashes. My current ID configuration is
> 1>on RHEL
>        left=2001:db8:1:1:20c:29ff:fe0c:3ed1
>        right=2001:db8:1:2:20c:29ff:fe4d:489
>        leftid=2001:db8:1:1:20c:29ff:fe0c:3ed1
>        rightid=2001:db8:1:2:20c:29ff:fe4d:489
> 2>on Freebsd 8.1
>        my_id ipaddr 2001:db8:1:2:20c:29ff:fe4d:489;
>        peers_id ipaddr 2001:db8:1:1:20c:29ff:fe0c:3ed1;
> Is there anywhere else that i need to specify the ID they use.(Because the test specification states i have to use the ipaddr as the ID,so i cannot use the FQDN as the ID).

This is probably a bug on the openswan side. I've filed this as a new bug:


More information about the Users mailing list