From: Dustin Hoff (dustin+sunmanagers@dustinhoff.com)
Date: Tue Aug 31 2004 - 12:03:50 EDT
Hello,
I am trying to configure S9 in.iked to communicate with racoon
(FreeBSD) but it isn't working. On the Solaris side, I have the
following config:
/etc/inet/ipsecinit.conf:
{} ipsec {encr_algs 3des encr_auth_algs sha1 sa shared }
/etc/inet/ike/config:
p1_lifetime_secs 14400
p1_nonce_len 20
{
label "METRO WLAN"
local_id_type ip
local_addr 192.168.4.1
remote_addr 192.168.4.0/24
p1_xform { auth_method preshared oakley_group 2 auth_alg sha1 encr_alg 3des }
ps_lifetime_secs 3600
p2_pfs 2
}
/etc/inet/secret/ike.preshared
{
localidtype IP
localid 192.168.4.1
remoteidtype IP
remoteid 192.168.4.5
key d0a5bf693984f1cf3c88f3f30eac296ef3f381e3 (don't worry, I'll change this :-))
}
Sun is 192.168.4.1, BSD is 192.168.4.5, and I want all communication
between the two to be IPsec. When I run in.iked -d I get the
following errors:
/usr/lib/inet/in.iked: In ssh_policy_new_connection (pm_info = 0x71c90).
/usr/lib/inet/in.iked: Rejecting inbound phase 1: no rules.
/usr/lib/inet/in.iked: Phase 1 negotiation error: Aborted notification.
/usr/lib/inet/in.iked: In ssh_policy_isakmp_sa_freed. Clobbering phase1 instance
I'm sure this is a simple fix and i think the problem is with the
solaris config, but does anyone have any suggestions?
Thanks in advance.
Dustin
_______________________________________________
sunmanagers mailing list
sunmanagers@sunmanagers.org
http://www.sunmanagers.org/mailman/listinfo/sunmanagers
This archive was generated by hypermail 2.1.7 : Wed Apr 09 2008 - 23:29:22 EDT