From owner-freebsd-current@FreeBSD.ORG  Mon Oct  4 12:37:04 2004
Return-Path: <owner-freebsd-current@FreeBSD.ORG>
Delivered-To: freebsd-current@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 9127716A4CE
	for <freebsd-current@freebsd.org>;
	Mon,  4 Oct 2004 12:37:04 +0000 (GMT)
Received: from org.ukrsat.com (org.ukrsat.com [212.35.173.146])
	by mx1.FreeBSD.org (Postfix) with ESMTP id 1C94443D5F
	for <freebsd-current@freebsd.org>;
	Mon,  4 Oct 2004 12:37:00 +0000 (GMT)
	(envelope-from hunter@comsys.com.ua)
Received: from localhost (localhost [127.0.0.1])
From: "Sergey Smitienko" <hunter@comsys.com.ua>
To: <freebsd-current@freebsd.org>
Date: Mon, 4 Oct 2004 15:36:56 +0300
Message-ID: <027201c4aa0e$d6021020$13caa8c0@aa.com>
MIME-Version: 1.0
Content-Type: text/plain;
	charset="US-ASCII"
Content-Transfer-Encoding: quoted-printable
X-Priority: 3 (Normal)
X-MSMail-Priority: Normal
X-Mailer: Microsoft Outlook, Build 10.0.6626
X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.2180
Importance: Normal
X-Scanned-By: MIMEDefang 2.36
X-Virus-Scanned: clamd / ClamAV version 0.75.1, clamav-milter version 0.75c
	on org.ukrsat.com
X-Virus-Status: Clean
X-Mailman-Approved-At: Mon, 04 Oct 2004 13:16:17 +0000
Subject: FreeBSD 5.3 IPSec
X-BeenThere: freebsd-current@freebsd.org
X-Mailman-Version: 2.1.1
Precedence: list
List-Id: Discussions about the use of FreeBSD-current
	<freebsd-current.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-current>,
	<mailto:freebsd-current-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-current>
List-Post: <mailto:freebsd-current@freebsd.org>
List-Help: <mailto:freebsd-current-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-current>,
	<mailto:freebsd-current-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Mon, 04 Oct 2004 12:37:04 -0000

Hello,=20
I'm having problem with an IPSec connection between two test hosts =
running
5.3-BETA3 using isakmpd.
Both kernels are GENERIC with IPSEC/IPSEC_ESP options additions. As far =
as I
understand from=20
the isakmpd debug output it does negotiate a connection and then fails =
to
setup kernel to use encryption=20
between this two hosts.
BTW, Is there any pf_key message decoder avaible ?

Oct  1 18:57:04 test2 isakmpd[292]: pf_key_v2_connection_check: SA for
ISAKMP-test2-test1 missing
Oct  1 18:57:20 test2 isakmpd[292]: pf_key_v2_write: iov[0]:
Oct  1 18:57:20 test2 isakmpd[292]: 02010003 0c000000 04000000 24010000
Oct  1 18:57:20 test2 isakmpd[292]: pf_key_v2_write: iov[1]:
Oct  1 18:57:20 test2 isakmpd[292]: 02001300 00000000 00000000 00000000
Oct  1 18:57:20 test2 isakmpd[292]: pf_key_v2_write: iov[2]:
Oct  1 18:57:20 test2 isakmpd[292]: 03000500 00000000 10020000 c0a8ca07
00000000 00000000
Oct  1 18:57:20 test2 isakmpd[292]: pf_key_v2_write: iov[3]:
Oct  1 18:57:20 test2 isakmpd[292]: 03000600 00000000 10020000 c0a8ca38
00000000 00000000
Oct  1 18:57:20 test2 isakmpd[292]: pf_key_v2_write: iov[4]:
Oct  1 18:57:20 test2 isakmpd[292]: 02001000 00010000 ffffffff 00000000
Oct  1 18:57:20 test2 isakmpd[292]: pf_key_v2_read: msg:
Oct  1 18:57:20 test2 isakmpd[292]: 02010003 0a000000 04000000 24010000
02000100 909b3932 00000000 00000000
Oct  1 18:57:20 test2 isakmpd[292]: 03000500 00000000 10020000 c0a8ca07
00000000 00000000 03000600 00000000
Oct  1 18:57:20 test2 isakmpd[292]: 10020000 c0a8ca38 00000000 00000000
Oct  1 18:57:20 test2 isakmpd[292]: pf_key_v2_get_spi: spi:
Oct  1 18:57:20 test2 isakmpd[292]: 909b3932
Oct  1 18:57:20 test2 isakmpd[292]: pf_key_v2_set_spi: satype 3 dst
192.168.202.7 SPI 0xfe83bff6
Oct  1 18:57:20 test2 isakmpd[292]: pf_key_v2_write: iov[0]:
Oct  1 18:57:20 test2 isakmpd[292]: 02030003 1b000000 05000000 24010000
Oct  1 18:57:20 test2 isakmpd[292]: pf_key_v2_write: iov[1]:
Oct  1 18:57:20 test2 isakmpd[292]: 02001300 00000000 00000000 00000000
Oct  1 18:57:20 test2 isakmpd[292]: pf_key_v2_write: iov[2]:
Oct  1 18:57:20 test2 isakmpd[292]: 02000100 fe83bff6 10010203 00000000
Oct  1 18:57:20 test2 isakmpd[292]: pf_key_v2_write: iov[3]:
Oct  1 18:57:20 test2 isakmpd[292]: 04000300 00000000 00000000 00000000
3c000000 00000000 00000000 00000000
Oct  1 18:57:20 test2 isakmpd[292]: pf_key_v2_write: iov[4]:
Oct  1 18:57:20 test2 isakmpd[292]: 04000400 00000000 00000000 00000000
36000000 00000000 00000000 00000000
Oct  1 18:57:20 test2 isakmpd[292]: pf_key_v2_write: iov[5]:
Oct  1 18:57:20 test2 isakmpd[292]: 03000500 00000000 10020000 c0a8ca38
00000000 00000000
Oct  1 18:57:20 test2 isakmpd[292]: pf_key_v2_write: iov[6]:
Oct  1 18:57:20 test2 isakmpd[292]: 03000600 00000000 10020000 c0a8ca07
00000000 00000000
Oct  1 18:57:20 test2 isakmpd[292]: pf_key_v2_write: iov[7]:
Oct  1 18:57:20 test2 isakmpd[292]: 03000800 80000000 fb05f4a6 f319d268
8389edac 890941e1
Oct  1 18:57:20 test2 isakmpd[292]: pf_key_v2_write: iov[8]:
Oct  1 18:57:20 test2 isakmpd[292]: 04000900 c0000000 d2c44dea 73611b50
40513cdf 8ff4b600 40f98efa c9d65732
Oct  1 18:57:20 test2 isakmpd[292]: pf_key_v2_write: writev (3, =
0x807d600,
9) failed