IPSec

From:	"Seth Rothenberg" <seth at pachai dot net>
To:	m0n0wall at lists dot m0n0 dot ch
Subject:	IPSec
Date:	Wed, 24 Nov 2004 20:08:20 -0500 (EST)
Thanks for people who helped me with IPSec.
I tried updating IPSec, changing key, and reactivating it
with clear logs, and I got log info only on the local server.

(this is a symmetric link, the fact that it is local
is not a factor.)

I did have one question.
The field Pre-Shared Key at the end of Phase I...
should that match information on another screen of the local machine?
(The two Pre-Shared Key fields match between the m0n0's)

Thanks
Seth



==================================================================
Local:
==================================================================
Nov 24 19:39:15 	racoon: INFO: isakmp.c:1368:isakmp_open(): 10.248.126.2[500]
used as isakmp port (fd=11)
Nov 24 19:39:15 	racoon: INFO: isakmp.c:1368:isakmp_open():
216.220.103.181[500] used as isakmp port (fd=10)
Nov 24 19:39:15 	racoon: INFO: isakmp.c:1368:isakmp_open(): 127.0.0.1[500]
used as isakmp port (fd=9)
Nov 24 19:39:15 	racoon: INFO: isakmp.c:1368:isakmp_open(): 10.248.127.1[500]
used as isakmp port (fd=8)
Nov 24 19:39:15 	racoon: INFO: isakmp.c:1368:isakmp_open(): 10.248.19.126[500]
used as isakmp port (fd=7)
Nov 24 19:39:15 	racoon: INFO: main.c:175:main(): @(#)This product linked
OpenSSL 0.9.7d 17 Mar 2004 (http://www.openssl.org/)
Nov 24 19:39:15 	racoon: INFO: main.c:174:main(): @(#)internal version
20001216 sakane at kame dot net
Nov 24 19:39:15 	racoon: INFO: main.c:172:main(): @(#)package version
freebsd-20040818a
Nov 24 19:39:13 	racoon: INFO: session.c:180:close_session(): racoon shutdown
Nov 24 19:39:12 	racoon: INFO: session.c:299:check_sigreq(): caught signal 15
Nov 24 19:31:23 	dhcpd: For info, please visit http://www.isc.org/sw/dhcp/
Nov 24 19:31:23 	dhcpd: All rights reserved.
Nov 24 19:31:23 	dhcpd: Copyright 2004 Internet Systems Consortium.
Nov 24 19:31:23 	dhcpd: Internet Systems Consortium DHCP Server V3.0.1rc14
Nov 24 19:31:21 	dnsmasq[10346]: using nameserver 216.220.96.17#53
Nov 24 19:31:21 	dnsmasq[10346]: using nameserver 216.220.96.18#53
Nov 24 19:31:21 	dnsmasq[10346]: reading /etc/resolv.conf
Nov 24 19:31:21 	dnsmasq[10346]: read /etc/hosts - 4 addresses
Nov 24 19:31:21 	dnsmasq[10346]: started, version 1.18 cachesize 150
Nov 24 19:31:19 	dhcpd: For info, please visit http://www.isc.org/sw/dhcp/
Nov 24 19:31:19 	dhcpd: All rights reserved.
Nov 24 19:31:19 	dhcpd: Copyright 2004 Internet Systems Consortium.
Nov 24 19:31:19 	dhcpd: Internet Systems Consortium DHCP Server V3.0.1rc14
Nov 24 19:31:17 	racoon: ERROR: pfkey.c:2292:pk_recvspddump(): such policy
already exists. anyway replace it: 10.248.126.0/24[0] 10.248.56.0/24[0]
proto=any dir=out
Nov 24 19:31:17 	racoon: ERROR: pfkey.c:2292:pk_recvspddump(): such policy
already exists. anyway replace it: 10.248.126.2/32[0] 10.248.126.0/24[0]
proto=any dir=out
Nov 24 19:31:17 	racoon: ERROR: pfkey.c:2292:pk_recvspddump(): such policy
already exists. anyway replace it: 10.248.56.0/24[0] 10.248.126.0/24[0]
proto=any dir=in
Nov 24 19:31:17 	racoon: ERROR: pfkey.c:2292:pk_recvspddump(): such policy
already exists. anyway replace it: 10.248.126.0/24[0] 10.248.126.2/32[0]
proto=any dir=in
Nov 24 19:31:17 	racoon: INFO: isakmp.c:1368:isakmp_open(): 10.248.126.2[500]
used as isakmp port (fd=11)
Nov 24 19:31:17 	racoon: INFO: isakmp.c:1368:isakmp_open():
216.220.103.181[500] used as isakmp port (fd=10)
Nov 24 19:31:16 	racoon: INFO: isakmp.c:1368:isakmp_open(): 127.0.0.1[500]
used as isakmp port (fd=9)
Nov 24 19:31:16 	racoon: INFO: isakmp.c:1368:isakmp_open(): 10.248.127.1[500]
used as isakmp port (fd=8)
Nov 24 19:31:16 	racoon: INFO: isakmp.c:1368:isakmp_open(): 10.248.19.126[500]
used as isakmp port (fd=7)
Nov 24 19:31:15 	racoon: INFO: main.c:175:main(): @(#)This product linked
OpenSSL 0.9.7d 17 Mar 2004 (http://www.openssl.org/)
Nov 24 19:31:15 	racoon: INFO: main.c:174:main(): @(#)internal version
20001216 sakane at kame dot net
Nov 24 19:31:15 	racoon: INFO: main.c:172:main(): @(#)package version
freebsd-20040818a
Nov 24 19:31:14 	racoon: INFO: session.c:180:close_session(): racoon shutdown
Nov 24 19:31:13 	racoon: INFO: session.c:299:check_sigreq(): caught signal 15
Nov 24 19:31:10 	/kernel: wi0: timeout in wi_seek to 14c/3c; last status 403c


==================================================================
Remote:
==================================================================