[ previous ] [ next ] [ threads ]
 
 From:  Chris Buechler <cbuechler at gmail dot com>
 To:  m0n0wall at lists dot m0n0 dot ch
 Subject:  Re: [m0n0wall] m0n0wall <-> FreeS/WAN - Hints??
 Date:  Tue, 7 Dec 2004 19:15:54 -0500 
On Tue, 7 Dec 2004 20:04:29 +0100, Morten Trab <mailing at trab dot dk> wrote:
> Tnx...Tried that one now, but the result is NO output from the FreeS/WAN box
> when running the ipsec auto --up command...
> The logs from m0n0wall states this:
> 
> Dec 7 20:01:16  racoon: ERROR: isakmp.c:1447:isakmp_ph1resend(): phase1
> negotiation failed due to time up. e33738dd49417f93:4ab2acf98c12aa11
> Dec 7 20:00:56  racoon: NOTIFY: isakmp.c:267:isakmp_handler(): the packet is
> retransmitted by 80.197.xxx.xxx[500].
> Dec 7 20:00:16  racoon: INFO: isakmp.c:909:isakmp_ph1begin_r(): begin
> Identity Protection mode.
> Dec 7 20:00:16  racoon: INFO: isakmp.c:904:isakmp_ph1begin_r(): respond new
> phase 1 negotiation: 80.62.xxx.xxx[500]<=>80.197.xxx.xxx[500]
> 

I'm not familiar at all with FreeS/WAN in particular, but that message
means something in phase 1 isn't matching up between the two ends. 
Check your mode, identifiers, encrypt, hash, DH key, and psk to make
sure it's all in line on both sides.

-Chris