[ previous ] [ next ] [ threads ]
 
 From:  Jesse Guardiani <jesse at wingnet dot net>
 To:  m0n0wall at lists dot m0n0 dot ch
 Subject:  ipsec issues - tunnel from 1.11 -> 1.2b3
 Date:  Tue, 14 Dec 2004 09:54:07 -0500
I'm attempting to set up an IPSec tunnel between a
1.11 box and a 1.2b3 box. My phase1 negotiation is
working, but phase2 (ESP) fails. See below for the
logs on the 1.2b3 machine (most recent first):

Dec 14 09:49:51  racoon: ERROR: pfkey.c:804:pfkey_timeover(): 216.64.98.249 give up to get IPsec-SA
due to time up to wait.
Dec 14 09:49:41  last message repeated 2 times
Dec 14 09:49:21  racoon: ERROR: isakmp_inf.c:141:isakmp_info_recv(): ignore information because the
message has no hash payload.
Dec 14 09:49:21  racoon: INFO: isakmp.c:952:isakmp_ph2begin_i(): initiate new phase 2 negotiation:
216.64.98.233[0]<=>216.64.98.249[0]

I've double checked my configs, and they appear to be
the same on both ends, with the exception of phase1
pre-shared keys.

Any ideas?

-- 
Jesse Guardiani, Systems Administrator
WingNET Internet Services,
P.O. Box 2605 // Cleveland, TN 37320-2605
423-559-LINK (v)  423-559-5145 (f)
http://www.wingnet.net