[ previous ] [ next ] [ threads ]
 
 From:  "Josh M. Hurd" <Josh at SvrX dot com>
 To:  <m0n0wall at lists dot m0n0 dot ch>
 Subject:  Another IPSec question
 Date:  Mon, 31 Jan 2005 21:32:00 -0800 (PST)
I am having trouble with getting a good IPSec connection between my two
networks.
I have ensured all settings match.  Logs seem to tell me that I have a
good connection but no traffic passes through.  I can't ping anything on
the other side or make any kind of connection.
I can however ping and connect to the remote monowall.

Both monowalls are v1.2b3

here is a snippet from the logs:

racoon: INFO: pfkey.c:1420:pk_recvadd(): IPsec-SA established: ESP/Tunnel
aaa.aaa.aaa.aaa->bbb.bbb.bbb.bbb spi=163301718(0x9bbc956)
Jan 31 21:19:35
racoon: INFO: pfkey.c:1197:pk_recvupdate(): IPsec-SA established:
ESP/Tunnel bbb.bbb.bbb.bbb->aaa.aaa.aaa.aaa spi=9558935(0x91db97)
Jan 31 21:19:34
/kernel: WARNING: pseudo-random number generator used for IPsec processing

Jan 31 21:19:34
racoon: INFO: isakmp.c:1059:isakmp_ph2begin_r(): respond new phase 2
negotiation: aaa.aaa.aaa.aaa[0]<=>bbb.bbb.bbb.bbb[0]
Jan 31 21:19:33
racoon: INFO: isakmp.c:2459:log_ph1established(): ISAKMP-SA established
aaa.aaa.aaa.aaa[500]-bbb.bbb.bbb.bbb[500]
spi:220aeb14ab83a134:41e1697035690fb1
Jan 31 21:19:33
racoon: INFO: vendorid.c:128:check_vendorid(): received Vendor ID:
KAME/racoon
Jan 31 21:19:33
racoon: INFO: isakmp.c:909:isakmp_ph1begin_r(): begin Identity Protection
mode.
Jan 31 21:19:33
racoon: INFO: isakmp.c:904:isakmp_ph1begin_r(): respond new phase 1
negotiation: aaa.aaa.aaa.aaa[500]<=>bbb.bbb.bbb.bbb[500]