[ previous ] [ next ] [ threads ]
 From:  "Elijah Savage" <esavage at digitalrage dot org>
 To:  <m0n0wall at lists dot m0n0 dot ch>
 Subject:  RE: [m0n0wall] m0n0 to cisco point to point ipsec
 Date:  Fri, 4 Mar 2005 22:25:55 -0500
The log on my end always looks like pasted below.  Does anyone have a
working m0n0 to cisco setup and are willing to >share the configuration
from both ends?

Thanks in advance,

racoon: ERROR: pfkey.c:804:pfkey_timeover(): xxx.xxx.xxx.xxx give up to
get IPsec-SA due to time up to wait. 
racoon: ERROR: isakmp_inf.c:840:isakmp_info_recv_n(): unknown notify
message, no phase2 handle found. 
racoon: INFO: isakmp.c:952:isakmp_ph2begin_i(): initiate new phase 2
negotiation: xxx.xxx.xxx.xxx[0]<=>xxx.xxx.xxx.xxx[0]
racoon: INFO: isakmp.c:2459:log_ph1established(): ISAKMP-SA established
xxx.xxx.xxx.xxx[500]-xxx.xxx.xxx.xxx[500] spi:blahblahblah
racoon: INFO: isakmp.c:813:isakmp_ph1begin_i(): begin Identity
Protection mode. 
racoon: INFO: isakmp.c:808:isakmp_ph1begin_i(): initiate new phase 1
negotiation: xxx.xxx.xxx.xxx[500]<=>xxx.xxx.xxx.xxx[500]

To unsubscribe, e-mail: m0n0wall dash unsubscribe at lists dot m0n0 dot ch
For additional commands, e-mail: m0n0wall dash help at lists dot m0n0 dot ch



Honestly I can help you out but really need to know more about the
situation. Because the ipsec stuff on the cisco can change depending on
the situation like is he natting which is really what matters most.