|
||||||||
Previously I had an issue with my VPN (m0n0wall to Cisco PIX) break down. This was because a device was started up with the same IP address as the PIX's internal address. Many headaches later I got it going again. Everything was fine until a couple days ago I loaded up a OS in VMWare at the office, forgetting that the IP address was the same as the PIX's. Well it broke down the VPN tunnel. Now, the solution generally was to reboot the PIX, reboot the m0n0wall, and everything is back to normal. Except this time I was getting these errors: Feb 5 03:16:34 /kernel: WARNING: pseudo-random number generator used for IPsec processing Feb 5 03:16:34 racoon: WARNING: ignore RESPONDER-LIFETIME notification. Feb 5 03:16:35 racoon: WARNING: attribute has been modified. The SA's would be established, but no traffic was going through (i.e. no access to the PIX). When I was at the office today the PIX reported through the PDM no tunnels established. Since no config changes have been made on either side, I could not figure out why the tunnel would be acting this way. So I thought possibly the m0n0wall files had become an issue (installed on a hard drive). I decided to "update" the firmware, although it was the same revision. M0n0wall rebooted, and first thing I did was ping a machine on the other end. At first attempt I had 66% packet loss, but at least something got through. Second attempt 0% loss and now everything is working fine, except for these error messages. Feb 5 03:16:34 racoon: WARNING: ignore RESPONDER-LIFETIME notification. This has me stumped as all lifetimes match. Feb 5 03:16:35 racoon: WARNING: attribute has been modified. It sure would be nice to know what attribute exactly it is refering to? At the moment since the tunnel works, I really wonder what these errors are refering to? Sean Waite SBN Services www.SBN-Services.com 314 Clifton Avenue, Suite C201 Minneapolis, MN 55403 Office: (612) 871-8774 Mobile: (612) 669-8858 |