IPSEC errors

_igor_ · Aug 3, 2009, 1:14 PM

I try to establish a IPSE GREtunnel to a Cisco-Router, but get errors :

Aug 3 14:55:02 racoon: [buba Router]: INFO: ISAKMP-SA deleted 87.79.y.y[500]-87.79.x.x[500] spi:974399b9818400b5:77df74cf3994ec23
Aug 3 14:55:01 racoon: INFO: unsupported PF_KEY message REGISTER
Aug 3 14:55:01 racoon: INFO: 10.112.35.13[500] used for NAT-T
Aug 3 14:55:01 racoon: [Self]: INFO: 10.112.35.13[500] used as isakmp port (fd=16)
Aug 3 14:55:01 racoon: INFO: 127.0.0.1[500] used for NAT-T
Aug 3 14:55:01 racoon: [Self]: INFO: 127.0.0.1[500] used as isakmp port (fd=15)
Aug 3 14:55:01 racoon: INFO: 87.79.y.y[500] used for NAT-T
Aug 3 14:55:01 racoon: [Self]: INFO: 87.79.y.y[500] used as isakmp port (fd=14)
Aug 3 14:55:01 racoon: INFO: 10.0.5.4[500] used for NAT-T
Aug 3 14:55:01 racoon: [Self]: INFO: 10.0.5.4[500] used as isakmp port (fd=0)
Aug 3 14:40:35 racoon: [buba Router]: ERROR: 87.79.x.x give up to get IPsec-SA due to time up to wait.
Aug 3 14:40:05 racoon: ERROR: Message: '4 Q " N, x Yh Q F '.
Aug 3 14:40:05 racoon: ERROR: fatal NO-PROPOSAL-CHOSEN notify messsage, phase1 should be deleted.
Aug 3 14:40:05 racoon: [buba Router]: INFO: initiate new phase 2 negotiation: 87.79.y.y[500]<=>87.79.x.x[500]
Aug 3 14:40:04 racoon: [buba Router]: INFO: ISAKMP-SA established 87.79.y.y[500]-87.79.x.x[500] spi:974399b9818400b5:77df74cf3994ec23
Aug 3 14:40:04 racoon: NOTIFY: couldn't find the proper pskey, try to get one by the peer's address.
Aug 3 14:40:04 racoon: WARNING: port 500 expected, but 0
Aug 3 14:40:04 racoon: INFO: received Vendor ID: draft-ietf-ipsra-isakmp-xauth-06.txt
Aug 3 14:40:04 racoon: INFO: received Vendor ID: DPD
Aug 3 14:40:04 racoon: INFO: received Vendor ID: CISCO-UNITY
Aug 3 14:40:04 racoon: INFO: begin Aggressive mode.
Aug 3 14:40:04 racoon: [buba Router]: INFO: initiate new phase 1 negotiation: 87.79.y.y[500]<=>87.79.x.x[500]
Aug 3 14:40:04 racoon: [buba Router]: INFO: IPsec-SA request for 87.79.x.x queued due to no phase1 found.

The message "unsupported PF_KEY message REGISTER" makes me scratch my head. Is it a config-error or racoon has problems?
the second message is about port 500: WARNING: port 500 expected, but 0.