• Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Search
  • Register
  • Login
Netgate Discussion Forum
  • Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Search
  • Register
  • Login

Racoon "unsupported PF_KEY message REGISTER"

Scheduled Pinned Locked Moved IPsec
1 Posts 1 Posters 6.8k Views
Loading More Posts
  • Oldest to Newest
  • Newest to Oldest
  • Most Votes
Reply
  • Reply as topic
Log in to reply
This topic has been deleted. Only users with topic management privileges can see it.
  • W
    wwalker
    last edited by Jun 30, 2008, 8:36 PM

    I keep getting this error. "unsupported PF_KEY message REGISTER"

    I set it up in the GUI, but the config is shown below.  the remote party tells me it's a Cicso 5510.

    According the the other party, they are choosing this in their VPN wizard:

    Site-to-Site
    VPN tunnel interface "outside"
    Peer 9.10.36.78
    preshared key XXXXXXX
    tunnel group name 9.10.36.78
    IKE Policy - 3DES/SHA/2
    IPSEC Enc and Auth - 3DES/SHA

    ipsec.log:

    Jun 30 14:54:12 pfSense001 racoon: INFO: 9.10.36.70[500] used as isakmp port (fd=28)
    Jun 30 14:54:12 pfSense001 racoon: INFO: fe80::1%lo0[500] used as isakmp port (fd=29)
    Jun 30 14:54:12 pfSense001 racoon: INFO: ::1[500] used as isakmp port (fd=30)
    Jun 30 14:54:12 pfSense001 racoon: INFO: 127.0.0.1[500] used as isakmp port (fd=31)
    Jun 30 14:54:12 pfSense001 racoon: INFO: fe80::20d:56ff:fefe:4687%bge1[500] used as isakmp port (fd=32)
    Jun 30 14:54:12 pfSense001 racoon: INFO: 10.1.10.2[500] used as isakmp port (fd=33)
    Jun 30 14:54:12 pfSense001 racoon: INFO: fe80::20d:56ff:fefe:4686%bge0[500] used as isakmp port (fd=34)
    Jun 30 14:54:12 pfSense001 racoon: INFO: 9.10.36.78[500] used as isakmp port (fd=35)
    Jun 30 14:54:12 pfSense001 racoon: INFO: unsupported PF_KEY message REGISTER

    /var/etc/racoon.conf:

    path pre_shared_key "/var/etc/psk.txt";

    path certificate  "/var/etc";

    remote 9.10.63.34 {
            exchange_mode main;
            my_identifier address "9.10.36.78";

    peers_identifier address 9.10.63.34;
            initial_contact on;
            support_proxy on;
            proposal_check obey;

    proposal {
                    encryption_algorithm 3des;
                    hash_algorithm sha1;
                    authentication_method pre_shared_key;
                    dh_group 2;
            }
    }

    sainfo address 10.1.10.0/24 any address 10.0.0.0/24 any {
            encryption_algorithm 3des,blowfish,cast128,rijndael,rijndael 256;
            authentication_algorithm hmac_sha1;
            compression_algorithm deflate;
    }

    1 Reply Last reply Reply Quote 0
    1 out of 1
    • First post
      1/1
      Last post
    Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.
      This community forum collects and processes your personal information.
      consent.not_received