Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Invalid agument

    Scheduled Pinned Locked Moved IPsec
    4 Posts 3 Posters 3.4k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • J
      Jonb
      last edited by

      I get this in my IPsec logs and I was wondering if it is a problem.

      Nov 9 17:46:59 racoon: INFO: 127.0.0.1[500] used as isakmp port (fd=19)
      Nov 9 17:46:59 racoon: WARNING: setsockopt(UDP_ENCAP_ESPINUDP_NON_IKE): Invalid argument
      Nov 9 17:46:59 racoon: INFO: fe80::206:5bff::c%xl0[500] used as isakmp port (fd=20)
      Nov 9 17:46:59 racoon: INFO: fe80::210:a7ff:      :      %rl0[500] used as isakmp port (fd=21)
      Nov 9 17:46:59 racoon: INFO: 10.255.0.200[500] used as isakmp port (fd=22)
      Nov 9 17:46:59 racoon: WARNING: setsockopt(UDP_ENCAP_ESPINUDP_NON_IKE): Invalid argument
      Nov 9 17:46:59 racoon: INFO: 194.106..[500] used as isakmp port (fd=15)
      Nov 9 17:46:59 racoon: WARNING: setsockopt(UDP_ENCAP_ESPINUDP_NON_IKE): Invalid argument
      Nov 9 17:46:59 racoon: INFO: fe80::210:a7ff::%ng0[500] used as isakmp port (fd=16)
      Nov 9 17:46:59 racoon: INFO: fe80::1%lo0[500] used as isakmp port (fd=17)
      Nov 9 17:46:59 racoon: INFO: ::1[500] used as isakmp port (fd=18)
      Nov 9 17:46:59 racoon: INFO: 127.0.0.1[500] used as isakmp port (fd=19)
      Nov 9 17:46:59 racoon: WARNING: setsockopt(UDP_ENCAP_ESPINUDP_NON_IKE): Invalid argument
      Nov 9 17:46:59 racoon: INFO: fe80::206:5bff::%xl0[500] used as isakmp port (fd=20)
      Nov 9 17:46:59 racoon: INFO: fe80::210:a7ff::%rl0[500] used as isakmp port (fd=21)
      Nov 9 17:46:59 racoon: INFO: 10.255.0.[500] used as isakmp port (fd=22)
      Nov 9 17:46:59 racoon: WARNING: setsockopt(UDP_ENCAP_ESPINUDP_NON_IKE): Invalid argument
      Nov 9 17:46:59 racoon: INFO: 194.106.      .[500] used as isakmp port (fd=15)
      Nov 9 17:46:59 racoon: WARNING: setsockopt(UDP_ENCAP_ESPINUDP_NON_IKE): Invalid argument
      Nov 9 17:46:59 racoon: INFO: fe80::210:a7ff:      :%ng0[500] used as isakmp port (fd=16)
      Nov 9 17:46:59 racoon: INFO: fe80::1%lo0[500] used as isakmp port (fd=17)
      Nov 9 17:46:59 racoon: INFO: ::1[500] used as isakmp port (fd=18)
      Nov 9 17:46:59 racoon: INFO: 127.0.0.1[500] used as isakmp port (fd=19)
      Nov 9 17:46:59 racoon: WARNING: setsockopt(UDP_ENCAP_ESPINUDP_NON_IKE): Invalid argument
      Nov 9 17:46:59 racoon: INFO: fe80::206:5bff:      :%xl0[500] used as isakmp port (fd=20)
      Nov 9 17:46:59 racoon: INFO: fe80::210:a7ff:      :%rl0[500] used as isakmp port (fd=21)
      Nov 9 17:46:59 racoon: INFO: 10.255.0.      [500] used as isakmp port (fd=22)
      Nov 9 17:46:59 racoon: WARNING: setsockopt(UDP_ENCAP_ESPINUDP_NON_IKE): Invalid argument
      Nov 10 08:54:12 racoon: INFO: caught signal 15
      Nov 10 08:54:13 racoon: INFO: racoon shutdown
      Nov 10 08:54:14 racoon: INFO: @(#)ipsec-tools 0.6.6 (http://ipsec-tools.sourceforge.net)
      Nov 10 08:54:14 racoon: INFO: @(#)This product linked OpenSSL 0.9.7e-p1 25 Oct 2004 (http://www.openssl.org/)
      Nov 10 08:54:14 racoon: INFO: 194.106..[500] used as isakmp port (fd=13)
      Nov 10 08:54:14 racoon: WARNING: setsockopt(UDP_ENCAP_ESPINUDP_NON_IKE): Invalid argument
      Nov 10 08:54:14 racoon: INFO: fe80::210:a7ff::%ng0[500] used as isakmp port (fd=14)
      Nov 10 08:54:14 racoon: INFO: fe80::1%lo0[500] used as isakmp port (fd=15)
      Nov 10 08:54:14 racoon: INFO: ::1[500] used as isakmp port (fd=16)
      Nov 10 08:54:14 racoon: INFO: 127.0.0.1[500] used as isakmp port (fd=17)
      Nov 10 08:54:14 racoon: WARNING: setsockopt(UDP_ENCAP_ESPINUDP_NON_IKE): Invalid argument
      Nov 10 08:54:14 racoon: INFO: fe80::206:5bff::c%xl0[500] used as isakmp port (fd=18)
      Nov 10 08:54:14 racoon: INFO: fe80::210:a7ff:      :      %rl0[500] used as isakmp port (fd=19)
      Nov 10 08:54:14 racoon: INFO: 10.255..[500] used as isakmp port (fd=20)
      Nov 10 08:54:14 racoon: WARNING: setsockopt(UDP_ENCAP_ESPINUDP_NON_IKE): Invalid argument
      Nov 10 08:55:00 racoon: INFO: IPsec-SA request for 195.92.46.30 queued due to no phase1 found.
      Nov 10 08:55:00 racoon: INFO: initiate new phase 1 negotiation: 194.106..[500]<=>195.92..[500]
      Nov 10 08:55:00 racoon: INFO: begin Identity Protection mode.
      Nov 10 08:55:00 racoon: INFO: ISAKMP-SA established 194.106..[500]-195.92..[500] spi:d552305673dcc01e:698fe871d3817e9d
      Nov 10 08:55:01 racoon: INFO: initiate new phase 2 negotiation: 194.106..[500]<=>195.92..[500]
      Nov 10 08:55:01 racoon: INFO: IPsec-SA established: ESP/Tunnel 195.92..[0]->194.106..[0] spi=178045249(0xa9cc141)
      Nov 10 08:55:01 racoon: INFO: IPsec-SA established: ESP/Tunnel 194.106..[0]->195.92..[0] spi=3655367396(0xd9e07ae4)

      Hosted desktops and servers with support without complication.
      www.blueskysystems.co.uk

      1 Reply Last reply Reply Quote 0
      • H
        hoba
        last edited by

        As long as it is working you can consider it being just a debug output. Racoon is logging quite a lot of info usually.

        1 Reply Last reply Reply Quote 0
        • J
          Jonb
          last edited by

          It is working.  Somtimes it takes awail or I have to resave the ipsec stuff then it works.  I was just wondering over the invalid agument bit.

          Hosted desktops and servers with support without complication.
          www.blueskysystems.co.uk

          1 Reply Last reply Reply Quote 0
          • D
            Delex
            last edited by

            What happens if you increase the PFS key group setting to 2 on the second layer.
            I had this problem also, renewed the setup several times and now its gone (now using ESP-3DES-SHA1-PFS Key 2).

            1 Reply Last reply Reply Quote 0
            • First post
              Last post
            Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.