4. Invalid agument

Invalid agument

  • J

    I get this in my IPsec logs and I was wondering if it is a problem.

    Nov 9 17:46:59 racoon: INFO: 127.0.0.1[500] used as isakmp port (fd=19)
    Nov 9 17:46:59 racoon: WARNING: setsockopt(UDP_ENCAP_ESPINUDP_NON_IKE): Invalid argument
    Nov 9 17:46:59 racoon: INFO: fe80::206:5bff::c%xl0[500] used as isakmp port (fd=20)
    Nov 9 17:46:59 racoon: INFO: fe80::210:a7ff:    :    %rl0[500] used as isakmp port (fd=21)
    Nov 9 17:46:59 racoon: INFO: 10.255.0.200[500] used as isakmp port (fd=22)
    Nov 9 17:46:59 racoon: WARNING: setsockopt(UDP_ENCAP_ESPINUDP_NON_IKE): Invalid argument
    Nov 9 17:46:59 racoon: INFO: 194.106..[500] used as isakmp port (fd=15)
    Nov 9 17:46:59 racoon: WARNING: setsockopt(UDP_ENCAP_ESPINUDP_NON_IKE): Invalid argument
    Nov 9 17:46:59 racoon: INFO: fe80::210:a7ff::%ng0[500] used as isakmp port (fd=16)
    Nov 9 17:46:59 racoon: INFO: fe80::1%lo0[500] used as isakmp port (fd=17)
    Nov 9 17:46:59 racoon: INFO: ::1[500] used as isakmp port (fd=18)
    Nov 9 17:46:59 racoon: INFO: 127.0.0.1[500] used as isakmp port (fd=19)
    Nov 9 17:46:59 racoon: WARNING: setsockopt(UDP_ENCAP_ESPINUDP_NON_IKE): Invalid argument
    Nov 9 17:46:59 racoon: INFO: fe80::206:5bff::%xl0[500] used as isakmp port (fd=20)
    Nov 9 17:46:59 racoon: INFO: fe80::210:a7ff::%rl0[500] used as isakmp port (fd=21)
    Nov 9 17:46:59 racoon: INFO: 10.255.0.[500] used as isakmp port (fd=22)
    Nov 9 17:46:59 racoon: WARNING: setsockopt(UDP_ENCAP_ESPINUDP_NON_IKE): Invalid argument
    Nov 9 17:46:59 racoon: INFO: 194.106.    .[500] used as isakmp port (fd=15)
    Nov 9 17:46:59 racoon: WARNING: setsockopt(UDP_ENCAP_ESPINUDP_NON_IKE): Invalid argument
    Nov 9 17:46:59 racoon: INFO: fe80::210:a7ff:    :%ng0[500] used as isakmp port (fd=16)
    Nov 9 17:46:59 racoon: INFO: fe80::1%lo0[500] used as isakmp port (fd=17)
    Nov 9 17:46:59 racoon: INFO: ::1[500] used as isakmp port (fd=18)
    Nov 9 17:46:59 racoon: INFO: 127.0.0.1[500] used as isakmp port (fd=19)
    Nov 9 17:46:59 racoon: WARNING: setsockopt(UDP_ENCAP_ESPINUDP_NON_IKE): Invalid argument
    Nov 9 17:46:59 racoon: INFO: fe80::206:5bff:    :%xl0[500] used as isakmp port (fd=20)
    Nov 9 17:46:59 racoon: INFO: fe80::210:a7ff:    :%rl0[500] used as isakmp port (fd=21)
    Nov 9 17:46:59 racoon: INFO: 10.255.0.    [500] used as isakmp port (fd=22)
    Nov 9 17:46:59 racoon: WARNING: setsockopt(UDP_ENCAP_ESPINUDP_NON_IKE): Invalid argument
    Nov 10 08:54:12 racoon: INFO: caught signal 15
    Nov 10 08:54:13 racoon: INFO: racoon shutdown
    Nov 10 08:54:14 racoon: INFO: @(#)ipsec-tools 0.6.6 (http://ipsec-tools.sourceforge.net)
    Nov 10 08:54:14 racoon: INFO: @(#)This product linked OpenSSL 0.9.7e-p1 25 Oct 2004 (http://www.openssl.org/)
    Nov 10 08:54:14 racoon: INFO: 194.106..[500] used as isakmp port (fd=13)
    Nov 10 08:54:14 racoon: WARNING: setsockopt(UDP_ENCAP_ESPINUDP_NON_IKE): Invalid argument
    Nov 10 08:54:14 racoon: INFO: fe80::210:a7ff::%ng0[500] used as isakmp port (fd=14)
    Nov 10 08:54:14 racoon: INFO: fe80::1%lo0[500] used as isakmp port (fd=15)
    Nov 10 08:54:14 racoon: INFO: ::1[500] used as isakmp port (fd=16)
    Nov 10 08:54:14 racoon: INFO: 127.0.0.1[500] used as isakmp port (fd=17)
    Nov 10 08:54:14 racoon: WARNING: setsockopt(UDP_ENCAP_ESPINUDP_NON_IKE): Invalid argument
    Nov 10 08:54:14 racoon: INFO: fe80::206:5bff::c%xl0[500] used as isakmp port (fd=18)
    Nov 10 08:54:14 racoon: INFO: fe80::210:a7ff:    :    %rl0[500] used as isakmp port (fd=19)
    Nov 10 08:54:14 racoon: INFO: 10.255..[500] used as isakmp port (fd=20)
    Nov 10 08:54:14 racoon: WARNING: setsockopt(UDP_ENCAP_ESPINUDP_NON_IKE): Invalid argument
    Nov 10 08:55:00 racoon: INFO: IPsec-SA request for 195.92.46.30 queued due to no phase1 found.
    Nov 10 08:55:00 racoon: INFO: initiate new phase 1 negotiation: 194.106..[500]<=>195.92..[500]
    Nov 10 08:55:00 racoon: INFO: begin Identity Protection mode.
    Nov 10 08:55:00 racoon: INFO: ISAKMP-SA established 194.106..[500]-195.92..[500] spi:d552305673dcc01e:698fe871d3817e9d
    Nov 10 08:55:01 racoon: INFO: initiate new phase 2 negotiation: 194.106..[500]<=>195.92..[500]
    Nov 10 08:55:01 racoon: INFO: IPsec-SA established: ESP/Tunnel 195.92..[0]->194.106..[0] spi=178045249(0xa9cc141)
    Nov 10 08:55:01 racoon: INFO: IPsec-SA established: ESP/Tunnel 194.106..[0]->195.92..[0] spi=3655367396(0xd9e07ae4)

    0
  • H

    As long as it is working you can consider it being just a debug output. Racoon is logging quite a lot of info usually.

    0
  • J

    It is working.  Somtimes it takes awail or I have to resave the ipsec stuff then it works.  I was just wondering over the invalid agument bit.

    0
  • D

    What happens if you increase the PFS key group setting to 2 on the second layer.
    I had this problem also, renewed the setup several times and now its gone (now using ESP-3DES-SHA1-PFS Key 2).

    0
Log in to reply
 

Products

Services

Support

News

Resources

Company

Our Mission

We provide leading-edge network security at a fair price - regardless of organizational size or network sophistication. We believe that an open-source security model offers disruptive pricing along with the agility required to quickly address emerging threats.

Subscribe to our Newsletter

Product information, software announcements, and special offers. See our newsletter archive for past announcements.

© 2020 Rubicon Communications, LLC | Privacy Policy