4. Invalid agument

Invalid agument

  • J

    I get this in my IPsec logs and I was wondering if it is a problem.

    Nov 9 17:46:59 racoon: INFO: 127.0.0.1[500] used as isakmp port (fd=19)
    Nov 9 17:46:59 racoon: WARNING: setsockopt(UDP_ENCAP_ESPINUDP_NON_IKE): Invalid argument
    Nov 9 17:46:59 racoon: INFO: fe80::206:5bff::c%xl0[500] used as isakmp port (fd=20)
    Nov 9 17:46:59 racoon: INFO: fe80::210:a7ff:    :    %rl0[500] used as isakmp port (fd=21)
    Nov 9 17:46:59 racoon: INFO: 10.255.0.200[500] used as isakmp port (fd=22)
    Nov 9 17:46:59 racoon: WARNING: setsockopt(UDP_ENCAP_ESPINUDP_NON_IKE): Invalid argument
    Nov 9 17:46:59 racoon: INFO: 194.106..[500] used as isakmp port (fd=15)
    Nov 9 17:46:59 racoon: WARNING: setsockopt(UDP_ENCAP_ESPINUDP_NON_IKE): Invalid argument
    Nov 9 17:46:59 racoon: INFO: fe80::210:a7ff::%ng0[500] used as isakmp port (fd=16)
    Nov 9 17:46:59 racoon: INFO: fe80::1%lo0[500] used as isakmp port (fd=17)
    Nov 9 17:46:59 racoon: INFO: ::1[500] used as isakmp port (fd=18)
    Nov 9 17:46:59 racoon: INFO: 127.0.0.1[500] used as isakmp port (fd=19)
    Nov 9 17:46:59 racoon: WARNING: setsockopt(UDP_ENCAP_ESPINUDP_NON_IKE): Invalid argument
    Nov 9 17:46:59 racoon: INFO: fe80::206:5bff::%xl0[500] used as isakmp port (fd=20)
    Nov 9 17:46:59 racoon: INFO: fe80::210:a7ff::%rl0[500] used as isakmp port (fd=21)
    Nov 9 17:46:59 racoon: INFO: 10.255.0.[500] used as isakmp port (fd=22)
    Nov 9 17:46:59 racoon: WARNING: setsockopt(UDP_ENCAP_ESPINUDP_NON_IKE): Invalid argument
    Nov 9 17:46:59 racoon: INFO: 194.106.    .[500] used as isakmp port (fd=15)
    Nov 9 17:46:59 racoon: WARNING: setsockopt(UDP_ENCAP_ESPINUDP_NON_IKE): Invalid argument
    Nov 9 17:46:59 racoon: INFO: fe80::210:a7ff:    :%ng0[500] used as isakmp port (fd=16)
    Nov 9 17:46:59 racoon: INFO: fe80::1%lo0[500] used as isakmp port (fd=17)
    Nov 9 17:46:59 racoon: INFO: ::1[500] used as isakmp port (fd=18)
    Nov 9 17:46:59 racoon: INFO: 127.0.0.1[500] used as isakmp port (fd=19)
    Nov 9 17:46:59 racoon: WARNING: setsockopt(UDP_ENCAP_ESPINUDP_NON_IKE): Invalid argument
    Nov 9 17:46:59 racoon: INFO: fe80::206:5bff:    :%xl0[500] used as isakmp port (fd=20)
    Nov 9 17:46:59 racoon: INFO: fe80::210:a7ff:    :%rl0[500] used as isakmp port (fd=21)
    Nov 9 17:46:59 racoon: INFO: 10.255.0.    [500] used as isakmp port (fd=22)
    Nov 9 17:46:59 racoon: WARNING: setsockopt(UDP_ENCAP_ESPINUDP_NON_IKE): Invalid argument
    Nov 10 08:54:12 racoon: INFO: caught signal 15
    Nov 10 08:54:13 racoon: INFO: racoon shutdown
    Nov 10 08:54:14 racoon: INFO: @(#)ipsec-tools 0.6.6 (http://ipsec-tools.sourceforge.net)
    Nov 10 08:54:14 racoon: INFO: @(#)This product linked OpenSSL 0.9.7e-p1 25 Oct 2004 (http://www.openssl.org/)
    Nov 10 08:54:14 racoon: INFO: 194.106..[500] used as isakmp port (fd=13)
    Nov 10 08:54:14 racoon: WARNING: setsockopt(UDP_ENCAP_ESPINUDP_NON_IKE): Invalid argument
    Nov 10 08:54:14 racoon: INFO: fe80::210:a7ff::%ng0[500] used as isakmp port (fd=14)
    Nov 10 08:54:14 racoon: INFO: fe80::1%lo0[500] used as isakmp port (fd=15)
    Nov 10 08:54:14 racoon: INFO: ::1[500] used as isakmp port (fd=16)
    Nov 10 08:54:14 racoon: INFO: 127.0.0.1[500] used as isakmp port (fd=17)
    Nov 10 08:54:14 racoon: WARNING: setsockopt(UDP_ENCAP_ESPINUDP_NON_IKE): Invalid argument
    Nov 10 08:54:14 racoon: INFO: fe80::206:5bff::c%xl0[500] used as isakmp port (fd=18)
    Nov 10 08:54:14 racoon: INFO: fe80::210:a7ff:    :    %rl0[500] used as isakmp port (fd=19)
    Nov 10 08:54:14 racoon: INFO: 10.255..[500] used as isakmp port (fd=20)
    Nov 10 08:54:14 racoon: WARNING: setsockopt(UDP_ENCAP_ESPINUDP_NON_IKE): Invalid argument
    Nov 10 08:55:00 racoon: INFO: IPsec-SA request for 195.92.46.30 queued due to no phase1 found.
    Nov 10 08:55:00 racoon: INFO: initiate new phase 1 negotiation: 194.106..[500]<=>195.92..[500]
    Nov 10 08:55:00 racoon: INFO: begin Identity Protection mode.
    Nov 10 08:55:00 racoon: INFO: ISAKMP-SA established 194.106..[500]-195.92..[500] spi:d552305673dcc01e:698fe871d3817e9d
    Nov 10 08:55:01 racoon: INFO: initiate new phase 2 negotiation: 194.106..[500]<=>195.92..[500]
    Nov 10 08:55:01 racoon: INFO: IPsec-SA established: ESP/Tunnel 195.92..[0]->194.106..[0] spi=178045249(0xa9cc141)
    Nov 10 08:55:01 racoon: INFO: IPsec-SA established: ESP/Tunnel 194.106..[0]->195.92..[0] spi=3655367396(0xd9e07ae4)

    0
  • H

    As long as it is working you can consider it being just a debug output. Racoon is logging quite a lot of info usually.

    0
  • J

    It is working.  Somtimes it takes awail or I have to resave the ipsec stuff then it works.  I was just wondering over the invalid agument bit.

    0
  • D

    What happens if you increase the PFS key group setting to 2 on the second layer.
    I had this problem also, renewed the setup several times and now its gone (now using ESP-3DES-SHA1-PFS Key 2).

    0
Locked
 

Products

Applications

Support

Services

News

Resources

Company

Our Mission

As host of the pfSense open source firewall project, Netgate believes in enhancing network connectivity that maintains both security and privacy. We also believe everyone should be able to afford it.

Subscribe to our Newsletter

Product information, software announcements, and special offers. See our newsletter archive for past announcements.

© Copyright 2002 - 2018 Rubicon Communications, LLC | Privacy Policy