Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Big trouble with IPsec site 2 site connection - solved

    Scheduled Pinned Locked Moved IPsec
    3 Posts 2 Posters 2.4k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • F
      flyingconsulting
      last edited by

      Hi there,

      ich get no great gui debug, so I use the command line

      racoon -d -F -v -f /var/etc/racoon.conf

      Foreground mode.
      2010-10-21 13:18:07: INFO: @(#)ipsec-tools 0.7.2 (http://ipsec-tools.sourceforge.net)
      2010-10-21 13:18:07: INFO: @(#)This product linked OpenSSL 0.9.8e 23 Feb 2007 (http://www.openssl.org/)
      2010-10-21 13:18:07: INFO: Reading configuration from "/var/etc/racoon.conf"
      2010-10-21 13:18:07: DEBUG: call pfkey_send_register for AH
      2010-10-21 13:18:07: DEBUG: call pfkey_send_register for ESP
      2010-10-21 13:18:07: DEBUG: call pfkey_send_register for IPCOMP
      2010-10-21 13:18:07: DEBUG: reading config file /var/etc/racoon.conf
      2010-10-21 13:18:07: DEBUG: hmac(modp1024)
      2010-10-21 13:18:07: DEBUG: compression algorithm can not be checked because sadb message doesn't support it.
      2010-10-21 13:18:07: DEBUG: getsainfo params: loc='X.X.X.X', rmt='X.X.X.X', peer='NULL', id=0
      2010-10-21 13:18:07: DEBUG: getsainfo pass #2
      2010-10-21 13:18:07: DEBUG: open /var/db/racoon/racoon.sock as racoon management.
      2010-10-21 13:18:07: DEBUG: my interface: X.X.X.X (bge0)
      2010-10-21 13:18:07: DEBUG: my interface: X.X.X.X (em0)
      2010-10-21 13:18:07: DEBUG: my interface: X.X.X.X (em3)
      2010-10-21 13:18:07: DEBUG: my interface: X.X.X.X (bce1)
      2010-10-21 13:18:07: DEBUG: my interface: X.X.X.X (lo0)
      2010-10-21 13:18:07: DEBUG: my interface: X.X.X.X (vlan0)
      2010-10-21 13:18:07: DEBUG: my interface: X.X.X.X (vlan1)
      2010-10-21 13:18:07: DEBUG: my interface: X.X.X.X (carp0)
      2010-10-21 13:18:07: DEBUG: my interface: X.X.X.X (carp1)
      2010-10-21 13:18:07: DEBUG: my interface: X.X.X.X (carp2)
      2010-10-21 13:18:07: DEBUG: my interface: X.X.X.X (carp3)
      2010-10-21 13:18:07: DEBUG: my interface: X.X.X.X (carp4)
      2010-10-21 13:18:07: DEBUG: my interface: X.X.X.X (carp5)
      2010-10-21 13:18:07: DEBUG: my interface: X.X.X.X (carp6)
      2010-10-21 13:18:07: DEBUG: my interface: X.X.X.X (carp7)
      2010-10-21 13:18:07: DEBUG: my interface: X.X.X.X (carp8)
      2010-10-21 13:18:07: DEBUG: my interface: X.X.X.X (carp9)
      2010-10-21 13:18:07: DEBUG: my interface: X.X.X.X (tun0)
      2010-10-21 13:18:07: DEBUG: configuring default isakmp port.
      2010-10-21 13:18:07: DEBUG: 18 addrs are configured successfully
      2010-10-21 13:18:07: INFO: X.X.X.X used as isakmp port (fd=7)
      2010-10-21 13:18:07: INFO: X.X.X.X used as isakmp port (fd=8)
      2010-10-21 13:18:07: INFO: X.X.X.X used as isakmp port (fd=9)
      2010-10-21 13:18:07: INFO: X.X.X.X used as isakmp port (fd=10)
      2010-10-21 13:18:07: INFO: X.X.X.X used as isakmp port (fd=11)
      2010-10-21 13:18:07: INFO: X.X.X.X used as isakmp port (fd=12)
      2010-10-21 13:18:07: INFO: X.X.X.X used as isakmp port (fd=13)
      2010-10-21 13:18:07: INFO: X.X.X.X used as isakmp port (fd=14)
      2010-10-21 13:18:07: INFO: X.X.X.X used as isakmp port (fd=15)
      2010-10-21 13:18:07: INFO: X.X.X.X used as isakmp port (fd=16)
      2010-10-21 13:18:07: INFO: X.X.X.X used as isakmp port (fd=17)
      2010-10-21 13:18:07: INFO: X.X.X.X used as isakmp port (fd=18)
      2010-10-21 13:18:07: INFO: X.X.X.X used as isakmp port (fd=19)
      2010-10-21 13:18:07: INFO: X.X.X.X used as isakmp port (fd=20)
      2010-10-21 13:18:07: INFO: X.X.X.X used as isakmp port (fd=21)
      2010-10-21 13:18:07: INFO: X.X.X.X used as isakmp port (fd=22)
      2010-10-21 13:18:07: INFO: X.X.X.X used as isakmp port (fd=23)
      2010-10-21 13:18:07: INFO: X.X.X.X used as isakmp port (fd=24)
      2010-10-21 13:18:07: DEBUG: pk_recv: retry[0] recv()
      2010-10-21 13:18:07: DEBUG: get pfkey X_SPDDUMP message
      2010-10-21 13:18:07: DEBUG: pfkey X_SPDDUMP failed: No such file or directory
      2010-10-21 13:18:48: DEBUG: msg 1 not interesting
      2010-10-21 13:18:48: DEBUG: msg 1 not interesting
      2010-10-21 13:18:48: DEBUG: msg 1 not interesting
      2010-10-21 13:18:48: DEBUG: msg 1 not interesting
      2010-10-21 13:18:48: DEBUG: msg 1 not interesting
      2010-10-21 13:18:48: DEBUG: msg 1 not interesting

      that is going wrong ? I reset setkey -f /var/etc/spd.conf - but no better results.

      Thanks for your help !!

      1 Reply Last reply Reply Quote 0
      • F
        flyingconsulting
        last edited by

        I solved the problem ! You must fill out "Automatically ping host"

        @Developer Team please mark this field as bold !

        thanks for many replys  :(

        1 Reply Last reply Reply Quote 0
        • jimpJ
          jimp Rebel Alliance Developer Netgate
          last edited by

          It's not required. If that made your tunnel work, then something else may have been wrong.

          I run plenty of tunnels without that field filled in, though I generally do fill it out since it's convenient to have.

          Remember: Upvote with the 👍 button for any user/post you find to be helpful, informative, or deserving of recognition!

          Need help fast? Netgate Global Support!

          Do not Chat/PM for help!

          1 Reply Last reply Reply Quote 0
          • First post
            Last post
          Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.