Ipsec error

  • Just finished upgardeing to the current release - VPN log is full of

    Mar 5 16:26:13 racoon: [xx.xx.xx.xx] ERROR: exchange Aggressive not allowed in any applicable rmconf.

    This continues until a restart of raccon and then everything connects OK - this VPN was fine until I upgarded to the Thursday release.  I have checked all config settings and all seems to be OK


  • I get the same error with 2.0-RC1 (amd64) built on Mon Mar 7 17:24:33 EST 2011

  • More digging indicates that this might be related to the fact our test environment is between 2 dynamic IP addresses and when dnswatch checks the addresses.

    As soon as racoon is restarted then the vpn comes up within 30 secs but reappears if we reset the link (and gain a new dynamic ip).  We are also testing with shared key rather than a cert.  Will have to transfer a cert and try that way.


Log in to reply