Pfsense and isakmpd



  • Hi

    I am trying to get a tunnel from one of our offices (pfsense) to our HQ (obsd isakmpd)

    But the tunnel is not opening and all i get is this error..

    
    May 30 13:36:11 	racoon: INFO: fe80::1%lo0[500] used as isakmp port (fd=13)
    May 30 13:36:11 	racoon: INFO: ::1[500] used as isakmp port (fd=14)
    May 30 13:36:11 	racoon: INFO: 127.0.0.1[500] used as isakmp port (fd=15)
    May 30 13:36:11 	racoon: WARNING: setsockopt(UDP_ENCAP_ESPINUDP_NON_IKE): Invalid argument
    May 30 13:36:11 	racoon: INFO: fe80::218:4dff:fe76:1963%ath0[500] used as isakmp port (fd=16)
    May 30 13:36:11 	racoon: INFO: fe80::200:24ff:fec5:d2a5%sis1[500] used as isakmp port (fd=17)
    May 30 13:36:11 	racoon: INFO: 192.168.24.200[500] used as isakmp port (fd=18)
    May 30 13:36:11 	racoon: WARNING: setsockopt(UDP_ENCAP_ESPINUDP_NON_IKE): Invalid argument
    May 30 13:36:11 	racoon: INFO: 85.230.180.234[500] used as isakmp port (fd=19)
    May 30 13:36:11 	racoon: WARNING: setsockopt(UDP_ENCAP_ESPINUDP_NON_IKE): Invalid argument
    May 30 13:36:11 	racoon: INFO: fe80::200:24ff:fec5:d2a4%sis0[500] used as isakmp port (fd=20)
    May 30 13:36:11 	racoon: INFO: fe80::1%lo0[500] used as isakmp port (fd=13)
    May 30 13:36:11 	racoon: INFO: ::1[500] used as isakmp port (fd=14)
    May 30 13:36:11 	racoon: INFO: 127.0.0.1[500] used as isakmp port (fd=15)
    May 30 13:36:11 	racoon: WARNING: setsockopt(UDP_ENCAP_ESPINUDP_NON_IKE): Invalid argument
    May 30 13:36:11 	racoon: INFO: fe80::218:4dff:fe76:1963%ath0[500] used as isakmp port (fd=16)
    May 30 13:36:11 	racoon: INFO: fe80::200:24ff:fec5:d2a5%sis1[500] used as isakmp port (fd=17)
    May 30 13:36:11 	racoon: INFO: 192.168.24.200[500] used as isakmp port (fd=18)
    May 30 13:36:11 	racoon: WARNING: setsockopt(UDP_ENCAP_ESPINUDP_NON_IKE): Invalid argument
    May 30 13:36:11 	racoon: INFO: 85.230.180.234[500] used as isakmp port (fd=19)
    May 30 13:36:11 	racoon: WARNING: setsockopt(UDP_ENCAP_ESPINUDP_NON_IKE): Invalid argument
    May 30 13:36:11 	racoon: INFO: fe80::200:24ff:fec5:d2a4%sis0[500] used as isakmp port (fd=20)
    May 30 13:36:11 	racoon: INFO: fe80::1%lo0[500] used as isakmp port (fd=13)
    May 30 13:36:11 	racoon: INFO: ::1[500] used as isakmp port (fd=14)
    May 30 13:36:11 	racoon: INFO: 127.0.0.1[500] used as isakmp port (fd=15)
    May 30 13:36:11 	racoon: WARNING: setsockopt(UDP_ENCAP_ESPINUDP_NON_IKE): Invalid argument
    May 30 13:36:11 	racoon: INFO: fe80::218:4dff:fe76:1963%ath0[500] used as isakmp port (fd=16)
    May 30 13:36:11 	racoon: INFO: fe80::200:24ff:fec5:d2a5%sis1[500] used as isakmp port (fd=17)
    May 30 13:36:11 	racoon: INFO: 192.168.24.200[500] used as isakmp port (fd=18)
    May 30 13:36:11 	racoon: WARNING: setsockopt(UDP_ENCAP_ESPINUDP_NON_IKE): Invalid argument
    May 30 13:36:11 	racoon: INFO: 85.230.180.234[500] used as isakmp port (fd=19)
    May 30 13:36:11 	racoon: WARNING: setsockopt(UDP_ENCAP_ESPINUDP_NON_IKE): Invalid argument
    May 30 13:36:11 	racoon: INFO: fe80::200:24ff:fec5:d2a4%sis0[500] used as isakmp port (fd=20)
    May 30 13:36:11 	racoon: INFO: fe80::1%lo0[500] used as isakmp port (fd=13)
    May 30 13:36:11 	racoon: INFO: ::1[500] used as isakmp port (fd=14)
    May 30 13:36:11 	racoon: INFO: 127.0.0.1[500] used as isakmp port (fd=15)
    May 30 13:36:11 	racoon: WARNING: setsockopt(UDP_ENCAP_ESPINUDP_NON_IKE): Invalid argument
    May 30 13:36:11 	racoon: INFO: fe80::218:4dff:fe76:1963%ath0[500] used as isakmp port (fd=16)
    May 30 13:36:11 	racoon: INFO: fe80::200:24ff:fec5:d2a5%sis1[500] used as isakmp port (fd=17)
    May 30 13:36:11 	racoon: INFO: 192.168.24.200[500] used as isakmp port (fd=18)
    May 30 13:36:11 	racoon: WARNING: setsockopt(UDP_ENCAP_ESPINUDP_NON_IKE): Invalid argument
    May 30 13:36:11 	racoon: INFO: 85.230.180.234[500] used as isakmp port (fd=19)
    May 30 13:36:11 	racoon: WARNING: setsockopt(UDP_ENCAP_ESPINUDP_NON_IKE): Invalid argument
    May 30 13:36:11 	racoon: INFO: fe80::200:24ff:fec5:d2a4%sis0[500] used as isakmp port (fd=20)
    May 30 13:36:15 	racoon: INFO: caught signal 15
    May 30 13:36:16 	racoon: INFO: racoon shutdown
    
    

    So my question is… does isakmpd and pfsense work together?



  • Upgrade to a recent snapshot.  http://snapshots.pfsense.com/FreeBSD6/RELENG_1_2/



  • Thanks



  • well http://snapshots.pfsense.com/FreeBSD6/RELENG_1_2/embedded/pfSense.img.gz dont work..

    Lots of core dumps and segmentation faults.



  • Saying it 'don't work' is not very useful without perhaps describing your hardware setup and giving some more details. If the image is really totally broken, chances are someone else would have noticed it. What releases run correctly for you- 1.0.1, 1.2beta1?



  • @sinfull:

    well http://snapshots.pfsense.com/FreeBSD6/RELENG_1_2/embedded/pfSense.img.gz dont work..

    Lots of core dumps and segmentation faults.

    Works fine here.  You must have missed a step in writing the image out to the card?  Like gzcat perhaps?



  • Well my bad it was my cf card that was broken… :/

    But now when i have changed cf card i still cant get the ipsec tunnel to work..

    i get this error...

    racoon: INFO: unsupported PF_KEY message REGISTER



  • @sinfull:

    Well my bad it was my cf card that was broken… :/

    But now when i have changed cf card i still cant get the ipsec tunnel to work..

    i get this error...

    racoon: INFO: unsupported PF_KEY message REGISTER

    same here



  • There were some issues with IPsec and snapshots up until earlier today. Try a new snapshot.


Log in to reply