[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

(usagi-users 02420) Re: IPsec 2.5.70-bk9 and FreeS/WAN 1.99 with algopatches 0.8.1rc2

To: usagi-users@xxxxxxxxxxxxxx
Subject: (usagi-users 02420) Re: IPsec 2.5.70-bk9 and FreeS/WAN 1.99 with algopatches 0.8.1rc2
From: Peter Bieringer <pb@xxxxxxxxxxxx>
Date: Thu, 05 Jun 2003 23:39:21 +0200
In-reply-to: <E7ABA0128F4BB9459611B12C98E9CE7C011B2D81@MADTORMAIL.indra.es>
References: <E7ABA0128F4BB9459611B12C98E9CE7C011B2D81@MADTORMAIL.indra.es>
Reply-to: usagi-users@xxxxxxxxxxxxxx


--On Thursday, June 05, 2003 05:23:25 PM +0200 "Garzon Maldonado, Jesus
Javier" <jgarzon@xxxxxxxx> wrote:

> Could you tell me what testbed are you employing for this tests?, i.e.
> are you using IPv6, ipv4, both?, automatic or manual keying?,...

I'm using at the moment "soft start", means IPv4 only, automatic keying
pluto against racoon.

FreeS/WAN is 1.99 with algopatches 0.8.1rc2 on patched RHL kernel
2.4.20-18.7

Other side 2.5.70-bk9 with latest ipsec-tools (recompiled now)


>> The reported 3DES problem was solved now by using a fresh 
>> compiled one.
>> 
>> But the AES one still occurs.
>> 
>> > FreeS/WAN:
>> > 112 "freeswan-racoon-tunnel" #14: STATE_QUICK_I1: initiate
>> > 003 "freeswan-racoon-tunnel" #14: ESP transform ESP_AES 
>> passed key_len=32
>> > > 16 032 "freeswan-racoon-tunnel" #14: STATE_QUICK_I1: 
>> internal error
>> 
>> Or on 192 bits:
>> 
>> 112 "freeswan-racoon-tunnel" #15: STATE_QUICK_I1: initiate
>> 003 "freeswan-racoon-tunnel" #15: ESP transform ESP_AES 
>> passed key_len=24 > 
>> 16
>> 032 "freeswan-racoon-tunnel" #15: STATE_QUICK_I1: internal error
>> 
>> Strange, looks like racoon reports always AES key length 16*8, but in 
>> raccoon.conf was "aes 192" or "aes 256" specified.

Anyone understand this?

        Peter
-- 
Dr. Peter Bieringer                     http://www.bieringer.de/pb/
GPG/PGP Key 0x958F422D               mailto: pb at bieringer dot de 
Deep Space 6 Co-Founder and Core Member  http://www.deepspace6.net/

References:
- (usagi-users 02418) Re: IPsec 2.5.70-bk9 and FreeS/WAN 1.99 with algopatches 0.8.1rc2
  - From: Garzon Maldonado, Jesus Javier

Prev by Date: (usagi-users 02419) Linux+IPv6-HOWTO now available in EN, DE and FR
Next by Date: (usagi-users 02421) Re: IPsec 2.5.70-bk9 and FreeS/WAN 1.99 with algopatches 0.8.1rc2 (in)compatible encryption methods
Previous by thread: (usagi-users 02418) Re: IPsec 2.5.70-bk9 and FreeS/WAN 1.99 with algopatches 0.8.1rc2
Next by thread: (usagi-users 02419) Linux+IPv6-HOWTO now available in EN, DE and FR
Index(es):
- Date
- Thread