[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

(usagi-users 02774) ip6sec tunnel mode problem

To: "Usagi-Users" <usagi-users@xxxxxxxxxxxxxx>
Subject: (usagi-users 02774) ip6sec tunnel mode problem
From: "Yang Hsiung" <yhsiung@xxxxxxxxx>
Date: Fri, 16 Jan 2004 13:47:51 -0800
Importance: Normal
Reply-to: usagi-users@xxxxxxxxxxxxxx

Hi,

I followed the instructions in usagi/doc/HOWTO/IPsec
to setup the IPSec Tunnel mode using manually keyed.

First, I could ping6 from HOST1 to HOST2 without using
IPsec Tunnel.
Once I added IPSec tunnel mode, ping6 did not work.

I used the ethereal to capture the packets on SG1, I could
see ESP packets (but not ICMPv6 frames for echo request).
I also noticed that in /var/log/messages, it got a bunch of

ipsec6_input_check_ah: not found SA for ah errors

If I took out the AH configuration (only ESP), then I saw

ipsec6_input_check_esp: not found SA for esp errors

However, pfkey -L shows SAs  for both AH & ESP.

Anyone experienced the similar problem?

BTW, I'm using the 20040104 stable 5 (2.4.21 kernel) release.
The Transport mode for both manually keyed and IKEd work nicely.

Yang

Prev by Date: (usagi-users 02773) ipv6tunnel errors
Next by Date: (usagi-users 02775) [usagi-announce] 2004/01/19 snapshot
Previous by thread: (usagi-users 02773) ipv6tunnel errors
Next by thread: (usagi-users 02775) [usagi-announce] 2004/01/19 snapshot
Index(es):
- Date
- Thread