[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
(usagi-users 03121) Re: IPsec starting error
- To: usagi-users@xxxxxxxxxxxxxx
- Subject: (usagi-users 03121) Re: IPsec starting error
- From: kuji@xxxxxxxxxxxxxxxxx
- Date: Wed, 17 Nov 2004 21:24:30 +0900 (JST)
- In-reply-to: <419AFD1F.7080102@miyazawa.org>
- Reply-to: usagi-users@xxxxxxxxxxxxxx
Hello
A reply, thank you.
I am sorry. The environment currently used is as follows.
Kernel 2.6.9
USAGI-linux26-s20041011
IPsec:IPv6
It was written to the release note of the USAGI as follows.
IMPLEMENTED FEATURES
--------------------
In this release, we have already improved and implemented the following
features,
- ICMPv6 Node Information Queries
- IPsec for IPv4/IPv6 (2.6 kernel only)
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
- Privacy Extensions (RFC 3041)
- IPv6 khttpd
- better source address selection
- IPv4 and/or IPv6 over IPv4 tunnel
Although this release note can be started, do I hear that the composition
which used pluto and pfkey cannot be used?
Although it cannot remember where it had written, since pluto was contained
in the module of this USAGI, it is used. Are setkey and raoon used also
the environment of IPv6, or on USAGI-linux26-s20041011.
Since USAGI is a beginner, please let me know.
Thank you for your consideration.
Naotsugu Kuji
> Hello,
>
> I don't know which distribution you use...
>
> If you use tools under usagi/{pfkey, pluto} ? You can not use it on
> linux-2.6. We use setkey and raoon on linux-2.6 which we can get from
> ipsec-tools in sourceforge.
>
> "ipsec" command is derived from freeswan. It would be supported by
> openswan continuously. If you use it, please ask openswan guys.
>
> Best regards,
>
> kuji@xxxxxxxxxxxxxxxxx wrote:
> > Hi!
> >
> > Would you help someone?
> > The following messages are outputted at the time of starting of IPsec,
> > and a session cannot be established.
> >
> > Please let me know the cause of this message.
> > Environment is Linux kernel 2.6.
> >
> > erver2 sbin]# ./ipsec auto --up test1
> > 112 "test1" #152: STATE_QUICK_I1: initiate
> > 003 "test1" #152: ERROR: PF_KEY SADB_X_ADDFLOW response for flow esp:1699fbb2@2001:380:1f7:1000::221 included errno 22: Invalid argument
> > 032 "test1" #152: STATE_QUICK_I1: internal error
> > 003 "test1" #152: ERROR: PF_KEY SADB_X_ADDFLOW response for flow esp:1699fbb2@2001:380:1f7:1000::221 included errno 22: Invalid argument
> > 032 "test1" #152: STATE_QUICK_I1: internal error
> > 010 "test1" #152: STATE_QUICK_I1: retransmission; will wait 20s for response
> > 010 "test1" #152: STATE_QUICK_I1: retransmission; will wait 40s for response
> > 003 "test1" #152: ERROR: PF_KEY SADB_X_ADDFLOW response for flow esp:1699fbb2@2001:380:1f7:1000::221 included errno 22: Invalid argument
> > 032 "test1" #152: STATE_QUICK_I1: internal error
> > 031 "test1" #152: max number of retransmissions (2) reached STATE_QUICK_I1
> > 000 "test1" #152: starting keying attempt 2 of an unlimited number, but releasing whack
> >
> >
> > Naotsugu Kuji
> > kuji@xxxxxxxxxxxxxxxxx
> >
> >
>
> --
> Kazunori Miyazawa
>
>
>
>
>