[Users] freeswan-1.98b+alg-0.80,Why PLUTO restart?

From: bill zhang ze yu (zeyubill_at_hotmail.com)
Date: Sat Dec 28 2002 - 07:28:15 CET

• Next message: Matthias Gorjup: "[Users] out.kbuild"
• Previous message: Shyamal Thatte: "Re: [VF][Users] Checkpoint FW1 and FreeSwan 1.99"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Happy New year to you!
I've got freeswan-1.98b with alg-0.8.0 on RH-7.2 and sucesfully got
tunnels.
left(10.170.1.120) ========= (10.170.1.90) right
my ipsec.conf :
config setup
        interfaces="ipsec0="
        klipsdebug=none
        plutodebug=all
        uniqueids=yesconn %default
conn %default
        keyingtries=0
        disablearrivalcheck=no
        authby=secret
conn gw120
        left=10.170.1.120
        right=10.170.1.90
        auth=ah
        ike=3des-md5
        esp=3des-md5-96

ALL OK! but when I modified the configuration of esp like this:
  esp=aes128-md5-96,aes128-sha1-96,3des-md5-96,3des-sha1-96
IPSEC SA cannot establish!
I read the "/var/log/secure" and find every time before QUICK MODE
ipsec__plutorun report: Restarting Pluto subsystem....
this is partion of"/var/log/secure"
Dec 27 20:14:39 newwave pluto[1470]: | emitting length of ISAKMP Proposal
Payload: 68
Dec 27 20:14:39 newwave pluto[1470]: | 12_128-2, 12_128-1, 3_000-1,
3_000-2, flags=-strict
Dec 27 20:14:39 newwave pluto[1470]: | kernel_alg_db_prop_new() initial
trans_cnt=4
Dec 27 20:14:39 newwave pluto[1470]: | kernel_alg_db_prop_new() will return
p_new->protoid=3, p_new->trans_cnt=4
Dec 27 20:14:39 newwave pluto[1470]: | kernel_alg_db_prop_new()
trans[0]: transid=12, attr_cnt=1, attrs[0].type=6, attrs[0].val=128
Dec 27 20:14:39 newwave pluto[1470]: | kernel_alg_db_prop_new()
trans[1]: transid=12, attr_cnt=1, attrs[0].type=6, attrs[0].val=128
Dec 27 20:14:39 newwave pluto[1470]: | kernel_alg_db_prop_new()
trans[2]: transid=3, attr_cnt=0, attrs[0].type=0, attrs[0].val=0
Dec 27 20:14:51 newwave ipsec__plutorun: Restarting Pluto subsystem...
Dec 27 20:14:52 newwave pluto[1905]: Starting Pluto (FreeS/WAN Version
1.98b)
Dec 27 20:14:52 newwave pluto[1905]: | opening /dev/urandom

 
Regards...

Bill

_________________________________________________________________
与联机的朋友进行交流，请使用 MSN Messenger: http://messenger.msn.com/cn

_______________________________________________
Users mailing list
Users_at_lists.freeswan.org
http://lists.freeswan.org/mailman/listinfo/users

• Next message: Matthias Gorjup: "[Users] out.kbuild"
• Previous message: Shyamal Thatte: "Re: [VF][Users] Checkpoint FW1 and FreeSwan 1.99"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.5 : Sun Dec 29 2002 - 05:21:19 CET