Bug#451301: marked as done (failed to pre-process packet.)

Mon, 01 Mar 2010 02:33:03 -0800 

Your message dated Mon, 01 Mar 2010 11:21:39 +0100
with message-id <[email protected]>
and subject line Re: failed to pre-process packet.
has caused the Debian Bug report #451301,
regarding failed to pre-process packet.
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)


-- 
451301: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=451301
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message --- 
package: racoon
version: 1:0.6.7-1.1

I have set up VPN between two debian-unstable machines, using
racoon-tool, with following config:

peer(%default):
        verify_identifier: on
        hash_algorithm[0]: sha1
        encryption_algorithm[0]: aes

connection(%default):
        src_ip: 212.179.137.34

connection(CM-arieh):
        dst_ip: 62.219.196.66
        admin_status: enabled

peer(62.219.196.66):
        peers_identifier: address

When I ping the peer (62.219.196.66), I get following errors:
...
Nov 14 22:16:46 rebel racoon: DEBUG: hmac(hmac_sha1)
Nov 14 22:16:46 rebel racoon: DEBUG: HASH computed:
Nov 14 22:16:46 rebel racoon: DEBUG:  1c79ed22 ffb9b18f e4bbb005
ac706658 f8073ff3
Nov 14 22:16:46 rebel racoon: ERROR: failed to get sainfo.
Nov 14 22:16:46 rebel racoon: ERROR: failed to get sainfo.
Nov 14 22:16:46 rebel racoon: ERROR: failed to pre-process packet.

There are many HOWTOs on internet, that say that the above
configuration should work:
http://www.gir.me.uk/computers/debian_vpn.html
http://www.neowin.net/forum/lofiversion/index.php/t396262.html
http://www.cyberdogsecurity.net/firewalls/tutorial.php?page=ipsec

After I modified the racoon-tool to add following section to
/var/lib/racoon/racoon.conf, everything worked:

sainfo anonymous {
        lifetime time 60 min;
        encryption_algorithm aes,3des ;
        authentication_algorithm hmac_sha1,hmac_md5;
        compression_algorithm deflate ;
}

I don't know why it helped though.

-- 
Arieh

--- End Message ---
--- Begin Message --- 
Closed as it seems to be just a configuration problem.

stefan
-- 
Stefan Bauer -----------------------------------------
PGP: E80A 50D5 2D46 341C A887 F05D 5C81 5858 DCEF 8C34
-------- plzk.de - Linux - because it works ----------

--- End Message ---

Reply via email to