On 8/9/06, Carlos Julio Sánchez [ACC-SIS] <[EMAIL PROTECTED]> wrote:
Hello! anybody can help me please? I have an error when I set up vpn with ipsec, my computer A have pfsense and my computer B have Centos(Linux) In the ipsec logs I have: racoon: ERROR: failed to get sainfo. racoon: ERROR: failed to get sainfo. racoon: ERROR: failed to pre-process packet. racoon: INFO: purging ISAKMP-SA spi=00bc15f02e56a4a5:69e1cebf2efd8757. racoon: INFO: purged ISAKMP-SA spi=00bc15f02e56a4a5:69e1cebf2efd8757. racoon: INFO: ISAKMP-SA deleted xxx.xxx.xxx.xxx [500]- xxx.xxx.xxx.xxx [500] spi:00bc15f02e56a4a5:69e1cebf2efd8757 in the logs of computer B I have: Aug 9 16:15:08 actibts1 racoon: NOTIFY: couldn't find the proper pskey, try to get one by the peer's address. Aug 9 16:15:08 actibts1 racoon: INFO: ISAKMP-SA established xxx.xxx.xxx.xxx[500]-xxx.xxx.xxx.xxx[500] spi:00bc15f02e56a4a5:69e1cebf2efd8757 Aug 9 16:15:09 actibts1 racoon: INFO: initiate new phase 2 negotiation: xxx.xxx.xxx.xxx [0]<=> xxx.xxx.xxx.xxx [0] Aug 9 16:15:39 actibts1 racoon: INFO: IPsec-SA expired: AH/Transport xxx.xxx.xxx.xxx -> xxx.xxx.xxx.xxx spi=35812955(0x222765b) Aug 9 16:15:39 actibts1 racoon: WARNING: the expire message is received but the handler has not been established. Aug 9 16:15:39 actibts1 racoon: ERROR: xxx.xxx.xxx.xxx give up to get IPsec-SA due to time up to wait.
Double check your phase 2 settings on both hosts. There is a mismatch somewhere. Scott