running racoon&ipsec on my FBSD4.6-STABLE.the kernel log always sai
/kernel: IPv4 ESP input: no key association found for spi
and the worsed problem is that :
sometime my box can not connect to the other peers for long time before
restart racoon. especially, if two peers restart racoon on same time ,
It would
connected soon? what's the problem?
any help with appreciates:
PS: here's my racoon.conf
log notify;
path pre_shared_key "/usr/local/etc/racoon/psk.txt" ;
listen{
isakmp xxx.xxx.xxx.xxx [500];
}
remote anonymous
{
#exchange_mode main,aggressive;
exchange_mode aggressive,main;
doi ipsec_doi;
situation identity_only;
nonce_size 16;
lifetime time 2 hour; # sec,min,hour
initial_contact on;
support_mip6 on;
proposal_check obey; # obey, strict or claim
proposal {
encryption_algorithm 3des;
hash_algorithm sha1;
authentication_method pre_shared_key ;
dh_group 2 ;
}
}
sainfo anonymous
{
pfs_group 2;
lifetime time 1 hour;
encryption_algorithm 3des ;
authentication_algorithm hmac_sha1;
compression_algorithm deflate ;
}
To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-questions" in the body of the message
