Hi list, I try to setup ipsec with isakmpd -K and ipsecctl on a OpenBSD 4.0 host. I had it running on friday, using the following configuration:
ike active esp from 192.168.100.0/24 to 192.168.101.0/24 \ local 24.24.24.24 peer 42.173.16.1 \ main auth hmac-md5 enc aes group grp2 \ quick auth hmac-md5 enc aes group grp2 \ psk MySekret I started isakmpd -K and then did an ipsecctl -vv -c /etc/ipsec.conf, and then I immediately get a Bad file descriptor, see below: 122049.815507 UI 30 ui_config: "C set [Phase 1]:42.173.16.1=peer-42.173.16.1 force" 122049.815901 UI 30 ui_config: "C set [peer-42.173.16.1]:Phase=1 force" 122049.815971 UI 30 ui_config: "C set [peer-42.173.16.1]:Address=42.173.16.1 force" 122049.816031 UI 30 ui_config: "C set [peer-42.173.16.1]:Local-address=212.204.56.174 force" 122049.816141 UI 30 ui_config: "C set [peer-42.173.16.1]:Authentication=MySekret force" 122049.816202 UI 30 ui_config: "C set [peer-42.173.16.1]:Configuration=mm-42.173.16.1 force" 122049.816297 UI 30 ui_config: "C set [mm-42.173.16.1]:EXCHANGE_TYPE=ID_PROT force" 122049.816366 UI 30 ui_config: "C add [mm-42.173.16.1]:Transforms=3DES-MD5-GRP2 force" 122049.816467 Default main: select: Bad file descriptor 122050.817017 Default main: select: Bad file descriptor 122051.827071 Default main: select: Bad file descriptor 122052.837085 Default main: select: Bad file descriptor 122053.847123 Default main: select: Bad file descriptor I have seen this "Bad file descriptor" on friday too, after a reboot of the machine, it "dissapeared". Unfortunately I do not know, what the problem was and how it got fixed by the reboot. What could cause the "Bad file descriptor" error message? Do I can fix it, with raising some sysctl values or raising values in /etc/login.conf? A pointer in the right direction would be great. Just rebooting does not work kind regards Sebastian