On Sat, 23 Sep 2006, Evgeniy Polyakov wrote:
> I never saw unencrypted packets before.
It's normal and expected, perhaps you didn't notice or had tcpdump
filtering them.
> > > 17:45:11.102212 IP 192.168.4.78 > 192.168.4.79:
> > > ESP(spi=0x01f452be,seq=0x3), length 84
> > > 17:45:12.098146 IP 192.168.4.79.isakmp > 192.168.4.78.isakmp: isakmp:
> > > phase 2/others ? oakley-quick[E]
> > > 17:45:12.098427 IP 192.168.4.78.isakmp > 192.168.4.79.isakmp: isakmp:
> > > phase 2/others ? inf
> >
> > And why racoon packets are here at this stage.
> >
> > Can you try this with either a fully manual config (setkey only) or
> > openswan?
>
> I use racoon, may be there are some problems with it's version, I will
> try new one after weekend.
I just verified that racoon is working with current kernels. Racoon can
be troublesome.
I'm using racoon from ipsec-tools-0.6.5-3.1.
You didn't specify a lifetime in your phase 1 spec ('remote anonymous')
section. Not sure what happens in that case, could be something to do
with it.
- James
--
James Morris
<[EMAIL PROTECTED]>
-
To unsubscribe from this list: send the line "unsubscribe netdev" in
the body of a message to [EMAIL PROTECTED]
More majordomo info at http://vger.kernel.org/majordomo-info.html
