Subject: Re: racoon broken by recent changes
To: None <firstname.lastname@example.org>
From: Jeff <email@example.com>
Date: 06/03/2005 15:14:21
On Tue, May 17, 2005 at 08:46:17PM +1000, Daniel Carosone wrote:
> In the first incarnation, it would negotiate phase 1, and simply time
> out phase 2, repeating forever. After a second rebuild to -current
> today, the behaviour has changed.. I now get a phase 2 negotiation
> reported, and then the following:
> /netbsd: key_update: no SA index found.
> racoon: ERROR: pfkey UPDATE failed: No such file or directory
> Is -current racoon working for anyone else, either with itself or with
> older peers? =20
Is anyone successfully running -current (post IPSEC_NAT_T import)
ipsec/racoon at this point? I have seen a few posts (ipsec+gif and
racoon/isakmp_natt) that while perhaps unrelated, suggests some
possible breakage. Like Daniel, I have been unable to utilize
ipsec/racoon since updating to current (previous -current was prior to
the NATT changes). I am experiencing the same racoon ERROR (pfkey
UPDATE failed: No such file or directory).
Another reply to this thread suggests that reverting to an older
racoon binary "works". I tried reverting all of ipsec-tools to
20050501 without success.
Any suggestions would be appreciated.