Subject: FreeS/WAN <-> KAME
To: None <>
From: Jan Schaumann <>
List: netbsd-users
Date: 09/09/2002 18:13:10

I'm currently trying to get a Linux machine talking FreeS/WAN IPsec to
talk to a NetBSD machine using KAME.  On the NetBSD machine, IPsec is
working just fine; it is talking IPsec using PSKs to various other
NetBSD machines.

Enter the Linux box.
I've added the PSK into NetBSD:/usr/pkg/etc/racoon/psk.txt and

I looked around on the web, and found these URL:

I've been trying to follow these examples, but when I start ipsec on the
Linux-site, it seems to try to use IPsec for all communication (I only
want it to talk to the NetBSD machine at a certain port using IPsec).
At the same time, on the NetBSD side, connections to the specified port
on the Linux machine time out; racoon complains:

isakmp.c:1700:isakmp_post_acquire(): request for establishing IPsec-SA
was queued due to no phase1 found. 
isakmp.c:1434:isakmp_ph1resend(): phase1 negotiation failed due to time
up. 4e9b66587b2d1079:0000000000000000 
racoon: ERROR: isakmp.c:1773:isakmp_chkph1there(): phase2 negotiation
failed due to time up waiting for phase1. ESP LinuxIP->NetBSDIP.

Anybody around here who has successfully made FreeS/WAN talk to KAME and
could give me an example or some pointers?


I seem to be having this tremendous difficulty with my lifestyle.