Hi!

I'm stuck here with Cisco VPN client 4.0.5c, NetBSD-1.6ZL and
ipsec-tools-0.5.pre20041109. I've got mutual group authentication
working but something is breaking my setup.

snip from the logs:

Nov 30 08:58:05 zuul racoon: WARNING: trns_id mismatched: my:3DES peer:AES
Nov 30 08:58:05 zuul racoon: WARNING: trns_id mismatched: my:3DES peer:AES
Nov 30 08:58:05 zuul racoon: ERROR: not matched
Nov 30 08:58:05 zuul racoon: WARNING: trns_id mismatched: my:3DES peer:AES
Nov 30 08:58:05 zuul racoon: WARNING: trns_id mismatched: my:3DES peer:AES
Nov 30 08:58:05 zuul racoon: ERROR: not matched

Ok, in racoon.conf I have proposal_check obey and generate_policy on.
Fine, don't do 3DES.

Now if I try to switch racoon to rijndael it gives me this:

2004-11-30 09:05:13: DEBUG: reading config file /usr/pkg/etc/racoon/racoon.conf
2004-11-30 09:05:13: DEBUG: hmac(modp1024)
2004-11-30 09:05:13: ERROR: Invalid transform id: 12
2004-11-30 09:05:13: ERROR: /usr/pkg/etc/racoon/racoon.conf:38: "," algorithm AES not supported by the kernel (missing module?)
2004-11-30 09:05:13: ERROR: fatal parse failure (1 errors)
racoon: failed to parse configuration file.

What am I missing ?

tia,
-- 
jht