The FreeBSD Diary

The FreeBSD Diary (TM)

Providing practical examples since 1998

If you buy from Amazon USA, please support us by using this link.
FreeBSD Support
 New Topic  |  Go to Top  |  Go to Topic  |  Search  |  Log In   Newer Topic  |  Older Topic 
 Multiple connections not possible?
Author: Janno Hordijk 
Date:   23-05-05 15:02

I've got 3 networks I want to link together. I already did this unsecured by tunneling them over gif0, gif1 and gif2 simultaneously.

Then I started to make them secure. I am able to that for one link at the same time like Network 1 <-> Network 2.

But the desired situation would be:

Network1 <-> Network 2 AND
Network2 <-> Network 3

But as soon as I want to bring up the second network (it doesn't matter in what order you do this) only the first connection will work.

For every second connection I got this:

2005-05-23 16:54:00: INFO: pfkey.c:1466:pk_recvexpire(): IPsec-SA expired: ESP/Tunnel> spi=120379156(0x72cd714)
2005-05-23 16:54:00: INFO: isakmp.c:952:isakmp_ph2begin_i(): initiate new phase 2 negotiation:[0]<=>[0]
2005-05-23 16:54:00: INFO: pfkey.c:1466:pk_recvexpire(): IPsec-SA expired: ESP/Tunnel> spi=133041154(0x7ee0c02)
2005-05-23 16:54:00: INFO: pfkey.c:1197:pk_recvupdate(): IPsec-SA established: ESP/Tunnel> spi=251253906(0xef9d492)
2005-05-23 16:54:00: INFO: pfkey.c:1420:pk_recvadd(): IPsec-SA established: ESP/Tunnel> spi=40615243(0x26bbd4b)
2005-05-23 16:54:04: INFO: isakmp.c:1059:isakmp_ph2begin_r(): respond new phase 2 negotiation:[0]<=>[0]
2005-05-23 16:54:04: ERROR: isakmp_quick.c:2030:get_proposal_r(): no policy found:[0][0] proto=any dir=in
2005-05-23 16:54:04: ERROR: isakmp_quick.c:1071:quick_r1recv(): failed to get proposal for responder.
2005-05-23 16:54:04: ERROR: isakmp.c:1073:isakmp_ph2begin_r(): failed to pre-process packet.

What is my error in this?

As you can see the link between> is ok but the second connection between[0][0] fails. When I reverse the order the link> fails and the> succeeds. So I think it's not my config but I'm not for sure off course.

I really hope you can help me,

Best regards,

Janno Hordijk

Reply To This Message
 Forum List  |  Threaded View   Newer Topic  |  Older Topic 

 User Login
 User Name:
 Remember my login:
 Forgot Your Password?
Enter your email address or user name below and a new password will be sent to the email address associated with your profile.
How to get the most out of the forum