I compiled ipsec-tools-0.7.3 but to NO avail. Same problem is seen there also. I am running 0.6.4 on one machine and 0.7.3 on another. In both the directions, it gives this problem.

With Regards,
Zakir Ahmed
 
"And fear Almighty, and know that you are to meet him in the hereafter"
 


--- On Fri, 14/8/09, Timo Teräs <timo.teras@iki.fi> wrote:

From: Timo Teräs <timo.teras@iki.fi>
Subject: Re: [Ipsec-tools-devel] IPSEC ipv6 does NOT work consistently
To: "ZAKIR AHMED" <zaks_974@yahoo.com>
Cc: ipsec-tools-devel@lists.sourceforge.net
Date: Friday, 14 August, 2009, 12:57 PM

ZAKIR AHMED wrote:
>   The success and failure logs are as below
>
> Failed Case
>
> Initiator
> 2009-08-11 15:14:46: INFO: IPsec-SA request for 2001:db8:0:1:20f:20ff:fefe:4c78 queued due to no phase1 found.
> 2009-08-11 15:14:46: ERROR: unknown AF: 0
> 2009-08-11 15:14:46: INFO: initiate new phase 1 negotiation: <=>2001:db8:0:1:20f:20ff:fefe:4c78[500]
> 2009-08-11 15:14:46: INFO: begin Aggressive mode.
> 2009-08-11 15:14:46: INFO: respond new phase 1 negotiation: <=>2001:db8:0:1:20f:20ff:fefe:4c78[500]
> 2009-08-11 15:14:46: INFO: begin Aggressive mode.
> 2009-08-11 15:14:46: INFO: received Vendor ID: DPD
> 2009-08-11 15:14:46: NOTIFY: couldn't find the proper pskey, try to get one by the peer's address.
> 2009-08-11 15:15:16: NOTIFY: the packet is retransmitted by 2001:db8:0:1:20f:20ff:fefe:4c78[500] (1).
> 2009-08-11 15:15:17: ERROR: phase2 negotiation failed due to time up waiting for phase1. ESP 2001:db8:0:1:20f:20ff:fefe:4c78[0]->2001:db8:0:1:215:99ff:fe41:704c[0]
> 2009-08-11 15:15:17: INFO: delete phase 2 handler.

Looks like there's problems in the pre-shared-key look up code.
There was one IPv6 specific fix in 0.7.3 that might have fixed this.
Could you test that release? If it does not work, we'll take a look
what else could go wrong.

Or is this reproducable one direction only?

- Timo


See the Web's breaking stories, chosen by people like you. Check out Yahoo! Buzz.