Hi All,
 
A Gentle Reminder Please !!!
 
Thanks and Regards,
Shree Duth Awasthi.

On Wed, Jun 26, 2013 at 6:11 PM, SHREE DUTH AWASTHI <shreeduth.awasthi@gmail.com> wrote:
Hi All,
 
Can you please look at the below observation by us and help us in this regard.
 
When we enable IPsec in our hardware(ipsec-tools-0.8.0-1_WR4.3.x86_64), it create tunnels successfully but after that it shows some error Continuously : errors are as below :-
 
Issue1 :
10.1.21.2] ERROR: failed to pre-process ph2 packet (side: 1, status: 1).
Jun 10 08:54:21.418086 info CLA-0 racoon: 2013-06-10 08:54:21: INFO: respond new phase 2 negotiation: 10.1.21.1[500]=10.1.21.2[500]
Jun 10 08:54:21.418086 info CLA-0 racoon: 2013-06-10 08:54:21: ERROR: failed to get sainfo.
Jun 10 08:54:21.418128 info CLA-0 racoon: 2013-06-10 08:54:21: ERROR: failed to get sainfo.
 
Issue2 :
Jun 21 04:53:37.814135 info CLA-0 racoon: 2013-06-21 04:53:37: ERROR: execve("/etc/ipsec/scripts/phase1-up.sh") failed: No such file or directory

 
Note : We are already using the latest ( ipsec-tools/0.8.1/ipsec-tools-0.8.1.tar.gz ) ipsec tools version available ! ( No Functionality deviation, but logging of error messages )
 
Thanks and Regards,
Shree Duth Awasthi.
 
--------------------
 
SPD RULES
*********
Each rule is associated with both require and inique identifier

# setkey -DP
10.1.31.0/24[any] 10.1.36.0/24[any] 255
        fwd prio def + 2760 ipsec
        esp/tunnel/10.1.21.2-10.1.21.1/require
        created: Jun 20 14:40:24 2013  lastused:
        lifetime: 0(s) validtime: 0(s)
        spid=1010 seq=1 pid=27144
        refcnt=1
10.1.31.0/24[any] 10.1.36.0/24[any] 255
        in prio def + 2760 ipsec
        esp/tunnel/10.1.21.2-10.1.21.1/unique#16389
        created: Jun 20 14:40:24 2013  lastused:
        lifetime: 0(s) validtime: 0(s)
        spid=1000 seq=2 pid=27144
        refcnt=1
10.1.36.0/24[any] 10.1.31.0/24[any] 255
        out prio def + 2760 ipsec
        esp/tunnel/10.1.21.1-10.1.21.2/unique#16388
        created: Jun 20 14:40:24 2013  lastused:
        lifetime: 0(s) validtime: 0(s)
        spid=993 seq=3 pid=27144
        refcnt=1
10.1.33.0/24[any] 10.1.21.0/24[any] 255
        fwd prio def + 2760 ipsec
        esp/tunnel/10.1.21.2-10.1.21.1/require
        created: Jun 20 14:40:24 2013  lastused:
        lifetime: 0(s) validtime: 0(s)
        spid=986 seq=4 pid=27144
        refcnt=1
10.1.33.0/24[any] 10.1.21.0/24[any] 255
        in prio def + 2760 ipsec
        esp/tunnel/10.1.21.2-10.1.21.1/unique#16387
        created: Jun 20 14:40:24 2013  lastused:
        lifetime: 0(s) validtime: 0(s)
        spid=976 seq=5 pid=27144
        refcnt=1
10.1.21.0/24[any] 10.1.33.0/24[any] 255
        out prio def + 2760 ipsec
        esp/tunnel/10.1.21.1-10.1.21.2/unique#16386
        created: Jun 20 14:40:24 2013  lastused:
        lifetime: 0(s) validtime: 0(s)
        spid=969 seq=6 pid=27144
        refcnt=1
10.1.13.0/24[any] 10.1.12.0/24[any] 255
        fwd prio def + 2760 ipsec
        esp/tunnel/10.1.21.2-10.1.21.1/require
        created: Jun 20 14:40:24 2013  lastused:
        lifetime: 0(s) validtime: 0(s)
        spid=962 seq=7 pid=27144
        refcnt=1
10.1.13.0/24[any] 10.1.12.0/24[any] 255
        in prio def + 2760 ipsec
        esp/tunnel/10.1.21.2-10.1.21.1/unique#16385
        created: Jun 20 14:40:24 2013  lastused:
        lifetime: 0(s) validtime: 0(s)
        spid=952 seq=8 pid=27144
        refcnt=1
10.1.12.0/24[any] 10.1.13.0/24[any] 255
        out prio def + 2760 ipsec
        esp/tunnel/10.1.21.1-10.1.21.2/unique#16384
        created: Jun 20 14:40:24 2013  lastused:
        lifetime: 0(s) validtime: 0(s)
        spid=945 seq=9 pid=27144
        refcnt=1
(per-socket policy)
        out(socket) none
        created: Jun 20 14:40:22 2013  lastused: Jun 20 14:48:31 2013
        lifetime: 0(s) validtime: 0(s)
        spid=940 seq=10 pid=27144
        refcnt=1
(per-socket policy)
        in(socket) none
        created: Jun 20 14:40:22 2013  lastused: Jun 20 14:48:31 2013
        lifetime: 0(s) validtime: 0(s)
        spid=931 seq=0 pid=27144
        refcnt=1