Re: [Ipsec-tools-users] Re: [Ipsec-tools-devel] Problem with ipsec-tools-0.6.3 racoon and GSS API

SourceForge Headquarters 225 Broadway Suite 1600 San Diego, CA 92101 +1 (858) 454-5900

Hi,

Thanks for that quick reply. I verified the log once again now.

I am using the command,
racoon -f /etc/racoon.conf.krb -d -l /etc/racoon.log

There are no Error messages. Only INFO messages are present. As Yuan
mentioned, the log ends here.

I am not seeing ant core dump file :(  But the log file is ending there.
Racoon is gettign killed in the machine from where I issue a ping. Could yo=
u
please let me know if this is configuration issue ? I am able to make a psk
based connection. Can anybody please help.

- Sandy.

On 12/6/05, VANHULLEBUS Yvan <va...@fr...> wrote:
>
> On Tue, Dec 06, 2005 at 07:07:50PM +0530, sandy s wrote:
> > Hi all,
>
> Hi.
>
> > I have upgraded the ipsec tools from 0.5-4 to 0.6.3 and DPD error seems
> to
> > be fixed as I am not getting that error now.
>
> In a previous mail, you pasted 'INFO' at the befinning of the log
> line.
>
> I really guess this was NOT the reason of your error, and just the
> last INFO/DEBUG message you saw in your log file.
>
> Most important are not necessary the last ones, but the ERROR lines !
>
> And it looks like you have no ERROR in your log, at least in the part
> you sent us.
>
>
> > But still I am unable to make
> > an IPSec connection with Kerberos  as auth method.
> > 1) I am having kerberos working properly in stand alone mode.
> > 2) I am getting the TGT on one machine using.
> >      kinit -k -t /etc/krb5.keytab host/linux.kerb.com@KERB.COM -V
> > I am getting the TGT.
> > 3) My racoon.conf file looks exactly same as "racoon.conf.sample-gssapi=
"
> > file in the samples  folder.
> > 4) Both peers are getting the GIi and GIr properly.
> >
> > I NOTICE THAT AFTER SOME 10 mins, racoon dies. I have verified by
> issuing
> > command,
> > ps -ef | grep racoon. The out put of this is nothing.
> >  when this happens, If I ping, I get the error "ping: no such process"
> on
> > the command prompt.
> > 6) I have given the log file of the racoon out put when I do a ping.
>
> [....]
> > 2005-12-06 18:44:12: DEBUG: =3D=3D=3D
> > 2005-12-06 18:44:12: DEBUG: compute DH's private.
> > 2005-12-06 18:44:12: DEBUG:
> > 50699d9b 062b2888 692d6976 268ea08b 5a960b38 025eb721 b095de24 a8ac6481
> > 777aa093 6744650e 5daf82ba 351eff91 66578259 27fc7784 c9f55aa6 50f5e6d4
> > a16948cf 65bf44e8 68127bc6 f3af49fc 8d12542d 11fcff63 a4a0a755 2dbf45fe
> > 657fc4c8 b35ec3aa 20410a05 d089a434 32568348 a5e60a78 d0337da8 fbc81bca
> > 2005-12-06 18:44:12: DEBUG: compute DH's public.
> > 2005-12-06 18:44:12: DEBUG:
> > 49737b43 239503cb 3cdf9a82 ef03ff42 19c73126 681c0f62 7d839e66 6a147f18
> > 598dd380 3d14b95a 6c4435f8 51f7d618 51e21823 9676dc35 eb24eda8 2b83a5a9
> > 1801ded4 b753ed64 efcb57bf f21d6c53 8fd334b2 bc9e9a9e 51ad8bcc 83ed2cf0
> > 833a5a96 636324d6 d3c53708 31bcf464 9781019d cc814be5 10c34a41 40082f81
>
> If your log really ends here, and if your racoon seems to die, then
> you found a racoon crash.
>
> Now, it would be great if you could find the racoon.core and show us
> at least the backtrace, to try to track down the problem.
>
>
>
> Yvan.
>
>
> -------------------------------------------------------
> This SF.net email is sponsored by: Splunk Inc. Do you grep through log
> files
> for problems?  Stop!  Download the new AJAX search engine that makes
> searching your log files as easy as surfing the  web.  DOWNLOAD SPLUNK!
> http://ads.osdn.com/?ad_id=3D7637&alloc_id=3D16865&op=3Dclick
> _______________________________________________
> Ipsec-tools-users mailing list
> Ips...@li...
> https://lists.sourceforge.net/lists/listinfo/ipsec-tools-users
>