From: sandy s <san...@gm...> - 2005-12-06 14:10:24
|
Hi, Thanks for that quick reply. I verified the log once again now. I am using the command, racoon -f /etc/racoon.conf.krb -d -l /etc/racoon.log There are no Error messages. Only INFO messages are present. As Yuan mentioned, the log ends here. I am not seeing ant core dump file :( But the log file is ending there. Racoon is gettign killed in the machine from where I issue a ping. Could yo= u please let me know if this is configuration issue ? I am able to make a psk based connection. Can anybody please help. - Sandy. On 12/6/05, VANHULLEBUS Yvan <va...@fr...> wrote: > > On Tue, Dec 06, 2005 at 07:07:50PM +0530, sandy s wrote: > > Hi all, > > Hi. > > > I have upgraded the ipsec tools from 0.5-4 to 0.6.3 and DPD error seems > to > > be fixed as I am not getting that error now. > > In a previous mail, you pasted 'INFO' at the befinning of the log > line. > > I really guess this was NOT the reason of your error, and just the > last INFO/DEBUG message you saw in your log file. > > Most important are not necessary the last ones, but the ERROR lines ! > > And it looks like you have no ERROR in your log, at least in the part > you sent us. > > > > But still I am unable to make > > an IPSec connection with Kerberos as auth method. > > 1) I am having kerberos working properly in stand alone mode. > > 2) I am getting the TGT on one machine using. > > kinit -k -t /etc/krb5.keytab host/linux.kerb.com@KERB.COM -V > > I am getting the TGT. > > 3) My racoon.conf file looks exactly same as "racoon.conf.sample-gssapi= " > > file in the samples folder. > > 4) Both peers are getting the GIi and GIr properly. > > > > I NOTICE THAT AFTER SOME 10 mins, racoon dies. I have verified by > issuing > > command, > > ps -ef | grep racoon. The out put of this is nothing. > > when this happens, If I ping, I get the error "ping: no such process" > on > > the command prompt. > > 6) I have given the log file of the racoon out put when I do a ping. > > [....] > > 2005-12-06 18:44:12: DEBUG: =3D=3D=3D > > 2005-12-06 18:44:12: DEBUG: compute DH's private. > > 2005-12-06 18:44:12: DEBUG: > > 50699d9b 062b2888 692d6976 268ea08b 5a960b38 025eb721 b095de24 a8ac6481 > > 777aa093 6744650e 5daf82ba 351eff91 66578259 27fc7784 c9f55aa6 50f5e6d4 > > a16948cf 65bf44e8 68127bc6 f3af49fc 8d12542d 11fcff63 a4a0a755 2dbf45fe > > 657fc4c8 b35ec3aa 20410a05 d089a434 32568348 a5e60a78 d0337da8 fbc81bca > > 2005-12-06 18:44:12: DEBUG: compute DH's public. > > 2005-12-06 18:44:12: DEBUG: > > 49737b43 239503cb 3cdf9a82 ef03ff42 19c73126 681c0f62 7d839e66 6a147f18 > > 598dd380 3d14b95a 6c4435f8 51f7d618 51e21823 9676dc35 eb24eda8 2b83a5a9 > > 1801ded4 b753ed64 efcb57bf f21d6c53 8fd334b2 bc9e9a9e 51ad8bcc 83ed2cf0 > > 833a5a96 636324d6 d3c53708 31bcf464 9781019d cc814be5 10c34a41 40082f81 > > If your log really ends here, and if your racoon seems to die, then > you found a racoon crash. > > Now, it would be great if you could find the racoon.core and show us > at least the backtrace, to try to track down the problem. > > > > Yvan. > > > ------------------------------------------------------- > This SF.net email is sponsored by: Splunk Inc. Do you grep through log > files > for problems? Stop! Download the new AJAX search engine that makes > searching your log files as easy as surfing the web. DOWNLOAD SPLUNK! > http://ads.osdn.com/?ad_id=3D7637&alloc_id=3D16865&op=3Dclick > _______________________________________________ > Ipsec-tools-users mailing list > Ips...@li... > https://lists.sourceforge.net/lists/listinfo/ipsec-tools-users > |