But it is strange, because I haven't got any racoon.log neither in /var/log nor in any other file in all the computer. I have been searching it. And I have seen in these forums of people sending the outputs of the logs.
 
The only log I have found with any information of opennhrp is the syslog, but no new information is shown. Even the opennhrp -v doesn't show any additional information.
 
I know that this is not relevant information, but the problem shown to me is racoonctl: kmpstat: invalid argument
Peer up script failed: exitstatus 1
 
In the forum a person with a similar problem is inforced to install ipsec-tools 0.8, but this is the version I have. The config files a copied-pasted, and the Cisco architecture is adapted to the configuration of the examples.
 
Thanks


De: Timo Teräs <timo.teras@iki.fi>
Para: Luis Garcia <bewabra3@yahoo.es>
CC: ipsec-tools-devel@lists.sourceforge.net
Enviado: martes, 11 de agosto, 2009 19:13:25
Asunto: Re: What does exitstatus1 mean?

Luis Garcia wrote:
> Hi! I'm here again ... I have been reading the man pages, the forum etc ...  I have created the files like is advised in the README and in a blog found in internet, but an error is shown me. In this case the error message is the typical one as I have seen in the forum, but the difference is that in this case the exitstatus number is 1.

The exitstatus is kinda useless; it just means the opennhrp-script
failed to run: most likely racoon failed to establish sa.

You really need to paste the logs. Depending on the problem it can be
a problem in the opennhrp-script or the racoon configuration; so it's
a bit tricky to decide if the questions should go to opennhrp or this
list.

> The problem is not in the network because I have previous experience in Cisco DMVPNs, I am able from the computer to do ping to the ethernet interface of the cisco router, but I have seen that the computer is not sending any NHRP packets to the Router.

The opennhrp does not send anything until the script has exited with
zero to imply successful sa negotiation. This would imply that your
ping packets are going over the transit subnet unencrypted and
without gre routing.

- Timo