From: VANHULLEBUS Y. <va...@fr...> - 2004-11-23 13:02:05
|
On Tue, Nov 23, 2004 at 10:34:12AM +0000, Emmanuel Dreyfus wrote: > Now, DPD vs Cisco VPN client. it seems there is an interoperability problem > > On each R-U-There packet, the Cisco VPN client displays this in the logs: > > Received ISAKMP packet: peer = x.x.x.x > Invalid SPI size > Invalid payload: Stated payload length, 32, is not sufficient for Notification > Recieved malformed message or negociation no longer active > > I don't see any DPD activity from the Cisco VPN client. Won't be easy to do anything with those informations.... If you could generate DPD R-U-THERE from Cisco client and generate some debugs on racoon's side (it may be usefull to add some more debug than what is currently in the repository's version), it would probably be interesting for me. But I'll re-read the RFC, re-read the source code and try to find if something may be wrong..... If someone else can do the same thing, it's always difficult to try to find such implementation problems on our own code !! And I'll also try to get that client to make some tests.... Yvan. |