My configuration is :
Red Hat Linux (kernel 220.127.116.11)
I am trying to give protocol as sctp while adding my SP
using command in file setkey.conf
At : 172.16.10.155 ( m/c A )
spdadd 172.16.10.155 172.16.10.154 sctp -P out ipsec
spdadd 172.16.10.154 172.16.10.155 sctp -P in ipsec
At : 172.16.10.154 ( m/c B )
spdadd 172.16.10.154 172.16.10.155 sctp -P out ipsec
spdadd 172.16.10.155 172.16.10.154 sctp -P in ipsec
But when i try to make SCTP connection the ethereal
shows the SCTP INIT chunk is sent i.e it was not
encrypted but the other machine also not respond to the
INIT message. so connection was NOT established.
I have tried sending INIT from m/c A to B and also from
m/c B to A. But the result is same.
But as soon as I remove the rules(setkey.conf) from one
side which is getting INIT it sends the INIT ACK but the
side receiving INIT-ACK does not acknoledge it.
After removing the rules from both side it works fine.
I have also tried giving protocol number 132 of sctp as
shown below but it too does not work.
spdadd 172.16.10.155 172.16.10.154 132 -P out ipsec
I am also able to setup the SCTP connection by
using "any" in spdadd command as protocol.
Please tell me what is happening. Do we not support the
SCTP or how can we give rule for SCTP
Log in to post a comment.