On Tue, 17 May 2005 09:33:40 +0100, in sentex.lists.freebsd.questions you wrote: >A basic tunnel (without any encryption) works fine. As soon as >ipsec_enable is set in rc.conf, it fails. > >setkey -D shows No SAD entries.
> >If I start a ping from 192.168.1.254 -> 192.168.0.254, the receiving >machine get's an 'Invalid length of payload' error, whilst the sending >machine is getting an 'phase 2 negotiation failed due to time up waiting >for phase1. ESP 62.x.x.125->82.x.x.141' (The ip's shown are what they >should be.) I can probably transfer entire parts of the log files if >required, but at the moment, both machines are isolated. > >A further point I've discovered having left them running for a while, is >the racoon on the AMD64 keeps crashing and dumping core (although I >don't know what to do with that!). Maybe there is an issue with racoon >on 64bit? Maybe I should try re-installing with a standard i386 arch. >(Last ditch!) Yes, I would try and see if moving to i386 fixes the problem. Assuming you do have all the configs correct, there is no reason why it should not work. > >Both racoon's are 'racoon-2005-0510a' BTW. I have only just started using this version last weekend so I am not sure how good it is, but I suspect its the AMD64 thats at issue if all your configs are indeed correct. ---Mike -------------------------------------------------------- Mike Tancsa, Sentex communications http://www.sentex.net Providing Internet Access since 1994 [EMAIL PROTECTED], (http://www.tancsa.com) _______________________________________________ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"