Hello. I have setup an IPSec tunnel between FreeBSD 4.7-stable (system 18.11.02)/racoon 20021120a and Windows XP Prof. FreeBSD acts as gateway, tunneling connections from Windows to world. IPSec crypts link between unix and win only.
ipsec.conf: spdadd 0.0.0.0/0 192.168.99.10/32 any -P out ipsec esp/tunnel/192.168.99.1-192.168.99.10/require; spdadd 192.168.99.10/32 0.0.0.0/0 any -P in ipsec esp/tunnel/192.168.99.10-192.168.99.1/require; While other side (Windows XP) initiates connect to hosts behind the tunnel, all works fine. If connect arrives from other hosts before SA has been established, then racoon can't initiate Phase 1 tcpdump output: 15:29:13.408122 192.168.99.1.500 > 192.168.99.10.500: isakmp: phase 1 I agg: [|sa] 15:29:13.409117 192.168.99.10.500 > 192.168.99.1.500: isakmp: phase 2/others R inf: [|n] racoon.log: ... 2003-01-14 15:29:13: DEBUG: isakmp.c:222:isakmp_handler(): 56 bytes message received from 192.168.99.10 ... 2003-01-14 15:29:13: DEBUG: isakmp.c:346:isakmp_main(): malformed cookie received or the initiator's cookies collide. ... What is wrong ? Best regards, Andrew mailto:[EMAIL PROTECTED] To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-questions" in the body of the message