[mipl] IPSec problem(pfkey_send_migrate)

Thu, 22 Feb 2007 09:20:58 -0800 

Hi! I try to use ipsec with mipl 2.0.2 and kernel 2.6.16(with the
correct patch) and i found on /var/log/messages the next lines on the
Mobile Node:

pfkey_send_migrate: not implemented yet
pfkey_send_migrate: not implemented yet
pfkey_send_migrate: not implemented yet
pfkey_send_migrate: not implemented yet

and the ping6 output looks like:

ping6 2007:106:5555::2
connect: Operation not permited

this appends on foreing network.

the Mobile Node on the foreign network doesnt work and the ping6
commands also doesnt work :(, the configuration files are the next:

# Home Agent configuration File
NodeConfig HA;
DebugLevel 10;
Interface "eth0";

SendMobPfxAdvs disabled;
UseMnHaIPsec enabled;

DoRouteOptimizationMN enabled;

IPsecPolicySet {
        HomeAgentAddress 2007:106:2700::2;
        HomeAddress 2007:106:2700::2/64;

        IPsecPolicy HomeRegBinding UseESP 1 2;
        IPsecPolicy TunnelMh UseESP;
}

# Mobile Node configuration File
NodeConfig MN;
DebugLevel 10;
DoRouteOptimizationMN enabled;
DoRouteOptimizationCN enabled;

SendMobPfxSols disabled;

Interface "eth0";

MnHomeLink "eth0" {
        HomeAgentAddress 2007:106:2700::2;
        HomeAddress 2007:106:2700::4/64;
}

UseMnHaIPsec enabled;

IPsecPolicySet {
        HomeAgentAddress 2007:106:2700::2;
        HomeAddress 2007:106:2700::4/64;

        IPsecPolicy HomeRegBinding UseESP 1 2;
        IPsecPolicy TunnelMh UseESP;
}


# sa.conf
# Home Address 2007:106:2700::4
# Home Agent  2007:106:2700::2

# MN -> HA transport SA for BU
add 2007:106:2700::4 2007:106:2700::2 esp 2000
        -u 1
        -m transport
        -E des-cbc "TAHITEST"
        -A hmac-sha1 "this is the test key" ;

# HA -> MN transport SA for BA
add 2007:106:2700::2 2007:106:2700::4 esp 2001
        -u 2
        -m transport
        -E des-cbc "TAHITEST"
        -A hmac-sha1 "this is the test key" ;

# MN -> HA tunnel SA for HoTI
add 2007:106:2700::4 2007:106:2700::2 esp 2004
        -m tunnel
        -E des-cbc "TAHITEST"
        -A hmac-sha1 "this is the test key" ;

# HA -> MN tunnel SA for HoT
add 2007:106:2700::2 2007:106:2700::4 esp 2005
        -m tunnel
        -E des-cbc "TAHITEST"
        -A hmac-sha1 "this is the test key" ;

Thanks for your help!



_______________________________________________
mipl mailing list
[email protected]
http://www.mobile-ipv6.org/cgi-bin/mailman/listinfo/mipl

Reply via email to