Hi! I try to use ipsec with mipl 2.0.2 and kernel 2.6.16(with the
correct patch) and i found on /var/log/messages the next lines on the
Mobile Node:
pfkey_send_migrate: not implemented yet
pfkey_send_migrate: not implemented yet
pfkey_send_migrate: not implemented yet
pfkey_send_migrate: not implemented yet
and the ping6 output looks like:
ping6 2007:106:5555::2
connect: Operation not permited
this appends on foreing network.
the Mobile Node on the foreign network doesnt work and the ping6
commands also doesnt work :(, the configuration files are the next:
# Home Agent configuration File
NodeConfig HA;
DebugLevel 10;
Interface "eth0";
SendMobPfxAdvs disabled;
UseMnHaIPsec enabled;
DoRouteOptimizationMN enabled;
IPsecPolicySet {
HomeAgentAddress 2007:106:2700::2;
HomeAddress 2007:106:2700::2/64;
IPsecPolicy HomeRegBinding UseESP 1 2;
IPsecPolicy TunnelMh UseESP;
}
# Mobile Node configuration File
NodeConfig MN;
DebugLevel 10;
DoRouteOptimizationMN enabled;
DoRouteOptimizationCN enabled;
SendMobPfxSols disabled;
Interface "eth0";
MnHomeLink "eth0" {
HomeAgentAddress 2007:106:2700::2;
HomeAddress 2007:106:2700::4/64;
}
UseMnHaIPsec enabled;
IPsecPolicySet {
HomeAgentAddress 2007:106:2700::2;
HomeAddress 2007:106:2700::4/64;
IPsecPolicy HomeRegBinding UseESP 1 2;
IPsecPolicy TunnelMh UseESP;
}
# sa.conf
# Home Address 2007:106:2700::4
# Home Agent 2007:106:2700::2
# MN -> HA transport SA for BU
add 2007:106:2700::4 2007:106:2700::2 esp 2000
-u 1
-m transport
-E des-cbc "TAHITEST"
-A hmac-sha1 "this is the test key" ;
# HA -> MN transport SA for BA
add 2007:106:2700::2 2007:106:2700::4 esp 2001
-u 2
-m transport
-E des-cbc "TAHITEST"
-A hmac-sha1 "this is the test key" ;
# MN -> HA tunnel SA for HoTI
add 2007:106:2700::4 2007:106:2700::2 esp 2004
-m tunnel
-E des-cbc "TAHITEST"
-A hmac-sha1 "this is the test key" ;
# HA -> MN tunnel SA for HoT
add 2007:106:2700::2 2007:106:2700::4 esp 2005
-m tunnel
-E des-cbc "TAHITEST"
-A hmac-sha1 "this is the test key" ;
Thanks for your help!
_______________________________________________
mipl mailing list
[email protected]
http://www.mobile-ipv6.org/cgi-bin/mailman/listinfo/mipl