Hi, ok, please use "hmac-sha1" instead of "sha1" HJ.
On Thu, Nov 24, 2005 at 11:04:45AM +0100, raff wrote: > following ipsec.conf(5) i was trying to set up connection between to > hosts 192.168.1.115 and 192.168.1.125 > I can set it using ipsecadm, and everything works fiine, but using > ipsecctl i'm getting some errors like below: > > > # ipsecctl -vvf ipsec.conf > @0 flow esp out from 192.168.1.115 to 192.168.1.125 peer 192.168.1.125 > type require > @1 flow esp in from 192.168.1.125 to 192.168.1.115 peer 192.168.1.125 > type use > @2 esp from 192.168.1.115 to 192.168.1.125 spi 0x00000115 auth sha1 enc > 3des-cbc > authkey 0x507a89ddbbca07ea595b338f78c9cf44162ef92e > enckey 0x9f2d7686ee16363909e94c8334cc8492b53cb8d7d0734e29 > @3 esp from 192.168.1.125 to 192.168.1.115 spi 0x00000125 auth sha1 enc > 3des-cbc > authkey 0x513dc7a1b41d9a5ad9fca0eedc78180be2a82ba5 > enckey 0x44c4006f164234375e892d64e8fbc42c6093064fb1aa3bb9 > ipsecctl: writev failed: Invalid argument > ipsecctl: failed to add rule 2 > ipsecctl: writev failed: Invalid argument > ipsecctl: failed to add rule 3 > > thanks in advance