missing SA name in isakmpd.result

Matthias Teege Thu, 23 Apr 2009 02:59:52 -0700

Moin,

i have a runnig ipsec setup on an OpenBSD 4.4 box. The isakmpd.conf looks like 
this:


..

[Phase 1]
5.6.7.8=ISAKMP-peer-one

[Phase 2]
Passive-connections=IPsec-me-one

[ISAKMP-peer-one]
Phase=1
Local-address=1.2.3.4
Address=5.6.7.8
..

[IPsec-me-one]        
Phase=2          
ISAKMP-peer=ISAKMP-peer-one
Configuration=Default-quick-mode
Local-ID=Net-me
Remote-ID=Net-one
..

My problem is the output of isakmpd in isakmpd.result after "echo S >
/var/run/isakmpd.fifo".

SA name: ISAKMP-peer-one (Phase 1/Responder)
src: 1.2.3.4 dst: 5.6.7.8
Lifetime: 86400 seconds
...

SA name: <unnamed> (Phase 2)
src: 1.2.3.4 dst: 5.6.7.8
Lifetime: 3600 seconds
...

Why is the SA for Phase 2 "unnamed" but Phase 1 is named? How do I setup
a usefull name for Phase 2?

Many thanks
Matthias

missing SA name in isakmpd.result

Reply via email to