On Wed, 15 Apr 2015 19:46:10 +0100 "Chris O'Shea" <oshea.chris.ja...@gmail.com> wrote:
> Good Evening all, > > I am currently working on a debian spoke to Cisco hub DMVPN solution. > > The initial ISAKMP phase goes well and a proposal is agreed, the > opennhrp-script then runs on to the next line and calls: > > "racoonctl establish-sa -w esp inet <local interface ip> <remote > interface > ip> gre" > > and immediately after running this I get: > > "racoon: NOTIFY: no outbound policy found: <local interface ip>/32[0] > <remote interface ip>/32[0] proto=47 dir=out" > > setkey -DP shows > > ----------------------- > > 0.0.0.0 0.0.0.0 gre > fwd prio def ipsec > esp/transport//require > created: Jan 1 00:54:11 2000 lastused: > lifetime: 0(s) validtime: 0(s) > spid=3098 seq=53 pid=4206 > refcnt=1 > 0.0.0.0 0.0.0.0 gre > in prio def ipsec > esp/transport//require > created: Jan 1 00:54:11 2000 lastused: > lifetime: 0(s) validtime: 0(s) > spid=3088 seq=54 pid=4206 > refcnt=1 > 0.0.0.0 0.0.0.0 gre > out prio def ipsec > esp/transport//require > created: Jan 1 00:54:11 2000 lastused: > lifetime: 0(s) validtime: 0(s) > spid=3081 seq=0 pid=4206 > refcnt=1 > ---------------------------- How did you create these? I think they are missing "/0" from the addresses. Sounds like these are now being treated as "/32" instead. Please verify your ipsec.conf that it has "/0" after each address. /Timo ------------------------------------------------------------------------------ BPM Camp - Free Virtual Workshop May 6th at 10am PDT/1PM EDT Develop your own process in accordance with the BPMN 2 standard Learn Process modeling best practices with Bonita BPM through live exercises http://www.bonitasoft.com/be-part-of-it/events/bpm-camp-virtual- event?utm_ source=Sourceforge_BPM_Camp_5_6_15&utm_medium=email&utm_campaign=VA_SF _______________________________________________ opennhrp-devel mailing list opennhrp-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/opennhrp-devel
