We have an IPsec tunnel setup between two OpenBSD firewalls and normally it "just works" (thanks developers!)
Over the past day or so the tunnel "breaks". ipsecctl -sa shows no flows or SADB entries. The log entries at the Sydney end show lines like: Feb 24 05:59:21 pps35001 isakmpd[9204]: rsa_sig_decode_hash: no public key found Feb 24 05:59:21 pps35001 isakmpd[9204]: dropped message from xyz.101.222.1 port 56858 due to notification type INVALID_ID_INFORMATION Feb 24 05:59:32 pps35001 isakmpd[9204]: rsa_sig_decode_hash: no public key found Feb 24 05:59:32 pps35001 isakmpd[9204]: dropped message from xyz.101.222.1 port 56858 due to notification type INVALID_ID_INFORMATION There are batches of such messages, some quite short (1 or 2) but some go on for long periods. The batch including the above sample started at 05:10:57 and is still (06:13) going. The Melbourne end log looks like: Feb 24 06:13:04 PPS35004 isakmpd[23508]: transport_send_messages: giving up on exchange peer-abc.228.107.202, no response from peer abc.228.107.202:500 Feb 24 06:13:32 PPS35004 isakmpd[23508]: transport_send_messages: giving up on exchange peer-abc.228.107.202, no response from peer abc.228.107.202:4500 The pubkey for Melbourne is in place and readable at /etc/isakmpd/pubkeys/ipv4/ Any clues? Any other pertinent info needed? Please reply on list. The sender address is filtered to allow connections only from the list server. The spammers know it well enough. ;( Rod/ >From the land "down under": Australia. Do we look <umop apisdn> from up over?
