Hello Gowri,
this seems to be the same problem (however I cannot confirm that
SIGSEGV is the culprit in my case).
I saw that you hadn't been able to reproduce the error on x86. My
error occurred on x86 while running on virtualized hardware (virtual
box).
Sincerely,
Vilhelm Jutvik
2012/3/21
Hi Vilhelm,
It works though if you limit the debugging level and / or the number
of debugging options. I've reproduced this several times just to be
sure. Why is this?
The problem line was (in full):
charondebug=asn 3,knl 3,mgr 3,ike 3,chd 3,net 3,enc 3
It works if you change it so (e.g.)
No, there was no such message in my logs. Furthermore, the starter
process didn't die. You had to kill it manually, remove the PID file
and then type ipsec start again.
I think I suffered from the same problem as experienced by Gowri.
Regards,
Ville
2012/3/21 Tobias Brunner
Hi Vilhelm,
On Wednesday 21 March 2012 03:24 PM, Vilhelm Jutvik wrote:
Hello Gowri,
this seems to be the same problem (however I cannot confirm that
SIGSEGV is the culprit in my case).
So, can you check/paste what is happening while ENC
parsing IKE_SA_INIT response for SA payload. You can
Dear Tobias,
thank you very much. I thought that charon was signalled by the IPsec
stack's SPD when a new SA was to be negotiated, not that it itself set
the policy.
Your solution didn't work right away though. I found that ipsec
start only started the starter process and nothing more. It was
Hi Tobias,
On Wednesday 21 March 2012 12:44 AM, Vilhelm Jutvik wrote:
Dear Tobias,
thank you very much. I thought that charon was signalled by the IPsec
stack's SPD when a new SA was to be negotiated, not that it itself set
the policy.
Your solution didn't work right away though. I found
Hi Vilhelm,
config setup
crlcheckinterval=180
strictcrlpolicy=no
plutostart=no
charondebug=asn 4, knl 4,mgr 4,ike 4,chd 4,net 4,enc 4
conn %default
auth=esp
authby=psk
esp=aes128ctr-aesxcbc!
ikelifetime=60m
keylife=20m
keyingtries=1
rekeymargin=3m