I added manual entries for policy using "ip xfrm policy" both at receptor and initiator. Both are host and IP address of 10.13.199.185 and 10.13.199.130.
Initiator: sudo ip xfrm policy add src 10.13.199.185 dst 10.13.199.130 dir out tmpl src 10.13.199.185 dst 10.13.199.130 proto esp reqid 16386 mode transport sudo ip xfrm policy add src 10.13.199.130 dst 10.13.199.185 dir in tmpl src 10.13.199.130 dst 10.13.199.185 proto esp reqid 16386 mode transport Receptor: sudo ip xfrm policy add src 10.13.199.130 dst 10.13.199.185 dir out tmpl src 10.13.199.130 dst 10.13.199.185 proto esp reqid 16386 mode transport sudo ip xfrm policy add src 10.13.199.185 dst 10.13.199.130 dir in tmpl src 10.13.199.185 dst 10.13.199.130 proto esp reqid 16386 mode transport when I try to ping, I get following error. I expect it to create dynamic SA and ping to be successful. Jun 2 08:03:52 05[KNL] received a XFRM_MSG_ACQUIRE Jun 2 08:03:52 05[KNL] XFRMA_TMPL Jun 2 08:03:52 05[KNL] creating acquire job for policy 10.13.199.185/32[udp/48785] === 10.13.199.130/32[udp/1025] with reqid {16386} Jun 2 08:03:52 07[CFG] trap not found, unable to acquire reqid 16386 Thanks, Raj
_______________________________________________ Users mailing list Users@lists.strongswan.org https://lists.strongswan.org/mailman/listinfo/users