Results 1 to 1 of 1
I am trying to setup IPSec with setkey, but after execute the following command on both machines
[CODE]
setkey -f /etc/ipsec.conf
[CODE/]
they cannot ping each other, and I get ...
Enjoy an ad free experience by logging in. Not a member yet? Register.
- 10-01-2010 #1Just Joined!
- Join Date
- Jan 2010
- Posts
- 7
ipsec "connect: No such process"
I am trying to setup IPSec with setkey, but after execute the following command on both machines
[CODE]
setkey -f /etc/ipsec.conf
[CODE/]
they cannot ping each other, and I get the following error when trying to ping 192.168.6.86 from 192.168.6.14.
If I try to ping from 192.168.6.14 from 192.168.6.86 the ping just never gets a response.Code:connect: No such process
Here are my ipsec.conf for each machine:
Machine 192.168.6.86
Machine 192.168.6.14:Code:#!/usr/sbin/setkey -f # Configuration for 192.168.1.100 # Flush the SAD and SPD flush; spdflush; # Attention: Use this keys only for testing purposes! # Generate your own keys! # AH SAs using 128 bit long keys #add 192.168.6.86 192.168.6.14 ah 0x200 -A hmac-md5 #0xc0291ff014dccdd03874d9e8e4cdf3e6; #add 192.168.6.14 192.168.6.86 ah 0x300 -A hmac-md5 #0x96358c90783bbfa3d7b196ceabe0536b; # ESP SAs using 192 bit long keys (168 + 24 parity) add 192.168.5.86 192.168.5.14 esp 0x1000 -m transport -E aes-ctr "ipv6readylogoaes2to1" -A hmac-sha1 "ipv6readylogsha12to1"; #0x7aeaca3f87d060a12f4a4487d5a5c3355920fae69a96c831; add 192.168.5.14 192.168.5.86 esp 0x2000 -m transport -E aes-ctr "ipv6readylogoaes1to2" -A hmac-sha1 "ipv6readylogsha11to2"; #0xf6ddb555acfd9d77b03ea3843f2653255afe8eb5573965df; # Security policies spdadd 192.168.6.86 192.168.6.14 any -P out ipsec esp/transport//require; spdadd 192.168.6.14 192.168.6.86 any -P in ipsec esp/transport//require;
If I do a "setkey -FP" on both machines they ping each other again. I'm thinking that there is some configuration issue with my ipsec.conf files.Code:#!/usr/sbin/setkey -f # Configuration for 192.168.1.100 # Flush the SAD and SPD flush; spdflush; # Attention: Use this keys only for testing purposes! # Generate your own keys! # AH SAs using 128 bit long keys #add 192.168.6.86 192.168.6.14 ah 0x200 -A hmac-md5 #0xc0291ff014dccdd03874d9e8e4cdf3e6; #add 192.168.6.14 192.168.6.86 ah 0x300 -A hmac-md5 #0x96358c90783bbfa3d7b196ceabe0536b; # ESP SAs using 192 bit long keys (168 + 24 parity) add 192.168.5.86 192.168.5.14 esp 0x1000 -m transport -E aes-ctr "ipv6readylogoaes2to1" -A hmac-sha1 "ipv6readylogsha12to1"; #0x7aeaca3f87d060a12f4a4487d5a5c3355920fae69a96c831; add 192.168.5.14 192.168.5.86 esp 0x2000 -m transport -E aes-ctr "ipv6readylogoaes1to2" -A hmac-sha1 "ipv6readylogsha11to2"; #0xf6ddb555acfd9d77b03ea3843f2653255afe8eb5573965df; # Security policies spdadd 192.168.6.86 192.168.6.14 any -P in ipsec esp/transport//require; spdadd 192.168.6.14 192.168.6.86 any -P out ipsec esp/transport//require;
Does anyone know how to resolve this issue?
Reply With Quote 
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
