[Swan-dev] pluto crashes with signal 11 when ike=des
Paul Wouters
paul at nohats.ca
Wed Jul 9 17:00:06 EEST 2014
On Wed, 9 Jul 2014, Ben Lentz wrote:
> Well, using this information I am certainly a lot closer than ever before! It
> looks like I am getting authenticated and the pluto logs are showing the
> Cisco-delivered DNS servers and an IP address from the correct client IP pool
> is being handed to my machine. However, the IP alias I'm handed is never
> added to the interface and the routes are never added. I think I'm still
> getting stuck at NO_PROPOSAL_CHOSEN even though it looks to me like 95% of it
> is working now.
> I'm going to try to keep throwing different combinations at it, but I think I
> may have tried them all. Any other ideas?
that sounds like a plan :)
> Jul 9 00:16:51 bentz pluto[14906]: "conn" #1: XAUTH: Successfully Authenticated
So ike= is fine.
> Jul 9 00:16:51 bentz pluto[14906]: "conn" #2: initiating Quick Mode
> PSK+ENCRYPT+TUNNEL+DONTREKEY+UP+MODECFGPULL+AGGRESSIVE+IKEv2ALLOW+SAREFTRACK
> {using isakmp#1 msgid:c1b12890 proposal=AES(12)_128-SHA1(2)_160
> pfsgroup=no-pfs}
> Jul 9 00:16:51 bentz pluto[14906]: "conn" #1: ignoring informational
> payload, type NO_PROPOSAL_CHOSEN msgid=00000000
try:
remote_peer_type=cisco
esp=aes-sha1;modp1024
Paul
More information about the Swan-dev
mailing list