[Swan] microcode entry
paul at nohats.ca
Mon Aug 12 02:44:36 UTC 2019
Seems a misconfiguration. The Notify you receive should contain an indicator, eg NO PROPOSAL CHOSEN or AUTH FAILED
Sent from mobile device
> On Aug 11, 2019, at 21:45, Computerisms Corporation <bob at computerisms.ca> wrote:
> quick follow up; didn't notice that .29 was available, just tried upgrading it, but getting the same error.
>> On 2019-08-11 6:09 p.m., Computerisms Corporation wrote:
>> I setup a net to net tunnel, following the procedure I normally follow (at least presuming I didn't make a mistake that I can't find), using 3.28. I have patched the code as per
>> https://github.com/libreswan/libreswan/commit/716f4b712724c6698469563e531dea3667507ceb Which so far has worked in at least 3 other places without issue (that said the barf.in needs to be done manually, the patch does not apply cleanly to that file).
>> I am getting this in the logs:
>> Aug 11 17:59:37 rrwall pluto: "computerisms2rrdc" #1: no useful state microcode entry found for incoming packet
>> Aug 11 17:59:37 rrwall pluto: "computerisms2rrdc" #1: dropping unexpected IKE_AUTH message containing INVALID_IKE_SPI notification; message payloads: N; missing payloads: SK
>> Apart from the github page with the code that uses this text, I get no hits on google. I have read the comment in the code and understand that something is messed up, but I am not really clear what this is indicating. Is it a configuration issue? a portion of the code not properly compiled? a certificate problem? The remote end is a very slow DSL connection, maybe that is part of the problem? been going through my regular list of things to try, but not meeting any success yet.
>> Any clues on a direction for me to go with this?
> Swan mailing list
> Swan at lists.libreswan.org
More information about the Swan