[Swan] microcode entry

Paul Wouters paul at nohats.ca
Mon Aug 12 02:44:36 UTC 2019

Seems a misconfiguration. The Notify you receive should contain an indicator, eg NO PROPOSAL CHOSEN or AUTH FAILED 

Sent from mobile device

> On Aug 11, 2019, at 21:45, Computerisms Corporation <bob at computerisms.ca> wrote:
> quick follow up; didn't notice that .29 was available, just tried upgrading it, but getting the same error.
>> On 2019-08-11 6:09 p.m., Computerisms Corporation wrote:
>> Hi,
>> I setup a net to net tunnel, following the procedure I normally follow (at least presuming I didn't make a mistake that I can't find), using 3.28.  I have patched the code as per
>> https://github.com/libreswan/libreswan/commit/716f4b712724c6698469563e531dea3667507ceb Which so far has worked in at least 3 other places without issue (that said the barf.in needs to be done manually, the patch does not apply cleanly to that file).
>> I am getting this in the logs:
>> Aug 11 17:59:37 rrwall pluto[26346]: "computerisms2rrdc" #1: no useful state microcode entry found for incoming packet
>> Aug 11 17:59:37 rrwall pluto[26346]: "computerisms2rrdc" #1: dropping unexpected IKE_AUTH message containing INVALID_IKE_SPI notification; message payloads: N; missing payloads: SK
>> Apart from the github page with the code that uses this text, I get no hits on google.  I have read the comment in the code and understand that something is messed up, but I am not really clear what this is indicating.  Is it a configuration issue?  a portion of the code not properly compiled?  a certificate problem?  The remote end is a very slow DSL connection, maybe that is part of the problem?  been going through my regular list of things to try, but not meeting any success yet.
>> Any clues on a direction for me to go with this?
> _______________________________________________
> Swan mailing list
> Swan at lists.libreswan.org
> https://lists.libreswan.org/mailman/listinfo/swan

More information about the Swan mailing list