[VPN] help with racoon tunnel to netscreen 204

Max J Osse mosse at fulcrumanalytics.com
Thu Jan 9 15:17:08 EST 2003


I'm having problems getting a tunnel between racoon on OS X and a netscreen
204
I'm using Pre-shared keys and Triple-Des/Sha-1 for Phase one, and
Triple-Des/Sha1 for Phase two.
 Here's what racoon is giving me:
jondoe (03:28:04 PM): 1. IPsec-SA request for 65.125.xxx.xxx queued due to
no phase1 found
jondoe (03:28:14 PM): initiate new phase 1 negotiation: 192.168.149.4[500]
<=>65.125.xxx.xxx[500]
begin Aggressive mode
couldn't find the proper pskey, try to get one by the peer's address.
ISAKMP-SA established 192.168.149.4[500]-65.125.xxx.xxx[500]
spi:26819ad00175c516:c790fd8536b4d10e
jondoe(03:28:49 PM): initiate new phase 2 negotiation: 192.168.149.4[0]
<=>65.125.xxx.xxx[0]
jondoe(03:28:58 PM): unknown notify message, no phase2 handle found.
jondoe (03:29:05 PM): 65.125.xxx.xxx give up to get IPsec-SA due to time up
to wait

Any help you can provide would be great.

thanks

-max




More information about the VPN mailing list