Hello,
I made a tunnel between a centos linux machine with racoon and m0n0wall.
The problem is that the connection fails at phase 2
My debug information(the centos side):
2008-04-28 13:56:48: DEBUG: begin.
2008-04-28 13:56:48: DEBUG: seen nptype=2(prop)
2008-04-28 13:56:48: DEBUG: succeed.
2008-04-28 13:56:48: DEBUG: proposal #1 len=40
2008-04-28 13:56:48: DEBUG: begin.
2008-04-28 13:56:48: DEBUG: seen nptype=3(trns)
2008-04-28 13:56:48: DEBUG: succeed.
2008-04-28 13:56:48: DEBUG: transform #1 len=28
2008-04-28 13:56:48: DEBUG: type=SA Life Type, flag=0x8000, lorv=seconds
2008-04-28 13:56:48: DEBUG: type=SA Life Duration, flag=0x8000, lorv=3600
2008-04-28 13:56:48: DEBUG: life duration was in TLV.
2008-04-28 13:56:48: DEBUG: type=Encryption Mode, flag=0x8000, lorv=Tunnel
2008-04-28 13:56:48: DEBUG: type=Authentication Algorithm, flag=0x8000, lorv=hmac-md5
2008-04-28 13:56:48: DEBUG: type=Group Description, flag=0x8000, lorv=2
2008-04-28 13:56:48: DEBUG: hmac(modp1024)
2008-04-28 13:56:48: DEBUG: pair 1:
2008-04-28 13:56:48: DEBUG: 0x82196a0: next=(nil) tnext=(nil)
2008-04-28 13:56:48: DEBUG: proposal #1: 1 transform
2008-04-28 13:56:48: DEBUG: begin compare proposals.
2008-04-28 13:56:48: DEBUG: pair[1]: 0x82196a0
2008-04-28 13:56:48: DEBUG: 0x82196a0: next=(nil) tnext=(nil)
2008-04-28 13:56:48: DEBUG: prop#=1 prot-id=ESP spi-size=4 #trns=1 trns#=1 trns-id=DES
2008-04-28 13:56:48: DEBUG: type=SA Life Type, flag=0x8000, lorv=seconds
2008-04-28 13:56:48: DEBUG: type=SA Life Duration, flag=0x8000, lorv=3600
2008-04-28 13:56:48: DEBUG: type=Encryption Mode, flag=0x8000, lorv=Tunnel
2008-04-28 13:56:48: DEBUG: type=Authentication Algorithm, flag=0x8000, lorv=hmac-md5
2008-04-28 13:56:48: DEBUG: type=Group Description, flag=0x8000, lorv=2
2008-04-28 13:56:48: DEBUG: peer's single bundle:
2008-04-28 13:56:48: DEBUG: (proto_id=ESP spisize=4 spi=0692c537 spi_p=00000000 encmode=Tunnel reqid=0:0)
2008-04-28 13:56:48: DEBUG: (trns_id=DES encklen=0 authtype=hmac-md5)
2008-04-28 13:56:48: DEBUG: my single bundle:
2008-04-28 13:56:48: DEBUG: (proto_id=AH spisize=4 spi=00000000 spi_p=00000000 encmode=Tunnel reqid=0:0)
2008-04-28 13:56:48: DEBUG: (trns_id=MD5 authtype=hmac-md5)
2008-04-28 13:56:48: DEBUG: (proto_id=ESP spisize=4 spi=00000000 spi_p=00000000 encmode=Tunnel reqid=0:0)
2008-04-28 13:56:48: DEBUG: (trns_id=DES encklen=0 authtype=hmac-md5)
2008-04-28 13:56:48: ERROR: not matched
2008-04-28 13:56:48: ERROR: no suitable policy found.
2008-04-28 13:56:48: ERROR: failed to pre-process packet.
The racoon.conf
path include "/etc/racoon";
path pre_shared_key "/etc/racoon/psk.txt";
path certificate "/etc/racoon/certs";
log notify;
log debug2;
sainfo anonymous
{
pfs_group 2;
lifetime time 3600 sec;
encryption_algorithm des ;
authentication_algorithm hmac_md5;
compression_algorithm deflate;
}
remote (IP ADDRESS)
{
exchange_mode aggressive, main;
my_identifier address;
proposal {
encryption_algorithm 3des;
hash_algorithm sha1;
authentication_method pre_shared_key;
dh_group 2 ;
}
}
Thanks