[strongSwan] how does pluto and charon share port 500
Simon Chan
simon.chan3 at yahoo.ca
Wed Feb 1 08:27:44 CET 2012
Greetings,
I am running tests with User-Mode Linux. I face the problem that if I start
both pluto and charon then charon can never establish connection. Tcpdump at
both
ends indicate the response does come back but charon just can't receive it.
I can also
see in syslog that pluto is receiving message from the far-end.
If I put "plutostart=no" in ipsec.conf than things work normally.
"lsof" shows both pluto and charon are listening on port 500.
I am currently trying Debian 6.0.3 root filesystem but I have previously
used the Gentoo
filesystem downloaded from StrongSwan UML site with same results.
Can someone explain what's going on?
Here is the syslog showing pluto received the response message but charon
got nothing:
Jan 31 22:18:07 station01 charon: 05[IKE] retransmit 5 of request with
message ID 0
Jan 31 22:18:07 station01 charon: 05[NET] sending packet: from
192.168.18.1[500] to 192.168.3.195[500]
Jan 31 22:18:07 station01 charon: 14[NET] sending packet: from
192.168.18.1[500] to 192.168.3.195[500]
Jan 31 22:18:07 station01 pluto[1578]: |
Jan 31 22:18:07 station01 pluto[1578]: | *received 376 bytes from
192.168.3.195:500 on eth0
Jan 31 22:18:07 station01 pluto[1578]: | next event EVENT_REINIT_SECRET in
3086 seconds
Jan 31 22:19:23 station01 charon: 02[IKE] giving up after 5 retransmits
Jan 31 22:19:23 station01 charon: 02[IKE] peer not responding, trying again
(3/0)
Thanks for help.
Simon
More information about the Users
mailing list