[strongSwan] IPv6 install SAD failed - received netlink error: Invalid argument

Iris Su iris.rj.su at gmail.com
Fri Aug 5 11:59:30 CEST 2011


Hi,

I tried to setup an IPv6 connection with following scenario

10.0.0.1[Server] fec0::2 ----- fec0::1[Client]

And the configuration as followed -
[Client side]
conn home
        left=fec0::1
        keyexchange=ikev2
        authby=secret
        right=fec0::2
        rightsubnet=0.0.0.0/0
        auto=add

[Server side]
conn psk
        left=fec0::2
        leftsubnet=0.0.0.0/0
        keyexchange=ikev2
        authby=secret
        right=%any
        auto=add

However, after IKE SA established, server side cannot setup SAD
successfully.
It shows up following error log

received netlink error: Invalid argument (22)
Unable to add SAD entry with SPI c2dc9aa0
received netlink error: Invalid argument (22)
 Unable to add SAD entry with SPI ced1801e
Unable to install inbound and outbound IPSec SA (SAD) in kernel

I've installed following kernel modules -
ah6, esp6, ipcomp6 and xfrm6_tunnel

Is there anything we can do to trace this issues?

PS: We're using strongswan 4.5.1 and running on linux kernel 2.6.33

BR,

Iris Su
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.strongswan.org/pipermail/users/attachments/20110805/0c91d50c/attachment.html>


More information about the Users mailing list