[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

tunnel notification: NO PROPOSAL CHOSEN

To: misc@openbsd.org
Subject: tunnel notification: NO PROPOSAL CHOSEN
From: Steve <steve@videogroup.com>
Date: Mon, 9 Feb 2004 12:39:09 -0500
Content-Disposition: inline
User-Agent: KMail/1.5

Hi, 

I should have two "mirrored" configureations on two OpenBSD FW's.
On one of them I get "notification: NO PROPOSAL CHOSEN"
Whilst the other is not complaining. 

Where have I gone wrong?

----------------------(IP addresses changed)-----------------------------
# tcpdump -nvs1500 -r /var/run/isakmpd.pcap
07:29:21.406587 207.mmm.nnn.ooo.500 > 24.mmm.nnn.ooo.500:  [udp sum ok] 
isakmp v1.0 exchange ID_PROT
        cookie: e6ee5844c712736e->0000000000000000 msgid: 00000000 len: 80
        payload: SA len: 52 DOI: 1(IPSEC) situation: IDENTITY_ONLY
            payload: PROPOSAL len: 40 proposal: 1 proto: ISAKMP spisz: 0 
xforms: 1
                payload: TRANSFORM len: 32
                    transform: 0 ID: ISAKMP
                        attribute ENCRYPTION_ALGORITHM = 3DES_CBC
                        attribute HASH_ALGORITHM = SHA
                        attribute AUTHENTICATION_METHOD = PRE_SHARED
                        attribute GROUP_DESCRIPTION = MODP_1024
                        attribute LIFE_TYPE = SECONDS
                        attribute LIFE_DURATION = 3600 [ttl 0] (id 1)
07:29:47.301642 24.mmm.nnn.ooo.500 > 207.mmm.nnn.ooo.500:  [udp sum ok] 
isakmp v1.0 exchange ID_PROT
        cookie: ad350d152522f63a->0000000000000000 msgid: 00000000 len: 80
        payload: SA len: 52 DOI: 1(IPSEC) situation: IDENTITY_ONLY
            payload: PROPOSAL len: 40 proposal: 1 proto: ISAKMP spisz: 0 
xforms: 1
                payload: TRANSFORM len: 32
                    transform: 0 ID: ISAKMP
                        attribute ENCRYPTION_ALGORITHM = 3DES_CBC
                        attribute HASH_ALGORITHM = SHA
                        attribute AUTHENTICATION_METHOD = PRE_SHARED
                        attribute GROUP_DESCRIPTION = MODP_1024
                        attribute LIFE_TYPE = SECONDS
                        attribute LIFE_DURATION = 3600 [ttl 0] (id 1)
07:29:47.309810 207.mmm.nnn.ooo.500 > 24.mmm.nnn.ooo.500:  [udp sum ok] 
isakmp v1.0 exchange INFO
        cookie: 37440e5f6264a54a->0000000000000000 msgid: 00000000 len: 40
        payload: NOTIFICATION len: 12
            notification: NO PROPOSAL CHOSEN [ttl 0] (id 1)

-- 


____________________________________
Steve Szmidt
VP Information Technology
Video Group Distributors, Inc.
727-585-7737

Follow-Ups:
- Re: tunnel notification: NO PROPOSAL CHOSEN
  - From: Eduardo Alvarenga <eduardo-kw-openbsd.81d1ed@thrx.org>
- Re: tunnel notification: NO PROPOSAL CHOSEN
  - From: Steve <steve@videogroup.com>

Prev by Date: Re: PF NAT altq
Next by Date: Re: tunnel notification: NO PROPOSAL CHOSEN
Prev by thread: Re: changing port numbers of sendmail
Next by thread: Re: tunnel notification: NO PROPOSAL CHOSEN
Index(es):
- Date
- Thread