[prev in list] [next in list] [prev in thread] [next in thread]
List: openswan-users
Subject: Re: [Openswan Users] moderate success
From: Paul Wouters <paul () xtdnet ! nl>
Date: 2004-02-09 17:13:37
Message-ID: Pine.LNX.4.44.0402091810321.17729-100000 () expansionpack ! xtdnet ! nl
[Download RAW message or body]
On Mon, 9 Feb 2004, mark wrote:
> I am seeing this in logs though:
>
> Feb 9 16:38:45 logik pluto[442]: "logik-to-cubic" #4: discarding
> duplicate packet; already STATE_QUICK_R1
> Feb 9 16:39:25 logik pluto[442]: "logik-to-cubic" #4: max number of
> retransmissions (2) reached STATE_QUICK_R1
> Feb 9 16:39:25 logik pluto[442]: "logik-to-cubic" #5: responding to
> Quick Mode
> Feb 9 16:39:36 logik pluto[442]: "logik-to-cubic" #5: discarding
> duplicate packet; already STATE_QUICK_R1
This is just both ends trying to setup the connection at the same time.
> Feb 9 16:41:45 logik pluto[442]: "logik-to-cubic" #7: ERROR: netlink
> XFRM_MSG_NEWPOLICY response for flow tun.10000@100.0.0.5 included
> errno 17: File exists
>
> which doesn't seem like a good thing...
Do you have ipsectools installed? We call setkey -P and setkey -P -F to
clean the kernel from previous tunnels. This functionality is not yet
integrated into openswan itself.
> am i to understand that my tunnel is still not functional?
Prob it worked *before* you tried to replace it :)
install ipsectools (sourceforge). Or unload the modules to wipe the state.
Paul
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic