I'm using RHEL4 and the latest version of IPSEC tools from SourceForge. I've created my scripts and executed the setkey.conf (or ipsec.conf). When I execute the racoon.conf file and try to connect to this machine from another, I get the following output:
Code:
Foreground mode.
2007-03-29 13:13:53: INFO: @(#)ipsec-tools 0.6.6 (http://ipsec-tools.sourceforge.net)
2007-03-29 13:13:53: INFO: @(#)This product linked OpenSSL 0.9.7a Feb 19 2003 (http://www.openssl.org/)
2007-03-29 13:13:53: INFO: ###.###.###.###[500] used as isakmp port (fd=5)
2007-03-29 13:14:12: INFO: respond new phase 1 negotiation: ###.###.###.###[500]<=>###.###.###.###[500]
2007-03-29 13:14:12: INFO: begin Identity Protection mode.
2007-03-29 13:14:13: INFO: ISAKMP-SA established ###.###.###.###[500]-###.###.###.###[500] spi:312c6b7d5df62730:6b4e551576503ae8
2007-03-29 13:14:14: INFO: respond new phase 2 negotiation: ###.###.###.###[0]<=>###.###.###.###[0]
2007-03-29 13:14:14: ERROR: long lifetime proposed: my:120 peer:28800
2007-03-29 13:14:14: ERROR: not matched
2007-03-29 13:14:14: ERROR: no suitable policy found.
2007-03-29 13:14:14: ERROR: failed to pre-process packet.
Can someone tell me what is wrong or what this means? I've replaced my IPs with # symbols.