Login or Register to Ask a Question and Join Our Community


Cybersecurity

Problem while establishing ISAKMP in ipsec

Login to Discuss or Reply to this Discussion in Our Community

 
Thread Tools Search this Thread
Special Forums Cybersecurity Problem while establishing ISAKMP in ipsec
# 1  
Old 04-29-2008
Problem while establishing ISAKMP in ipsec
Hi,
I am facing problem while setting up ISAKMP between two hosts.
I can see only the Initiator messages but no responder messages in tcpdump. Does anyone know the cause of this behaviour?

FYI, here is the extracted information from tcpdump :
14:47:08.699113 IP 10.118.231.143.isakmp > 10.118.231.130.isakmp: isakmp: phase 1 I ident
14:47:08.699120 IP 10.118.231.130 > 10.118.231.143: icmp 164: 10.118.231.130 udp port isakmp unreachable
14:47:28.610347 IP 10.118.231.143.isakmp > 10.118.231.130.isakmp: isakmp: phase 1 I ident
14:47:28.610353 IP 10.118.231.130 > 10.118.231.143: icmp 164: 10.118.231.130 udp port isakmp unreachable
14:47:53.540184 IP 10.118.231.143.isakmp > 10.118.231.130.isakmp: isakmp: phase 1 I ident
14:47:53.583540 IP 10.118.231.143.isakmp > 10.118.231.130.isakmp: isakmp: phase 1 I ident
14:47:53.626519 IP 10.118.231.143.isakmp > 10.118.231.130.isakmp: isakmp: phase 1 I ident[E]
14:47:53.661367 IP 10.118.231.143.isakmp > 10.118.231.130.isakmp: isakmp: phase 2/others I oakley-quick[E]
14:47:53.705619 IP 10.118.231.143.isakmp > 10.118.231.130.isakmp: isakmp: phase 2/others I oakley-quick[E]

Regards
Login or Register to Ask a Question

Previous Thread | Next Thread

10 More Discussions You Might Find Interesting

1. Solaris

Establishing connectivity between two servers

I am trying to establish passwordless connectivity between server A and server B, but unsuccessfuly, because I beleive two issues. the first one is that on both servers, it is not possible to use root to login, it only allows to connect using a user (any) them su - root, which in turns I am able... (1 Reply)
Discussion started by: fretagi
1 Replies

2. UNIX for Beginners Questions & Answers

Sftp connection not establishing from Linux to DataPower

Hi Everyone, I am trying to send files from Linux to DataPower server using public key based authentication but it's not working as expected and every-time password expecting for sftp transfer. Can someone please help on this? Steps I fallowed: Created keys pair at source server... (4 Replies)
Discussion started by: renukeswar
4 Replies

3. Red Hat

Samba Server not accessible after establishing iptables rules

Hi All, If I disable the iptables on the server then I can use the command mount -t cifs //192.168.122.21/sharedata tmpdata -o username=smbuser4,password=1234 If I enable the iptables. However I have use the commands on server iptables -A INPUT -m state --state NEW -m udp -p udp --dport... (1 Reply)
Discussion started by: joj123
1 Replies

4. Shell Programming and Scripting

Establishing remote connection to a Xserver from a UNIX Box

Hello Guys , I have been working on a script where we are looking to connect a remote Xserver from a Unix box. Once a connection is made , i need to run several commands on remote machine to check various stuffs. As per my knowledge on unix (which is like a drop in ocean) , i found SSH as a... (7 Replies)
Discussion started by: himanshu sood
7 Replies

5. Cybersecurity

IPSEC

hello, after configuration ipsec in ip4 I can not ping between client and server whereas I had success ping before configuration! I also generate different key for AH and ESP as i have shown below. what is my problem and what should i do to have ping and test the configuration? code: ... (0 Replies)
Discussion started by: elinaz
0 Replies

6. Ubuntu

establishing connection with e-kermit running on LINUX from my operating system

we designed a primitive operating system for learning basics fundamentals and we created process switching, interrupt/polled IO for device drivers like UART and printers. We accomplish this by using our own tools called SPEDE (for downloading compiled elf image from host ubuntu system that have... (0 Replies)
Discussion started by: bicepjai
0 Replies

7. BSD

Problem on IPSec

Hi, this is my first post...:p Hello Admin :) Can I have an ask for something with my configuration ? I have finished some kind of the tutorial to build ipsec site to site, and the "step" has finished completely. I have a simulation with a local design topology with two PC's (FreeBSD ... (0 Replies)
Discussion started by: aulia
0 Replies

8. SuSE

NoMachine NX window closes after establishing connection

Hi, I am trying to use nomachine nx server and client. But somehow it doen't work. What happens is the following: 1.- Client starts up 2.- Client authenticates with Server 3.- The NoMachine window appears for 2-4 seconds 4.- The NoMachine window exists Somehow a "closeEvent" is sent.... (3 Replies)
Discussion started by: blackicecube
3 Replies

9. Shell Programming and Scripting

Problem establishing Connection on the LAN

Hi everybody i need your help on this I have LAN which run Sun microsystem with solaris 7 OS on each of the servers. The LAN was working fine before an interruption of power supply which makes servers to operating as standalone servers. i.e none of the servers have access to one another. How do i... (2 Replies)
Discussion started by: sbmada
2 Replies

10. UNIX for Dummies Questions & Answers

Establishing connections

Hello there, just a quick question.....Can someone please explain the concept that enables you to establish a connection using the same userId Thanx (1 Reply)
Discussion started by: BigTool4u2
1 Replies
Login or Register to Ask a Question

LEARN ABOUT FREEBSD

racoon

RACOON(8)                                                   BSD System Manager's Manual                                                  RACOON(8)

NAME

     racoon -- IKE (ISAKMP/Oakley) key management daemon

SYNOPSIS

     racoon [-46BdFLVv] [-f configfile] [-l logfile] [-P isakmp-natt-port] [-p isakmp-port]

DESCRIPTION

     racoon speaks the IKE (ISAKMP/Oakley) key management protocol, to establish security associations with other hosts.  The SPD (Security Policy
     Database) in the kernel usually triggers racoon.  racoon usually sends all informational messages, warnings and error messages to syslogd(8)
     with the facility LOG_DAEMON and the priority LOG_INFO.  Debugging messages are sent with the priority LOG_DEBUG.  You should configure
     syslog.conf(5) appropriately to see these messages.

     -4

     -6      Specify the default address family for the sockets.

     -B      Install SA(s) from the file which is specified in racoon.conf(5).

     -d      Increase the debug level.  Multiple -d arguments will increase the debug level even more.

     -F      Run racoon in the foreground.

     -f configfile
             Use configfile as the configuration file instead of the default.

     -L      Include file_name:line_number:function_name in all messages.

     -l logfile
             Use logfile as the logging file instead of syslogd(8).

     -P isakmp-natt-port
             Use isakmp-natt-port for NAT-Traversal port-floating.  The default is 4500.

     -p isakmp-port
             Listen to the ISAKMP key exchange on port isakmp-port instead of the default port number, 500.

     -V      Print racoon version and compilation options and exit.

     -v      This flag causes the packet dump be more verbose, with higher debugging level.

     racoon assumes the presence of the kernel random number device rnd(4) at /dev/urandom.

RETURN VALUES

     The command exits with 0 on success, and non-zero on errors.

FILES

     /etc/racoon.conf  default configuration file.

SEE ALSO

     ipsec(4), racoon.conf(5), syslog.conf(5), setkey(8), syslogd(8)

HISTORY

     The racoon command first appeared in the ``YIPS'' Yokogawa IPsec implementation.

SECURITY CONSIDERATIONS

     The use of IKE phase 1 aggressive mode is not recommended, as described in http://www.kb.cert.org/vuls/id/886601.

BSD                                                              January 23, 2009                                                              BSD