Re: isakmpd: section has no "ID-type" tag

Tue, 30 Aug 2005 03:22:08 -0700 

I don't want to be annoying but I have people breathing down my back.

Does anyone at all have a working [peer-ID] section in isakmpd.conf?

I mean something similar to:

[ABCD-peer]
Phase=1
Transport=udp
Address=aaa.bbb.ccc.ddd
Configuration=ABCD-main-mode
ID=ABCD-ID
Authentication=xxxxxxxx
 
[ABCD-ID]
ID-type=USER_FQDN
Name=yyyyyyyyyyyyyy

No matter what I put in ID-type tag, I get

001543.959050 Default ipsec_id_size: section ABCD-ID has no "ID-type" tag

No spaces or other additional characters anywhere. Is this a bug in parser?


i386, on 3.6-stable and -current. 

> -----Original Message-----
> From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] 
> On Behalf Of Mitja Mu>enih
> Sent: Tuesday, August 30, 2005 12:31 AM
> To: misc@openbsd.org
> Subject: isakmpd: section has no "ID-type" tag
> 
> I've been working on this for hours after an already long 
> day, so I'm tired.
> What am I missing here?
> 
> 001543.953108 Misc 95 conf_get_str: [ABCD-peer]:ID->ABCD-ID
> 001543.956103 Misc 95 conf_get_str: configuration value not found
> [ABCD-ID]:ID-type
> 001543.959050 Default ipsec_id_size: section ABCD-ID has no 
> "ID-type" tag
> 001543.962081 Default exchange_run: doi->initiator (0x8abf3400) failed
> 
> # cat isakmpd.conf
> [Phase 1]
> aaa.bbb.ccc.ddd=ABCD-peer
> 
> [Phase 2]
> Connections=ABCD-conn
> 
> [ABCD-peer]
> Phase=1
> Transport=udp
> Address=aaa.bbb.ccc.ddd
> Configuration=ABCD-main-mode
> ID=ABCD-ID
> Authentication=xxxxxxxx
> 
> [ABCD-ID]
> ID-type=USER_FQDN
> Name=yyyyyyyyyyyyyy
> 
> [ABCD-conn]
> Phase=2
> Configuration=ABCD-quick-mode
> ISAKMP-peer=ABCD-peer
> Local-ID=default-route
> Remote-ID=ABCD-net
> 
> [default-route]
> ID-type=        IPV4_ADDR_SUBNET
> Network=        192.168.123.0
> Netmask=        255.255.255.0
> 
> [KLNR-net]
> ID-type=        IPV4_ADDR_SUBNET
> Network=        aaa.bbb.eee.0
> Netmask=        255.255.255.0
> 
> [ABCD-main-mode]
> DOI=                    IPSEC
> EXCHANGE_TYPE=          AGGRESSIVE
> Transforms=             3DES-SHA
> 
> [ABCD-quick-mode]
> DOI=                    IPSEC
> EXCHANGE_TYPE=  QUICK_MODE
> Suites=                 QM-ESP-3DES-SHA-SUITE
> 
> 
> Sorry for the obfuscation, had to. No additional characters 
> at the end of
> the lines in [ABCD-ID] section.
> 
> Tried on 3.6-stable and latest snapshot, i386.
> 
> 
> Regards, Mitja

Reply via email to