Have a problem getting a vpn tunnel up between a zyxel vpn gw and my openbsd 4.3 system.
/etc/ipsec.conf ike passive from any to any \ main auth hmac-sha1 enc 3des group modp1024 \ quick auth hmac-sha1 enc 3des group none \ psk openbsdrules Below follows output from cmd: isakmpd -d -DA=99 -K In the output is the line: 173307.589683 Exch 90 check_vendor_openbsd: bad size 20 != 16 which does not seem to cause any problems A then futher down the line: 173307.682833 Default sendmsg (14, 0xcfbd65a0, 0): Permission denied which does not have any lines before it which (to me) explains what goes wrong. These two lines is what I found strange, but I have no idea where to go from here. Thanks, Claus 173307.533538 Trpt 70 transport_setup: added 0x7ce24ac0 to transport list 173307.534309 Trpt 70 transport_setup: added 0x7ce24b00 to transport list 173307.535214 Trpt 50 virtual_clone: old 0x7ce24680 new 0x7ce249c0 (main is 0x7ce24ac0) 173307.536014 Trpt 70 transport_setup: virtual transport 0x7ce249c0 173307.536809 Trpt 95 transport_reference: transport 0x7ce249c0 now has 1 references 173307.537700 Mesg 90 message_alloc: allocated 0x83151280 173307.538473 Mesg 70 message_recv: message 0x83151280 173307.539310 Mesg 70 ICOOKIE: 4558dc89993e4538 173307.540292 Mesg 70 RCOOKIE: 0000000000000000 173307.540993 Mesg 70 NEXT_PAYLOAD: SA 173307.541788 Mesg 70 VERSION: 16 173307.542575 Mesg 70 EXCH_TYPE: ID_PROT 173307.543469 Mesg 70 FLAGS: [ ] 173307.544277 Mesg 70 MESSAGE_ID: 00000000 173307.544951 Mesg 70 LENGTH: 128 173307.546067 Mesg 70 message_recv: 4558dc89 993e4538 00000000 00000000 01100200 00000000 00000080 0d000038 173307.547105 Mesg 70 message_recv: 00000001 00000001 0000002c 01010001 00000024 01010000 80010005 80020002 173307.548131 Mesg 70 message_recv: 80030001 80040002 800b0001 000c0004 00015180 0d000014 afcad713 68a1f1c9 173307.549317 Mesg 70 message_recv: 6b8696fc 77570100 00000018 62502774 9d5ab97f 5616c160 2765cf48 0a3b7d0b 173307.550011 SA 90 sa_find: no SA matched query 173307.550936 Mesg 50 message_parse_payloads: offset 28 payload SA 173307.551623 Mesg 50 message_parse_payloads: offset 84 payload VENDOR 173307.552429 Mesg 50 message_parse_payloads: offset 104 payload VENDOR 173307.553226 Mesg 60 message_validate_payloads: payload SA at 0x8315131c of message 0x83151280 173307.554202 Mesg 70 DOI: 1 173307.554834 Mesg 70 SIT: 173307.555797 Misc 95 conf_get_str: configuration value not found [Phase 1]: 195.184.124.220 173307.556514 Misc 95 conf_get_str: [Phase 1]:Default->peer-default 173307.557474 Misc 95 conf_get_str: [peer-default]:Configuration->mm-default 173307.558177 Misc 95 conf_get_str: configuration value not found [mm-default]:DOI 173307.558977 Misc 95 conf_get_str: [mm-default]:EXCHANGE_TYPE->ID_PROT 173307.559852 Misc 95 conf_get_str: [General]:Exchange-max-time->120 173307.560688 Timr 10 timer_add_event: event exchange_free_aux(0x7de79800) added last, expiration in 120s 173307.561565 Misc 95 conf_get_str: configuration value not found [peer-default]:Flags 173307.562379 Cryp 60 hash_get: requested algorithm 1 173307.563305 Exch 10 exchange_setup_p1: 0x7de79800 peer-default mm-default policy responder phase 1 doi 1 exchange 2 step 0 173307.564149 Exch 10 exchange_setup_p1: icookie 4558dc89993e4538 rcookie a42fec0b4dc4e6f0 173307.564962 Exch 10 exchange_setup_p1: msgid 00000000 173307.565751 Trpt 95 transport_reference: transport 0x7ce249c0 now has 2 references 173307.566558 SA 80 sa_reference: SA 0x7de79900 now has 1 references 173307.567493 SA 70 sa_enter: SA 0x7de79900 added to SA list 173307.568157 SA 80 sa_reference: SA 0x7de79900 now has 2 references 173307.568944 SA 60 sa_create: sa 0x7de79900 phase 1 added to exchange 0x7de79800 (peer-default) 173307.569762 SA 80 sa_reference: SA 0x7de79900 now has 3 references 173307.570682 Mesg 50 message_parse_payloads: offset 40 payload PROPOSAL 173307.571360 Mesg 50 message_parse_payloads: offset 48 payload TRANSFORM 173307.572180 Mesg 50 Transform 1's attributes 173307.572965 Mesg 50 Attribute ENCRYPTION_ALGORITHM value 5 173307.573733 Mesg 50 Attribute HASH_ALGORITHM value 2 173307.574508 Mesg 50 Attribute AUTHENTICATION_METHOD value 1 173307.575286 Mesg 50 Attribute GROUP_DESCRIPTION value 2 173307.576066 Mesg 50 Attribute LIFE_TYPE value 1 173307.576967 Mesg 50 Attribute LIFE_DURATION value 86400 173307.577715 Mesg 60 message_validate_payloads: payload PROPOSAL at 0x83151328 of message 0x83151280 173307.578680 Mesg 70 NO: 1 173307.579317 Mesg 70 PROTO: ISAKMP 173307.580124 Mesg 70 SPI_SZ: 0 173307.580923 Mesg 70 NTRANSFORMS: 1 173307.581695 Mesg 70 SPI: 173307.582492 Mesg 60 message_validate_payloads: payload TRANSFORM at 0x83151330 of message 0x83151280 173307.583461 Mesg 70 NO: 1 173307.584108 Mesg 70 ID: 1 173307.584860 Mesg 70 SA_ATTRS: 173307.585645 Mesg 60 message_validate_payloads: payload VENDOR at 0x83151354 of message 0x83151280 173307.586462 Mesg 70 ID: 173307.587267 Exch 10 dpd_check_vendor_payload: DPD capable peer detected 173307.588113 Mesg 60 message_validate_payloads: payload VENDOR at 0x83151368 of message 0x83151280 173307.588928 Mesg 70 ID: 173307.589683 Exch 90 check_vendor_openbsd: bad size 20 != 16 173307.590516 Trpt 95 transport_reference: transport 0x7ce249c0 now has 3 references 173307.591445 Trpt 95 transport_release: transport 0x7ce249c0 had 3 references 173307.592110 Exch 90 exchange_validate: checking for required SA 173307.592899 Misc 30 ipsec_responder: phase 1 exchange 2 step 0 173307.593684 Cryp 60 hash_get: requested algorithm 1 173307.594463 Negt 30 message_negotiate_sa: transform 1 proto 1 proposal 1 ok 173307.595289 SA 80 sa_add_transform: proto 0x7ce24a40 no 1 proto 1 chosen 0x8405ab60 sa 0x7de79900 id 1 173307.596146 Misc 95 conf_get_str: [mm-default]:Transforms->3DES-SHA-GRP2 173307.597002 Misc 95 conf_get_str: [3DES-SHA-GRP2]:ENCRYPTION_ALGORITHM->3DES_CBC 173307.597954 Misc 95 conf_get_str: [3DES-SHA-GRP2]:HASH_ALGORITHM->SHA 173307.598796 Misc 95 conf_get_str: [3DES-SHA-GRP2]:AUTHENTICATION_METHOD->PRE_SHARED 173307.599629 Misc 95 conf_get_str: [3DES-SHA-GRP2]:GROUP_DESCRIPTION->MODP_1024 173307.600474 Misc 95 conf_get_str: [3DES-SHA-GRP2]:Life->LIFE_MAIN_MODE 173307.601427 Misc 95 conf_get_str: [3DES-SHA-GRP2]:Life->LIFE_MAIN_MODE 173307.602142 Misc 95 conf_get_str: [LIFE_MAIN_MODE]:LIFE_TYPE->SECONDS 173307.602996 Misc 95 conf_get_str: [3DES-SHA-GRP2]:Life->LIFE_MAIN_MODE 173307.604005 Misc 95 conf_get_str: [3DES-SHA-GRP2]:Life->LIFE_MAIN_MODE 173307.604700 Misc 95 conf_get_str: [LIFE_MAIN_MODE]:LIFE_DURATION->3600,60:86400 173307.605537 Misc 95 conf_get_str: [LIFE_MAIN_MODE]:LIFE_DURATION->3600,60:86400 173307.606518 Misc 95 conf_match_num: LIFE_MAIN_MODE:LIFE_DURATION 60<=86400<=86400? 173307.607561 Negt 20 ike_phase_1_validate_prop: success 173307.608250 Negt 30 message_negotiate_sa: proposal 1 succeeded 173307.609048 Misc 20 ipsec_decode_transform: transform 1 chosen 173307.609942 Cryp 60 hash_get: requested algorithm 1 173307.610647 Misc 70 group_get: returning 0x7ce24b40 of group 2 173307.611497 Exch 40 exchange_run: exchange 0x7de79800 finished step 0, advancing... 173307.612316 Trpt 95 transport_reference: transport 0x7ce249c0 now has 3 references 173307.613192 Mesg 90 message_alloc: allocated 0x83151380 173307.613969 SA 80 sa_reference: SA 0x7de79900 now has 4 references 173307.614744 Misc 30 ipsec_responder: phase 1 exchange 2 step 1 173307.615804 Exch 90 exchange_validate: checking for required SA 173307.616486 Mesg 70 message_send: message 0x83151380 173307.617509 Mesg 70 ICOOKIE: 4558dc89993e4538 173307.618234 Mesg 70 RCOOKIE: a42fec0b4dc4e6f0 173307.619055 Mesg 70 NEXT_PAYLOAD: SA 173307.619970 Mesg 70 VERSION: 16 173307.620632 Mesg 70 EXCH_TYPE: ID_PROT 173307.621402 Mesg 70 FLAGS: [ ] 173307.622205 Mesg 70 MESSAGE_ID: 00000000 173307.622987 Mesg 70 LENGTH: 184 173307.624087 Mesg 70 message_send: 4558dc89 993e4538 a42fec0b 4dc4e6f0 01100200 00000000 000000b8 0d000038 173307.625122 Mesg 70 message_send: 00000001 00000001 0000002c 01010001 00000024 01010000 80010005 80020002 173307.626169 Mesg 70 message_send: 80030001 80040002 800b0001 000c0004 00015180 0d000014 6c0dcd48 1deae8ae 173307.627271 Mesg 70 message_send: 0b0a6838 4b3072f9 0d000014 90cb8091 3ebb696e 086381b5 ec427b1f 0d000014 173307.628293 Mesg 70 message_send: 7d9419a6 5310ca6f 2c179d92 15529d56 0d000014 4a131c81 07035845 5c5728f2 173307.629273 Mesg 70 message_send: 0e95452f 00000014 afcad713 68a1f1c9 6b8696fc 77570100 173307.629942 Exch 40 exchange_run: exchange 0x7de79800 finished step 1, advancing... 173307.630745 Trpt 95 transport_reference: transport 0x7ce249c0 now has 4 references 173307.631555 Trpt 95 transport_reference: transport 0x7ce249c0 now has 5 references 173307.632350 Trpt 95 transport_reference: transport 0x7ce248c0 now has 2 references 173307.633128 Trpt 95 transport_reference: transport 0x7ce248c0 now has 3 references 173307.633917 Trpt 95 transport_reference: transport 0x7ce24800 now has 2 references 173307.634748 Trpt 95 transport_reference: transport 0x7ce24800 now has 3 references 173307.635663 Trpt 95 transport_reference: transport 0x7ce24740 now has 2 references 173307.636331 Trpt 95 transport_reference: transport 0x7ce24740 now has 3 references 173307.637119 Trpt 95 transport_reference: transport 0x7ce24680 now has 2 references 173307.637963 Trpt 95 transport_reference: transport 0x7ce24680 now has 3 references 173307.638746 Trpt 95 transport_reference: transport 0x7ce245c0 now has 2 references 173307.639546 Trpt 95 transport_reference: transport 0x7ce245c0 now has 3 references 173307.640344 Trpt 95 transport_reference: transport 0x7ce24500 now has 2 references 173307.641129 Trpt 95 transport_reference: transport 0x7ce24500 now has 3 references 173307.641915 Trpt 95 transport_reference: transport 0x7ce24440 now has 2 references 173307.642746 Trpt 95 transport_reference: transport 0x7ce24440 now has 3 references 173307.643672 Trpt 95 transport_release: transport 0x7ce249c0 had 5 references 173307.644350 Trpt 95 transport_release: transport 0x7ce249c0 had 4 references 173307.645137 Trpt 95 transport_release: transport 0x7ce248c0 had 3 references 173307.645932 Trpt 95 transport_release: transport 0x7ce248c0 had 2 references 173307.646721 Trpt 95 transport_release: transport 0x7ce24800 had 3 references 173307.647628 Trpt 95 transport_release: transport 0x7ce24800 had 2 references 173307.648420 Trpt 95 transport_release: transport 0x7ce24740 had 3 references 173307.649221 Trpt 95 transport_release: transport 0x7ce24740 had 2 references 173307.650135 Trpt 95 transport_release: transport 0x7ce24680 had 3 references 173307.650841 Trpt 95 transport_release: transport 0x7ce24680 had 2 references 173307.651634 Trpt 95 transport_release: transport 0x7ce245c0 had 3 references 173307.652424 Trpt 95 transport_release: transport 0x7ce245c0 had 2 references 173307.653207 Trpt 95 transport_release: transport 0x7ce24500 had 3 references 173307.653999 Trpt 95 transport_release: transport 0x7ce24500 had 2 references 173307.654902 Trpt 95 transport_release: transport 0x7ce24440 had 3 references 173307.655573 Trpt 95 transport_release: transport 0x7ce24440 had 2 references 173307.656381 Trpt 95 transport_fd_set: transport 0x7ce24940 (virtual 0x7ce248c0) fd 22 173307.657193 Trpt 95 transport_fd_set: transport 0x7ce24900 (virtual 0x7ce248c0) fd 21 173307.658195 Trpt 95 transport_fd_set: transport 0x7ce24880 (virtual 0x7ce24800) fd 20 173307.658872 Trpt 95 transport_fd_set: transport 0x7ce24840 (virtual 0x7ce24800) fd 19 173307.659669 Trpt 95 transport_fd_set: transport 0x7ce247c0 (virtual 0x7ce24740) fd 18 173307.660462 Trpt 95 transport_fd_set: transport 0x7ce24780 (virtual 0x7ce24740) fd 17 173307.661376 Trpt 95 transport_fd_set: transport 0x7ce24700 (virtual 0x7ce24680) fd 16 173307.662049 Trpt 95 transport_fd_set: transport 0x7ce246c0 (virtual 0x7ce24680) fd 15 173307.662847 Trpt 95 transport_fd_set: transport 0x7ce24640 (virtual 0x7ce245c0) fd 14 173307.663634 Trpt 95 transport_fd_set: transport 0x7ce24600 (virtual 0x7ce245c0) fd 13 173307.664433 Trpt 95 transport_fd_set: transport 0x7ce24580 (virtual 0x7ce24500) fd 12 173307.665225 Trpt 95 transport_fd_set: transport 0x7ce24540 (virtual 0x7ce24500) fd 11 173307.666064 Trpt 95 transport_fd_set: transport 0x7ce244c0 (virtual 0x7ce24440) fd 10 173307.666851 Trpt 95 transport_fd_set: transport 0x7ce24480 (virtual 0x7ce24440) fd 9 173307.667868 Trpt 95 transport_pending_wfd_set: transport 0x7ce24b00 (virtual 0x7ce249c0) fd 16 pending 173307.668580 Trpt 95 transport_pending_wfd_set: transport 0x7ce24ac0 (virtual 0x7ce249c0) fd 15 pending 173307.669822 Trpt 95 transport_reference: transport 0x7ce249c0 now has 4 references 173307.670622 Trpt 95 transport_reference: transport 0x7ce249c0 now has 5 references 173307.671299 Trpt 95 transport_reference: transport 0x7ce248c0 now has 2 references 173307.672084 Trpt 95 transport_reference: transport 0x7ce248c0 now has 3 references 173307.672868 Trpt 95 transport_reference: transport 0x7ce24800 now has 2 references 173307.673681 Trpt 95 transport_reference: transport 0x7ce24800 now has 3 references 173307.674468 Trpt 95 transport_reference: transport 0x7ce24740 now has 2 references 173307.675254 Trpt 95 transport_reference: transport 0x7ce24740 now has 3 references 173307.676052 Trpt 95 transport_reference: transport 0x7ce24680 now has 2 references 173307.676852 Trpt 95 transport_reference: transport 0x7ce24680 now has 3 references 173307.677698 Trpt 95 transport_reference: transport 0x7ce245c0 now has 2 references 173307.678481 Trpt 95 transport_reference: transport 0x7ce245c0 now has 3 references 173307.679280 Trpt 95 transport_reference: transport 0x7ce24500 now has 2 references 173307.680064 Trpt 95 transport_reference: transport 0x7ce24500 now has 3 references 173307.680854 Trpt 95 transport_reference: transport 0x7ce24440 now has 2 references 173307.681668 Trpt 95 transport_reference: transport 0x7ce24440 now has 3 references 173307.682833 Default sendmsg (14, 0xcfbd65a0, 0): Permission denied 173307.683665 Misc 95 conf_get_str: [General]:retransmits->3 173307.684344 Trpt 30 transport_send_messages: message 0x83151380 scheduled for retransmission 1 in 7 secs 173307.685173 Timr 10 timer_add_event: event message_send_expire(0x83151380) added before exchange_free_aux(0x7de79800), expiration in 7s 173307.686021 Trpt 95 transport_release: transport 0x7ce249c0 had 5 references 173307.686823 Trpt 95 transport_release: transport 0x7ce249c0 had 4 references 173307.687678 Trpt 95 transport_release: transport 0x7ce248c0 had 3 references 173307.688468 Trpt 95 transport_release: transport 0x7ce248c0 had 2 references 173307.689294 Trpt 95 transport_release: transport 0x7ce24800 had 3 references 173307.690084 Trpt 95 transport_release: transport 0x7ce24800 had 2 references 173307.690866 Trpt 95 transport_release: transport 0x7ce24740 had 3 references 173307.691649 Trpt 95 transport_release: transport 0x7ce24740 had 2 references 173307.692435 Trpt 95 transport_release: transport 0x7ce24680 had 3 references 173307.693211 Trpt 95 transport_release: transport 0x7ce24680 had 2 references 173307.694007 Trpt 95 transport_release: transport 0x7ce245c0 had 3 references 173307.694803 Trpt 95 transport_release: transport 0x7ce245c0 had 2 references 173307.695592 Trpt 95 transport_release: transport 0x7ce24500 had 3 references 173307.696384 Trpt 95 transport_release: transport 0x7ce24500 had 2 references 173307.697269 Trpt 95 transport_release: transport 0x7ce24440 had 3 references 173307.698072 Trpt 95 transport_release: transport 0x7ce24440 had 2 references 173307.698886 Trpt 95 transport_fd_set: transport 0x7ce24940 (virtual 0x7ce248c0) fd 22 173307.699680 Trpt 95 transport_fd_set: transport 0x7ce24900 (virtual 0x7ce248c0) fd 21 173307.700481 Trpt 95 transport_fd_set: transport 0x7ce24880 (virtual 0x7ce24800) fd 20 173307.701386 Trpt 95 transport_fd_set: transport 0x7ce24840 (virtual 0x7ce24800) fd 19 173307.702060 Trpt 95 transport_fd_set: transport 0x7ce247c0 (virtual 0x7ce24740) fd 18 173307.702850 Trpt 95 transport_fd_set: transport 0x7ce24780 (virtual 0x7ce24740) fd 17 173307.703647 Trpt 95 transport_fd_set: transport 0x7ce24700 (virtual 0x7ce24680) fd 16 173307.704437 Trpt 95 transport_fd_set: transport 0x7ce246c0 (virtual 0x7ce24680) fd 15 173307.705272 Trpt 95 transport_fd_set: transport 0x7ce24640 (virtual 0x7ce245c0) fd 14 173307.706064 Trpt 95 transport_fd_set: transport 0x7ce24600 (virtual 0x7ce245c0) fd 13 173307.706854 Trpt 95 transport_fd_set: transport 0x7ce24580 (virtual 0x7ce24500) fd 12 173307.707876 Trpt 95 transport_fd_set: transport 0x7ce24540 (virtual 0x7ce24500) fd 11 173307.708553 Trpt 95 transport_fd_set: transport 0x7ce244c0 (virtual 0x7ce24440) fd 10 173307.709340 Trpt 95 transport_fd_set: transport 0x7ce24480 (virtual 0x7ce24440) fd 9 173311.446291 Trpt 70 transport_setup: added 0x7ce24cc0 to transport list 173311.447066 Trpt 70 transport_setup: added 0x7ce24d00 to transport list 173311.447910 Trpt 50 virtual_clone: old 0x7ce24680 new 0x7ce24c80 (main is 0x7ce24cc0) 173311.448828 Trpt 70 transport_setup: virtual transport 0x7ce24c80 173311.449508 Trpt 95 transport_reference: transport 0x7ce24c80 now has 1 references 173311.450344 Mesg 90 message_alloc: allocated 0x83151600 173311.451119 Mesg 70 message_recv: message 0x83151600 173311.452055 Mesg 70 ICOOKIE: 4558dc89993e4538 173311.452909 Mesg 70 RCOOKIE: 0000000000000000 173311.453567 Mesg 70 NEXT_PAYLOAD: SA 173311.454375 Mesg 70 VERSION: 16 173311.455289 Mesg 70 EXCH_TYPE: ID_PROT 173311.455948 Mesg 70 FLAGS: [ ] 173311.456869 Mesg 70 MESSAGE_ID: 00000000 173311.457544 Mesg 70 LENGTH: 128 173311.457989 Mesg 70 message_recv: 4558dc89 993e4538 00000000 00000000 01100200 00000000 00000080 0d000038 173311.458245 Mesg 70 message_recv: 00000001 00000001 0000002c 01010001 00000024 01010000 80010005 80020002 173311.458473 Mesg 70 message_recv: 80030001 80040002 800b0001 000c0004 00015180 0d000014 afcad713 68a1f1c9 173311.458694 Mesg 70 message_recv: 6b8696fc 77570100 00000018 62502774 9d5ab97f 5616c160 2765cf48 0a3b7d0b 173311.458797 Mesg 90 message_recv: dropping setup for existing SA 173311.458894 Mesg 20 message_free: freeing 0x83151600 173311.459054 Trpt 95 transport_release: transport 0x7ce24c80 had 1 references 173311.459154 Trpt 70 transport_release: freeing 0x7ce24c80 173311.459272 Trpt 90 udp_remove: removed transport 0x7ce24d00 173311.459395 Trpt 90 udp_remove: removed transport 0x7ce24cc0 173311.459503 Trpt 90 virtual_remove: removed 0x7ce24c80 173311.459642 Trpt 95 transport_reference: transport 0x7ce249c0 now has 4 references 173311.459757 Trpt 95 transport_reference: transport 0x7ce249c0 now has 5 references 173311.460073 Trpt 95 transport_reference: transport 0x7ce248c0 now has 2 references 173311.460189 Trpt 95 transport_reference: transport 0x7ce248c0 now has 3 references 173311.460291 Trpt 95 transport_reference: transport 0x7ce24800 now has 2 references 173311.460393 Trpt 95 transport_reference: transport 0x7ce24800 now has 3 references ...
