The kernel changes have nothing to do wit this, this is SA negotiation issue (purely process level). When i updated the debian package, i noticed that sometime the keynote policy check failed for no reason. Try to define an accept all in the policy file and it should work properly, this as a workaround. On Tue, 2003-08-26 at 15:37, Ralf Spenneberg wrote: > Am Die, 2003-08-26 um 15.08 schrieb Nico Schottelius: > > > Could you post your configuration? > > > > it is on http://schotteli.us/~nico/isakmpd/wdt-home/ > > > I'll take a look at it. > > > Did you compile the isakmpd referencing the test4 kernel? > > > > no, it's prebuilt-debian. > > > That might be the problem. Try to rebuild it from source. > > > > There have been some changes in the ABI and I have not tested the newest > > > kernel using isakmpd myself, so it might not work. > > > > btw, what do I use to show the SAs? > You can use the setkey command from the ipsec-tools, but the isakmpd > offers a fifo interface which implements the r(eport) command too. > > Cheers, > > Ralf -- , th -> Jean-Francois Dive --> jef@linuxbe.org There is no such thing as randomness. Only order of infinite complexity. - Marquis de LaPlace - deterministic Principles - - : send the line "unsubscribe linux-net" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
