Celebrate National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

ipsec on Solaris 8

Posted on 2004-04-03
6
Medium Priority
?
368 Views
Last Modified: 2013-12-27
Hi,

I am trying to setup ipsec between two Sun servers running Solaris 8. I've pretty much followed the entire documentation available on the Sun Website to set this up. However, I've not been too successful. I keep getting the following error message every time I try to ping from the second node to the primary node.

Apr  4 12:36:08 hostname ipsecah: [ID 368763 kern.error] ah_inbound_v4 : No association found, spi=0x1001 ,dst addr a502606.

Can someone throw more light on what I've not done correctly ?

Thanks
0
Comment
Question by:hbsharp
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
6 Comments
 
LVL 1

Expert Comment

by:keie
ID: 10892559
Did you notify the kernel of the SPI's you are using?
 
init script contents:
      if [ -f /etc/inet/ipseckeys ] ; then
                /usr/sbin/ipseckey -f /etc/inet/ipseckeys
      f

ipseckeys contents for esp encryption:
add esp spi 0x3000 src W.X.Y.Z dst w.x.y.z\
auth_alg md5 encr_alg des \
authkey hexhexhexhexhexhexhexhexhexhexhex \
encrkey hexhexhexhexhexh
add esp spi 0x3001 src w.x.y.z dst W.X.Y.Z \
auth_alg md5 encr_alg des \
authkey hexhexhexhexhexhexhexhexhexhexhex \
encrkey hexhexhexhexhexh
0
 
LVL 1

Author Comment

by:hbsharp
ID: 10901625
I am trying to a very basic setup initially. My ipseckeys looks very similar to the one suggested by you. However, I am not using md5 as my auth_alg. I'll try out your suggestion and will update the site.

Thanks for your time.
0
 
LVL 1

Accepted Solution

by:
hbsharp earned 0 total points
ID: 11024834
Hi,

We figured out what the problem was. It was just that we were missing a couple of packages required for ipsec to work. So, if you encounter problems setting up IPSEC, please check to ensure that you have the following packages installed,

SUNWcr
SUNWcrx

Thanks
0
 
LVL 1

Author Comment

by:hbsharp
ID: 11106672
Hi Yuzh,

That woud be great. Thanks for your help.

Regards,
0

Featured Post

Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Using libpcap/Jpcap to capture and send packets on Solaris version (10/11) Library used: 1.      Libpcap (http://www.tcpdump.org) Version 1.2 2.      Jpcap(http://netresearch.ics.uci.edu/kfujii/Jpcap/doc/index.html) Version 0.6 Prerequisite: 1.      GCC …
FreeBSD on EC2 FreeBSD (https://www.freebsd.org) is a robust Unix-like operating system that has been around for many years. FreeBSD is available on Amazon EC2 through Amazon Machine Images (AMIs) provided by FreeBSD developer and security office…
This video shows how to set up a shell script to accept a positional parameter when called, pass that to a SQL script, accept the output from the statement back and then manipulate it in the Shell.
In a previous video, we went over how to export a DynamoDB table into Amazon S3.  In this video, we show how to load the export from S3 into a DynamoDB table.
Suggested Courses

730 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question