Go Premium for a chance to win a PS4. Enter to Win

x
?
Solved

ipsec on Solaris 8

Posted on 2004-04-03
6
Medium Priority
?
370 Views
Last Modified: 2013-12-27
Hi,

I am trying to setup ipsec between two Sun servers running Solaris 8. I've pretty much followed the entire documentation available on the Sun Website to set this up. However, I've not been too successful. I keep getting the following error message every time I try to ping from the second node to the primary node.

Apr  4 12:36:08 hostname ipsecah: [ID 368763 kern.error] ah_inbound_v4 : No association found, spi=0x1001 ,dst addr a502606.

Can someone throw more light on what I've not done correctly ?

Thanks
0
Comment
Question by:hbsharp
  • 3
6 Comments
 
LVL 1

Expert Comment

by:keie
ID: 10892559
Did you notify the kernel of the SPI's you are using?
 
init script contents:
      if [ -f /etc/inet/ipseckeys ] ; then
                /usr/sbin/ipseckey -f /etc/inet/ipseckeys
      f

ipseckeys contents for esp encryption:
add esp spi 0x3000 src W.X.Y.Z dst w.x.y.z\
auth_alg md5 encr_alg des \
authkey hexhexhexhexhexhexhexhexhexhexhex \
encrkey hexhexhexhexhexh
add esp spi 0x3001 src w.x.y.z dst W.X.Y.Z \
auth_alg md5 encr_alg des \
authkey hexhexhexhexhexhexhexhexhexhexhex \
encrkey hexhexhexhexhexh
0
 
LVL 1

Author Comment

by:hbsharp
ID: 10901625
I am trying to a very basic setup initially. My ipseckeys looks very similar to the one suggested by you. However, I am not using md5 as my auth_alg. I'll try out your suggestion and will update the site.

Thanks for your time.
0
 
LVL 1

Accepted Solution

by:
hbsharp earned 0 total points
ID: 11024834
Hi,

We figured out what the problem was. It was just that we were missing a couple of packages required for ipsec to work. So, if you encounter problems setting up IPSEC, please check to ensure that you have the following packages installed,

SUNWcr
SUNWcrx

Thanks
0
 
LVL 1

Author Comment

by:hbsharp
ID: 11106672
Hi Yuzh,

That woud be great. Thanks for your help.

Regards,
0

Featured Post

Important Lessons on Recovering from Petya

In their most recent webinar, Skyport Systems explores ways to isolate and protect critical databases to keep the core of your company safe from harm.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Introduction Regular patching is part of a system administrator's tasks. However, many patches require that the system be in single-user mode before they can be installed. A cluster patch in particular can take quite a while to apply if the machine…
FreeBSD on EC2 FreeBSD (https://www.freebsd.org) is a robust Unix-like operating system that has been around for many years. FreeBSD is available on Amazon EC2 through Amazon Machine Images (AMIs) provided by FreeBSD developer and security office…
Learn several ways to interact with files and get file information from the bash shell. ls lists the contents of a directory: Using the -a flag displays hidden files: Using the -l flag formats the output in a long list: The file command gives us mor…
This video shows how to set up a shell script to accept a positional parameter when called, pass that to a SQL script, accept the output from the statement back and then manipulate it in the Shell.
Suggested Courses
Course of the Month11 days, 18 hours left to enroll

916 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question