I am very new to VPNs and I am getting errors. I have posted the following lines that I think are the most relevant:
Dec 2 08:41:03 racoon: DEBUG: IV freed
Dec 2 08:41:03 racoon: [EUA]: [79.121.213.141] ERROR: failed to pre-process ph2 packet [Check Phase 2 settings, networks] (side: 1, status: 1).
Dec 2 08:41:03 racoon: ERROR: failed to get sainfo.
Dec 2 08:41:03 racoon: ERROR: failed to get sainfo.
Dec 2 08:41:03 racoon: DEBUG: cmpid source: '192.168.10.0/24'
Dec 2 08:41:03 racoon: DEBUG: cmpid target: '79.121.213.141/32'
Dec 2 08:41:03 racoon: DEBUG: check and compare ids : value mismatch (IPv4_subnet)
Dec 2 08:41:03 racoon: DEBUG: cmpid source: '192.168.0.0/24'
Dec 2 08:41:03 racoon: DEBUG: cmpid target: '192.168.0.0/24'
Dec 2 08:41:03 racoon: DEBUG: check and compare ids : values matched (IPv4_subnet)
Dec 2 08:41:03 racoon: DEBUG: evaluating sainfo: loc='192.168.0.0/24', rmt='192.168.10.0/24', peer='ANY', id=1
Dec 2 08:41:03 racoon: DEBUG: getsainfo params: loc='192.168.0.0/24' rmt='79.121.213.141/32' peer='79.121.213.141' client='79.121.213.141' id=1
Dec 2 08:41:03 racoon: DEBUG: 304ccaa9 0176e9fb 71aa4c00 c864b944 24677b49
Dec 2 08:41:03 racoon: DEBUG: HASH computed:
Dec 2 08:41:03 racoon: DEBUG: hmac(hmac_sha1)
Can anyone tell me where this is going wrong? I don't think cmpid source and cmpid target should be the same?
Best Answer
Failed to get sainfomeans that the racoon process cannot get the sainfo line from the racoon.conf config file that will match the incoming pair of IP addresses. In your particular case the following pair doesn't match (for obvious reason):Dec 2 08:41:03 racoon: DEBUG: cmpid source: '192.168.10.0/24' Dec 2 08:41:03 racoon: DEBUG: cmpid target: '79.121.213.141/32'Note if this isn't the only sainfo line in your racoon.conf, then this probably isn't the reason. But if there no other sainfos (they usually are created in pairs -
sainfo A to Bandsainfo B to A) - then this must be it.Further explanations are impossible without the information about the tunnel you are trying to create and without the contents of your racoon.conf file and probably the your SPs.