Description of problem:
racoon in ipsec tools 0.6.4 does not work in certain situations.
I remember it was to do something with mask component...
Error message at syslog:
Mar 23 07:54:01 localhost racoon: ERROR: failed to get sainfo.
Version-Release number of selected component (if applicable):
setkey -c <<EOF
spdadd $LOCALIP/32 $GWIP/32 udp -P out ipsec esp/transport//require ;
spdadd $GWIP/32 $LOCALIP/32 udp -P in ipsec esp/transport//require ;
How to fix:
racoon in ipsec-tools 0.6.5 works. I got racoon in 0.6.1 to work after
heavy editing of sha.h, remake and overwrite of /usr/sbin/racoon.
So please update ipsec-tools to 0.6.5 -- I recall the diff from 0.6.4
is not big.