[Bug 450364] New: Turnpike: adding phase2 subnet causing protection fault with racoon

https://bugzilla.novell.com/show_bug.cgi?id=450364 Summary: Turnpike: adding phase2 subnet causing protection fault with racoon Product: openSUSE 11.0 Version: Final Platform: x86-64 OS/Version: openSUSE 11.0 Status: NEW Severity: Major Priority: P5 - None Component: Network AssignedTo: bnc-team-screening@forge.provo.novell.com ReportedBy: paca@sci.fi QAContact: qa@suse.de Found By: Community User I'm trying to built vpn connection to ipsec-firewall by using vpnlogin. As soon I add phase2 subnet setting to profile racoond dies every time I try to connect, at time when turnpike sends phase2 config to racoond. Dec 1 07:48:04 linux-tq04 kernel: racoon[3930] general protection ip:7f714f9c8d30 sp:7fff58513ba8 error:0 in libc-2.8.so[7f714f94b000+14f000] Without phase 2 subnet (<networks> entry) phase1 is initialized fine. rpm versions are: turnpike-0.1.1-209.1 novell-ipsec-tools-0.6.3-183.1 ######## Failing profile is like: <?xml version="1.0"?> <profile name="CONNECTIONTEST"> connectiontest.dyndns.org Standard IPsec gateway <certificate>mycert.pfx</certificate> <policies> <phase1> <proposals> <entry mode="MM" dhgroup="dh2" authmethod="X.509"/> </proposals> </phase1> <phase2> <proposals> <entry pfsgroup="off"/> </proposals> <networks> <entry network="192.168.0.0" mask="255.255.255.0"/> </networks> </phase2> </policies> </profile> ###########Syslog shows: Dec 1 07:48:04 linux-tq04 racoon: DEBUG: configuring default isakmp port. Dec 1 07:48:04 linux-tq04 racoon: NOTIFY: NAT-T is enabled, autoconfiguring ports Dec 1 07:48:04 linux-tq04 racoon: DEBUG: 6 addrs are configured successfully Dec 1 07:48:04 linux-tq04 racoon: INFO: 127.0.0.1[500] used as isakmp port (fd=8) Dec 1 07:48:04 linux-tq04 racoon: INFO: 127.0.0.1[500] used for NAT-T Dec 1 07:48:04 linux-tq04 racoon: INFO: 127.0.0.1[4500] used as isakmp port (fd=9) Dec 1 07:48:04 linux-tq04 racoon: INFO: 127.0.0.1[4500] used for NAT-T Dec 1 07:48:04 linux-tq04 racoon: INFO: 127.0.0.2[500] used as isakmp port (fd=10) Dec 1 07:48:04 linux-tq04 racoon: INFO: 127.0.0.2[500] used for NAT-T Dec 1 07:48:04 linux-tq04 racoon: INFO: 127.0.0.2[4500] used as isakmp port (fd=11) Dec 1 07:48:04 linux-tq04 racoon: INFO: 127.0.0.2[4500] used for NAT-T Dec 1 07:48:04 linux-tq04 racoon: INFO: 85.131.96.167[500] used as isakmp port (fd=12) Dec 1 07:48:04 linux-tq04 racoon: INFO: 85.131.96.167[500] used for NAT-T Dec 1 07:48:04 linux-tq04 racoon: INFO: 85.131.96.167[4500] used as isakmp port (fd=13) Dec 1 07:48:04 linux-tq04 racoon: INFO: 85.131.96.167[4500] used for NAT-T Dec 1 07:48:04 linux-tq04 kernel: racoon[3930] general protection ip:7f714f9c8d30 sp:7fff58513ba8 error:0 in libc-2.8.so[7f714f94b000+14f000] ########### .turpike/log.txt shows: 2008-12-01 07:47:54: INFO: Novell VPN Client for Linux GUI Startup .... 2008-12-01 07:48:04: INFO: server_ip_addr = 84.253.213.7 , source_ip = 85.131.96.167 2008-12-01 07:48:04: INFO: Successfully sent message type 305 to admin port 2008-12-01 07:48:04: INFO: peek length = 8, Peeked length = 8 2008-12-01 07:48:04: INFO: Received Length= 8 2008-12-01 07:48:04: INFO: The Received Buffer length is 8 ... 2008-12-01 07:48:04: INFO: Successfully sent message type 303 to admin port 2008-12-01 07:48:04: WARNING: Connection closed. May be server closed this connection! -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.