<< | Thread Index | >> ]    [ << | Date Index | >> ]

To: david.osborn,AT,mchsi,DOT,com
Subject: Re: kxchg error
From: Matthew Galgoci <mgalgoci,AT,redhat,DOT,com>
Date: Thu, 4 Sep 2003 10:31:45 -0400 (EDT)
Cc: cipe-l,AT,inka,DOT,de
In-reply-to: <3F5295FF.4070404@draxsen.com>

This could also be caused by a nat timeout in between the 'client' and the
server. NAT times out, udp port forwarding back into the client goes away, 
return traffic from the cipe server hits the firewall and the firewall 
(rightfully)
refuses the connection.

[client]---local lan---->[firewall doing NAT]----public internet--->[cipe 
server]

Remember udp is stateless and that the firewall is being nice and 
automagically forwarding
the udp port back to the client for some limited ammount of time.

On Mon, 1 Sep 2003, Phil Scarratt wrote:

> I assume you are using static keys defined in the cipe options file. Are 
> they identical - quite often a copy/paste operation will not suffice. 
> Make sure there are no hidden characters in either end's static key.
> 
> fil
> 
> David A. Osborn wrote:
> > I am getting the following error in my messages log;
> >  
> > ciped-cb [3399] :kxchg: send: invalid argument
> > ciped-cb [3399] :kxchg: recv: connection refused
> >  
> > Does anyone know what this indicates?  All my ip address, ports, and key 
> > appear to be correct.  What invalid argument is it indicating?
> >  
> >  
> >  
> >  
> 
> 
> 

-- 

Matthew Galgoci         "Dirty deeds, done dirt cheap"
System Administrator
Red Hat, Inc
919.754.3700 x44155


<< | Thread Index | >> ]    [ << | Date Index | >> ]