Hi,

I am using ipsec at freebsd 5.4.



At the primary router, there are already 30 vpn links established and
working fine. When I added a new link with a remote freebsd router
yesterday, the new link doesn't seem to be working. When I ping the
remote vpn router, the ping result the following output:

# tcpdump -n -i bge1 host 10.154.3.74
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on bge1, link-type EN10MB (Ethernet), capture size 96 bytes
08:58:01.990162 IP 10.152.34.74 > 10.154.3.74: ESP(spi=0x00000aed,seq=0x188)
08:58:02.991334 IP 10.152.34.74 > 10.154.3.74: ESP(spi=0x00000aed,seq=0x189)
08:58:03.992521 IP 10.152.34.74 > 10.154.3.74: ESP(spi=0x00000aed,seq=0x18a)
08:58:04.993699 IP 10.152.34.74 > 10.154.3.74: ESP(spi=0x00000aed,seq=0x18b)
08:58:05.994899 IP 10.152.34.74 > 10.154.3.74: ESP(spi=0x00000aed,seq=0x18c)
08:58:06.996051 IP 10.152.34.74 > 10.154.3.74: ESP(spi=0x00000aed,seq=0x18d)

At the moment, I still don't know whether the key has problem or the
connection at the remote site got problem. The key is using in ipsec is
manual key.

Can any one please tell me how to troubleshoot ipsec connection at freebsd?

Thanks
P