[Openswan Users] when protostack=mast ==> no connection has been authorized with policy=PSK!!!
Paul Wouters
paul at xelerance.com
Sat Jun 26 19:56:08 EDT 2010
On Sun, 27 Jun 2010, Majid Khonji wrote:
> When i use protostack=mast
> I get the following error (when i connect a client)
> packet from 10.0.0.1:500: initial Main Mode message received on 10.0.0.105:500 but no connection has been authorized with
> policy=PSK
Do you have a mast0 interface? Does it have the same ip as your external ip?
> mast0 Link encap:UNSPEC HWaddr 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00
> inet addr:10.0.0.105 Mask:255.255.255.255
> conn road
> left=10.0.0.105
> leftsubnet=10.0.0.0/24
> conn road-l2tp
> also=road
That is not going to work because l2tp does not use a subnet= on the
server side. Please see examples in /etc/ipsec.d/examples/l2tp*
> #because Mac clients don't like 1701
> rightprotoport=17/1701
That should be 17/%any
> conn road-l2tp-mac
A separate conn should not be needed.
Paul
More information about the Users
mailing list