<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 TRANSITIONAL//EN">
<HTML>
<HEAD>
<META HTTP-EQUIV="Content-Type" CONTENT="text/html; CHARSET=UTF-8">
<META NAME="GENERATOR" CONTENT="GtkHTML/3.6.2">
</HEAD>
<BODY>
Hey guys,<BR>
<BR>
The problem is that in rigth side u use a 64 bits kernel and i've installed a 32 bits version of openswan.<BR>
I reinstall the 64 bits openswan version ant it make connection.<BR>
<BR>
If i enter /sbin/ip route command in both sides, i can see the route for left network and the right network, but if i ping from left to right host the ping don't work. If i make it from rigth to left the same problem ocour.<BR>
<BR>
Is missing anything ??<BR>
<BR>
How i chek if is all ok ?? if it connected ??<BR>
<BR>
<TABLE CELLSPACING="0" CELLPADDING="0" WIDTH="100%">
<TR>
<TD>
<TABLE CELLSPACING="0" CELLPADDING="0" WIDTH="100%">
<TR>
<TD>
<TABLE CELLSPACING="0" CELLPADDING="0" WIDTH="100%">
<TR>
<TD>
<B>Frederico Madeira</B><BR>
Coordenador de Suporte<BR>
N. Landim Comércio Ltda<BR>
e-Mail: <U><A HREF="mailto:fred@farmaciadospobres.com.br">fred@farmaciadospobres.com.br</A></U><BR>
Fone : (81) 3497.3029<BR>
PABX: (81) 3497.3000<BR>
Fax : (81). 3497.3030
</TD>
</TR>
</TABLE>
</TD>
</TR>
</TABLE>
</TD>
</TR>
</TABLE>
<BR>
Em Qua, 2005-11-02 às 05:20 +0100, Paul Wouters escreveu:
<BLOCKQUOTE TYPE=CITE>
<PRE>
<FONT COLOR="#000000">On Tue, 1 Nov 2005, Andy wrote:</FONT>
<FONT COLOR="#000000">> > > 104 "ksa-fred" #1: STATE_MAIN_I1: initiate</FONT>
<FONT COLOR="#000000">> > > 003 "ksa-fred" #1: received Vendor ID payload [Openswan (this version)</FONT>
<FONT COLOR="#000000">> > > 2.4.0rc3 X.509-1.5.4 PLUTO_SENDS_VENDORID PLUTO_USES_KEYRR]</FONT>
<FONT COLOR="#000000">> > > 003 "ksa-fred" #1: received Vendor ID payload [Dead Peer Detection]</FONT>
<FONT COLOR="#000000">> > > 106 "ksa-fred" #1: STATE_MAIN_I2: sent MI2, expecting MR2</FONT>
<FONT COLOR="#000000">> > > 108 "ksa-fred" #1: STATE_MAIN_I3: sent MI3, expecting MR3</FONT>
<FONT COLOR="#000000">> > > 004 "ksa-fred" #1: STATE_MAIN_I4: ISAKMP SA established</FONT>
<FONT COLOR="#000000">> > > {auth=OAKLEY_RSA_SIG cipher=oakley_3des_cbc_192 prf=oakley_md5</FONT>
<FONT COLOR="#000000">> > > group=modp1536}</FONT>
<FONT COLOR="#000000">> > > 117 "ksa-fred" #2: STATE_QUICK_I1: initiate</FONT>
<FONT COLOR="#000000">> > > 010 "ksa-fred" #2: STATE_QUICK_I1: retransmission; will wait 20s for</FONT>
<FONT COLOR="#000000">> > > response</FONT>
<FONT COLOR="#000000">> > > 010 "ksa-fred" #2: STATE_QUICK_I1: retransmission; will wait 40s for</FONT>
<FONT COLOR="#000000">> > > response</FONT>
<FONT COLOR="#000000">> > > 031 "ksa-fred" #2: max number of retransmissions (2) reached</FONT>
<FONT COLOR="#000000">> ></FONT>
<FONT COLOR="#000000">> > The other end is not sending a single packet back. There might be a</FONT>
<FONT COLOR="#000000">> > filter for udp port 500/4500 in place somewhere.</FONT>
<FONT COLOR="#000000">> ></FONT>
<FONT COLOR="#000000">> Surely that's not right. Phase 1 is completed OK, so isakmp must be</FONT>
<FONT COLOR="#000000">> getting through?</FONT>
<FONT COLOR="#000000">Oops. You are absolutely right. It was phase 2 that never saw a packet, not</FONT>
<FONT COLOR="#000000">phase 1. In this case, the other end does not like the phase 2 proposal</FONT>
<FONT COLOR="#000000">packet that was sent, and silently disgarded the packet. Logs on that end</FONT>
<FONT COLOR="#000000">should tell you why it disgarded it.</FONT>
<FONT COLOR="#000000">Paul</FONT>
</PRE>
</BLOCKQUOTE>
<TABLE CELLSPACING="0" CELLPADDING="0" WIDTH="100%">
<TR>
<TD>
<TABLE CELLSPACING="0" CELLPADDING="0" WIDTH="100%">
<TR>
<TD>
<TABLE CELLSPACING="0" CELLPADDING="0" WIDTH="100%">
<TR>
<TD>
<BR>
</TD>
</TR>
</TABLE>
</TD>
</TR>
</TABLE>
</TD>
</TR>
</TABLE>
</BODY>
</HTML>