<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
<HTML><HEAD>
<META http-equiv=Content-Type content="text/html; charset=iso-8859-1">
<META content="MSHTML 6.00.2800.1458" name=GENERATOR>
<STYLE></STYLE>
</HEAD>
<BODY bgColor=#ffffff>
<DIV><FONT face=Arial size=2>Hi,</FONT></DIV>
<DIV><FONT face=Arial size=2></FONT> </DIV>
<DIV><FONT face=Arial size=2> I am facing one problem in
simple connection. I am using Openswan 2.4.2</FONT></DIV>
<DIV><FONT face=Arial size=2></FONT> </DIV>
<DIV><FONT face=Arial size=2>my ipsec.conf file is like</FONT></DIV>
<DIV><FONT face=Arial size=2></FONT> </DIV>
<DIV><FONT face=Arial size=2>version 2<BR>config
setup<BR>
interfaces="ipsec0=eth1"<BR>
klipsdebug=none<BR>
plutodebug=none<BR>
#plutoload=%search<BR>
#plutostart=%search<BR>
uniqueids=yes<BR>
nat_traversal=yes</FONT></DIV>
<DIV><FONT face=Arial size=2></FONT> </DIV>
<DIV><FONT face=Arial size=2>conn
abc<BR>
left=151.7.7.254<BR>
leftsubnet=7.7.7.0/255.255.255.0<BR>
leftnexthop=151.7.7.1<BR>
right=%any<BR>
authby=secret<BR>
auto=add<BR>
pfs=yes<BR>
keylife=8h<BR>
rekey=yes<BR>
rekeymargin=10<BR>
rekeyfuzz=0%<BR>
keyingtries=10<BR>
compress=yes<BR>
dpddelay=30<BR>
dpdtimeout=120<BR>
dpdaction=clear</FONT></DIV>
<DIV><FONT face=Arial size=2></FONT> </DIV><FONT face=Arial size=2>
<DIV><BR>conn rw_ltotp_test<BR>
left=151.7.7.254<BR>
leftsubnet=7.7.7.0/255.255.255.0<BR>
leftnexthop=151.7.7.1<BR>
right=%any<BR>
authby=rsasig<BR>
leftrsasigkey=%cert<BR>
rightrsasigkey=%cert<BR>
rightcert=ltotptest.pem<BR>
auto=add<BR>
pfs=yes<BR>
keylife=8h<BR>
rekey=yes<BR>
rekeymargin=10<BR>
rekeyfuzz=0%<BR>
keyingtries=10<BR>
compress=yes<BR> dpddelay=30</DIV>
<DIV> </DIV>
<DIV>my ipsec.secrets file is like</DIV>
<DIV> </DIV>
<DIV>: RSA elitecorevpnprivatekey.key "password"</DIV>
<DIV> </DIV>
<DIV>151.7.7.254 %any : PSK "presharedkey"</DIV>
<DIV> </DIV>
<DIV> </DIV>
<DIV>when I write both connection details and restart ipsec it works well but if
I add a connection after restart it gives message like</DIV>
<DIV> </DIV>
<DIV> ipsec auto --replace rw_ltotp_test<BR>023 authentication method
disagrees with "abc", which is also for an unspecified peer<BR>037 attempt to
load incomplete connection</DIV>
<DIV> </DIV>
<DIV>if both of the connection are of same authentication method ie of rsakey or
of presharedkey then it doesn't give any message.</DIV>
<DIV></FONT> </DIV>
<DIV><FONT face=Arial size=2>Regards,</FONT></DIV>
<DIV><FONT face=Arial size=2></FONT> </DIV>
<DIV><FONT face=Arial size=2>Utkarsh Shah</FONT></DIV></BODY></HTML>