Hi ,<br>
<br>
I am new to Openswan.<br>
<br>
I have 2 fedora 2.6 systmes with openswan-2.3.1 installed.<br>
<br>
when i try create a connection between then i get the following error<br>
<br>
============================================================================================================<br>
Jan 10 12:39:02 aheesh_sys pluto[3787]: packet from <a href="http://172.22.67.104:500"></b></font><font color="red"><b>MailScanner has detected a possible fraud attempt from "172.22.67.104:500" claiming to be</b></font> <font color="red"><b>MailScanner warning: numerical links are often malicious: 172.22.67.104:500</a>:
received Vendor ID payload [Openswan (this version) 2.3.1
X.509-1.5.4 PLUTO_SENDS_VENDORID PLUTO_USES_KEYRR]<br>
Jan 10 12:39:02 aheesh_sys pluto[3787]: packet from <a href="http://172.22.67.104:500"></b></font><font color="red"><b>MailScanner has detected a possible fraud attempt from "172.22.67.104:500" claiming to be</b></font> <font color="red"><b>MailScanner warning: numerical links are often malicious: 172.22.67.104:500</a>: received Vendor ID payload [Dead Peer Detection]<br>
Jan 10 12:39:02 aheesh_sys pluto[3787]: "net-to-net" #97: responding to Main Mode<br>
Jan 10 12:39:02 aheesh_sys pluto[3787]: "net-to-net" #97: transition from state STATE_MAIN_R0 to state STATE_MAIN_R1<br>
Jan 10 12:39:02 aheesh_sys pluto[3787]: "net-to-net" #97: transition from state STATE_MAIN_R1 to state STATE_MAIN_R2<br>
Jan 10 12:39:02 aheesh_sys pluto[3787]: "net-to-net" #97: Main mode peer ID is ID_IPV4_ADDR: '<a href="http://172.22.67.104"></b></font><font color="red"><b>MailScanner has detected a possible fraud attempt from "172.22.67.104" claiming to be</b></font> <font color="red"><b>MailScanner warning: numerical links are often malicious: 172.22.67.104</a>'<br>
Jan 10 12:39:02 aheesh_sys pluto[3787]: "net-to-net" #97: Signature
check (on <a href="http://172.22.67.104"></b></font><font color="red"><b>MailScanner has detected a possible fraud attempt from "172.22.67.104" claiming to be</b></font> <font color="red"><b>MailScanner warning: numerical links are often malicious: 172.22.67.104</a>) failed (wrong key?); tried *AQOaBoHjT<br>
Jan 10 12:39:02 aheesh_sys pluto[3787]: "net-to-net" #97: sending
encrypted notification INVALID_KEY_INFORMATION to <a href="http://172.22.67.104:500"></b></font><font color="red"><b>MailScanner has detected a possible fraud attempt from "172.22.67.104:500" claiming to be</b></font> <font color="red"><b>MailScanner warning: numerical links are often malicious: 172.22.67.104:500</a><br>
Jan 10 12:39:02 aheesh_sys pluto[3787]: "net-to-net" #97: failed to build notification for spisize=0<br>
Jan 10 12:39:04 aheesh_sys pluto[3787]: "net-to-net" #96: max number of retransmissions (2) reached STATE_MAIN_R2<br>
+ _________________________ date<br>
+ date<br>
Tue Jan 10 12:39:11 IST 2006<br>
============================================================================================================<br>
<br>
I am using RSA for the connection setup<br>
<br>
============================================================================================================<br>
ipsec auto --listall<br>
000<br>
000 List of Public Keys:<br>
000<br>
000 Jan 10 11:11:13 2006, 2192 RSA Key AQOaBoHjT, until --- -- --:--:-- ---- ok (expires never)<br>
000 ID_IPV4_ADDR '<a href="http://172.22.67.104"></b></font><font color="red"><b>MailScanner has detected a possible fraud attempt from "172.22.67.104" claiming to be</b></font> <font color="red"><b>MailScanner warning: numerical links are often malicious: 172.22.67.104</a>'<br>
000 Jan 10 11:11:13 2006, 2192 RSA Key AQPf+LfnS, until --- -- --:--:-- ---- ok (expires never)<br>
000 ID_IPV4_ADDR '<a href="http://172.22.65.226"></b></font><font color="red"><b>MailScanner has detected a possible fraud attempt from "172.22.65.226" claiming to be</b></font> <font color="red"><b>MailScanner warning: numerical links are often malicious: 172.22.65.226</a>'<br>
============================================================================================================<br>
<br>
What am i doing wrong.<br>
<br>
This is my ipsec.conf file<br>
============================================================================================================<br>
<br>
version 2.0 # conforms to second version of ipsec.conf specification<br>
<br>
# basic configuration<br>
config setup<br>
# Debug-logging controls: "none" for (almost) none, "all" for lots.<br>
# klipsdebug=none<br>
# plutodebug="control parsing"<br>
interfaces=ipsec0=eth0<br>
<br>
# Add connections here<br>
<br>
conn net-to-net<br>
left=<a href="http://172.22.65.226"></b></font><font color="red"><b>MailScanner has detected a possible fraud attempt from "172.22.65.226" claiming to be</b></font> <font color="red"><b>MailScanner warning: numerical links are often malicious: 172.22.65.226</a>
# Local vitals<br>
leftsubnet=<a href="http://172.22.65.226/24"></b></font><font color="red"><b>MailScanner has detected a possible fraud attempt from "172.22.65.226" claiming to be</b></font> <font color="red"><b>MailScanner warning: numerical links are often malicious: 172.22.65.226/24</a><br>
spi=0x200<br>
# leftid=@<a href="http://xy.example.com">xy.example.com</a> #<br>
#leftnexthop=%defaultroute # correct in many situations<br>
leftrsasigkey=0sAQPf+LfnS1brI1nyOB5/VkC4UKoDyJZogyWPugMOjJO7DnA6haD/GRC14t8HGXzPL8gJI0DnIl2y7TStT8SgB4bhOeVvetC2hnZc2vX0PrhYMBuc/rXLyGQXCnAezHXzDhD/a5Pc+SvP5OFX7qMiCsrt+6xAh7wAuDKURfra7iST9nD3MUv74Fq36p7fIvEwfT29zlJEnsSaVYhzuQlfW/VPpU6JN7Y4wQfVUgtgvd+jK3hhDa+1dtrwdv8748Zjm1VJmPBmpaWmRn1IZW3bpsTLgAwA0y9syOB7XiaTzKSGTOsliPFGTWoPrQD68SO6ogAXOUWxsLNqwmb6mCB7JgxdkLyYpCgCBaDqXykrV4bNUpS5
<br>
right=<a href="http://172.22.67.104"></b></font><font color="red"><b>MailScanner has detected a possible fraud attempt from "172.22.67.104" claiming to be</b></font> <font color="red"><b>MailScanner warning: numerical links are often malicious: 172.22.67.104</a>
# Remote vitals<br>
rightsubnet=<a href="http://172.22.67.104/24"></b></font><font color="red"><b>MailScanner has detected a possible fraud attempt from "172.22.67.104" claiming to be</b></font> <font color="red"><b>MailScanner warning: numerical links are often malicious: 172.22.67.104/24</a><br>
rightrsasigkey=0sAQOaBoHjTJl8TG3wr5vHcrMWWyYuNYhkZrF3wZ6pvpQUqRQiUySmNC/00ed9BnotkyMV+YFZUnNQrux17m7Lj1eYeFhhhmrbd6M2jBsxq9NQA07bwIEDhNrPDyj+QjQ+NMmSX90+98X3bkAjtEUAwcKCKf3gUHcy0JcZccs4oy6eT3UZtuxJUb4ZSaVGoygWNe6zyYuhRJdXShoQ4R2f6Fh7kADVsdbsQcyjctf3u0gVczc0f2lNHBMQ/uTgJANixXbmGdeUfPD3n/nxxUh4qoN3SAcea61EJ2a4FPMF5qSOmDTWlnAZm53sZ9Y35Ubdq1QgIh1/1cNP1QHhXhN+UoBBSFLm44Y04XcRJdS7qct8u3yh
<br>
# rightid=@<a href="http://ab.example.com">ab.example.com</a> #<br>
#rightnexthop=%defaultroute # correct in many situations<br>
auto=add
# authorizes but doesn't start this<br>
<br>
include /etc/ipsec.d/examples/no_oe.conf<br>
============================================================================================================<br>
<br>
<br>
<br>
Aheesh<br>