<SPAN class=postbody>salut les amis.....je suis bloqué sur mon installation de <B style="COLOR: #ffa34f">openswan</B>!!! si quelqun pourrait m'eclairer un peu.... <BR>j'ai suivi ttes les etapes de configuration de <B style="COLOR: #ffa34f">openswan</B> mais lorsque je teste ma connection ces messages m'apparait: <BR><BR>[root@localhost user]# ipsec auto --status <BR>000 interface lo/lo ::1 <BR>000 interface lo/lo 127.0.0.1 <BR>000 interface lo/lo 127.0.0.1 <BR>000 interface ath0/ath0 192.168.1.5 <BR>000 interface ath0/ath0 192.168.1.5 <BR>000 interface eth0/eth0 192.168.1.7 <BR>000 interface eth0/eth0 192.168.1.7 <BR>000 %myid = (none) <BR>000 debug none <BR>000 <BR>000 algorithm ESP encrypt: id=2, name=ESP_DES, ivlen=8, keysizemin=64, keysizemax=64 <BR>000 algorithm ESP encrypt: id=3, name=ESP_3DES, ivlen=8, keysizemin=192, keysizemax=192 <BR>000 algorithm ESP encrypt: id=7, name=ESP_BLOWFISH, ivlen=8, keysizemin=40, keysizemax=448 <BR>000 algorithm ESP encrypt: id=11,
name=ESP_NULL, ivlen=0, keysizemin=0, keysizemax=0 <BR>000 algorithm ESP encrypt: id=12, name=ESP_AES, ivlen=8, keysizemin=128, keysizemax=256 <BR>000 algorithm ESP encrypt: id=252, name=ESP_SERPENT, ivlen=8, keysizemin=128, keysizemax=256 <BR>000 algorithm ESP encrypt: id=253, name=ESP_TWOFISH, ivlen=8, keysizemin=128, keysizemax=256 <BR>000 algorithm ESP auth attr: id=1, name=AUTH_ALGORITHM_HMAC_MD5, keysizemin=128, keysizemax=128 <BR>000 algorithm ESP auth attr: id=2, name=AUTH_ALGORITHM_HMAC_SHA1, keysizemin=160, keysizemax=160 <BR>000 algorithm ESP auth attr: id=5, name=AUTH_ALGORITHM_HMAC_SHA2_256, keysizemin=256, keysizemax=256 <BR>000 algorithm ESP auth attr: id=251, name=(null), keysizemin=0, keysizemax=0 <BR>000 <BR>000 algorithm IKE encrypt: id=5, name=OAKLEY_3DES_CBC, blocksize=8, keydeflen=192 <BR>000 algorithm IKE encrypt: id=7, name=OAKLEY_AES_CBC, blocksize=16, keydeflen=128 <BR>000 algorithm IKE hash: id=1, name=OAKLEY_MD5, hashsize=16 <BR>000 algorithm
IKE hash: id=2, name=OAKLEY_SHA1, hashsize=20 <BR>000 algorithm IKE dh group: id=2, name=OAKLEY_GROUP_MODP1024, bits=1024 <BR>000 algorithm IKE dh group: id=5, name=OAKLEY_GROUP_MODP1536, bits=1536 <BR>000 algorithm IKE dh group: id=14, name=OAKLEY_GROUP_MODP2048, bits=2048 <BR>000 algorithm IKE dh group: id=15, name=OAKLEY_GROUP_MODP3072, bits=3072 <BR>000 algorithm IKE dh group: id=16, name=OAKLEY_GROUP_MODP4096, bits=4096 <BR>000 algorithm IKE dh group: id=17, name=OAKLEY_GROUP_MODP6144, bits=6144 <BR>000 algorithm IKE dh group: id=18, name=OAKLEY_GROUP_MODP8192, bits=8192 <BR>000 <BR>000 stats db_ops.c: {curr_cnt, total_cnt, maxsz} :context={0,0,0} trans={0,0,0} attrs={0,0,0} <BR>000 <BR>000 "net-to-net": 192.168.2.0/24===192.168.1.5[@localhost]---192.168.1.1...192.168.1.1---192.168.1.6[@localhost]===192.168.1.0/24; unrouted; eroute owner: #0 <BR>000 "net-to-net": srcip=unset; dstip=unset; srcup=ipsec _updown; dstup=ipsec _updown; <BR>000 "net-to-net": ike_life: 3600s;
ipsec_life: 28800s; rekey_margin: 540s; rekey_fuzz: 100%; keyingtries: 0 <BR>000 "net-to-net": policy: RSASIG+ENCRYPT+TUNNEL+PFS+UP; prio: 24,24; interface: ath0; <BR>000 "net-to-net": newest ISAKMP SA: #0; newest IPsec SA: #0; <BR>000 <BR>000 #2: "net-to-net":500 STATE_MAIN_I3 (sent MI3, expecting MR3); EVENT_RETRANSMIT in 35s; lastdpd=-1s(seq in:0 out:0) <BR>000 #2: pending Phase 2 for "net-to-net" replacing #0 <BR>000 <BR><BR><BR>[root@localhost user]# ipsec auto --verbose --up net-to-net <BR>002 "net-to-net" #1: initiating Main Mode <BR>104 "net-to-net" #1: STATE_MAIN_I1: initiate <BR>003 "net-to-net" #1: received Vendor ID payload [<B style="COLOR: #ffa34f">Openswan</B> (this version) 2.4.6 X.509-1.5.4 PLUTO_SENDS_VENDORID PLUTO_USES_KEYRR] <BR>003 "net-to-net" #1: received Vendor ID payload [Dead Peer Detection] <BR>003 "net-to-net" #1: received Vendor ID payload [RFC 3947] method set to=110 <BR>002 "net-to-net" #1: enabling possible NAT-traversal with method 3
<BR>002 "net-to-net" #1: transition from state STATE_MAIN_I1 to state STATE_MAIN_I2 <BR>106 "net-to-net" #1: STATE_MAIN_I2: sent MI2, expecting MR2 <BR>002 "net-to-net" #1: I did not send a certificate because I do not have one. <BR>003 "net-to-net" #1: NAT-Traversal: Result using 3: no NAT detected <BR>002 "net-to-net" #1: transition from state STATE_MAIN_I2 to state STATE_MAIN_I3 <BR>108 "net-to-net" #1: STATE_MAIN_I3: sent MI3, expecting MR3 <BR>003 "net-to-net" #1: ignoring informational payload, type INVALID_KEY_INFORMATION <BR>003 "net-to-net" #1: received and ignored informational message <BR>010 "net-to-net" #1: STATE_MAIN_I3: retransmission; will wait 20s for response <BR>003 "net-to-net" #1: discarding duplicate packet; already STATE_MAIN_I3 <BR>003 "net-to-net" #1: ignoring informational payload, type INVALID_KEY_INFORMATION <BR>003 "net-to-net" #1: received and ignored informational message <BR>010 "net-to-net" #1: STATE_MAIN_I3: retransmission; will wait 40s
for response <BR>003 "net-to-net" #1: discarding duplicate packet; already STATE_MAIN_I3 <BR>003 "net-to-net" #1: ignoring informational payload, type INVALID_KEY_INFORMATION <BR>003 "net-to-net" #1: received and ignored informational message <BR>031 "net-to-net" #1: max number of retransmissions (2) reached STATE_MAIN_I3. Possible authentication failure: no acceptable response to our first encrypted message <BR>000 "net-to-net" #1: starting keying attempt 2 of an unlimited number, but releasing whack </SPAN><p>
<hr size="1">
Découvrez un nouveau moyen de poser toutes vos questions quelque soit le sujet !
Yahoo! Questions/Réponses pour partager vos connaissances, vos opinions et vos expériences. <a href="http://fr.rd.yahoo.com/evt=42054/*http://fr.answers.yahoo.com">Cliquez ici</a>.
<p> 
<hr size="1">
Découvrez un nouveau moyen de poser toutes vos questions quelque soit le sujet !
Yahoo! Questions/Réponses pour partager vos connaissances, vos opinions et vos expériences. <a href="http://fr.rd.yahoo.com/evt=42054/*http://fr.answers.yahoo.com">Cliquez ici</a>.