
<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">

<html>

<head>

  <meta content="text/html;charset=UTF-8" http-equiv="Content-Type">

</head>

<body bgcolor="#ffffff" text="#000000">

I got this message<br>

<br>

000 #65: "site_192.168.6.0_24-192.168.2.0_24":500 STATE_MAIN_I1 (sent

MI1, expecting MR1); EVENT_RETRANSMIT in 21s; nodpd<br>

000 #65: pending Phase 2 for "site_192.168.6.0_24-192.168.2.0_24"

replacing #0<br>

000 #65: pending Phase 2 for "site_192.168.6.0_24-192.168.2.0_24"

replacing #0<br>

000 #65: pending Phase 2 for "site_192.168.6.0_24-192.168.2.0_24"

replacing #0<br>

000 #65: pending Phase 2 for "site_192.168.6.0_24-192.168.2.0_24"

replacing #0<br>

<br>

mix wrote:

<blockquote cite="mid45C837A4.7060500@cipherium.com.tw" type="cite">

  <meta content="text/html;charset=UTF-8" http-equiv="Content-Type">

  <title></title>

Hello guys<br>

  <br>

I'm trying to setup the openswan site-to-site vpn, but didn't work.<br>

Any suggestion?<br>

  <br>

my network looks like below<br>

  <br>

subnet1-----------gateway1---------------- Internet

--------------------gateway2-----------subnet2<br>

  <br>

gateway1 using PPPoE<br>

gateway2 using PPPoE<br>

subnet1(192.168.2.0/24)                                               

            <br>

subnet2(192.168.6.0/24)<br>

  <br>

Two gateways using <big><b>PPPoE</b></big> both to connect Internet.<br>

  <br>

my openswan configuration<br>

  <br>

conn site_192.168.2.0_24-192.168.6.0_24<br>

        left=a.b.c.d<br>

        leftsubnet=192.168.2.0/24<br>

        right=w.x.y.z<br>

        rightsubnet=192.168.6.0/24<br>

       

ike=AES256-SHA1-MODP1536,AES256-SHA1-MODP1024,AES256-SHA1-MODP768<br>

        esp=AES256-SHA1-96<br>

        dpddelay=10<br>

        dpdtimeout=15<br>

        keyingtries=%forever<br>

        keylife=24h<br>

        ikelifetime=8h<br>

        rekey=no<br>

        rekeymargin=9m<br>

        pfs=yes<br>

        pfsgroup=MODP1024<br>

        leftupdown="/ramfs/bin/ipsec_updown.exe"<br>

        rightupdown="/ramfs/bin/ipsec_updown.exe"<br>

        auto=add<br>

  <br>

  <br>

  <br>

conn site_192.168.6.0_24-192.168.2.0_24<br>

        left=w.x.y.z<br>

        leftsubnet=192.168.6.0/24<br>

        right=a.b.c.d<br>

        rightsubnet=192.168.2.0/24<br>

       

ike=AES256-SHA1-MODP1536,AES256-SHA1-MODP1024,AES256-SHA1-MODP768<br>

        esp=AES256-SHA1-96<br>

        dpddelay=10<br>

        dpdtimeout=15<br>

        keyingtries=%forever<br>

        keylife=24h<br>

        ikelifetime=8h<br>

        rekey=no<br>

        rekeymargin=9m<br>

        pfs=yes<br>

        pfsgroup=MODP1024<br>

        leftupdown="/ramfs/bin/ipsec_updown.exe"<br>

        rightupdown="/ramfs/bin/ipsec_updown.exe"<br>

        auto=add

  <pre wrap="">

<hr size="4" width="90%">

_______________________________________________

<a class="moz-txt-link-abbreviated" href="mailto:Users@openswan.org">Users@openswan.org</a>

<a class="moz-txt-link-freetext" href="http://lists.openswan.org/mailman/listinfo/users">http://lists.openswan.org/mailman/listinfo/users</a>

Building and Integrating Virtual Private Networks with Openswan: 

<a class="moz-txt-link-freetext" href="http://www.amazon.com/gp/product/1904811256/104-3099591-2946327?n=283155">http://www.amazon.com/gp/product/1904811256/104-3099591-2946327?n=283155</a>

  </pre>

</blockquote>

<br>

</body>

</html>