Dear all;<br><br>I have installed Openswan 2.4.9 in Ubuntu 6.10 the Edgy Eft with kernel 2.6.17-12-generic in left host and Ubuntu 7.04 the Feisty Fawn with kernel 2.6.20-16 generic in the right host <br><br>I have configured the IPSec for host to host tunneling and the
ipsec.config file is as following<br>-------------------------------------------------------------<br>
<meta http-equiv="CONTENT-TYPE" content="text/html; charset=utf-8"><title></title><meta name="GENERATOR" content="BrOffice.org 2.0 (Linux)"><meta name="AUTHOR" content="Noura"><meta name="CREATED" content="20070814;12590200">
<meta name="CHANGED" content="16010102;0">
<style type="text/css">
<!--
@page { size: 8.5in 11in; margin: 0.79in }
P { margin-bottom: 0.08in }
-->
</style>
<p style="margin-bottom: 0in; font-style: italic; color: rgb(0, 0, 102);" align="left">version 2.0 <br></p><p style="margin-bottom: 0in; font-style: italic; color: rgb(0, 0, 102);" align="left"># basic configuration</p>
<p style="margin-bottom: 0in; font-style: italic; color: rgb(0, 0, 102);" align="left">config setup</p>
<p style="margin-bottom: 0in; font-style: italic; color: rgb(0, 0, 102);" align="left"> interfaces=%defaultroute</p>
<p style="margin-bottom: 0in; font-style: italic; color: rgb(0, 0, 102);" align="left"> #klipsdebug=all</p>
<p style="margin-bottom: 0in; font-style: italic; color: rgb(0, 0, 102);" align="left"> #plutodebug=control</p>
<p style="margin-bottom: 0in; font-style: italic; color: rgb(0, 0, 102);" align="left"><br>
</p>
<p style="margin-bottom: 0in; font-style: italic; color: rgb(0, 0, 102);" align="left">conn %default</p>
<p style="margin-bottom: 0in; font-style: italic; color: rgb(0, 0, 102);" align="left"> authby=rsasig</p>
<p style="margin-bottom: 0in; font-style: italic; color: rgb(0, 0, 102);" align="left"><br>
</p>
<p style="margin-bottom: 0in; font-style: italic; color: rgb(0, 0, 102);" align="left">conn west-east</p>
<p style="margin-bottom: 0in; font-style: italic; color: rgb(0, 0, 102);" align="left"> left=<a href="http://192.0.2.2">192.0.2.2</a></p>
<p style="margin-bottom: 0in; font-style: italic; color: rgb(0, 0, 102);" align="left"> right=<a href="http://192.0.2.9">192.0.2.9</a></p>
<p style="margin-bottom: 0in; font-style: italic; color: rgb(0, 0, 102);" align="left"> type=tunnel</p>
<p style="margin-bottom: 0in; font-style: italic; color: rgb(0, 0, 102);" align="left"> leftrsasigkey=0sAQODB.........</p><p style="margin-bottom: 0in; font-style: italic; color: rgb(0, 0, 102);" align="left">rightrsasigkey=0sAQO...........
</p><p style="margin-bottom: 0in; font-style: italic; color: rgb(0, 0, 102);" align="left">auto=start</p>
<p style="margin-bottom: 0in; font-style: italic; color: rgb(0, 0, 102);" align="left">#Disable Opportunistic
Encryption</p>
<p style="margin-bottom: 0in; font-style: italic; color: rgb(0, 0, 102);" align="left">include
/etc/ipsec.d/examples/no_oe.conf</p><br>--------------------------------------------------------<br><br>setting up the connection and testing is was perfectly working....<br><br><br>What I am trying to do is to add new cipher to be used in ESP instead of AES
<br><br>so I was just trying to rename all the AES with another name ... and I got this error<br><br>root@mastercsci-laptop:/etc/init.d# ipsec auto --up west-east<br>117 "west-east" #48: STATE_QUICK_I1: initiate
<br>010 "west-east" #48: STATE_QUICK_I1: retransmission; will wait 20s for response<br>010 "west-east" #48: STATE_QUICK_I1: retransmission; will wait 40s for response<br>031 "west-east" #48: max number of retransmissions (2) reached STATE_QUICK_I1. No acceptable response to our first Quick Mode message: perhaps peer likes no proposal
<br>000 "west-east" #48: starting keying attempt 2 of an unlimited number, but releasing whack<br><br>even the ping command is not working..<br><br><br>any one have any idea about how to add a cipher to be used in encryption algorithm
<br><br>regards<br><br><br><br><br><br>