<html xmlns:v="urn:schemas-microsoft-com:vml" xmlns:o="urn:schemas-microsoft-com:office:office" xmlns:w="urn:schemas-microsoft-com:office:word" xmlns:x="urn:schemas-microsoft-com:office:excel" xmlns:p="urn:schemas-microsoft-com:office:powerpoint" xmlns:a="urn:schemas-microsoft-com:office:access" xmlns:dt="uuid:C2F41010-65B3-11d1-A29F-00AA00C14882" xmlns:s="uuid:BDC6E3F0-6DA3-11d1-A2A3-00AA00C14882" xmlns:rs="urn:schemas-microsoft-com:rowset" xmlns:z="#RowsetSchema" xmlns:b="urn:schemas-microsoft-com:office:publisher" xmlns:ss="urn:schemas-microsoft-com:office:spreadsheet" xmlns:c="urn:schemas-microsoft-com:office:component:spreadsheet" xmlns:oa="urn:schemas-microsoft-com:office:activation" xmlns:html="http://www.w3.org/TR/REC-html40" xmlns:q="http://schemas.xmlsoap.org/soap/envelope/" xmlns:D="DAV:" xmlns:x2="http://schemas.microsoft.com/office/excel/2003/xml" xmlns:ois="http://schemas.microsoft.com/sharepoint/soap/ois/" xmlns:dir="http://schemas.microsoft.com/sharepoint/soap/directory/" xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:dsp="http://schemas.microsoft.com/sharepoint/dsp" xmlns:udc="http://schemas.microsoft.com/data/udc" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:sps="http://schemas.microsoft.com/sharepoint/soap/" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:udcxf="http://schemas.microsoft.com/data/udc/xmlfile" xmlns:wf="http://schemas.microsoft.com/sharepoint/soap/workflow/" xmlns:mver="http://schemas.openxmlformats.org/markup-compatibility/2006" xmlns:m="http://schemas.microsoft.com/office/2004/12/omml" xmlns:mrels="http://schemas.openxmlformats.org/package/2006/relationships" xmlns:ex12t="http://schemas.microsoft.com/exchange/services/2006/types" xmlns:ex12m="http://schemas.microsoft.com/exchange/services/2006/messages" xmlns="http://www.w3.org/TR/REC-html40">
<head>
<meta http-equiv=Content-Type content="text/html; charset=us-ascii">
<meta name=Generator content="Microsoft Word 12 (filtered medium)">
<style>
<!--
/* Font Definitions */
@font-face
{font-family:Calibri;
panose-1:2 15 5 2 2 2 4 3 2 4;}
/* Style Definitions */
p.MsoNormal, li.MsoNormal, div.MsoNormal
{margin:0cm;
margin-bottom:.0001pt;
font-size:11.0pt;
font-family:"Calibri","sans-serif";}
a:link, span.MsoHyperlink
{mso-style-priority:99;
color:blue;
text-decoration:underline;}
a:visited, span.MsoHyperlinkFollowed
{mso-style-priority:99;
color:purple;
text-decoration:underline;}
span.EmailStyle17
{mso-style-type:personal-compose;
font-family:"Calibri","sans-serif";
color:windowtext;}
.MsoChpDefault
{mso-style-type:export-only;}
@page Section1
{size:612.0pt 792.0pt;
margin:72.0pt 72.0pt 72.0pt 72.0pt;}
div.Section1
{page:Section1;}
-->
</style>
<!--[if gte mso 9]><xml>
<o:shapedefaults v:ext="edit" spidmax="1026" />
</xml><![endif]--><!--[if gte mso 9]><xml>
<o:shapelayout v:ext="edit">
<o:idmap v:ext="edit" data="1" />
</o:shapelayout></xml><![endif]-->
</head>
<body lang=EN-US link=blue vlink=purple>
<div class=Section1>
<p class=MsoNormal><span lang=EN-GB>Hi,<o:p></o:p></span></p>
<p class=MsoNormal><span lang=EN-GB>Please help me! <o:p></o:p></span></p>
<p class=MsoNormal><span lang=EN-GB><o:p> </o:p></span></p>
<p class=MsoNormal><span lang=EN-GB>Here is my setup:<o:p></o:p></span></p>
<p class=MsoNormal><span lang=EN-GB><o:p> </o:p></span></p>
<p class=MsoNormal><span lang=EN-GB>10.0.5.0/24 ------10.0.5.12(OpenSwan)192.168.1.65-----192.168.1.254(speedtouch)</span><span
lang=EN-GB> </span><span lang=EN-GB>86.148.87.91------------(Internet)--------80.102.114.86(IPCOP)192.168.3.149---------192.168.2.0/24<o:p></o:p></span></p>
<p class=MsoNormal><span lang=EN-GB><o:p> </o:p></span></p>
<p class=MsoNormal><span lang=EN-GB><o:p> </o:p></span></p>
<p class=MsoNormal><span lang=EN-GB>However, when I start the connection from
Openswan, I get the following from IPCOP logs:<o:p></o:p></span></p>
<p class=MsoNormal><o:p> </o:p></p>
<p class=MsoNormal>packet from 86.148.87.91:49179: initial Main Mode message
received on 80.102.114.86:500 but no connection has been authorized with
policy=PSK<o:p></o:p></p>
<p class=MsoNormal><o:p> </o:p></p>
<p class=MsoNormal><o:p> </o:p></p>
<p class=MsoNormal>Am I receiving this error because the port that openswan is
sending from is 49179? Or is it down to some other problem? How would I fix it?<o:p></o:p></p>
<p class=MsoNormal><o:p> </o:p></p>
<p class=MsoNormal>Here is the config from ipcop:<o:p></o:p></p>
<p class=MsoNormal><o:p> </o:p></p>
<p class=MsoNormal><span lang=EN-GB>config setup<o:p></o:p></span></p>
<p class=MsoNormal><span lang=EN-GB>
interfaces="%defaultroute "<o:p></o:p></span></p>
<p class=MsoNormal><span lang=EN-GB>
klipsdebug="none"<o:p></o:p></span></p>
<p class=MsoNormal><span lang=EN-GB>
plutodebug="none"<o:p></o:p></span></p>
<p class=MsoNormal><span lang=EN-GB>
plutoload=%search<o:p></o:p></span></p>
<p class=MsoNormal><span lang=EN-GB>
plutostart=%search<o:p></o:p></span></p>
<p class=MsoNormal><span lang=EN-GB>
uniqueids=yes<o:p></o:p></span></p>
<p class=MsoNormal><span lang=EN-GB>
nat_traversal=yes<o:p></o:p></span></p>
<p class=MsoNormal><span lang=EN-GB>
virtual_private=%v4:10.0.0.0/8,%v4:172.16.0.0/12,%v4:192.168.0.0/16,%v4:!192.168.3.0/255.255.255.0,%v4:!192.168.4.0/255.255.254.0,%v4:!10.0.5.0/255.255.255.0<o:p></o:p></span></p>
<p class=MsoNormal><span lang=EN-GB><o:p> </o:p></span></p>
<p class=MsoNormal><span lang=EN-GB>conn %default<o:p></o:p></span></p>
<p class=MsoNormal><span lang=EN-GB>
keyingtries=0<o:p></o:p></span></p>
<p class=MsoNormal><span lang=EN-GB>
disablearrivalcheck=no<o:p></o:p></span></p>
<p class=MsoNormal><span lang=EN-GB><o:p> </o:p></span></p>
<p class=MsoNormal><span lang=EN-GB>conn manchester #RED<o:p></o:p></span></p>
<p class=MsoNormal><span lang=EN-GB>
left=cardiffadmin.demon.co.uk<o:p></o:p></span></p>
<p class=MsoNormal><span lang=EN-GB>
leftnexthop=%defaultroute<o:p></o:p></span></p>
<p class=MsoNormal><span lang=EN-GB>
leftsubnet=192.168.2.0/255.255.254.0<o:p></o:p></span></p>
<p class=MsoNormal><span lang=EN-GB>
right=86.148.87.91<o:p></o:p></span></p>
<p class=MsoNormal><span lang=EN-GB>
rightsubnet=10.0.5.0/255.255.255.0<o:p></o:p></span></p>
<p class=MsoNormal><span lang=EN-GB>
rightnexthop=%defaultroute<o:p></o:p></span></p>
<p class=MsoNormal><span lang=EN-GB>
leftid="@80.102.114.86"<o:p></o:p></span></p>
<p class=MsoNormal><span lang=EN-GB>
rightid="@86.148.87.91"<o:p></o:p></span></p>
<p class=MsoNormal><span lang=EN-GB>
ike=aes128-sha-modp1536,aes128-sha-modp1024,aes128-md5-modp1536,aes128-md5-modp1024,3des-sha-modp1536,3des-sha$<o:p></o:p></span></p>
<p class=MsoNormal><span lang=EN-GB>
esp=aes128-sha1,aes128-md5,3des-sha1,3des-md5<o:p></o:p></span></p>
<p class=MsoNormal><span lang=EN-GB>
ikelifetime=1h<o:p></o:p></span></p>
<p class=MsoNormal><span lang=EN-GB>
keylife=8h<o:p></o:p></span></p>
<p class=MsoNormal><span lang=EN-GB>
aggrmode=yes<o:p></o:p></span></p>
<p class=MsoNormal><span lang=EN-GB>
dpddelay=30<o:p></o:p></span></p>
<p class=MsoNormal><span lang=EN-GB>
dpdtimeout=120<o:p></o:p></span></p>
<p class=MsoNormal><span lang=EN-GB>
dpdaction=restart<o:p></o:p></span></p>
<p class=MsoNormal><span lang=EN-GB>
pfs=no<o:p></o:p></span></p>
<p class=MsoNormal><span lang=EN-GB>
authby=secret<o:p></o:p></span></p>
<p class=MsoNormal><span lang=EN-GB>
auto=start<o:p></o:p></span></p>
<p class=MsoNormal><span lang=EN-GB><o:p> </o:p></span></p>
<p class=MsoNormal><span lang=EN-GB><o:p> </o:p></span></p>
<p class=MsoNormal><span lang=EN-GB>My ipsec.secrets from IPcop looks like
this:<o:p></o:p></span></p>
<p class=MsoNormal><span lang=EN-GB><o:p> </o:p></span></p>
<p class=MsoNormal><span lang=EN-GB>@80.102.114.86 @86.148.87.91 : PSK 'password'<o:p></o:p></span></p>
<p class=MsoNormal><span lang=EN-GB><o:p> </o:p></span></p>
<div style='mso-element:para-border-div;border:none;border-bottom:solid windowtext 1.0pt;
padding:0cm 0cm 1.0pt 0cm'>
<p class=MsoNormal style='border:none;padding:0cm'><span lang=EN-GB><o:p> </o:p></span></p>
</div>
<p class=MsoNormal><span lang=EN-GB>Here is the config from the Openswan box:<o:p></o:p></span></p>
<p class=MsoNormal><span lang=EN-GB><o:p> </o:p></span></p>
<p class=MsoNormal><span lang=EN-GB>version 2.0 #
conforms to second version of ipsec.conf specification<o:p></o:p></span></p>
<p class=MsoNormal><span lang=EN-GB><o:p> </o:p></span></p>
<p class=MsoNormal><span lang=EN-GB># basic configuration<o:p></o:p></span></p>
<p class=MsoNormal><span lang=EN-GB>config setup<o:p></o:p></span></p>
<p class=MsoNormal><span lang=EN-GB>
# plutodebug / klipsdebug = "all", "none" or a combation
from below:<o:p></o:p></span></p>
<p class=MsoNormal><span lang=EN-GB>
# "raw crypt parsing emitting control klips pfkey natt x509 private"<o:p></o:p></span></p>
<p class=MsoNormal><span lang=EN-GB>
# eg:<o:p></o:p></span></p>
<p class=MsoNormal><span lang=EN-GB>
# plutodebug="control parsing"<o:p></o:p></span></p>
<p class=MsoNormal><span lang=EN-GB>
#<o:p></o:p></span></p>
<p class=MsoNormal><span lang=EN-GB>
# Only enable klipsdebug=all if you are a developer<o:p></o:p></span></p>
<p class=MsoNormal><span lang=EN-GB>
#<o:p></o:p></span></p>
<p class=MsoNormal><span lang=EN-GB>
# NAT-TRAVERSAL support, see README.NAT-Traversal<o:p></o:p></span></p>
<p class=MsoNormal><span lang=EN-GB>
nat_traversal=yes<o:p></o:p></span></p>
<p class=MsoNormal><span lang=EN-GB>
virtual_private=%v4:10.0.0.0/8,%v4:192.168.0.0/16,%v4:172.16.0.0/12,%v4:!10.0.5.0/24<o:p></o:p></span></p>
<p class=MsoNormal><span lang=EN-GB>
#<o:p></o:p></span></p>
<p class=MsoNormal><span lang=EN-GB>
# enable this if you see "failed to find any available worker"<o:p></o:p></span></p>
<p class=MsoNormal><span lang=EN-GB>
nhelpers=0<o:p></o:p></span></p>
<p class=MsoNormal><span lang=EN-GB>
plutodebug="all"<o:p></o:p></span></p>
<p class=MsoNormal><span lang=EN-GB>
uniqueids=yes<o:p></o:p></span></p>
<p class=MsoNormal><span lang=EN-GB><o:p> </o:p></span></p>
<p class=MsoNormal><span lang=EN-GB># Add connections here<o:p></o:p></span></p>
<p class=MsoNormal><span lang=EN-GB>conn vpnserver<o:p></o:p></span></p>
<p class=MsoNormal><span lang=EN-GB>
right=80.102.114.86<o:p></o:p></span></p>
<p class=MsoNormal><span lang=EN-GB>
rightnexthop=%defaultroute<o:p></o:p></span></p>
<p class=MsoNormal><span lang=EN-GB>
rightsubnet=192.168.2.0/255.255.254.0<o:p></o:p></span></p>
<p class=MsoNormal><span lang=EN-GB>
left=10.0.5.12<o:p></o:p></span></p>
<p class=MsoNormal><span lang=EN-GB>
leftsubnet=10.0.5.0/255.255.255.0<o:p></o:p></span></p>
<p class=MsoNormal><span lang=EN-GB>
leftnexthop=%defaultroute<o:p></o:p></span></p>
<p class=MsoNormal><span lang=EN-GB>
leftid="@86.148.87.91"<o:p></o:p></span></p>
<p class=MsoNormal><span lang=EN-GB>
rightid="@80.102.114.86"<o:p></o:p></span></p>
<p class=MsoNormal><span lang=EN-GB>
ike=aes<o:p></o:p></span></p>
<p class=MsoNormal><span lang=EN-GB>
esp=aes<o:p></o:p></span></p>
<p class=MsoNormal><span lang=EN-GB>
ikelifetime=1h<o:p></o:p></span></p>
<p class=MsoNormal><span lang=EN-GB>
keylife=8h<o:p></o:p></span></p>
<p class=MsoNormal><span lang=EN-GB>
dpddelay=30<o:p></o:p></span></p>
<p class=MsoNormal><span lang=EN-GB>
dpdtimeout=120<o:p></o:p></span></p>
<p class=MsoNormal><span lang=EN-GB>
dpdaction=restart<o:p></o:p></span></p>
<p class=MsoNormal><span lang=EN-GB>
pfs=yes<o:p></o:p></span></p>
<p class=MsoNormal><span lang=EN-GB>
authby=secret<o:p></o:p></span></p>
<div style='mso-element:para-border-div;border:none;border-bottom:solid windowtext 1.0pt;
padding:0cm 0cm 1.0pt 0cm'>
<p class=MsoNormal style='border:none;padding:0cm'><span lang=EN-GB><o:p> </o:p></span></p>
<p class=MsoNormal style='border:none;padding:0cm'><span lang=EN-GB><o:p> </o:p></span></p>
<p class=MsoNormal style='border:none;padding:0cm'><span lang=EN-GB>My
ipsec.secrets for openswan looks like this:<o:p></o:p></span></p>
<p class=MsoNormal style='border:none;padding:0cm'><span lang=EN-GB>: PSK
"password"<o:p></o:p></span></p>
<p class=MsoNormal style='border:none;padding:0cm'><span lang=EN-GB><o:p> </o:p></span></p>
<p class=MsoNormal style='border:none;padding:0cm'><span lang=EN-GB><o:p> </o:p></span></p>
</div>
<p class=MsoNormal><span lang=EN-GB><o:p> </o:p></span></p>
<p class=MsoNormal><span lang=EN-GB><o:p> </o:p></span></p>
<p class=MsoNormal><span lang=EN-GB><o:p> </o:p></span></p>
<p class=MsoNormal><span lang=EN-GB><o:p> </o:p></span></p>
<p class=MsoNormal><span lang=EN-GB><o:p> </o:p></span></p>
</div>
</body>
</html>