I am not quite sure even after looking at OpenSwan logs; but as far as Policy is concerned - I dont have any policies folder like as mentioned in BARF logs of Openswan;;<br><br>/etc/ipsec.d/policies/<br><br>Attached are logs; please help me to resolve this.<br>
<br>Regards,<br>Hammad<br><br><div class="gmail_quote">On Fri, Feb 29, 2008 at 3:50 PM, Paul Wouters <<a href="mailto:paul@xelerance.com">paul@xelerance.com</a>> wrote:<br><blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;">
<div class="Ih2E3d">On Fri, 29 Feb 2008, Khan, Hammad Aslam wrote:<br>
<br>
> 1)<br>
> If we want to access only one private host on remote end instead of whole<br>
> subnet<br>
> will it be OK to write;<br>
><br>
> rightsubnet=<a href="http://10.10.10.10/32" target="_blank">10.10.10.10/32</a> ?<br>
><br>
> likewise for left; I want to allow access only for one host<br>
> leftsubnet=<a href="http://11.11.11.11/32" target="_blank">11.11.11.11/32</a><br>
<br>
</div>That should work.<br>
<div class="Ih2E3d"><br>
> 2)<br>
> My connection's ISAKMP tunnel successfully completes but sticks on<br>
> STATE_QUICK_I1 with remote end error message; Policy Not Defined for src:<br>
> <a href="http://11.11.11.11" target="_blank">11.11.11.11</a> and destination <a href="http://10.10.10.10" target="_blank">10.10.10.10</a><br>
<br>
</div>What do the openswan logs say?<br>
<br>
</blockquote></div><br>