<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
<HTML><HEAD>
<META HTTP-EQUIV="Content-Type" CONTENT="text/html; charset=iso-8859-1">
<META content="MSHTML 6.00.2800.1619" name=GENERATOR></HEAD>
<BODY>
<DIV><SPAN class=726351616-26122008><FONT face=Arial size=2>Hello all,
</FONT></SPAN></DIV>
<DIV><SPAN class=726351616-26122008><FONT face=Arial
size=2></FONT></SPAN> </DIV>
<DIV><SPAN class=726351616-26122008><FONT face=Arial size=2>i can to established
tunnel between a cisco pix and openswan server with PSK , but now i have a
problem when i try to connect a roadwarrior. </FONT></SPAN></DIV>
<DIV><SPAN class=726351616-26122008><FONT face=Arial size=2>At first, the
negotation is ok, in /var/log/secure appears :</FONT></SPAN></DIV>
<DIV><SPAN class=726351616-26122008><FONT face=Arial
size=2>"roadwarrior-murquijo" #1: responding to Main
Mode<BR> "roadwarrior-murquijo" #1: transition from state STATE_MAIN_R0 to
state STATE_MAIN_R1<BR>"roadwarrior-murquijo" #1: STATE_MAIN_R1: sent MR1,
expecting MI2<BR>"roadwarrior-murquijo" #1: NAT-Traversal: Result using RFC 3947
(NAT-Traversal): peer is NATed<BR>"roadwarrior-murquijo" #1: transition from
state STATE_MAIN_R1 to state STATE_MAIN_R2<BR>"roadwarrior-murquijo" #1:
STATE_MAIN_R2: sent MR2, expecting MI3<BR>"roadwarrior-murquijo" #1: Main mode
peer ID is ID_IPV4_ADDR: 'ip_public_roadwarrior'<BR>"roadwarrior-murquijo" #1: I
did not send a certificate because I do not have
one.<BR> "roadwarrior-murquijo" #1: transition from state STATE_MAIN_R2 to
state STATE_MAIN_R3<BR>"roadwarrior-murquijo" #1: STATE_MAIN_R3: sent MR3,
ISAKMP SA established {auth=OAKLEY_PRESHARED_KEY cipher=aes_256 prf=oakley_sha
group=modp2048}<BR>"roadwarrior-murquijo" #1: Dead Peer Detection (RFC 3706):
enabled<BR>"roadwarrior-murquijo" #1: ignoring informational payload, type
IPSEC_INITIAL_CONTACT<BR>"roadwarrior-murquijo" #1: received and ignored
informational message<BR></FONT></SPAN><SPAN class=726351616-26122008><FONT
face=Arial size=2>here, the tunnel is enabled, but when i try to access to our
intranet appear the following message:</FONT></SPAN></DIV>
<DIV><SPAN class=726351616-26122008><FONT face=Arial
size=2>"roadwarrior-murquijo" #1: ignoring informational payload, type
IPSEC_INITIAL_CONTACT<BR>"roadwarrior-murquijo" #1: received and ignored
informational message<BR>"roadwarrior-murquijo" #1: cannot respond to IPsec SA
request because no connection is known for
10.105.0.0/16===[ip_public_server]...[ip_public_roadwarrior]===192.168.200.20/32<BR> "roadwarrior-murquijo"
#1: sending encrypted notification INVALID_ID_INFORMATION to
[ip_public_roadwarrior]:21655<BR>"roadwarrior-murquijo" #1: Quick Mode I1
message is unacceptable because it uses a previously used Message ID 0xc8ceedf9
(perhaps this is a duplicated packet)<BR> "roadwarrior-murquijo" #1:
sending encrypted notification INVALID_MESSAGE_ID to
[ip_public_roadwarrior]:21655<BR>"roadwarrior-murquijo" #1: Quick Mode I1
message is unacceptable because it uses a previously used Message ID 0xc8ceedf9
(perhaps this is a duplicated packet)<BR>"roadwarrior-murquijo" #1: sending
encrypted notification INVALID_MESSAGE_ID to
[ip_public_roadwarrior]:21655</FONT></SPAN></DIV>
<DIV><SPAN class=726351616-26122008><FONT face=Arial
size=2></FONT></SPAN> </DIV>
<DIV><SPAN class=726351616-26122008><FONT face=Arial size=2>the ipsec.conf
respective roadwarrior is:</FONT></SPAN></DIV>
<DIV><SPAN class=726351616-26122008><FONT face=Arial size=2>conn
roadwarrior-murquijo<BR>
type=tunnel<BR>
authby=secret<BR>
left=81.93.214.114<BR>
leftnexthop=%defaultroute<BR>
leftsubnet=10.105.0.0/16<BR>
right=195.5.94.158<BR>
rightnexthop=%defaultroute<BR>
rightsubnet=192.168.200.0/24<BR>
dpddelay=30<BR>
dpdtimeout=120<BR>
dpdaction=clear<BR>
keyingtries=3<BR>
pfs=no<BR>
auto=add</FONT></SPAN></DIV>
<DIV><SPAN class=726351616-26122008><FONT face=Arial
size=2></FONT></SPAN> </DIV>
<DIV><SPAN class=726351616-26122008><FONT face=Arial size=2>and we use the VPN
Client Shrew Soft to connect to our intranet.</FONT></SPAN></DIV>
<DIV><SPAN class=726351616-26122008><FONT face=Arial size=2>Could Anybody help
us?</FONT></SPAN></DIV>
<DIV><SPAN class=726351616-26122008><FONT face=Arial size=2>thanks in
advanced.</FONT></SPAN></DIV>
<DIV><SPAN class=726351616-26122008><FONT face=Arial size=2>regards</DIV>
<DIV><BR></DIV></FONT></SPAN><SPAN class=726351616-26122008><FONT face=Arial
size=2></FONT></SPAN>
<DIV><SPAN class=726351616-26122008><FONT face=Arial
size=2></FONT></SPAN> </DIV>
<P><FONT size=2><FONT face=Tahoma>Alfonso Viso Puerta<BR>IT
Department<BR></FONT><SPAN lang=ES
style="FONT-SIZE: 7.5pt; FONT-FAMILY: 'Arial Narrow'; mso-ansi-language: ES"><FONT
size=2><SPAN lang=ES
style="FONT-SIZE: 7.5pt; FONT-FAMILY: 'Arial Narrow'; mso-ansi-language: ES"><FONT
size=2><SPAN lang=ES
style="FONT-SIZE: 7.5pt; FONT-FAMILY: 'Arial Narrow'; mso-ansi-language: ES"></P>
<DIV class=Section1><SPAN class=726351616-26122008><FONT face=Arial
size=2></FONT></SPAN></SPAN></FONT></SPAN></FONT></SPAN></FONT> </DIV><hr/> <p> Ce message contient des informations confidentielles ou appartenant à Boursorama et est établi à l'intention exclusive de ses destinataires. Toute divulgation, utilisation, diffusion ou reproduction (totale ou partielle) de ce message, ou des informations qu'il contient, doit être préalablement autorisée. Tout message électronique est susceptible d'altération et son intégrité ne peut être assurée.<br/> Boursorama décline toute responsabilité au titre de ce message s'il a été modifié ou falsifié. Si vous n'êtes pas destinataire de ce message, merci de le détruire immédiatement et d'avertir l'expéditeur de l'erreur de distribution et de la destruction du message. </p> <hr/> <p> This e-mail contains confidential information or information belonging to Boursorama and is intended solely for the addressees. The unauthorised disclosure, use, dissemination or copying (either whole or partial) of this e-mail, or any information it contains, is prohibited. E-mails are susceptible to alteration and their integrity cannot be guaranteed. Boursorama shall not be liable for this e-mail if modified or falsified. If you are not the intended recipient of this e-mail, please delete it immediately from your system and notify the sender of the wrong delivery and the mail deletion. </p> <hr/>
</body>
</HTML>