Hi,<br><br>I'm attempting to connect an Openswan device with a TDT R52U UMTS/EDGE/GPRS Router. The connection works fine when a fixed IP is set for the TDT device however, the TDT device is behind a dynamic IP and so must be set with %any and an ID. The TDT will only send an ID value if they are set to aggressive mode (this seems to differ with Openswan as I can send an ID value in main mode and aggressive mode). The TDT support claims that they are following standards by only sending their ID in aggressive mode wheras it was my understanding that aggressive mode was only used to speed up the IKE negotiation.<br>
<br>When I have the connection set to %any on the Openswan side I get the following:<br><br>state transition function for STATE_AGGR_R1 failed: INVALID_HASH_INFORMATION<br><br>I'm also seeing the following shortly after:<br>
<br>Quick Mode message is unacceptable because it is for an incomplete ISAKMP SA<br><br>It's like they're attempting to establish phase 2 even though phase 1 never completed.<br><br>With the same exact PSK and encryption/ hash settings without %any (specifying the real IP address) the tunnel comes up immediately.<br>
<br>Any idea what would cause this? TDT is of course claiming that Openswan has not implemented IPSec correctly but they can't tell me what exactly is not correct about the Openswan implementation. <br><br>Thank you!<br>
<br>Robyn<br><br>