<html>
<head>
<style><!--
.hmmessage P
{
margin:0px;
padding:0px
}
body.hmmessage
{
font-size: 10pt;
font-family:Tahoma
}
--></style>
</head>
<body class='hmmessage'>
The secrets is included in my original post... its present the way you specifiy.<br><br><br><hr id="ecxstopSpelling">Subject: RE: [Openswan Users] Simplest ipsec config with PSK insists that I have no connection authorized with policy=PSK<br>Date: Fri, 31 Dec 2010 18:37:06 -0800<br>From: rwyatt@nvtl.com<br>To: jprollerskate@hotmail.com; wgillespie+openswan@es2eng.com; users@openswan.org<br><br>
<title>Message body</title>
<br>
<font size="2">Did you check your IPsec.SEcrets file?<br>
it should be<br>
192.170.1.4 %any : PSK ""<br>
<br>
or something to that effect.<br>
<br>
Randy<br>
<br>
<br>
-----Original Message-----<br>
From: users-bounces@openswan.org on behalf of JP CR<br>
Sent: Fri 12/31/2010 6:34 PM<br>
To: wgillespie+openswan@es2eng.com; users@openswan.org<br>
Subject: Re: [Openswan Users] Simplest ipsec config with PSK insists that I have no connection authorized with policy=PSK<br>
<br>
Same result. Same error.<br>
I can comment out the rest of the connections and i still get the same error.<br>
<br>
In fact I can comment out the entire l2tp-psk.conf include in ipsec.conf and I still get the same error. Not sure what this means..<br>
<br>
<br>
> Date: Fri, 31 Dec 2010 19:05:54 -0700<br>
> From: wgillespie+openswan@es2eng.com<br>
> To: jprollerskate@hotmail.com<br>
> CC: users@openswan.org<br>
> Subject: Re: [Openswan Users] Simplest ipsec config with PSK insists that I have no connection authorized with policy=PSK<br>
><br>
> As a quick test, what happens if you comment out your<br>
> "passthrough-for-non-l2tp" connection? Is it able to find a connection<br>
> to use then?<br>
><br>
> On 12/31/2010 05:58 PM, JP CR wrote:<br>
> > Hello,<br>
> ><br>
> > Making a primitive test.<br>
> ><br>
> > I have a home LAN, a two machines one WinXP and other Ubuntu 10.1 v<br>
> > 1:2.6.23+dfsg-1ubuntu1 kernel: 2.6.32-17-generic<br>
> > WinXP IP is 192.170.1.3<br>
> > Ubuntu: 192.170.1.4<br>
> > Gateway for both is 192.170.1.1<br>
> > No firewalls installed on either machines.<br>
> ><br>
> > a.) iam following guidance of:<br>
> > <a href="http://rootmanager.com/ubuntu-ipsec-l2tp-windows-domain-auth/setting-up-openswan-xl2tpd-with-native-windows-clients.html" target="_blank">http://rootmanager.com/ubuntu-ipsec-l2tp-windows-domain-auth/setting-up-openswan-xl2tpd-with-native-windows-clients.html</a><br>
> > b.) This is my ipsec.conf (comments removed):<br>
> > version 2.0 # conforms to second version of ipsec.conf specification<br>
> ><br>
> > # basic configuration<br>
> > config setup<br>
> > nat_traversal=yes<br>
> > virtual_private=%v4:10.0.0.0/8,%v4:192.168.0.0/16,%v4:172.16.0.0/12<br>
> > oe=off<br>
> > protostack=netkey<br>
> ><br>
> > include /etc/ipsec.d/l2tp-psk.conf<br>
> ><br>
> > c.) This is my /etc/ipsec.d/l2tp-psk.conf<br>
> ><br>
> > conn L2TP-PSK-NAT<br>
> > rightsubnet=vhost:%priv<br>
> > also=L2TP-PSK-noNAT<br>
> ><br>
> > conn L2TP-PSK-noNAT<br>
> > authby=secret<br>
> > pfs=no<br>
> > auto=add<br>
> > keyingtries=3<br>
> > # we cannot rekey for %any, let client rekey<br>
> > rekey=no<br>
> > # Set ikelifetime and keylife to same defaults windows has<br>
> > ikelifetime=8h<br>
> > keylife=1h<br>
> > # l2tp-over-ipsec is transport mode<br>
> > type=transport<br>
> > left=192.170.1.1<br>
> > leftprotoport=17/1701<br>
> > right=%any<br>
> > rightprotoport=17/0<br>
> ><br>
> > conn passthrough-for-non-l2tp<br>
> > type=passthrough<br>
> > left=192.170.1.4<br>
> > leftnexthop=192.170.1.1<br>
> > right=0.0.0.0/24<br>
> > rightsubnet=0.0.0.0/0<br>
> > auto=route<br>
> ><br>
> > d.) THis is my /etc/ipsec.secrets<br>
> ><br>
> > 192.170.1.4 %any: PSK "password"<br>
> ><br>
> ><br>
> > Iam using the native WinXP VPN connection to test, i made sure that i<br>
> > set the preshared key and told it to use a PSK, however i keep getting<br>
> > that error: pluto[7752]: packet from 192.170.1.3:500: initial Main Mode<br>
> > message received on 192.170.1.4:500 but no connection has been<br>
> > authorized with policy=PSK I expect to see: |STATE_QUICK_R2: IPsec SA<br>
> > established|<br>
> ><br>
> > I tried searching google, made sure right is %any... and tried lots of<br>
> > things but no joy.<br>
> ><br>
> > Thanks<br>
> > Gunther<br>
> ><br>
> ><br>
> ><br>
> ><br>
> ><br>
> ><br>
> > _______________________________________________<br>
> > Users@openswan.org<br>
> > <a href="http://lists.openswan.org/mailman/listinfo/users" target="_blank">http://lists.openswan.org/mailman/listinfo/users</a><br>
> > Micropayments: <a href="https://flattr.com/thing/38387/IPsec-for-Linux-made-easy" target="_blank">https://flattr.com/thing/38387/IPsec-for-Linux-made-easy</a><br>
> > Building and Integrating Virtual Private Networks with Openswan:<br>
> > <a href="http://www.amazon.com/gp/product/1904811256/104-3099591-2946327?n=283155" target="_blank">http://www.amazon.com/gp/product/1904811256/104-3099591-2946327?n=283155</a><br>
><br>
<br>
<br>
</font>
<br> </body>
</html>