Hi<br><br>Thanks paul, its my first time with ipsec on linux and when I couldn't get openswan to work I tried strongswan I must have forgotten to take the keywords out. <br><br>How ever it is all working now.<br><br>Thanks<br>
<br><div class="gmail_quote">On Fri, Jan 7, 2011 at 7:07 PM, Paul Wouters <span dir="ltr"><<a href="mailto:paul@xelerance.com">paul@xelerance.com</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin: 0pt 0pt 0pt 0.8ex; border-left: 1px solid rgb(204, 204, 204); padding-left: 1ex;">
<div class="im">On Fri, 7 Jan 2011, Tyller D wrote:<br>
<br>
<blockquote class="gmail_quote" style="margin: 0pt 0pt 0pt 0.8ex; border-left: 1px solid rgb(204, 204, 204); padding-left: 1ex;">
I'm having an issue trying to setup a vpn between my linux box running Openswan and a load balancing appliance called Hotbrick.<br>
</blockquote>
<br>
</div><div class="im"><blockquote class="gmail_quote" style="margin: 0pt 0pt 0pt 0.8ex; border-left: 1px solid rgb(204, 204, 204); padding-left: 1ex;">
OpenSwan Hotbrick<br>
LocalIP: 192.168.4.202 LocalIP: 192.168.1.1<br>
PublicIP: 111.111.111.111 PublicIP: 222.222.222.222<br>
</blockquote>
<br>
</div><div class="im"><blockquote class="gmail_quote" style="margin: 0pt 0pt 0pt 0.8ex; border-left: 1px solid rgb(204, 204, 204); padding-left: 1ex;">
conn mynatconn<br>
type=tunnel<br>
authby=secret<br>
keyexchange=ike1<br>
</blockquote>
<br></div>
that is not a valid openswan keyword.<div class="im"><br>
<br>
<blockquote class="gmail_quote" style="margin: 0pt 0pt 0pt 0.8ex; border-left: 1px solid rgb(204, 204, 204); padding-left: 1ex;">
auto=start<br>
pfs=no<br>
ike=3des-md5-modp1024<br>
esp=3des-md5<br>
auth=esp<br>
aggrmode=yes<br>
left=192.168.4.202<br>
leftid=111.111.111.111<br>
leftsubnet=<a href="http://192.168.4.0/24" target="_blank">192.168.4.0/24</a><br>
leftnexthop=%defaultroute<br>
right=222.222.222.222<br>
rightsubnet=<a href="http://172.20.11.0/24" target="_blank">172.20.11.0/24</a><br>
rightnexthop=%defaultroute<br>
keylife=3600<br>
ikelifetime=28800<br>
</blockquote>
<br>
</div><div class="im"><blockquote class="gmail_quote" style="margin: 0pt 0pt 0pt 0.8ex; border-left: 1px solid rgb(204, 204, 204); padding-left: 1ex;">
Jan 7 03:18:40 localhost pluto[18449]: packet from <a href="http://222.222.222.222:500" target="_blank">222.222.222.222:500</a>: initial Aggressive Mode message from 222.222.222.222 but no (wildcard)<br>
connection has been configured with policy=PSK+AGGRESSIVE<br>
</blockquote>
<br></div>
My guess is your connection did not actually load because of the keyexchange= line.<br>
I guess it is coming from strongswan?<br><font color="#888888">
<br>
Paul<br>
</font></blockquote></div><br>