<p class="MsoNormal"><span lang="EN-US" style="mso-ansi-language:EN-US">Hi</span></p>

<p class="MsoNormal"><span lang="EN-US" style="mso-ansi-language:EN-US"> </span></p>

<p class="MsoNormal"><span lang="EN-US" style="mso-ansi-language:EN-US">I am having
difficulties setting up a vpn using openswan <span style="mso-spacerun:yes"> </span>2.4.7-3.fc7 on a fedora core 7 system</span></p>

<p class="MsoNormal"><span lang="EN-US" style="mso-ansi-language:EN-US"> </span></p>

<p class="MsoNormal"><span lang="EN-US" style="mso-ansi-language:EN-US">Here is the
setup:</span></p>

<p class="MsoNormal"><span lang="EN-US" style="mso-ansi-language:EN-US"> </span></p>

<p class="MsoNormal"><span lang="EN-US" style="mso-ansi-language:EN-US">On my side</span></p>

<p class="MsoNormal"><span lang="EN-US" style="mso-ansi-language:EN-US">My ISP
provides a closed box giving me the public adress 194.x.y.z on internet and
forwarding everything to my Linux box on 192.168.1.100</span></p>

<p class="MsoNormal"><span lang="EN-US" style="mso-ansi-language:EN-US">The other
linux interface is 10.30.1.1 and the internal network is <a href="http://10.30.0.0/16">10.30.0.0/16</a></span></p>

<p class="MsoNormal"><span lang="EN-US" style="mso-ansi-language:EN-US"> </span></p>

<p class="MsoNormal"><span lang="EN-US" style="mso-ansi-language:EN-US">On the
other side</span></p>

<p class="MsoNormal"><span lang="EN-US" style="mso-ansi-language:EN-US">There is a
vpn checkpoint with the public address 212.a.b.c</span></p>

<p class="MsoNormal"><span lang="EN-US" style="mso-ansi-language:EN-US">The people
I want to allow are coming from an address in 195.d.e.32/27</span></p>

<p class="MsoNormal"><span lang="EN-US" style="mso-ansi-language:EN-US">They want
to connect to a subnet <a href="http://10.251.156.248/29">10.251.156.248/29</a></span></p>

<p class="MsoNormal"><span lang="EN-US" style="mso-ansi-language:EN-US"> </span></p>

<p class="MsoNormal"><span lang="EN-US" style="mso-ansi-language:EN-US">Here is the
connexion config :</span></p>

<p class="MsoNormal"><span lang="EN-US" style="mso-ansi-language:EN-US"><span style="mso-spacerun:yes">     </span>authby=secret</span></p>

<p class="MsoNormal"><span lang="EN-US" style="mso-ansi-language:EN-US"><span style="mso-spacerun:yes">     </span>left=192.168.1.100</span></p>

<p class="MsoNormal"><span lang="EN-US" style="mso-ansi-language:EN-US"><span style="mso-spacerun:yes">     </span>leftid=194.206.248.218</span></p>

<p class="MsoNormal"><span lang="EN-US" style="mso-ansi-language:EN-US"><span style="mso-spacerun:yes">     </span>leftsubnet=<a href="http://10.251.156.249/29">10.251.156.249/29</a></span></p>

<p class="MsoNormal"><span lang="EN-US" style="mso-ansi-language:EN-US"><span style="mso-spacerun:yes">     </span>leftnexthop=%defaultroute</span></p>

<p class="MsoNormal"><span lang="EN-US" style="mso-ansi-language:EN-US"><span style="mso-spacerun:yes">     </span>right=212.221.52.132</span></p>

<p class="MsoNormal"><span lang="EN-US" style="mso-ansi-language:EN-US"><span style="mso-spacerun:yes">     </span>rightsubnet=<a href="http://195.72.91.32/27">195.72.91.32/27</a></span></p>

<p class="MsoNormal"><span lang="EN-US" style="mso-ansi-language:EN-US"><span style="mso-spacerun:yes">     </span>rightnexthop=%defaultroute</span></p>

<p class="MsoNormal"><span lang="EN-US" style="mso-ansi-language:EN-US"><span style="mso-spacerun:yes">     </span>auto=start</span></p>

<p class="MsoNormal"><span lang="EN-US" style="mso-ansi-language:EN-US"> </span></p>

<p class="MsoNormal"><span lang="EN-US" style="mso-ansi-language:EN-US">and the log
:</span></p>

<p class="MsoNormal"><span lang="EN-US" style="mso-ansi-language:EN-US">Feb<span style="mso-spacerun:yes">  </span>7 17:58:42 server pluto[20624]: |
find_client_connection starting with i-to-b</span></p>

<p class="MsoNormal"><span lang="EN-US" style="mso-ansi-language:EN-US">Feb<span style="mso-spacerun:yes">  </span>7 17:58:42 server pluto[20624]: |<span style="mso-spacerun:yes">   </span>looking for <a href="http://10.251.156.250/32:0/0">10.251.156.250/32:0/0</a> -&gt;
<a href="http://195.72.91.51/32:0/0">195.72.91.51/32:0/0</a></span></p>

<p class="MsoNormal"><span lang="EN-US" style="mso-ansi-language:EN-US">Feb<span style="mso-spacerun:yes">  </span>7 17:58:42 server pluto[20624]: |<span style="mso-spacerun:yes">   </span>concrete checking against sr#0
<a href="http://10.251.156.248/29">10.251.156.248/29</a> -&gt; <a href="http://195.72.91.32/27">195.72.91.32/27</a></span></p>

<p class="MsoNormal"><span lang="EN-US" style="mso-ansi-language:EN-US">Feb<span style="mso-spacerun:yes">  </span>7 17:58:42 server pluto[20624]: |<span style="mso-spacerun:yes">    </span>match_id a=212.a.b.c</span></p>



<p class="MsoNormal"><span lang="EN-US" style="mso-ansi-language:EN-US">Feb<span style="mso-spacerun:yes">  </span>7 17:58:42 server pluto[20624]: |<span style="mso-spacerun:yes">             </span>b=212.a.b.c</span></p>



<p class="MsoNormal"><span lang="EN-US" style="mso-ansi-language:EN-US">Feb<span style="mso-spacerun:yes">  </span>7 17:58:42 server pluto[20624]: |<span style="mso-spacerun:yes">    </span>results<span style="mso-spacerun:yes"> 
</span>matched</span></p>

<p class="MsoNormal"><span lang="EN-US" style="mso-ansi-language:EN-US">Feb<span style="mso-spacerun:yes">  </span>7 17:58:42 server pluto[20624]: |<span style="mso-spacerun:yes">   </span>trusted_ca called with a=(empty) b=(empty)</span></p>



<p class="MsoNormal"><span lang="EN-US" style="mso-ansi-language:EN-US">Feb<span style="mso-spacerun:yes">  </span>7 17:58:42 server pluto[20624]: |<span style="mso-spacerun:yes">   </span>fc_try trying i-to-b:<a href="http://10.251.156.250/32:0/0">10.251.156.250/32:0/0</a>
-&gt; <a href="http://195.72.91.51/32:0/0">195.72.91.51/32:0/0</a> vs</span></p>

<p class="MsoNormal"><span lang="EN-US" style="mso-ansi-language:EN-US">i-to-b:<a href="http://10.251.156.248/29:0/0">10.251.156.248/29:0/0</a>
-&gt; <a href="http://195.72.91.32/27:0/0">195.72.91.32/27:0/0</a></span></p>

<p class="MsoNormal"><span lang="EN-US" style="mso-ansi-language:EN-US">Feb<span style="mso-spacerun:yes">  </span>7 17:58:42 server pluto[20624]: |<span style="mso-spacerun:yes">   </span>fc_try concluding with none [0]</span></p>



<p class="MsoNormal"><span lang="EN-US" style="mso-ansi-language:EN-US">Feb<span style="mso-spacerun:yes">  </span>7 17:58:42 server pluto[20624]: |<span style="mso-spacerun:yes">   </span>fc_try i-to-b gives none</span></p>



<p class="MsoNormal"><span lang="EN-US" style="mso-ansi-language:EN-US">Feb<span style="mso-spacerun:yes">  </span>7 17:58:42 server pluto[20624]: |
find_host_pair: comparing to <a href="http://192.168.1.100:500">192.168.1.100:500</a> 212.a.b.c:500</span></p>

<p class="MsoNormal"><span lang="EN-US" style="mso-ansi-language:EN-US">Feb<span style="mso-spacerun:yes">  </span>7 17:58:42 server pluto[20624]: |<span style="mso-spacerun:yes">   </span>checking hostpair <a href="http://10.251.156.248/29">10.251.156.248/29</a> -&gt;
195.d.e.32/27 is not found</span></p>

<p class="MsoNormal"><span lang="EN-US" style="mso-ansi-language:EN-US">Feb<span style="mso-spacerun:yes">  </span>7 17:58:42 server pluto[20624]: |<span style="mso-spacerun:yes">   </span>concluding with d = none</span></p>



<p class="MsoNormal"><span lang="EN-US" style="mso-ansi-language:EN-US">Feb<span style="mso-spacerun:yes">  </span>7 17:58:42 server pluto[20624]: &quot;i-to-b&quot;
#3: cannot respond to IPsec SA request because no connection is known for
<a href="http://10.251.156.250/32===192.168.1.100[194.x.y.z]...212.221.52.132===195.d.e.51/32">10.251.156.250/32===192.168.1.100[194.x.y.z]...212.221.52.132===195.d.e.51/32</a></span></p>

<p class="MsoNormal"><span lang="EN-US" style="mso-ansi-language:EN-US"> </span></p>

<p class="MsoNormal"><span lang="EN-US" style="mso-ansi-language:EN-US">What am I
doing wrong?</span></p>

<p class="MsoNormal"><span lang="EN-US" style="mso-ansi-language:EN-US">Thanks in
advance</span></p>

<p class="MsoNormal"><span lang="EN-US" style="mso-ansi-language:EN-US"> </span></p>

<p class="MsoNormal"><span lang="EN-US" style="mso-ansi-language:EN-US">Jacques
Charles</span></p>