Good day everyone, this is my first post, sorry if my question is too basic.<br><br>I'm trying to connect to a VPN through my Ubuntu desktop machine. The other windows users on my office are using the Sonic Wall Global VPN Client so I decided to go with openswan since i'm using ubuntu.<br>
<br>The problem is that, when i try to connect, i just get an #500 error and everything stops. I'm sorry, networks are honestly not my strong point.<br><br>When i checked the var/log/auth.log file, this is the content i found:<br>
<br><br><br><br><br>Sep 9 12:49:25 rogeliosevilla1-laptop ipsec__plutorun: Starting Pluto subsystem...<br>Sep 9 12:49:25 rogeliosevilla1-laptop pluto[10899]: Starting Pluto (Openswan Version 2.6.23; Vendor ID OEm@kgSFEH@\177) pid:10899<br>
Sep 9 12:49:25 rogeliosevilla1-laptop pluto[10899]: Setting NAT-Traversal port-4500 floating to on<br>Sep 9 12:49:25 rogeliosevilla1-laptop pluto[10899]: port floating activation criteria nat_t=1/port_float=1<br>Sep 9 12:49:25 rogeliosevilla1-laptop pluto[10899]: including NAT-Traversal patch (Version 0.6c)<br>
Sep 9 12:49:25 rogeliosevilla1-laptop pluto[10899]: using /dev/urandom as source of random entropy<br>Sep 9 12:49:25 rogeliosevilla1-laptop pluto[10899]: ike_alg_register_enc(): Activating OAKLEY_TWOFISH_CBC_SSH: Ok (ret=0)<br>
Sep 9 12:49:25 rogeliosevilla1-laptop pluto[10899]: ike_alg_register_enc(): Activating OAKLEY_TWOFISH_CBC: Ok (ret=0)<br>Sep 9 12:49:25 rogeliosevilla1-laptop pluto[10899]: ike_alg_register_enc(): Activating OAKLEY_SERPENT_CBC: Ok (ret=0)<br>
Sep 9 12:49:25 rogeliosevilla1-laptop pluto[10899]: ike_alg_register_enc(): Activating OAKLEY_AES_CBC: Ok (ret=0)<br>Sep 9 12:49:25 rogeliosevilla1-laptop pluto[10899]: ike_alg_register_enc(): Activating OAKLEY_BLOWFISH_CBC: Ok (ret=0)<br>
Sep 9 12:49:25 rogeliosevilla1-laptop pluto[10899]: ike_alg_register_hash(): Activating OAKLEY_SHA2_512: Ok (ret=0)<br>Sep 9 12:49:25 rogeliosevilla1-laptop pluto[10899]: ike_alg_register_hash(): Activating OAKLEY_SHA2_256: Ok (ret=0)<br>
Sep 9 12:49:25 rogeliosevilla1-laptop pluto[10899]: starting up 7 cryptographic helpers<br>Sep 9 12:49:25 rogeliosevilla1-laptop pluto[10899]: started helper pid=10902 (fd:7)<br>Sep 9 12:49:25 rogeliosevilla1-laptop pluto[10899]: started helper pid=10903 (fd:8)<br>
Sep 9 12:49:25 rogeliosevilla1-laptop pluto[10902]: using /dev/urandom as source of random entropy<br>Sep 9 12:49:25 rogeliosevilla1-laptop pluto[10899]: started helper pid=10904 (fd:9)<br>Sep 9 12:49:25 rogeliosevilla1-laptop pluto[10899]: started helper pid=10905 (fd:10)<br>
Sep 9 12:49:25 rogeliosevilla1-laptop pluto[10903]: using /dev/urandom as source of random entropy<br>Sep 9 12:49:25 rogeliosevilla1-laptop pluto[10899]: started helper pid=10906 (fd:11)<br>Sep 9 12:49:25 rogeliosevilla1-laptop pluto[10899]: started helper pid=10907 (fd:12)<br>
Sep 9 12:49:25 rogeliosevilla1-laptop pluto[10904]: using /dev/urandom as source of random entropy<br>Sep 9 12:49:25 rogeliosevilla1-laptop pluto[10899]: started helper pid=10908 (fd:13)<br>Sep 9 12:49:25 rogeliosevilla1-laptop pluto[10899]: Using Linux 2.6 IPsec interface code on 2.6.32-33-generic-pae (experimental code)<br>
Sep 9 12:49:25 rogeliosevilla1-laptop pluto[10907]: using /dev/urandom as source of random entropy<br>Sep 9 12:49:25 rogeliosevilla1-laptop pluto[10908]: using /dev/urandom as source of random entropy<br>Sep 9 12:49:25 rogeliosevilla1-laptop pluto[10906]: using /dev/urandom as source of random entropy<br>
Sep 9 12:49:25 rogeliosevilla1-laptop pluto[10905]: using /dev/urandom as source of random entropy<br>Sep 9 12:49:25 rogeliosevilla1-laptop pluto[10899]: ike_alg_register_enc(): WARNING: enc alg=0 not found in constants.c:oakley_enc_names <br>
Sep 9 12:49:25 rogeliosevilla1-laptop pluto[10899]: ike_alg_register_enc(): Activating <NULL>: Ok (ret=0)<br>Sep 9 12:49:25 rogeliosevilla1-laptop pluto[10899]: ike_alg_register_enc(): WARNING: enc alg=0 not found in constants.c:oakley_enc_names <br>
Sep 9 12:49:25 rogeliosevilla1-laptop pluto[10899]: ike_alg_add(): ERROR: Algorithm already exists<br>Sep 9 12:49:25 rogeliosevilla1-laptop pluto[10899]: ike_alg_register_enc(): Activating <NULL>: FAILED (ret=-17)<br>
Sep 9 12:49:25 rogeliosevilla1-laptop pluto[10899]: ike_alg_register_enc(): WARNING: enc alg=0 not found in constants.c:oakley_enc_names <br>Sep 9 12:49:25 rogeliosevilla1-laptop pluto[10899]: ike_alg_add(): ERROR: Algorithm already exists<br>
Sep 9 12:49:25 rogeliosevilla1-laptop pluto[10899]: ike_alg_register_enc(): Activating <NULL>: FAILED (ret=-17)<br>Sep 9 12:49:25 rogeliosevilla1-laptop pluto[10899]: ike_alg_register_enc(): WARNING: enc alg=0 not found in constants.c:oakley_enc_names <br>
Sep 9 12:49:25 rogeliosevilla1-laptop pluto[10899]: ike_alg_add(): ERROR: Algorithm already exists<br>Sep 9 12:49:25 rogeliosevilla1-laptop pluto[10899]: ike_alg_register_enc(): Activating <NULL>: FAILED (ret=-17)<br>
Sep 9 12:49:25 rogeliosevilla1-laptop pluto[10899]: ike_alg_register_enc(): WARNING: enc alg=0 not found in constants.c:oakley_enc_names <br>Sep 9 12:49:25 rogeliosevilla1-laptop pluto[10899]: ike_alg_add(): ERROR: Algorithm already exists<br>
Sep 9 12:49:25 rogeliosevilla1-laptop pluto[10899]: ike_alg_register_enc(): Activating <NULL>: FAILED (ret=-17)<br>Sep 9 12:49:25 rogeliosevilla1-laptop pluto[10899]: ike_alg_register_enc(): WARNING: enc alg=0 not found in constants.c:oakley_enc_names <br>
Sep 9 12:49:25 rogeliosevilla1-laptop pluto[10899]: ike_alg_add(): ERROR: Algorithm already exists<br>Sep 9 12:49:25 rogeliosevilla1-laptop pluto[10899]: ike_alg_register_enc(): Activating <NULL>: FAILED (ret=-17)<br>
Sep 9 12:49:25 rogeliosevilla1-laptop pluto[10899]: Changed path to directory '/etc/ipsec.d/cacerts'<br>Sep 9 12:49:25 rogeliosevilla1-laptop pluto[10899]: Changed path to directory '/etc/ipsec.d/aacerts'<br>
Sep 9 12:49:25 rogeliosevilla1-laptop pluto[10899]: Changed path to directory '/etc/ipsec.d/ocspcerts'<br>Sep 9 12:49:25 rogeliosevilla1-laptop pluto[10899]: Changing to directory '/etc/ipsec.d/crls'<br>
Sep 9 12:49:25 rogeliosevilla1-laptop pluto[10899]: Warning: empty directory<br>Sep 9 12:49:25 rogeliosevilla1-laptop pluto[10899]: added connection description "MyCompany_VPN"<br>Sep 9 12:49:25 rogeliosevilla1-laptop pluto[10899]: listening for IKE messages<br>
Sep 9 12:49:25 rogeliosevilla1-laptop pluto[10899]: NAT-Traversal: Trying new style NAT-T<br>Sep 9 12:49:25 rogeliosevilla1-laptop pluto[10899]: NAT-Traversal: ESPINUDP(1) setup failed for new style NAT-T family IPv4 (errno=19)<br>
Sep 9 12:49:25 rogeliosevilla1-laptop pluto[10899]: NAT-Traversal: Trying old style NAT-T<br>Sep 9 12:49:25 rogeliosevilla1-laptop pluto[10899]: adding interface eth0/eth0 <a href="http://10.0.0.2:500">10.0.0.2:500</a><br>
Sep 9 12:49:25 rogeliosevilla1-laptop pluto[10899]: adding interface eth0/eth0 <a href="http://10.0.0.2:4500">10.0.0.2:4500</a><br>Sep 9 12:49:25 rogeliosevilla1-laptop pluto[10899]: adding interface lo/lo <a href="http://127.0.0.1:500">127.0.0.1:500</a><br>
Sep 9 12:49:25 rogeliosevilla1-laptop pluto[10899]: adding interface lo/lo <a href="http://127.0.0.1:4500">127.0.0.1:4500</a><br>Sep 9 12:49:25 rogeliosevilla1-laptop pluto[10899]: adding interface lo/lo ::1:500<br>Sep 9 12:49:25 rogeliosevilla1-laptop pluto[10899]: loading secrets from "/etc/ipsec.secrets"<br>
Sep 9 12:49:25 rogeliosevilla1-laptop pluto[10899]: "MyCompany_VPN" #1: initiating Main Mode<br>Sep 9 12:49:25 rogeliosevilla1-laptop pluto[10899]: "MyCompany_VPN" #1: ignoring unknown Vendor ID payload [5b362bc820f60007]<br>
Sep 9 12:49:25 rogeliosevilla1-laptop pluto[10899]: "MyCompany_VPN" #1: received Vendor ID payload [RFC 3947] method set to=109 <br>Sep 9 12:49:25 rogeliosevilla1-laptop pluto[10899]: "MyCompany_VPN" #1: enabling possible NAT-traversal with method 4<br>
Sep 9 12:49:25 rogeliosevilla1-laptop pluto[10899]: "MyCompany_VPN" #1: transition from state STATE_MAIN_I1 to state STATE_MAIN_I2<br>Sep 9 12:49:25 rogeliosevilla1-laptop pluto[10899]: "MyCompany_VPN" #1: STATE_MAIN_I2: sent MI2, expecting MR2<br>
Sep 9 12:49:25 rogeliosevilla1-laptop pluto[10899]: "MyCompany_VPN" #1: ignoring Vendor ID payload [Sonicwall 1 (TZ 170 Standard?)]<br>Sep 9 12:49:25 rogeliosevilla1-laptop pluto[10899]: "MyCompany_VPN" #1: received Vendor ID payload [XAUTH]<br>
Sep 9 12:49:25 rogeliosevilla1-laptop pluto[10899]: "MyCompany_VPN" #1: received Vendor ID payload [Dead Peer Detection]<br>Sep 9 12:49:25 rogeliosevilla1-laptop pluto[10899]: "MyCompany_VPN" #1: NAT-Traversal: Result using RFC 3947 (NAT-Traversal): i am NATed<br>
Sep 9 12:49:25 rogeliosevilla1-laptop pluto[10899]: "MyCompany_VPN" #1: transition from state STATE_MAIN_I2 to state STATE_MAIN_I3<br>Sep 9 12:49:25 rogeliosevilla1-laptop pluto[10899]: "MyCompany_VPN" #1: STATE_MAIN_I3: sent MI3, expecting MR3<br>
Sep 9 12:49:25 rogeliosevilla1-laptop pluto[10899]: "MyCompany_VPN" #1: ignoring informational payload, type IPSEC_INITIAL_CONTACT msgid=00000000<br>Sep 9 12:49:25 rogeliosevilla1-laptop pluto[10899]: "MyCompany_VPN" #1: Main mode peer ID is ID_IPV4_ADDR: 'myRemoteIp'<br>
Sep 9 12:49:25 rogeliosevilla1-laptop pluto[10899]: "MyCompany_VPN" #1: transition from state STATE_MAIN_I3 to state STATE_MAIN_I4<br>Sep 9 12:49:25 rogeliosevilla1-laptop pluto[10899]: "MyCompany_VPN" #1: STATE_MAIN_I4: ISAKMP SA established {auth=OAKLEY_PRESHARED_KEY cipher=aes_128 prf=oakley_sha group=modp1024}<br>
Sep 9 12:49:25 rogeliosevilla1-laptop pluto[10899]: "MyCompany_VPN" #2: initiating Quick Mode PSK+ENCRYPT+UP+IKEv2ALLOW {using isakmp#1 msgid:970b965f proposal=defaults pfsgroup=no-pfs}<br>Sep 9 12:49:25 rogeliosevilla1-laptop pluto[10899]: "MyCompany_VPN" #1: ignoring informational payload, type NO_PROPOSAL_CHOSEN msgid=00000000<br>
Sep 9 12:49:25 rogeliosevilla1-laptop pluto[10899]: "MyCompany_VPN" #1: received and ignored informational message<br>Sep 9 12:49:35 rogeliosevilla1-laptop pluto[10899]: "MyCompany_VPN" #1: ignoring informational payload, type NO_PROPOSAL_CHOSEN msgid=00000000<br>
Sep 9 12:49:35 rogeliosevilla1-laptop pluto[10899]: "MyCompany_VPN" #1: received and ignored informational message<br>Sep 9 12:49:55 rogeliosevilla1-laptop pluto[10899]: "MyCompany_VPN" #1: ignoring informational payload, type NO_PROPOSAL_CHOSEN msgid=00000000<br>
Sep 9 12:49:55 rogeliosevilla1-laptop pluto[10899]: "MyCompany_VPN" #1: received and ignored informational message<br>Sep 9 12:50:05 rogeliosevilla1-laptop pluto[10899]: shutting down<br>Sep 9 12:50:05 rogeliosevilla1-laptop pluto[10899]: forgetting secrets<br>
Sep 9 12:50:05 rogeliosevilla1-laptop pluto[10899]: "MyCompany_VPN": deleting connection<br>Sep 9 12:50:05 rogeliosevilla1-laptop pluto[10899]: "MyCompany_VPN" #2: deleting state (STATE_QUICK_I1)<br>
Sep 9 12:50:05 rogeliosevilla1-laptop pluto[10899]: "MyCompany_VPN" #1: deleting state (STATE_MAIN_I4)<br>Sep 9 12:50:05 rogeliosevilla1-laptop pluto[10899]: shutting down interface lo/lo ::1:500<br>Sep 9 12:50:05 rogeliosevilla1-laptop pluto[10899]: shutting down interface lo/lo <a href="http://127.0.0.1:4500">127.0.0.1:4500</a><br>
Sep 9 12:50:05 rogeliosevilla1-laptop pluto[10899]: shutting down interface lo/lo <a href="http://127.0.0.1:500">127.0.0.1:500</a><br>Sep 9 12:50:05 rogeliosevilla1-laptop pluto[10899]: shutting down interface eth0/eth0 <a href="http://10.0.0.2:4500">10.0.0.2:4500</a><br>
Sep 9 12:50:05 rogeliosevilla1-laptop pluto[10899]: shutting down interface eth0/eth0 <a href="http://10.0.0.2:500">10.0.0.2:500</a><br>Sep 9 12:50:05 rogeliosevilla1-laptop pluto[10904]: pluto_crypto_helper: helper (2) is normal exiting <br>
Sep 9 12:50:05 rogeliosevilla1-laptop pluto[10905]: pluto_crypto_helper: helper (3) is normal exiting <br>Sep 9 12:50:05 rogeliosevilla1-laptop pluto[10903]: pluto_crypto_helper: helper (1) is normal exiting <br>Sep 9 12:50:05 rogeliosevilla1-laptop pluto[10902]: pluto_crypto_helper: helper (0) is normal exiting <br>
Sep 9 12:50:05 rogeliosevilla1-laptop pluto[10907]: pluto_crypto_helper: helper (5) is normal exiting <br>Sep 9 12:50:05 rogeliosevilla1-laptop pluto[10908]: pluto_crypto_helper: helper (6) is normal exiting <br>Sep 9 12:50:05 rogeliosevilla1-laptop pluto[10906]: pluto_crypto_helper: helper (4) is normal exiting <br>
<br><br><br><br><br>This is the content of my ipsec.conf file<br><br><br><br># /etc/ipsec.conf - Openswan IPsec configuration file<br># $Id$<br><br># Manual: ipsec.conf(5)<br><br># Created: Fri Sep 9 12:43:30 2011<br># by: The L2TP IPsec VPN Manager application version 1.0.1<br>
#<br># WARNING! All changes made in this file will be lost!<br><br>version 2.0 # conforms to second version of ipsec.conf specification<br><br>config setup<br> # plutodebug="parsing emitting control private"<br>
plutodebug=none<br> strictcrlpolicy=no<br> nat_traversal=yes<br> interfaces=%defaultroute<br> oe=off<br> # which IPsec stack to use. netkey,klips,mast,auto or none<br> protostack=netkey<br><br>conn %default<br>
keyingtries=3<br> pfs=no<br> rekey=yes<br> type=transport<br> left=%defaultroute<br> leftprotoport=17/1701<br> rightprotoport=17/1701<br><br># Add connections here.<br><br><br>conn MyCompany_VPN<br> authby=secret<br>
<br> right=myCompanyIp<br> rightid=""<br> auto=add<br><br><br><br><br><br>And finally, my ipsec.secrets looks something like this<br><br><br># /etc/ipsec.secrets - secrets for IKE/IPsec authentication<br>
# $Id$<br><br># Manual: ipsec.secrets(5)<br><br># Created: Fri Sep 9 12:43:30 2011<br># by: The L2TP IPsec VPN Manager application version 1.0.1<br>#<br># WARNING! All changes made in this file will be lost!<br>#<br>
#<br># This file holds shared secrets or RSA private keys for inter-Pluto<br># authentication. See ipsec_pluto(8) manpage, and HTML documentation.<br><br># RSA private key for this host, authenticating it to any other host<br>
# which knows the public part. Suitable public keys, for ipsec.conf, DNS,<br># or configuration of other implementations, can be extracted conveniently<br># with "ipsec showhostkey".<br>#<br>%any myCompanyIp: PSK "MyPreSharedKey" <br>
<br><br><br><br>Any Help would be REALLY appreciated.<br><br>Thanks a lot in advance for your time.<br><br><br><br><br><br><br><br><br><br>