I have a linux with openswan , im new with opensway (Linux Openswan U2.6.23/K2.6.32-34-server (netkey)<br><br clear="all"><br>I need to connect to a juniper device with this config<br><br>my point<br><br>200.41.xxx.xxx<br>
my net <a href="http://192.168.10.0/24">192.168.10.0/24</a><br><br>the other point<br><br>189.xxx.xxx.xxx<br>the net on the other side <a href="http://70.30.1./24">70.30.1./24</a><br><br>i have this conf in my ipsec.conf<br>
<br>conn tunnel<br> type=tunnel<br> auth=esp<br> authby=secret<br> left=200.41.xxx.xxx<br> leftsubnet=<a href="http://172.30.0.0/24">172.30.0.0/24</a><br> rightsubnet=<a href="http://172.30.1.0/24">172.30.1.0/24</a><br>
right=189..xxx.xxx.xxx<br> esp=aes256-sha1<br> auto=start<br><br><br><br> When i try to connect ive get this errors...<br><br>Oct 19 10:12:23 DMLX01 pluto[5916]: | got payload 0x20(ISAKMP_NEXT_ID) needed: 0x0 opt: 0x200030<br>
Oct 19 10:12:23 DMLX01 pluto[5916]: | ***parse ISAKMP Identification Payload (IPsec DOI):<br>Oct 19 10:12:23 DMLX01 pluto[5916]: | next payload type: ISAKMP_NEXT_ID<br>Oct 19 10:12:23 DMLX01 pluto[5916]: | length: 12<br>
Oct 19 10:12:23 DMLX01 pluto[5916]: | ID type: ID_IPV4_ADDR<br>Oct 19 10:12:23 DMLX01 pluto[5916]: | Protocol ID: 0<br>Oct 19 10:12:23 DMLX01 pluto[5916]: | port: 0<br>Oct 19 10:12:23 DMLX01 pluto[5916]: | obj: c0 a8 0a 3b 00 00 00 0c 01 00 00 00<br>
Oct 19 10:12:23 DMLX01 pluto[5916]: | got payload 0x20(ISAKMP_NEXT_ID) needed: 0x0 opt: 0x200030<br>Oct 19 10:12:23 DMLX01 pluto[5916]: | ***parse ISAKMP Identification Payload (IPsec DOI):<br>Oct 19 10:12:23 DMLX01 pluto[5916]: | next payload type: ISAKMP_NEXT_NONE<br>
Oct 19 10:12:23 DMLX01 pluto[5916]: | length: 12)Oct 19 10:12:23 DMLX01 pluto[5916]: | ID type: ID_IPV4_ADDR<br>Oct 19 10:12:23 DMLX01 pluto[5916]: | Protocol ID: 0<br>Oct 19 10:12:23 DMLX01 pluto[5916]: | port: 0<br>
Oct 19 10:12:23 DMLX01 pluto[5916]: | obj: ac 1e 01 03 00 00 00 00 91 35 2a 60<br>Oct 19 10:12:23 DMLX01 pluto[5916]: | removing 4 bytes of padding<br>Oct 19 10:12:23 DMLX01 pluto[5916]: | peer client is 192.168.10.59<br>
Oct 19 10:12:23 DMLX01 pluto[5916]: | peer client protocol/port is 0/0<br>Oct 19 10:12:23 DMLX01 pluto[5916]: | our client is 172.30.1.3<br>Oct 19 10:12:23 DMLX01 pluto[5916]: | our client protocol/port is 0/0<br>Oct 19 10:12:23 DMLX01 pluto[5916]: "tunnel" #20: the peer proposed: <a href="http://172.30.1.3/32:0/0">172.30.1.3/32:0/0</a> -> <a href="http://192.168.10.59/32:0/0">192.168.10.59/32:0/0</a><br>
Oct 19 10:12:23 DMLX01 pluto[5916]: "tunnel" #20: cannot respond to IPsec SA request because no connection is known for <a href="http://172.30.1.3/32===200.41.xxx.xxx">172.30.1.3/32===200.41.xxx.xxx</a>>[+S=C]...189.xxxxx<189.xxxx>[+S=C]===<a href="http://192.168.10.59/32">192.168.10.59/32</a><br>
Oct 19 10:12:23 DMLX01 pluto[5916]: | complete state transition with (null)<br>Oct 19 10:12:23 DMLX01 pluto[5916]: "tunnel" #20: sending encrypted notification INVALID_ID_INFORMATION to 189.xxxxxx:500<br>Oct 19 10:12:23 DMLX01 pluto[5916]: | sending 76 bytes for notification packet through eth1:500 to 189xxxx:500 (using #20)<br>
Oct 19 10:12:23 DMLX01 pluto[5916]: | state transition function for STATE_QUICK_R0 failed: INVALID_ID_INFORMATION<br>Oct 19 10:12:23 DMLX01 pluto[5916]: | * processed 0 messages from cryptographic helpers <br>Oct 19 10:12:23 DMLX01 pluto[5916]: | next event EVENT_PENDING_DDNS in 19 seconds<br>
<br><br><br>any help ????<br>-- <br>Alejandro Perretta <br> Tecnologia<br>Humboldt 2495 piso 4 <br><div>
<font color="#000000"><a href="mailto:fsosa@dineromail.com" target="_blank"><span></span></a>Tel. (+54) 11 5275-1700<br></font> DineroMail Argentina<br></div><br>