<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 TRANSITIONAL//EN">
<HTML>
<HEAD>
<META HTTP-EQUIV="Content-Type" CONTENT="text/html; CHARSET=UTF-8">
<META NAME="GENERATOR" CONTENT="GtkHTML/3.28.3">
</HEAD>
<BODY>
Hello All,<BR>
<BR>
New to the users list and new to OpenSWAN, trying to get a VPN Connection working <BR>
<BR>
When I run the commands I get:<BR>
[root@vpn02 ~]# ipsec verify<BR>
Checking your system to see if IPsec got installed and started correctly:<BR>
Version check and ipsec on-path         [OK]<BR>
Linux Openswan U2.6.32/K2.6.18-348.3.1.el5 (netkey)<BR>
Checking for IPsec support in kernel         [OK]<BR>
SAref kernel support         [N/A]<BR>
NETKEY: Testing for disabled ICMP send_redirects         [OK]<BR>
NETKEY detected, testing for disabled ICMP accept_redirects         [OK]<BR>
Checking that pluto is running         [OK]<BR>
Pluto listening for IKE on udp 500         [OK]<BR>
Pluto listening for NAT-T on udp 4500         [OK]<BR>
Two or more interfaces found, checking IP forwarding         [OK]<BR>
Checking NAT and MASQUERADEing         [OK]<BR>
Checking for 'ip' command         [OK]<BR>
Checking /bin/sh is not /bin/dash         [OK]<BR>
Checking for 'iptables' command         [OK]<BR>
Opportunistic Encryption Support         [DISABLED]<BR>
<BR>
[root@vpn02 ~]# service ipsec restart<BR>
ipsec_setup: Stopping Openswan IPsec...<BR>
ipsec_setup: Starting Openswan IPsec U2.6.32/K2.6.18-348.3.1.el5...<BR>
ipsec_setup: /usr/libexec/ipsec/addconn Non-fips mode set in /proc/sys/crypto/fips_enabled<BR>
ipsec_setup: /usr/libexec/ipsec/addconn Non-fips mode set in /proc/sys/crypto/fips_enabled<BR>
<BR>
<BR>
<BR>
<BR>
the logs show this:<BR>
<BR>
Mar 19 13:54:06 vpn02 pluto[2208]: packet from xxx.xxx.xxx.xxx:20834: received Vendor ID payload [RFC 3947] method set to=109 <BR>
Mar 19 13:54:06 vpn02 pluto[2208]: packet from xxx.xxx.xxx.xxx:20834: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike] method set to=110 <BR>
Mar 19 13:54:06 vpn02 pluto[2208]: packet from xxx.xxx.xxx.xxx:20834: ignoring unknown Vendor ID payload [8f8d83826d246b6fc7a8a6a428c11de8]<BR>
Mar 19 13:54:06 vpn02 pluto[2208]: packet from xxx.xxx.xxx.xxx:20834: ignoring unknown Vendor ID payload [439b59f8ba676c4c7737ae22eab8f582]<BR>
Mar 19 13:54:06 vpn02 pluto[2208]: packet from xxx.xxx.xxx.xxx:20834: ignoring unknown Vendor ID payload [4d1e0e136deafa34c4f3ea9f02ec7285]<BR>
Mar 19 13:54:06 vpn02 pluto[2208]: packet from xxx.xxx.xxx.xxx:20834: ignoring unknown Vendor ID payload [80d0bb3def54565ee84645d4c85ce3ee]<BR>
Mar 19 13:54:06 vpn02 pluto[2208]: packet from xxx.xxx.xxx.xxx:20834: ignoring unknown Vendor ID payload [9909b64eed937c6573de52ace952fa6b]<BR>
Mar 19 13:54:06 vpn02 pluto[2208]: packet from xxx.xxx.xxx.xxx:20834: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-03] meth=108, but already using method 110<BR>
Mar 19 13:54:06 vpn02 pluto[2208]: packet from xxx.xxx.xxx.xxx:20834: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02] meth=107, but already using method 110<BR>
Mar 19 13:54:06 vpn02 pluto[2208]: packet from xxx.xxx.xxx.xxx:20834: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02_n] meth=106, but already using method 110<BR>
Mar 19 13:54:06 vpn02 pluto[2208]: packet from xxx.xxx.xxx.xxx:20834: ignoring Vendor ID payload [FRAGMENTATION 80000000]<BR>
Mar 19 13:54:06 vpn02 pluto[2208]: packet from xxx.xxx.xxx.xxx:20834: received Vendor ID payload [Dead Peer Detection]<BR>
Mar 19 13:54:06 vpn02 pluto[2208]: "L2TP-PSK-NAT"[1] xxx.xxx.xxx.xxx #1: responding to Main Mode from unknown peer xxx.xxx.xxx.xxx<BR>
Mar 19 13:54:06 vpn02 pluto[2208]: "L2TP-PSK-NAT"[1] xxx.xxx.xxx.xxx #1: transition from state STATE_MAIN_R0 to state STATE_MAIN_R1<BR>
Mar 19 13:54:06 vpn02 pluto[2208]: "L2TP-PSK-NAT"[1] xxx.xxx.xxx.xxx #1: STATE_MAIN_R1: sent MR1, expecting MI2<BR>
Mar 19 13:54:06 vpn02 pluto[2208]: "L2TP-PSK-NAT"[1] xxx.xxx.xxx.xxx #1: NAT-Traversal: Result using draft-ietf-ipsec-nat-t-ike (MacOS X): peer is NATed<BR>
Mar 19 13:54:06 vpn02 pluto[2208]: "L2TP-PSK-NAT"[1] xxx.xxx.xxx.xxx #1: transition from state STATE_MAIN_R1 to state STATE_MAIN_R2<BR>
Mar 19 13:54:06 vpn02 pluto[2208]: "L2TP-PSK-NAT"[1] xxx.xxx.xxx.xxx #1: STATE_MAIN_R2: sent MR2, expecting MI3<BR>
Mar 19 13:54:06 vpn02 pluto[2208]: "L2TP-PSK-NAT"[1] xxx.xxx.xxx.xxx #1: ignoring informational payload, type IPSEC_INITIAL_CONTACT msgid=00000000<BR>
Mar 19 13:54:06 vpn02 pluto[2208]: "L2TP-PSK-NAT"[1] xxx.xxx.xxx.xxx #1: Main mode peer ID is ID_IPV4_ADDR: '10.69.xxx.xxx'<BR>
Mar 19 13:54:06 vpn02 pluto[2208]: "L2TP-PSK-NAT"[1] xxx.xxx.xxx.xxx #1: switched from "L2TP-PSK-NAT" to "L2TP-PSK-NAT"<BR>
Mar 19 13:54:06 vpn02 pluto[2208]: "L2TP-PSK-NAT"[2] xxx.xxx.xxx.xxx #1: deleting connection "L2TP-PSK-NAT" instance with peer xxx.xxx.xxx.xxx {isakmp=#0/ipsec=#0}<BR>
Mar 19 13:54:06 vpn02 pluto[2208]: "L2TP-PSK-NAT"[2] xxx.xxx.xxx.xxx #1: transition from state STATE_MAIN_R2 to state STATE_MAIN_R3<BR>
Mar 19 13:54:06 vpn02 pluto[2208]: "L2TP-PSK-NAT"[2] xxx.xxx.xxx.xxx #1: new NAT mapping for #1, was xxx.xxx.xxx.xxx:20834, now xxx.xxx.xxx.xxx:51460<BR>
Mar 19 13:54:06 vpn02 pluto[2208]: "L2TP-PSK-NAT"[2] xxx.xxx.xxx.xxx #1: STATE_MAIN_R3: sent MR3, ISAKMP SA established {auth=OAKLEY_PRESHARED_KEY cipher=aes_256 prf=oakley_sha group=modp1024}<BR>
Mar 19 13:54:07 vpn02 pluto[2208]: "L2TP-PSK-NAT"[2] xxx.xxx.xxx.xxx #1: the peer proposed: xxx.xxx.xxx.xxx/32:17/1701 -> 10.69.xxx.xxx/32:17/0<BR>
Mar 19 13:54:07 vpn02 pluto[2208]: "L2TP-PSK-NAT"[2] xxx.xxx.xxx.xxx #2: responding to Quick Mode proposal {msgid:51573a4a}<BR>
Mar 19 13:54:07 vpn02 pluto[2208]: "L2TP-PSK-NAT"[2] xxx.xxx.xxx.xxx #2: us: xxx.xxx.xxx.xxx<xxx.xxx.xxx.xxx>[+S=C]:17/1701<BR>
Mar 19 13:54:07 vpn02 pluto[2208]: "L2TP-PSK-NAT"[2] xxx.xxx.xxx.xxx #2: them: xxx.xxx.xxx.xxx[10.69.xxx.xxx,+S=C]:17/61961===10.69.xxx.xxx/32<BR>
Mar 19 13:54:07 vpn02 pluto[2208]: "L2TP-PSK-NAT"[2] xxx.xxx.xxx.xxx #2: transition from state STATE_QUICK_R0 to state STATE_QUICK_R1<BR>
Mar 19 13:54:07 vpn02 pluto[2208]: "L2TP-PSK-NAT"[2] xxx.xxx.xxx.xxx #2: STATE_QUICK_R1: sent QR1, inbound IPsec SA installed, expecting QI2<BR>
Mar 19 13:54:08 vpn02 pluto[2208]: "L2TP-PSK-NAT"[2] xxx.xxx.xxx.xxx #2: transition from state STATE_QUICK_R1 to state STATE_QUICK_R2<BR>
Mar 19 13:54:08 vpn02 pluto[2208]: "L2TP-PSK-NAT"[2] xxx.xxx.xxx.xxx #2: STATE_QUICK_R2: IPsec SA established transport mode {ESP=>0x0714605d <0xe14417ad xfrm=AES_256-HMAC_SHA1 NATOA=none NATD=xxx.xxx.xxx.xxx:51460 DPD=none}<BR>
Mar 19 13:54:28 vpn02 pluto[2208]: "L2TP-PSK-NAT"[2] xxx.xxx.xxx.xxx #1: received Delete SA(0x0714605d) payload: deleting IPSEC State #2<BR>
Mar 19 13:54:28 vpn02 pluto[2208]: "L2TP-PSK-NAT"[2] xxx.xxx.xxx.xxx #1: received and ignored informational message<BR>
Mar 19 13:54:28 vpn02 pluto[2208]: "L2TP-PSK-NAT"[2] xxx.xxx.xxx.xxx #1: received Delete SA payload: deleting ISAKMP State #1<BR>
Mar 19 13:54:28 vpn02 pluto[2208]: "L2TP-PSK-NAT"[2] xxx.xxx.xxx.xxx: deleting connection "L2TP-PSK-NAT" instance with peer xxx.xxx.xxx.xxx {isakmp=#0/ipsec=#0}<BR>
Mar 19 13:54:28 vpn02 pluto[2208]: packet from xxx.xxx.xxx.xxx:51460: received and ignored informational message<BR>
<BR>
Any help please!<BR>
<BR>
</BODY>
</HTML>