<html><head><meta http-equiv="Content-Type" content="text/html charset=us-ascii"></head><body style="word-wrap: break-word; -webkit-nbsp-mode: space; -webkit-line-break: after-white-space; ">Rescued from the Spam bucket. Please remember to subscribe to the mailing list before posting to it.<br><div><br></div><div><br><div><div style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px;"><span style="font-family:'Helvetica'; font-size:medium; color:rgba(127, 127, 127, 1.0);"><b>From: </b></span><span style="font-family:'Helvetica'; font-size:medium;">Justin Love <<a href="mailto:mail@JustinLove.name">mail@JustinLove.name</a>><br></span></div><div style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px;"><span style="font-family:'Helvetica'; font-size:medium; color:rgba(127, 127, 127, 1.0);"><b>Subject: </b></span><span style="font-family:'Helvetica'; font-size:medium;"><b>Interpreting "no connection is known" (FreeSwan 1.97)</b><br></span></div><div style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px;"><span style="font-family:'Helvetica'; font-size:medium; color:rgba(127, 127, 127, 1.0);"><b>Date: </b></span><span style="font-family:'Helvetica'; font-size:medium;">3 June, 2013 12:22:42 PM EDT<br></span></div><div style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px;"><span style="font-family:'Helvetica'; font-size:medium; color:rgba(127, 127, 127, 1.0);"><b>To: </b></span><span style="font-family:'Helvetica'; font-size:medium;"><a href="mailto:users@lists.openswan.org">users@lists.openswan.org</a><br></span></div><br><br><div dir="ltr"><div>I have someone who was using a cellular network adapter in modem mode, and is now switching to one that runs in either wifi or ethernet over USB. Unfortunately, the laptop can no longer connect to the FreeSwan based L2TP server.</div>
<div><br></div><div>The error message is </div><div><br></div><div>cannot respond to IPsec SA request because no connection is known for 111.111.111.111:4500:17/1701...</div><div>222.222.222.222:55936[@laptop.our.windows.domain]:17/1701===0</div>
<div><br></div><div style="">ipsec status says that the connection is defined as</div><div style=""><br></div><div style=""><div>111.111.111.111---111.111.111.1...%any</div><div><br></div><div style="">Do I have to configure something to account for the gateway?</div>
<div style=""><br></div><div style="">I've spent hours in years past trying to debug the same message trying to connect with my own computer (OS X), going through my local router, and I gave up. I never got completely clear on how the ascii art corresponds to the config files or how to change things to make it match.<br>
</div></div><div><br></div><div><div>config setup</div><div><span class="" style="white-space:pre"> </span>interfaces = %defaultroute</div><div><span class="" style="white-space:pre"> </span>X-enabled = yes</div><div><span class="" style="white-space:pre"> </span>klipsdebug = none</div>
<div><span class="" style="white-space:pre"> </span>plutodebug = none</div><div><span class="" style="white-space:pre"> </span>plutoload = %search</div><div><span class="" style="white-space:pre"> </span>plutostart = %search</div>
<div><span class="" style="white-space:pre"> </span>manualstart = </div><div><span class="" style="white-space:pre"> </span>uniqueids = yes</div><div><br></div><div>conn BobsConnection</div><div><span class="" style="white-space:pre"> </span>type = tunnel</div>
<div><span class="" style="white-space:pre"> </span>left = %defaultroute</div><div><span class="" style="white-space:pre"> </span>x-interface = %defaultroute</div><div><span class="" style="white-space:pre"> </span>right = 0.0.0.0</div>
<div><span class="" style="white-space:pre"> </span>auto = add</div><div><span class="" style="white-space:pre"> </span>keyexchange = ike</div><div><span class="" style="white-space:pre"> </span>authby = secret</div><div>
<span class="" style="white-space:pre"> </span>auth = esp</div><div><span class="" style="white-space:pre"> </span>pfs = no</div><div><span class="" style="white-space:pre"> </span>pfsgroup = MODP1024</div><div><span class="" style="white-space:pre"> </span>ike = "3DES-SHA-MODP1024"</div>
<div><span class="" style="white-space:pre"> </span>esp = "3DES-SHA1"</div><div><span class="" style="white-space:pre"> </span>keyingtries = 0</div><div><span class="" style="white-space:pre"> </span>ikelifetime = 3600</div>
<div><span class="" style="white-space:pre"> </span>keylife = 3600</div><div><span class="" style="white-space:pre"> </span>rekeymargin = 600</div><div><span class="" style="white-space:pre"> </span>rekeyfuzz = 100%</div>
<div><span class="" style="white-space:pre"> </span>x-l2tpd = yes</div><div><br></div></div>-- <br>Justin Love -- <a href="http://justinlove.name/" target="_blank">http://JustinLove.name/</a>
</div>
<br><br></div></div><br></body></html>