<div dir="ltr"><p style="font-family:arial,sans-serif;font-size:13px">Dear all,</p><div style="font-family:arial,sans-serif;font-size:13px">I am using a EC2 Ubuntu 12.04 LTS instance in AWS.</div><div style="font-family:arial,sans-serif;font-size:13px">
I used all of the configurations from here(<a href="http://fortycloud.com/setting-up-ipsecopenswan-in-amazon-ec2/" target="_blank">http://fortycloud.com/setting-up-ipsecopenswan-in-amazon-ec2/</a>), but in auth.log i am keep getting <br>
</div><div style="font-family:arial,sans-serif;font-size:13px"><br></div><div style="font-family:arial,sans-serif;font-size:13px"><p>Nov 28 16:12:22 ip-10-164-25-201 <b>pluto</b>[6268]: packet from myComputerIP:500: initial Main Mode message received on myEC2PrivateIP:500 but no connection has been authorized with policy=PSK</p>
<div>$cat /etc/ipsec.secrets</div><div>@myEC2PrivateIP %any: PSK "123"</div><div><br></div><div><div>$ sudo cat /etc/ipsec.conf</div><div>config setup</div><div> protostack=netkey</div><div> interfaces=%defaultroute</div>
<div> nat_traversal=yes </div><div># this will force openswan to use IPSec over UDP - required for EC2</div><div> force_keepalive=yes</div><div> keep_alive=60</div><div> virtual_private=%v4:<a href="http://172.24.0.0/16" target="_blank">172.24.0.0/16</a> </div>
<div># this Subnet must include range provided in the xl2tpd config file</div><div> oe=no</div><div> nhelpers=0</div><div>conn RWConn # road warrior connection description</div><div> rightsubnet=vhost:%priv</div><div>
type=transport</div><div> authby=secret</div><div> pfs=no</div><div> rekey=no</div><div> ikelifetime=8h</div><div> keylife=1h</div><div> leftprotoport=17/1701</div><div> left= myEC2PrivateIP</div><div> leftid=@myEC2PrivateIP</div>
<div> rightprotoport=17/%any</div><div> right=%any</div><div> auto=ignore</div><div><br></div><div><br></div></div></div><div style="font-family:arial,sans-serif;font-size:13px"><br></div><div style="font-family:arial,sans-serif;font-size:13px">
<div>$ sudo cat /etc/xl2tpd/xl2tpd.conf </div><div>[global]</div><div>ipsec saref = yes</div><div>; this must be the private EC2 address allocated to eth0 </div><div>listen-addr = myEC2PrivateIP</div><div>[lns default]</div>
<div>; addresses to road road warriors will be allocated from this range</div><div>ip range = 172.24.100.1-172.24.100.254 </div><div>; GW virtual address (must be outside of the above range)</div><div>local ip = 172.24.0.150</div>
<div class="im"><div>refuse pap = yes</div><div>require authentication = yes</div></div><div>name = MyGW</div><div>; points to PPP config file (you can choose your own name)</div><div class="im"><div>pppoptfile = /etc/ppp/options.xl2tpd </div>
<div>length bit = yes</div></div></div><div style="font-family:arial,sans-serif;font-size:13px"><br></div><div style="font-family:arial,sans-serif;font-size:13px">please help me on this.</div><div style="font-family:arial,sans-serif;font-size:13px">
thanks</div><div style="font-family:arial,sans-serif;font-size:13px">Mohs</div></div>