[Openswan dev] Error in configuring ipsec using preshared key (Karthick S)

utkarsh shah utkarsh at elitecore.com
Thu Apr 20 16:45:41 CEST 2006


Hi,

    logs says that configuration is made for roadwarrior (host-to-net)
scenario. (I am not 100% sure but most possibilities)
    and if you are using inbuilt client of windows then your connection must
support l2tp/ipsec connection and you should create host-to-host type of
connection.
    in host to host type of connection no left/right subnet is specified.
    and one more thing please specify pfs=no
    if client is behind NAT Box, than you can specify right as virtual host
but this feature is available in openswan 2.4.5

Regards,

Utkarsh Shah
----- Original Message ----- 
From: <dev-request at openswan.org>
To: <dev at openswan.org>
Sent: Thursday, April 20, 2006 3:30 PM
Subject: Dev Digest, Vol 29, Issue 12


> Send Dev mailing list submissions to
> dev at openswan.org
>
> To subscribe or unsubscribe via the World Wide Web, visit
> http://lists.openswan.org/mailman/listinfo/dev
> or, via email, send a message with subject or body 'help' to
> dev-request at openswan.org
>
> You can reach the person managing the list at
> dev-owner at openswan.org
>
> When replying, please edit your Subject line so it is more specific
> than "Re: Contents of Dev digest..."
>
>
> Today's Topics:
>
>    1. Error in configuring ipsec using preshared key (Karthick S)
>
>
> ----------------------------------------------------------------------
>
> Message: 1
> Date: Tue, 18 Apr 2006 00:30:18 -0700
> From: "Karthick S" <karthicksvel at gmail.com>
> Subject: [Openswan dev] Error in configuring ipsec using preshared key
> To: users at openswan.org
> Message-ID:
> <bfcd13c0604180030m5d9338e3idcf430c0307b269a at mail.gmail.com>
> Content-Type: text/plain; charset="iso-8859-1"
>
> when configuring linux server and windows client i got the following error
> in /var/log/secure
>
>
> Apr 17 15:18:19 HASERVER pluto[4047]: added connection description
> "L2TP-PSK"
> Apr 17 15:18:19 HASERVER pluto[4047]: listening for IKE messages
> Apr 17 15:18:19 HASERVER pluto[4047]: adding interface ipsec0/eth0 x.x.x.x
> :500
> Apr 17 15:18:19 HASERVER pluto[4047]: loading secrets from
> "/etc/ipsec.secrets"
> Apr 17 15:27:09 HASERVER pluto[4047]: packet from x.x.x.x:500: ignoring
> Vendor ID payload [MS NT5 ISAKMPOAKLEY 00000002]
> Apr 17 15:27:09 HASERVER pluto[4047]: packet from x.x.x.x:500: initial
Main
> Mode message received on cl.cl.cl.cl:500 but no connection has been
> authorized
> Apr 17 15:27:10 HASERVER pluto[4047]: packet from x.x.x.x:500: ignoring
> Vendor ID payload [MS NT5 ISAKMPOAKLEY 00000002]
> Apr 17 15:27:10 HASERVER pluto[4047]: packet from x.x.x.x:500: initial
Main
> Mode message received on cl.cl.cl.cl:500 but no connection has been
> authorized
> Apr 17 15:27:12 HASERVER pluto[4047]: packet from x.x.x.x:500: ignoring
> Vendor ID payload [MS NT5 ISAKMPOAKLEY 00000002]
> -------------- next part --------------
> An HTML attachment was scrubbed...
> URL:
http://lists.openswan.org/pipermail/dev/attachments/20060418/3d24498a/attachment-0001.htm
>
> ------------------------------
>
> _______________________________________________
> Dev mailing list
> Dev at openswan.org
> http://lists.openswan.org/mailman/listinfo/dev
>
>
> End of Dev Digest, Vol 29, Issue 12
> ***********************************
>
>




More information about the Dev mailing list