[Openswan Users] but no connection has been authorized

Davide Giunchi davidegiunchi at libero.it
Thu Dec 16 16:48:38 CET 2004


I'm trying to setup openswan on two debian testing, one has a fixed ip
address and is under NAT (a netgear adsl router), the second is under
NAT and has a dynamic ip, so i'm trying to connect from the dynamic ip
(road warrior) to the fixed one.
Here it's the ipsec.conf on both side:

version 2
include /etc/ipsec.d/examples/no_oe.conf

config setup
        nat_traversal=yes

conn ufficio
        # left is the office
        left=1.2.3.4 (the fixed ip address on the dsl router)
        leftid=@ufficio.no-ip.info
        leftsubnet=192.168.0.0/24
        leftnexthop=192.168.0.254
        leftrsasigkey=0sAxxxxxxxxxxxxxxxxxxx
        # right the road warrior
        right=%defaultroute
        rightid=@davide.example.com (fake hostname because it doesn't
have a valid one)
        rightrsasigkey=0sAxxxxxx
        auto=add

(i use plain RSA).
I start openswan on both side and then i run on the road warrior:

# ipsec auto --add ufficio
020 attempt to redefine connection "ufficio"
# ipsec auto --up ufficio
104 "ufficio-davide" #1: STATE_MAIN_I1: initiate
010 "ufficio-davide" #1: STATE_MAIN_I1: retransmission; will wait 20s
for response
010 "ufficio-davide" #1: STATE_MAIN_I1: retransmission; will wait 40s
for response
010 "ufficio-davide" #1: STATE_MAIN_I1: retransmission; will wait 40s
for response

and so on....


on the other side, on /var/log/syslog i get (when i run --up):

Dec 16 16:21:44 hal pluto[30735]: packet from 82.53.180.x:500: received
Vendor ID payload [draft-ietf-ipsec-nat-t-ike-03]
Dec 16 16:21:44 hal pluto[30735]: packet from 82.53.180.x:500: received
Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02] meth=107, but already
using method 108
Dec 16 16:21:44 hal pluto[30735]: packet from 82.53.180.x:500: received
Vendor ID payload [draft-ietf-ipsec-nat-t-ike-00]
Dec 16 16:21:44 hal pluto[30735]: packet from 82.53.180.x:500: initial
Main Mode message received on 192.168.0.1:500 but no connection has been
authorized
Dec 16 16:21:54 hal pluto[30735]: packet from 82.53.180.x:500: received
Vendor ID payload [draft-ietf-ipsec-nat-t-ike-03]
Dec 16 16:21:54 hal pluto[30735]: packet from 82.53.180.x:500: received
Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02] meth=107, but already
using method 108
Dec 16 16:21:54 hal pluto[30735]: packet from 82.53.180.x:500: received
Vendor ID payload [draft-ietf-ipsec-nat-t-ike-00]
Dec 16 16:21:54 hal pluto[30735]: packet from 82.53.180.x:500: initial
Main Mode message received on 192.168.0.1:500 but no connection has been
authorized

and so on... 
how can i solve the problem?

Regards.




More information about the Users mailing list