[Openswan Users] path to madness

Eric S. Johansson esj at harvee.org
Thu Dec 16 18:25:53 CET 2004

I'm still having trouble with this road warrior connection to ipcop. 
The error messages the ever popular:

Dec 16 17:29:53 t2cop pluto[662]: packet from 
initial Main Mode message received on but no 
connection has been authorized with policy=RSASIG

and I find it's frustrating that even with plutodebug=all, I don't get 
anywhere near sufficient debugging information to tell me what's going 
on (or at least in the form I can recognize).

My interpretation of what's going on is that something about the client 
side certificate is not right.  It's not being matched by the server 
side corresponding certificate.  and if the client can't produce an 
identity and recognized by the firewall, nothing happens. (duh)

my expectation is that something will be able to tell me that the client 
ascending "this" ID and the firewall is expecting "that" ID so I can try 
to figure out why there's no match.

I've been all over the openswan sites (you don't have copies of the man 
pages up) and haven't found what I think I need to know.  I throw myself 
on your mercy.  For continuing on this path is the way to madness.



But if that's what we rely on [private and home schools], we
rely on something less than a notion of universal access and something
other than a system that unsettles a class system. If private schools
and home schooling are all we have, we have a much more static
society, rooted in generational class stasis.

More information about the Users mailing list