[Openswan Users] path to madness
Paul Wouters
paul at xelerance.com
Fri Dec 17 23:25:39 CET 2004
On Thu, 16 Dec 2004, Eric S. Johansson wrote:
> >> Dec 16 17:29:53 t2cop pluto[662]: packet from 68.194.142.248:500:
> >> initial Main Mode message received on 69.18.163.107:500 but no
> >> connection has been authorized with policy=RSASIG
> conn rjagerlt
> left=t2cop.andrewandsons.com
> leftnexthop=%defaultroute
> leftsubnet=10.51.64.0/255.255.255.0
> leftcert=/var/ipcop/certs/hostcert.pem
> right=%any
> rightsubnet=vhost:%no,%priv
> rightcert=/var/ipcop/certs/rjagerltcert.pem
Okay, then the problem must be in certificates and/or ca?
You can check with ipsec auto --listall to see all the information
on the certificates. Check to see that your server has a private key
loaded for its certificates.
Also, at startup it might be rejecting the conn rjagetit, which would
at least make me understand the error message better. If so, it is
probably telling you why it failed to load the conn. (or --add it
again to see the error again)
Paul
More information about the Users
mailing list