[Openswan Users] path to madness

Paul Wouters paul at xelerance.com
Fri Dec 17 23:25:39 CET 2004

On Thu, 16 Dec 2004, Eric S. Johansson wrote:

> >> Dec 16 17:29:53 t2cop pluto[662]: packet from 
> >> initial Main Mode message received on but no 
> >> connection has been authorized with policy=RSASIG

> conn rjagerlt
>          left=t2cop.andrewandsons.com
>          leftnexthop=%defaultroute
>          leftsubnet=
>          leftcert=/var/ipcop/certs/hostcert.pem
>          right=%any
>          rightsubnet=vhost:%no,%priv
>          rightcert=/var/ipcop/certs/rjagerltcert.pem

Okay, then the problem must be in certificates and/or ca?
You can check with ipsec auto --listall to see all the information
on the certificates. Check to see that your server has a private key
loaded for its certificates.
Also, at startup it might be rejecting the conn rjagetit, which would
at least make me understand the error message better. If so, it is
probably telling you why it failed to load the conn. (or --add it 
again to see the error again)


More information about the Users mailing list