[Openswan Users]
Sebastian Zdrojewski
sebastian.zdrojewski at technomind.it
Wed Jul 7 13:15:25 CEST 2004
Hi all,
I'm experiencing a strange behavior on my net-to-net connection.
Actually I have 2 remote sites connected through an IPsec tunnel. I use
on both gateways the 2.1.2 version of OpenSwan and 2.4.26 kernel. The
system works fine, but mostly I get this error message in the secure
log:
Jul 7 00:07:54 remotesite pluto[26378]: packet from
123.123.123.123:4500: received Vendor ID payload
[draft-ietf-ipsec-nat-t-ike-03]
Jul 7 00:07:54 remotesite pluto[26378]: packet from
123.123.123.123:4500: received Vendor ID payload
[draft-ietf-ipsec-nat-t-ike-02] meth=107, but already using method 108
Jul 7 00:07:54 remotesite pluto[26378]: packet from
123.123.123.123:4500: received Vendor ID payload
[draft-ietf-ipsec-nat-t-ike-00]
Jul 7 00:07:54 remotesite pluto[26378]: packet from
123.123.123.123:4500: initial Main Mode message received on 1.1.1.8:4500
but no connection has been authorized
The error comes up every 8-9 seconds on the remote site. The scructure
is this:
remotesite eth0(1.1.1.8) ---> router NAT 123.123.123.123 ---> localsite
234.234.234.234 ---> localnet
remotesite is the box making the connection and this is the conf file:
config setup
interfaces="ipsec0=eth0"
nat_traversal=yes
conn %default
keyingtries=0
authby=rsasig
conn remote-to-local
#### THIS CONNECTS TO THE LOCALSITE ####
leftid=@remotesitemachine
left=1.1.1.8
#leftnexthop=172.16.0.1
leftsubnet=172.16.1.0/24
rightrsasigkey=...
#
#### Gateway su Milano ####
right=123.123.123.123
#rightnexthop=%defaultroute
rightsubnet=192.168.0.0/24
rightid=@mi00vpn01.vpn.technomind.it
leftrsasigkey=...
auto=add
authby=rsasig
rekey=no
failureshunt=passthrough
pfs=no
compress=no
type=tunnel
-
More information about the Users
mailing list