[Openswan Users] cannot respond to IPsec SA request because no
connection is known for 0.0.0.0/0
Paul Wouters
paul at xelerance.com
Thu Jul 15 16:31:10 CEST 2004
On Thu, 15 Jul 2004, Gregor Bethlen wrote:
> 1 VPN-Server
> IP 192.168.1.1 SUbnet 255.255.255.0
>
> 1 Windows XP-System
> IP 192.168.1.2 subnet 255.255.255.0
>
> Both systems connected with a hub (connectivity OK)
>
> conn vpntest
> left=192.168.1.1
> leftcert=/root/vpncert.der
> leftid=[X.500-Name protected]
> leftca=[X.500-Name protected]
> leftrsasigkey=%cert
> #leftsubnet=192.168.1.0/24
> right=%any
> #rightnexthop=192.168.1.2
> rightid=[X.500-Name protected]
> rightca=%same
> rightrsasigkey=%cert
> rightsubnet=192.168.1.0/24
> auto=add
Both hosts are in the 192.168.1.0/24 range. You cant then
make one of them have that as subnet.
The easiest way is to realy make a three machines setup for your tests.
> Jul 15 14:08:03 linux pluto[6809]: "vpntest"[1] 192.168.1.2 #1: cannot respond to IPsec SA request because no connection is known for 0.0.0.0/0===192.168.1.1[[X.500-Name protected],S=C]...192.168.1.2[[X.500-Name protected],S=C]
It seems somewhere it is specified that a subnet=0.0.0.0/0 but not on both
sides.
Paul
More information about the Users
mailing list