[Openswan Users] Still having troubles : cannot respond to IPSEC
Andreas Steffen
andreas.steffen at strongsec.net
Tue Mar 23 20:35:26 CET 2004
Dennis Leist wrote:
Always take this error message seriously and interpret it literally:
> cannot respond to IPsec SA request because no connection is known for
> 62.210.20.146[C=DE, ST=Hamburg, L=Hamburg, CN=VPN Admin]:17/0...
213.39.205.80[C=DE, ST=Koeln, CN=VPN User]:17/1701===192.168.1.99/32
> conn w2k-client
> left=62.206.19.146 ok
> leftnexthop=62.206.19.145
> leftrsasigkey=%cert
> leftcert=gatecert.pem
> leftprotoport=17/0 ok
> right=%any
> rightrsasigkey=%cert ok
> pfs=no
> rightprotoport=17/1701 ok
> keyingtries=0
> disablearrivalcheck=no
> auto=add
what is missing is
rightsubnet=192.168.1.99/32
or
rightsubnetwithin=192.168.1.0/24
or
rightsubnetwithin=192.168.0.0/16
Regards
Andreas
=======================================================================
Andreas Steffen e-mail: andreas.steffen at strongsec.com
strongSec GmbH home: http://www.strongsec.com
Alter Zürichweg 20 phone: +41 1 730 80 64
CH-8952 Schlieren (Switzerland) fax: +41 1 730 80 65
==========================================[strong internet security]===
More information about the Users
mailing list