[Openswan Users] Road warrior issue

Jacco de Leeuw jacco2 at dds.nl
Wed Aug 31 23:51:16 CEST 2005


Thiago Campos wrote:

> My box is a  Fedora 3  and openswan-2.3.1-1 i want it to be my vpn 
> server in order to road warrior users connect to my LAN
> 
> when i try to connect from my notebook to the server i got the error 
> 792, on the server /var/log/secure show
> 
> Can't authenticate: no preshared key found for @meudominio.com.br and 
> `%any'
> 
> the server configurations i followed the instructions from
> http://wiki.openswan.org/index.php/Configuring
> and the windows XP configs. i followd from 
> http://www.jacco2.dds.nl/networking/win2000xp-freeswan.html

You are mixing two different VPN methods for Windows clients:
plain IPsec and L2TP-over-IPsec. You will first have to decide
which one(s) you want to support, and then fix your configuration.

> Above the configurations files of my server
> 
> /etc/ipsec.conf
> 
> conn road
>    left=192.168.0.2
>    leftid=@meudominio.com.br
>    leftsubnet=192.168.0.0/24
>    leftrsasigkey=chave_do_servidor
>    rightnexthop=%defaultroute
>    right=%any
>    rightid=@road.t4w.com.br
>    auto=add
> 
> Arquivo /etc/ipsec.secrets do servidor
> 
> # Chave PSK
> 192.168.0.100: PSK "chave"

This seems to be a configuration for plain IPsec. However,
the IP address in left= does not match your /etc/ipsec.secrets.

The 'error 792' you mentioned above seems to indicate that
you wanted to use L2TP/IPsec on the Windows client. That
won't work with the plain IPsec configuration.

Jacco
-- 
Jacco de Leeuw                         mailto:jacco2 at dds.nl
Zaandam, The Netherlands           http://www.jacco2.dds.nl


More information about the Users mailing list