[Openswan Users] net-to-net connection failing to establish IPSEC SA

John PN john.pn at gmail.com
Wed Feb 23 18:45:02 CET 2005


I have been trying to set up a simple net-to-net connection using two
Debian Linux boxes with kernel 2.4.18. I installed OpenSWAN 2.3.1dr3
from source on both gateways.

The situation right now is that when I start things up, I see in the
output of ipsec whack --status, that the ISAKMP SA has been
established, but the IPSec SA does not get established. This happens
at both ends, and the tunnel does not get established.

I am new to OpenSWAN and also have only some basic knowledge of
firewalling using iptables. I have tried with my limited knowledge to
solve this issue, but have not been able to. It is probably something
small that I am overlooking. Please point out anything that I could be

In case it is necessary, I have put up the ipsec barf output of the
left gateway at http://ipsec.altivotech.net/ipsec_barf_left.txt

Thanks and regards,

More information about the Users mailing list