[Openswan Users] not quite there - ipsec SA proposal no working
Paul Wouters
paul at xelerance.com
Mon Jan 24 19:10:31 CET 2005
On Mon, 24 Jan 2005, Mads Rasmussen wrote:
> Jan 24 14:20:46 [pluto] "road"[1] road_ip #1: cannot respond to IPsec SA
> request because no connection is known for
> 10.30.0.0/24===gw_ip[@pernambuco.dyndns.org]...road_ip[C=BR, O=Grupo F
> conn road
> right=%any
> leftid=@pernambuco.dyndns.org
> rightid="/C=BR/O=Grupo F Arquitetura/OU=TI/CN=remote at grupof.com.br"
> rightsubnet=10.30.0.0/24
you're mixing things here. You should not be using X.509 based id's for only one
end of the connection. Remove leftid or put the real subject of its X.509 certificate
in there.
Paul
--
"At best it is a theory, at worst a fantasy" -- Michael Crichton
More information about the Users
mailing list