[Openswan Users] Setup not working
Paul Wouters
paul at xelerance.com
Wed Jul 13 17:41:40 CEST 2005
On Wed, 13 Jul 2005, Shuveb Hussain wrote:
> I have a setup thats something like this:
> I dont need a strict VPN setup. Just trying to encrypt traffic between
> 2 PCs on a LAN. So I have created hostkeys on both systems and
> included them in the conf files:
>
> --------------------Host:Shuveb------------------------------------------------------
> conn nova
> left=10.10.10.69
> leftid=@shuveb.nova.com
> leftrsasigkey=0sAQORrDe...
> right=10.10.10.53
> rightid=@kumaran.nova.com
> rightrsasigkey=0sAQOsaGCIav...
> auto=add
>
> #Disable Opportunistic Encryption
> include /etc/ipsec.d/examples/no_oe.conf
> There is no DNS or anything here... I was just trying to do a road
> warrior config, but with a static IP. I just need traffic between
> these 2 hosts to be encrypted. Later, I will add more connections to
> host "kumaran" that will act like a server.
>
> I have made sure that the ipsec service(pluto) is running on both
> systems. But when I try to start the tunnel from host "shuveb", it
> fails:
>
> 104 "nova" #1: STATE_MAIN_I1: initiate
> 010 "nova" #1: STATE_MAIN_I1: retransmission; will wait 20s for response
> 010 "nova" #1: STATE_MAIN_I1: retransmission; will wait 40s for response
> 010 "nova" #1: STATE_MAIN_I1: retransmission; will wait 40s for response
> .........
>
> What could be the issue?
It could be firewalls. What does ipsec verify say?
If it is not firewalls, try adding "type=%direct" and mail me back if that
worked for you.
Paul
More information about the Users
mailing list