[Openswan Users] Windows works Linux does not.
Brett Curtis
dashnu at gmail.com
Fri Jul 15 10:38:08 CEST 2005
Using jacco's configs. I can not seem to connect with a straight ipsec
connection on my linux clients.
I have tried this config client side.
version 2.0 # conforms to second version of ipsec.conf specification
# basic configuration
config setup
# Debug-logging controls: "none" for (almost) none, "all" for lots.
# klipsdebug=none
# plutodebug="control parsing"
interfaces=%defaultroute
klipsdebug=none
plutodebug=none
overridemtu=1410
nat_traversal=yes
virtual_private=%v4:10.0.0.0/8,%v4:172.16.0.0/12,%v4:192.168.0.0/16,%v4:!192.168.1.0/24
# Add connections here
conn %default
keyingtries=3
compress=yes
disablearrivalcheck=no
authby=secret
type=tunnel
keyexchange=ike
ikelifetime=240m
keylife=60m
conn roadwarrior-net
leftsubnet=192.168.1.0/24
rightsubnet=10.0.0.0/24
also=roadwarrior
conn roadwarrior
pfs=no
left=<server ip>
right=%defaultroute
auto=add
#Disable Opportunistic Encryption
include /etc/ipsec/ipsec.d/examples/no_oe.conf
now after a restart of ipsec I do this.
ipsec auto --up roadwarrior-net
and get this error in my server log.
Jul 15 09:31:25 defender pluto[13988]: "roadwarrior-l2tp"[8] <client
ip>:4500 #11: cannot respond to IPsec SA request because no connection
is known for 192.168.1.0/24===<server ip>:4500...<client
ip>:4500[10.0.0.2]===10.0.0.0/24
If i try just ipsec auto --up roadwarrior
I get this error
Jul 15 09:29:23 defender pluto[13988]: "roadwarrior-net"[7]
<client-ip>:4500 #10: ERROR: netlink response for Add SA
comp.a2bb@<server ip> included errno 22: Invalid argument
More information about the Users
mailing list