[Openswan Users] no connection has been authorized

Sun Jun 12 09:50:50 CEST 2005

Hi Paul

My connection is configured to use PSK and I was able to get connected
using Win2000 and PSK. Below is my config. I'm trying to use the definition
for client.

Regards,

Herbert

START
ipsec.conf=================================================================

# /etc/ipsec.conf - FreeS/WAN IPsec configuration file

# More elaborate and more varied sample configurations can be found
# in FreeS/WAN's doc/examples file, and in the HTML documentation.

# basic configuration
config setup
        # THIS SETTING MUST BE CORRECT or almost nothing will work;
        # %defaultroute is okay for most simple cases.
        interfaces=%defaultroute
        # Debug-logging controls:  "none" for (almost) none, "all" for
lots.
        klipsdebug=none
        plutodebug=none
        # Use auto= parameters in conn descriptions to control startup
actions.
        plutoload=%search
        plutostart=%search
        # Close down old connection when new one using same ID shows up.
        uniqueids=yes

# defaults for subsequent connection descriptions
# (these defaults will soon go away)
conn %default
        keyingtries=0
        disablearrivalcheck=no
        authby=rsasig
        leftrsasigkey=%cert
        rightrsasigkey=%cert

conn china
        left=%defaultroute
        leftsubnet=10.0.0.0/16
        leftcert=certs/RothGWcert.pem
        right=w.x.y.z
        rightsubnet=10.4.0.0/16
        rightid="C=CN, O=organisation, CN=china name"
        auto=start

conn asia
        left=%defaultroute
        leftsubnet=10.0.0.0/16
        leftcert=certs/RothGWcert.pem
        right=z.y.x.w
        rightsubnet=10.2.0.0/24
        rightid="C=SG, O=organisation, CN=asia name"
        auto=start

conn client
        left=%defaultroute
        leftsubnet=10.0.0.0/24
        authby=secret
        right=%any
        rightid=%any
        aggrmode=yes
        auto=add

END
ipsec.conf=================================================================

START
ipsec.secrets=================================================================

# This file holds shared secrets or RSA private keys for inter-Pluto
# authentication.  See ipsec_pluto(8) manpage, and HTML documentation.

# RSA private key for this host, authenticating it to any other host
# which knows the public part.  Suitable public keys, for ipsec.conf, DNS,
# or configuration of other implementations, can be extracted conveniently
# with "ipsec showhostkey".

: RSA RothGWkey.pem "password for key"

ip.off.my.gateway %any : PSK "PSK password"

END
ipsec.secrets=================================================================

users-bounces at openswan.org wrote on 11.06.2005 23:25:04:

> On Sat, 11 Jun 2005 Herbert.Augustiny at sptroth.com wrote:
>
> > I'm trying to connect a palm OS device to OpenSwan using movianVPN but
on
> > the server side I'm allways getting the following message in the log:
> > Jun 11 21:48:31 src at fw pluto[7912]: packet from clientIP:392: initial
Main
> > Mode message received on serverIP:500 but no connection has been
authorized
> > with policy=PSK
>
> Your palm is trying to use a preshared secret (PSK) while your openswan
end
> is configured for rsa. You can change this with authby=secret, which
requires
> you put the PSK in ipsec.secrets. See man page for syntax.
>
> Paul
> _______________________________________________
> Users mailing list
> Users at openswan.org
> http://lists.openswan.org/mailman/listinfo/users