[Openswan Users] 3Com IPSEC Error

jmann at integracarehh.com jmann at integracarehh.com
Sat Mar 5 23:16:53 CET 2005


I'm trying to connect a 3Com OfficeConnect VPN system to an Openswan
device.  These are the errors I get:

Mar  5 23:09:23 occucaremedicalcenters pluto[13354]: "olney" #1:
responding to Main Mode
Mar  5 23:09:23 occucaremedicalcenters pluto[13354]: "olney" #1:
transition from state (null) to state STATE_MAIN_R1
Mar  5 23:09:24 occucaremedicalcenters pluto[13354]: "olney" #1:
transition from state STATE_MAIN_R1 to state STATE_MAIN_R2
Mar  5 23:09:25 occucaremedicalcenters pluto[13354]: "olney" #1: Peer ID
is ID_IPV4_ADDR: '208.31.187.61'
Mar  5 23:09:25 occucaremedicalcenters pluto[13354]: "olney" #1: I did not
send a certificate because I do not have one.
Mar  5 23:09:25 occucaremedicalcenters pluto[13354]: "olney" #1:
transition from state STATE_MAIN_R2 to state STATE_MAIN_R3
Mar  5 23:09:25 occucaremedicalcenters pluto[13354]: "olney" #1: sent MR3,
ISAKMP SA established
Mar  5 23:09:26 occucaremedicalcenters pluto[13354]: "olney" #1: cannot
respond to IPsec SA request because no connection is known for
192.168.1.0/24===A.B.C.D...E.F.G.H===192.168.191.0/24
Mar  5 23:09:26 occucaremedicalcenters pluto[13354]: "olney" #1: sending
encrypted notification INVALID_ID_INFORMATION to E.F.G.H:500
Mar  5 23:09:35 occucaremedicalcenters pluto[13354]: "olney" #1: Quick
Mode I1 message is unacceptable because it uses a previously used Message
ID 0xe2e0e891 (perhaps this is a duplicated packet)

In the 3Com device, I have limited options I have to define, they are the
following:

Connection Type: Gateway to Gateway
Tunnel Type: IPSec
Description: corporate
Remote IPSec Server ID: A.B.C.D
Remote IPSec Server Address: A.B.C.D
Remote Network Address: 192.168.1.0
Remote Subnet Mask: 255.255.255.0
Tunnel Shared Key: <KEY>
Encryption Type: Triple DES(3DES)
Hash Algorithm: SHA-1
Exchange Keys Using: Diffie-Hellman Group 2 (1024-bit)
Renegotiate After (seconds): 600


My openswan gateway has the following config:

conn olney
        authby=secret
        pfs=no
        left=A.B.C.D
        leftsubnet=192.168.1.0/24
        leftprotoport=17/0
        right=E.F.G.H
        rightsubnet=192.168.191.0/24
        rightprotoport=17/1701
        auto=add
        keyingtries=3



My network is diagramed as follows:

Network
192.168.191.0/24->3com(E.F.G.H)->Internet->OpenSwan(A.B.C.D)->Network
192.168.1.0/24

What am I doing wrong....



More information about the Users mailing list