[Openswan Users] Help please
kidboy at brturbo.com.br
kidboy at brturbo.com.br
Thu May 5 22:41:45 CEST 2005
Hi guys, i need help. I have two machines with fedora core 3 installed, and i wan to put this to talk with ipsec. This machines are located back to modem adsl, and this modem ware doing firewall to this machis any packages to it. My configuration is:
* Server One
config setup
plutodebug=all
interfaces="ipsec0=eth0"
klipsdebug=all
nat_traversal = yes
conn %default
esp=3des-md5-2192
authby=rsasig
conn vpn
type=tunnel
left=200.80.163.10
leftsubnet=192.10.1.0/24
leftrsasigkey=0sAQ...
right=10.0.0.1
rightsubnet=192.168.0.0/24
rightrsasigkey=0sAQO...
auto=add
#Disable Opportunistic Encryption
include /etc/ipsec.d/examples/no_oe.conf
* Server two
config setup
plutodebug=all
interfaces="ipsec0=eth0"
klipsdebug=all
nat_traversal = yes
conn %default
esp=3des-md5-2192
authby=rsasig
conn vpn
type=tunnel
left=10.1.1.5
leftsubnet=192.10.1.0/24
leftrsasigkey=0sAQ...
right=200.175.246.2
rightsubnet=192.168.0.0/24
rightrsasigkey=0sAQO...
auto=add
When i start ipsec and start conection:
# service ipsec start
# ipsec auto --up vpn
I recive this mensage in log file:
............
May 5 21:39:56 servidor pluto[11568]: | refine_connection: starting with vpn
May 5 21:39:56 servidor pluto[11568]: "vpn" #27: no suitable connection for peer '10.1.1.5'
May 5 21:39:56 servidor pluto[11568]: | state transition function for STATE_MAIN_R2 failed: INVALID_ID_INFORMATION
May 5 21:39:56 servidor pluto[11568]: | next event EVENT_RETRANSMIT in 5 seconds for #26
And this mensagem with command ipsec auto --status
.....................
000 #27: "vpn" STATE_MAIN_R2 (sent MR2, expecting MI3); EVENT_RETRANSMIT in 12s
000 #28: "vpn" STATE_MAIN_I3 (sent MI3, expecting MR3); EVENT_RETRANSMIT in 1s
000 #28: pending Phase 2 for "vpn" replacing #0
Please somebody can help me with this problem ? I need a solution, i already everything i know. My firewall is ok, i already verify it.
More information about the Users
mailing list