[Openswan Users] INVALID_COOKIE error
Marc Spiegelman
marc at itu.net
Tue May 24 09:44:32 CEST 2005
I am testing a roadwarrior configuration using OpenSwan v1.0.9 and
SoftRemote 10. I had it working but I was playing around and now I
can't get it to work at all.
The error log reads ...
May 23 02:17:14 s1001 authpriv.warn pluto[11057]: packet from
64.168.112.158:500: ignoring Vendor ID payload
[draft-ietf-ipsec-nat-t-ike-00]
May 23 02:17:14 s1001 authpriv.warn pluto[11057]: packet from
64.168.112.158:500: ignoring Vendor ID payload
[draft-ietf-ipsec-nat-t-ike-02_n]
May 23 02:17:14 s1001 authpriv.warn pluto[11057]: "anyone"[1]
xx.xx.xx.xx #1: responding to Main Mode from unknown peer xx.xx.xx.xx
May 23 02:17:14 s1001 authpriv.warn pluto[11057]: "anyone"[1]
xx.xx.xx.xx #1: transition from state (null) to state STATE_MAIN_R1
May 23 02:17:14 s1001 authpriv.warn pluto[11057]: packet from
64.168.112.158:500: ignoring informational payload, type INVALID_COOKIE
May 23 02:17:14 s1001 authpriv.warn pluto[11057]: packet from
64.168.112.158:500: received and ignored informational message
And my ipsec.conf reads ...
# /etc/ipsec.conf - Openswan IPsec configuration file
# More elaborate and more varied sample configurations can be found
# in Openswan's doc/examples file, in the HTML documentation, and online
# at http://www.openswan.org/docs/
#
#
#
# basic configuration
config setup
interfaces=%defaultroute
klipsdebug=none
plutodebug=none
plutoload=%search
plutostart=%search
plutowait=no
uniqueids=yes
virtual_private=%v4:10.0.0.0/8,%v4:172.16.0.0/12,%v4:192.168.0.0/16,%v4:
!192.168.1.0/24
# Defaults for all connection descriptions
conn %default
keyingtries=0
disablearrivalcheck=no
leftrsasigkey=%dnsondemand
rightrsasigkey=%dnsondemand
authby=rsasig
auto=add
conn anyone
left=%defaultroute
leftsubnet=192.168.1.0/24
right=%any
rightsubnet=vhost:%no,%priv
#pfs=no
authby=secret
auto=add
What is an invalid cookie?
Any Suggestions would be appreciated.
More information about the Users
mailing list