[Openswan Users] ipsec needed restart
sasa
sasa at shoponweb.it
Tue Nov 8 19:44:37 CET 2005
"Paul Wouters" wrote:
> You probably want to comment out type=transport (it will still use
> transport
> mode) and add rightsubnet=vhost:%no,%priv if you want to be able to use
> l2tp
> from behind a NAT router. You also need nat_traversal=yes and the
> appropriate
> virtual_private setting.
..now I have added in ipsec.conf:
leftsubnet=192.168.0.0
...and
rightsubnet=vhost:%no,%priv
..but now in the log file I have:
Nov 8 19:14:44 test2 pluto[10157]: packet from y.y.y.y:500: initial Main
Mode message received on y.y.y.y:500 but no connection has been authorized
> That is not 2.3.1, but some cvs version? Please upgrade to 2.4.x.
I use openswan files from atrpms site...it's not worked fine ??
>> OAKLEY_DES_CBC is not supported. Attribute OAKLEY_ENCRYPTION_ALGORITHM
>> Nov 7 17:41:51 test2 pluto[28664]: "left-road"[6] 81.174.38.254 #1071:
>> OAKLEY_DES_CBC is not supported. Attribute OAKLEY_ENCRYPTION_ALGORITHM
>> Nov 7 17:41:51 test2 pluto[28664]: "left-road"[6] x.x.x.x #1071: no
>> acceptable Oakley Transform
>
> Upgrade the Windows client. It is asking for 1DES instead of 3DES.
..the Windows XP client is updated !
thanks again.
------
Salvatore.
More information about the Users
mailing list