[Openswan Users] Can I build openswan VPN between TSL 3 and TSL
2.2
Paul Wouters
paul at xelerance.com
Thu Nov 10 05:12:50 CET 2005
On Thu, 10 Nov 2005, ww wrote:
> I install Trustix Security Linux as gateway for my office and my home.
> Who will tell me if I can build openswan VPN between TSL3 and TSL 2.2 ?
I have no idea what IPsec capabilities or versions of openswan or the kernel
these distributions have.......
> my TSL 2.2 has a still IP , and TSL 3 has a dynamic ip (ADSL),
>
> when I start my vpn channel , I got the message as list as fellow :
> ----------------------------------------------------------------------------
> root at Viper /etc# ipsec auto --up mychannel
> 104 "mychannel" #1: STATE_MAIN_I1: initiate
> 106 "mychannel" #1: STATE_MAIN_I2: sent MI2, expecting MR2
> 108 "mychannel" #1: STATE_MAIN_I3: sent MI3, expecting MR3
> 003 "mychannel" #1: ignoring informational payload, type
> INVALID_KEY_INFORMATION
The other end is telling you your key is wrong. If you are using raw rsakeys,
then you probably broke creating leftrsasigkey= or rightrsasigkey=, or you
perhaps mixed them up. Or you are using mismatching leftid= or rightid= options.
The other end will have a more elaborate error in the logs about which key
seems to be wrong.
Paul
More information about the Users
mailing list