[Openswan Users]
utkarsh shah
utkarsh at elitecore.com
Tue Nov 29 15:48:04 CET 2005
Hi,
I am facing one problem in simple connection. I am using Openswan 2.4.2
my ipsec.conf file is like
version 2
config setup
interfaces="ipsec0=eth1"
klipsdebug=none
plutodebug=none
#plutoload=%search
#plutostart=%search
uniqueids=yes
nat_traversal=yes
conn abc
left=151.7.7.254
leftsubnet=7.7.7.0/255.255.255.0
leftnexthop=151.7.7.1
right=%any
authby=secret
auto=add
pfs=yes
keylife=8h
rekey=yes
rekeymargin=10
rekeyfuzz=0%
keyingtries=10
compress=yes
dpddelay=30
dpdtimeout=120
dpdaction=clear
conn rw_ltotp_test
left=151.7.7.254
leftsubnet=7.7.7.0/255.255.255.0
leftnexthop=151.7.7.1
right=%any
authby=rsasig
leftrsasigkey=%cert
rightrsasigkey=%cert
rightcert=ltotptest.pem
auto=add
pfs=yes
keylife=8h
rekey=yes
rekeymargin=10
rekeyfuzz=0%
keyingtries=10
compress=yes
dpddelay=30
my ipsec.secrets file is like
: RSA elitecorevpnprivatekey.key "password"
151.7.7.254 %any : PSK "presharedkey"
when I write both connection details and restart ipsec it works well but if I add a connection after restart it gives message like
ipsec auto --replace rw_ltotp_test
023 authentication method disagrees with "abc", which is also for an unspecified peer
037 attempt to load incomplete connection
if both of the connection are of same authentication method ie of rsakey or of presharedkey then it doesn't give any message.
Regards,
Utkarsh Shah
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.openswan.org/pipermail/users/attachments/20051129/dcac5c4c/attachment.htm
More information about the Users
mailing list