[Openswan Users] openswan 2.4.0 & pix 515e
Lelio Parisi
piccololean at yahoo.it
Wed Oct 5 16:46:24 CEST 2005
Hi! I've some problem with the last openswan running
on 2.6.13 kernel with klips and my cisco pix 515e
Here's the error:
root at lean:~# ipsec auto --up pix
104 "pix" #1: STATE_MAIN_I1: initiate
106 "pix" #1: STATE_MAIN_I2: sent MI2, expecting MR2
003 "pix" #1: received Vendor ID payload [XAUTH]
003 "pix" #1: received Vendor ID payload [Dead Peer
Detection]
003 "pix" #1: received Vendor ID payload [Cisco-Unity]
003 "pix" #1: ignoring unknown Vendor ID payload
[b1a7785aeff2584005e81dc7acb2bafc]
108 "pix" #1: STATE_MAIN_I3: sent MI3, expecting MR3
003 "pix" #1: protocol/port in Phase 1 ID Payload must
be 0/0 or 17/500 but are 17/0
218 "pix" #1: STATE_MAIN_I3: INVALID_ID_INFORMATION
I've found that I must say rightprotoport=17/%any but
when I put this string, it says:root at lean:~# ipsec
auto --up pix
021 no connection named "pix"
but the connection exist!!
here's my conf:
version 2.0
config setup
interfaces="ipsec0=eth0"
klipsdebug=none
#plutodebug=none
#plutoload=%search
#plutostart=%search
uniqueids=yes
conn %default
keyingtries=0
disablearrivalcheck=no
authby=secret
conn pix
#type = tunnel
left=80.181.yyy.yyy
leftsubnet=192.168.0.0/24
#leftnexthop=%defaultroute
right=192.167.xxx.xxx
rightsubnet=10.0.0.0/24
authby=secret
#esp = 3des-md5-hmac
Can you help me?
___________________________________
Yahoo! Mail: gratis 1GB per i messaggi e allegati da 10MB
http://mail.yahoo.it
More information about the Users
mailing list