[Openswan Users] Asynchronos Network error..
Stefan Drees
s_drees at arcor.de
Sun Oct 23 01:14:29 CEST 2005
Hello,
i try to establish an IPSEC connection between two openswan server.
The network looks like this:
[192.168.11.0/24]--[Openswan1]--[DSL-Router]----[Inet]----[Openswan2]-[192.168.100.0/24]
I can establish a connection from openswan1 to openswan2.
If i try to connection from openswan2 to openswan1, i got sometimes the
following errors:
Oct 22 23:40:52 firewall pluto[14607]: ERROR: asynchronous network error
report on eth0 for message to 84.61.201.207 port 500, complainant
192.168.10.254: Protocol not available [errno 92, origin ICMP type 3
code 2 (not authenticated)]
Oct 22 23:41:02 firewall pluto[14607]: ERROR: asynchronous network error
report on eth0 for message to 84.61.201.207 port 500, complainant
192.168.10.254: Protocol not available [errno 92, origin ICMP type 3
code 2 (not authenticated)]
Oct 22 23:41:02 firewall pluto[14607]: "rw1" #16: transition from state
STATE_MAIN_R1 to state STATE_MAIN_R2
Oct 22 23:41:03 firewall pluto[14607]: "rw1" #16: Peer ID is ID_FQDN:
'@drees.dyndns.org'
Oct 22 23:41:03 firewall pluto[14607]: "rw1" #16: I did not send a
certificate because I do not have one.
Oct 22 23:41:03 firewall pluto[14607]: "rw1" #16: transition from state
STATE_MAIN_R2 to state STATE_MAIN_R3
Oct 22 23:41:03 firewall pluto[14607]: "rw1" #16: sent MR3, ISAKMP SA
established
Oct 22 23:41:03 firewall pluto[14607]: "rw1" #17: responding to Quick Mode
Oct 22 23:41:04 firewall pluto[14607]: "rw1" #17: transition from state
(null) to state STATE_QUICK_R1
Oct 22 23:41:04 firewall pluto[14607]: "rw1" #17: transition from state
STATE_QUICK_R1 to state STATE_QUICK_R2
Oct 22 23:41:04 firewall pluto[14607]: "rw1" #17: IPsec SA established
{ESP=>0x1d6d4bd4 <0xa076f5c0}
But then it gets connected and i don´t know why, can someone explain me
this?
And what does "Asynchronous network error..." mean?
Here are the connections definitions:
openswan1
conn rw1
left=%defaultroute
leftsubnet=192.168.11.0/24
leftid=@openswan1.box.de
leftrsasigkey=......
right=<IP>
rightsubnet=192.168.100.0/24
rightid=@openswan2.box.de
rightrsasigkey=...
authby=rsasig
auto=add
esp=3des-sha1-69
ikelifetime=1h
keylife=1h
keyexchange=ike
pfs=yes
keyingtries=0
openswan2
conn rw1
left=%defaultroute
leftsubnet=192.168.100.0/24
leftid=@openswan2.box.de
leftrsasigkey=...
right=<IP>
rightsubnet=192.168.11.0/24
rightid=@openswan1.box.de
rightrsasigkey=...
authby=rsasig
auto=add
esp=3des-sha1-69
ikelifetime=1h
keylife=1h
keyexchange=ike
pfs=yes
keyingtries=0
Thanks, in advance.
Stefan Drees
More information about the Users
mailing list