[Openswan Users] Asynchronos Network error..

Stefan Drees s_drees at arcor.de
Sun Oct 23 01:14:29 CEST 2005 

Hello,
i try to establish an IPSEC connection between two openswan server.
The network looks like this:

[192.168.11.0/24]--[Openswan1]--[DSL-Router]----[Inet]----[Openswan2]-[192.168.100.0/24]

I can establish a connection from openswan1 to openswan2.
If i try to connection from openswan2 to openswan1, i got sometimes the 
following errors:

Oct 22 23:40:52 firewall pluto[14607]: ERROR: asynchronous network error 
report on eth0 for message to 84.61.201.207 port 500, complainant 
192.168.10.254: Protocol not available [errno 92, origin ICMP type 3 
code 2 (not authenticated)]
Oct 22 23:41:02 firewall pluto[14607]: ERROR: asynchronous network error 
report on eth0 for message to 84.61.201.207 port 500, complainant 
192.168.10.254: Protocol not available [errno 92, origin ICMP type 3 
code 2 (not authenticated)]
Oct 22 23:41:02 firewall pluto[14607]: "rw1" #16: transition from state 
STATE_MAIN_R1 to state STATE_MAIN_R2
Oct 22 23:41:03 firewall pluto[14607]: "rw1" #16: Peer ID is ID_FQDN: 
'@drees.dyndns.org'
Oct 22 23:41:03 firewall pluto[14607]: "rw1" #16: I did not send a 
certificate because I do not have one.
Oct 22 23:41:03 firewall pluto[14607]: "rw1" #16: transition from state 
STATE_MAIN_R2 to state STATE_MAIN_R3
Oct 22 23:41:03 firewall pluto[14607]: "rw1" #16: sent MR3, ISAKMP SA 
established
Oct 22 23:41:03 firewall pluto[14607]: "rw1" #17: responding to Quick Mode
Oct 22 23:41:04 firewall pluto[14607]: "rw1" #17: transition from state 
(null) to state STATE_QUICK_R1
Oct 22 23:41:04 firewall pluto[14607]: "rw1" #17: transition from state 
STATE_QUICK_R1 to state STATE_QUICK_R2
Oct 22 23:41:04 firewall pluto[14607]: "rw1" #17: IPsec SA established 
{ESP=>0x1d6d4bd4 <0xa076f5c0}

But then it gets connected and i don´t know why, can someone explain me 
this?
And what does "Asynchronous network error..." mean?

Here are the connections definitions:
openswan1
conn rw1
left=%defaultroute
leftsubnet=192.168.11.0/24
leftid=@openswan1.box.de
leftrsasigkey=......
right=<IP>
rightsubnet=192.168.100.0/24
rightid=@openswan2.box.de
rightrsasigkey=...
authby=rsasig
auto=add
esp=3des-sha1-69
ikelifetime=1h
keylife=1h
keyexchange=ike
pfs=yes
keyingtries=0

openswan2
conn rw1
left=%defaultroute
leftsubnet=192.168.100.0/24
leftid=@openswan2.box.de
leftrsasigkey=...
right=<IP>
rightsubnet=192.168.11.0/24
rightid=@openswan1.box.de
rightrsasigkey=...
authby=rsasig
auto=add
esp=3des-sha1-69
ikelifetime=1h
keylife=1h
keyexchange=ike
pfs=yes
keyingtries=0

Thanks, in advance.

Stefan Drees

More information about the Users mailing list