[Openswan Users] openswan road warriors configuration
Apalodimas Ilias
iapal at intracom.gr
Thu Oct 27 13:09:51 CEST 2005
Hello evereybody,
I am trying to setup up openswan 2.4.2dr5 with the following setup
version 2.0
config setup
interfaces="%defaultroute"
klipsdebug=none
plutodebug=none
uniqueids=yes
nat_traversal=yes
conn test2
type=tunnel
left=%defaultroute
leftsubnet=x.x.x.x/24
right=y.y.y.y
rightsubnet=z.z.z.z/24
authby=secret
auth=esp
esp=3des-md5-96
keyexchange=ike
pfs=yes
auto=start
this is the "client" side, my problem concerns ipsec.secrtes file
: PSK "some key" works fine but,
changing the ipsec.secrets to:
%any y.y.y.y: PSK "some key"
does not. Is this ok ?
the debug shows :
Oct 20 16:44:34 pluto[21219]: loading secrets from "/etc/ipsec.secrets"
Oct 20 16:44:41 pluto[21219]: "test2" #1: initiating Main Mode
Oct 20 16:44:41 pluto[21219]: "test2" #1: received Vendor ID payload
[draft-ietf-ipsec-nat-t-ike-03] method set to=108
Oct 20 16:44:41 pluto[21219]: "test2" #1: Can't authenticate: no
preshared key found for `x.x.x.x` and `y.y.y.y'. Attribute
OAKLEY_AUTHENTICATION_METHOD
I' ve also tried left=%any instead of %defaultroute in ipsec.conf(which
doesn't look very sane to me but i found a config looking like this
somewehere) but then i get :
Oct 20 16:46:29 pluto[21952]: loading secrets from "/etc/ipsec.secrets"
Oct 20 16:46:34 pluto[21952]: "test2": We cannot identify ourselves with
either end of this connection, although the key is correct on both
sides as i ve managed to make a connection with a different config
mentioned above.
Thanks in advnance
Apalodimas Ilias
More information about the Users
mailing list