[Openswan Users] openswan road warriors configuration

Apalodimas Ilias iapal at intracom.gr
Thu Oct 27 13:09:51 CEST 2005


Hello evereybody,
I am trying to setup up openswan 2.4.2dr5 with the following setup

version 2.0

config setup
    interfaces="%defaultroute"
    klipsdebug=none
    plutodebug=none
    uniqueids=yes
    nat_traversal=yes
conn test2
    type=tunnel
    left=%defaultroute
    leftsubnet=x.x.x.x/24
    right=y.y.y.y
    rightsubnet=z.z.z.z/24
    authby=secret
    auth=esp
    esp=3des-md5-96
    keyexchange=ike
    pfs=yes
    auto=start


this is the "client" side, my problem concerns ipsec.secrtes file
: PSK "some key" works fine but,

changing the ipsec.secrets to:
%any y.y.y.y: PSK "some key"
does not. Is this ok ?
the debug shows :
Oct 20 16:44:34 pluto[21219]: loading secrets from "/etc/ipsec.secrets"
Oct 20 16:44:41 pluto[21219]: "test2" #1: initiating Main Mode
Oct 20 16:44:41 pluto[21219]: "test2" #1: received Vendor ID payload 
[draft-ietf-ipsec-nat-t-ike-03] method set to=108
Oct 20 16:44:41 pluto[21219]: "test2" #1: Can't authenticate: no 
preshared key found for `x.x.x.x` and `y.y.y.y'.  Attribute 
OAKLEY_AUTHENTICATION_METHOD


I' ve also tried left=%any instead of %defaultroute in ipsec.conf(which 
doesn't look very sane to me but i found a config looking like this 
somewehere) but then i get :
Oct 20 16:46:29 pluto[21952]: loading secrets from "/etc/ipsec.secrets"
Oct 20 16:46:34 pluto[21952]: "test2": We cannot identify ourselves with 
either end of this connection, although the key  is correct on both 
sides as i ve managed to make a connection with a different config 
mentioned above.

Thanks in advnance
Apalodimas Ilias







More information about the Users mailing list