[Openswan Users] stuck at STATE_QUICK_I1
Pierre de France
pierre.defrance at lattitudeweb.com
Tue Sep 13 17:42:25 CEST 2005
Thanks for taking time to answer.
I tried to add leftnexthop and rightnexthop but unfortunately nothing
changed. I still get the same error.
I thought the " up-host command exited with status 139" message was due
to a too restrictive firewall that doesn't accept ping.
Here is the config :
I need the webserver to access the local servers 192.168.2.5.
WebServer ----> Firewall/VPN server ----> local network
213.186.45.199 62.23.240.32 192.168.2.0/24
Here is my config file on the webserver
version 2.0
config setup
interfaces="ipsec0=eth0"
klipsdebug=none
plutodebug=all
uniqueids=yes
nat_traversal=yes
keep_alive=20
conn synagir1
type=tunnel
keyexchange=ike
pfs=yes
keylife=28800s
rekeymargin=540s
rekeyfuzz=100%
ikelifetime=3600s
x-ak_descr="tunnel fixe"
ike=3des-md5-modp1536,3des-md5-modp1024!
esp=3des-md5!
authby=secret
#Side left [Reseau_interne_PARIS] is ARKOON/NETWORK
#Interface is eth1
left=213.186.45.199
#leftnexthop=213.186.45.253
#Side right [Srv_synagir] is HOST
right=62.23.236.115
#rightnexthop=62.23.240.32
rightsubnet=192.168.2.0/24
keyingtries=1
auto=add
conn synagir
left=213.186.45.199
right=62.23.236.115
rightsubnet=192.168.2.0/24
auto=add
authby=secret
Any other ideas ?
Pierre.
> -----Message d'origine-----
> De : Paul Wouters [mailto:paul at xelerance.com]
> Envoyé : mardi 13 septembre 2005 16:24
> À : Pierre de France
> Cc : users at openswan.org
> Objet : Re: [Openswan Users] stuck at STATE_QUICK_I1
>
> On Tue, 13 Sep 2005, Pierre de France wrote:
>
> > 117 "synagir1" #2: STATE_QUICK_I1: initiate
> > 003 "synagir1" #2: up-host command exited with status 139
> > 032 "synagir1" #2: STATE_QUICK_I1: internal error
>
> Try adding a leftnexthop= or rightnexthop= and see if that helps?
>
> Paul
More information about the Users
mailing list