[Openswan Users] stuck at Negotiating IP Security.

darkrealm darkrealm.drjj at gmail.com
Fri Sep 16 00:35:46 CEST 2005


I have openswan installed on a linux box and a IPsec tool for windows
XP (forgot its name) now running, but for some reason i cannot seem to
get passed 'Negotiating IP Security.' when pinging the server

this is my IPsec.conf on my linux server:

version 2.0

config setup
	interfaces=%defaultroute
	nat_traversal=yes
	virtual_private=%v4:10.0.0.0/8,%v4:172.16.0.0/12,%v4:192.168.0.0/16%v4:192.168.2.0/16

conn %default
	keyingtries=1
	compress=yes
	disablearrivalcheck=no
	authby=rsasig
	leftrsasigkey=darkrealm.key
	rightrsasigkey=darkrealm.key

conn roadwarrior-net
	leftsubnet=255.255.255.0
	also=roadwarrior

conn roadwarrior-l2tp
	pfs=no
	leftprotoport=17/0
	rightprotoport=17/1701
	also=roadwarrior

conn roadwarrior-all
	leftsubnet=0.0.0.0/0
	also=roadwarrior

conn roadwarrior-l2tp-updatedwin
	pfs=no
	leftprotoport=17/1701
	rightprotoport=17/1701
	also=roadwarrior

conn roadwarrior
	left=%defaultroute
	leftcert=darkrealm.pem
	right=%any
	rightsubnet=vhost:%no,%priv
	auto=add
	pfs=yes

conn block
	auto=ignore

conn private
	auto=ignore

conn private-or-clear
	auto=ignore

conn clear-or-private
	auto=ignore

conn clear
	auto=ignore

conn packetdefault
	auto=ignore

include /etc/ipsec.d/examples/no_oe.conf

the ipsec.secret:

: RSA darkrealm.key "password"



and my ipsec.conf on my windows XP box:

conn roadwarrior
	left=%any
	right=192.168.2.101
	rightca="C=NL, S=NH, L=AP, O=My Company Ltd, CN=darkrealm, E=info at darkrealm.nl
	network=auto
	auto=start
	pfs=yes

conn roadwarrior-net
	left=%any
	right=192.168.2.101
	rightsubnet=255.255.255.0
	rightca="C=NL, S=NH, L=AP, O=My Company Ltd, CN=darkrealm, E=info at darkrealm.nl
	network=auto
	auto=start
	pfs=yes


does anybody know what the problem could be? thanks

-- 
Check my website :-) www.darkrealm.nl


More information about the Users mailing list