[Openswan Users] Creating Win XP vpn connection

Paul Wouters paul at xelerance.com
Wed Apr 26 20:43:26 CEST 2006

On Wed, 26 Apr 2006, peters at exemplar-associates.com wrote:

> I am working on two issues with establishing the ipsec connection
> 1. =22no suitable connection for peer=22 error.
> 2. the ipsec.secrets file is not working.

1 might be caused by 2.

> Xray:=7E=24 sudo ipsec secrets
> Enter secret:
> 040 need passphrase for '/etc/ipsec.d/private/xray.exemplarassociates.key'
> 004 valid passphrase, private key loaded successfully

So that reads in the key, but did the corresponding public key and certificate

> ipsec auto --listall
> only shows the CA and 2 revoked certificates which is odd.

That still makes sense if your gateway's configured public cert has expired
or was revoked in a CRL you load. Do you have a leftcert= that loads the
gateway's certificate that corresponds to the private key you are loading?

> Checking for RSA private key (/etc/ipsec.secrets)               =5BFAILED=5D
> ipsec showhostkey: no default key in =22/etc/ipsec.secrets=22

That's fine, since you use X.509, not raw RSA.

Building and integrating Virtual Private Networks with Openswan:

More information about the Users mailing list