[Openswan Users] Problem with roadwarrior
Paul Wouters
paul at xelerance.com
Wed Aug 23 10:52:41 EDT 2006
On Wed, 23 Aug 2006, Raphael Clerc - Clerc-info.com wrote:
> I a modified the phase 2 with the Configuration Ipsec Thegreenbow :
>
> Address type : Subnet address
> remote lan address : 192.168.0.0
> subnet mask : 255.255.255.0
>
> The tunnel don't work
>
> Log from auth.log in linux :
>
> state object #1 found, in STATE_MAIN_R3
> Aug 23 16:38:00 debian pluto[29549]: | peer client is 192.168.10.9
> Aug 23 16:38:00 debian pluto[29549]: | peer client protocol/port is 0/0
> Aug 23 16:38:00 debian pluto[29549]: | our client is subnet 192.168.0.0/24
> Aug 23 16:38:00 debian pluto[29549]: | our client protocol/port is 0/0
> Aug 23 16:38:00 debian pluto[29549]: "roadwarrior"[1] 82.XXX.XX.XXX:4500 #1:
> cannot respond to IPsec SA request because no connection is known for
> 192.168.0.0/24===192.168.1.1:4500...82.XXX.XX.XXX:4500[C=FR, ST=, L=xxxxx,
> O=service informatique, CN=raphael,
> E=raphael at clerc-info.com]===192.168.10.9/32
> Aug 23 16:38:00 debian pluto[29549]: "roadwarrior"[1] 82.XXX.XX.XXX:4500 #1:
> sending encrypted notification INVALID_ID_INFORMATION to 82.XXX.XX.XX:4500
> Aug 23 16:38:00 debian pluto[29549]: | state transition function for
> STATE_QUICK_R0 failed: INVALID_ID_INFORMATION
> Aug 23 16:38:00 debian pluto[29549]: | next event EVENT_NAT_T_KEEPALIVE in 12
> seconds
Seems you are missing the roadwarrior-net connection?
and please disable plutodebug=, it is NOT needed for debugging configuration issues.
Paul
More information about the Users
mailing list