[Openswan Users] Please help me to identify problem...
utkarsh shah
utkarsh at elitecore.com
Tue Feb 7 10:30:59 CET 2006
Hi,
want ur help to identify a problem and some hint towards solution ??
i want to establish a roadwarrior connection using presharedkey in aggressive mode. use openswan 2.4.2 and greenbow 2.51 as client
network diagram
LAN----------------[ VPN Server ]----------------------[ Router ]-----------------------[ Roadwarrior ]
configuration is :
ipsec.conf
version 2
config setup
interfaces="ipsec0=eth1 "
klipsdebug=none
plutodebug="none"
uniqueids=yes
nat_traversal=yes
crlcheckinterval=3600
conn %default
leftupdown=/usr/lib/ipsec/_updown
rightupdown=/usr/lib/ipsec/_updown
conn test_conn
type=tunnel
left=142.7.7.1
leftsubnet=160.7.7.0/24
leftnexthop=142.7.7.254
right=%any
authby=secret
auto=add
keylife=3600
rekey=no
rekeymargin=120
rekeyfuzz=0%
keyingtries=3
compress=no
failureshunt=drop
dpddelay=30
dpdtimeout=120
dpdaction=clear
ikelifetime=3600
pfs=no
aggrmode=yes
ike="3DES-MD5-modp1536,3DES-SHA1-modp1536,AES128-SHA1-modp1536"
esp="3DES-MD5,3DES-SHA1,AES128-SHA1"
ipsec.secrets
142.7.7.1 %any : PSK "presharedkey"
/var/log/secure
Feb 07 10:37:28 1139288848 pluto[21650]: packet from 151.7.7.131:500: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-00]
Feb 07 10:37:28 1139288848 pluto[21650]: packet from 151.7.7.131:500: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02_n] method set to=106
Feb 07 10:37:28 1139288848 pluto[21650]: packet from 151.7.7.131:500: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-03] method set to=108
Feb 07 10:37:28 1139288848 pluto[21650]: "test_conn"[1] 151.7.7.131 #1: Aggressive mode peer ID is ID_IPV4_ADDR: '0.0.0.0'
Feb 07 10:37:28 1139288848 pluto[21650]: "test_conn"[2] 151.7.7.131 #1: deleting connection "test_conn" instance with peer 151.7.7.131 {isakmp=#0/ipsec=#0}
Feb 07 10:37:28 1139288848 pluto[21650]: "test_conn"[2] 151.7.7.131 #1: responding to Aggressive Mode, state #1, connection "test_conn" from 151.7.7.131
Feb 07 10:37:28 1139288848 pluto[21650]: "test_conn"[2] 151.7.7.131 #1: transition from state STATE_AGGR_R0 to state STATE_AGGR_R1
Feb 07 10:37:28 1139288848 pluto[21650]: "test_conn"[2] 151.7.7.131 #1: STATE_AGGR_R1: sent AR1, expecting AI2
Feb 07 10:37:28 1139288848 pluto[21650]: packet from 151.7.7.131:500: ignoring informational payload, type UNEQUAL_PAYLOAD_LENGTHS
Feb 07 10:37:28 1139288848 pluto[21650]: packet from 151.7.7.131:500: received and ignored informational message
Feb 07 10:37:28 1139288848 pluto[21650]: packet from 151.7.7.131:500: received and ignored informational message
Feb 07 10:37:38 1139288858 pluto[21650]: packet from 151.7.7.131:500: ignoring informational payload, type INVALID_COOKIE
Feb 07 10:37:38 1139288858 pluto[21650]: packet from 151.7.7.131:500: received and ignored informational message
Feb 07 10:37:58 1139288878 pluto[21650]: packet from 151.7.7.131:500: ignoring informational payload, type INVALID_COOKIE
Feb 07 10:37:58 1139288878 pluto[21650]: packet from 151.7.7.131:500: received and ignored informational message
Thanks..
Regards,
Utkarsh Shah
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.openswan.org/pipermail/users/attachments/20060207/a0d0a3b9/attachment-0001.htm
More information about the Users
mailing list