[Openswan Users] Re: GNATBox 750 - OpenSWAN connection problems
Andrew Baumhauer
abaumhau at neo.rr.com
Wed Feb 15 11:32:17 CET 2006
Paul,
I've re-verified that UDP port 500 (or any ports or protocols related to
IPSEC) are open. I have TCPDUMP output and logs from both ends that
indicate that everything is ok as far as filtering. I've also verified
that the GNATBox is running in Main mode versus Aggressive. The problem
still persists. Any other ideas?
Andy
Paul Wouters wrote:
> On Thu, 9 Feb 2006, Andrew Baumhauer wrote:
>
>
>> The attached log file shows a connection to offsite-RR (11.22.33.44) that is
>> filled with "offsite-RR" #1010: max number of retransmissions (20) reached
>> STATE_MAIN_I1. No response (or no acceptable response) to our first IKE
>> message" and EVENT_RETRANSMIT messages. Can anyone explain what is happening
>> here? Is this a cause for concern?
>>
>
> That usualy implies a firewall or filter on port udp 500. In some cases the
> responder throw away the firs tpacket without telling you, but that's rare
> and usually limited to Aggressive Mode.
>
> Paul
>
>
More information about the Users
mailing list