[Openswan Users] decyphering "cannot respond to IPsec SA request"
Jacco de Leeuw
jacco2 at dds.nl
Wed Feb 15 22:42:26 CET 2006
Christian Brechbühler wrote:
> plutodebug=all seems to [...]
> function quick_inI1_outR1_authtail (in ikev1_quick.c) if
> find_client_connection returns null. That function (in connections.c)
> Is there a way to turn on more debug output?
Don't use plutodebug=all. You shouldn't have to look in the source
code. It's likely to be a configuration error, not a bug.
> no connection is known for 66.92.59.63[C=US, ST=Massachusetts, L=Boston,
> O=EventMonitor, Inc., CN=lea-vpn, E=brechbuehler at gmail.com]:17/1701...
> 42.61.74.263[@IBM-A242175E87C]:17/1701
>
> authby=secret
Are you sure you are using a PSK? Because this error message seems to
indicate otherwise. And is there NAT involved somewhere?
> Is there a way to turn on more debug output? Or to determine WHY
> pluto thinks that no connection exists?
You should post your ipsec.conf.
Jacco
--
Jacco de Leeuw mailto:jacco2 at dds.nl
Zaandam, The Netherlands http://www.jacco2.dds.nl
More information about the Users
mailing list