[Openswan Users] no connection has been authorized

Paul Wouters paul at xelerance.com
Mon Jan 16 19:18:01 CET 2006

On Mon, 16 Jan 2006, Martin Bene wrote:

> An ipsec connection that used to work stopped doing so over the weekend
> - remote side denies any changes, I don't believe it.
> Previously, remote IP was, now I see packets coming in
> from while no data at all arrives from
> I've changed right to and added that address to
> ipsec.secrets.

I would confront them with this information and ask what they have changed.

> packet from initial Main Mode message
> 	received on but no connection
> 	has been authorized

the high port might mean the gateway has moved behind NAT and a port forward.

> Currently, I presume that the problem could be caused by the strange
> source port; I tried adding "nat_traversal=yes" to my configuration,
> didn't help though.

They would need to do the same on their end.

> Is the remote side just broken or is there something I could change (or
> have overlooked?) in my configuration to make this work again?

What do you see if you tear down the entire connection and start from


More information about the Users mailing list