[Openswan Users] road warrior question
Andreas Lüdtke
andi.luedtke at gmx.de
Wed Jan 18 10:13:08 CET 2006
I'm struggling with a PSK road warrior connection (I know it's not the best solution, but
I only need one. Later I will try to switch to certificates). Here's the ipsec.conf:
version 2.0
config setup
uniqueids=yes
conn %default
keyingtries=0
disablearrivalcheck=no
conn ROADWARRIOR
left=domain.dyndns.org
leftsubnet=10.7.7.0/255.255.255.0
leftnexthop=%defaultroute
right=%any
ike=aes128-md5-modp1024
esp=aes128-md5
authby=secret
auto=add
aggrmode=yes
pfs=yes
ikelifetime=2h
keylife=1h
dpddelay=30
dpdtimeout=120
dpdaction=clear
In ipsec.secrets I have:
domain.dyndns.org 0.0.0.0 : PSK "mysecret"
When I try to connect from the road warrior I get the error messages:
kern.warn pluto[18429]: "ROADWARRIOR"[1] 12.34.56.78 #4: Aggressive mode peer ID is
ID_KEY_ID: '@#0x50544e42414c'
kern.warn pluto[18429]: "ROADWARRIOR"[1] 12.34.56.78 #4: no suitable connection for peer
'@#0x50544e42414c'
kern.warn pluto[18429]: "ROADWARRIOR"[1] 12.34.56.78 #4: initial Aggressive Mode packet
claiming to be from 12.34.56.78 on 12.34.56.78 but no connection has been authorized
How do I authorize this connection?
Andreas
More information about the Users
mailing list