[Openswan Users]
Paul Wouters
paul at xelerance.com
Thu Jul 27 00:02:49 CEST 2006
On Wed, 26 Jul 2006, Tim P wrote:
> My CA cert and crl are in place as is the cert for the remote host and my
> client host. This error is on the client host. I am able to connect with
Perhaps the windows OAKLEY.LOG provides more information?
> 108 "roadwarrior" #1: STATE_MAIN_I3: sent MI3, expecting MR3
> 003 "roadwarrior" #1: ignoring informational payload, type
> INVALID_KEY_INFORMATION
> config setup
> interfaces=%defaultroute
> nat_traversal=yes
> klipsdebug=all
> plutodebug=all
remove those debug lines please.
> conn %default
> keyingtries=1
> compress=yes
> authby=rsasig
> leftrsasigkey=%cert
> rightrsasigkey=%cert
>
> conn roadwarrior-net
> left=subnet=192.168.8.0/255.255.255.0
> also=roadwarrior
>
> conn roadwarrior
> left=remotehost.dyndns.org
> leftcert=remotehost.pem
> right=%defaultroute
> rightcert=clienthost.pem
> auto=add
> pfs=yes
What are you trying to setup? It seems this is a configuration for
a regular IPsec tunnel, not for L2TP as you said you were trying to
use?
If you are trying to use l2tp, see the examples in /etc/ipsec.d/examples/
Paul
More information about the Users
mailing list