[Openswan Users] Can't connect the subnet

Sean Tan wltan at eb.net.my
Tue Jun 6 19:48:55 CEST 2006


I have setup the openswan at both end where the structure : 

172.16.x.x -----10.1.1.1========10.1.1.2------192.168.x.x

i have the following secure messages : 

Jun  6 18:41:38 oswan-server pluto[843]: "net-net" #1: initiating Main
Mode
Jun  6 18:41:38 oswan-server pluto[843]: "net-net" #1: received Vendor
ID payload [Openswan (this version) 2.4.4  X.509-1.5.4
PLUTO_SENDS_VENDORID PLUTO_USES_KEYRR]
Jun  6 18:41:38 oswan-server pluto[843]: "net-net" #1: received Vendor
ID payload [Dead Peer Detection]
Jun  6 18:41:38 oswan-server pluto[843]: "net-net" #1: transition from
state STATE_MAIN_I1 to state STATE_MAIN_I2
Jun  6 18:41:38 oswan-server pluto[843]: "net-net" #1: STATE_MAIN_I2:
sent MI2, expecting MR2
Jun  6 18:41:38 oswan-server pluto[843]: "net-net" #1: I did not send a
certificate because I do not have one.
Jun  6 18:41:38 oswan-server pluto[843]: "net-net" #1: transition from
state STATE_MAIN_I2 to state STATE_MAIN_I3
Jun  6 18:41:38 oswan-server pluto[843]: "net-net" #1: STATE_MAIN_I3:
sent MI3, expecting MR3
Jun  6 18:41:38 oswan-server pluto[843]: "net-net" #1: Main mode peer ID
is ID_IPV4_ADDR: 'xx.xx.xx.xx'
Jun  6 18:41:38 oswan-server pluto[843]: "net-net" #1: transition from
state STATE_MAIN_I3 to state STATE_MAIN_I4
Jun  6 18:41:38 oswan-server pluto[843]: "net-net" #1: STATE_MAIN_I4:
ISAKMP SA established {auth=OAKLEY_RSA_SIG cipher=oakley_3des_cbc_192
prf=oakley_md5 group=modp1536}
Jun  6 18:41:38 oswan-server pluto[843]: "net-net" #2: initiating Quick
Mode RSASIG+ENCRYPT+TUNNEL+PFS+UP {using isakmp#1}
Jun  6 18:41:38 oswan-server pluto[843]: "net-net" #2: transition from
state STATE_QUICK_I1 to state STATE_QUICK_I2
Jun  6 18:41:38 oswan-server pluto[843]: "net-net" #2: STATE_QUICK_I2:
sent QI2, IPsec SA established {ESP=>0xeaac6cd0 <0xf880d5d4
xfrm=AES_0-HMAC_SHA1 NATD=none DPD=none}


What i can found the problem is :  I did not send a certificate because
I do not have one. I try to use manual keying. Please help. Thanks.


Best Regards
Sean




More information about the Users mailing list