[Openswan Users]

Jacco de Leeuw jacco2 at dds.nl
Sun Mar 19 21:54:05 CET 2006


Gilion Goudsmit wrote:

> I'm trying to connect my OS/X Tiger client (IPSEC/L2TP) to an OpenSwan 
> server running on my Linux box. The server is running OpenSwan 2.4.5rc4, 
> on internal address 192.168.0.4. By NAT'ing router forwards UDP 450 and 
> 4500 to the Linux server. The OS/X client has as internal address in the 
> 192.168.1.0 network. I'm trying to connect using PSK (to begin with at 
> least)...

I'm not sure if PSKs work with NAT-T.

> virtual_private=%v4:10.0.0.0/8,%v4:192.168.0.0/16,%4:172.16.0.0/12,!%v4:192.168.0.0/24

There are some typos in this line. It should be:
virtual_private=%v4:10.0.0.0/8,%v4:192.168.0.0/16,%v4:172.16.0.0/12,%v4:!192.168.0.0/24

> conn L2TP-PSK
>                 leftnexthop=

This line is incomplete.

> ===== ipsec.secrets
> 192.168.0.4 %any: PSK "mysecret"

Also try 192.168.0.4 : PSK "mysecret"

> I think my problem is with the line that says:
> cannot respond to IPsec SA request because no connection is known for 
> 62.194.118.198/32===192.168.0.4:17/1701...84.18.8.145[192.168.1.13]:17/%any===192.168.1.13/32

You should have seen other errors in your logs because of the
issues mentioned above.

Jacco
-- 
Jacco de Leeuw                         mailto:jacco2 at dds.nl
Zaandam, The Netherlands           http://www.jacco2.dds.nl


More information about the Users mailing list