[Openswan Users] Problems with VPN

Jorge Davila davila at nicaraguaopensource.com
Tue Mar 28 22:25:10 CEST 2006 

Seeing your previoous post I can see that the phase II is not completed.

I think that Paul is addressing the problem. 

Best regards,

Jorge Dávila.

El mar, 28-03-2006 a las 15:33 -0600, Vida Luz Arista escribió:
> Hi All,
>  
> I have installed tpm openswan for Fedora Version 4, I need to
> establish a vpn with a cisco 800, the problem es that the VPN can't be
> established, the message error in my linux is:
> ipsec__plutorun: ...could not start conn "tunnelipsec"
>  
> My configuration is:
>  
> ipsec.conf
> =========
>  
> # /etc/ipsec.conf - Openswan IPsec configuration file
>         #ike=            "3des-md5-modp768"
> 
> version 2.0 
> 
> config setup
>         interfaces="ipsec0=eth0"
>         klipsdebug=none
>         plutodebug=none
>         forwardcontrol=yes
> 
> conn tunnelipsec
>         type=tunnel
>         left=MailScanner has detected a possible fraud attempt from
> "165.98.224.82" claiming to beMailScanner has detected a possible
> fraud attempt from "165.98.224.82" claiming to be MailScanner warning:
> numerical links are often malicious: 165.98.224.82
>         leftsubnet=MailScanner has detected a possible fraud attempt
> from "172.16.1.0" claiming to beMailScanner has detected a possible
> fraud attempt from "172.16.1.0" claiming to be MailScanner warning:
> numerical links are often malicious: 172.16.1.0/24
>         right=MailScanner has detected a possible fraud attempt from
> "165.98.236.214" claiming to beMailScanner has detected a possible
> fraud attempt from "165.98.236.214" claiming to be MailScanner
> warning: numerical links are often malicious: 165.98.236.214
>         rightsubnet=MailScanner has detected a possible fraud attempt
> from "172.16.26.0" claiming to beMailScanner has detected a possible
> fraud attempt from "172.16.26.0" claiming to be MailScanner warning:
> numerical links are often malicious: 172.16.26.0/24
>         esp=3des-md5-96
>         keyexchange=ike
>         pfs=no
>         authby=secret
>         ikelifetime=7800
>         compress=no
>         auto=start
> 
> include /etc/ipsec.d/no_oe.conf
> 
> 
> ipsec.secrets
> 
> =========
> 
> MailScanner has detected a possible fraud attempt from "165.98.224.82"
> claiming to beMailScanner has detected a possible fraud attempt from
> "165.98.224.82" claiming to be MailScanner warning: numerical links
> are often malicious: 165.98.224.82 MailScanner has detected a possible
> fraud attempt from "165.98.236.214" claiming to beMailScanner has
> detected a possible fraud attempt from "165.98.236.214" claiming to be
> MailScanner warning: numerical links are often malicious:
> 165.98.236.214: PSK "vp17226"
> 
>  
> 
> Configuration for the router is:
> 
>  
> 
> crypto isakmp policy 10
>  encr 3des
>  hash md5
>  authentication pre-share
> crypto isakmp key vp17226 address MailScanner has detected a possible
> fraud attempt from "165.98.224.82" claiming to beMailScanner has
> detected a possible fraud attempt from "165.98.224.82" claiming to be
> MailScanner warning: numerical links are often malicious:
> 165.98.224.82
> !
> !
> crypto ipsec transform-set DICE esp-3des esp-sha-hmac 
> !
> crypto map DICE 10 ipsec-isakmp 
>  set peer MailScanner has detected a possible fraud attempt from
> "165.98.224.82" claiming to beMailScanner has detected a possible
> fraud attempt from "165.98.224.82" claiming to be MailScanner warning:
> numerical links are often malicious: 165.98.224.82
>  set transform-set DICE 
>  match address 100
> 
> 
> interface Ethernet1
>  description PRIVADA
>  ip address MailScanner has detected a possible fraud attempt from
> "165.98.236.214" claiming to beMailScanner has detected a possible
> fraud attempt from "165.98.236.214" claiming to be MailScanner
> warning: numerical links are often malicious: 165.98.236.214
> MailScanner has detected a possible fraud attempt from
> "255.255.255.252" claiming to beMailScanner has detected a possible
> fraud attempt from "255.255.255.252" claiming to be MailScanner
> warning: numerical links are often malicious: 255.255.255.252
>  duplex auto
>  crypto map DICE
> 
> 
>  
> 
> Somebody can help me? I need suggestions.
> 
>  
> 
> Thanks in Advanced.
> 
> Regards.
> 
>  
> 
>  
> 
> 
>  
> _______________________________________________
> Users at openswan.org
> http://lists.openswan.org/mailman/listinfo/users
> Building and Integrating Virtual Private Networks with Openswan: 
> http://www.amazon.com/gp/product/1904811256/104-3099591-2946327?n=283155
-- 
Jorge Isaac Davila Lopez
Nicaragua Open Source
+505 808 2478
davila at nicaraguaopensource.com

More information about the Users mailing list