[Openswan Users] Guidance requested for PSK connection ; getting error 789
John Joseph
jjk_saji at yahoo.com
Sat Nov 11 05:54:42 EST 2006
--- Jacco de Leeuw <jacco2 at dds.nl> wrote:
> John Joseph wrote:
>
> > I am using PSK keys to authenticate , I am facing
> > some problems in getting the connection
> established ,
> > I feel I had got wrong on "right" "left"
> parameter.
>
> Your lefts/rights are alright.
>
> > virtual_private=%v4:10.0.0.0/8,%v4:172.16.0.0/12
>
> 192.168.x.x subnets are quite common too. You might
> want to add them.
>
> > conn %default
> > type=tunnel
> >
> > conn l2tp-psk
>
> I believe that starting from Openswan 2.4.5 you need
> type=transport in conn l2tp-psk.
>
Thanks Jacco
Now VPN is working
I did the follwing
1> I had to change ipsec.secrets for PSK
PublicIP %any : PSK "pkskey"
to my surprise previous entry in ipsec.secret
as
:PSK "pskkey" was not working , I have to give the
IP address and %any
2> I also had to specify
leftnexthop
3> I tried with
type=transport , but it was giving error, I kept it
as type = tunnel
thanks a Lot
Joseph John
> > Nov 8 16:08:16 ispc1 pluto[14846]: packet from
> > 86.98.xx.xx:500: initial Main Mode message
> received on
> > 20X.XXX.XX.X:500 but no connection has been
> authorized
>
> Most of the times this is just a slight mistake in
> the
> configuration somewhere.
>
> Can you check /var/log/messages and see if your
> l2tp-psk
> connection was actually loaded without errors? For
> instance,
> does your ipsec.secrets contain a PSK?
>
> Jacco
> --
> Jacco de Leeuw
> mailto:jacco2 at dds.nl
> Zaandam, The Netherlands
> http://www.jacco2.dds.nl
>
___________________________________________________________
The all-new Yahoo! Mail goes wherever you go - free your email address from your Internet provider. http://uk.docs.yahoo.com/nowyoucan.html
More information about the Users
mailing list