[Openswan Users] Ipsec Road Warrrior Problem
Paul Wouters
paul at xelerance.com
Thu Oct 12 13:20:26 EDT 2006
On Thu, 12 Oct 2006, Andy Van den Heede wrote:
> I have a problem with the following setup (openswan - multiple
> roadwarrior connections):
> Oct 12 17:10:15 axsweb pluto[1411]: "roadwarrior1"[1] 81.244.100.236
> #740: Can't authenticate: no preshared key found for
> `@roadwarrior1.openswan.local' and `%any'. Attribute
> OAKLEY_AUTHENTICATION_METHOD
Does "ipsec secrets" give an error?
> My ipsec.secrets file looks like this:
>
> @roadwarrior1.openswan.local %any : PSK "PreSharedKey"
>
> I tried already adding the following lines below:
>
> @roadwarrior1.openswan.local 0.0.0.0 : PSK "PreSharedKey"
Can you try:
@roadwarrior1.openswan.local : PSK "PreSharedKey"
or
: PSK "PreSharedKey"
or
0.0.0.0 : PSK "PreSharedKey"
or
%any : PSK "PreSharedKey"
There are some known issues with the ipsec.secrets parsing for roadwarriors,
> conn roadwarrior1
> left="62.166.214.114"
> leftsubnet="192.168.123.0/255.255.255.0"
> leftnexthop="62.166.214.113"
> leftid="@roadwarrior1.openswan.local"
> right="%any"
> rightsubnet="10.2.0.0/255.255.255.0"
> auto="start"
> authby="secret"
> type="tunnel"
> keyexchange="ike"
> auth="esp"
> pfs="no"
> ike="3des-md5-modp1024"
> esp="3des-md5-96"
> keylife="43200"
> rekey="yes"
Looks okay. Except I never use double quotes anywhere.
Paul
--
Building and integrating Virtual Private Networks with Openswan:
http://www.amazon.com/gp/product/1904811256/104-3099591-2946327?n=283155
More information about the Users
mailing list