[Openswan Users] Vpn Multiple Connections
Paul Wouters
paul at xelerance.com
Mon Oct 16 12:18:44 EDT 2006
On Mon, 16 Oct 2006, Andy Van den Heede wrote:
> The problem I have posted previous week is not yet solved like I
> send.....
You config is still broken
> conn connection1
> left=62.166.214.114
> leftsubnet=192.168.123.0/255.255.255.0
> leftnexthop=62.166.214.113
> leftid=@connection1.openswan.local
> right=%any
> rightsubnet=10.4.0.0/255.255.255.0
> rightid=@openswan1.dyndns.org
> auto=start
> authby=secret
> type=tunnel
> keyexchange=ike
> auth=esp
> pfs=no
> ike=3des-md5-modp1024
> esp=3des-md5-96
> aggrmode=yes
> keylife=43200
> rekey=yes
You cannot use right=%any with auto=start
You cnanot use right=%any with rekey=yes
You need auto=add and rekey=no
> Oct 16 16:23:31 axsweb pluto[1883]: "connection1"[2] 81.245.236.196 #93:
> initial Aggressive Mode packet claiming to be from @openswan1.dyndns.org
> on 81.245.236.196 but no connection has been authorized
Did the second conn load at all? try:
ipsec auto --add connname2
The error is about something that is not working in ipsec.conf, it has
nothing to do with ipsec.secrets. That problem might bite you later.
Paul
More information about the Users
mailing list