[Openswan Users] Vpn Multiple Connections
Andy Van den Heede
andy.vandenheede at secuteam.com
Mon Oct 16 12:54:24 EDT 2006
Hello,
I changed this settings (auto=add and rekey=no), but the same result is
there. When one connection tries to build up the tunnel, openswan tries
to start another connection.
What else can be wrong in ipsec.conf?
Do i have to repeat all the settings for every connection?
Andy
-----Oorspronkelijk bericht-----
Van: Paul Wouters [mailto:paul at xelerance.com]
Verzonden: maandag 16 oktober 2006 18:19
Aan: Andy Van den Heede
CC: users at openswan.org
Onderwerp: Re: [Openswan Users] Vpn Multiple Connections
On Mon, 16 Oct 2006, Andy Van den Heede wrote:
> The problem I have posted previous week is not yet solved like I
> send.....
You config is still broken
> conn connection1
> left=62.166.214.114
> leftsubnet=192.168.123.0/255.255.255.0
> leftnexthop=62.166.214.113
> leftid=@connection1.openswan.local
> right=%any
> rightsubnet=10.4.0.0/255.255.255.0
> rightid=@openswan1.dyndns.org
> auto=start
> authby=secret
> type=tunnel
> keyexchange=ike
> auth=esp
> pfs=no
> ike=3des-md5-modp1024
> esp=3des-md5-96
> aggrmode=yes
> keylife=43200
> rekey=yes
You cannot use right=%any with auto=start
You cnanot use right=%any with rekey=yes
You need auto=add and rekey=no
> Oct 16 16:23:31 axsweb pluto[1883]: "connection1"[2] 81.245.236.196
#93:
> initial Aggressive Mode packet claiming to be from
@openswan1.dyndns.org
> on 81.245.236.196 but no connection has been authorized
Did the second conn load at all? try:
ipsec auto --add connname2
The error is about something that is not working in ipsec.conf, it has
nothing to do with ipsec.secrets. That problem might bite you later.
Paul
_______________________________________________________________________
Zin in een slipcursus?
Kijk snel op http://www.axsweb.be
_______________________________________________________________________
Zin in een slipcursus?
Kijk snel op http://www.axsweb.be
More information about the Users
mailing list