[Openswan Users] Strange IPSEC issue
Jeremy Mann
jmann at txhmg.com
Tue Sep 5 15:00:57 EDT 2006
I have a strange problem connecting a sonicwall to my openvpn server.
If I specify subnets directly it works, however if I set the sonicwall
send all traffic through the tunnel(0.0.0.0/0) to openswan, I get the
following error over and over and over and over again.
Sep 5 18:56:02 openswan pluto[5526]: "lohc-all-ATT" #387:
STATE_MAIN_R3: sent MR3, ISAKMP SA established
{auth=OAKLEY_PRESHARED_KEY cipher=oakley_3des_cbc_192 prf=oakley_sha
group=modp1024}
Sep 5 18:56:02 openswan pluto[5526]: "lohc-all-ATT" #387: cannot
respond to IPsec SA request because no connection is known for
0.0.0.0/0===openswan-box...remote-site
Normally I'd see the remote-site's subnet in the error(192.168.8.0) but
this looks like it's not sending any subnet to tunnel, which is really
strange
Below is my openswan configuration, let me know if I'm going about this
wrong(I'm trying to do a hub-spoke configuration.
conn lohc-all-ATT
leftsubnet=0.0.0.0/0
authby=secret
auto=add
left=openswan-box
leftnexthop=openswan-gateway
pfs=no
right=remote-site
rightsubnet=192.168.8.0/24
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.openswan.org/pipermail/users/attachments/20060905/96a84819/attachment.html
-------------- next part --------------
A non-text attachment was scrubbed...
Name: jmann.vcf
Type: text/x-vcard
Size: 352 bytes
Desc: jmann.vcf
Url : http://lists.openswan.org/pipermail/users/attachments/20060905/96a84819/attachment.vcf
More information about the Users
mailing list