[Openswan Users] Strange IPSEC issue

Jeremy Mann jmann at txhmg.com
Tue Sep 5 15:00:57 EDT 2006


I have a strange problem connecting a sonicwall to my openvpn server.  
If I specify subnets directly it works, however if I set the sonicwall 
send all traffic through the tunnel(0.0.0.0/0) to openswan, I get the 
following error over and over and over and over again.

Sep  5 18:56:02 openswan pluto[5526]: "lohc-all-ATT" #387: 
STATE_MAIN_R3: sent MR3, ISAKMP SA established 
{auth=OAKLEY_PRESHARED_KEY cipher=oakley_3des_cbc_192 prf=oakley_sha 
group=modp1024}
Sep  5 18:56:02 openswan pluto[5526]: "lohc-all-ATT" #387: cannot 
respond to IPsec SA request because no connection is known for 
0.0.0.0/0===openswan-box...remote-site

Normally I'd see the remote-site's subnet in the error(192.168.8.0) but 
this looks like it's not sending any subnet to tunnel, which is really 
strange

Below is my openswan configuration, let me know if I'm going about this 
wrong(I'm trying to do a hub-spoke configuration.

conn lohc-all-ATT
        leftsubnet=0.0.0.0/0
        authby=secret
        auto=add
        left=openswan-box
        leftnexthop=openswan-gateway
        pfs=no
        right=remote-site
        rightsubnet=192.168.8.0/24


-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.openswan.org/pipermail/users/attachments/20060905/96a84819/attachment.html 
-------------- next part --------------
A non-text attachment was scrubbed...
Name: jmann.vcf
Type: text/x-vcard
Size: 352 bytes
Desc: jmann.vcf
Url : http://lists.openswan.org/pipermail/users/attachments/20060905/96a84819/attachment.vcf 


More information about the Users mailing list