[Openswan Users] Strange IPSEC issue
Paul Wouters
paul at xelerance.com
Tue Sep 5 15:24:48 EDT 2006
On Tue, 5 Sep 2006, Jeremy Mann wrote:
> I have a strange problem connecting a sonicwall to my openvpn server.
> If I specify subnets directly it works, however if I set the sonicwall
> send all traffic through the tunnel(0.0.0.0/0) to openswan, I get the
> following error over and over and over and over again.
>
> Sep 5 18:56:02 openswan pluto[5526]: "lohc-all-ATT" #387:
> STATE_MAIN_R3: sent MR3, ISAKMP SA established
> {auth=OAKLEY_PRESHARED_KEY cipher=oakley_3des_cbc_192 prf=oakley_sha
> group=modp1024}
> Sep 5 18:56:02 openswan pluto[5526]: "lohc-all-ATT" #387: cannot
> respond to IPsec SA request because no connection is known for
> 0.0.0.0/0===openswan-box...remote-site
You should avoid editing log messages to hide IP information. If it really
said the above, it looks like it is missing the 192.168.8.0/24 in its
proposal to openswan. eg you have configured openswan for 0.0.0.0/0 - 192.168.8.0/24
but the sonicwall is asking for 0.0.0.0/0 - ItsIPonly
Paul
--
Building and integrating Virtual Private Networks with Openswan:
http://www.amazon.com/gp/product/1904811256/104-3099591-2946327?n=283155
More information about the Users
mailing list