[Openswan Users] safenet + openswan
Luca Andreoli
l.andreoli at kelyansmc.it
Wed Sep 13 12:46:36 EDT 2006
Paul Wouters wrote:
> On Wed, 13 Sep 2006, Luca Andreoli wrote:
>
>
>> Subject: [Openswan Users] safenet + openswan
>>
>> i try to do a vpn connection in T-NAT
>>
>> but the /var/log/secure
>>
>
>
>> Sep 13 17:20:45 mantofw pluto[12859]: "vpn-laptop"[3] 83.103.71.142 #3:
>> NAT-Traversal: Result using draft-ietf-ipsec-nat-t-ike-02/03: peer is NATed
>> Sep 13 17:20:45 mantofw pluto[12859]: "vpn-laptop"[3] 83.103.71.142 #3:
>> transition from state STATE_MAIN_R1 to state STATE_MAIN_R2
>> Sep 13 17:21:55 mantofw pluto[12859]: "vpn-laptop"[3] 83.103.71.142 #3:
>> max number of retransmissions (2) reached STATE_MAIN_R2
>>
>
> The other end is silently dropping your connection, so this is probably
> some misconfiguration of the two ends.
>
>
>> plutoload=%search
>> plutostart=%search
>>
>
> And this shows you are suing openswan-1, which has reached EOL 9 months ago.
> Upgrade to openswan-2.
>
>
>> nat_traversal=yes
>> # RFC1918 networks
>> #virtual_private=%v4:10.0.0.0/8,%v4:172.16.0.0/12,%v4:192.168.0.0/16
>>
>> virtual_private=%v4:10.0.0.0/8,%v4:172.16.0.0/12,%v4:192.168.0.0/16,!%v4:192.4.0.0/24
>>
>
> That last bit should be %v4:!192.4.0.0/24
>
> Paul
>
Paul is correct... the subnet is /24 , is a mistake error of the
customer... but i can't upgarde to openswan because the redhat is 8
luca
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.openswan.org/pipermail/users/attachments/20060913/11a3a89f/attachment.html
More information about the Users
mailing list