[Openswan Users] Linux IPsec client
Xunhua Wang
wangxx at jmu.edu
Sun Sep 24 21:06:20 EDT 2006
Hi all,
We have a VPN server running Linux Openswan U2.4.5/K2.6.9-5.ELsmp (netkey)
and l2tpd. The server's configuration is attached as ipsec.conf
With Windows XP/2000 clients, we can connect to this VPN server (with the
roadwarrior connection).
However, when we try to use a Linux Openswan 2.4.5 client (the client's
configuration is attached as ipsec-client.conf) to connect to the same
server, we got the following error:
----- ERROR BEGINS -----
[root at shannon ~]# ipsec auto --up l2tpclient
104 "l2tpclient" #1: STATE_MAIN_I1: initiate
003 "l2tpclient" #1: received Vendor ID payload [Dead Peer Detection]
106 "l2tpclient" #1: STATE_MAIN_I2: sent MI2, expecting MR2
108 "l2tpclient" #1: STATE_MAIN_I3: sent MI3, expecting MR3
004 "l2tpclient" #1: STATE_MAIN_I4: ISAKMP SA established
{auth=OAKLEY_RSA_SIG cipher=oakley_3des_cbc_192 prf=oakley_md5
group=modp1536}
117 "l2tpclient" #2: STATE_QUICK_I1: initiate
010 "l2tpclient" #2: STATE_QUICK_I1: retransmission; will wait 20s for
response
010 "l2tpclient" #2: STATE_QUICK_I1: retransmission; will wait 40s for
response
031 "l2tpclient" #2: max number of retransmissions (2) reached
STATE_QUICK_I1. No acceptable response to our first Quick Mode message:
perhaps peer likes no proposal
000 "l2tpclient" #2: starting keying attempt 2 of at most 3, but releasing
whack
[root at shannon ~]#
-----ERROR ENDS -----
What's the reason that caused the quick mode failure? Any suggestions about
how to find the reason?
Thanks,
Steve
-------------- next part --------------
A non-text attachment was scrubbed...
Name: ipsec-client.conf
Type: application/octet-stream
Size: 796 bytes
Desc: not available
Url : http://lists.openswan.org/pipermail/users/attachments/20060924/cb34d608/attachment.obj
-------------- next part --------------
A non-text attachment was scrubbed...
Name: ipsec.conf
Type: application/octet-stream
Size: 883 bytes
Desc: not available
Url : http://lists.openswan.org/pipermail/users/attachments/20060924/cb34d608/attachment-0001.obj
More information about the Users
mailing list