[Openswan Users] Openswan issues
Paul Wouters
paul at xelerance.com
Wed Apr 18 14:32:51 EDT 2007
On Wed, 18 Apr 2007, Kenneth Bergholm wrote:
> Apr 18 07:17:37 tidaxIpcop pluto[2818]: "fw-fw3" #1: initiating Main Mode
>
> Apr 18 07:17:37 tidaxIpcop pluto[2818]: packet from 212.181.91.211:500:
> ignoring informational payload, type NO_PROPOSAL_CHOSEN
the other end is doing some weak old crypto?
> Apr 18 07:21:32 tidaxIpcop pluto[2818]: "fw-fw3" #2: responding to Main Mode
>
> Apr 18 07:21:32 tidaxIpcop pluto[2818]: "fw-fw3" #2: policy does not allow
> OAKLEY_RSA_SIG authentication. Attribute OAKLEY_AUTHENTICATION_METHOD
different config, now one end does PSK, the other RSA.
> Apr 18 07:23:46 tidaxIpcop ipsec_setup: Starting Openswan IPsec 1.0.10...
That version is pretty EOL. upgrade to openswan-2 if you can.
> Apr 18 07:23:47 tidaxIpcop ipsec__plutorun: 022 "LidingoFW": we have no
> ipsecN interface for either end of this connection
You didnt add the correct ethernet device in the interfaces= line.
Paul
More information about the Users
mailing list