[Openswan Users] OpenSWAN error when trying to setting the host to host connection
Pink Princess
al7ob.kelah at gmail.com
Fri Aug 17 04:39:54 EDT 2007
Dear all;
I have installed Openswan 2.4.9 in Ubuntu 6.10 the Edgy Eft with kernel
2.6.17-12-generic in left host and Ubuntu 7.04 the Feisty Fawn with kernel
2.6.20-16 generic in the right host
I have configured the IPSec for host to host tunneling and the
ipsec.configfile is as following
-------------------------------------------------------------
version 2.0
# basic configuration
config setup
interfaces=%defaultroute
#klipsdebug=all
#plutodebug=control
conn %default
authby=rsasig
conn west-east
left=192.0.2.2
right=192.0.2.9
type=tunnel
leftrsasigkey=0sAQODB.........
rightrsasigkey=0sAQO...........
auto=start
#Disable Opportunistic Encryption
include /etc/ipsec.d/examples/no_oe.conf
--------------------------------------------------------
setting up the connection and testing is was perfectly working....
What I am trying to do is to add new cipher to be used in ESP instead of AES
so I was just trying to rename all the AES with another name ... and I got
this error
root at mastercsci-laptop:/etc/init.d# ipsec auto --up west-east
117 "west-east" #48: STATE_QUICK_I1: initiate
010 "west-east" #48: STATE_QUICK_I1: retransmission; will wait 20s for
response
010 "west-east" #48: STATE_QUICK_I1: retransmission; will wait 40s for
response
031 "west-east" #48: max number of retransmissions (2) reached
STATE_QUICK_I1. No acceptable response to our first Quick Mode message:
perhaps peer likes no proposal
000 "west-east" #48: starting keying attempt 2 of an unlimited number, but
releasing whack
even the ping command is not working..
any one have any idea about how to add a cipher to be used in encryption
algorithm
regards
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.openswan.org/pipermail/users/attachments/20070817/dd09f2c3/attachment.html
More information about the Users
mailing list