[Openswan Users] INVALID_KEY_INFORMATION

Sasa sasa at shoponweb.it
Tue Dec 4 11:17:45 EST 2007


Hi, I have a problema with site-to-site connection, on both side I have 
OpenSwan-2.4.9 with kernel-2.6 and the error message is:

Dec  4 16:49:34 fw2 pluto[25925]: "romanapoli" #4: no RSA public key known 
for '89.97.246.xxx'; DNS search for KEY failed (no KEY record for 
xxx.246.97.89.in-addr.arpa.)
Dec  4 16:49:34 fw2 pluto[25925]: "romanapoli" #4: sending encrypted 
notification INVALID_KEY_INFORMATION to 89.97.246.xxx:500

..and on the other side:

Dec  4 16:46:38 fw1 pluto[30120]: "romanapoli" #1: STATE_MAIN_I3: sent MI3, 
expecting MR3
Dec  4 16:46:39 fw1 pluto[30120]: "romanapoli" #1: ignoring informational 
payload, type INVALID_KEY_INFORMATION

my ipsec.conf on the both side is:

conn %default
authby=rsasig
esp=3des-md5
conn romanapoli
auto=start
pfs=yes
#sede left roma
left=89.97.246.xxx
leftsubnet=192.168.2.0/24
leftnexthop=89.97.246.xxy
# RSA 2192 bits   fw1   Mon Oct 29 18:27:33 2007
leftrsasigkey=0sAQPSu0oA
#sede right napoli
right=89.97.183.yyy
rightsubnet=192.168.1.0/24
rightnexthop=89.97.183.yyx
# RSA 2192 bits   fw2   Mon Nov 12 15:13:48 2007
rightrsasigkey=0sAQPHufmnVkjP8
include /etc/ipsec.d/examples/no_oe.conf

..where is my error ??
Thanks.

------

   Salvatore. 



More information about the Users mailing list