[Openswan Users] INVALID_KEY_INFORMATION
Sasa
sasa at shoponweb.it
Tue Dec 4 11:17:45 EST 2007
Hi, I have a problema with site-to-site connection, on both side I have
OpenSwan-2.4.9 with kernel-2.6 and the error message is:
Dec 4 16:49:34 fw2 pluto[25925]: "romanapoli" #4: no RSA public key known
for '89.97.246.xxx'; DNS search for KEY failed (no KEY record for
xxx.246.97.89.in-addr.arpa.)
Dec 4 16:49:34 fw2 pluto[25925]: "romanapoli" #4: sending encrypted
notification INVALID_KEY_INFORMATION to 89.97.246.xxx:500
..and on the other side:
Dec 4 16:46:38 fw1 pluto[30120]: "romanapoli" #1: STATE_MAIN_I3: sent MI3,
expecting MR3
Dec 4 16:46:39 fw1 pluto[30120]: "romanapoli" #1: ignoring informational
payload, type INVALID_KEY_INFORMATION
my ipsec.conf on the both side is:
conn %default
authby=rsasig
esp=3des-md5
conn romanapoli
auto=start
pfs=yes
#sede left roma
left=89.97.246.xxx
leftsubnet=192.168.2.0/24
leftnexthop=89.97.246.xxy
# RSA 2192 bits fw1 Mon Oct 29 18:27:33 2007
leftrsasigkey=0sAQPSu0oA
#sede right napoli
right=89.97.183.yyy
rightsubnet=192.168.1.0/24
rightnexthop=89.97.183.yyx
# RSA 2192 bits fw2 Mon Nov 12 15:13:48 2007
rightrsasigkey=0sAQPHufmnVkjP8
include /etc/ipsec.d/examples/no_oe.conf
..where is my error ??
Thanks.
------
Salvatore.
More information about the Users
mailing list