[Openswan Users] Key replaceing
Christian Herzberg
cherzberg at gmx.de
Sun Dec 9 19:15:00 EST 2007
Paul Wouters schrieb:
>
> The other end will have a log entry saying "sending informational payload
> NO_PROPOSAL_CHOSEN". The line before that should be the reason why it
> didnt pick the proposal.
Hi Paul,
I found the log of my Linksys WRV200. This is what it is saying.
1616 [Fri 19:21:16] "TunnelA" #8027: IPsec Transform [ESP_AES (128),
AUTH_ALGORITHM_HMAC_SHA1] refused due to strict flag
1617 [Fri 19:21:16] "TunnelA" #8027: no acceptable Proposal in IPsec SA
1618 [Fri 19:21:16] "TunnelA" #8027: sending encrypted notification
NO_PROPOSAL_CHOSEN to 192.168.178.9:500
1619 [Fri 19:21:19] "TunnelA" #6425: Quick Mode I1 message is
unacceptable because it uses a previously used Message ID 0xafa9a206
(perhaps this is a duplicated packet)
1620 [Fri 19:21:19] "TunnelA" #6425: sending encrypted notification
INVALID_MESSAGE_ID to 192.168.178.9:500
1621 [Fri 19:21:20] "TunnelA" #6425: Quick Mode I1 message is
unacceptable because it uses a previously used Message ID 0x73105778
(perhaps this is a duplicated packet)
1622 [Fri 19:21:20] "TunnelA" #6425: sending encrypted notification
INVALID_MESSAGE_ID to 192.168.178.9:500
1623 [Fri 19:21:20] "TunnelA" #6425: Quick Mode I1 message is
unacceptable because it uses a previously used Message ID 0x8d760122
(perhaps this is a duplicated packet)
1624 [Fri 19:21:20] "TunnelA" #6425: sending encrypted notification
INVALID_MESSAGE_ID to 192.168.178.9:500
What can I configure on the openswan site. I have no idea.
Thanks
Christian
More information about the Users
mailing list