[Openswan Users] cannot respond to IPsec SA request because no connection is known
Yip
cyyip at cherrypicks.com
Fri Dec 14 08:10:23 EST 2007
Hi
Env:
203.194.231.42 (redhat) <---> 203.166.672.230 (ciscovpn) --- 10.30.20.0/24
/etc/ipsec.conf
conn hosttohost
left=203.194.231.42
leftsubnet=203.194.231.42/32
right=203.166.672.23
rightsubnet=10.30.20.0/24
type=tunnel
auto=add
auth=esp
pfs=no
authby=secret
ikelifetime=8h
esp=3des-md5-168
Problem:
VPN established
But unable to ping 10.30.20.x
I found something under /var/log/secure, which showed the redhat IP with
wrong subnet.
/*
Dec 14 20:57:55 cpweb pluto[22475]: "hosttohost" #4: cannot respond to
IPsec SA request because no connection is known for
203.194.231.43/32===203.194.231.42...203.166.672.230===10.30.20.0/24
*/I have tried to correct by |"ipsec auto --add |hosttohost|"| command,
according to the page, but the result remains unchange.
http://wiki.openswan.org/index.php/Openswan/FAQ#a87
Anyone has idea?
Thanks
Yip
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.openswan.org/pipermail/users/attachments/20071214/cf9703da/attachment.html
More information about the Users
mailing list