[Openswan Users] Prevent Connection Timeout
Sebastian Ries
sebastian.ries at dtnet.de
Thu Jan 25 10:23:31 EST 2007
Hi
> yes, dpdaction=restart is valid. I'll add it to the man page.
OK
so I added this to the config.
Tomorrow I'll see if it is still up ;-)
> > Jan 25 11:33:22 atomium pluto[16768]: packet from <other gateway>:4500:
> > received Vendor ID payload [Dead Peer Detection]
> > Jan 25 11:33:22 atomium pluto[16768]: packet from <other gateway>:4500:
> > received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-03]
> > Jan 25 11:33:22 atomium pluto[16768]: packet from <other gateway>:4500:
> > received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02] meth=107, but
> > already using method 108
> > Jan 25 11:33:22 atomium pluto[16768]: packet from <other gateway>:4500:
> > received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-00]
> > Jan 25 11:33:22 atomium pluto[16768]: packet from <other gateway>:4500:
> > initial Main Mode message received on <internal IP>:4500 but no
> > connection has been authorized
>
> Odd, it seems the other end switched to talk to your internal ip, instead
> of the external one. For the internal one, you have no connection setup, so
> you get this error. The other end is clearly doing something bad[tm].
Oppps...
Sorry I was wrong... The last line is:
Jan 25 11:33:22 atomium pluto[16768]: packet from <other gateway>:4500:
initial Main Mode message received on <external IP>:4500 but no
connection has been authorized
Both gateways are behind a NAT.
So the "external IP" starts with 192.168.... that's why I was a little
confused.
Regards
Sebastian Ries
--
------------------------------------------------------------
DT Netsolution GmbH - Talaeckerstr. 30 - D-70437 Stuttgart
Tel: +49-711-849910-36 Fax: +49-711-849910-936
WEB: http://www.dtnet.de/ email: Sebastian.Ries at dtnet.de
More information about the Users
mailing list