[Openswan Users] FAQ, no connection is known for ...

Wed Jul 18 16:29:37 EDT 2007

Okay, this is nominally in the FAQ, but I can't figure out what I need
to change to make my problem go away.

I'm setting up the "road warrior" configuration from the Wiki.  My
gateway host connects to a home lan of 192.168.3.0/24.  I tried this
configuration from *inside* my home lan (which is a bit perverse), and I
got a successful connection.  But now I'm sitting at a T-mobile hotspot
and I can't get connected.  Here's the log message from the gateway:

Jul 18 16:18:09 tycho pluto[1410]: "rlent"[2] 208.54.65.47 #2: cannot
respond to IPsec SA request because no connection is known for
192.168.3.0/24===216.254.78.84[@gw.astrofoto.org]...208.54.65.47[@aristarchus.rlent.pnet]===10.250.102.177/32

Here is the gateway configuration:

conn rlent
    left=216.254.78.84
    leftid=@gw.astrofoto.org
    leftsubnet=192.168.3.0/24
    leftrsasigkey=...
    rightnexthop=%defaultroute
    right=%any
    rightid=@aristarchus.rlent.pnet
    rightrsasigkey=...
    auto=add

and on the laptop side:

conn rlent
    left=%defaultroute
    leftid=@aristarchus.rlent.pnet
    leftrsasigkey=...
    right=216.254.78.84
    rightsubnet=192.168.3.0/24
    rightid=@gw.astrofoto.org
    rightrsasigkey=...
    auto=add

I've confirmed that my keys are flipped, right <-> left.

Can anyone give me a clue?  I've googled and found plenty of similar
problems, but none seem to quite apply.  The FAQ is tantalizing saying
I've probably got somehthing wrong in my config, but I sure can't see it.

TIA,

roland

-- 
		       PGP Key ID: 66 BC 3B CD
Roland B. Roberts, PhD                             RL Enterprises
roland at rlenter.com                            6818 Madeline Court
roland at astrofoto.org                           Brooklyn, NY 11220