[Openswan Users] openswan and sonicwall

Gary W. Smith gary at primeexalia.com
Wed May 2 11:53:42 EDT 2007 

Has anyone gotten any of the 2.4.x series to work with sonicwall?  I've
seen some documentation on the site but have failed in all attempts.  We
tried two different configs; with aggrmode on and off.  Each had their
own errors. 

version 2

conn sonicwall
        type=tunnel
        left=%defaultroute
        leftsubnet=10.40.214.0/24
        leftid=@sonicwall
        leftxauthclient=yes
        right=validIP
        rightsubnet=192.168.0.0/16
        rightxauthserver=yes
        rightid=@remoteserver
        keyingtries=1
        pfs=yes
        aggrmode=no
        auto=start
        auth=esp
        keyexchange=ike
        esp=3des-sha1
        ike=3des-sha1
        authby=secret
        xauth=yes

@sonicwall @remoteserver : PSK "somethingstrongerthanthis!


### With aggrmode=now
May  2 08:46:22 OPENSWANTEST pluto[7272]: "sonicwall" #1: initiating
Main Mode
May  2 08:46:22 OPENSWANTEST pluto[7272]: packet from ValidIP:500:
ignoring informational payload, type NO_PROPOSAL_CHOSEN
May  2 08:46:22 OPENSWANTEST pluto[7272]: packet from ValidIP:500:
received and ignored informational message
May  2 08:46:32 OPENSWANTEST pluto[7272]: packet from ValidIP:500:
ignoring informational payload, type NO_PROPOSAL_CHOSEN
May  2 08:46:32 OPENSWANTEST pluto[7272]: packet from ValidIP:500:
received and ignored informational message


### With aggrmode=yes
May  2 08:51:40 OPENSWANTEST pluto[9348]: "sonicwall" #1: multiple
transforms were set in aggressive mode. Only first one used.
May  2 08:51:40 OPENSWANTEST pluto[9348]: "sonicwall" #1: transform
(5,2,2,0) ignored.
May  2 08:51:40 OPENSWANTEST pluto[9348]: "sonicwall" #1: initiating
Aggressive Mode #1, connection "sonicwall"
May  2 08:51:40 OPENSWANTEST pluto[9348]: "sonicwall" #1: multiple
transforms were set in aggressive mode. Only first one used.
May  2 08:51:40 OPENSWANTEST pluto[9348]: "sonicwall" #1: transform
(5,2,2,0) ignored
May  2 08:51:41 OPENSWANTEST pluto[9348]: packet from ValidIP:500:
ignoring informational payload, type INVALID_ID_INFORMATION
May  2 08:51:41 OPENSWANTEST pluto[9348]: packet from ValidIP:500:
received and ignored informational message
May  2 08:51:50 OPENSWANTEST pluto[9348]: packet from ValidIP:500:
ignoring informational payload, type INVALID_ID_INFORMATION
May  2 08:51:50 OPENSWANTEST pluto[9348]: packet from ValidIP:500:
received and ignored informational message


Any help would be greatly appreciated.

More information about the Users mailing list