[Openswan Users] Simple Help
Jae Chang
jc-openswan at jline.com
Tue Nov 6 17:24:59 EST 2007
I am having a vexing problem, trying to move a tunnel from one gateway
to another. Any help with fresh eyes, will be greatly appreciated.
I just want to verify that this type of configuration is okay:
conn xxx
<deleted lines>
right=206.113.192.186
rightsubnet=206.113.192.128/25
Basically, is it okay to specify the right ipaddress, which is part of
the rightsubnet? This is the main thing i see as being a possible
problem. This configuration worked fine in an old freeswan gateway, but
moving to openswan is giving me the following in ipsec barf below. it
never gets past Phase I:
Nov 6 16:22:53 SGATE pluto[24129]: "xxx" #39: max number of
retransmissions (2) reached STATE_MAIN_I3. Possible authenticat\
ion failure: no acceptable response to our first encrypted message
Nov 6 16:22:53 SGATE pluto[24129]: "xxx" #39: starting keying attempt
15 of an unlimited number
Nov 6 16:22:53 SGATE pluto[24129]: "xxx" #41: initiating Main Mode to
replace #39
Nov 6 16:22:53 SGATE pluto[24129]: "xxx" #41: transition from state
STATE_MAIN_I1 to state STATE_MAIN_I2
Nov 6 16:22:53 SGATE pluto[24129]: "xxx" #41: STATE_MAIN_I2: sent MI2,
expecting MR2
Nov 6 16:22:53 SGATE pluto[24129]: "xxx" #41: I did not send a
certificate because I do not have one.
Nov 6 16:22:53 SGATE pluto[24129]: "xxx" #41: transition from state
STATE_MAIN_I2 to state STATE_MAIN_I3
Nov 6 16:22:53 SGATE pluto[24129]: "xxx" #41: STATE_MAIN_I3: sent MI3,
expecting MR3
Help is much appreciated!
Jae
More information about the Users
mailing list