[Openswan Users] openswan 2.4.9 run on ARM error ?
Paul Wouters
paul at xelerance.com
Thu Sep 27 11:27:50 EDT 2007
On Thu, 27 Sep 2007, ??? wrote:
> The server log is :
> ---------------------------------------------------------------------------------------------------------------
> 2007-09-06 16:20:50 system info 00536 IKE<**.30.115.**>
> Phase 1: Negotiations have failed for user
> <CN=IPSEC,OU=Support,O=Dawningtech,L=Taipei,ST=Taiwan,C=TW>.
> 2007-09-06 16:20:50 system info 00536 IKE<**.30.115.**>
> Phase 1: No private key exists to sign packets.
> 2007-09-06 16:20:44 system info 00536 IKE<**.30.115.**>
> Phase 1: Responder starts MAIN mode negotiations.
So it looks like an issue on that device then, not on openswan?
> conn net-to-net
> authby=rsasig
> compress=yes
> esp=3DES-SHA1-96
> left=%defaultroute
> leftsubnet=192.168.1.0/24
> leftnexthop=%defaultroute
> leftcert=/etc/ipsec.d/mycert2.pem
> leftrsasigkey=%cert
> right=**.**.**.**
> rightid="@SSG550.sti.com.tw"
Looks like the SSG550.sti.com.tw end has no private key loaded?
Or openswan is using a different CA then the other end?
Or you are not using a CA, in which case you should load the right
cert manually?
Paul
More information about the Users
mailing list