[Openswan Users] error connecting to pix
Richard Witt
rwitt at penson.com
Thu Apr 17 09:44:11 EDT 2008
On Tue, 2008-04-15 at 19:04 -0400, scharles wrote:
> Hi !
> The pix configuration that you have provided is incomplete - from
> the logs on the linux box - it seems phaseI is established and phaseII
> is not negotiated due to conflict / disagreement on encryption.Your
> access list for interesting vpn traffic on the pix reads
> "access-list COMPANY extended permit ip 10.64.98.0 255.255.255.0
> 192.168.40.0 255.255.255.0 "
>
> IMO - it should read
> access-list COMPANY extended permit ip 192.168.40.0 255.255.255.0
> 10.64.98.0 255.255.255.0
>
> "show run crypto" on the pix would provide more details on the
> configuration
>
> - Simon Charles -
Thanks for the help. The access-list line was wrong. As soon as i got
the other end to switch it around it worked fine.
STATEMENT OF CONFIDENTIALITY: This message and any attachments are intended solely for the person or entity to which it is addressed and may contain confidential or privileged information. If the recipient of this message is not the addressee or a person responsible for delivering the message to the addressee, such recipient is prohibited from reading or using this message in any way. If you have received this message in error, please call the sender of this message immediately and delete the message from any computer.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.openswan.org/pipermail/users/attachments/20080417/b56b37f9/attachment.html
More information about the Users
mailing list