[Openswan Users] Ipsec with RSA key

Rajitha Reddy RReddy at mocana.com
Fri Aug 29 13:47:30 EDT 2008 

Hi,

I am trying to test Openswan Server and Client with RSA key instead of PSK.

I am seeing the following error:

state transition function for STATE_MAIN_R0 failed: NO_PROPOSAL_CHOSEN
next event EVENT_SO_DISCARD in 0 seconds for #4

I have configured the /etc/ipsec.conf as follows:

Server:

conn server
left=192.168.3.38                     leftrsasigkey=0sAQN2FfUjfoiOGCdZWpLwuZDeAa+H5/ipUc1z+O+BaI7jiPlN6Lwr75AEz59md6xoBUjn4MDvi8wNO9TYwBM3aAm2ajfmkA54/Lb9Su7fS2kf1HjeJKg0kjtUjZXs8iGl4H5Dn6B4WRysLaxjmmij63YWfJc0g525f8vjHg5uwIzO7eImOxY6DpgbbTQcpDQuKl8FJHFqKd+1CJMSWrrgvurNbvzfFhIZkHD536BL9rtz10i6oJ6TQn/TIYtSK7OBE8ZOD2YDprGnfLqudjx45a435S5MKhfe8TEct9W5t/slA6KjUMgerChzj02gwExt4pONQYPbwLbFEU60Olnv5M1luaAWznDPczQ2m5ZOWMpURWiB
authby=rsasig
right=192.168.3.32        rightrsasigkey=0sAQOpU0H+KIM0lLrJRl/vMFsaf+a6Y6y7vA8LHSUL1VlXS/oIz6g4UcogXc4t9PxlEHNU+0zcJwdPUSqQpXudLqhmGxoAeevBnYo3mDzz/BX2t0y9/jKoyO+J25BXHmi0wfKmUdCVYYPOvDXOaWJM4aiJWe9bu907P+SPwgKggFTR4y1tClfTw7suj55+iE5EwBMM1KcB9K6uUD0o4AlyavzKwGqZsVbflviJkthpAGLa1+HCeNptVPMRJyodCoA8Aip8qduGRaQNZPNoIkvOUs+zAZxfZ8UJ+K/KNbFYSDYaHUEwfuMPZ/mzyK59hdcdLYDZ7I+C2zTbTgQvOFyoc0BJQmVzWwsQIpExDXxbX2xjmwJ7
auto=add

Client:

conn client
left=192.168.3.32               leftrsasigkey=0sAQOpU0H+KIM0lLrJRl/vMFsaf+a6Y6y7vA8LHSUL1VlXS/oIz6g4UcogXc4t9PxlEHNU+0zcJwdPUSqQpXudLqhmGxoAeevBnYo3mDzz/BX2t0y9/jKoyO+J25BXHmi0wfKmUdCVYYPOvDXOaWJM4aiJWe9bu907P+SPwgKggFTR4y1tClfTw7suj55+iE5EwBMM1KcB9K6uUD0o4AlyavzKwGqZsVbflviJkthpAGLa1+HCeNptVPMRJyodCoA8Aip8qduGRaQNZPNoIkvOUs+zAZxfZ8UJ+K/KNbFYSDYaHUEwfuMPZ/mzyK59hdcdLYDZ7I+C2zTbTgQvOFyoc0BJQmVzWwsQIpExDXxbX2xjmwJ7
right=192.168.3.38                rightrsasigkey=0sAQN2FfUjfoiOGCdZWpLwuZDeAa+H5/ipUc1z+O+BaI7jiPlN6Lwr75AEz59md6xoBUjn4MDvi8wNO9TYwBM3aAm2ajfmkA54/Lb9Su7fS2kf1HjeJKg0kjtUjZXs8iGl4H5Dn6B4WRysLaxjmmij63YWfJc0g525f8vjHg5uwIzO7eImOxY6DpgbbTQcpDQuKl8FJHFqKd+1CJMSWrrgvurNbvzfFhIZkHD536BL9rtz10i6oJ6TQn/TIYtSK7OBE8ZOD2YDprGnfLqudjx45a435S5MKhfe8TEct9W5t/slA6KjUMgerChzj02gwExt4pONQYPbwLbFEU60Olnv5M1luaAWznDPczQ2m5ZOWMpURWiB
                authby=rsasig
                auto=add
                leftprotoport=icmp
                rightprotoport=icmp


My /etc/ipsec.secrets has the RSA key on both server and client machines. Can you please let me know what I am missing here?

Thanks,
Rajitha.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.openswan.org/pipermail/users/attachments/20080829/0f6c4458/attachment.html

More information about the Users mailing list