[Openswan Users] failure-connection
Alfonso Viso
alfonso.viso at selftrade.com
Thu Dec 18 07:35:51 EST 2008
Hello all,
we are trying to connect openswan server to CISCO Pix with PSK. When i try to establish the connect it appears the following message:
$ipsec auto --up pix-barcelona
104 "pix-barcelona" #1: STATE_MAIN_I1: initiate
003 "pix-barcelona" #1: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-03] method set to=108
003 "pix-barcelona" #1: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02_n] meth=106, but already using method 108
106 "pix-barcelona" #1: STATE_MAIN_I2: sent MI2, expecting MR2
003 "pix-barcelona" #1: received Vendor ID payload [XAUTH]
003 "pix-barcelona" #1: received Vendor ID payload [Dead Peer Detection]
003 "pix-barcelona" #1: received Vendor ID payload [Cisco-Unity]
003 "pix-barcelona" #1: ignoring unknown Vendor ID payload [f8dab7b37106268c89e5da42907649c5]
003 "pix-barcelona" #1: NAT-Traversal: Result using draft-ietf-ipsec-nat-t-ike-02/03: peer is NATed
108 "pix-barcelona" #1: STATE_MAIN_I3: sent MI3, expecting MR3
003 "pix-barcelona" #1: we require peer to have ID '80.25.172.194', but peer declares '192.168.0.2'
218 "pix-barcelona" #1: STATE_MAIN_I3: INVALID_ID_INFORMATION
the ipsec.conf file is:
conn pix-barcelona
type=tunnel
authby=secret
left=81.93.214.114
leftsourceip=10.105.241.253
leftsubnet=10.105.0.0/16
right=80.25.172.194
rightsourceip=192.168.0.2
rightsubnet=10.105.228.0/22
esp=3des-md5
keyexchange=ike
pfs=yes
auto=add
spi=0x0
and the ipsec.secrets:
81.93.214.114 192.168.0.2: PSK "xxxxxxxxxxxxxxxxxxxx"
81.93.214.114 80.25.172.194: PSK "xxxxxxxxxxxxxxxxxx"
Can anybody help us?
thanks in advanced.
best regards
Alfonso Viso Puerta
IT Department
Self Trade Bank by Boursorama
Tel: +34 91 789 40 46
___________________________________
Ce message contient des informations confidentielles ou appartenant à
Boursorama et est établi à l'intention exclusive de ses destinataires. Toute
divulgation, utilisation, diffusion ou reproduction (totale ou partielle) de ce
message, ou des informations qu'il contient, doit être préalablement
autorisée. Tout message électronique est susceptible d'altération et son
intégrité ne peut être assurée. Boursorama décline toute responsabilité au
titre de ce message s'il a été modifié ou falsifié. Si vous n'êtes pas
destinataire de ce message, merci de le détruire immédiatement et d'avertir
l'expéditeur de l'erreur de distribution et de la destruction du message.
___________________________________
This e-mail contains confidential information or information belonging to
Boursorama and is intended solely for the addressees. The unauthorised
disclosure, use, dissemination or copying (either whole or partial) of this
e-mail, or any information it contains, is prohibited. E-mails are susceptible
to alteration and their integrity cannot be guaranteed. Boursorama shall not be
liable for this e-mail if modified or falsified. If you are not the intended
recipient of this e-mail, please delete it immediately from your system and
notify the sender of the wrong delivery and the mail deletion.
___________________________________
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.openswan.org/pipermail/users/attachments/20081218/9db5d6fc/attachment.html
More information about the Users
mailing list