[Openswan Users] failure-connection

Alfonso Viso alfonso.viso at selftrade.com
Thu Dec 18 07:35:51 EST 2008 

Hello all, 
 
we are trying to connect openswan server to CISCO Pix with PSK. When i try to establish the connect it appears the following message:
 
$ipsec auto --up pix-barcelona
104 "pix-barcelona" #1: STATE_MAIN_I1: initiate
003 "pix-barcelona" #1: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-03] method set to=108
003 "pix-barcelona" #1: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02_n] meth=106, but already using method 108
106 "pix-barcelona" #1: STATE_MAIN_I2: sent MI2, expecting MR2
003 "pix-barcelona" #1: received Vendor ID payload [XAUTH]
003 "pix-barcelona" #1: received Vendor ID payload [Dead Peer Detection]
003 "pix-barcelona" #1: received Vendor ID payload [Cisco-Unity]
003 "pix-barcelona" #1: ignoring unknown Vendor ID payload [f8dab7b37106268c89e5da42907649c5]
003 "pix-barcelona" #1: NAT-Traversal: Result using draft-ietf-ipsec-nat-t-ike-02/03: peer is NATed
108 "pix-barcelona" #1: STATE_MAIN_I3: sent MI3, expecting MR3
003 "pix-barcelona" #1: we require peer to have ID '80.25.172.194', but peer declares '192.168.0.2'
218 "pix-barcelona" #1: STATE_MAIN_I3: INVALID_ID_INFORMATION

the ipsec.conf file is:
 
conn pix-barcelona
        type=tunnel
        authby=secret
        left=81.93.214.114
        leftsourceip=10.105.241.253
        leftsubnet=10.105.0.0/16
        right=80.25.172.194
        rightsourceip=192.168.0.2
        rightsubnet=10.105.228.0/22
        esp=3des-md5
        keyexchange=ike
        pfs=yes
        auto=add
        spi=0x0
 
and the ipsec.secrets:
 
81.93.214.114 192.168.0.2: PSK "xxxxxxxxxxxxxxxxxxxx"
81.93.214.114 80.25.172.194: PSK "xxxxxxxxxxxxxxxxxx"
 
Can anybody help us?
thanks in advanced.
 
best regards


Alfonso Viso Puerta
IT Department
Self Trade Bank by Boursorama
Tel:  +34 91 789 40 46

 



___________________________________

Ce message contient des informations confidentielles ou appartenant à
Boursorama et est établi à l'intention exclusive de ses destinataires. Toute
divulgation, utilisation, diffusion ou reproduction (totale ou partielle) de ce
message, ou des informations qu'il contient, doit être préalablement
autorisée. Tout message électronique est susceptible d'altération et son
intégrité ne peut être assurée. Boursorama décline toute responsabilité au
titre de ce message s'il a été modifié ou falsifié. Si vous n'êtes pas
destinataire de ce message, merci de le détruire immédiatement et d'avertir
l'expéditeur de l'erreur de distribution et de la destruction du message.
___________________________________

This e-mail contains confidential information or information belonging to
Boursorama and is intended solely for the addressees. The unauthorised
disclosure, use, dissemination or copying (either whole or partial) of this
e-mail, or any information it contains, is prohibited. E-mails are susceptible
to alteration and their integrity cannot be guaranteed. Boursorama shall not be
liable for this e-mail if modified or falsified. If you are not the intended
recipient of this e-mail, please delete it immediately from your system and
notify the sender of the wrong delivery and the mail deletion.
___________________________________
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.openswan.org/pipermail/users/attachments/20081218/9db5d6fc/attachment.html

More information about the Users mailing list