[Openswan Users] problem connection

Alfonso Viso alfonso.viso at selftrade.com
Fri Dec 19 07:23:26 EST 2008 

Hello all,
 
i have a problem when i try to connect to openswan server from roadwarrior. i use the software Shrew Soft VPN Client to connect with XP.
the ipsec.conf file :
 
version 2.0
config setup
 nat_traversal=yes
 forwardcontrol=yes
 virtual_private=%v4:10.0.0.0/8,%v4:172.16.0.0/12,%v4:192.168.0.0/16
 
conn %default
 ikelifetime=60m
 keylife=20m
 rekeymargin=3m
 keyingtries=1
 
conn roadwarrior
 type=tunnel
 authby=secret
 left=public_ip
 leftsubnet=10.105.0.0/16
 right=public_ip
 rightsubnetwithin=192.168.200.0/24
 keyingtries=3
 dpddelay=30
 dpdaction=clear
 pfs=no
 auto=add
 
#Disable Opportunistic Encryption
 
conn block
 auto=ignore
 
conn private
 auto=ignore
 
conn private-or-clear
 auto=ignore
 
conn clear-or-private
 auto=ignore
 
conn clear
 auto=ignore
 
conn packetdefault
 auto=ignore
 
the ipsec.secrets file:
 
#Sample /etc/ipsec.secrets file
# The Openswan server has an IP address of 123.123.123.123
#
# Preshared Keys for two clients with fixed IP addresses:
81.93.214.114 public_ip: PSK "prueba"
81.93.214.114 192.168.200.20: PSK "prueba"
-------------------
 
when i try to connect  it appears this message:
 
Dec 19 13:13:26 esmadlx02vpn pluto[30377]: "roadwarrior" #17: responding to Main Mode
Dec 19 13:13:26 esmadlx02vpn pluto[30377]: "roadwarrior" #17: transition from state STATE_MAIN_R0 to state STATE_MAIN_R1
Dec 19 13:13:26 esmadlx02vpn pluto[30377]: "roadwarrior" #17: STATE_MAIN_R1: sent MR1, expecting MI2
Dec 19 13:13:27 esmadlx02vpn pluto[30377]: "roadwarrior" #17: NAT-Traversal: Result using RFC 3947 (NAT-Traversal): peer is NATed
Dec 19 13:13:27 esmadlx02vpn pluto[30377]: "roadwarrior" #17: transition from state STATE_MAIN_R1 to state STATE_MAIN_R2
Dec 19 13:13:27 esmadlx02vpn pluto[30377]: "roadwarrior" #17: STATE_MAIN_R2: sent MR2, expecting MI3
Dec 19 13:13:27 esmadlx02vpn pluto[30377]: "roadwarrior" #17: Main mode peer ID is ID_IPV4_ADDR: '<public_ip>'
Dec 19 13:13:27 esmadlx02vpn pluto[30377]: "roadwarrior" #17: I did not send a certificate because I do not have one.
Dec 19 13:13:27 esmadlx02vpn pluto[30377]: "roadwarrior" #17: transition from state STATE_MAIN_R2 to state STATE_MAIN_R3
Dec 19 13:13:27 esmadlx02vpn pluto[30377]: "roadwarrior" #17: STATE_MAIN_R3: sent MR3, ISAKMP SA established {auth=OAKLEY_PRESHARED_KEY cipher=aes_256 prf=oakley_sha group=modp2048}
Dec 19 13:13:27 esmadlx02vpn pluto[30377]: "roadwarrior" #17: Dead Peer Detection (RFC 3706): enabled
Dec 19 13:13:27 esmadlx02vpn pluto[30377]: "roadwarrior" #17: ignoring informational payload, type IPSEC_INITIAL_CONTACT
Dec 19 13:13:27 esmadlx02vpn pluto[30377]: "roadwarrior" #17: received and ignored informational message
Dec 19 13:13:53 esmadlx02vpn pluto[30377]: "roadwarrior" #17: cannot respond to IPsec SA request because no connection is known for 10.105.0.0/16===81.93.214.114...195.5.94.158===192.168.200.20/32
Dec 19 13:13:53 esmadlx02vpn pluto[30377]: "roadwarrior" #17: sending encrypted notification INVALID_ID_INFORMATION to <public_ip>:21655
Dec 19 13:13:58 esmadlx02vpn pluto[30377]: "roadwarrior" #17: Quick Mode I1 message is unacceptable because it uses a previously used Message ID 0x939039b5 (perhaps this is a duplicated packet)
Dec 19 13:13:58 esmadlx02vpn pluto[30377]: "roadwarrior" #17: sending encrypted notification INVALID_MESSAGE_ID to <public_ip>:21655
Dec 19 13:14:03 esmadlx02vpn pluto[30377]: "roadwarrior" #17: Quick Mode I1 message is unacceptable because it uses a previously used Message ID 0x939039b5 (perhaps this is a duplicated packet)
Dec 19 13:14:03 esmadlx02vpn pluto[30377]: "roadwarrior" #17: sending encrypted notification INVALID_MESSAGE_ID to <public_ip>:21655
Dec 19 13:14:08 esmadlx02vpn pluto[30377]: "roadwarrior" #17: Quick Mode I1 message is unacceptable because it uses a previously used Message ID 0x939039b5 (perhaps this is a duplicated packet)
Dec 19 13:14:08 esmadlx02vpn pluto[30377]: "roadwarrior" #17: sending encrypted notification INVALID_MESSAGE_ID to <public_ip>:21655


Alfonso Viso Puerta
IT Department
Self Trade Bank by Boursorama
Tel:  +34 91 789 40 46

ALQUILA TUS ACCIONES en el nuevo servicio de Self Trade Bank.
Los inversores a largo plazo prestan sus acciones a los inversores más activos para que éstos vendan a crédito. Es una oportunidad para aprovechar las bajadas de la Bolsa.
 
Gana hasta un 5% TAE en un año por la cartera que tienes parada, contando con la garantía de Self Trade Bank.
 
Aviso importante: Este mensaje, incluidos sus documentos adjuntos, es confidencial y únicamente debe ser leído por su destinatario. Si no eres el destinatario, debes saber que su lectura, copia, alteración, difusión o cualquier otro tipo de uso están prohibidos. Si recibes un mensaje por error, por favor, notifícalo por esta misma vía y bórralo.

BOURSORAMA Sucursal en España, actúa bajo la denominación comercial SELF TRADE BANK by Boursorama. Registrada en el Banco de España con el nº 1490 (Registro de sucursales de Bancos Extranjeros) y en el ámbito de la UE se encuentra autorizada y supervisada por el Banco de Francia. Miembro accionista de la Sociedad Rectora de la Bolsa de Madrid y miembro negociador
de MEFF. CIF N0012834H, Inscrita en el Registro Mercantil de Madrid, tomo 15.283, libro 0, folio 154, sección 8ª, hoja M-256047. Te agradecemos que nos hagas llegar cualquier comentario o incidencia a ayuda at selftrade.com
 



___________________________________

Ce message contient des informations confidentielles ou appartenant à
Boursorama et est établi à l'intention exclusive de ses destinataires. Toute
divulgation, utilisation, diffusion ou reproduction (totale ou partielle) de ce
message, ou des informations qu'il contient, doit être préalablement
autorisée. Tout message électronique est susceptible d'altération et son
intégrité ne peut être assurée. Boursorama décline toute responsabilité au
titre de ce message s'il a été modifié ou falsifié. Si vous n'êtes pas
destinataire de ce message, merci de le détruire immédiatement et d'avertir
l'expéditeur de l'erreur de distribution et de la destruction du message.
___________________________________

This e-mail contains confidential information or information belonging to
Boursorama and is intended solely for the addressees. The unauthorised
disclosure, use, dissemination or copying (either whole or partial) of this
e-mail, or any information it contains, is prohibited. E-mails are susceptible
to alteration and their integrity cannot be guaranteed. Boursorama shall not be
liable for this e-mail if modified or falsified. If you are not the intended
recipient of this e-mail, please delete it immediately from your system and
notify the sender of the wrong delivery and the mail deletion.
___________________________________
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.openswan.org/pipermail/users/attachments/20081219/3a584c7f/attachment-0001.html

More information about the Users mailing list