[Openswan Users] Problems Configuring Cisco VPN Connection

Burhan Khalid b.khalid at kuwaitnet.net
Mon Dec 22 04:54:39 EST 2008


Hello All:

   I've been following this wiki entry ( 
http://wiki.openswan.org/index.php/Openswan/CiscoPIX ) but I am getting 
the following error:

[root at srv2 eth0]# ipsec auto --add tunnelipsec
023 address family inconsistency in this connection=2 host=2/nexthop=0
037 attempt to load incomplete connection

My server has two public "real" IPs, 62.xxx.226.101 and 62.xxx.226.102, 
both aliased to eth0; the Cisco VPN concentrator's public IP is 
194.xxx.xx.200 and the host I want to reach is 10.30.20.1 (just one host).

This is my configuration file (snipped):

conn tunnelipsec
    type=tunnel
    authby=secret
    left=62.xxx.226.102
    leftsubnet=62.xxx.226.0/27
    leftnexthop=62.xxx.226.97
    right=194.xxx.xx.200
    rightsubnet=10.30.20.1/32
    rightnexthop=%defaultroute
    esp=3des-md5-168
    keyexchange=ike
    pfs=no
    auto=start

Can someone point my error? This is my first time with openswan and I'm 
also not an ace with networks :(

Thanks,

-------------- next part --------------
A non-text attachment was scrubbed...
Name: b_khalid.vcf
Type: text/x-vcard
Size: 341 bytes
Desc: not available
Url : http://lists.openswan.org/pipermail/users/attachments/20081222/cfad7c37/attachment.vcf 
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 5551 bytes
Desc: S/MIME Cryptographic Signature
Url : http://lists.openswan.org/pipermail/users/attachments/20081222/cfad7c37/attachment.bin 


More information about the Users mailing list