[Openswan Users] Openswan to Openswan - inconsistent behavior
Paul Wouters
paul at xelerance.com
Mon Dec 22 23:10:25 EST 2008
On Mon, 22 Dec 2008, Andy Theuninck wrote:
> 003 "WFC" #1: Can't authenticate: no preshared key found for
> `192.168.0.3' and `1.2.3.4'. Attribute OAKLEY_AUTHENTICATION_METHOD
> Server log showed the attempted connection as well. I edited
> /etc/ipsec.secrets on the client, replacing "%any" with "192.168.0.3".
> I then tried bringing up the connection again on the client and go
> this:
That bug should be fixed in openswan 2.6.19.
> 104 "WFC" #1: STATE_MAIN_I1: initiate
> 010 "WFC" #1: STATE_MAIN_I1: retransmission; will wait 20s for response
> 010 "WFC" #1: STATE_MAIN_I1: retransmission; will wait 40s for response
So the other end is not seeing your packets.
> The server now shows no sign of the connection attempt, despite
> /etc/ipsec.secrets being the only file that changed. I changed
> /etc/ipsec.secrets back and tried bringing up the connection on the
> client one last time:
Note that if you change ipsec.secrets, you need to reload them using
'ipsec secrets' or restart openswan.
Paul
More information about the Users
mailing list