[Openswan Users] openswan to Watchguard aggrmode: "system too busy"
David Koski
david at kosmosisland.com
Wed Jul 16 12:12:45 EDT 2008
I am getting an error when attempting to connect to a Watchguard
1200e (firmware revision 10.2): "system too busy"
ipsec.conf:
config setup
interfaces="%defaultroute"
nat_traversal=yes
nhelpers=0
include /etc/ipsec.d/examples/no_oe.conf
include /etc/ipsec.d/*.conf
cni.conf:
conn cni
authby=secret
#pfs=yes
#pfs=no
auto=add
keyexchange=ike
aggrmode=yes
ike=3des-sha-modp1024
auth=esp
left=%defaultroute
right=<public_ip_removed>
I have not found a configuration that works. My auth log shows:
Jul 16 09:09:02 tiikeri pluto[25667]: listening for IKE messages
Jul 16 09:09:02 tiikeri pluto[25667]: adding interface eth0/eth0 192.168.22.12:500
Jul 16 09:09:02 tiikeri pluto[25667]: adding interface eth0/eth0 192.168.22.12:4500
Jul 16 09:09:02 tiikeri pluto[25667]: adding interface lo/lo 127.0.0.1:500
Jul 16 09:09:02 tiikeri pluto[25667]: adding interface lo/lo 127.0.0.1:4500
Jul 16 09:09:02 tiikeri pluto[25667]: adding interface lo/lo ::1:500
Jul 16 09:09:02 tiikeri pluto[25667]: loading secrets from "/etc/ipsec.secrets"
Jul 16 09:09:02 tiikeri pluto[25667]: loaded private key file '/etc/ipsec.d/private/tiikeriKey.pem' (1679 bytes)
Jul 16 09:09:07 tiikeri pluto[25667]: "cni" #1: initiating Aggressive Mode #1, connection "cni"
Jul 16 09:09:07 tiikeri pluto[25667]: system too busy
Any Ideas?
System info:
Debian
openswan 2.4.6+dfsg.2-1.1
freeswan 2.04-14
Best Regards,
David Koski
dkoski at sutinen.com
More information about the Users
mailing list