[Openswan Users] initial Main Mode message received on X:500 but no connection has been authorized

Paul Wouters paul at xelerance.com
Wed May 14 14:30:29 EDT 2008

On Wed, 14 May 2008, Thomas Novin wrote:

> > Yes. IPsec is harder to setup then Openvpn. But if offers more and scales much better,
> > neither of which will matter much to a 1-3 user system.
> I've worked with lots of IPsec solutions (hardware based) but I don't
> think I've come across anything so hard to configure as Openswan. It's a
> shame because you can do virtually anything with it, if you just know
> how to.

It is not that hard. It is in my experience much easier to use then
any hardware webgui interface, which tend to look like snmp-via-html

man ipsec.conf has a LOT of information. testing/pluto/* has a few
hundred testcases with configuration examples. And the most used
cases can be found in /etc/ipsec.d/examples/

The "left" and "right" syntax might need getting used to, but you can
read is as "local" and "remote" if you want.

Building and integrating Virtual Private Networks with Openswan:

More information about the Users mailing list