[Openswan Users] initial Main Mode message received on X:500 but no connection has been authorized

[Paul Wouters]

On Wed, 14 May 2008, Thomas Novin wrote:

> > Yes. IPsec is harder to setup then Openvpn. But if offers more and scales much better,
> > neither of which will matter much to a 1-3 user system.
>
> I've worked with lots of IPsec solutions (hardware based) but I don't
> think I've come across anything so hard to configure as Openswan. It's a
> shame because you can do virtually anything with it, if you just know
> how to.
>

It is not that hard. It is in my experience much easier to use then
any hardware webgui interface, which tend to look like snmp-via-html
interfaces.

man ipsec.conf has a LOT of information. testing/pluto/* has a few
hundred testcases with configuration examples. And the most used
cases can be found in /etc/ipsec.d/examples/

The "left" and "right" syntax might need getting used to, but you can
read is as "local" and "remote" if you want.

Paul
-- 
Building and integrating Virtual Private Networks with Openswan:
http://www.amazon.com/gp/product/1904811256/104-3099591-2946327?n=283155