[Openswan Users] Tunnel not starting
paul at xelerance.com
Wed May 28 18:15:47 EDT 2008
On Wed, 28 May 2008, Arjun Datta wrote:
> This is a FreeSWAN version 2.0 question concerning a pre-existing setup
> I have been asked to maintain. Before anyone asks, I cannot upgrade the
> ipsec version as yet to openswan and and so am stuck using freeswan for
> now =) (I know, I know, it's super old)
It is. I wouldnt call it secure at this point.
> # (manual) base for SPI numbering; must end in 0
Why are you using manual keying? In fact you sort of are not.
> # (auto) key-exchange type
> # (auto) key lifetime (before automatic rekeying)
> # (auto) how persistent to be in (re)keying negotiations (0
> means very)
Because this says you are using automatic keying.
> When I try to (re)start the connection,
> left side says:
> 000 #25: "corp-atlantat1" STATE_MAIN_I1 (sent MI1, expecting MR1);
> EVENT_RETRANSMIT in 14s
> Is this because right is freeswan 2.0 and left is freeswan 1.0 ?
Who knows with relics software like that. Normally, I would say
this is a firewall issue. You send 1 packet, the other end receives
Unless you work on the space shuttle or phoenix program though, I
would phase out freeswan ASAP.
Building and integrating Virtual Private Networks with Openswan:
More information about the Users