[Openswan Users] invalid rcookie
Waldo, Ethan
ewaldo at healthetechs.com
Tue Sep 16 00:02:13 EDT 2008
For some reason I am getting the following message only on the second
IPSec session for a single tunnel. The tunnel labeled VPN does not have
this error message. Can somebody tell me why this is occurring and if
there is anything I can do to fix it?
"VPN2" #2: DPD: Warning: R_U_THERE_ACK has invalid rcookie
Here is my config as follows:
config setup
# Debug-logging controls: "none" for (almost) none, "all" for
lots.
# klipsdebug=none
# plutodebug="control parsing"
nat_traversal=yes
virtual_private=%v4:10.0.0.0/8,%v4:172.16.0.0/12,%v4:192.168.0.0/16,%v4:
!10.15.0.0/24
conn %default
auto=start
authby=secret
auth=esp
esp=aes128-sha1
ike=aes128-sha1
keyexchange=ike
ikelifetime=8h
keylife=24h
type=tunnel
pfs=yes
rekey=yes
#left=1.1.1.1
leftnexthop=%defaultroute
dpddelay=30
dpdtimeout=120
dpdaction=restart
include /etc/ipsec.d/*.conf
conn VPN
auto=start
ike=3des-sha1
esp=3des-sha1
pfs=yes
left=1.1.1.1
leftsubnet=11.11.11.11/32
right=2.2.2.2
rightsubnet=12.12.12.12/32
conn VPN2
auto=start
ike=3des-sha1
esp=3des-sha1
pfs=yes
right=2.2.2.2
rightsubnet=12.12.12.12/32
left=1.1.1.1
leftsubnet=11.11.11.12/32
conn L2TP-PSK
authby=secret
pfs=no
rekey=no
keyingtries=3
ike=aes-sha1,3des-sha1
esp=aes-sha1,3des-sha1
leftprotoport=17/1701
left=1.1.1.1
right=%any
rightprotoport=17/1701
rightsubnet=vhost:%no,%priv
dpdaction=clear
auto=add
conn L2TP-PSK2
authby=secret
pfs=no
rekey=no
keyingtries=3
ike=aes-sha1,3des-sha1
esp=aes-sha1,3des-sha1
leftprotoport=17/0
left=1.1.1.1
right=%any
rightprotoport=17/1701
rightsubnet=vhost:%no,%priv
dpdaction=clear
auto=add
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.openswan.org/pipermail/users/attachments/20080915/483e5130/attachment.html
More information about the Users
mailing list