[Openswan Users] Unable to establish connection using certificates
Paul Wouters
paul at xelerance.com
Wed Apr 29 17:12:46 EDT 2009
On Wed, 29 Apr 2009, Robyn Orosz wrote:
> I have 2 Openswan devices that I'm attempting to establish a tunnel
Not sure why you are using aggressive mode here.....
> Here's the message I'm seeing on the server side:
> 192.168.103.8 #2: initial Aggressive Mode packet claiming to be from
> C=ES, ST=Tarifa, L=Cadiz, O=Test, CN=vyatta-2, E=test at test.com on
> 192.168.103.8 but no connection has been authorized
> Apr 29 20:12:37 vyattatar pluto[10906]: | complete state transition with
Is this an older version of openswan? Some aggressive mode fixes
were made in the last year. Try without aggressive mode on both
sides.
Ensure both connections loaded fine using ipsec auto --add connname
Use ipsec auto --listall to confirm CAcert, cert and private key
loaded okay.
Paul
More information about the Users
mailing list