[Openswan Users] Can't get the road warrior example to work.
Michael Rychlik
michael.rychlik at gmail.com
Wed Dec 16 10:16:29 EST 2009
Hi all,
I am trying to get a simple road warrior set up working, as per the docs,
with out any luck after 3 days trying.
My road warrior is a Debian box in an office with a dynamic IP address.
It has host name of rsm-1.rsm.fi but this is not a resolvable name.
My host at the other end is a virtual Debian box at a hosting provider with
a fixed public IP.
This has no subnets behind it. It has the name fits-server.rsm.fi that
resolves.
My ipsec.conf looks like this:
On the road warrior in an office:
conn road
left=%defaultroute # Picks up our dynamic IP
leftid=@rsm-1.rsm.fi # Local information
leftrsasigkey=0sAQOA59S41zh.....
right=194.79.19.179 # Remote information
rightid=@fits-server.rsm.fi #
rightrsasigkey=0sAQOdTUwfyxm.....
auto=add # authorizes but doesn't start this
# connection at startup
On my server at the hosting provider:
conn road
left=194.79.19.179 # Gateway's information
leftid=@fits-server.rsm.fi #
leftrsasigkey=0sAQOdTUwf............
right=%any # Wildcard: we don't know the laptop's IP
rightid=@rsm-1.rsm.fi #
rightnexthop=%defaultroute # correct in many situations
rightrsasigkey=0sAQOA59........
auto=add # authorizes but doesn't start this
# connection at startup
As you see I tried to keep it as simple as possible and like the examples.
The error I now get on the server logs is:
cannot respond to IPsec SA request because no connection is known for
194.79.19.179[@fits-server.rsm.fi]...62.237.208.66[@rsm-1.rsm.fi]===
10.65.1.181/32
Where 62.237.208.66 is the outgoing address from this office and 10.65.1.181
is the current dynamic IP.
Thank you for any suggestions.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.openswan.org/pipermail/users/attachments/20091216/76f4b993/attachment.html
More information about the Users
mailing list