[Openswan Users] cannot respond to IPsec SA request because no connection is known for

Bob Miller bob at computerisms.ca
Thu Dec 17 12:59:08 EST 2009


Hi,
In my experience, limited though it is, "no connection is known for"
means that the connection you described in your configuration isn't
found in reality.  It means you have either missed a configuration
option such as leftnexthop to fully describe the situation, or you have
a typo or an incorrect value for an existing option.
Also, as I understand it for nat to work, it must be enabled using
nat_traversal=yes option in your config, and your virtual_private line
must be configured correctly as well.

On Thu, 2009-12-17 at 14:55 +0000, kumar shantanu wrote:
> Hi All,
> 
> I am trying to configure ipsec with xl2tpd. When I try connecting a
> windows machine on server side I see these errors.
> 
> "l2tp-X.509"[2] xx.xx.xxxxx #1: cannot respond to IPsec SA request
> because no connection is known for xx.xx.xx.xx[C=GB, ST=Warwickshire,
> O=Mycompany Ltd., OU=company, CN=ipsec, E=shantanu at abc.co.uk,
> +S=C]:17/1701...xx.xx.xx.xx[C=GB, ST=Warwickshire, O=Mycompany Ltd.,
> OU=company, CN=win, E=shantanu at abc.co.uk,
> +S=C]:17/1701===192.168.1.46/32
> 
> My server is on static(Public) IP and client is under natting.
> 
> 
> Can someone please help me in this.
> 
> Thanks in Advance
> 
> Shantanu
> 
> _______________________________________________
> Users at openswan.org
> http://lists.openswan.org/mailman/listinfo/users
> Building and Integrating Virtual Private Networks with Openswan: 
> http://www.amazon.com/gp/product/1904811256/104-3099591-2946327?n=283155
Bob Miller
334-7117/633-3760
http://computerisms.ca
bob at computerisms.ca
Network, Internet, Server,
and Open Source Solutions



More information about the Users mailing list