[Openswan Users] Openswan uses only the last defined connection
Stefan Guenther
openswan at in-put.de
Wed Jan 28 13:35:23 EST 2009
Hi,
we are currently using Openswan 2.4.7 on openSUSE 11.0 (X86-64).
The ipsec.conf looks as follows:
version 2.0
config setup
interfaces=%defaultroute
klipsdebug=none
plutodebug=none
uniqueids=no
forwardcontrol=yes
conn %default
keyingtries=3
disablearrivalcheck=yes
type=tunnel
pfs=yes
authby=secret
keyexchange=ike
left=217.7.231.XX
leftsubnet=192.168.0.0/24
leftid=217.7.231.XX
conn user1
right=%any
rightsubnet=192.168.2.130/32
rightid=@user1.firma.de
conn user2
rightid=@user2.firma.de
rightsubnet=192.168.2.129/32
include /etc/ipsec.d/examples/no_oe.conf
And here is the /etc/ipsec.secrets:
217.7.231.xx @user1.firma.de: PSK "dummy1"
217.7.231.xx @user2.firma.de: PSK "dummy1"
#217.7.231.xx %any: PSK "dummy1"
There are no error messages when I start ipsec.
We use the Greenbow VPN client to connect to this gateway, but I can
only use the details for connection user2 and this only works, when I
remove the # from the last line of ipsec.secrets.
If I use the rightid and ip for connection user1, I get the following
error messages:
#1: Main mode peer ID is ID_FQDN: '@user1.firma.de'
#1: no suitable connection for peer '@user1.firma.de'
But when I remove connection user2 the connection for user1 works perfectly.
This isn't my first ipsec configuration, but I'm completely confused,
what's wrong with this configuration??
Thanks for any help or hint.
Stefan
More information about the Users
mailing list