[Openswan Users] Laptop (right) connecting to left.
Brent Clark
brentgclarklist at gmail.com
Sun Jul 26 07:57:26 EDT 2009
Hiya
Ive been trying to get my laptop talking to a standalone public facing machine.
My elementary ASCII art, I hope it illustrates my setup
--------------- -------------
----------------- ------------
Test VPN Machine|---------| Internet |--------------| Home DSL Modem
|-------| Linuxlaptop
----------------| ------------- |
----------------- | ------------
| | |
\->( Static IP) \--> (Dynamic IP)
\-> (Dynamic IP}
Basically im trying get my laptop (right) connecting and talking to my left.
On my left, as said its a standalone machine ( therefore theres no
routing and / or forwarding of to other networks / subnets).
I was using keys, but because Ive been struggling for the last few
days, I thought id lose some complexity and stick to pre shared keys
for now.
My left I keep getting this message:
Jul 26 13:42:47 VPN pluto[15084]: loading secrets from "/etc/ipsec.secrets"
Jul 26 13:42:48 VPN pluto[15084]: added connection description "linux-to-linux"
Jul 26 13:42:48 VPN pluto[15084]: listening for IKE messages
Jul 26 13:42:48 VPN pluto[15084]: adding interface eth0/eth0 196.36.x.x:500
Jul 26 13:42:48 VPN pluto[15084]: adding interface lo/lo 127.0.0.1:500
Jul 26 13:42:48 VPN pluto[15084]: adding interface lo/lo ::1:500
Jul 26 13:42:48 VPN pluto[15084]: forgetting secrets
Jul 26 13:42:48 VPN pluto[15084]: loading secrets from "/etc/ipsec.secrets"
Jul 26 13:42:48 VPN pluto[15084]: "linux-to-linux": cannot route
template policy of PSK+ENCRYPT+TUNNEL
Jul 26 13:42:48 VPN pluto[15084]: "linux-to-linux": cannot initiate
connection without knowing peer IP address (kind=CK_TEMPLATE)
Jul 26 13:42:58 VPN pluto[15084]: packet from 165.146.174.215:500:
received Vendor ID payload [Openswan (this version) 2.4.12 LDAP_V3
PLUTO_SENDS_VENDORID PLUTO_USES_KEYRR]
Jul 26 13:42:58 VPN pluto[15084]: packet from 165.146.174.215:500:
received Vendor ID payload [Dead Peer Detection]
Jul 26 13:42:58 VPN pluto[15084]: "linux-to-linux"[1] 165.146.174.215
#1: responding to Main Mode from unknown peer 165.146.174.215
Jul 26 13:42:58 VPN pluto[15084]: "linux-to-linux"[1] 165.146.174.215
#1: transition from state STATE_MAIN_R0 to state STATE_MAIN_R1
Jul 26 13:42:58 VPN pluto[15084]: "linux-to-linux"[1] 165.146.174.215
#1: STATE_MAIN_R1: sent MR1, expecting MI2
Jul 26 13:42:58 VPN pluto[15084]: packet from 165.146.174.215:500:
ignoring informational payload, type NO_PROPOSAL_CHOSEN
Jul 26 13:42:58 VPN pluto[15084]: packet from 165.146.174.215:500:
received and ignored informational message
Jul 26 13:43:08 VPN pluto[15084]: packet from 165.146.174.215:500:
ignoring informational payload, type NO_PROPOSAL_CHOSEN
Jul 26 13:43:08 VPN pluto[15084]: packet from 165.146.174.215:500:
received and ignored informational message
This is my conf setup:
version 2.0
config setup
#nat_traversal=yes
#virtual_private=%v4:10.0.0.0/8,%v4:192.168.0.0/16,%v4:172.16.0.0/12
nhelpers=0
interfaces="%defaultroute"
conn linux-to-linux
auth=esp
left=196.36.x.x
leftid=@work
leftsubnet=196.36.x.0/29
#leftsubnet=0.0.0.0/0
authby=secret
right=%any
#rightnexthop=10.0.0.2
rightid=@home
pfs=no
esp=aes128
#ike=aes
#rightsubnet=10.0.0.0/24
auto=start
include /etc/ipsec.d/examples/no_oe.conf
--------------------------- 8<------------8<--------- Here is my
laptops config:
config setup
plutodebug="control parsing"
#nat_traversal=yes
# virtual_private=%v4:10.0.0.0/8,%v4:192.168.0.0/16,%v4:172.16.0.0/12
nhelpers=0
interfaces="%defaultroute"
conn linux-to-linux
auth=esp
right=196.36.x.x
rightid=@work
rightsubnet=196.36.x.0/29
authby=secret
left=%defaultroute
leftnexthop=10.0.0.2
leftid=@home
pfs=no
esp=aes128
#ike=aes
auto=start
include /etc/ipsec.d/examples/no_oe.conf
If anyone could help me understand where im going wrong I would be
most grateful.
Kind Regards
Brent Clark
More information about the Users
mailing list