[Openswan Users] Connecting to a Sonicwall 2040pro

Jonathan Carpenter jonathan.carpenter at gmail.com
Thu Jun 11 15:36:35 EDT 2009 

I have followed several guides online, but I am still unable to connect to
my remote sonicwall. Can the unique ID or rightid have spaces? Here is my
ipsec.conf

########################################################################
version 2.0     # conforms to second version of ipsec.conf specification
# basic configuration
config setup
        nat_traversal=yes
        nhelpers=0

conn remote
        type=tunnel
        left=10.1.15.102                           #IP address of my machine
        leftsubnet=10.1.15.102/32             #IP address and 32-bit subnet
mask of my machine
        leftid=@GroupVPN                       #Local ID of Sonicwall VPN
        leftxauthclient=yes
        right=ip.address.goes.here            #WAN IP Address of sonicwall
        rightsubnet=172.16.2.0/24             #Local LAN
        rightid=@work - remote                 #Peer ID - Sonicwalls Unique
Firewall Identifier
        rightxauthserver=yes
        keyingtries=0
        pfs=no
        auto=add
        auth=esp
        esp=3des-sha1
        ike=3des-sha1
        xauth=yes
        authby=secret
        aggrmode=yes

and /etc/ipsec.secrets

: RSA /etc/ipsec.d/private/nemKey.pem
@GroupVPN @work - remote : PSK "SecretPassPhraseHere"

Then I have ran the following commands

sudo ipsec setup --start
sudo ipsec auto --add remote
sudo ipsec whack --name remote --initiate

I get the following results:

003 "remote" #1: multiple transforms were set in aggressive mode. Only first
one used.
003 "remote" #1: transform (5,2,2,0) ignored.
002 "remote" #1: initiating Aggressive Mode #1, connection "remote"
003 "remote" #1: multiple transforms were set in aggressive mode. Only first
one used.
003 "remote" #1: transform (5,2,2,0) ignored.
112 "remote" #1: STATE_AGGR_I1: initiate
010 "remote" #1: STATE_AGGR_I1: retransmission; will wait 20s for response
010 "remote" #1: STATE_AGGR_I1: retransmission; will wait 40s for response
010 "remote" #1: STATE_AGGR_I1: retransmission; will wait 40s for response
010 "remote" #1: STATE_AGGR_I1: retransmission; will wait 40s for response

Thanks,
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.openswan.org/pipermail/users/attachments/20090611/d6cc6068/attachment.html

More information about the Users mailing list