[Openswan Users] Changing the IKE port from 500

Nikolay Dvoeglazov nikolay at dvoeglazov.ru
Fri Jun 19 19:27:23 EDT 2009 

Hello everyone,

I need to change the default IKE port from 500 to something other like 5000 as my ISP seems to have problems with this port.

I have tried using plutoopts="--ikeport 5000" but it seems to have limited effect.

====receiving side log====
Jun 20 03:09:46 lt pluto[27063]: listening for IKE messages
Jun 20 03:09:46 lt pluto[27063]: adding interface eth1/eth1 10.0.2.1:5000
Jun 20 03:09:46 lt pluto[27063]: adding interface eth0/eth0 217.70.19.69:5000
Jun 20 03:09:46 lt pluto[27063]: adding interface lo/lo 127.0.0.1:5000
Jun 20 03:09:46 lt pluto[27063]: | connect_to_host_pair: x.x.x.x:500 y.y.y.y:500 -> hp:none.

====initiator log====
Jun 20 03:25:01 bkud pluto[5975]: | processing connection officeserver
Jun 20 03:25:02 bkud pluto[5975]: | rejected packet:
Jun 20 03:25:02 bkud pluto[5975]: |   a5 a4 44 1d  3a 28 e2 60  00 00 00 00  00 00 00 00
Jun 20 03:25:02 bkud pluto[5975]: |   01 10 02 00  00 00 00 00  00 00 00 d4  0d 00 00 94
Jun 20 03:25:02 bkud pluto[5975]: |   00 00 00 01  00 00 00 01  00 00 00 88  00 01 00 04
Jun 20 03:25:02 bkud pluto[5975]: |   03 00 00 20  00 01 00 00  80 0b 00 01  80 0c 0e 10
Jun 20 03:25:02 bkud pluto[5975]: |   80 01 00 05  80 02 00 01  80 03 00 03  80 04 00 05
Jun 20 03:25:02 bkud pluto[5975]: |   03 00 00 20  01 01 00 00  80 0b 00 01  80 0c 0e 10
Jun 20 03:25:02 bkud pluto[5975]: |   80 01 00 05  80 02 00 02  80 03 00 03  80 04 00 05
Jun 20 03:25:02 bkud pluto[5975]: |   03 00 00 20  02 01 00 00  80 0b 00 01  80 0c 0e 10
Jun 20 03:25:02 bkud pluto[5975]: |   80 01 00 05  80 02 00 02  80 03 00 03  80 04 00 02
Jun 20 03:25:02 bkud pluto[5975]: |   00 00 00 20  03 01 00 00  80 0b 00 01  80 0c 0e 10
Jun 20 03:25:02 bkud pluto[5975]: |   80 01 00 05  80 02 00 01  80 03 00 03  80 04 00 02
Jun 20 03:25:02 bkud pluto[5975]: |   0d 00 00 10  4f 45 5a 52  6b 5f 4c 68  6e 53 4e 63
Jun 20 03:25:02 bkud pluto[5975]: |   00 00 00 14  af ca d7 13  68 a1 f1 c9  6b 86 96 fc
Jun 20 03:25:02 bkud pluto[5975]: |   77 57 01 00
Jun 20 03:25:02 bkud pluto[5975]: | control:
Jun 20 03:25:02 bkud pluto[5975]: |   18 00 00 00  00 00 00 00  08 00 00 00  06 00 00 00
Jun 20 03:25:02 bkud pluto[5975]: |   5e 19 85 7c  5e 19 85 7c  2c 00 00 00  00 00 00 00
Jun 20 03:25:02 bkud pluto[5975]: |   0b 00 00 00  6f 00 00 00  02 03 03 00  00 00 00 00
Jun 20 03:25:02 bkud pluto[5975]: |   00 00 00 00  02 00 00 00  d9 46 13 45  00 00 00 00
Jun 20 03:25:02 bkud pluto[5975]: |   00 00 00 00
Jun 20 03:25:02 bkud pluto[5975]: | name:
Jun 20 03:25:02 bkud pluto[5975]: |   02 00 01 f4  d9 46 13 45  00 00 00 00  00 00 00 00
Jun 20 03:25:02 bkud pluto[5975]: "officeserver" #2: ERROR: asynchronous network error report on wimax0 (sport=5000) for message to x.x.x.x port 500, complainant y.y.y.y: Connection refused [errno 111, origin ICMP type 3 code 3 (not authenticated)]
b
=======================

Both endpoints have the option in the conf file.

Any help will be greatly appreciated,

Thank you,

Nick
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.openswan.org/pipermail/users/attachments/20090620/ab0fc2dd/attachment.html

More information about the Users mailing list