[Openswan Users] Error: cannot initiate connection without knowing peer IP address (kind=CK_TEMPLATE) when running "ipsec auto --up"
Mark Ryden
markryde at gmail.com
Thu Nov 12 14:46:54 EST 2009
Hello,
Thanks!
ipsec auto --add L2TP-PSK-noNAT
does work.
Rgs,
Mark
On Thu, Nov 12, 2009 at 9:44 PM, Paul Wouters <paul at xelerance.com> wrote:
> On Thu, 12 Nov 2009, Mark Ryden wrote:
>
>> I am running openswan-2.6.21-2 on fc10. I am trying to configure it to use
>> L2TP. I prepared /etc/ipsec.conf according to the l2tp-psk.conf.in of
>> the program/examples of the openswan source tree (See below).
>> The external IP of the machine is 82.83.83.194, and the default gw is
>> 82.83.83.200.
>>
>> I ran /etc/init.d/ipsec start and it was ok.
>>
>> But When running:
>>
>> "ipsec auto --up L2TP-PSK-noNAT"
>>
>> I got:
>> 029 "L2TP-PSK-noNAT": cannot initiate connection without knowing peer
>> IP address (kind=CK_TEMPLATE)
>
> A server can only --add connection, not --up connections, if you configure
> them with "%any". You cannot initiate to a dynamic IP. Use ipsec auto --add
> instead. In the config file, use auto=add instead of auto=start.
>
> Paul
>
More information about the Users
mailing list