[Openswan Users] cannot respond to IPsec SA request because no connection is known
Jeremy Wilson
jeremy.wilson at polarmobile.com
Wed Oct 21 13:03:09 EDT 2009
I'm running Linux Openswan U2.4.15/K2.6.18-128.el5xen (netkey) on CentOS
5.3 and I'm getting the following error when I try to connect to the server.
Oct 21 12:45:15 gateway pluto[7573]: "L2TP-PSK"[2] x.x.x.x #1: cannot
respond to IPsec SA request because no connection is known for
y.y.y.y:17/1701...x.x.x.x[192.168.1.120]:17/%any===192.168.1.120/32
Oct 21 12:45:15 gateway pluto[7573]: "L2TP-PSK"[2] x.x.x.x #1: sending
encrypted notification INVALID_ID_INFORMATION to x.x.x.x:4500
I had it working previously and one of the other admins must have
changed the config.
I'm assuming this is an error in my ipsec.conf file somehow. It's
listed below.
---
version 2.0
config setup
nat_traversal=yes
virtual_private=%v4:10.0.0.0/8,%v4:192.168.0.0/16,%v4
conn L2TP-PSK
authby=secret
pfs=no
auto=add
keyingtries=3
rekey=no
type=transport
left=%defaultroute
leftprotoport=17/1701
rightsubnet=vhost:%no,%priv
right=%any
rightprotoport=17/%any
conn block
auto=ignore
conn private
auto=ignore
conn private-or-clear
auto=ignore
conn clear-or-private
auto=ignore
conn clear
auto=ignore
conn packetdefault
auto=ignore
---
My ipsec.secrets:
---
y.y.y.y %any : PSK "key"
%any %any : PSK "key"
---
I'm trying to connect with a Mac.
More information about the Users
mailing list