[Openswan Users] Openswan and V-IPSecure

Paul Wouters paul at xelerance.com
Thu Sep 3 12:03:29 EDT 2009

On Thu, 3 Sep 2009, JT Edwards wrote:

> I went back to trying certificates again and this is what I am getting.... I 
> am trying hard as I can to  be patient but two weeks of sweat equity and no 
> results proves frustrating my friends...

> Sep  3 08:34:18 wizbang pluto[5181]: "openswan-to-vipsecure" #4: Main mode 
> peer ID is ID_IPV4_ADDR: ''
> Sep  3 08:34:18 wizbang pluto[5181]: "openswan-to-vipsecure" #4: no suitable 
> connection for peer ''

The peer is expected to present an ID_DER_ASN1_DN and not a ID_IPV4_ADDR when
using certificates. You can try and setting rightid= but it
might just delay the actual problem.

Be aware some appliances do not reload their IKE phase1 connection when you
make a configuration change, and a reboot might be required to clear it.

> Starting IPsec:  Starting Openswan IPsec 2.4.9...

Upgrade to 2.4.15


More information about the Users mailing list