[Openswan Users] Sonicwall TZ170 to OpenSWAN peer's ID_USER_FQDN contains no @
Mike A. Leonetti
mleonetti at evolutionce.com
Tue Apr 27 15:17:30 EDT 2010
Trying to connect a TZ710<->Openswan gets me the follwing errors:
Apr 27 15:15:41 fortissimo pluto[24391]: "andree" #4: received Vendor ID
payload [draft-ietf-ipsec-nat-t-ike-00]
Apr 27 15:15:41 fortissimo pluto[24391]: "andree" #4: ignoring Vendor ID
payload [Sonicwall 1 (TZ 170 Standard?)]
Apr 27 15:15:41 fortissimo pluto[24391]: "andree" #4: peer's
ID_USER_FQDN contains no @: 0006B105D23
Apr 27 15:15:41 fortissimo pluto[24391]: "andree" #4: Aggressive mode
peer ID is ID_USER_FQDN: '0006B105D230'
Apr 27 15:15:41 fortissimo pluto[24391]: "andree" #4: no suitable
connection for peer '0006B105D230'
Apr 27 15:15:41 fortissimo pluto[24391]: "andree" #4: initial Aggressive
Mode packet claiming to be from y.y.y.y on y.y.y.y but no connection has
been authorized
Apr 27 15:15:41 fortissimo pluto[24391]: "andree" #4: sending
notification INVALID_ID_INFORMATION to y.y.y.y:500
conn andree
left=x.x.x.x
leftsourceip=10.1.1.1
leftsubnet=10.1.1.0/24
leftid=x.x.x.x
right=y.y.y.y
rightsubnet=192.168.3.0/24
# rightid=0006B105D23U
keyingtries=0
pfs=no
aggrmode=yes
auto=start
auth=esp
esp=3des-sha1
ike=3des-sha1
authby=secret
keyexchange=ike
I'm assuming this is because I can't say the IKE ID on the router for
the left or right? Maybe if there was a way to eliminate checking for
an IKEID on the right?
More information about the Users
mailing list