[Openswan Users] manual keying problem

[Daren Hickman]

I am trying to connect to a device that doesn't support ike

I am using openswan 2.14

my ipsec.conf is as follows, when I start the tunnel it initiates main mode.  what is causing the keying attempt?  As always any help is greatly appreciated.  Thanks.


version 2.0     # conforms to second version of ipsec.conf specification
# basic configuration
config setup
        # plutodebug / klipsdebug = "all", "none" or a combation from below:
        # "raw crypt parsing emitting control klips pfkey natt x509 private"
        # eg: plutodebug="control parsing"
        #
        # ONLY enable plutodebug=all or klipsdebug=all if you are a developer !!
        #
        # NAT-TRAVERSAL support, see README.NAT-Traversal
        nat_traversal=yes
        # virtual_private=%v4:10.0.0.0/8,%v4:192.168.0.0/16,%v4:172.16.0.0/12
        #
        # enable this if you see "failed to find any available worker"
        nhelpers=0
# Add connections here
# sample VPN connections, see /etc/ipsec.d/examples/

#Disable Opportunistic Encryption
include /etc/ipsec.d/examples/no_oe.conf
conn manualkey
        esp=aes128-sha1-96
        left=192.168.2.2
        leftespenckey=0x11111111111111111111111111111111
        leftespauthkey=0x1111111111111111111111111111111111111111
        leftsubnet=192.168.3.0/24
        right=192.168.1.2
        rightespenckey=0x00000000000000000000000000000000
        rightespauthkey=0x0000000000000000000000000000000000000000
        spi=0x100
        type=tunnel