[Openswan Users] Sonicwall TZ170 to OpenSWAN peer's ID_USER_FQDN contains no @
Paul Wouters
paul at xelerance.com
Wed Apr 28 01:09:00 EDT 2010
On Tue, 27 Apr 2010, Mike A. Leonetti wrote:
> Trying to connect a TZ710<->Openswan gets me the follwing errors:
>
> Apr 27 15:15:41 fortissimo pluto[24391]: "andree" #4: received Vendor ID
> payload [draft-ietf-ipsec-nat-t-ike-00]
> Apr 27 15:15:41 fortissimo pluto[24391]: "andree" #4: ignoring Vendor ID
> payload [Sonicwall 1 (TZ 170 Standard?)]
> Apr 27 15:15:41 fortissimo pluto[24391]: "andree" #4: peer's
> ID_USER_FQDN contains no @: 0006B105D23
> Apr 27 15:15:41 fortissimo pluto[24391]: "andree" #4: Aggressive mode
> peer ID is ID_USER_FQDN: '0006B105D230'
> Apr 27 15:15:41 fortissimo pluto[24391]: "andree" #4: no suitable
> connection for peer '0006B105D230'
> Apr 27 15:15:41 fortissimo pluto[24391]: "andree" #4: initial Aggressive
> Mode packet claiming to be from y.y.y.y on y.y.y.y but no connection has
> been authorized
> Apr 27 15:15:41 fortissimo pluto[24391]: "andree" #4: sending
> notification INVALID_ID_INFORMATION to y.y.y.y:500
>
> conn andree
> left=x.x.x.x
> leftsourceip=10.1.1.1
> leftsubnet=10.1.1.0/24
> leftid=x.x.x.x
> right=y.y.y.y
> rightsubnet=192.168.3.0/24
> # rightid=0006B105D23U
> keyingtries=0
> pfs=no
> aggrmode=yes
> auto=start
> auth=esp
> esp=3des-sha1
> ike=3des-sha1
> authby=secret
> keyexchange=ike
Try using rightid=@0006B105D23U
Paul
More information about the Users
mailing list