[Openswan Users] IPSEC Tunnel To NETASQ
Luc MAIGNAN
luc.maignan at winxpert.com
Sun Dec 19 16:10:35 EST 2010
Thanks for your answer.
The documentation says that it supports IPSEC.
I can establish phase 1 but not phase 2 :
racoon: INFO: initiate new phase 2 negotiation:
192.168.50.181[4500]<=>83.206.50.37[4500]
Dec 17 22:34:59 Fedora-64-2 racoon: INFO: NAT detected -> UDP
encapsulation (ENC_MODE 2->4).
Dec 17 22:34:59 Fedora-64-2 racoon: INFO: NAT detected -> UDP
encapsulation (ENC_MODE 2->4).
Dec 17 22:35:10 Fedora-64-2 racoon: ERROR: 8x.xxx.xx.xx give up to get
IPsec-SA due to time up to wait.
Dec 17 22:35:29 Fedora-64-2 racoon: INFO: IPsec-SA expired: AH/Transport
8x.xxx.xx.xx[0]->192.168.50.181[0] spi=112387376(0x6b2e530)
Dec 17 22:35:29 Fedora-64-2 racoon: WARNING: the expire message is
received but the handler has not been established.
Dec 17 22:35:29 Fedora-64-2 racoon: INFO: IPsec-SA expired:
ESP/Transport 8x.xxx.xx.xx[0]->192.168.50.181[0] spi=82003743(0x4e3471f)
Dec 17 22:35:59 Fedora-64-2 racoon: ERROR: 8x.xxx.xx.xx give up to get
IPsec-SA due to time up to wait.
Dec 17 23:33:26 Fedora-64-2 racoon: INFO: ISAKMP-SA expired
192.168.50.181[4500]-8x.xxx.xx.xx[4500]
spi:621461833610c445:41dcaae6ade3f6d2
Dec 17 23:33:27 Fedora-64-2 racoon: INFO: ISAKMP-SA deleted
192.168.50.181[4500]-8x.xxx.xx.xx[4500]
spi:621461833610c445:41dcaae6ade3f6d2
Dec 17 23:33:27 Fedora-64-2 racoon: INFO: KA remove:
192.168.50.181[4500]->8x.xxx.xx.xx[4500]
Has anyone an idea ???
Best regards
Le 19/12/10 21:59, Paul Wouters a écrit :
> On Sun, 19 Dec 2010, Luc MAIGNAN wrote:
>
>> I'm running openSwan under Fedora 14 6'bits.
>>
>> I have to setup an IPSEC Tunnel (Host To Host) from my Fedora box to a
>> NETASQ F200 router.
>>
>> I have a lot of errors, so my first question : IS IT POSSIBLE TO SETUP A
>> SUCH ARCHITECTURE ?
>
> If the NETASQ F200 router supports IPsec, then yes.
>
> Paul
More information about the Users
mailing list