[Openswan Users] Simplest ipsec config with PSK insists that I have no connection authorized with policy=PSK
jprollerskate at hotmail.com
Fri Dec 31 22:10:59 EST 2010
The secrets is included in my original post... its present the way you specifiy.
Subject: RE: [Openswan Users] Simplest ipsec config with PSK insists that I have no connection authorized with policy=PSK
Date: Fri, 31 Dec 2010 18:37:06 -0800
From: rwyatt at nvtl.com
To: jprollerskate at hotmail.com; wgillespie+openswan at es2eng.com; users at openswan.org
Did you check your IPsec.SEcrets file?
it should be
220.127.116.11 %any : PSK ""
or something to that effect.
From: users-bounces at openswan.org on behalf of JP CR
Sent: Fri 12/31/2010 6:34 PM
To: wgillespie+openswan at es2eng.com; users at openswan.org
Subject: Re: [Openswan Users] Simplest ipsec config with PSK insists that I have no connection authorized with policy=PSK
Same result. Same error.
I can comment out the rest of the connections and i still get the same error.
In fact I can comment out the entire l2tp-psk.conf include in ipsec.conf and I still get the same error. Not sure what this means..
> Date: Fri, 31 Dec 2010 19:05:54 -0700
> From: wgillespie+openswan at es2eng.com
> To: jprollerskate at hotmail.com
> CC: users at openswan.org
> Subject: Re: [Openswan Users] Simplest ipsec config with PSK insists that I have no connection authorized with policy=PSK
> As a quick test, what happens if you comment out your
> "passthrough-for-non-l2tp" connection? Is it able to find a connection
> to use then?
> On 12/31/2010 05:58 PM, JP CR wrote:
> > Hello,
> > Making a primitive test.
> > I have a home LAN, a two machines one WinXP and other Ubuntu 10.1 v
> > 1:2.6.23+dfsg-1ubuntu1 kernel: 2.6.32-17-generic
> > WinXP IP is 18.104.22.168
> > Ubuntu: 22.214.171.124
> > Gateway for both is 126.96.36.199
> > No firewalls installed on either machines.
> > a.) iam following guidance of:
> > http://rootmanager.com/ubuntu-ipsec-l2tp-windows-domain-auth/setting-up-openswan-xl2tpd-with-native-windows-clients.html
> > b.) This is my ipsec.conf (comments removed):
> > version 2.0 # conforms to second version of ipsec.conf specification
> > # basic configuration
> > config setup
> > nat_traversal=yes
> > virtual_private=%v4:10.0.0.0/8,%v4:192.168.0.0/16,%v4:172.16.0.0/12
> > oe=off
> > protostack=netkey
> > include /etc/ipsec.d/l2tp-psk.conf
> > c.) This is my /etc/ipsec.d/l2tp-psk.conf
> > conn L2TP-PSK-NAT
> > rightsubnet=vhost:%priv
> > also=L2TP-PSK-noNAT
> > conn L2TP-PSK-noNAT
> > authby=secret
> > pfs=no
> > auto=add
> > keyingtries=3
> > # we cannot rekey for %any, let client rekey
> > rekey=no
> > # Set ikelifetime and keylife to same defaults windows has
> > ikelifetime=8h
> > keylife=1h
> > # l2tp-over-ipsec is transport mode
> > type=transport
> > left=188.8.131.52
> > leftprotoport=17/1701
> > right=%any
> > rightprotoport=17/0
> > conn passthrough-for-non-l2tp
> > type=passthrough
> > left=184.108.40.206
> > leftnexthop=220.127.116.11
> > right=0.0.0.0/24
> > rightsubnet=0.0.0.0/0
> > auto=route
> > d.) THis is my /etc/ipsec.secrets
> > 18.104.22.168 %any: PSK "password"
> > Iam using the native WinXP VPN connection to test, i made sure that i
> > set the preshared key and told it to use a PSK, however i keep getting
> > that error: pluto: packet from 22.214.171.124:500: initial Main Mode
> > message received on 126.96.36.199:500 but no connection has been
> > authorized with policy=PSK I expect to see: |STATE_QUICK_R2: IPsec SA
> > established|
> > I tried searching google, made sure right is %any... and tried lots of
> > things but no joy.
> > Thanks
> > Gunther
> > _______________________________________________
> > Users at openswan.org
> > http://lists.openswan.org/mailman/listinfo/users
> > Micropayments: https://flattr.com/thing/38387/IPsec-for-Linux-made-easy
> > Building and Integrating Virtual Private Networks with Openswan:
> > http://www.amazon.com/gp/product/1904811256/104-3099591-2946327?n=283155
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Users