[Openswan Users] Problem with some road connection

Sasa sasa at shoponweb.it
Mon Jan 18 11:42:37 EST 2010 

Hi, I have a problem with a road connection (with site-to-site it's ok) but 
it's very strange because this problem is present only with some road 
connection (with other road connection is all ok), when the vpn client is 
impossible connect to my vpn server I have in log:

Jan 18 17:00:54 fwsos pluto[13618]: packet from 217.x.y.z:500: ignoring 
Vendor ID payload [Vid-Initial-Contact]
Jan 18 17:00:54 fwsos pluto[13618]: "left-road"[1] 217.x.y.z #8: responding 
to Main Mode from unknown peer 217.x.y.z
Jan 18 17:00:54 fwsos pluto[13618]: "left-road"[1] 217.x.y.z #8: transition 
from state STATE_MAIN_R0 to state STATE_MAIN_R1
Jan 18 17:00:54 fwsos pluto[13618]: "left-road"[1] 217.x.y.z #8: 
STATE_MAIN_R1: sent MR1, expecting MI2
Jan 18 17:01:10 fwsos pluto[13618]: packet from 217.x.y.z:500: ignoring 
Vendor ID payload [MS NT5 ISAKMPOAKLEY 00000004]
Jan 18 17:01:10 fwsos pluto[13618]: packet from 217.x.y.z:500: ignoring 
Vendor ID payload [FRAGMENTATION]
Jan 18 17:01:10 fwsos pluto[13618]: packet from 217.x.y.z:500: received 
Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02_n] method set to=106
Jan 18 17:01:10 fwsos pluto[13618]: packet from 217.x.y.z:500: ignoring 
Vendor ID payload [Vid-Initial-Contact]
Jan 18 17:01:10 fwsos pluto[13618]: "left-road"[1] 217.x.y.z #9: responding 
to Main Mode from unknown peer 217.x.y.z
Jan 18 17:01:10 fwsos pluto[13618]: "left-road"[1] 217.x.y.z #9: transition 
from state STATE_MAIN_R0 to state STATE_MAIN_R1
Jan 18 17:01:10 fwsos pluto[13618]: "left-road"[1] 217.x.y.z #9: 
STATE_MAIN_R1: sent MR1, expecting MI2
Jan 18 17:01:42 fwsos pluto[13618]: packet from 217.x.y.z:500: ignoring 
Delete SA payload: not encrypted
Jan 18 17:01:42 fwsos pluto[13618]: packet from 217.x.y.z:500: received and 
ignored informational message
Jan 18 17:01:50 fwsos pluto[13618]: "left-road"[1] 217.x.y.z #5: max number 
of retransmissions (2) reached STATE_MAIN_R1

My ipsec.conf is:

config setup
virtual_private=%v4:192.168.0.0/16,%v4:172.16.0.0/12,%v4:!192.168.1.0/24
nat_traversal=yes
conn %default
authby=rsasig
esp=3des-md5
conn frattacis
auto=start
authby=rsasig
pfs=yes
left=82.x.x.x
leftsubnet=192.168.1.0/24
leftnexthop=82.x.x.z
leftrsasigkey=0sAQO.
right=82.y.y.y
rightsubnet=192.168.0.0/24
rightnexthop=82.y.y.z
rightrsasigkey=0sAQ.
conn left-road
auto=add
authby=secret
pfs=no
rekey=no
left=82.x.x.x
leftnexthop=82.x.x.z
leftprotoport=17/1701
right=%any
rightprotoport=17/1701
rightsubnet=vhost:%no,%priv
include /etc/ipsec.d/examples/no_oe.conf

I use osw-2.4.7 and xl2tpd-1.1.
Thanks.

------

   Salvatore.

More information about the Users mailing list