[Openswan Users] Fw: Problem with some road connection

Sasa sasa at shoponweb.it
Fri Jan 22 10:03:00 EST 2010


I am sorry for insistence...there is a solution for my problem ? somebody 
have my same problem ?
Thanks.

------

   Salvatore.



----- Original Message ----- 
From: "Sasa" <sasa at shoponweb.it>
To: <users at openswan.org>
Sent: Monday, January 18, 2010 5:42 PM
Subject: [Openswan Users] Problem with some road connection


> Hi, I have a problem with a road connection (with site-to-site it's ok) 
> but
> it's very strange because this problem is present only with some road
> connection (with other road connection is all ok), when the vpn client is
> impossible connect to my vpn server I have in log:
>
> Jan 18 17:00:54 fwsos pluto[13618]: packet from 217.x.y.z:500: ignoring
> Vendor ID payload [Vid-Initial-Contact]
> Jan 18 17:00:54 fwsos pluto[13618]: "left-road"[1] 217.x.y.z #8: 
> responding
> to Main Mode from unknown peer 217.x.y.z
> Jan 18 17:00:54 fwsos pluto[13618]: "left-road"[1] 217.x.y.z #8: 
> transition
> from state STATE_MAIN_R0 to state STATE_MAIN_R1
> Jan 18 17:00:54 fwsos pluto[13618]: "left-road"[1] 217.x.y.z #8:
> STATE_MAIN_R1: sent MR1, expecting MI2
> Jan 18 17:01:10 fwsos pluto[13618]: packet from 217.x.y.z:500: ignoring
> Vendor ID payload [MS NT5 ISAKMPOAKLEY 00000004]
> Jan 18 17:01:10 fwsos pluto[13618]: packet from 217.x.y.z:500: ignoring
> Vendor ID payload [FRAGMENTATION]
> Jan 18 17:01:10 fwsos pluto[13618]: packet from 217.x.y.z:500: received
> Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02_n] method set to=106
> Jan 18 17:01:10 fwsos pluto[13618]: packet from 217.x.y.z:500: ignoring
> Vendor ID payload [Vid-Initial-Contact]
> Jan 18 17:01:10 fwsos pluto[13618]: "left-road"[1] 217.x.y.z #9: 
> responding
> to Main Mode from unknown peer 217.x.y.z
> Jan 18 17:01:10 fwsos pluto[13618]: "left-road"[1] 217.x.y.z #9: 
> transition
> from state STATE_MAIN_R0 to state STATE_MAIN_R1
> Jan 18 17:01:10 fwsos pluto[13618]: "left-road"[1] 217.x.y.z #9:
> STATE_MAIN_R1: sent MR1, expecting MI2
> Jan 18 17:01:42 fwsos pluto[13618]: packet from 217.x.y.z:500: ignoring
> Delete SA payload: not encrypted
> Jan 18 17:01:42 fwsos pluto[13618]: packet from 217.x.y.z:500: received 
> and
> ignored informational message
> Jan 18 17:01:50 fwsos pluto[13618]: "left-road"[1] 217.x.y.z #5: max 
> number
> of retransmissions (2) reached STATE_MAIN_R1
>
> My ipsec.conf is:
>
> config setup
> virtual_private=%v4:192.168.0.0/16,%v4:172.16.0.0/12,%v4:!192.168.1.0/24
> nat_traversal=yes
> conn %default
> authby=rsasig
> esp=3des-md5
> conn frattacis
> auto=start
> authby=rsasig
> pfs=yes
> left=82.x.x.x
> leftsubnet=192.168.1.0/24
> leftnexthop=82.x.x.z
> leftrsasigkey=0sAQO.
> right=82.y.y.y
> rightsubnet=192.168.0.0/24
> rightnexthop=82.y.y.z
> rightrsasigkey=0sAQ.
> conn left-road
> auto=add
> authby=secret
> pfs=no
> rekey=no
> left=82.x.x.x
> leftnexthop=82.x.x.z
> leftprotoport=17/1701
> right=%any
> rightprotoport=17/1701
> rightsubnet=vhost:%no,%priv
> include /etc/ipsec.d/examples/no_oe.conf
>
> I use osw-2.4.7 and xl2tpd-1.1.
> Thanks.
>
> ------
>
>   Salvatore.
>
> _______________________________________________
> Users at openswan.org
> http://lists.openswan.org/mailman/listinfo/users
> Building and Integrating Virtual Private Networks with Openswan:
> http://www.amazon.com/gp/product/1904811256/104-3099591-2946327?n=283155
> 



More information about the Users mailing list