[Openswan Users] Trying to get Openswan working Ubuntu to Cisco ASA 5510
Paul Wouters
paul at xelerance.com
Wed Mar 10 00:17:46 EST 2010
On Tue, 9 Mar 2010, Whit Blauvelt wrote:
> Thanks Paul. If that's the fix, it has implications I need to handle, since
> simply adding it to the conn section produces first:
>
> # ipsec auto --up cisco
> 024 need --listen before --initiate
Is this an embedded system? This seems to show openswan is still starting
up and you have to wait with issuing the --up command.
> and then on second invocation:
>
> # ipsec auto --up cisco
> 003 "cisco" #1: multiple transforms were set in aggressive mode. Only first one used.
> 003 "cisco" #1: transform (5,2,2,0) ignored.
> 003 "cisco" #1: multiple transforms were set in aggressive mode. Only first one used.
> 003 "cisco" #1: transform (5,2,2,0) ignored.
> 112 "cisco" #1: STATE_AGGR_I1: initiate
> 003 "cisco" #1: Informational Exchange message must be encrypted
> 010 "cisco" #1: STATE_AGGR_I1: retransmission; will wait 20s for response
> 003 "cisco" #1: Informational Exchange message must be encrypted
Well, that seems worse, so perhaps that is not the case here.
Paul
More information about the Users
mailing list