[Openswan Users] but no connection has been authorized with policy=PSK
Thomas Schweikle
tps at vr-web.de
Mon Apr 11 14:00:28 EDT 2011
Am 11.04.2011 19:01, schrieb Paul Wouters:
> On Mon, 11 Apr 2011, Thomas Schweikle wrote:
>
>> Date: Mon, 11 Apr 2011 18:30:59 +0200
>> From: Thomas Schweikle <tps at vr-web.de>
>> To: users at openswan.org
>> Subject: [Openswan Users] but no connection has been authorized with
>> policy=PSK
>>
>> "but no connection has been authorized with policy=PSK"
>>
>> what does this mean? Couldn't find anything about it in
>> - HowTo
>> - man-pages
>> - docs
>
> You got an incoming connection that wants to use authby=secret, but
> none
> of your loaded connections have that option set.
conn rz-openswan
type= tunnel
auth= esp
authby= secret
keyexchange= ike
pfs= no
aggrmode= no
ike= 3des-sha1-modp1024
esp= 3des-sha1
auto= add
Since this is the only connection defined ...
and it is loaded:
[...]
Changed path to directory '/etc/ipsec.d/cacerts'
Changed path to directory '/etc/ipsec.d/aacerts'
Changed path to directory '/etc/ipsec.d/ocspcerts'
Changing to directory '/etc/ipsec.d/crls'
Warning: empty directory
added connection description "rz-openswan"
listening for IKE messages
NAT-Traversal: Trying new style NAT-T
NAT-Traversal: ESPINUDP(1) setup failed for new style NAT-T family
IPv4 (errno=19)
NAT-Traversal: Trying old style NAT-T
adding interface eth2/eth2 172.19.0.27:500
adding interface eth2/eth2 172.19.0.27:4500
[...]
Hmmmmmm?????
--
Thomas
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 219 bytes
Desc: OpenPGP digital signature
Url : http://lists.openswan.org/pipermail/users/attachments/20110411/21aa1b65/attachment.bin
More information about the Users
mailing list