[Openswan Users] but no connection has been authorized with policy=PSK
Thomas Schweikle
tps at vr-web.de
Mon Apr 11 16:56:35 EDT 2011
Am 11.04.2011 22:43, schrieb Paul Wouters:
> On Mon, 11 Apr 2011, Thomas Schweikle wrote:
>
>> packet from ww.xx.yy.zz:61986: initial\
>> Main Mode message received on 222.66.77.27:500 but no connection
>> has been authorized with policy=PSK
>
> You wrote before:
>
> # LOCAL
> leftid= @rz
> left= 222.66.77.27
> leftnexthop= 222.66.77.1
> leftsubnet= 192.168.180.0/23
> #
> # REMOTE
> rightid= @openswan
> right= 192.168.1.4
> rightnexthop= 192.168.1.1
> rightsubnet= 192.168.1.0/24
>
>
> Clearly ww.xx.yy.zz is not matching 192.168.1.4, or it is not using "openswan" as its id.
Hmmm. My setup is as:
openswan (192.168.1.4) --> router/nat (with unknown IP, since it
changes every day once --- this is ww.xx.yy.zz) --> RZ
(222.66.77.27) --> Inside (192.168.180.27)
on the server side:
leftid= @rz
left= 222.66.77.27
leftnexthop= 222.66.77.1
leftsubnet= 192.168.180.0/23
#
# REMOTE
rightid= @openswan
right= 192.168.1.4
rightnexthop= 192.168.1.1
rightsubnet= 192.168.1.0/24
on the client side:
leftid= @openswan
left= 192.168.1.4
leftnexthop= 192.168.1.1
leftsubnet= 192.168.1.0/24
#
# REMOTE
rightid= @rz
right= 222.66.77.27
rightnexthop= 222.66.77.1
rightsubnet= 192.168.180.0/23
I had to switch left and right for the client, because if I left it
as it was (two identical config-files), I did not even see
connection attempts.
--
Thomas
More information about the Users
mailing list