[Openswan Users] Connection Problem

Peter Siegel PeterS at 4ahead.com
Wed Apr 20 07:54:56 EDT 2011 

Hello!

I have a working Openswan server installation, and  I want to add a new Connection to the server.

I tried to connect using the following settings, but i can't get a working connection:
Thanks,
Peter
My Config, and Logs:
Client Config:
 conn Digital
        authby=secret
        auto=start
        left=195.112.212.10
        leftid=195.112.212.10
        leftnexthop=195.112.212.9
        leftsubnet=192.168.1.0/24
        pfs=no
        right=84.189.122.2
        rightid=84.189.122.2
        rightnexthop=84.189.122.1
        rightsubnet=192.168.100.0/24

Log:

Apr 20 08:03:00 firewall ipsec__plutorun: 003 "/etc/ipsec.secrets" line 1: unrecognized key format: PKS
Apr 20 08:03:00 firewall ipsec__plutorun: 003 "/etc/ipsec.secrets" line 2: unrecognized key format: PKS
Apr 20 08:03:00 firewall ipsec__plutorun: 003 "/etc/ipsec.secrets" line 4: premature end of RSA key
Apr 20 08:03:00 firewall pluto[6163]: "Digital": request to add a prospective erouted policy with netkey kernel --- experimental
Apr 20 08:03:00 firewall ipsec__plutorun: 000 "Digital": request to add a prospective erouted policy with netkey kernel --- experimental
Apr 20 08:03:00 firewall pluto[6163]: "Digital" #1: initiating Main Mode
Apr 20 08:03:00 firewall ipsec__plutorun: 104 "Digital" #1: STATE_MAIN_I1: initiate
Apr 20 08:16:10 firewall pluto[6163]: "Digital" #1: max number of retransmissions (20) reached STATE_MAIN_I1.  No response (or no acceptable response) to our first IKE message
Apr 20 08:16:10 firewall pluto[6163]: "Digital" #1: starting keying attempt 2 of an unlimited number
Apr 20 08:16:10 firewall pluto[6163]: "Digital" #2: initiating Main Mode to replace #1

Serverconfig:
conn Digital
        authby=secret
        auto=add
        left=84.189.122.2
        leftsubnet=192.168.100.0/24
        leftnexthop=84.189.122.1
        leftid=84.189.122.2
        pfs=no
        right=195.112.212.10
        rightid=195.112.212.10
        rightnexthop 195.112.212.9=
        rightsubnet=192.168.1.0/24

Log:

Apr 20 07:37:59 firewall pluto[11528]: ERROR: asynchronous network error report on eth2 for message to 84.21.58.46 port 500, complainant 84.21.58.42: No route to host [errno 113, origin ICMP type 11 code 0 (not authenticated)]
Apr 20 07:38:09 firewall pluto[11528]: packet from 195.112.212.10:500: ignoring unknown Vendor ID payload [4f456a7d637357765a5c7b63]
Apr 20 07:38:09 firewall pluto[11528]: packet from 195.112.212.10:500: received Vendor ID payload [Dead Peer Detection]
Apr 20 07:38:09 firewall pluto[11528]: packet from 195.112.212.10:500: initial Main Mode message received on 84.189.122.2:500 but no connection has been authorized

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.openswan.org/pipermail/users/attachments/20110420/f37c9d8e/attachment.html

More information about the Users mailing list