[Openswan Users] Openswan site-to-site VPN

Tyller D tyllerd at gmail.com
Fri Jan 7 03:22:53 EST 2011 

Hi

I'm having an issue trying to setup a vpn between my linux box running
Openswan and a load balancing appliance called Hotbrick.

Here is some info on my setup

OpenSwan
Hotbrick
LocalIP:
192.168.4.202
LocalIP: 192.168.1.1
PublicIP: 111.111.111.111
PublicIP: 222.222.222.222


[root at localhost ipsec.d]# cat /etc/ipsec.d/vpn1.conf
config setup
    interfaces="ipsec0=eth0"
        nat_traversal=yes

conn mynatconn
    type=tunnel
        authby=secret
    keyexchange=ike1
    auto=start
    pfs=no
    ike=3des-md5-modp1024
    esp=3des-md5
    auth=esp
    aggrmode=yes
    left=192.168.4.202
        leftid=111.111.111.111
        leftsubnet=192.168.4.0/24
        leftnexthop=%defaultroute
        right=222.222.222.222
        rightsubnet=172.20.11.0/24
           rightnexthop=%defaultroute
    keylife=3600
    ikelifetime=28800



[root at localhost ipsec.d]# cat /etc/ipsec.d/vpn1.secrets
192.168.4.202 222.222.222.222 : PSK "secret"


Jan  7 03:18:40 localhost pluto[18449]: packet from 222.222.222.222:500:
received Vendor ID payload [RFC 3947] method set to=109
Jan  7 03:18:40 localhost pluto[18449]: packet from 222.222.222.222:500:
ignoring unknown Vendor ID payload [8f8d83826d246b6fc7a8a6a428c11de8]
Jan  7 03:18:40 localhost pluto[18449]: packet from 222.222.222.222:500:
ignoring unknown Vendor ID payload [439b59f8ba676c4c7737ae22eab8f582]
Jan  7 03:18:40 localhost pluto[18449]: packet from 222.222.222.222:500:
ignoring unknown Vendor ID payload [4d1e0e136deafa34c4f3ea9f02ec7285]
Jan  7 03:18:40 localhost pluto[18449]: packet from 222.222.222.222:500:
ignoring unknown Vendor ID payload [80d0bb3def54565ee84645d4c85ce3ee]
Jan  7 03:18:40 localhost pluto[18449]: packet from 222.222.222.222:500:
ignoring unknown Vendor ID payload [9909b64eed937c6573de52ace952fa6b]
Jan  7 03:18:40 localhost pluto[18449]: packet from 222.222.222.222:500:
received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-03] meth=108, but
already using method 109
Jan  7 03:18:40 localhost pluto[18449]: packet from 222.222.222.222:500:
received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02] meth=107, but
already using method 109
Jan  7 03:18:40 localhost pluto[18449]: packet from 222.222.222.222:500:
received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02] meth=107, but
already using method 109
Jan  7 03:18:40 localhost pluto[18449]: packet from 222.222.222.222:500:
ignoring unknown Vendor ID payload [16f6ca16e4a4066d83821a0f0aeaa862]
Jan  7 03:18:40 localhost pluto[18449]: packet from 222.222.222.222:500:
received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-00]
Jan  7 03:18:40 localhost pluto[18449]: packet from 222.222.222.222:500:
initial Aggressive Mode message from 222.222.222.222 but no (wildcard)
connection has been configured with policy=PSK+AGGRESSIVE


I have been googling for the last two days and I can't find anything. Do any
of you know what I keep getting that last error ?

Jan  7 03:18:40 localhost pluto[18449]: packet from 222.222.222.222:500:
initial Aggressive Mode message from 222.222.222.222 but no (wildcard)
connection has been configured with policy=PSK+AGGRESSIVE

Any help would be great.

Thanks
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.openswan.org/pipermail/users/attachments/20110107/4ce75911/attachment.html

More information about the Users mailing list