[Openswan Users] Openswan site-to-site VPN

Tyller D tyllerd at gmail.com
Fri Jan 7 10:39:34 EST 2011


Hi

Sorry, like an idiot I didn't see this

#You may put your configuration (.conf) file in the "/etc/ipsec.d/"
and *uncomment
this.*
#include /etc/ipsec.d/*.conf

It is working now.

Thanks

On Fri, Jan 7, 2011 at 10:22 AM, Tyller D <tyllerd at gmail.com> wrote:

> Hi
>
> I'm having an issue trying to setup a vpn between my linux box running
> Openswan and a load balancing appliance called Hotbrick.
>
> Here is some info on my setup
>
> OpenSwan
> Hotbrick
> LocalIP:
> 192.168.4.202
> LocalIP: 192.168.1.1
> PublicIP: 111.111.111.111
> PublicIP: 222.222.222.222
>
>
> [root at localhost ipsec.d]# cat /etc/ipsec.d/vpn1.conf
> config setup
>     interfaces="ipsec0=eth0"
>         nat_traversal=yes
>
> conn mynatconn
>     type=tunnel
>         authby=secret
>     keyexchange=ike1
>     auto=start
>     pfs=no
>     ike=3des-md5-modp1024
>     esp=3des-md5
>     auth=esp
>     aggrmode=yes
>     left=192.168.4.202
>         leftid=111.111.111.111
>         leftsubnet=192.168.4.0/24
>         leftnexthop=%defaultroute
>         right=222.222.222.222
>         rightsubnet=172.20.11.0/24
>            rightnexthop=%defaultroute
>     keylife=3600
>     ikelifetime=28800
>
>
>
> [root at localhost ipsec.d]# cat /etc/ipsec.d/vpn1.secrets
> 192.168.4.202 222.222.222.222 : PSK "secret"
>
>
> Jan  7 03:18:40 localhost pluto[18449]: packet from 222.222.222.222:500:
> received Vendor ID payload [RFC 3947] method set to=109
> Jan  7 03:18:40 localhost pluto[18449]: packet from 222.222.222.222:500:
> ignoring unknown Vendor ID payload [8f8d83826d246b6fc7a8a6a428c11de8]
> Jan  7 03:18:40 localhost pluto[18449]: packet from 222.222.222.222:500:
> ignoring unknown Vendor ID payload [439b59f8ba676c4c7737ae22eab8f582]
> Jan  7 03:18:40 localhost pluto[18449]: packet from 222.222.222.222:500:
> ignoring unknown Vendor ID payload [4d1e0e136deafa34c4f3ea9f02ec7285]
> Jan  7 03:18:40 localhost pluto[18449]: packet from 222.222.222.222:500:
> ignoring unknown Vendor ID payload [80d0bb3def54565ee84645d4c85ce3ee]
> Jan  7 03:18:40 localhost pluto[18449]: packet from 222.222.222.222:500:
> ignoring unknown Vendor ID payload [9909b64eed937c6573de52ace952fa6b]
> Jan  7 03:18:40 localhost pluto[18449]: packet from 222.222.222.222:500:
> received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-03] meth=108, but
> already using method 109
> Jan  7 03:18:40 localhost pluto[18449]: packet from 222.222.222.222:500:
> received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02] meth=107, but
> already using method 109
> Jan  7 03:18:40 localhost pluto[18449]: packet from 222.222.222.222:500:
> received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02] meth=107, but
> already using method 109
> Jan  7 03:18:40 localhost pluto[18449]: packet from 222.222.222.222:500:
> ignoring unknown Vendor ID payload [16f6ca16e4a4066d83821a0f0aeaa862]
> Jan  7 03:18:40 localhost pluto[18449]: packet from 222.222.222.222:500:
> received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-00]
> Jan  7 03:18:40 localhost pluto[18449]: packet from 222.222.222.222:500:
> initial Aggressive Mode message from 222.222.222.222 but no (wildcard)
> connection has been configured with policy=PSK+AGGRESSIVE
>
>
> I have been googling for the last two days and I can't find anything. Do
> any of you know what I keep getting that last error ?
>
> Jan  7 03:18:40 localhost pluto[18449]: packet from 222.222.222.222:500:
> initial Aggressive Mode message from 222.222.222.222 but no (wildcard)
> connection has been configured with policy=PSK+AGGRESSIVE
>
> Any help would be great.
>
> Thanks
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.openswan.org/pipermail/users/attachments/20110107/1b2ad972/attachment-0001.html 


More information about the Users mailing list