[Openswan Users] Openswan site-to-site VPN
Tyller D
tyllerd at gmail.com
Fri Jan 7 10:39:34 EST 2011
Hi
Sorry, like an idiot I didn't see this
#You may put your configuration (.conf) file in the "/etc/ipsec.d/"
and *uncomment
this.*
#include /etc/ipsec.d/*.conf
It is working now.
Thanks
On Fri, Jan 7, 2011 at 10:22 AM, Tyller D <tyllerd at gmail.com> wrote:
> Hi
>
> I'm having an issue trying to setup a vpn between my linux box running
> Openswan and a load balancing appliance called Hotbrick.
>
> Here is some info on my setup
>
> OpenSwan
> Hotbrick
> LocalIP:
> 192.168.4.202
> LocalIP: 192.168.1.1
> PublicIP: 111.111.111.111
> PublicIP: 222.222.222.222
>
>
> [root at localhost ipsec.d]# cat /etc/ipsec.d/vpn1.conf
> config setup
> interfaces="ipsec0=eth0"
> nat_traversal=yes
>
> conn mynatconn
> type=tunnel
> authby=secret
> keyexchange=ike1
> auto=start
> pfs=no
> ike=3des-md5-modp1024
> esp=3des-md5
> auth=esp
> aggrmode=yes
> left=192.168.4.202
> leftid=111.111.111.111
> leftsubnet=192.168.4.0/24
> leftnexthop=%defaultroute
> right=222.222.222.222
> rightsubnet=172.20.11.0/24
> rightnexthop=%defaultroute
> keylife=3600
> ikelifetime=28800
>
>
>
> [root at localhost ipsec.d]# cat /etc/ipsec.d/vpn1.secrets
> 192.168.4.202 222.222.222.222 : PSK "secret"
>
>
> Jan 7 03:18:40 localhost pluto[18449]: packet from 222.222.222.222:500:
> received Vendor ID payload [RFC 3947] method set to=109
> Jan 7 03:18:40 localhost pluto[18449]: packet from 222.222.222.222:500:
> ignoring unknown Vendor ID payload [8f8d83826d246b6fc7a8a6a428c11de8]
> Jan 7 03:18:40 localhost pluto[18449]: packet from 222.222.222.222:500:
> ignoring unknown Vendor ID payload [439b59f8ba676c4c7737ae22eab8f582]
> Jan 7 03:18:40 localhost pluto[18449]: packet from 222.222.222.222:500:
> ignoring unknown Vendor ID payload [4d1e0e136deafa34c4f3ea9f02ec7285]
> Jan 7 03:18:40 localhost pluto[18449]: packet from 222.222.222.222:500:
> ignoring unknown Vendor ID payload [80d0bb3def54565ee84645d4c85ce3ee]
> Jan 7 03:18:40 localhost pluto[18449]: packet from 222.222.222.222:500:
> ignoring unknown Vendor ID payload [9909b64eed937c6573de52ace952fa6b]
> Jan 7 03:18:40 localhost pluto[18449]: packet from 222.222.222.222:500:
> received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-03] meth=108, but
> already using method 109
> Jan 7 03:18:40 localhost pluto[18449]: packet from 222.222.222.222:500:
> received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02] meth=107, but
> already using method 109
> Jan 7 03:18:40 localhost pluto[18449]: packet from 222.222.222.222:500:
> received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02] meth=107, but
> already using method 109
> Jan 7 03:18:40 localhost pluto[18449]: packet from 222.222.222.222:500:
> ignoring unknown Vendor ID payload [16f6ca16e4a4066d83821a0f0aeaa862]
> Jan 7 03:18:40 localhost pluto[18449]: packet from 222.222.222.222:500:
> received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-00]
> Jan 7 03:18:40 localhost pluto[18449]: packet from 222.222.222.222:500:
> initial Aggressive Mode message from 222.222.222.222 but no (wildcard)
> connection has been configured with policy=PSK+AGGRESSIVE
>
>
> I have been googling for the last two days and I can't find anything. Do
> any of you know what I keep getting that last error ?
>
> Jan 7 03:18:40 localhost pluto[18449]: packet from 222.222.222.222:500:
> initial Aggressive Mode message from 222.222.222.222 but no (wildcard)
> connection has been configured with policy=PSK+AGGRESSIVE
>
> Any help would be great.
>
> Thanks
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.openswan.org/pipermail/users/attachments/20110107/1b2ad972/attachment-0001.html
More information about the Users
mailing list