[Openswan Users] Openswan site-to-site VPN
Paul Wouters
paul at xelerance.com
Fri Jan 7 12:07:56 EST 2011
On Fri, 7 Jan 2011, Tyller D wrote:
> I'm having an issue trying to setup a vpn between my linux box running Openswan and a load balancing appliance called Hotbrick.
> OpenSwan Hotbrick
> LocalIP: 192.168.4.202 LocalIP: 192.168.1.1
> PublicIP: 111.111.111.111 PublicIP: 222.222.222.222
> conn mynatconn
> type=tunnel
> authby=secret
> keyexchange=ike1
that is not a valid openswan keyword.
> auto=start
> pfs=no
> ike=3des-md5-modp1024
> esp=3des-md5
> auth=esp
> aggrmode=yes
> left=192.168.4.202
> leftid=111.111.111.111
> leftsubnet=192.168.4.0/24
> leftnexthop=%defaultroute
> right=222.222.222.222
> rightsubnet=172.20.11.0/24
> rightnexthop=%defaultroute
> keylife=3600
> ikelifetime=28800
> Jan 7 03:18:40 localhost pluto[18449]: packet from 222.222.222.222:500: initial Aggressive Mode message from 222.222.222.222 but no (wildcard)
> connection has been configured with policy=PSK+AGGRESSIVE
My guess is your connection did not actually load because of the keyexchange= line.
I guess it is coming from strongswan?
Paul
More information about the Users
mailing list