[Openswan Users] Openswan site-to-site VPN
Tyller D
tyllerd at gmail.com
Fri Jan 7 13:07:16 EST 2011
Hi
Thanks paul, its my first time with ipsec on linux and when I couldn't get
openswan to work I tried strongswan I must have forgotten to take the
keywords out.
How ever it is all working now.
Thanks
On Fri, Jan 7, 2011 at 7:07 PM, Paul Wouters <paul at xelerance.com> wrote:
> On Fri, 7 Jan 2011, Tyller D wrote:
>
> I'm having an issue trying to setup a vpn between my linux box running
>> Openswan and a load balancing appliance called Hotbrick.
>>
>
> OpenSwan
>> Hotbrick
>> LocalIP:
>> 192.168.4.202
>> LocalIP: 192.168.1.1
>> PublicIP: 111.111.111.111
>> PublicIP: 222.222.222.222
>>
>
> conn mynatconn
>> type=tunnel
>> authby=secret
>> keyexchange=ike1
>>
>
> that is not a valid openswan keyword.
>
>
> auto=start
>> pfs=no
>> ike=3des-md5-modp1024
>> esp=3des-md5
>> auth=esp
>> aggrmode=yes
>> left=192.168.4.202
>> leftid=111.111.111.111
>> leftsubnet=192.168.4.0/24
>> leftnexthop=%defaultroute
>> right=222.222.222.222
>> rightsubnet=172.20.11.0/24
>> rightnexthop=%defaultroute
>> keylife=3600
>> ikelifetime=28800
>>
>
> Jan 7 03:18:40 localhost pluto[18449]: packet from 222.222.222.222:500:
>> initial Aggressive Mode message from 222.222.222.222 but no (wildcard)
>> connection has been configured with policy=PSK+AGGRESSIVE
>>
>
> My guess is your connection did not actually load because of the
> keyexchange= line.
> I guess it is coming from strongswan?
>
> Paul
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.openswan.org/pipermail/users/attachments/20110107/2e8a9e50/attachment.html
More information about the Users
mailing list