[Openswan Users] openswan installation

Özgür Uncuoğlu (WEBSAHİBİ) ozgur at websahibi.com
Mon May 30 06:44:36 EDT 2011


full error logs may help us to find the error;

May 30 13:39:45 vpn pluto[14154]: packet from client_ip:500: ignoring Vendor ID payload [MS NT5 ISAKMPOAKLEY 00000008]
May 30 13:39:45 vpn pluto[14154]: packet from client_ip:500: received Vendor ID payload [RFC 3947] method set to=109
May 30 13:39:45 vpn pluto[14154]: packet from client_ip:500: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02_n] meth=106, but already using method 109
May 30 13:39:45 vpn pluto[14154]: packet from client_ip:500: ignoring Vendor ID payload [FRAGMENTATION]
May 30 13:39:45 vpn pluto[14154]: packet from client_ip:500: ignoring Vendor ID payload [MS-Negotiation Discovery Capable]
May 30 13:39:45 vpn pluto[14154]: packet from client_ip:500: ignoring Vendor ID payload [Vid-Initial-Contact]
May 30 13:39:45 vpn pluto[14154]: packet from client_ip:500: ignoring Vendor ID payload [IKE CGA version 1]
May 30 13:39:45 vpn pluto[14154]: packet from client_ip:500: initial Main Mode message received on server_real_ip:500 but no connection has been authorized with policy=PSK

-----Original Message-----
From: Paul Wouters [mailto:paul at xelerance.com] 
Sent: Saturday, May 28, 2011 7:32 PM
To: Özgür Uncuoğlu (WEBSAHİBİ)
Cc: users at openswan.org
Subject: Re: [Openswan Users] openswan installation


Did you use empty lines in your config inside a conn definition? That will break things

Paul

On Sat, 28 May 2011, Özgür Uncuoğlu (WEBSAHİBİ) wrote:

> Date: Sat, 28 May 2011 13:21:01 +0300
> From: "Özgür Uncuoğlu (WEBSAHİBİ)" <ozgur at websahibi.com>
> To: "users at openswan.org" <users at openswan.org>
> Subject: [Openswan Users] openswan installation
> 
> 
> Hi there,
> 
>  
> 
> Newly installed openswan (2.6.23+dfsg-1ubuntu1 )on ubuntu 10.04 x64 with two interfaces.
> 
>  
> 
> When I try to connect from my pc (Windows 7) it logs error below
> 
>  
> 
> pluto[8707]: packet from client_ip:500: initial Main Mode message received on server_real_ip:500 but no
> connection has been authorized with policy=PSK
> 
>  
> 
> ipsec.secrets
> 
>  
> 
> server_real_ip %any: PSK "sharedkey"
> 
> 192.168.1.1 %any: PSK "sharedkey"
> 
>  
> 
> a part of ipsec.conf
> 
>  
> 
> conn L2TP-PSK
> 
>         authby=secret
> 
>         pfs=no
> 
>         auto=start
> 
> #       auto=add
> 
>         keyingtries=3
> 
>         rekey=no
> 
>         ikelifetime=8h
> 
>         keylife=1h
> 
>         type=transport
> 
>         left=server’s real ip
> 
>         leftnexthop=real ip gateway (router)
> 
>         leftprotoport=17/1701
> 
> #       leftprotoport=17/%any
> 
>  
> 
> #       right=%any
> 
> #       rightsubnet=vhost:%no,%priv
> 
>  
> 
>         right=192.168.1.1
> 
>         rightsubnet=192.168.1.0/24
> 
>         rightprotoport=17/0
> 
>  
> 
>  
> 
> googled lots of  page..lost in configurations
> 
> lot of combinations tried but …L
> 
>  
> 
> thnx in advance
> 
>  
> 
>  
> 
>  
> 
> Özgür UNCUOĞLU
> 
> Websahibi Internet Hizmetleri
> 
> Datacenter Koordinatörü
> 
> cid:image001.png at 01CA2FB6.7CDAD530
> 
>  
> 
> 
>


More information about the Users mailing list