[Openswan Users] Linux --> Juniper
Alejandro Perretta
aperretta at dineromail.com
Wed Oct 19 09:15:16 EDT 2011
I have a linux with openswan , im new with opensway (Linux Openswan
U2.6.23/K2.6.32-34-server (netkey)
I need to connect to a juniper device with this config
my point
200.41.xxx.xxx
my net 192.168.10.0/24
the other point
189.xxx.xxx.xxx
the net on the other side 70.30.1./24
i have this conf in my ipsec.conf
conn tunnel
type=tunnel
auth=esp
authby=secret
left=200.41.xxx.xxx
leftsubnet=172.30.0.0/24
rightsubnet=172.30.1.0/24
right=189..xxx.xxx.xxx
esp=aes256-sha1
auto=start
When i try to connect ive get this errors...
Oct 19 10:12:23 DMLX01 pluto[5916]: | got payload 0x20(ISAKMP_NEXT_ID)
needed: 0x0 opt: 0x200030
Oct 19 10:12:23 DMLX01 pluto[5916]: | ***parse ISAKMP Identification Payload
(IPsec DOI):
Oct 19 10:12:23 DMLX01 pluto[5916]: | next payload type: ISAKMP_NEXT_ID
Oct 19 10:12:23 DMLX01 pluto[5916]: | length: 12
Oct 19 10:12:23 DMLX01 pluto[5916]: | ID type: ID_IPV4_ADDR
Oct 19 10:12:23 DMLX01 pluto[5916]: | Protocol ID: 0
Oct 19 10:12:23 DMLX01 pluto[5916]: | port: 0
Oct 19 10:12:23 DMLX01 pluto[5916]: | obj: c0 a8 0a 3b 00 00 00 0c
01 00 00 00
Oct 19 10:12:23 DMLX01 pluto[5916]: | got payload 0x20(ISAKMP_NEXT_ID)
needed: 0x0 opt: 0x200030
Oct 19 10:12:23 DMLX01 pluto[5916]: | ***parse ISAKMP Identification Payload
(IPsec DOI):
Oct 19 10:12:23 DMLX01 pluto[5916]: | next payload type: ISAKMP_NEXT_NONE
Oct 19 10:12:23 DMLX01 pluto[5916]: | length: 12)Oct 19 10:12:23 DMLX01
pluto[5916]: | ID type: ID_IPV4_ADDR
Oct 19 10:12:23 DMLX01 pluto[5916]: | Protocol ID: 0
Oct 19 10:12:23 DMLX01 pluto[5916]: | port: 0
Oct 19 10:12:23 DMLX01 pluto[5916]: | obj: ac 1e 01 03 00 00 00 00
91 35 2a 60
Oct 19 10:12:23 DMLX01 pluto[5916]: | removing 4 bytes of padding
Oct 19 10:12:23 DMLX01 pluto[5916]: | peer client is 192.168.10.59
Oct 19 10:12:23 DMLX01 pluto[5916]: | peer client protocol/port is 0/0
Oct 19 10:12:23 DMLX01 pluto[5916]: | our client is 172.30.1.3
Oct 19 10:12:23 DMLX01 pluto[5916]: | our client protocol/port is 0/0
Oct 19 10:12:23 DMLX01 pluto[5916]: "tunnel" #20: the peer proposed:
172.30.1.3/32:0/0 -> 192.168.10.59/32:0/0
Oct 19 10:12:23 DMLX01 pluto[5916]: "tunnel" #20: cannot respond to IPsec SA
request because no connection is known for 172.30.1.3/32===200.41.xxx.xxx
>[+S=C]...189.xxxxx<189.xxxx>[+S=C]===192.168.10.59/32
Oct 19 10:12:23 DMLX01 pluto[5916]: | complete state transition with (null)
Oct 19 10:12:23 DMLX01 pluto[5916]: "tunnel" #20: sending encrypted
notification INVALID_ID_INFORMATION to 189.xxxxxx:500
Oct 19 10:12:23 DMLX01 pluto[5916]: | sending 76 bytes for notification
packet through eth1:500 to 189xxxx:500 (using #20)
Oct 19 10:12:23 DMLX01 pluto[5916]: | state transition function for
STATE_QUICK_R0 failed: INVALID_ID_INFORMATION
Oct 19 10:12:23 DMLX01 pluto[5916]: | * processed 0 messages from
cryptographic helpers
Oct 19 10:12:23 DMLX01 pluto[5916]: | next event EVENT_PENDING_DDNS in 19
seconds
any help ????
--
Alejandro Perretta
Tecnologia
Humboldt 2495 piso 4
<fsosa at dineromail.com>Tel. (+54) 11 5275-1700
DineroMail Argentina
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.openswan.org/pipermail/users/attachments/20111019/70f6129b/attachment-0001.html
More information about the Users
mailing list