[Openswan Users] Can't initiate "phase 2"
"Wilfredo I. Pachón López"
wilfredcom at gmail.com
Fri Apr 27 09:34:49 EDT 2012
Thanks a lot friends,
The problem was with the PSK by a typo in the CISCO (stupid situation
but this are the last check because they was documented before but a
human error forget one character).
> I am trying to setup a VPN with Openswan and a CISCO ASA 5540 router,
> i readed many documentation and for me based on this all is fine, but
> this doesn't work.
> ike=3DES-SHA1-modp1024
> openswan wants these in lower case and you should add ! at the end for
> strictness..
>
> ike=3des-sha1-modp1024!
Thanks, now they works well without changes but i'll try this soon
> I'd guess this SECRET has a typo... and don't enable debug logging -
> it doesn't help to find configuration issues. Successful phase1
> negotiation you can find from the log as "ISAKMP SA"
You where correct, but i think the log confused me because they say the
phase1 ended fine and the PSK is negotiated in this phase. Probably
because i'm so new in this system i don't interpreted well this info
More information about the Users
mailing list