[Openswan Users] Openswan as a VPN server for VPNC client

SaRaVanAn saravanan.nagarajan87 at gmail.com
Thu Mar 15 08:30:17 EDT 2012


Hi Paul,
   I m trying to establish a remote access VPN for my VPN client with
openswan as VPN server. But I am getting the below error message
[root at localhost ~]# cat /var/log/messages | tail
Mar 16 17:45:18 localhost ipsec__plutorun: adjusting ipsec.d to /etc/ipsec.d
Mar 16 17:45:18 localhost ipsec__plutorun: /usr/libexec/ipsec/addconn
Non-fips mode set in /proc/sys/crypto/fips_enabled
Mar 16 17:45:18 localhost ipsec__plutorun: /usr/libexec/ipsec/addconn
Non-fips mode set in /proc/sys/crypto/fips_enabled
Mar 16 17:45:18 localhost ipsec__plutorun: /usr/libexec/ipsec/addconn
Non-fips mode set in /proc/sys/crypto/fips_enabled
Mar 16 17:45:18 localhost ipsec__plutorun: 002 added connection description
"north-east"
Mar 16 17:45:18 localhost ipsec__plutorun: multiple default routes, using
172.31.114.225 on eth0
Mar 16 17:45:18 localhost ipsec__plutorun: 003 NAT-Traversal: Trying new
style NAT-T
Mar 16 17:45:18 localhost ipsec__plutorun: 003 NAT-Traversal: ESPINUDP(1)
setup failed for new style NAT-T family IPv4 (errno=19)
Mar 16 17:45:18 localhost ipsec__plutorun: 003 NAT-Traversal: Trying old
style NAT-T
Mar 16 17:45:18 localhost ipsec__plutorun: 003 ERROR "/etc/ipsec.secrets"
line 3: index "tester" does not look numeric and name lookup failed

Topology:
+++++++

VPNC
client
GW                                 Openswan(VPN server)
10.1.1.1 ----------- 10.1.1.2  -------- 172.31.114.226 ---------
172.31.114.227

Configuration details
++++++++++++++
VPNC client
__________

Enter IPSec gateway address: 172.31.114.227
Enter IPSec ID for 172.31.114.227: test.vpn.com
Enter IPSec secret for test.vpn.com at 172.31.114.227:
test
Enter username for 172.31.114.227: tester
Enter password for tester at 172.31.114.227:
tester

/etc/ipsec.conf
+++++++++++
config setup
        protostack=netkey
        nat_traversal=yes
        virtual_private=
        oe=off
        nhelpers=0
        interfaces=%defaultroute
conn north-east
    type=tunnel
    left=%any
    right=172.31.114.227
    rightid=@test.vpn.com
    leftxauthclient=yes
    rightxauthserver=yes
    leftxauthusername=tester
    keyexchange=ike
    auto=add
    authby=secret
    pfs=no
    rekey=yes
    ikelifetime=3000s
    keylife=3000s
    keyingtries=0

/etc/ipsec.secrets
+++++++++++++

0.0.0.0 172.31.114.227: PSK "test"
tester: XAUTH "tester"


Please help me

Regards,
Saravanan N
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.openswan.org/pipermail/users/attachments/20120315/a7a469cf/attachment.html>


More information about the Users mailing list