[Openswan Users] Openswan as a VPN server for VPNC client
SaRaVanAn
saravanan.nagarajan87 at gmail.com
Thu Mar 15 08:30:17 EDT 2012
Hi Paul,
I m trying to establish a remote access VPN for my VPN client with
openswan as VPN server. But I am getting the below error message
[root at localhost ~]# cat /var/log/messages | tail
Mar 16 17:45:18 localhost ipsec__plutorun: adjusting ipsec.d to /etc/ipsec.d
Mar 16 17:45:18 localhost ipsec__plutorun: /usr/libexec/ipsec/addconn
Non-fips mode set in /proc/sys/crypto/fips_enabled
Mar 16 17:45:18 localhost ipsec__plutorun: /usr/libexec/ipsec/addconn
Non-fips mode set in /proc/sys/crypto/fips_enabled
Mar 16 17:45:18 localhost ipsec__plutorun: /usr/libexec/ipsec/addconn
Non-fips mode set in /proc/sys/crypto/fips_enabled
Mar 16 17:45:18 localhost ipsec__plutorun: 002 added connection description
"north-east"
Mar 16 17:45:18 localhost ipsec__plutorun: multiple default routes, using
172.31.114.225 on eth0
Mar 16 17:45:18 localhost ipsec__plutorun: 003 NAT-Traversal: Trying new
style NAT-T
Mar 16 17:45:18 localhost ipsec__plutorun: 003 NAT-Traversal: ESPINUDP(1)
setup failed for new style NAT-T family IPv4 (errno=19)
Mar 16 17:45:18 localhost ipsec__plutorun: 003 NAT-Traversal: Trying old
style NAT-T
Mar 16 17:45:18 localhost ipsec__plutorun: 003 ERROR "/etc/ipsec.secrets"
line 3: index "tester" does not look numeric and name lookup failed
Topology:
+++++++
VPNC
client
GW Openswan(VPN server)
10.1.1.1 ----------- 10.1.1.2 -------- 172.31.114.226 ---------
172.31.114.227
Configuration details
++++++++++++++
VPNC client
__________
Enter IPSec gateway address: 172.31.114.227
Enter IPSec ID for 172.31.114.227: test.vpn.com
Enter IPSec secret for test.vpn.com at 172.31.114.227:
test
Enter username for 172.31.114.227: tester
Enter password for tester at 172.31.114.227:
tester
/etc/ipsec.conf
+++++++++++
config setup
protostack=netkey
nat_traversal=yes
virtual_private=
oe=off
nhelpers=0
interfaces=%defaultroute
conn north-east
type=tunnel
left=%any
right=172.31.114.227
rightid=@test.vpn.com
leftxauthclient=yes
rightxauthserver=yes
leftxauthusername=tester
keyexchange=ike
auto=add
authby=secret
pfs=no
rekey=yes
ikelifetime=3000s
keylife=3000s
keyingtries=0
/etc/ipsec.secrets
+++++++++++++
0.0.0.0 172.31.114.227: PSK "test"
tester: XAUTH "tester"
Please help me
Regards,
Saravanan N
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.openswan.org/pipermail/users/attachments/20120315/a7a469cf/attachment.html>
More information about the Users
mailing list