[Openswan Users] amazon aws to checkpoint connection problem:

Eero Volotinen eero.volotinen at iki.fi
Thu Sep 4 07:39:12 EDT 2014

Hi List,

Trying to connect from my amazon instance to checkpoint located outside of
amazon, but no success:

000 stats db_ops: {curr_cnt, total_cnt, maxsz} :context={0,0,0}
trans={0,0,0} attrs={0,0,0}


000 "customer":[,+S=C]---
<>[+S=C]===; prospective erouted; eroute owner:

000 "customer":     myip=; hisip=unset;

000 "customer":   ike_life: 86400s; ipsec_life: 3600s; rekey_margin: 540s;
rekey_fuzz: 100%; keyingtries: 0; nat_keepalive: yes

000 "customer":   policy: PSK+ENCRYPT+TUNNEL+PFS+UP+lKOD+rKOD; prio: 32,32;
interface: eth0;

000 "customer":   newest ISAKMP SA: #1; newest IPsec SA: #0;

000 "customer":   IKE algorithms wanted:
AES_CBC(7)_256-SHA1(2)_000-MODP1024(2); flags=-strict

000 "customer":   IKE algorithms found:

000 "customer":   IKE algorithm newest: AES_CBC_256-SHA1-MODP1024


000 #5: "customer":500 STATE_QUICK_I1 (sent QI1, expecting QR1);
EVENT_RETRANSMIT in 7s; nodpd; idle; import:admin initiate

000 #1: "customer":500 STATE_MAIN_I4 (ISAKMP SA established);
EVENT_SA_REPLACE in 85174s; newest ISAKMP; nodpd; idle; import:admin

any clues? big thanks.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openswan.org/pipermail/users/attachments/20140904/075e0027/attachment.html>

More information about the Users mailing list