[Openswan Users] amazon aws to checkpoint connection problem:

[Eero Volotinen]

Hi List,

Trying to connect from my amazon instance to checkpoint located outside of
amazon, but no success:

000 stats db_ops: {curr_cnt, total_cnt, maxsz} :context={0,0,0}
trans={0,0,0} attrs={0,0,0}

000

000 "customer":
54.77.134.140/32===172.31.27.63[54.77.134.140,+S=C]---172.31.16.1...91.221.238.39
<91.221.238.39>[+S=C]===91.221.239.6/32; prospective erouted; eroute owner:
#0

000 "customer":     myip=54.77.134.140; hisip=unset;

000 "customer":   ike_life: 86400s; ipsec_life: 3600s; rekey_margin: 540s;
rekey_fuzz: 100%; keyingtries: 0; nat_keepalive: yes

000 "customer":   policy: PSK+ENCRYPT+TUNNEL+PFS+UP+lKOD+rKOD; prio: 32,32;
interface: eth0;

000 "customer":   newest ISAKMP SA: #1; newest IPsec SA: #0;

000 "customer":   IKE algorithms wanted:
AES_CBC(7)_256-SHA1(2)_000-MODP1024(2); flags=-strict

000 "customer":   IKE algorithms found:
AES_CBC(7)_256-SHA1(2)_160-MODP1024(2)

000 "customer":   IKE algorithm newest: AES_CBC_256-SHA1-MODP1024

000

000 #5: "customer":500 STATE_QUICK_I1 (sent QI1, expecting QR1);
EVENT_RETRANSMIT in 7s; nodpd; idle; import:admin initiate

000 #1: "customer":500 STATE_MAIN_I4 (ISAKMP SA established);
EVENT_SA_REPLACE in 85174s; newest ISAKMP; nodpd; idle; import:admin
initiate

any clues? big thanks.

--
Eero
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openswan.org/pipermail/users/attachments/20140904/075e0027/attachment.html>