[Openswan Users] Ubuntu 14.04 (AWS VPC) IPSec Tunnel to Cisco
Neal P. Murphy
neal.p.murphy at alum.wpi.edu
Wed Oct 21 17:12:58 EDT 2015
On Wed, 21 Oct 2015 13:46:44 -0400
Ed Nitido <ednitido at gmail.com> wrote:
> Hello all,
>
> I've been trying to set up a server-to-server IPSec VPN tunnel from a
> Ubuntu 14.04 server hosted in Amazon to a clients Cisco (the logs say it's
> a Cisco VPN 3000 Series).
>
> I am new to IPSec so to test, i created 2 VPCs in amazon following this
> guide http://aws.amazon.com/articles/5472675506466066. It worked, when I
> checked ipsec status, it said I had 2 tunnels up.
>
> Now, when I connect to the client, I get some weird messages in my pluto
> log.
>
>
> "net2net" #1: received Vendor ID payload [Cisco-Unity]
> "net2net" #1: received Vendor ID payload [XAUTH]
> "net2net" #1: received Vendor ID payload [Dead Peer Detection]
> "net2net" #1: received Vendor ID payload [RFC 3947] method set to=115
> "net2net" #1: ignoring Vendor ID payload [Cisco IKE Fragmentation]
> "net2net" #1: ignoring Vendor ID payload [Cisco VPN 3000 Series]
> "net2net" #1: protocol/port in Phase 1 ID Payload MUST be 0/0 or 17/500 but
> are 17/0 (attempting to continue)
> "net2net" #1: Aggressive mode peer ID is ID_IPV4_ADDR: '172.28.100.10'
My suggestion: turn off aggressive mode; see if that makes things smoother.
N
More information about the Users
mailing list