[Openswan Users] OpenSwan redhat 6 to Windows 2008 woes

[Burton, Jim]

I am completely new to setting up VPN, and have asked to get what should be a simple host-to-host connection from one of my RedHat 6 servers to a Windows 2008 server.

We are trying this with a preshared key. The configuration (ipsec.conf) on my side is...
--------
config setup
     # Debug-logging controls:  "none" for (almost) none, "all" for lots.
     klipsdebug="none"
     plutodebug="none"
     # For Red Hat Enterprise Linux and Fedora, leave protostack=netkey
     protostack=netkey
     #nat_traversal=yes
     virtual_private=
     oe=off
     # Enable this if you see "failed to find any available worker"
     # nhelpers=0

conn host-to-host

    right=10.194.33.90
    left=10.1.91.207
#    left=10.194.33.100   # from testing successful connection with a linux box
     type=transport
     pfs=no
     auto=route
     authby=secret
--------

This is failing with...

# ipsec auto --up host-to-host
104 "host-to-host" #1: STATE_MAIN_I1: initiate
003 "host-to-host" #1: ignoring informational payload, type NO_PROPOSAL_CHOSEN msgid=00000000
003 "host-to-host" #1: received and ignored informational message
010 "host-to-host" #1: STATE_MAIN_I1: retransmission; will wait 20s for response
003 "host-to-host" #1: ignoring informational payload, type NO_PROPOSAL_CHOSEN msgid=00000000

It is also failing when the connection is attempted from the Windows box. I've sent my config info to the Windows admin, and he says he does not see anything wrong, that is should work with what he has set up.

As a test, I set up OpenSwan on another Redhat box, and was able to get a connection established without a problem.

Any ideas? I am not sure what to make of "NO_PROPOSAL_CHOSEN"

Is OpenSwan compatible with Windows 8 ipsec?
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openswan.org/pipermail/users/attachments/20160202/d0559d12/attachment.html>