[Openswan Users] "We cannot identify ourselves with either end of this connection." on EC2 instance
Amos Shapira
amos.shapira at gmail.com
Mon Jan 18 23:47:20 EST 2016
Hello,
I'm trying to connect an EC2 instance to an Amazon Virtual gateway using
openswan.
My configuration:
1. Ubuntu Trusty, up to date.
2. Openswan 2.6.38 from the standard Ubuntu package.
The following configuration (real IP's slightly obscured) worked for me
before when I did manual tests:
conn sing-sydney
type=tunnel
authby=secret
forceencaps=yes
auto=start
left=%defaultroute
leftid=52.74.73.X
#leftsourceip=52.74.73.X
leftnexthop=%defaultroute
leftsubnet=172.28.0.0/16
right=52.64.16.Y
rightid=52.64.16.Y
rightsubnet=172.27.0.0/16
But now when I try to re-create the instance from scratch (I'm automating
the setup) I get the error '"sing-sydney": We cannot identify ourselves
with either end of this connection.'.
The IP addresses 52.74.73.X and 52.64.16.Y are Elastic IP's (i.e. they are
permanent). From what I found the issue is that the IP address is not
configured on any of the EC2 instance interfaces directly so I tried to add
the external address to the eth0 by executing 'ip addr add 52.74.73.X dev
eth0`, which was also the way things worked in the old setup, but that
doesn't help.
I suppose I'm missing another piece of configuration from the working setup
but I don't see what (and the old setup is gone by now).
So what am I missing to make it work?
Thanks,
--Amos
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openswan.org/pipermail/users/attachments/20160119/93e8c6d2/attachment.html>
More information about the Users
mailing list