<b></b>Hi Team, <br><br><blockquote class="gmail_quote" style="margin:0pt 0pt 0pt 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex">i am facing the below problem. Please help me <br>
[root@localhost ~]# cat /var/log/secure | tail<br>Mar 16 20:29:48 localhost pluto[9955]: | find_host_pair: comparing to <a href="http://172.31.114.227:500/" target="_blank">172.31.114.227:500</a> <a href="http://0.0.0.0:500/" target="_blank">0.0.0.0:500</a><br>
Mar 16 20:29:48 localhost pluto[9955]: | find_host_pair_conn (find_host_connection2): <a href="http://172.31.114.227:500/" target="_blank">172.31.114.227:500</a> %any:500 -> hp:north-east<br>Mar 16 20:29:48 localhost pluto[9955]: | searching for connection with policy = PSK+AGGRESSIVE<br>
Mar 16 20:29:48 localhost pluto[9955]: | found policy = PSK+ENCRYPT+TUNNEL+IKEv2ALLOW+<div id=":2kn">SAREFTRACK (north-east)<br><b>Mar 16 20:29:48 localhost pluto[9955]: | find_host_connection2 returns empty<br>Mar 16 20:29:48 localhost pluto[9955]: packet from <a href="http://172.31.114.226:500/" target="_blank">172.31.114.226:500</a>:
initial Aggressive Mode message from 172.31.114.226 but no (wildcard)
connection has been configured with policy=PSK+AGGRESSIVE</b><br>
Mar 16 20:29:48 localhost pluto[9955]: | complete state transition with STF_IGNORE<br>Mar 16 20:29:48 localhost pluto[9955]: | * processed 0 messages from cryptographic helpers<br>Mar 16 20:29:48 localhost pluto[9955]: | next event EVENT_PENDING_DDNS in 42 seconds<br>
Mar 16 20:29:48 localhost pluto[9955]: | next event EVENT_PENDING_DDNS in 42 seconds<br><br>Topology:<br>+++++++<br><br>VPNC<br>client <div id=":2un"> GW Openswan(VPN server)<br>
10.1.1.1 ----------- 10.1.1.2 -------- 172.31.114.226 --------- 172.31.114.227<br>
</div><br><br>Peer conf<br>++++++<br><br>[root@localhost ~]# vim /etc/vpnc.conf<br><br>IPSec gateway 172.31.114.227<br>IPSec ID <a href="http://tester.vpn.com/" target="_blank">tester.vpn.com</a><br>
IPSec secret test<br>Xauth username tester<br>Xauth password tester<div class="yj6qo ajU"><div id=":2qs" class="ajR" tabindex="0"><img class="ajT" src="images/cleardot.gif"></div></div></div>
</blockquote><div class="gmail_quote"><div class="HOEnZb"><div class="h5">/etc/ipsec.conf<br>++++++++<br>
</div></div></div>config setup<br> # Debug-logging controls: "none" for (almost) none, "all" for lots.<br> # klipsdebug=none<br> # plutodebug="control parsing"<br> # For Red Hat Enterprise Linux and Fedora, leave protostack=netkey<br>
protostack=netkey<br> klipsdebug=all<br> plutodebug=all<br> nat_traversal=yes<br> virtual_private=<br> oe=off<br> # Enable this if you see "failed to find any available worker"<br>
nhelpers=0<br> interfaces=%defaultroute<br><br>conn north-east<br> type=tunnel<br> left=%any<br> right=172.31.114.227<br> rightid=<a href="mailto:tester@tester.vpn.com">tester@tester.vpn.com</a><br>
leftxauthclient=yes<br> rightxauthserver=yes<br> leftxauthusername=tester<br> keyexchange=ike<br> auto=add<br> authby=secret<br> pfs=no<br> rekey=yes<br> ikelifetime=3000s<br> keylife=3000s<br>
keyingtries=0<br><br>/etc/ipsec.secrets<br>++++++++++++<br>%any <a href="http://172.31.114.227">172.31.114.227</a>: PSK "test"<br>@tester : XAUTH "tester"<br><br><br>