Sorry, my system responded to your personal email. Now changed to group.<br><br>I added and connection goes to the right CONN NAME but i got this error when trying to connect:<br><br><a href="mailto:Users@lists.openswan.org"></a>Mar 27 16:21:44 vpn01 pluto[739]: packet from 193.XXX.XXX.XXX:500: ignoring Vendor ID payload [MS NT5 ISAKMPOAKLEY 00000004]<br>
Mar 27 16:21:44 vpn01 pluto[739]: packet from 193.XXX.XXX.XXX:500: ignoring Vendor ID payload [FRAGMENTATION]<br>Mar 27 16:21:44 vpn01 pluto[739]: packet from 193.XXX.XXX.XXX:500: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02_n] method set to=106<br>
Mar 27 16:21:44 vpn01 pluto[739]: packet from 193.XXX.XXX.XXX:500: ignoring Vendor ID payload [Vid-Initial-Contact]<br>Mar 27 16:21:44 vpn01 pluto[739]: "ROADW-NAT-NEWCA"[2] 193.XXX.XXX.XXX #32748: responding to Main Mode from unknown peer 193.XXX.XXX.XXX<br>
Mar 27 16:21:44 vpn01 pluto[739]: "ROADW-NAT-NEWCA"[2] 193.XXX.XXX.XXX #32748: transition from state STATE_MAIN_R0 to state STATE_MAIN_R1<br>Mar 27 16:21:44 vpn01 pluto[739]: "ROADW-NAT-NEWCA"[2] 193.XXX.XXX.XXX #32748: STATE_MAIN_R1: sent MR1, expecting MI2<br>
Mar 27 16:21:45 vpn01 pluto[739]: "ROADW-NAT-NEWCA"[2] 193.XXX.XXX.XXX #32748: NAT-Traversal: Result using draft-ietf-ipsec-nat-t-ike-02/03: peer is NATed<br>Mar 27 16:21:45 vpn01 pluto[739]: "ROADW-NAT-NEWCA"[2] 193.XXX.XXX.XXX #32748: transition from state STATE_MAIN_R1 to state STATE_MAIN_R2<br>
Mar 27 16:21:45 vpn01 pluto[739]: "ROADW-NAT-NEWCA"[2] 193.XXX.XXX.XXX #32748: STATE_MAIN_R2: sent MR2, expecting MI3<br>Mar 27 16:21:45 vpn01 pluto[739]: "ROADW-NAT-NEWCA"[2] 193.XXX.XXX.XXX #32748: Main mode peer ID is ID_DER_ASN1_DN: 'C=PL, ST=Malopolska, L=Krakow, O=Company S.A, OU=Dept, CN=user001, E=user001'<br>
Mar 27 16:21:45 vpn01 pluto[739]: "ROADW-NAT-NEWCA"[2] 193.XXX.XXX.XXX #32748: no crl from issuer "C=PL, ST=Malopolskie, L=Cracow, O=Company S.A, CN=Company S.A PROD CA, E=<a href="mailto:admin@company.pl">admin@company.pl</a>" found (strict=no)<br>
Mar 27 16:21:45 vpn01 pluto[739]: "ROADW-NAT-NEWCA"[2] 193.XXX.XXX.XXX #32748: no suitable connection for peer 'C=PL, ST=Malopolska, L=Krakow, O=Company S.A, OU=Dept, CN=user001, E=user001'<br>Mar 27 16:21:45 vpn01 pluto[739]: "ROADW-NAT-NEWCA"[2] 193.XXX.XXX.XXX #32748: sending encrypted notification INVALID_ID_INFORMATION to 193.XXX.XXX.XXX:500<br>
Mar 27 16:21:45 vpn01 pluto[739]: "ROADW-NAT-NEWCA"[2] 193.XXX.XXX.XXX #32748: Main mode peer ID is ID_DER_ASN1_DN: 'C=PL, ST=Malopolska, L=Krakow, O=Company S.A, OU=Dept, CN=user001, E=user001'<br>Mar 27 16:21:45 vpn01 pluto[739]: "ROADW-NAT-NEWCA"[2] 193.XXX.XXX.XXX #32748: no crl from issuer "C=PL, ST=Malopolskie, L=Cracow, O=Company S.A, CN=Company S.A PROD CA, E=<a href="mailto:admin@company.pl">admin@company.pl</a>" found (strict=no)<br>
Mar 27 16:21:45 vpn01 pluto[739]: "ROADW-NAT-NEWCA"[2] 193.XXX.XXX.XXX #32748: no suitable connection for peer 'C=PL, ST=Malopolska, L=Krakow, O=Company S.A, OU=Dept, CN=user001, E=user001'<br>Mar 27 16:21:45 vpn01 pluto[739]: "ROADW-NAT-NEWCA"[2] 193.XXX.XXX.XXX #32748: sending encrypted notification INVALID_ID_INFORMATION to 193.XXX.XXX.XXX:500<br>
Mar 27 16:21:47 vpn01 pluto[739]: "ROADW-NAT-NEWCA"[2] 193.XXX.XXX.XXX #32748: Main mode peer ID is ID_DER_ASN1_DN: 'C=PL, ST=Malopolska, L=Krakow, O=Company S.A, OU=Dept, CN=user001, E=user001'<br>Mar 27 16:21:47 vpn01 pluto[739]: "ROADW-NAT-NEWCA"[2] 193.XXX.XXX.XXX #32748: no crl from issuer "C=PL, ST=Malopolskie, L=Cracow, O=Company S.A, CN=Company S.A PROD CA, E=<a href="mailto:admin@company.pl">admin@company.pl</a>" found (strict=no)<br>
Mar 27 16:21:47 vpn01 pluto[739]: "ROADW-NAT-NEWCA"[2] 193.XXX.XXX.XXX #32748: no suitable connection for peer 'C=PL, ST=Malopolska, L=Krakow, O=Company S.A, OU=Dept, CN=user001, E=user001'<br>Mar 27 16:21:47 vpn01 pluto[739]: "ROADW-NAT-NEWCA"[2] 193.XXX.XXX.XXX #32748: sending encrypted notification INVALID_ID_INFORMATION to 193.XXX.XXX.XXX:500<br>
<br><br><div class="gmail_quote">2012/3/27 Tuomo Soini <span dir="ltr"><<a href="mailto:tis@foobar.fi">tis@foobar.fi</a>></span><br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
<div class="im">On Tue, 27 Mar 2012 15:43:51 +0200<br>
Adam Rybak <<a href="mailto:arybak@ar-it.pl">arybak@ar-it.pl</a>> wrote:<br>
<br>
> I tried to add second with correct cert (with new ca) but connection<br>
> was handled by first...<br>
<br>
</div>Please, don't drop discussion off the list.<br>
<br>
rightca=%same for both conns.<br>
<div class="HOEnZb"><div class="h5"><br>
<br>
--<br>
Tuomo Soini <<a href="mailto:tis@foobar.fi">tis@foobar.fi</a>><br>
Foobar Linux services<br>
<a href="tel:%2B358%2040%205240030" value="+358405240030">+358 40 5240030</a><br>
Foobar Oy <<a href="http://foobar.fi/" target="_blank">http://foobar.fi/</a>><br>
_______________________________________________<br>
<a href="mailto:Users@lists.openswan.org">Users@lists.openswan.org</a><br>
<a href="https://lists.openswan.org/mailman/listinfo/users" target="_blank">https://lists.openswan.org/mailman/listinfo/users</a><br>
Micropayments: <a href="https://flattr.com/thing/38387/IPsec-for-Linux-made-easy" target="_blank">https://flattr.com/thing/38387/IPsec-for-Linux-made-easy</a><br>
Building and Integrating Virtual Private Networks with Openswan:<br>
<a href="http://www.amazon.com/gp/product/1904811256/104-3099591-2946327?n=283155" target="_blank">http://www.amazon.com/gp/product/1904811256/104-3099591-2946327?n=283155</a><br>
</div></div></blockquote></div><br>