Hi Adam on 06.12.2012 09:16, ads...@genis-x.com wrote: > Hi guys, > > I know this should go to the openswan list, but no one seems to want to help > or respond. I was hoping one of you guys might be able to help me out.
I guess they were either shocked or intimidated by your multi connection
set up.
I must admit it is rather surprising :-)
>
>
>
> I'm having an issue setting up a tunnel that I need some help with.
>
>
>
> I have included the relevant files below
>
>
> My first issue is when I start ipsec I get the following error:
>
>
>
> Dec 6 13:51:30 firewall ipsec__plutorun: 023 address family inconsistency
> in this connection=2 host=2/nexthop=0
>
> Dec 6 13:51:30 firewall ipsec__plutorun: 037 attempt to load incomplete
> connection
>
> Dec 6 13:51:30 firewall ipsec__plutorun: 023 address family inconsistency
> in this connection=2 host=2/nexthop=0
>
> Dec 6 13:51:30 firewall ipsec__plutorun: 037 attempt to load incomplete
> connection
looks like your conn is broken, maybe you should try with more simple
{left|right}subnet settings
Also you don't use %defaultroute on the xxnexthop parameters. I for once
use it on left=%defaultroute. I _believe_ you cannot have your type of
interface definition in the setup config if you want to use
%defaultroute for left.
I would suggest to leave away the interfaces description in the setup
config and use left=%defaultroute
>
>
>
> My second issue is the right side can't connect.
>
> packet from 119.225.115.131:500: ignoring unknown Vendor ID payload
> [f4ed19e0c114eb516faaac0ee37daf2807b4381f000000010000138d50c009ee...]
>
> packet from 119.225.115.131:500: initial Main Mode message received on
> 103.29.172.40:500 but no connection has been authorized with policy=PSK
This appears to be a consequence of the above.
>
> packet from 119.225.115.131:500: ignoring unknown Vendor ID payload
> [f4ed19e0c114eb516faaac0ee37daf2807b4381f000000010000138d50c009ee...]
>
> packet from 119.225.115.131:500: initial Main Mode message received on
> 103.29.172.40:500 but no connection has been authorized with policy=PSK
>
>
>
> Can anyone help me on where to go from here?
cheers
Erich
smime.p7s
Description: S/MIME Kryptografische Unterschrift
------------------------------------------------------------------------------ LogMeIn Rescue: Anywhere, Anytime Remote support for IT. Free Trial Remotely access PCs and mobile devices and provide instant support Improve your efficiency, and focus on delivering more value-add services Discover what IT Professionals Know. Rescue delivers http://p.sf.net/sfu/logmein_12329d2d
------------------------------------------------------------------------ leaf-user mailing list: leaf-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/leaf-user Support Request -- http://leaf-project.org/
