Hi Adam

on 06.12.2012 09:16, ads...@genis-x.com wrote:
> Hi guys,
> 
> I know this should go to the openswan list, but no one seems to want to help
> or respond. I was hoping one of you guys might be able to help me out.

I guess they were either shocked or intimidated by your multi connection
set up.
I must admit it is rather surprising :-)

> 
> 
> 
> I'm having an issue setting up a tunnel that I need some help with.
> 
>  
> 
> I have included the relevant files below
> 
> 
> My first issue is when I start ipsec I get the following error:
> 
>  
> 
> Dec  6 13:51:30 firewall ipsec__plutorun: 023 address family inconsistency
> in this connection=2 host=2/nexthop=0
> 
> Dec  6 13:51:30 firewall ipsec__plutorun: 037 attempt to load incomplete
> connection
> 
> Dec  6 13:51:30 firewall ipsec__plutorun: 023 address family inconsistency
> in this connection=2 host=2/nexthop=0
> 
> Dec  6 13:51:30 firewall ipsec__plutorun: 037 attempt to load incomplete
> connection

looks like your conn is broken, maybe you should try with more simple
{left|right}subnet settings

Also you don't use %defaultroute on the xxnexthop parameters. I for once
use it on left=%defaultroute. I _believe_ you cannot have your type of
interface definition in the setup config if you want to use
%defaultroute for left.

I would suggest to leave away the interfaces description in the setup
config and use left=%defaultroute

> 
>  
> 
> My second issue is the right side can't connect.
> 
> packet from 119.225.115.131:500: ignoring unknown Vendor ID payload
> [f4ed19e0c114eb516faaac0ee37daf2807b4381f000000010000138d50c009ee...]
> 
> packet from 119.225.115.131:500: initial Main Mode message received on
> 103.29.172.40:500 but no connection has been authorized with policy=PSK

This appears to be a consequence of the above.

> 
> packet from 119.225.115.131:500: ignoring unknown Vendor ID payload
> [f4ed19e0c114eb516faaac0ee37daf2807b4381f000000010000138d50c009ee...]
> 
> packet from 119.225.115.131:500: initial Main Mode message received on
> 103.29.172.40:500 but no connection has been authorized with policy=PSK
> 
>  
> 
> Can anyone help me on where to go from here?

cheers

Erich


Attachment: smime.p7s
Description: S/MIME Kryptografische Unterschrift

------------------------------------------------------------------------------
LogMeIn Rescue: Anywhere, Anytime Remote support for IT. Free Trial
Remotely access PCs and mobile devices and provide instant support
Improve your efficiency, and focus on delivering more value-add services
Discover what IT Professionals Know. Rescue delivers
http://p.sf.net/sfu/logmein_12329d2d
------------------------------------------------------------------------
leaf-user mailing list: leaf-user@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/leaf-user
Support Request -- http://leaf-project.org/

Reply via email to