Hello: I am using Libreswan as a road warrior connecting to a Digi WR44.This is the event log from the Digi:AmnasHQ>type eventlog.txt 13:00:24, 23 Mar 2015,(2933) IKE Keys Negotiated. Peer: jserinki713:00:24, 23 Mar 2015,(2933) New Phase 1 IKE Session 119.75.44.126,Responder13:00:11, 23 Mar 2015,Clear Event LogOK It things phase 1 is complete.Here is the ipsec trace:jserinki7 jserink # 002 "Oman" #1: initiating Aggressive Mode #1, connection "Oman"112 "Oman" #1: STATE_AGGR_I1: initiate003 "Oman" #1: received Vendor ID payload [Dead Peer Detection]003 "Oman" #1: received Vendor ID payload [RFC 3947]003 "Oman" #1: received Vendor ID payload [Cisco-Unity]002 "Oman" #1: Aggressive mode peer ID is ID_KEY_ID: '@#0x416d6e617341646d696e'003 "Oman" #1: no suitable connection for peer '@#0x416d6e617341646d696e'003 "Oman" #1: initial Aggressive Mode packet claiming to be from @AmnasAdmin on 62.231.251.146 but no connection has been authorized218 "Oman" #1: STATE_AGGR_I1: INVALID_ID_INFORMATION002 "Oman" #1: sending notification INVALID_ID_INFORMATION to 62.231.251.146:500 Here is my ipsec.conf file:config setup protostack=netkey dumpdir=/var/run/pluto/ nat_traversal=yes interfaces=%defaultroute conn Oman keyingtries=0 left=%defaultroute leftsourceip=192.168.100.1 leftsubnet=192.168.100.1/24 leftid=@jserinki7 authby=secret ike=aes128-md5-modp1024 phase2alg=aes128-md5 auto=add type=tunnel right=62.231.251.146 rightsubnet=192.168.200.0/24 rightsourceip=192.168.200.1 rightid=@AmnasAdmin aggrmode=yes pfs=no Secrets file looks like this (key replaced with x's):62.231.251.146 @jserinki7 : PSK "xxxxxxxxx" I can't work out why Libreswan thinks that this connection is not Authorized since AmnasAdmin is specified in the ipsec.conf AND is the ID used from the Digi. Any pointers on this one? Have struck out with google. Cheers,john
_______________________________________________ Swan mailing list [email protected] https://lists.libreswan.org/mailman/listinfo/swan
