On Wed, 21 Sep 2016, Noam Singer wrote:

The error I am getting is this:

/var/log/auth.log:Sep 21 07:19:01 ip-10-xxx-xxx-xxx pluto[7546]: 
"connSTzzzz/2x2" #87478: ERROR: asynchronous network error report on eth0 
(sport=500) for message to 54.yyy.yyy.yyy port
500, complainant 10.xxx.xxx.xxx: No route to host [errno 113, origin ICMP type 
3 code 1 (not authenticated)]

You have to read that error very literally.

You received an ICMP message from 10.xxx.xxx.xxx saying "no route to
host". Of course, since it is not encrypted/authenticated, libreswan
has no choice but to ignore it and keep trying. But in this case,
it seems that you really have no route to your remote endpoint.

Without a rout to the destination, there can be no IKE negotiation
to establish IPsec.

Swan mailing list

Reply via email to