Hello All, I have the following issue when connecting a libreswan server and a remote IPSec peer (non libreswan)
my libreswan is running on ubuntu 14.04 LTS During key renegotiation I see the following messages in the logs Jan 9 09:10:20 hostname pluto[7888]: "connection/6x6" #35475: the peer proposed: 192.168.48.0/20:0/0 -> 100.16.2.200/32:0/0 Jan 9 09:10:20 hostname pluto[7888]: "connection/4x5" #35476: *ENCAPSULATION_MODE_UDP_TUNNEL_DRAFTS* must only be used with old IETF drafts Jan 9 09:10:20 hostname pluto[7888]: "connection/4x5" #35476: sending encrypted notification *BAD_PROPOSAL_SYNTAX* to X.X.X.X:4500 The connection configuration (removed some left/right subnets to simplify) conn connection authby=secret auto=start dpdaction=restart_by_peer dpddelay=30 dpdtimeout=120 forceencaps=no ike=aes256-sha1;modp1024 ikelifetime=28800s keyingtries=3 left=local IP leftid=my id leftsubnets=192.168.48.0/20... pfs=no phase2alg=aes256-sha1 right=remote ip rightid=remote id rightsubnets=100.16.2.200/32... salifetime=3600s type=tunnel What does the ENCAPSULATION_MODE_UDP_TUNNEL_DRAFTS message mean? what should I do to fix this (do I need to fix it)? Appriciate your insight Amir *Amir Naftali*| *CTO 40Cloud*| *FireMon* D: +972.73.3905722| C: +972.54.4972622 amir@ <amir.naft...@firemon.com>fortycloud.com | *www.40cloud.com <http://www.40cloud.com/>* *40Cloud - Making Your Public Cloud Private*
_______________________________________________ Swan mailing list Swan@lists.libreswan.org https://lists.libreswan.org/mailman/listinfo/swan