Hi Could someone tell me whats wrong with my setup? I have following error
002 "checkpoint-openswan" #4: initiating Main Mode 104 "checkpoint-openswan" #4: STATE_MAIN_I1: initiate 106 "checkpoint-openswan" #4: STATE_MAIN_I2: sent MI2, expecting MR2 002 "checkpoint-openswan" #4: we have a cert and are sending it upon request 108 "checkpoint-openswan" #4: STATE_MAIN_I3: sent MI3, expecting MR3 003 "checkpoint-openswan" #4: discarding duplicate packet; already STATE_MAIN_I3 002 "checkpoint-openswan" #4: Peer ID is ID_IPV4_ADDR: 'x.x.119.254' 002 "checkpoint-openswan" #4: crl not found 002 "checkpoint-openswan" #4: certificate status unknown 003 "checkpoint-openswan" #4: no RSA public key known for 'x.x.119.254' 217 "checkpoint-openswan" #4: STATE_MAIN_I3: INVALID_KEY_INFORMATION 002 "checkpoint-openswan" #4: sending encrypted notification INVALID_KEY_INFORMATION to x.x.119.254:500 My configuration is conn checkpoint-openswan type=tunnel # Left side is Check Point left=x.x.119.254 leftcert=checkpoint_ca_cert.pem #tried setting this options also #leftid="O=c.." #leftrsasigkey=%cert #extracted with fswcert tool leftrsasigkey=0x0103... leftsubnet=10.45.0.111/32 leftsendcert=no # Right side is OpenSwan right=77.50.36.0 # As an alternative, the file itself can be specified rightcert=checkpoint_cl_cert.pem rightrsasigkey=%cert authby=rsasig auto=start # Optional specify encryption/hash methods for phase 1 & 2 ike=3des-md5-modp1024 esp=aes-sha1 # Disable Perfect Forward Secrecy, if not working proper pfs=no # Optional enable compression (if working) #compress=yes _______________________________________________ Users mailing list Users@lists.strongswan.org https://lists.strongswan.org/mailman/listinfo/users