[strongSwan] why my can not get the ip from dhcp server

Mon, 18 Oct 2010 02:51:16 -0700 

I just set my storngswan client and server  under the 
UML [Test ikev2/dhcp-dynamic]
but I can not assign the client ip address by dhcp server.
the client's ipsec.conf:
# ipsec.conf - strongSwan IPsec configuration file
# basic configuration
config setup
        crlcheckinterval=180
        strictcrlpolicy=no
        plutostart=no
conn %default
        ikelifetime=60m
        keylife=20m
        rekeymargin=3m
        keyingtries=1
        keyexchange=ikev2
# Add connections here.
conn host-host
 left=192.168.0.15
 leftsourceip=%config
 leftcert=client.pem
 [email protected]
 right=192.168.0.7
 rightsubnet=10.1.0.0/16
 [email protected]
 auto=add

the server's ipsec.conf
# ipsec.conf - strongSwan IPsec configuration file
# basic configuration
config setup
        crlcheckinterval=180
        strictcrlpolicy=no
        plutostart=no
conn %default
        ikelifetime=60m
        keylife=20m
        rekeymargin=3m
        keyingtries=1
        keyexchange=ikev2
        left=192.168.0.7
        leftsubnet=10.1.0.0/24
        leftcert=server.pem
        [email protected]
# Add connections here.
conn host-host
 right=%any
 rightsourceip=%dhcp              #10.1.0.119
 auto=add

when i run command in the client: #ipsec up host-host
Got the error information:
received INTERNAL_ADDRESS_FAILURE notify, no CHILD_SA built

and 
I found the server's log is wrong(I think)
14[IKE] peer requested virtual IP %any
14[CFG] sending DHCP DISCOVER to 10.1.0.111
06[CFG] received DHCP OFFER 10.1.0.122 from %any
14[CFG] sending DHCP REQUEST for 10.1.0.122 to %any
14[CFG] sending DHCP REQUEST for 10.1.0.122 to %any
14[CFG] sending DHCP REQUEST for 10.1.0.122 to %any
15[MGR] ignoring request with ID 1, already processing
14[CFG] sending DHCP REQUEST for 10.1.0.122 to %any
14[CFG] sending DHCP REQUEST for 10.1.0.122 to %any
16[MGR] ignoring request with ID 1, already processing


but the UML Test's log is 
(from:http://www.strongswan.org/uml/testresults44/ikev2/dhcp-dynamic/moon.daemon.log)
Jul 30 14:49:09 moon charon: 13[IKE] peer requested virtual IP %any 
Jul 30 14:49:09 moon charon: 13[CFG] sending DHCP DISCOVER to 10.1.255.255 
Jul 30 14:49:10 moon charon: 09[CFG] received DHCP OFFER 10.1.0.51 from 
10.1.0.20 
Jul 30 14:49:10 moon charon: 13[CFG] sending DHCP REQUEST for 10.1.0.51 to 
10.1.0.20 
Jul 30 14:49:10 moon charon: 09[CFG] received DHCP ACK for 10.1.0.51 
Jul 30 14:49:10 moon charon: 13[IKE] assigning virtual IP 10.1.0.51 to peer 
'[email protected]

anyone can help me?
why I alway got %any in the log,
but the UML Test's log is the assigned IP by the DHCP Server.


                                          
_______________________________________________
Users mailing list
[email protected]
https://lists.strongswan.org/mailman/listinfo/users

Reply via email to