[Swan] Connecting to a Digi WR44

John Serink jserink2004 at yahoo.com
Mon Mar 23 09:29:27 EET 2015

I am using Libreswan as a road warrior connecting to a Digi WR44.This is the event log from the Digi:AmnasHQ>type eventlog.txt
13:00:24, 23 Mar 2015,(2933) IKE Keys Negotiated. Peer: jserinki713:00:24, 23 Mar 2015,(2933) New Phase 1 IKE Session,Responder13:00:11, 23 Mar 2015,Clear Event LogOK
It things phase 1 is complete.Here is the ipsec trace:jserinki7 jserink # 002 "Oman" #1: initiating Aggressive Mode #1, connection "Oman"112 "Oman" #1: STATE_AGGR_I1: initiate003 "Oman" #1: received Vendor ID payload [Dead Peer Detection]003 "Oman" #1: received Vendor ID payload [RFC 3947]003 "Oman" #1: received Vendor ID payload [Cisco-Unity]002 "Oman" #1: Aggressive mode peer ID is ID_KEY_ID: '@#0x416d6e617341646d696e'003 "Oman" #1: no suitable connection for peer '@#0x416d6e617341646d696e'003 "Oman" #1: initial Aggressive Mode packet claiming to be from @AmnasAdmin on but no connection has been authorized218 "Oman" #1: STATE_AGGR_I1: INVALID_ID_INFORMATION002 "Oman" #1: sending notification INVALID_ID_INFORMATION to
Here is my ipsec.conf file:config setup    protostack=netkey    dumpdir=/var/run/pluto/    nat_traversal=yes    interfaces=%defaultroute
conn Oman     keyingtries=0     left=%defaultroute     leftsourceip=     leftsubnet=     leftid=@jserinki7     authby=secret     ike=aes128-md5-modp1024     phase2alg=aes128-md5     auto=add     type=tunnel     right=     rightsubnet=     rightsourceip=     rightid=@AmnasAdmin     aggrmode=yes     pfs=no
Secrets file looks like this (key replaced with x's): @jserinki7  : PSK "xxxxxxxxx"
I can't work out why Libreswan thinks that this connection is not Authorized since AmnasAdmin is specified in the ipsec.conf AND is the ID used from the Digi.
Any pointers on this one?
Have struck out with google.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.libreswan.org/pipermail/swan/attachments/20150323/b83e23e3/attachment.html>

More information about the Swan mailing list