[Swan] we require peer to have ID 'A', but peer declares 'B'
Paul Wouters
paul at nohats.ca
Sun Jan 24 19:30:52 UTC 2016
On Thu, 21 Jan 2016, ukindyfan wrote:
> I am attempting to set up a VPN client connection with a network that, of course, runs windows at work. They use L2TP over IPsec. So, I am getting the above error. 'A' is the server
> "right" address I have set up in my ipsec.conf. "B" is my public-facing IP address. I have googled for an answer to this for 2+ hours now. All the folks who have this error are either
> trying to connect two machines that they have control over, or there are getting some other unexplained value for "B" that is not their public IP. So, here I am. :D
> conn L2TP-PSK
> authby=secret
> pfs=no
> auto=add
> keyingtries=3
> dpddelay=30
> dpdtimeout=120
> dpdaction=clear
> rekey=yes
> ikelifetime=8h
> keylife=1h
> type=transport
> left=192.168.x.x <--- my local home ip address for this machine; I get different errors if I try my public IP here
> leftsubnet=192.168.0.0/24 <--- have also commented this out and still get "we require" errors
> leftnexthop=%defaultroute <---- have tried B address here and still get the same errors
> leftprotoport=17/1701
> right="A" <-------- address for the work VPN is here; I have also tried the actual "name" and get same error.
> rightnexthop=%defaultroute <---- have tried B address here and still get same errors
You should set rightid= to whatever the windows end is sending you.
Paul
More information about the Swan
mailing list