<html>
<head>
<meta content="text/html; charset=ISO-8859-1"
http-equiv="Content-Type">
</head>
<body text="#000000" bgcolor="#FFFFFF">
It is there in <a class="moz-txt-link-freetext" href="https://download.libreswan.org/binaries/rhel/">https://download.libreswan.org/binaries/rhel/</a> but I
can't get it to work :(<br>
<br>
I have installed it and with identical configs to openswan all I get
in my logs is:<br>
<tt>Mar 16 11:43:59 server pluto[10870]: packet from
88.104.26.203:500: received Vendor ID payload [Dead Peer
Detection]</tt><tt><br>
</tt><tt>Mar 16 11:43:59 server pluto[10870]: packet from
88.104.26.203:500: received Vendor ID payload [RFC 3947]</tt><tt><br>
</tt><tt>Mar 16 11:43:59 server pluto[10870]: packet from
88.104.26.203:500: ignoring Vendor ID payload
[draft-ietf-ipsec-nat-t-ike-03]</tt><tt><br>
</tt><tt>Mar 16 11:43:59 server pluto[10870]: packet from
88.104.26.203:500: ignoring Vendor ID payload
[draft-ietf-ipsec-nat-t-ike-02_n]</tt><tt><br>
</tt><tt>Mar 16 11:43:59 server pluto[10870]: packet from
88.104.26.203:500: ignoring Vendor ID payload
[draft-ietf-ipsec-nat-t-ike-02]</tt><tt><br>
</tt><tt>Mar 16 11:43:59 server pluto[10870]: packet from
88.104.26.203:500: received Vendor ID payload
[draft-ietf-ipsec-nat-t-ike-00]</tt><tt><br>
</tt><tt>Mar 16 11:43:59 server pluto[10870]: packet from
88.104.26.203:500: initial Main Mode message received on
82.19.147.85:500 but no connection has been authorized with
policy=PSK</tt><br>
<br>
My Ipsec.conf is:<br>
<tt># The config file changed quite a bit from 1.x.</tt><tt><br>
</tt><tt># See
<a class="moz-txt-link-freetext" href="http://www.freeswan.org/freeswan_trees/freeswan-2.00/doc/upgrading.html">http://www.freeswan.org/freeswan_trees/freeswan-2.00/doc/upgrading.html</a></tt><tt><br>
</tt><tt><br>
</tt><tt>version 2.0</tt><tt><br>
</tt><tt><br>
</tt><tt># Default policy </tt><tt><br>
</tt><tt>#---------------</tt><tt><br>
</tt><tt><br>
</tt><tt>config setup</tt><tt><br>
</tt><tt> interfaces=%defaultroute</tt><tt><br>
</tt><tt> plutodebug=none # plutodebug="all crypt"</tt><tt><br>
</tt><tt> # plutodebug=controlmore</tt><tt><br>
</tt><tt> klipsdebug=none</tt><tt><br>
</tt><tt> oe=no</tt><tt><br>
</tt><tt> protostack=netkey # 2.6.x only</tt><tt><br>
</tt><tt>
virtual_private=%v4:10.0.0.0/8,%v4:192.168.0.0/16,%v4:172.16.0.0/12,%v4:!192.168.2.0/24,%v4:!192.168.3.0/24</tt><tt><br>
</tt><tt> nat_traversal=yes</tt><tt><br>
</tt><tt><br>
</tt><tt><br>
</tt><tt>conn %default</tt><tt><br>
</tt><tt> type=tunnel</tt><tt><br>
</tt><tt> authby=secret</tt><tt><br>
</tt><tt><br>
</tt><tt># Tunnels defined in separate files</tt><tt><br>
</tt><tt>#----------------------------------</tt><tt><br>
</tt><tt><br>
</tt><tt>include /etc/ipsec.d/ipsec.*.conf</tt><br>
<br>
<br>
One of the sub files, /etc/ipsec.d/ipsec.unmanaged.MumIn.conf, is:<br>
<tt>conn MumIn</tt><tt><br>
</tt><tt> type=tunnel</tt><tt><br>
</tt><tt> authby=secret</tt><tt><br>
</tt><tt> dpdtimeout=120</tt><tt><br>
</tt><tt> dpddelay=30</tt><tt><br>
</tt><tt> auto=add</tt><tt><br>
</tt><tt> left=%defaultroute</tt><tt><br>
</tt><tt> leftsourceip=192.168.2.1</tt><tt><br>
</tt><tt> leftsubnet=192.168.2.0/24</tt><tt><br>
</tt><tt> leftid=@Nick</tt><tt><br>
</tt><tt> right=%any</tt><tt><br>
</tt><tt> rightsubnet=192.168.10.0/24</tt><tt><br>
</tt><tt> salifetime=24h</tt><tt><br>
</tt><tt> dpdaction=clear</tt><tt><br>
</tt><tt> ikelifetime=24h</tt><tt><br>
</tt><tt> ike=aes256-sha1;modp2048</tt><tt><br>
</tt><tt> phase2alg=aes256</tt><tt><br>
</tt><tt> rekey=no</tt><tt><br>
</tt><br>
The secrets file contains:<br>
<tt>@Nick %any : PSK "PSK_Here"</tt><br>
<br>
This happens for both my remote locations. One is behind NAT, the
other is not.<br>
<br>
Regards,<br>
<br>
Nick<br>
<br>
<div class="moz-cite-prefix">On 16/03/2013 11:42, T.J. Yang wrote:<br>
</div>
<blockquote
cite="mid:CAD2GW8o1duXb-==LuhxkspXHwKWCn_QOjKc1izjxMFsduqpJ_g@mail.gmail.com"
type="cite">
<div dir="ltr">Hi Paul,
<div><br>
</div>
<div style="">Is there outstanding/roadblock issue ?</div>
<div>Hoping you can release libreswan 3.1 CentOS/RHEL 6 package
to repo soon.</div>
<div><br>
</div>
<div><br>
</div>
<div style="">Thanks</div>
<div style=""><br>
</div>
<div>tj<br clear="all">
<div><br>
</div>
-- <br>
T.J. Yang
</div>
</div>
<br>
<fieldset class="mimeAttachmentHeader"></fieldset>
<br>
<pre wrap="">_______________________________________________
Swan mailing list
<a class="moz-txt-link-abbreviated" href="mailto:Swan@lists.libreswan.org">Swan@lists.libreswan.org</a>
<a class="moz-txt-link-freetext" href="https://lists.libreswan.org/mailman/listinfo/swan">https://lists.libreswan.org/mailman/listinfo/swan</a>
</pre>
</blockquote>
<br>
</body>
</html>