<html><body><div style="color:#000; background-color:#fff; font-family:HelveticaNeue, Helvetica Neue, Helvetica, Arial, Lucida Grande, sans-serif;font-size:16px"><div id="yui_3_16_0_1_1427094099567_7435" dir="ltr">Hello:</div><div id="yui_3_16_0_1_1427094099567_7435" dir="ltr"><br></div><div id="yui_3_16_0_1_1427094099567_7435" dir="ltr">I am using Libreswan as a road warrior connecting to a Digi WR44.</div><div id="yui_3_16_0_1_1427094099567_7435" dir="ltr">This is the event log from the Digi:</div><div id="yui_3_16_0_1_1427094099567_7435" dir="ltr" class="" style="">AmnasHQ>type eventlog.txt</div><div id="yui_3_16_0_1_1427094099567_7435" dir="ltr" class="" style=""><br class="" style=""></div><div id="yui_3_16_0_1_1427094099567_7435" dir="ltr" class="" style="">13:00:24, 23 Mar 2015,(2933) IKE Keys Negotiated. Peer: jserinki7</div><div id="yui_3_16_0_1_1427094099567_7435" dir="ltr" class="" style="">13:00:24, 23 Mar 2015,(2933) New Phase 1 IKE Session 119.75.44.126,Responder</div><div id="yui_3_16_0_1_1427094099567_7435" dir="ltr" class="" style="">13:00:11, 23 Mar 2015,Clear Event Log</div><div id="yui_3_16_0_1_1427094099567_7435" dir="ltr" class="" style="">OK</div><div class="" style="" id="yui_3_16_0_1_1427094099567_7500"><br class="" style=""></div><div class="" style="" id="yui_3_16_0_1_1427094099567_7500" dir="ltr">It things phase 1 is complete.</div><div class="" style="" id="yui_3_16_0_1_1427094099567_7500" dir="ltr">Here is the ipsec trace:</div><div class="" style="" id="yui_3_16_0_1_1427094099567_7500" dir="ltr"><div class="" id="yui_3_16_0_1_1427094099567_7500" dir="ltr" style="">jserinki7 jserink # 002 "Oman" #1: initiating Aggressive Mode #1, connection "Oman"</div><div class="" id="yui_3_16_0_1_1427094099567_7500" dir="ltr" style="">112 "Oman" #1: STATE_AGGR_I1: initiate</div><div class="" id="yui_3_16_0_1_1427094099567_7500" dir="ltr" style="">003 "Oman" #1: received Vendor ID payload [Dead Peer Detection]</div><div class="" id="yui_3_16_0_1_1427094099567_7500" dir="ltr" style="">003 "Oman" #1: received Vendor ID payload [RFC 3947]</div><div class="" id="yui_3_16_0_1_1427094099567_7500" dir="ltr" style="">003 "Oman" #1: received Vendor ID payload [Cisco-Unity]</div><div class="" id="yui_3_16_0_1_1427094099567_7500" dir="ltr" style="">002 "Oman" #1: Aggressive mode peer ID is ID_KEY_ID: '@#0x416d6e617341646d696e'</div><div class="" id="yui_3_16_0_1_1427094099567_7500" dir="ltr" style="">003 "Oman" #1: no suitable connection for peer '@#0x416d6e617341646d696e'</div><div class="" id="yui_3_16_0_1_1427094099567_7500" dir="ltr" style="">003 "Oman" #1: initial Aggressive Mode packet claiming to be from @AmnasAdmin on 62.231.251.146 but no connection has been authorized</div><div class="" id="yui_3_16_0_1_1427094099567_7500" dir="ltr" style="">218 "Oman" #1: STATE_AGGR_I1: INVALID_ID_INFORMATION</div><div class="" id="yui_3_16_0_1_1427094099567_7500" dir="ltr" style="">002 "Oman" #1: sending notification INVALID_ID_INFORMATION to 62.231.251.146:500</div><div class="" id="yui_3_16_0_1_1427094099567_7500" dir="ltr" style=""><br></div><div class="" id="yui_3_16_0_1_1427094099567_7500" dir="ltr" style="">Here is my ipsec.conf file:</div><div class="" id="yui_3_16_0_1_1427094099567_7500" dir="ltr" style=""><div class="" id="yui_3_16_0_1_1427094099567_7500" dir="ltr" style="">config setup</div><div class="" id="yui_3_16_0_1_1427094099567_7500" dir="ltr" style=""> protostack=netkey</div><div class="" id="yui_3_16_0_1_1427094099567_7500" dir="ltr" style=""> dumpdir=/var/run/pluto/</div><div class="" id="yui_3_16_0_1_1427094099567_7500" dir="ltr" style=""> nat_traversal=yes</div><div class="" id="yui_3_16_0_1_1427094099567_7500" dir="ltr" style=""> interfaces=%defaultroute</div><div class="" id="yui_3_16_0_1_1427094099567_7500" dir="ltr" style=""><br class="" style=""></div><div class="" id="yui_3_16_0_1_1427094099567_7500" dir="ltr" style="">conn Oman</div><div class="" id="yui_3_16_0_1_1427094099567_7500" dir="ltr" style=""> keyingtries=0</div><div class="" id="yui_3_16_0_1_1427094099567_7500" dir="ltr" style=""> left=%defaultroute</div><div class="" id="yui_3_16_0_1_1427094099567_7500" dir="ltr" style=""> leftsourceip=192.168.100.1</div><div class="" id="yui_3_16_0_1_1427094099567_7500" dir="ltr" style=""> leftsubnet=192.168.100.1/24</div><div class="" id="yui_3_16_0_1_1427094099567_7500" dir="ltr" style=""> leftid=@jserinki7</div><div class="" id="yui_3_16_0_1_1427094099567_7500" dir="ltr" style=""> authby=secret</div><div class="" id="yui_3_16_0_1_1427094099567_7500" dir="ltr" style=""> ike=aes128-md5-modp1024</div><div class="" id="yui_3_16_0_1_1427094099567_7500" dir="ltr" style=""> phase2alg=aes128-md5</div><div class="" id="yui_3_16_0_1_1427094099567_7500" dir="ltr" style=""> auto=add</div><div class="" id="yui_3_16_0_1_1427094099567_7500" dir="ltr" style=""> type=tunnel</div><div class="" id="yui_3_16_0_1_1427094099567_7500" dir="ltr" style=""> right=62.231.251.146</div><div class="" id="yui_3_16_0_1_1427094099567_7500" dir="ltr" style=""> rightsubnet=192.168.200.0/24</div><div class="" id="yui_3_16_0_1_1427094099567_7500" dir="ltr" style=""> rightsourceip=192.168.200.1</div><div class="" id="yui_3_16_0_1_1427094099567_7500" dir="ltr" style=""> rightid=@AmnasAdmin</div><div class="" id="yui_3_16_0_1_1427094099567_7500" dir="ltr" style=""> aggrmode=yes</div><div class="" id="yui_3_16_0_1_1427094099567_7500" dir="ltr" style=""> pfs=no</div><div class="" id="yui_3_16_0_1_1427094099567_7500" dir="ltr" style=""><br></div><div class="" id="yui_3_16_0_1_1427094099567_7500" dir="ltr" style="">Secrets file looks like this (key replaced with x's):</div><div class="" id="yui_3_16_0_1_1427094099567_7500" dir="ltr" style=""><div class="" id="yui_3_16_0_1_1427094099567_7500" dir="ltr" style="">62.231.251.146 @jserinki7 : PSK "xxxxxxxxx"</div><div class="" style="" id="yui_3_16_0_1_1427094099567_7659"><br class="" style=""></div><div class="" style="" id="yui_3_16_0_1_1427094099567_7643" dir="ltr">I can't work out why Libreswan thinks that this connection is not Authorized since AmnasAdmin is specified in the ipsec.conf AND is the ID used from the Digi.</div><div class="" style="" id="yui_3_16_0_1_1427094099567_7643" dir="ltr"><br></div><div class="" style="" id="yui_3_16_0_1_1427094099567_7643" dir="ltr">Any pointers on this one?</div><div class="" style="" id="yui_3_16_0_1_1427094099567_7643" dir="ltr"><br></div><div class="" style="" id="yui_3_16_0_1_1427094099567_7643" dir="ltr">Have struck out with google.</div><div class="" style="" id="yui_3_16_0_1_1427094099567_7643" dir="ltr"><br></div><div class="" style="" id="yui_3_16_0_1_1427094099567_7643" dir="ltr">Cheers,</div><div class="" style="" id="yui_3_16_0_1_1427094099567_7643" dir="ltr">john</div></div><div class="" id="yui_3_16_0_1_1427094099567_7500" dir="ltr" style=""><br></div></div><div class="" id="yui_3_16_0_1_1427094099567_7500" dir="ltr" style=""><br class="" style=""></div></div><div id="yui_3_16_0_1_1427094099567_7435" dir="ltr" class="" style=""><br class="" style=""></div></div></body></html>