<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
<style type="text/css" style="display:none;"> P {margin-top:0;margin-bottom:0;} </style>
</head>
<body dir="ltr">
<div style="font-family: Calibri, Arial, Helvetica, sans-serif; font-size: 12pt; color: rgb(0, 0, 0); background-color: rgb(255, 255, 255);" class="elementToProof">
<span class="x_elementToProof ContentPasted0" style="font-size:12pt;margin:0px;background-color:rgb(255, 255, 255)">I'm trying to make an opportunistic ipsec configuration, below are attached my what I have in my .conf file and my policy file:</span>
<div class="x_elementToProof" style="font-size:12pt;margin:0px;background-color:rgb(255, 255, 255)">
<br class="ContentPasted0">
</div>
<div class="x_elementToProof ContentPasted0" style="font-size:12pt;margin:0px;background-color:rgb(255, 255, 255)">
please note that when I use right:(my_ip) and left:(otherside_ip) , my libreswan works just fine, it is just when I try to use opportunistic I get the following error : (after I do "<span style="font-size:11pt;font-family:Calibri;margin:0px" class="ContentPasted0">ipsec
 auto --start private")</span></div>
<div class="x_elementToProof" style="font-size:12pt;margin:0px;background-color:rgb(255, 255, 255)">
<span class="x_ContentPasted0" style="font-size:11pt;font-family:Calibri;margin:0px"><b class="ContentPasted0">"cannot initiate connection (serial $7) without knowing peer IP address (kind=CK_GROUP)"</b></span></div>
<div class="x_elementToProof" style="font-size:12pt;margin:0px;background-color:rgb(255, 255, 255)">
<span class="x_ContentPasted0" style="font-size:11pt;font-family:Calibri;margin:0px"><br class="ContentPasted0">
</span></div>
<div class="x_elementToProof" style="font-size:12pt;margin:0px;background-color:rgb(255, 255, 255)">
<span class="x_ContentPasted0 ContentPasted0" style="font-size:11pt;font-family:Calibri;margin:0px">I'm very new and I have no idea why he can't figure out the Ip address or what I'm supposed to do, since I gave him the expected IPs CIDR ...</span></div>
<div class="x_elementToProof" style="font-size:12pt;margin:0px;background-color:rgb(255, 255, 255)">
<span class="x_ContentPasted0 ContentPasted0" style="font-size:11pt;font-family:Calibri;margin:0px">(btw my configuration are two machines that are connected directly back to back)</span></div>
<div class="x_elementToProof" style="font-size:12pt;margin:0px;background-color:rgb(255, 255, 255)">
<span class="x_ContentPasted0" style="font-size:11pt;font-family:Calibri;margin:0px"><br class="ContentPasted0">
</span></div>
<div class="x_elementToProof" style="font-size:12pt;margin:0px;background-color:rgb(255, 255, 255)">
<span class="x_ContentPasted0 ContentPasted0" style="font-size:11pt;font-family:Calibri;margin:0px">and all I do is<span class="ContentPasted0"> </span><u class="ContentPasted0">"</u></span><span style="font-size:11pt;font-family:Calibri;margin:0px" class="ContentPasted0"><u class="ContentPasted0">ipsec
 setup --start" on both of them , then I try to do "<span class="x_ContentPasted2 ContentPasted0" style="margin:0px;background-color:rgb(255, 255, 255);display:inline !important">ipsec auto --start private</span>"</u><span class="ContentPasted0"> </span>on
 one of them - without opportunstic that works fine ...</span></div>
<div class="x_elementToProof" style="font-size:12pt;margin:0px;background-color:rgb(255, 255, 255)">
<span style="font-size:11pt;font-family:Calibri;margin:0px"><br class="ContentPasted0">
</span></div>
<div class="x_elementToProof" style="font-size:12pt;margin:0px;background-color:rgb(255, 255, 255)">
<span style="font-size:11pt;font-family:Calibri;margin:0px" class="ContentPasted0">also when I try to use left = <span class="x_ContentPasted4 ContentPasted0" style="margin:0px;background-color:rgb(255, 255, 255);display:inline !important">%defaultroute , it
 doesn't work same error ( matter of fact default route doesnt work without opportunstic even and i'm not sure what its value is in my case ..)</span></span></div>
<div class="x_elementToProof" style="font-size:12pt;margin:0px;background-color:rgb(255, 255, 255)">
<span style="font-size:11pt;font-family:Calibri;margin:0px"><br class="ContentPasted0">
</span></div>
<div class="x_elementToProof" style="font-size:12pt;margin:0px;background-color:rgb(255, 255, 255)">
<span style="font-size:11pt;font-family:Calibri;margin:0px"><b><u class="ContentPasted0">here is my .conf file:</u></b></span></div>
<div class="x_elementToProof" style="font-size:12pt;margin:0px;background-color:rgb(255, 255, 255)">
<span class="x_ContentPasted3 x_elementToProof ContentPasted0" style="font-size:11pt;font-family:Calibri;margin:0px">conn private
<div class="x_ContentPasted3 ContentPasted0" style="margin:0px">    leftid=@west</div>
<div class="x_ContentPasted3 ContentPasted0" style="margin:0px">    left=172.16.0.1</div>
<div class="x_ContentPasted3 ContentPasted0" style="margin:0px">    #left=%defaultroute</div>
<div class="x_ContentPasted3 ContentPasted0" style="margin:0px">        leftrsasigkey=0sAwEAAaxcwaWgb9+1zXbEG7mqfPaPBeGREwtkoEnuoldwxx9M2T8PR1Nb3TZjySV8wIOyJqPOlMx31EzsePXysNJqlclKHXpayqutfyKz5FPn0SC6GlBDdkQduSJo6Jj/YK2oZmGmwkr6xgtDzksIrZVHP1+ImR6FE4oyTU4OOA0BzC53kcm/U3JUyxdwDv59+SQVY0AtUYmBxRBFEq5+uxtDc118VhmasEY2OSbtwP+kQIjcGU9JZTQyTtjNgrulSms0WvL1u7KCXD8uWF3p6aiL6abycmNbCIV83KPuuvxXzP/cDPPwolzayX3feQykFwqAlT2YHYJHkXNqkr6ycX8Q4SDGrIxnZeo7cdahhoGOHqoVsMly6C4sD1KrbgJOy5Fv2n4wW2YyfeFrxyxxm7txgeiRHqntRLfssaTUcmqY6ShWA5ickJZlosFMyxQ9UDQB8m2DLiL0jAUKgsjsp5yDQd0eoV6qT9WXxCRYoWSyieeEHqe36QPENlyEjX2UOAWI909uwo/ZJJGrBH76fqX2voU=</div>
<div class="x_ContentPasted3 ContentPasted0" style="margin:0px">    rightid=@east</div>
<div class="x_ContentPasted3 ContentPasted0" style="margin:0px">    #right=172.16.0.2</div>
<div class="x_ContentPasted3 ContentPasted0" style="margin:0px">    right=%opportunisticgroup</div>
<div class="x_ContentPasted3 ContentPasted0" style="margin:0px"> rightrsasigkey=0sAwEAAZX+dhUk4BHitbWoJ8LSQlSBaRUnbRjEm4PXuYCjOIyJ97Gglb51gInf7RQUNd6TXPSOAHqtVwiP2ncwIXmbSb/Y3uBleUWIb+Uvu4VFmmZciX0iK2jsVkeghTxO+GGPaXexGRWVdBbHFCbOy4r2/eX5wtHb854u5+vwBF8tgvTizDMZqJHZ9QeCtpdhPFU+oZxIDXYlyKFUG//ckVt204GHMC7WYUPcIQ8HKejth9wjw3QT1Vi/ybfAj5WZSKN44yyo2cofCfsgVosXJQbARs3bQoTSB9bBEGJ+YGTh7ItSTsTzxA09ICGM6F7uuLRfAxHJ1E0FqlLKw+4h0J/FaI3DyjmgNyuRI9t0MSgo0AqjkiMEBqizhUpNk0L7s5oq70BgY0YYSGDS4p/ITKTho0KNo4ShVOM0xmrmsrpp9FQYW+808JQ2FWLmzsVifSGEu/eJZgyDwdPkWTqHJJvaScnamPbHphbbaYtGhjmRQ6hJmng+wvBhNoQTcAi5z8rdKKN8Ns920hcXZgHR3gqgPDT23fpw8oB7R2zFApm1pEPMd8stH7wNUZMqCrdyDMwsor7aCslgtCMZ</div>
<div class="x_ContentPasted3 ContentPasted0" style="margin:0px">    authby=null</div>
<div class="x_ContentPasted3 ContentPasted0" style="margin:0px">    auto=ondemand</div>
<div class="x_ContentPasted3 ContentPasted0" style="margin:0px">    keyingtries=1</div>
<div class="x_ContentPasted3 ContentPasted0" style="margin:0px">    type=transport</div>
<div class="x_ContentPasted3 x_elementToProof ContentPasted0" style="margin:0px">
    nic-offload=packet</div>
<div class="x_ContentPasted3 x_elementToProof" style="margin:0px"><br class="ContentPasted0">
</div>
<div class="x_ContentPasted3 x_elementToProof" style="margin:0px"><b><u class="ContentPasted0">and here is my policies/private</u></b></div>
<div class="x_ContentPasted3 x_elementToProof x_ContentPasted5 ContentPasted0" style="margin:0px">
172.16.0.0/24<br class="ContentPasted0">
</div>
<div class="x_ContentPasted3 x_elementToProof x_ContentPasted5" style="margin:0px">
<br class="ContentPasted0">
</div>
<div class="x_ContentPasted3 x_elementToProof x_ContentPasted5 ContentPasted0" style="margin:0px">
my machines have ips of <span class="x_ContentPasted6 ContentPasted0" style="margin:0px;background-color:rgb(255, 255, 255);display:inline !important">172.16.0.1 and <span class="x_ContentPasted7 ContentPasted0" style="margin:0px;background-color:rgb(255, 255, 255);display:inline !important">172.16.0.2</span></span></div>
<div class="x_ContentPasted3 x_elementToProof x_ContentPasted5" style="margin:0px">
<span class="x_ContentPasted6" style="margin:0px;background-color:rgb(255, 255, 255);display:inline !important"><span class="x_ContentPasted7 ContentPasted0" style="margin:0px;background-color:rgb(255, 255, 255);display:inline !important">and obviously the
 second machine got the same<span class="ContentPasted0"> </span><span style="margin:0px;background-color:rgb(255, 255, 255);display:inline !important" class="ContentPasted0">policies </span>file and very similar.conf file(but left and right changed accordingly).</span></span></div>
<div class="x_ContentPasted3 x_elementToProof x_ContentPasted5" style="margin:0px">
<span class="x_ContentPasted6" style="margin:0px;background-color:rgb(255, 255, 255);display:inline !important"><span class="x_ContentPasted7" style="margin:0px;background-color:rgb(255, 255, 255);display:inline !important"><br class="ContentPasted0">
</span></span></div>
<span class="x_ContentPasted3 x_elementToProof x_ContentPasted5" style="margin:0px"><span class="x_ContentPasted6" style="margin:0px;background-color:rgb(255, 255, 255);display:inline !important"><span class="x_ContentPasted7 ContentPasted0" style="margin:0px;background-color:rgb(255, 255, 255);display:inline !important">any
 idea what I'm doing wrong or how can I get opportunstic configuration to work ?</span></span></span></span></div>
<br>
</div>
</body>
</html>