Hi Ronny,
> But: A ping from the other side causes the following message:
>
> "siv" #1: cannot respond to IPsec SA request because no connection is known
> for 192.9.222.0/24===62.159.207.34...193.158.30.131
> "siv" #1: Quick Mode I1 message is unacceptable because it uses a
> previously used Message ID 0x293d7f45 (perhaps this is a duplicated packet)
>
> Why there is the right subnet (behind the gateway 193.158.30.131) not shown
> ??
I take it 193.58.30.131 is the remote (non-FreeSWAN) box. Then, this
connection is being established from 193.158.30.131->62.159.207.34. But
193.158.30.131 doesn't know anything about a tunnel on its side, so it's
not requesting one from FreeSWAN. Therefore the "siv" connection does not
match.
You need to either tell 193.58.30.131 that it has a tunnel behind it, or
modify your FreeSWAN connection in ipsec.conf to remove the rightsubnet.
Ciao, Chris.
-- ___ __ _ / __// / ,__(_)_ | Chris Wilson -- UNIX Firewall Lead Developer | / (_ / ,\/ _/ /_ \ | NetServers.co.uk http://www.netservers.co.uk | \ _//_/_/_//_/___/ | 21 Signet Court, Cambridge, UK. 01223 576516 |_______________________________________________ Users mailing list Users_at_lists.freeswan.org http://lists.freeswan.org/mailman/listinfo/users
This archive was generated by hypermail 2.1.3 : Mon Jul 29 2002 - 05:20:09 CEST