[Users] we have no ipsecN interface for either end of this connection

From: Johan Geuze (geuj_at_eshuis.nl)
Date: Thu Oct 31 2002 - 10:17:07 CET

• Next message: martin f krafft: "Re: [Users] we have no ipsecN interface for either end of this connection"
• Previous message: Jarek Karpiel: "*****SPAM***** Re: [Users] Sonicwall and FreeSWAN"
• Next in thread: martin f krafft: "Re: [Users] we have no ipsecN interface for either end of this connection"
• Reply: martin f krafft: "Re: [Users] we have no ipsecN interface for either end of this connection"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Hello,

I've set up other freeswan ipsec solutions and they all work like a charm,
but this case i'm a bit at a loss:

I have 2 redhat 7.x boxes with freeswan 1.95

one has direct connection to the internet

one is behind a cisco 800 adsl router.

i can ssh and do whatever i want between the two boxes, except for bringing
up a vpn connection.

LAN1 <----> local ip |vpn1box| fixed inet ip <------internet----> fixed inet
ip |cisco router| localip <-----> local ip |vpn2box| local ip <-----> LAN2

The cisco router is programmed to forward everything to the vpn2box, so i
can connect directly to the vpn2box from the vpn1box.

vpn1box = left and vpn2box = right in my configuration

vpn1box ipsec.conf
conn one-one
        compress=no
        left=195.11.243.114
        leftnexthop=195.11.243.113
        right=80.200.249.79
        rightnexthop=80.200.249.1
        authby=secret
        auto=add

vpn2box ipsec.conf
conn one-one
        compress=no
        left=195.11.243.114
        leftnexthop=195.11.243.113
        right=10.10.10.5
        rightnexthop=10.10.10.1
        authby=secret
        auto=add

vpn2box
104 "one-one" #1: STATE_MAIN_I1: initiate
106 "one-one" #1: STATE_MAIN_I2: sent MI2, expecting MR2
108 "one-one" #1: STATE_MAIN_I3: sent MI3, expecting MR3
003 "one-one" #1: discarding duplicate packet; already STATE_MAIN_I3
010 "one-one" #1: STATE_MAIN_I3: retransmission; will wait 20s for response
010 "one-one" #1: STATE_MAIN_I3: retransmission; will wait 40s for response
003 "one-one" #1: discarding duplicate packet; already STATE_MAIN_I3

vpn1box
Oct 31 11:09:30 vpn1 Pluto[23739]: "one-one" #6: responding to Main Mode
Oct 31 11:09:30 vpn1 Pluto[23739]: "one-one" #6: Peer ID is ID_IPV4_ADDR:
'10.10.10.5'
Oct 31 11:09:30 vpn1 Pluto[23739]: "one-one" #6: no suitable connection for
peer '10.10.10.5'

even if i told in vpn1box's conf that it should connect to 80.200.249.79 it
still wants to connect to 10.10.10.5

what can i do to resolve this?

kind regards

Johan Geuze

_______________________________________________
Users mailing list
Users_at_lists.freeswan.org
http://lists.freeswan.org/mailman/listinfo/users

• Next message: martin f krafft: "Re: [Users] we have no ipsecN interface for either end of this connection"
• Previous message: Jarek Karpiel: "*****SPAM***** Re: [Users] Sonicwall and FreeSWAN"
• Next in thread: martin f krafft: "Re: [Users] we have no ipsecN interface for either end of this connection"
• Reply: martin f krafft: "Re: [Users] we have no ipsecN interface for either end of this connection"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.5 : Fri Nov 01 2002 - 05:20:36 CET