From: Sam Sgro (sam_at_freeswan.org)
Date: Sat Nov 09 2002 - 10:32:41 CET
-----BEGIN PGP SIGNED MESSAGE-----
On Sat, 9 Nov 2002 sooguri_at_icu.ac.kr wrote:
> # ipsec auto --up road
> 104 "road" #1: STATE_MAIN_I1: initiate
> 010 "road" #1: STATE_MAIN_I1: retransmission; will wait 20s for response
> 010 "road" #1: STATE_MAIN_I1: retransmission; will wait 40s for response
> 031 "road" #1: max number of retransmissions (2) reached STATE_MAIN_I1. No acceptable response to our first IKE message
> 000 "road" #1: starting keying attempt 2 of at most 2, but releasing whack
FreeS/WAN sent its first packet, attempting to initiate a negotiation, but
never received a response.
> Nov 9 14:49:18 v31-208 pluto[2462]: "road"[3] 210.107.132.187 #25: responding to Main Mode from unknown peer 210.107.132.187
Your static host received that first packet...
> Nov 9 14:49:18 v31-208 pluto[2462]: "road"[3] 210.107.132.187 #25: ERROR: asynchronous network error report on eth0 for message to 210.107.132.187 port 500, complainant 210.107.132.187: Connection refused [errno 111, origin ICMP type 3 code 3 (not authenticated)]
... but it's attempt to respond was blocked, most likely by your firewall.
Check your iptables rules; you are allowing IKE traffic in, but you don't seem
to be allowing responses.
- --
Sam Sgro
sam_at_freeswan.org
-----BEGIN PGP SIGNATURE-----
Version: 2.6.3ia
Charset: noconv
Comment: For the matching public key, finger the Reply-To: address.
iQCVAwUBPczWOkOSC4btEQUtAQGonQP/aSj/ffQjTF7xS+2Fg7SxJXOhIhtJXJDY
S2teRYqmFC7PxDCBBjPYGEPNHBcz3YjMD2Jh9SqG2Zjx4VyzCeeZZf9Tm5UcRF9q
fzY+nGtyXkoWlNMQQqeeyM3YPNfYtf/QIhf52kI8sNjgsDZ7Dkc3gawjzKUOzKIB
OS5vZtxICeE=
=kHSA
-----END PGP SIGNATURE-----
_______________________________________________
Users mailing list
Users_at_lists.freeswan.org
http://lists.freeswan.org/mailman/listinfo/users
This archive was generated by hypermail 2.1.5 : Sun Nov 10 2002 - 05:20:37 CET