Re: [Users] cannot initiate connection without knowing peer IP address

From: Ken Bantoft (ken_at_freeswan.ca)
Date: Thu Dec 05 2002 - 05:18:33 CET

• Next message: Sam Sgro: "Re: [Users] Public-IP Subnet - Private Net - Internet possible ?"
• Previous message: BenLau: "[Users] cannot initiate connection without knowing peer IP address"
• In reply to: BenLau: "[Users] cannot initiate connection without knowing peer IP address"
• Next in thread: BenLau: "Re: [Users] cannot initiate connection without knowing peer IP address"
• Reply: BenLau: "Re: [Users] cannot initiate connection without knowing peer IP address"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

-----BEGIN PGP SIGNED MESSAGE-----

On Thu, 5 Dec 2002, BenLau wrote:

> Hi all,
>
> I want to configure a network-to-host connection,and
> I have the following setting in my /etc/ipsec.conf:
>
> conn a-to-b
> leftid=@a
> left=192.168.4.75
> leftsubnet=172.16.0.0/16
> leftnexthop=192.168.4.1
> leftrsasigkey=....
> right=%any
> rightid=@b
> rightrsasigkey=...
> keylife=20m
> keyingtries=1
> auto=add
> authby=rsasig
>
> and then i run the following commands:
>
> [root_at_localhost root]# /etc/init.d/ipsec restart
> ipsec_setup: Stopping FreeS/WAN IPsec...
> ipsec_setup: Starting FreeS/WAN IPsec 1.99...
> ipsec_setup: Using /lib/modules/2.4.18/kernel/net/ipsec/ipsec.o
> [root_at_localhost root]# ipsec auto --up a-to-b
>
> 029 "a-to-b": cannot initiate connection without knowing peer IP address
>
> I dont understand why there have a error message
> "cannot initiate connection without knowing peer IP address" there.
>
> And seem that i cant up the connection... do anybody know what happen
> for it? Thanks you for any advice!!

Of course... you can't connect to a roadwarrior who's IP address you don't
know. What you what to do is not --up, but --add. Once it's added (which
your config does) pluto just wait for an incoming connection.

- --
Ken Bantoft The Unoffical FreeS/WAN Site:
ken_at_freeswan.ca http://www.freeswan.ca
                           PGP Key: finger ken_at_bantoft.org
"We can factor the number 15 with quantum computers. We
can also factor the number 15 with a dog trained to bark
three times." -- Robert Harley, 5/12/01, Sci.crypt

-----BEGIN PGP SIGNATURE-----
Version: 2.6.3ia
Charset: noconv

iQCVAwUBPe7Tm1iWUusaxGxpAQGAeAP8CE1itVCEJUSPJScF+tPET3DB69NTqINC
Z5NBgqPzg6hAnYoneaAcDGzDaXJrwtUSn8ogt+TIW1z50z351gBcPxy45lLZQuh9
ROsHHS6a5Mv8FeyRJZRc1oqpOL/zSV3bEdPN37JjR+xTJTN5k3nC7IOQmjoTM2jM
AckmcW8BNyM=
=TnkY
-----END PGP SIGNATURE-----

_______________________________________________
Users mailing list
Users_at_lists.freeswan.org
http://lists.freeswan.org/mailman/listinfo/users

• Next message: Sam Sgro: "Re: [Users] Public-IP Subnet - Private Net - Internet possible ?"
• Previous message: BenLau: "[Users] cannot initiate connection without knowing peer IP address"
• In reply to: BenLau: "[Users] cannot initiate connection without knowing peer IP address"
• Next in thread: BenLau: "Re: [Users] cannot initiate connection without knowing peer IP address"
• Reply: BenLau: "Re: [Users] cannot initiate connection without knowing peer IP address"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.5 : Fri Dec 06 2002 - 05:21:02 CET