From: mowglie (mowglie_at_netzero.net)
Date: Mon Dec 09 2002 - 10:14:48 CET
these are the errors i get now after tweaking things further (or backwards as the case may be)
Changing to directory '/etc/ipsec.d/crls'
Dec 9 00:40:03 jupiter pluto[28888]: loaded crl file 'crl.pem' (678 bytes)
Dec 9 00:40:03 jupiter pluto[28888]: could not open my default X.509 cert file '/etc/x509cert.der'
Dec 9 00:40:03 jupiter pluto[28888]: OpenPGP certificate file '/etc/pgpcert.pgp' not found
and later
"roadwarrior"[1] 61.231.192.128 #1: responding to Main Mode from unknown peer 61.231.192.128
Dec 9 00:40:32 jupiter pluto[28888]: "roadwarrior"[1] 61.231.192.128 #1: encrypted Informational Exchange message is invalid because it is for incomplete ISAKMP SA
"roadwarrior": cannot initiate connection without knowing peer IP address
my gateway ipsec.conf is
config setup
interfaces=%defaultroute
klipsdebug=none
plutodebug=none
plutoload=%search
plutostart=%search
uniqueids=yes
conn %default
keyingtries=1
disablearrivalcheck=no
authby=rsasig
leftrsasigkey=%cert
rightrsasigkey=%cert
conn roadwarrior
right=%any
left=%defaultroute
leftcert=jfanchiang2.pem
auto=add
pfs=yes
my roadwarrior ipsec.conf is
conn roadwarrior
left=%any
right=67.105.101.194
rightca="C=US, S=Texas, L=Dallas, O=BWUSA, CN=jupiter.bldgworks.com, Email=akpillai_at_bldgworks.com"
network=auto
auto=start
pfs=yes
any suggestions as to what i should read/do to resolve? much obliged...
_______________________________________________
Users mailing list
Users_at_lists.freeswan.org
http://lists.freeswan.org/mailman/listinfo/users
This archive was generated by hypermail 2.1.5 : Tue Dec 10 2002 - 05:21:07 CET