[strongSwan] netgear fvx538 no connection has been authorized with policy=PSK full night working but no cigar
andreas.steffen at strongswan.org
Sun Dec 19 10:43:16 CET 2010
which strongSwan version are you using? Starting with
4.5.0 the default for
switched from ikev1 to ikev2. Therefore pluto wouldn't
see your IKEv2 connection definition.
On 19.12.2010 04:38, renato gallo wrote:
> please I pray you HELP.
> the problem is .....
> packet from 220.127.116.11:500: initial Main Mode message received on
> 192.168.0.5:500 but no connection has been authorized with policy=PSK
> cat ipsec.secrets
> # /etc/ipsec.secrets - strongSwan IPsec secrets file
> : PSK "not posting the pass"
> cat ipsec.conf
> # ipsec.conf - strongSwan IPsec configuration file
> config setup
> conn fvx538
> authby=secret #tells it to use a PSK for authentication
> left= %defaultroute #WAN ip address of local CC router
> leftsubnet=192.168.0.0/24 #ip address of CC LAN subnet
> leftnexthop=192.168.0.3 #ip address of local CC?s internet gateway
> leftid=18.104.22.168 #WAN IP
> right=22.214.171.124 #WAN ip address of remote netgear fvs318
> rightnexthop=126.96.36.199 #ip address of remote netgear?s internet gateway
> rightsubnet=10.0.0.0/24 #ip address of netear LAN subnet
> rightid=188.8.131.52 #WAN IP
> ike=3des-sha1-modp1024 #ike policy settings, could not get aes128 or aes256 to work
> ikelifetime=1440m #ike lifetime
> keylife=480m #key life
> pfs=no #pfs is off, could not get pfs working
> keyexchange=ike #tell it to use ike(not AH)
> auto=start #start when ipsec(openswan) starts
> esp=3des-sha1 #phase 2 encryption, no pfs defined. Netgear ?VPN policy?
Andreas Steffen andreas.steffen at strongswan.org
strongSwan - the Linux VPN Solution! www.strongswan.org
Institute for Internet Technologies and Applications
University of Applied Sciences Rapperswil
CH-8640 Rapperswil (Switzerland)
More information about the Users