G'day all...
With our recent server crash, I've been trying to reimplement the VPN.
Please note that on the other end of the VPN they are using FreeS/WAN IPsec 1.97 and on this side 1.99
I've copied the /etc/ipsec.conf and /etc/ipsec.secrets file from the crashed machine into the replacement box.
I start ipsec - /etc/init.d/ipsec start - everything fine.
No proper routing comes up though when I do a 'route' and I can't ping the other side.
I've been playing with things like 'ipsec auto --ready' and 'ipsec auto --up <connection name used in /etc/ipsec.conf>' .. to no avail on either end.
On the far end I get:
112 "woolloomooloo-nth_sydney" #46: STATE_QUICK_I1: initiate
010 "woolloomooloo-nth_sydney" #46: STATE_QUICK_I1: retransmission; will wait 20s for response
010 "woolloomooloo-nth_sydney" #46: STATE_QUICK_I1: retransmission; will wait 40s for response
031 "woolloomooloo-nth_sydney" #46: max number of retransmissions (2) reached STATE_QUICK_I1. No acceptable response to our first Quick Mode message: perhaps peer likes no proposal
000 "woolloomooloo-nth_sydney" #46: starting keying attempt 2 of an unlimited number, but releasing whack
When trying the same this on this end I get:
029 "woolloomooloo-nth_sydney": cannot initiate connection without knowing peer IP address
More information is available upon request.
Any help would be greatly appreciated I've spent most of today trying to figure this out and things are gloomy.
Thanks.
Mike
---
Michael S. E. Kraus
Administration
Capital Holdings Group (NSW) Pty Ltd
p: (02) 9955 8000
-- SLUG - Sydney Linux User's Group - http://slug.org.au/ More Info: http://lists.slug.org.au/listinfo/slug
