ipsec (openswan) vpn connection

steff aka sid · Beitrag von **steff aka sid** » 06.04.2005 14:30:00

Hi ich hab ein Problem mit dem Aufbau eine vpn connection. Und zwar bekomme ich immer folgenden fehler:

Apr  6 15:24:36 Sid ipsec_setup: ...Openswan IPsec started
Apr  6 15:24:36 Sid ipsec_setup: Starting Openswan IPsec U2.3.0/K2.6.10...
Apr  6 15:24:36 Sid ipsec_setup: insmod /lib/modules/2.6.10/kernel/net/ipv4/xfrm4_tunnel.ko 
Apr  6 15:24:36 Sid ipsec_setup: insmod /lib/modules/2.6.10/kernel/net/xfrm/xfrm_user.ko 
Apr  6 15:24:36 Sid ipsec__plutorun: 104 "proton" #1: STATE_MAIN_I1: initiate
Apr  6 15:24:36 Sid ipsec__plutorun: ...could not start conn "proton"

In der syslog
und diesen:

Code: Alles auswählen

Apr  6 15:24:36 Sid pluto[10733]: "proton" #1: transition from state STATE_MAIN_I1 to state STATE_MAIN_I2
Apr  6 15:24:36 Sid pluto[10733]: "proton" #1: I did not send a certificate because I do not have one.
Apr  6 15:24:36 Sid pluto[10733]: "proton" #1: transition from state STATE_MAIN_I2 to state STATE_MAIN_I3
Apr  6 15:24:36 Sid pluto[10733]: "proton" #1: ignoring informational payload, type INVALID_KEY_INFORMATION
Apr  6 15:24:36 Sid pluto[10733]: "proton" #1: received and ignored informational message
Apr  6 15:24:46 Sid pluto[10733]: "proton" #1: discarding duplicate packet; already STATE_MAIN_I3
Apr  6 15:24:46 Sid pluto[10733]: "proton" #1: ignoring informational payload, type INVALID_KEY_INFORMATION
Apr  6 15:24:46 Sid pluto[10733]: "proton" #1: received and ignored informational message
Apr  6 15:25:06 Sid pluto[10733]: "proton" #1: ignoring informational payload, type INVALID_KEY_INFORMATION
Apr  6 15:25:06 Sid pluto[10733]: "proton" #1: received and ignored informational message
Apr  6 15:25:06 Sid pluto[10733]: "proton" #1: discarding duplicate packet; already STATE_MAIN_I3

In der auth.log
Meine ipsec.conf sieht wie folgt aus:

Code: Alles auswählen

     20 version 2.0     # conforms to second version of ipsec.conf specification
     21 
     22 # basic configuration
     23 config setup
     24         # Debug-logging controls:  "none" for (almost) none, "all" for l
        ots.
     25         klipsdebug=none
     26         plutodebug=none
     27 
     28 
     29 # Add connections here.
     30 
     31 # sample VPN connection
     32 conn proton
     33         authby=rsasig
     34         leftrsasigkey=%cert
     35         rightrsasigkey=%cert
     36         # Left security gateway, subnet behind it, next hop toward right
        .
     37         left=%defaultroute
     38         leftcert=cert.pem
     39         # Right security gateway, subnet behind it, next hop toward left
        . 40         right=192.168.2.253
     41         rightsubnet=0.0.0.0/0
     42         rightnexthop=141.99.2.254
     43         rightid="C=DE, ST=Germany, L=Siegen, O=Uni Siegen, OU=HRZ, CN=pr
        oton.hrz.uni-siegen.de/Email=boor@unix-ag.org"
     44         # To authorize this connection, but not actually start it, at st
        artup,
     45         # uncomment this.
     46         auto=start
     47 
     48 conn block
     49     auto=ignore
     50 
     51 conn private
     52     auto=ignore
     53 
     54 conn private-or-clear
     55    auto=ignore
     56 
     57 conn clear-or-private
     58    auto=ignore
     59 
     60 conn clear 
     61     auto=ignore
     62 
     63 conn packetdefault
     64     auto=ignore

Hat vieleicht jemand eine Idee woran das liegen kann???

Greetz Steff