[prev in list] [next in list] [prev in thread] [next in thread]
List: openswan-users
Subject: [Openswan Users] [OPENSWAN] AMAZON - INVALID_INFORMATION_ID
From: kwaye kant <gabrielkwaye () gmail ! com>
Date: 2016-01-12 9:06:02
Message-ID: CALRvV17snEneK5zR3nHWeYzkONd2cHrbcro_jrm1FRjW8JD09g () mail ! gmail ! com
[Download RAW message or body]
[Attachment #2 (multipart/alternative)]
Hello all,
My server is running on Amazon EC2 with
IP address 52.124.24.106
Private IP 172.XX.XX.XX
My remote server
IP:41.XX.XX.XX
Subnet: 41.XX.XX.XX/30
This is my ipsec configuration
*authby=secret*
* type=tunnel*
* pfs=no*
* forceencaps=yes*
* ike=3des-sha1;modp1024*
* keyexchange=ike*
* phase2=esp*
* phase2alg=aes256-sha1;modp1024*
* ikelifetime=28800s*
* left=%defaultroute*
* leftid=52.124.24.106*
* auto=start*
* leftprotoport=17/1701*
* right=41.XX.XX.XX*
* rightid=41.XX.XX.XX*
* rightprotoport=17/1701*
* rightsubnet=41.XX.XX.XX/30*
But when I tried to connect to the remote I am getting this error
*031 "vpn" #233: max number of retransmissions (2) reached STATE_QUICK_I1.
No acceptable response to our first Quick Mode message: s peer likes no
proposal*
*000 "vpn" #233: starting keying attempt 2 of an unlimited number, but
releasing whack*
On the remote I have this error
**5.1843774730 MVAS_RK1_FW1 IKE/7/DEBUG:Get IPsec policy: get IPsec policy
failed*
**5.1843774730 MVAS_RK1_FW1 IKE/7/DEBUG:validate_prop: no IPsec policy
found*
**5.1843774730 MVAS_RK1_FW1 IKE/7/DEBUG:dropped message
from 52.124.24.106 due to notification type INVALID_ID_INFORMATION*
I have already check my IPsec config and IKE Policy and I can't fix this.
Did somebody already face this before ?
--
*------------------------------------------------------------------------------------------------------------------------------------------------Kwaye
KantSkype: g.kwaye(00) 237 677315145Douala - Cameroon*
*www.ksoft-solutions.com <http://www.ksoft-solutions.com>*
[Attachment #5 (text/html)]
<div dir="ltr"><div class="gmail_default" \
style="font-family:verdana,sans-serif;font-size:small;color:rgb(0,0,255)"><br \
clear="all"></div><div><div class="gmail_default" \
style="font-family:verdana,sans-serif;font-size:small;color:rgb(0,0,255)">Hello \
all,</div><div class="gmail_default" \
style="font-family:verdana,sans-serif;font-size:small;color:rgb(0,0,255)"><br></div><div \
class="gmail_default" \
style="font-family:verdana,sans-serif;font-size:small;color:rgb(0,0,255)">My server \
is running on Amazon EC2 with </div><div class="gmail_default" \
style="font-family:verdana,sans-serif;font-size:small;color:rgb(0,0,255)">IP address \
52.124.24.106</div><div class="gmail_default" \
style="font-family:verdana,sans-serif;font-size:small;color:rgb(0,0,255)">Private IP \
172.XX.XX.XX</div></div><div class="gmail_default" \
style="font-family:verdana,sans-serif;font-size:small;color:rgb(0,0,255)"><br></div><div \
class="gmail_default" \
style="font-family:verdana,sans-serif;font-size:small;color:rgb(0,0,255)">My remote \
server</div><div class="gmail_default" \
style="font-family:verdana,sans-serif;font-size:small;color:rgb(0,0,255)">IP:41.XX.XX.XX</div><div \
class="gmail_default" \
style="font-family:verdana,sans-serif;font-size:small;color:rgb(0,0,255)">Subnet: \
41.XX.XX.XX/30</div><div class="gmail_default" \
style="font-family:verdana,sans-serif;font-size:small;color:rgb(0,0,255)"><br></div><div \
class="gmail_default" \
style="font-family:verdana,sans-serif;font-size:small;color:rgb(0,0,255)">This is my \
ipsec configuration</div><div class="gmail_default" \
style="font-family:verdana,sans-serif;font-size:small"><div \
class="gmail_default"><span style="color:rgb(0,0,255)"> </span><font \
color="#666666"><i>authby=secret</i></font></div><div class="gmail_default"><font \
color="#666666"><i> type=tunnel</i></font></div><div \
class="gmail_default"><font color="#666666"><i> \
pfs=no</i></font></div><div class="gmail_default"><font color="#666666"><i> \
forceencaps=yes</i></font></div><div class="gmail_default"><font color="#666666"><i> \
ike=3des-sha1;modp1024</i></font></div><div class="gmail_default"><font \
color="#666666"><i> keyexchange=ike</i></font></div><div \
class="gmail_default"><font color="#666666"><i> \
phase2=esp</i></font></div><div class="gmail_default"><font color="#666666"><i> \
phase2alg=aes256-sha1;modp1024</i></font></div><div class="gmail_default"><font \
color="#666666"><i> ikelifetime=28800s</i></font></div><div \
class="gmail_default"><font color="#666666"><i> \
left=%defaultroute</i></font></div><div class="gmail_default"><font \
color="#666666"><i> leftid=52.124.24.106</i></font></div><div \
class="gmail_default"><font color="#666666"><i> \
auto=start</i></font></div><div class="gmail_default"><font color="#666666"><i> \
leftprotoport=17/1701</i></font></div><div class="gmail_default"><font \
color="#666666"><i> right=41.XX.XX.XX</i></font></div><div \
class="gmail_default"><font color="#666666"><i> \
rightid=41.XX.XX.XX</i></font></div><div class="gmail_default"><font \
color="#666666"><i> rightprotoport=17/1701</i></font></div><div \
class="gmail_default"><font color="#666666"><i> \
rightsubnet=41.XX.XX.XX/30</i></font></div><div class="gmail_default" \
style="color:rgb(0,0,255)"><br></div><div class="gmail_default" \
style="color:rgb(0,0,255)">But when I tried to connect to the remote I am getting \
this error</div><div class="gmail_default"><div class="gmail_default"><i><font \
color="#666666">031 "vpn" #233: max number of retransmissions (2) reached \
STATE_QUICK_I1. No acceptable response to our first Quick Mode message: s peer \
likes no proposal</font></i></div><div class="gmail_default"><i><font \
color="#666666">000 "vpn" #233: starting keying attempt 2 of an unlimited \
number, but releasing whack</font></i></div><div class="gmail_default" \
style="color:rgb(0,0,255)"><br></div><div class="gmail_default" \
style="color:rgb(0,0,255)">On the remote I have this error</div><div \
class="gmail_default"><div class="gmail_default"><i><font \
color="#666666">*5.1843774730 MVAS_RK1_FW1 IKE/7/DEBUG:Get IPsec policy: get IPsec \
policy failed</font></i></div><div class="gmail_default"><i><font \
color="#666666">*5.1843774730 MVAS_RK1_FW1 IKE/7/DEBUG:validate_prop: no IPsec policy \
found</font></i></div><div class="gmail_default"><i><font \
color="#666666">*5.1843774730 MVAS_RK1_FW1 IKE/7/DEBUG:dropped message from \
52.124.24.106 due to notification type INVALID_ID_INFORMATION</font></i></div><div \
class="gmail_default" style="color:rgb(0,0,255)"><br></div><div class="gmail_default" \
style="color:rgb(0,0,255)">I have already check my IPsec config and IKE Policy and I \
can't fix this.</div><div class="gmail_default" style="color:rgb(0,0,255)">Did \
somebody already face this before ?</div></div></div></div>-- <br><div \
class="gmail_signature"><div dir="ltr"><div><i><span \
style="color:rgb(51,102,255)">-------------------------------------------------------- \
----------------------------------------------------------------------------------------<br>Kwaye \
Kant</span><span style="color:rgb(51,102,255)"></span><br \
style="color:rgb(51,102,255)"><span style="color:rgb(51,102,255)">Skype: \
g.kwaye</span><br style="color:rgb(51,102,255)"><span \
style="color:rgb(51,102,255)">(00) 237 677315145<br>Douala - \
Cameroon<br></span></i></div><div><i><span style="color:rgb(51,102,255)"><a \
href="http://www.ksoft-solutions.com" \
target="_blank">www.ksoft-solutions.com</a></span></i></div></div></div> </div>
[Attachment #6 (text/plain)]
_______________________________________________
Users@lists.openswan.org
https://lists.openswan.org/mailman/listinfo/users
Micropayments: https://flattr.com/thing/38387/IPsec-for-Linux-made-easy
Building and Integrating Virtual Private Networks with Openswan:
http://www.amazon.com/gp/product/1904811256/104-3099591-2946327?n=283155
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic