[prev in list] [next in list] [prev in thread] [next in thread] 

List:       openswan-users
Subject:    [Openswan Users] [OPENSWAN] AMAZON - INVALID_INFORMATION_ID
From:       kwaye kant <gabrielkwaye () gmail ! com>
Date:       2016-01-12 9:06:02
Message-ID: CALRvV17snEneK5zR3nHWeYzkONd2cHrbcro_jrm1FRjW8JD09g () mail ! gmail ! com
[Download RAW message or body]

[Attachment #2 (multipart/alternative)]


​Hello all,

My server is running on Amazon​ EC2 with
IP address 52.124.24.106
Private IP 172.XX.XX.XX

My remote server
IP:41.XX.XX.XX
Subnet: 41.XX.XX.XX/30

This is my ipsec configuration
        *authby=secret*
*        type=tunnel*
*        pfs=no*
*        forceencaps=yes*
*        ike=3des-sha1;modp1024*
*        keyexchange=ike*
*        phase2=esp*
*        phase2alg=aes256-sha1;modp1024*
*        ikelifetime=28800s*
*        left=%defaultroute*
*        leftid=52.124.24.106*
*        auto=start*
*        leftprotoport=17/1701*
*        right=41.XX.XX.XX*
*        rightid=41.XX.XX.XX*
*        rightprotoport=17/1701*
*        rightsubnet=41.XX.XX.XX/30*

But when I tried to connect to the remote I am getting this error
*031 "vpn" #233: max number of retransmissions (2) reached STATE_QUICK_I1.
No acceptable response to our first Quick Mode message: s peer likes no
proposal*
*000 "vpn" #233: starting keying attempt 2 of an unlimited number, but
releasing whack*

On the remote I have this error
**5.1843774730 MVAS_RK1_FW1 IKE/7/DEBUG:Get IPsec policy: get IPsec policy
failed*
**5.1843774730 MVAS_RK1_FW1 IKE/7/DEBUG:validate_prop: no IPsec policy
found*
**5.1843774730 MVAS_RK1_FW1 IKE/7/DEBUG:dropped message
from 52.124.24.106 due to notification type INVALID_ID_INFORMATION*

I have already check my IPsec config and IKE Policy and I can't fix this.
Did somebody already face this before ?
-- 





*------------------------------------------------------------------------------------------------------------------------------------------------Kwaye
                
KantSkype: g.kwaye(00) 237 677315145Douala - Cameroon*
*www.ksoft-solutions.com <http://www.ksoft-solutions.com>*


[Attachment #5 (text/html)]

<div dir="ltr"><div class="gmail_default" \
style="font-family:verdana,sans-serif;font-size:small;color:rgb(0,0,255)"><br \
clear="all"></div><div><div class="gmail_default" \
style="font-family:verdana,sans-serif;font-size:small;color:rgb(0,0,255)">​Hello \
all,</div><div class="gmail_default" \
style="font-family:verdana,sans-serif;font-size:small;color:rgb(0,0,255)"><br></div><div \
class="gmail_default" \
style="font-family:verdana,sans-serif;font-size:small;color:rgb(0,0,255)">My server \
is running on Amazon​ EC2 with  </div><div class="gmail_default" \
style="font-family:verdana,sans-serif;font-size:small;color:rgb(0,0,255)">IP address \
52.124.24.106</div><div class="gmail_default" \
style="font-family:verdana,sans-serif;font-size:small;color:rgb(0,0,255)">Private IP \
172.XX.XX.XX</div></div><div class="gmail_default" \
style="font-family:verdana,sans-serif;font-size:small;color:rgb(0,0,255)"><br></div><div \
class="gmail_default" \
style="font-family:verdana,sans-serif;font-size:small;color:rgb(0,0,255)">My remote \
server</div><div class="gmail_default" \
style="font-family:verdana,sans-serif;font-size:small;color:rgb(0,0,255)">IP:41.XX.XX.XX</div><div \
class="gmail_default" \
style="font-family:verdana,sans-serif;font-size:small;color:rgb(0,0,255)">Subnet: \
41.XX.XX.XX/30</div><div class="gmail_default" \
style="font-family:verdana,sans-serif;font-size:small;color:rgb(0,0,255)"><br></div><div \
class="gmail_default" \
style="font-family:verdana,sans-serif;font-size:small;color:rgb(0,0,255)">This is my \
ipsec configuration</div><div class="gmail_default" \
style="font-family:verdana,sans-serif;font-size:small"><div \
class="gmail_default"><span style="color:rgb(0,0,255)">            </span><font \
color="#666666"><i>authby=secret</i></font></div><div class="gmail_default"><font \
color="#666666"><i>            type=tunnel</i></font></div><div \
class="gmail_default"><font color="#666666"><i>            \
pfs=no</i></font></div><div class="gmail_default"><font color="#666666"><i>           \
forceencaps=yes</i></font></div><div class="gmail_default"><font color="#666666"><i>  \
ike=3des-sha1;modp1024</i></font></div><div class="gmail_default"><font \
color="#666666"><i>            keyexchange=ike</i></font></div><div \
class="gmail_default"><font color="#666666"><i>            \
phase2=esp</i></font></div><div class="gmail_default"><font color="#666666"><i>       \
phase2alg=aes256-sha1;modp1024</i></font></div><div class="gmail_default"><font \
color="#666666"><i>            ikelifetime=28800s</i></font></div><div \
class="gmail_default"><font color="#666666"><i>            \
left=%defaultroute</i></font></div><div class="gmail_default"><font \
color="#666666"><i>            leftid=52.124.24.106</i></font></div><div \
class="gmail_default"><font color="#666666"><i>            \
auto=start</i></font></div><div class="gmail_default"><font color="#666666"><i>       \
leftprotoport=17/1701</i></font></div><div class="gmail_default"><font \
color="#666666"><i>            right=41.XX.XX.XX</i></font></div><div \
class="gmail_default"><font color="#666666"><i>            \
rightid=41.XX.XX.XX</i></font></div><div class="gmail_default"><font \
color="#666666"><i>            rightprotoport=17/1701</i></font></div><div \
class="gmail_default"><font color="#666666"><i>            \
rightsubnet=41.XX.XX.XX/30</i></font></div><div class="gmail_default" \
style="color:rgb(0,0,255)"><br></div><div class="gmail_default" \
style="color:rgb(0,0,255)">But when I tried to connect to the remote I am getting \
this error</div><div class="gmail_default"><div class="gmail_default"><i><font \
color="#666666">031 &quot;vpn&quot; #233: max number of retransmissions (2) reached \
STATE_QUICK_I1.   No acceptable response to our first Quick Mode message: s peer \
likes no proposal</font></i></div><div class="gmail_default"><i><font \
color="#666666">000 &quot;vpn&quot; #233: starting keying attempt 2 of an unlimited \
number, but releasing whack</font></i></div><div class="gmail_default" \
style="color:rgb(0,0,255)"><br></div><div class="gmail_default" \
style="color:rgb(0,0,255)">On the remote I have this error</div><div \
class="gmail_default"><div class="gmail_default"><i><font \
color="#666666">*5.1843774730 MVAS_RK1_FW1 IKE/7/DEBUG:Get IPsec policy: get IPsec \
policy failed</font></i></div><div class="gmail_default"><i><font \
color="#666666">*5.1843774730 MVAS_RK1_FW1 IKE/7/DEBUG:validate_prop: no IPsec policy \
found</font></i></div><div class="gmail_default"><i><font \
color="#666666">*5.1843774730 MVAS_RK1_FW1 IKE/7/DEBUG:dropped message from  \
52.124.24.106  due to notification type INVALID_ID_INFORMATION</font></i></div><div \
class="gmail_default" style="color:rgb(0,0,255)"><br></div><div class="gmail_default" \
style="color:rgb(0,0,255)">I have already check my IPsec config and IKE Policy and I \
can&#39;t fix this.</div><div class="gmail_default" style="color:rgb(0,0,255)">Did \
somebody already face this before ?</div></div></div></div>-- <br><div \
class="gmail_signature"><div dir="ltr"><div><i><span \
style="color:rgb(51,102,255)">-------------------------------------------------------- \
----------------------------------------------------------------------------------------<br>Kwaye \
Kant</span><span style="color:rgb(51,102,255)"></span><br \
style="color:rgb(51,102,255)"><span style="color:rgb(51,102,255)">Skype: \
g.kwaye</span><br style="color:rgb(51,102,255)"><span \
style="color:rgb(51,102,255)">(00) 237 677315145<br>Douala - \
Cameroon<br></span></i></div><div><i><span style="color:rgb(51,102,255)"><a \
href="http://www.ksoft-solutions.com" \
target="_blank">www.ksoft-solutions.com</a></span></i></div></div></div> </div>


[Attachment #6 (text/plain)]

_______________________________________________
Users@lists.openswan.org
https://lists.openswan.org/mailman/listinfo/users
Micropayments: https://flattr.com/thing/38387/IPsec-for-Linux-made-easy
Building and Integrating Virtual Private Networks with Openswan:
http://www.amazon.com/gp/product/1904811256/104-3099591-2946327?n=283155

[prev in list] [next in list] [prev in thread] [next in thread]

Configure | About | News | Add a list | Sponsored by KoreLogic