Version imprimable
salam alikum!
slt ! j'ai installé openswan sous mandriva 2006 j'ai suivi les etapes de configuration a la lettre puis arrivé a "start your connection" lors ce que je tape ipsec auto --net-to-net le message suivant m'apparait : 021 no connection named "net-to-net"
si quelqun pourrait m'aider.....:P
merci! et boncourage...........
et en suite j'ai les message suivants que je ne comprend pas bcp biensur....si quelqun pourrait m'orienter.....:
;)Citation:
[root@passerelleA irnatene]# ipsec auto --up net-to-net
104 "net-to-net" #1: STATE_MAIN_I1: initiate
003 "net-to-net" #1: received Vendor ID payload [Openswan (this version) 2.4.6 X.509-1.5.4 PLUTO_SENDS_VENDORID PLUTO_USES_KEYRR]
003 "net-to-net" #1: received Vendor ID payload [Dead Peer Detection]
003 "net-to-net" #1: received Vendor ID payload [RFC 3947] method set to=110
106 "net-to-net" #1: STATE_MAIN_I2: sent MI2, expecting MR2
003 "net-to-net" #1: NAT-Traversal: Result using 3: no NAT detected
108 "net-to-net" #1: STATE_MAIN_I3: sent MI3, expecting MR3
003 "net-to-net" #1: Signature check (on @localhost) failed (wrong key?); tried *AQNGqO5Eh
217 "net-to-net" #1: STATE_MAIN_I3: INVALID_KEY_INFORMATION
[root@passerelleA irnatene]# service ipsec restart
ipsec_setup: Stopping Openswan IPsec...
ipsec_setup: Starting Openswan IPsec 2.4.6...
ipsec_setup: insmod /lib/modules/2.6.12-12mdk/kernel/net/key/af_key.ko.gz
ipsec_setup: insmod /lib/modules/2.6.12-12mdk/kernel/net/ipv4/xfrm4_tunnel.ko.gz
ipsec_setup: insmod /lib/modules/2.6.12-12mdk/kernel/net/xfrm/xfrm_user.ko.gz
et de l'autre coté de la deuxieme passerelle, le message suivant apparait:
;)Citation:
104 "net-to-net" #1: STATE_MAIN_I1: initiate
003 "net-to-net" #1: received Vendor ID payload [Openswan (this version) 2.4.6 X.509-1.5.4 PLUTO_SENDS_VENDORID PLUTO_USES_KEYRR]
003 "net-to-net" #1: received Vendor ID payload [Dead Peer Detection]
003 "net-to-net" #1: received Vendor ID payload [RFC 3947] method set to=110
106 "net-to-net" #1: STATE_MAIN_I2: sent MI2, expecting MR2
003 "net-to-net" #1: NAT-Traversal: Result using 3: no NAT detected
108 "net-to-net" #1: STATE_MAIN_I3: sent MI3, expecting MR3
003 "net-to-net" #1: ignoring informational payload, type INVALID_KEY_INFORMATION
003 "net-to-net" #1: received and ignored informational message
010 "net-to-net" #1: STATE_MAIN_I3: retransmission; will wait 20s for response
003 "net-to-net" #1: discarding duplicate packet; already STATE_MAIN_I3
003 "net-to-net" #1: ignoring informational payload, type INVALID_KEY_INFORMATION
003 "net-to-net" #1: received and ignored informational message
003 "net-to-net" #1: discarding duplicate packet; already STATE_MAIN_I3
010 "net-to-net" #1: STATE_MAIN_I3: retransmission; will wait 40s for response
003 "net-to-net" #1: ignoring informational payload, type INVALID_KEY_INFORMATION
003 "net-to-net" #1: received and ignored informational message
031 "net-to-net" #1: max number of retransmissions (2) reached STATE_MAIN_I3. Possible authentication failure: no acceptable response to our first encrypted message
000 "net-to-net" #1: starting keying attempt 2 of an unlimited number, but releasing whack
je suis bloqué deuis presque troi semaines s'ils vous plait aidez moi ne serai ce que par un petite idee...merci
c'etait le probleme de configuration du fichier ipsec.conf! j'ai inversé les clé RSA...et ca marche!! normalement!!!!
car lorsque je fais
le resultat suivant apparait:Code:ipsec eroute
si vous pouvez m'eclairer un peu ! je vous remercie d'avance...:PCode:/usr/local/libexec/ipsec/eroute: NETKEY does not support eroute table.