URL: https://www.opennet.me/cgi-bin/openforum/vsluhboard.cgi
Форум: vsluhforumID1
Нить номер: 54819
[ Назад ]

Исходное сообщение
"Все тот же IPSEC"
Отправлено Rain , 24-Мрт-05 18:56

После запуска в логах вот такое, что этим он хочет сказать.

Mar 24 18:53:24 route1 pluto[10748]: loading secrets from "/etc/ipsec.secrets"
Mar 24 18:53:24 route1 pluto[10748]: "Test": route-host output: /usr/lib/ipsec/_updown: doroute `ip route add 192.168.2.1/32 via 10.0.0.1 dev eth2 ' failed (RTNETLINK answers: Network is unreachable)
Mar 24 18:53:24 route1 pluto[10748]: "Test" #1: initiating Main Mode
Mar 24 18:53:24 route1 pluto[10748]: | no IKE algorithms for this connection
Mar 24 18:53:24 route1 pluto[10748]: "Test" #1: only OAKLEY_GROUP_MODP1024 and OAKLEY_GROUP_MODP1536 supported. Attribute OAKLEY_GROUP_DESCRIPTION
Mar 24 18:53:24 route1 pluto[10748]: "Test" #1: no acceptable Oakley Transform
Mar 24 18:53:24 route1 pluto[10748]: "Test" #1: sending notification NO_PROPOSAL_CHOSEN to 192.168.2.1:500
Mar 24 18:53:24 route1 pluto[10748]: packet from 192.168.2.1:500: ignoring informational payload, type INVALID_EXCHANGE_TYPE
Mar 24 18:53:24 route1 pluto[10748]: packet from 192.168.2.1:500: received and ignored informational message
Mar 24 18:53:26 route1 pluto[10748]: packet from 192.168.2.1:500: phase 1 message is part of an unknown exchange
Mar 24 18:53:31 route1 pluto[10748]: "Test" #1: discarding packet received during DNS lookup in STATE_MAIN_I1
Mar 24 18:53:34 route1 pluto[10748]: packet from 192.168.2.1:500: phase 1 message is part of an unknown exchange
Mar 24 18:53:39 route1 pluto[10748]: "Test" #1: discarding packet received during DNS lookup in STATE_MAIN_I1

Содержание

Все тот же IPSEC,Rain, 10:36 , 25-Мрт-05

Сообщения в этом обсуждении

"Все тот же IPSEC"
Отправлено Rain , 25-Мрт-05 10:36

Ему не удается проверить почемуто PSK вид секрета такой
x.x.x.x y.y.y.y: PSK "secret"
аон дает такое, как бороть
(ядро 2.6)
Mar 25 10:41:04 route1 pluto[3132]: | started looking for secret for 192.168.2.2->192.168.2.1 of kind PPK_PSK
Mar 25 10:41:04 route1 pluto[3132]: | actually looking for secret for 192.168.2.2->192.168.2.1 of kind PPK_PSK
Mar 25 10:41:04 route1 pluto[3132]: | 1: compared PSK 192.168.2.1 to 192.168.2.2 / 192.168.2.1 -> 2
Mar 25 10:41:04 route1 pluto[3132]: | 2: compared PSK 192.168.2.2 to 192.168.2.2 / 192.168.2.1 -> 6
Mar 25 10:41:04 route1 pluto[3132]: | best_match 0>6 best=0x9b106e0 (line=2)
Mar 25 10:41:04 route1 pluto[3132]: | concluding with best_match=6 best=0x9b106e0 (lineno=2)
Mar 25 10:41:04 route1 pluto[3132]: | ******parse ISAKMP Oakley attribute:
Mar 25 10:41:04 route1 pluto[3132]: |    af+type: OAKLEY_GROUP_DESCRIPTION
Mar 25 10:41:04 route1 pluto[3132]: |    length/value: 4
Mar 25 10:41:04 route1 pluto[3132]: |    [4 is OAKLEY_GROUP_GP185]
Mar 25 10:41:04 route1 pluto[3132]: "Test" #1: only OAKLEY_GROUP_MODP1024 and OAKLEY_GROUP_MODP1536 supported.  Attribute OAKLEY_GROUP_DESCRIPTION
Mar 25 10:41:04 route1 pluto[3132]: "Test" #1: no acceptable Oakley Transform