Ubuntu Linux laptop roadwarrior to IPCop VPN 1.4.6

Fri Jul 22 16:54:19 UTC 2005

I this Problem is solved it was due to a missing carrige return in
lient's /etc/ipsec.conf!!!!

But now I get the following error:

Server:

Code:
--------------------

  Jul 22 17:49:12 ipcop pluto[909]: Starting Pluto (Openswan Version 1.0.7)

  Jul 22 17:49:12 ipcop pluto[909]:   including X.509 patch with traffic selectors (Version 0.9.42)

  Jul 22 17:49:12 ipcop pluto[909]:   including NAT-Traversal patch (Version 0.6)

  Jul 22 17:49:12 ipcop pluto[909]: 1 bad entries in virtual_private - none loaded

  Jul 22 17:49:12 ipcop pluto[909]: ike_alg_register_enc(): Activating OAKLEY_AES_CBC: Ok (ret=0)

  Jul 22 17:49:12 ipcop pluto[909]: ike_alg_register_enc(): Activating OAKLEY_BLOWFISH_CBC: Ok (ret=0)

  Jul 22 17:49:12 ipcop pluto[909]: ike_alg_register_enc(): Activating OAKLEY_CAST_CBC: Ok (ret=0)

  Jul 22 17:49:12 ipcop pluto[909]: ike_alg_register_enc(): Activating OAKLEY_SERPENT_CBC: Ok (ret=0)

  Jul 22 17:49:12 ipcop pluto[909]: ike_alg_register_hash(): Activating OAKLEY_SHA2_256: Ok (ret=0)

  Jul 22 17:49:12 ipcop pluto[909]: ike_alg_register_hash(): Activating OAKLEY_SHA2_512: Ok (ret=0)

  Jul 22 17:49:12 ipcop pluto[909]: ike_alg_register_enc(): Activating OAKLEY_TWOFISH_CBC: Ok (ret=0)

  Jul 22 17:49:12 ipcop pluto[909]: ike_alg_register_enc(): Activating OAKLEY_SSH_PRIVATE_65289: Ok (ret=0)

  Jul 22 17:49:12 ipcop pluto[909]: Changing to directory '/etc/ipsec.d/cacerts'

  Jul 22 17:49:12 ipcop pluto[909]:   Warning: empty directory

  Jul 22 17:49:12 ipcop pluto[909]: Changing to directory '/etc/ipsec.d/crls'

  Jul 22 17:49:12 ipcop pluto[909]:   Warning: empty directory

  Jul 22 17:49:12 ipcop pluto[909]: OpenPGP certificate file '/etc/pgpcert.pgp' not found

  Jul 22 17:49:18 ipcop pluto[909]: | from whack: got --esp=3des

  Jul 22 17:49:18 ipcop pluto[909]: | from whack: got --ike=3des

  Jul 22 17:49:18 ipcop pluto[909]: added connection description "bluevpn"

  Jul 22 17:49:19 ipcop pluto[909]: listening for IKE messages

  Jul 22 17:49:19 ipcop pluto[909]: adding interface ipsec0/ppp0 84.58.55.104

  Jul 22 17:49:19 ipcop pluto[909]: adding interface ipsec0/ppp0 84.58.55.104:4500

  Jul 22 17:49:19 ipcop pluto[909]: adding interface ipsec1/eth2 192.168.254.1

  Jul 22 17:49:19 ipcop pluto[909]: adding interface ipsec1/eth2 192.168.254.1:4500

  Jul 22 17:49:19 ipcop pluto[909]: loading secrets from "/etc/ipsec.secrets"

  Jul 22 17:49:21 ipcop pluto[909]: packet from 192.168.254.198:500: received Vendor ID payload [Dead Peer Detection]

  Jul 22 17:49:21 ipcop pluto[909]: packet from 192.168.254.198:500: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-03]

  Jul 22 17:49:21 ipcop pluto[909]: packet from 192.168.254.198:500: ignoring Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02]

  Jul 22 17:49:21 ipcop pluto[909]: packet from 192.168.254.198:500: ignoring Vendor ID payload [draft-ietf-ipsec-nat-t-ike-00]

  Jul 22 17:49:21 ipcop pluto[909]: "bluevpn" #1: responding to Main Mode

  Jul 22 17:49:21 ipcop pluto[909]: "bluevpn" #1: policy does not allow OAKLEY_RSA_SIG authentication.  Attribute OAKLEY_AUTHENTICATION_METHOD

  Jul 22 17:49:21 ipcop pluto[909]: "bluevpn" #1: transition from state (null) to state STATE_MAIN_R1

  Jul 22 17:49:21 ipcop pluto[909]: "bluevpn" #1: NAT-Traversal: Result using draft-ietf-ipsec-nat-t-ike-02/03: no NAT detected

  Jul 22 17:49:21 ipcop pluto[909]: "bluevpn" #1: transition from state STATE_MAIN_R1 to state STATE_MAIN_R2

  Jul 22 17:49:21 ipcop pluto[909]: "bluevpn" #1: Main mode peer ID is ID_IPV4_ADDR: '192.168.254.198'

  Jul 22 17:49:21 ipcop pluto[909]: "bluevpn" #1: transition from state STATE_MAIN_R2 to state STATE_MAIN_R3

  Jul 22 17:49:21 ipcop pluto[909]: "bluevpn" #1: sent MR3, ISAKMP SA established

  Jul 22 17:49:21 ipcop pluto[909]: "bluevpn" #1: cannot respond to IPsec SA request because no connection is known for 0.0.0.0/0===192.168.254.1...192.168.254.198===192.168.254.0/24

  Jul 22 17:49:21 ipcop pluto[909]: "bluevpn" #1: sending encrypted notification INVALID_ID_INFORMATION to 192.168.254.198:500

  Jul 22 17:49:21 ipcop pluto[909]: "bluevpn" #1: cannot respond to IPsec SA request because no connection is known for 0.0.0.0/0===192.168.254.1...192.168.254.198===192.168.254.0/24

  Jul 22 17:49:21 ipcop pluto[909]: "bluevpn" #1: sending encrypted notification INVALID_ID_INFORMATION to 192.168.254.198:500

  Jul 22 17:49:31 ipcop pluto[909]: "bluevpn" #1: Quick Mode I1 message is unacceptable because it uses a previously used Message ID 0x2686589b (perhaps this is a duplicated packet)

  Jul 22 17:49:31 ipcop pluto[909]: "bluevpn" #1: sending encrypted notification INVALID_MESSAGE_ID to 192.168.254.198:500

  Jul 22 17:49:31 ipcop pluto[909]: "bluevpn" #1: Quick Mode I1 message is unacceptable because it uses a previously used Message ID 0x972de3dd (perhaps this is a duplicated packet)

  Jul 22 17:49:31 ipcop pluto[909]: "bluevpn" #1: sending encrypted notification INVALID_MESSAGE_ID to 192.168.254.198:500

  Jul 22 17:49:51 ipcop pluto[909]: "bluevpn" #1: Quick Mode I1 message is unacceptable because it uses a previously used Message ID 0x972de3dd (perhaps this is a duplicated packet)

  Jul 22 17:49:51 ipcop pluto[909]: "bluevpn" #1: sending encrypted notification INVALID_MESSAGE_ID to 192.168.254.198:500

  Jul 22 17:49:51 ipcop pluto[909]: "bluevpn" #1: Quick Mode I1 message is unacceptable because it uses a previously used Message ID 0x2686589b (perhaps this is a duplicated packet)

  Jul 22 17:49:51 ipcop pluto[909]: "bluevpn" #1: sending encrypted notification INVALID_MESSAGE_ID to 192.168.254.198:500

  Jul 22 17:50:31 ipcop pluto[909]: "bluevpn" #1: cannot respond to IPsec SA request because no connection is known for 0.0.0.0/0===192.168.254.1...192.168.254.198===192.168.254.0/24

  Jul 22 17:50:31 ipcop pluto[909]: "bluevpn" #1: sending encrypted notification INVALID_ID_INFORMATION to 192.168.254.198:500

  Jul 22 17:50:31 ipcop pluto[909]: "bluevpn" #1: cannot respond to IPsec SA request because no connection is known for 0.0.0.0/0===192.168.254.1...192.168.254.198===192.168.254.0/24

  Jul 22 17:50:31 ipcop pluto[909]: "bluevpn" #1: sending encrypted notification INVALID_ID_INFORMATION to 192.168.254.198:500

  Jul 22 17:50:41 ipcop pluto[909]: "bluevpn" #1: Quick Mode I1 message is unacceptable because it uses a previously used Message ID 0x6a9d5f1c (perhaps this is a duplicated packet)

  Jul 22 17:50:41 ipcop pluto[909]: "bluevpn" #1: sending encrypted notification INVALID_MESSAGE_ID to 192.168.254.198:500

  Jul 22 17:50:41 ipcop pluto[909]: "bluevpn" #1: Quick Mode I1 message is unacceptable because it uses a previously used Message ID 0x025007fc (perhaps this is a duplicated packet)

  Jul 22 17:50:41 ipcop pluto[909]: "bluevpn" #1: sending encrypted notification INVALID_MESSAGE_ID to 192.168.254.198:500

  Jul 22 17:51:01 ipcop pluto[909]: "bluevpn" #1: Quick Mode I1 message is unacceptable because it uses a previously used Message ID 0x025007fc (perhaps this is a duplicated packet)

--------------------

Client:

Code:
--------------------

  uwe at 5200-801:~/Desktop$ sudo ipsec auto --up bluevpn

  104 "bluevpn" #1: STATE_MAIN_I1: initiate

  003 "bluevpn" #1: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-03] method set to=108

  003 "bluevpn" #1: received Vendor ID payload [Dead Peer Detection]

  106 "bluevpn" #1: STATE_MAIN_I2: sent MI2, expecting MR2

  003 "bluevpn" #1: NAT-Traversal: Result using draft-ietf-ipsec-nat-t-ike-02/03: no NAT detected

  108 "bluevpn" #1: STATE_MAIN_I3: sent MI3, expecting MR3

  004 "bluevpn" #1: STATE_MAIN_I4: ISAKMP SA established

  117 "bluevpn" #2: STATE_QUICK_I1: initiate

  010 "bluevpn" #2: STATE_QUICK_I1: retransmission; will wait 20s for response

  010 "bluevpn" #2: STATE_QUICK_I1: retransmission; will wait 40s for response

--------------------

I am really lost here, google does not help. I have no Idea.* I really
hate that it is working in windows but not with Hoary kubuntu*

-- 
coaxx