httpCRASH Posted November 20, 2011 Share Posted November 20, 2011 Hi guys, hope that someone in here uses openswan and can help me... Im setting up an VPN server with 2 goals, first of all getting my iphone/ipad a secure gateway to the internet when on the road.. second to let the the iphone use my own DNS server while using a 3G connection (so that i can change the reply to an app by sending the requests from the app to my own webserver (but thats another story)) back to the VPN, im setting it up on a ubuntu on 192.168.3.161 im testing with an ipad from the same lan, to be shure not to get nat/firewall issues ipad has 192.168.3.100 I have tried some different guides, and of-course goggled all errors i have seen, but now i am stuck, got the following output from my auth.log and cant figure out what to change to solve this :( Nov 20 17:49:45 sm-laptop pluto[5469]: ERROR: asynchronous network error report on eth0 (sport=4500) for message to 192.168.3.100 port 4500, complainant 192.168.3.100: Connection refused [errno 111, origin ICMP type 3 code 3 (not authenticated)] Nov 20 17:50:55 sm-laptop pluto[5469]: last message repeated 7 times Nov 20 17:51:06 sm-laptop pluto[5469]: ERROR: asynchronous network error report on eth0 (sport=4500) for message to 192.168.3.100 port 4500, complainant 192.168.3.100: Connection refused [errno 111, origin ICMP type 3 code 3 (not authenticated)] Nov 20 17:51:15 sm-laptop pluto[5469]: "L2TP-PSK-NAT"[1] 192.168.3.100 #1: DPD: No response from peer - declaring peer dead Nov 20 17:51:15 sm-laptop pluto[5469]: "L2TP-PSK-NAT"[1] 192.168.3.100 #1: DPD: Clearing Connection Nov 20 17:51:15 sm-laptop pluto[5469]: "L2TP-PSK-NAT" #2: deleting state (STATE_QUICK_R2) Nov 20 17:51:15 sm-laptop pluto[5469]: "L2TP-PSK-NAT" #1: deleting state (STATE_MAIN_R3) Nov 20 17:51:15 sm-laptop pluto[5469]: "L2TP-PSK-NAT"[1] 192.168.3.100: deleting connection "L2TP-PSK-NAT" instance with peer 192.168.3.100 {isakmp=#0/ipsec=#0} Nov 20 17:51:15 sm-laptop pluto[5469]: ERROR: asynchronous network error report on eth0 (sport=4500) for message to 192.168.3.100 port 4500, complainant 192.168.3.100: Connection refused [errno 111, origin ICMP type 3 code 3 (not authenticated)] Nov 20 17:52:33 sm-laptop pluto[5469]: last message repeated 2 times Quote Link to comment Share on other sites More sharing options...
flood Posted November 21, 2011 Share Posted November 21, 2011 What VPN client are you using on the ipad? Are both the VPN server and the client setup for IPSec? Why are you setting up a VPN server on an internal ip address? Quote Link to comment Share on other sites More sharing options...
httpCRASH Posted November 21, 2011 Author Share Posted November 21, 2011 What VPN client are you using on the ipad? Are both the VPN server and the client setup for IPSec? Why are you setting up a VPN server on an internal ip address? Im using the build in VPN client, set to L2TP, and yes, the server should be set up for this as well, have followed a guide to the Letter, but dont know enough about this to be shure that i have set it up correctly... My main reason for setting it up internaly and then routing it out is that All the guides i have found show you how to set VPN clients up in the same range as your network card in the server, and dont show anything about making a NAT between the VPN ussrs and an external IP. My first idea was to put it directly on my server in a hostingcenter, but after alot of trial and error i gave that up, and went for the other aproach, to try and get a working internal setup that i could route out to an external IP first, so that it would be easier to follow a guide Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.