FreeS/WAN pre-shared keys

[Jimen Ching]

Hi all,

I am trying to configure FreeS/WAN and I am getting the following error:

May  3 21:18:58 core ipsec_setup: 003 "jching-work" #1: Can't authenticate: no preshared key.  Attribute OAKLEY_AUTHENTICATION_METHOD

My ipsec.conf file looks like...

config setup
        interfaces=%defaultroute
        klipsdebug=none
        plutodebug=none
        plutoload=%search
        plutostart=%search
        plutobackgroundload=yes

conn %default
        keyingtries=1
        authby=rsasig

conn jching-adtech
        left=%defaultroute
        leftsubnet=192.168.1.0/24
        leftfirewall=yes
        right=a.b.c.d
        rightsubnet=10.12.0.0/16
        rightfirewall=yes
        auto=start
        keyingtries=3
        authby=secret

And my ipsec.secrets looks like this...

%any a.b.c.d : PSK "some string"
%any e.f.g.h : PSK "some string"
a.b.c.d %any : PSK "some string"
e.f.g.h %any : PSK "some string"
a.b.c.d e.f.g.h : PSK "some string"
e.f.g.h a.b.c.d : PSK "some string"

Where a.b.c.d is the work VPN, and e.f.g.h is FreeS/WAN.  They can ping
each other, so there is no firewall/masquarading problem.  I type

	ipsec showhostkey

and I get the same error.  Does anyone see any problems?

--jc
--
Jimen Ching (WH6BRR)      jching at flex.com     wh6brr at uhm.ampr.org