Phase #1 (IKE) succeeds without any problems (verified at the target host). Phase #2 (IPSec), however, is erroneous at some point (apparently due to misconfiguration on localhost). This should be an IPSec-only connection. I am using OpenSwan on Debian. The error log reads the following (the actual IP-addr. of the remote endpoint has been modified): pluto[30868]: “x” #2: initiating Quick Mode PSK+ENCRYPT+PFS+UP+IKEv2ALLOW+SAREFTRACK {using isakmp#1 msgid:5ece82ee proposal=AES(12)_256-SHA1(2)_160 pfsgroup=OAKLEY_GROUP_DH22} pluto[30868]: “x” #1: ignoring informational payload, type NO_PROPOSAL_CHOSEN [...]

I have just installed OpenSwan on Debian 6.0, and configured it according to this tutorial: http://confoundedtech.blogspot.co.uk/2011/08/android-nexus-one-ipsec-psk-vpn-with.html There are many similar documents, and even though I change some of the parameters, I always end with the following error from xl2tpd, when I try to connect with an Iphone as the VPN client, using L2TP: Apr 22 16:31:25 debian xl2tpd[19713]: network_thread: recv packet from 212.183.140.62, size = 476, tunnel = 32857, call = 10067 ref=0 refhim=0 Apr [...]

I couldnt find any answers to this question (hopefully that isn’t telling me this is not possible) First: This is a hosted environment where we do not have control over the routers all we have is a internal network and a DMZ network and a host in each. In the DMZ is a rhel server running openswan and terminating a ipsec VPN tunnel to another site. The system in the internal network needs to access [...]