«

[indira24]

Hi,

I am using openswan 2.4.5 with 2.6.23.5 kernel. I am facing problem when i am using host name for right in ipsec.conf file. It has two IP's 44.0.0.2 and 45.0.0.2.
ipsec barf shows

Mar 2 03:29:18 fatpipe pluto[5473]: packet from 46.0.0.2:500: received Vendor ID payload [Openswan (this version) 2.4.5 X.509-1.5.4 PLUTO_SENDS_VENDORID PLUTO_USES_KEYRR]
Mar 2 03:29:18 fatpipe pluto[5473]: packet from 46.0.0.2:500: received Vendor ID payload [Dead Peer Detection]
Mar 2 03:29:18 fatpipe pluto[5473]: "aaa" #4: responding to Main Mode
Mar 2 03:29:18 fatpipe pluto[5473]: "aaa" #4: Can't authenticate: no preshared key found for `44.0.0.2' and `46.0.0.2'. Attribute OAKLEY_AUTHENTICATION_METHOD
Mar 2 03:29:18 fatpipe pluto[5473]: "aaa" #4: no acceptable Oakley Transform
Mar 2 03:29:18 fatpipe pluto[5473]: "aaa" #4: sending notification NO_PROPOSAL_CHOSEN to 46.0.0.2:500

I have host name in both ipsec.conf and ipsec.secert file. It was working for RSA signature method. And PSK also working when host name contains only one IP. Is PSK support multiple IP for single host name(it is not dynamic). Please help me.

Thanks,
Indira.