[ previous ] [ next ] [ threads ]
 
 From:  Erik Anderson <erikerik at gmail dot com>
 To:  m0n0wall at lists dot m0n0 dot ch
 Subject:  forcing IPsec tunnel to start
 Date:  Sat, 15 Oct 2005 00:39:53 -0500 
I've started playing around w/ getting a VPN established between my
m0n0 box (v1.2) and a Cisco 3020 VPN concentrator.   The tunnel
started trying to bring itself up once, and got a few messages in the
syslog, but got the following error message:

racoon: WARNING: ipsec_doi.c:3082:ipsecdoi_checkid1(): ID value mismatched.

I changed the Phase1 mode from aggressive to main on both ends of the
tunnel to see if that made a difference.  Since then, I have seen
*zero* logs on either end indicating any IPsec traffic.

Is there a way to force the tunnel to come up, or do I just have to wait?