# Problem with libreswan

## chl

I use an IPSEC VPN (PSK and Xauth) to connect to the terminal server in my office.

Due to the masking of openswan I have recently changed to libreswan.

On both computers I use, I have added the conn section (see below) that I used with openswan to the ipsec.conf of libreswan. 

ipsec.secret remained unchanged.

```

conn office

    type=tunnel

    authby=secret

    auto=start

    ikelifetime=1h

    keylife=1h 

    left=%defaultroute 

    leftid=192.168.14.20

    right=xxx.xxx.xxx.xxx

    rightsubnet=192.168.13.0/24

    leftxauthclient=yes

    rightxauthserver=yes

    leftxauthusername=xxxxx

```

On one computer it works perfectly, on the other one I get the following error messages:

```

# ipsec setup start              

Redirecting to: systemctl start ipsec.service

# ipsec auto --up office

002 "office" #3: initiating Quick Mode PSK+ENCRYPT+TUNNEL+PFS+UP+XAUTH+IKEV2_ALLOW+SAREF_TRACK+IKE_FRAG_ALLOW {using isakmp#1 msgid:4c74d706 proposal=defaults pfsgroup=OAKLEY_GROUP_MODP1536}

117 "office" #3: STATE_QUICK_I1: initiate

003 "office" #3: ignoring informational payload IPSEC_RESPONDER_LIFETIME, msgid=4c74d706, length=28

003 "office" #3: up-host command exited with status 1

032 "office" #3: STATE_QUICK_I1: internal error

003 "office" #3: ignoring informational payload IPSEC_RESPONDER_LIFETIME, msgid=4c74d706, length=28

003 "office" #3: ERROR: netlink response for Add SA esp.ec97eed0@192.168.1.100 included errno 3: No such process

003 "office" #3: Warning: expected to find an existing IPsec SA - continuing as Add SA

003 "office" #3: up-host command exited with status 1

003 "office" #3: ERROR: netlink response for Del SA esp.a4006c20@xxx.xxx.xxx.xxx included errno 3: No such process

032 "office" #3: STATE_QUICK_I1: internal error

003 "office" #3: ignoring informational payload IPSEC_RESPONDER_LIFETIME, msgid=4c74d706, length=28

003 "office" #3: ERROR: netlink response for Add SA esp.ec97eed0@192.168.1.100 included errno 3: No such process

003 "office" #3: Warning: expected to find an existing IPsec SA - continuing as Add SA

003 "office" #3: up-host command exited with status 1

003 "office" #3: ERROR: netlink response for Del SA esp.a4006c20@xxx.xxx.xxx.xxx included errno 3: No such process

032 "office" #3: STATE_QUICK_I1: internal error

.....

```

Unfortunately I have no idea why it works on one computer but not the other. Any hints?

CHL

----------

