Hi all, Due to troubles with freeswan-2.04_1.4.8-12 I try to use freeswan-1.99_0.9.34-80 (www.suse.de/~garloff/linux/FreeSWAN/). /---------------\ /---------------\ /---------------\ /---------------\ | Linux 2.4.19 | | Speed Touch | | W-Lan Router | | WINX W2k | | 62.210.20.146 |<----| 62.210.20.145 |<----| WAN-IP: |<---| W-LAN-IP: | | SuSE 9.0 | | No NAT at all | | 213.39.205.80 | | 192.168.1.99 | \---------------/ \---------------/ \---------------/ \---------------/ VPN-Server: SuSE 9.0, SpeedTouch: static IP, freeswan-1.99_0.9.34-80 <snip v/l/m> vpnserver pluto[24299]: "w2k-client"[4] 213.39.205.80 #2: cannot respond to IPsec SA request because no connection is known for 62.206.19.146[C=DE, ST=Hamburg, L=Hamburg, CN=<Admin CN>]:17/0...213.39.205.80[C=DE, ST=Koeln, CN=<User CN>]:17/1701==={192.168.1.99/32} vpnserver pluto[24299]: "w2k-client"[4] 213.39.205.80 #2: sending encrypted notification INVALID_ID_INFORMATION to 213.39.205.80:500 vpnserver pluto[24299]: "w2k-client"[4] 213.39.205.80 #2: Quick Mode I1 message is unacceptable because it uses a previously used Message ID 0xee13aa39 (perhaps this is a duplicated packet) vpnserver pluto[24299]: "w2k-client"[4] 213.39.205.80 #2: sending encrypted notification INVALID_MESSAGE_ID to 213.39.205.80:500 vpnserver pluto[24299]: "w2k-client"[4] 213.39.205.80 #2: Quick Mode I1 message is unacceptable because it uses a previously used Message ID 0xee13aa39 (perhaps this is a duplicated packet) vpnserver pluto[24299]: "w2k-client"[4] 213.39.205.80 #2: sending encrypted notification INVALID_MESSAGE_ID to 213.39.205.80:500 vpnserver pluto[24299]: "w2k-client"[4] 213.39.205.80 #2: Quick Mode I1 message is unacceptable because it uses a previously used Message ID 0xee13aa39 (perhaps this is a duplicated packet) vpnserver pluto[24299]: "w2k-client"[4] 213.39.205.80 #2: sending encrypted notification INVALID_MESSAGE_ID to 213.39.205.80:500 vpnserver pluto[24299]: "w2k-client"[4] 213.39.205.80 #2: received Delete SA payload: deleting ISAKMP State #2 vpnserver pluto[24299]: "w2k-client"[4] 213.39.205.80: deleting connection "w2k-client" instance with peer 213.39.205.80 <snap v/l/m> What do I need to change in ipsec.conf to make it run? I donn't understand the first error. What is wrong with my ipsec.conf? If you need any more information, I'll be glad to provide it !! Thanks in advance. <snip ipsec.conf> config setup interfaces=%defaultroute klipsdebug=none plutodebug=none plutoload=%search plutostart=%search uniqueids=yes conn %default keyingtries=0 disablearrivalcheck=no authby=rsasig leftrsasigkey=%cert rightrsasigkey=%cert conn w2k-client left=62.210.20.146 leftnexthop=62.210.20.145 leftrsasigkey=%cert leftcert=gatecert.pem leftprotoport=17/0 right=%any rightrsasigkey=%cert pfs=no rightsubnet=192.168.1.99/32 rightprotoport=17/1701 keyingtries=0 disablearrivalcheck=no auto=add <snap : ipsec.conf>