Has anyone successfully configured libreswan on openwrt for site-to-site connections? In a nutshell, I've configured iptables to allow UDP ports 500 (isakmp) & 4500 (ipsec-nat-t) through, the intermediate router port-forwards those same ports to/from "the wild", such packets are successfully traversing from/to the outside host & the openwrt box. However, when the tunnel is being negotiated, I receive the following messages on the openwrt box:
authpriv.warn pluto: packet from xxx.yyy.zzz.aa: initial Main Mode message received on zzz.yyy.xxx.bb:500 but no connection has been authorized with policy PSK+IKEV1_ALLOW
Is there a particular ike= algorithm, or a policy definition, I should try (in the .conf files) to get this to work?