[Openswan Users] OpenS/WAN and Win2K/XP
David Spear
dspear at telus.net
Tue Jan 25 15:52:35 CET 2005
> hi users,
> recently i reviewed the x509-patch-docs an so i know where to look for
> the clarificaton:
> from
> http://www.strongsec.com/freeswan/install.txt
> ST State or province
> S Surname
>
> You have a typo in the windos.conf in DN/subjectline of the cert.
>
> hopefuly it was the whole thing...
>
> regards
> jz
>
I fixed the error in ipsec.conf on the Win2K box but, alas, I still
receive the error "no suitable connection for
/C=CA/ST=BC/L=Penticton/O=HMEXC/CN=downstairs" on my openswan box.
Could someone please elaborate as to WHICH cert I should reference with
Leftcert=xxxxxxxx
in my openswan /etc/ipsec.conf. I have tried using the same cert I am
using on the windows boxes (downstairs.pem) and my ca cert (cacert.pem).
Neither seems to work. Or maybe I just have a config error in my
ipsec.conf as well.
Conn roadwarrior
Right=%any
Left=192.168.1.101
Auto=add
Pfs=yes
Leftcert=(what? CA cert? Host cert?)
Do I need to generate a cert for my freeswan gateway like I did for the
Windows boxes? I have read and read and read the how-to's and just
can't seem to make things work.
More information about the Users
mailing list