[Openswan Users] natted connection to cisco vpn concentrator
Norbert Wegener
nw at sbs.de
Fri May 5 19:29:51 CEST 2006
I need to setup an l2tp/ipsec connection to a cisco concentrator using
certificates with a natted client.
This fails with:
[1 is AUTH_ALGORITHM_HMAC_MD5]
May 5 18:12:54 linux pluto[17389]: | our client is 84.61.12.203
May 5 18:12:54 linux pluto[17389]: | our client protocol/port is 17/1701
May 5 18:12:54 linux pluto[17389]: "rw" #2: our client ID returned
doesn't match my proposal
May 5 18:12:54 linux pluto[17389]: | complete state transition with (null)
May 5 18:12:54 linux pluto[17389]: "rw" #2: sending encrypted
notification INVALID_ID_INFORMATION to 1.2.3.4:4500
What does it mean: "rw" #2: our client ID returned doesn't match my
proposal" ?
The client uses openswan-2.4.5.
The same configuration works, if the remote station is an openswan server.
Do I have to set different parameters in the ipsec.conf, if remote is a
cisco and not an openswan or is the cisco misconfigured?
The cisco admin says, the client's certificate is accepted.
Norbert
More information about the Users
mailing list