<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
<HTML><HEAD>
<META http-equiv=Content-Type content="text/html; charset=iso-8859-1">
<META content="MSHTML 6.00.2800.1458" name=GENERATOR>
<STYLE></STYLE>
</HEAD>
<BODY bgColor=#ffffff>
<DIV><FONT face=Arial size=2>Hi,</FONT></DIV>
<DIV><FONT face=Arial size=2></FONT> </DIV>
<DIV><FONT face=Arial size=2> want ur help to
identify a problem and some hint towards solution ??</FONT></DIV>
<DIV><FONT face=Arial size=2></FONT> </DIV>
<DIV><FONT face=Arial size=2> i want to establish a
roadwarrior connection using presharedkey in aggressive mode. use openswan 2.4.2
and greenbow 2.51 as client</FONT></DIV>
<DIV><FONT face=Arial size=2></FONT> </DIV>
<DIV><FONT face=Arial size=2> <STRONG>network
diagram</STRONG></FONT></DIV>
<DIV><STRONG><FONT face=Arial size=2></FONT></STRONG> </DIV>
<DIV><FONT face=Arial size=2> LAN----------------[ VPN Server
]----------------------[ Router ]-----------------------[ Roadwarrior
]</FONT></DIV>
<DIV><FONT face=Arial size=2></FONT> </DIV>
<DIV><FONT face=Arial size=2> <STRONG>configuration is
:</STRONG></FONT></DIV>
<DIV><FONT face=Arial size=2>
<STRONG>ipsec.conf</STRONG></FONT></DIV>
<BLOCKQUOTE dir=ltr style="MARGIN-RIGHT: 0px">
<DIV><FONT face=Arial size=2> version
2<BR>config setup<BR>
interfaces="ipsec0=eth1 "<BR>
klipsdebug=none<BR>
plutodebug="none"<BR>
uniqueids=yes<BR>
nat_traversal=yes<BR>
crlcheckinterval=3600</FONT></DIV>
<DIV><FONT face=Arial size=2></FONT> </DIV><FONT face=Arial size=2>
<DIV><BR>conn %default<BR>
leftupdown=/usr/lib/ipsec/_updown<BR>
rightupdown=/usr/lib/ipsec/_updown</DIV>
<DIV> </DIV>
<DIV>conn test_conn<BR>
type=tunnel<BR>
left=142.7.7.1<BR>
leftsubnet=160.7.7.0/24<BR>
leftnexthop=142.7.7.254<BR>
right=%any<BR>
authby=secret<BR>
auto=add<BR>
keylife=3600<BR>
rekey=no<BR>
rekeymargin=120<BR>
rekeyfuzz=0%<BR>
keyingtries=3<BR>
compress=no<BR>
failureshunt=drop<BR>
dpddelay=30<BR>
dpdtimeout=120<BR>
dpdaction=clear<BR>
ikelifetime=3600<BR>
pfs=no<BR>
aggrmode=yes<BR>
ike="3DES-MD5-modp1536,3DES-SHA1-modp1536,AES128-SHA1-modp1536"<BR>
esp="3DES-MD5,3DES-SHA1,AES128-SHA1"</DIV>
<DIV> </DIV>
<DIV> </DIV>
<DIV><STRONG>ipsec.secrets</STRONG></DIV>
<BLOCKQUOTE dir=ltr style="MARGIN-RIGHT: 0px">
<DIV>142.7.7.1 %any : PSK "presharedkey"</DIV>
<DIV> </DIV></BLOCKQUOTE>
<DIV dir=ltr><STRONG>/var/log/secure</STRONG></DIV>
<BLOCKQUOTE dir=ltr style="MARGIN-RIGHT: 0px">
<DIV dir=ltr>Feb 07 10:37:28 1139288848 pluto[21650]: packet from
151.7.7.131:500: received Vendor ID payload
[draft-ietf-ipsec-nat-t-ike-00]<BR>Feb 07 10:37:28 1139288848 pluto[21650]:
packet from 151.7.7.131:500: received Vendor ID payload
[draft-ietf-ipsec-nat-t-ike-02_n] method set to=106 <BR>Feb 07 10:37:28
1139288848 pluto[21650]: packet from 151.7.7.131:500: received Vendor ID
payload [draft-ietf-ipsec-nat-t-ike-03] method set to=108 <BR>Feb 07
10:37:28 1139288848 pluto[21650]: "test_conn"[1] 151.7.7.131 #1: Aggressive
mode peer ID is ID_IPV4_ADDR: '0.0.0.0'<BR>Feb 07 10:37:28 1139288848
pluto[21650]: "test_conn"[2] 151.7.7.131 #1: deleting connection "test_conn"
instance with peer 151.7.7.131 {isakmp=#0/ipsec=#0}<BR>Feb 07 10:37:28
1139288848 pluto[21650]: "test_conn"[2] 151.7.7.131 #1: responding to
Aggressive Mode, state #1, connection "test_conn" from 151.7.7.131<BR>Feb 07
10:37:28 1139288848 pluto[21650]: "test_conn"[2] 151.7.7.131 #1: transition
from state STATE_AGGR_R0 to state STATE_AGGR_R1<BR>Feb 07 10:37:28
1139288848 pluto[21650]: "test_conn"[2] 151.7.7.131 #1: STATE_AGGR_R1: sent
AR1, expecting AI2<BR>Feb 07 10:37:28 1139288848 pluto[21650]: packet from
151.7.7.131:500: ignoring informational payload, type
UNEQUAL_PAYLOAD_LENGTHS<BR>Feb 07 10:37:28 1139288848 pluto[21650]: packet
from 151.7.7.131:500: received and ignored informational message<BR>Feb 07
10:37:28 1139288848 pluto[21650]: packet from 151.7.7.131:500: received and
ignored informational message<BR>Feb 07 10:37:38 1139288858 pluto[21650]:
packet from 151.7.7.131:500: ignoring informational payload, type
INVALID_COOKIE<BR>Feb 07 10:37:38 1139288858 pluto[21650]: packet from
151.7.7.131:500: received and ignored informational message<BR>Feb 07
10:37:58 1139288878 pluto[21650]: packet from 151.7.7.131:500: ignoring
informational payload, type INVALID_COOKIE<BR>Feb 07 10:37:58 1139288878
pluto[21650]: packet from 151.7.7.131:500: received and ignored
informational message</FONT></DIV></BLOCKQUOTE></BLOCKQUOTE>
<DIV><FONT face=Arial size=2> Thanks.. </FONT></DIV>
<DIV><FONT face=Arial size=2></FONT> </DIV>
<DIV><FONT face=Arial size=2>Regards,</FONT></DIV>
<DIV><FONT face=Arial size=2></FONT> </DIV>
<DIV><FONT face=Arial size=2>Utkarsh Shah</FONT></DIV></BODY></HTML>