<html xmlns:o="urn:schemas-microsoft-com:office:office" xmlns:w="urn:schemas-microsoft-com:office:word" xmlns="http://www.w3.org/TR/REC-html40">
<head>
<meta http-equiv=Content-Type content="text/html; charset=iso-8859-1">
<meta name=Generator content="Microsoft Word 11 (filtered medium)">
<style>
<!--
/* Style Definitions */
p.MsoNormal, li.MsoNormal, div.MsoNormal
{margin:0cm;
margin-bottom:.0001pt;
font-size:12.0pt;
font-family:"Times New Roman";}
a:link, span.MsoHyperlink
{color:blue;
text-decoration:underline;}
a:visited, span.MsoHyperlinkFollowed
{color:purple;
text-decoration:underline;}
span.EmailStyle17
{mso-style-type:personal-compose;
font-family:Arial;
color:windowtext;}
@page Section1
{size:595.3pt 841.9pt;
margin:70.85pt 70.85pt 70.85pt 70.85pt;}
div.Section1
{page:Section1;}
-->
</style>
</head>
<body lang=FR link=blue vlink=purple>
<div class=Section1>
<p class=MsoNormal><font size=2 face=Arial><span lang=EN-GB style='font-size:
10.0pt;font-family:Arial'>Hello,<o:p></o:p></span></font></p>
<p class=MsoNormal><font size=2 face=Arial><span lang=EN-GB style='font-size:
10.0pt;font-family:Arial'><o:p> </o:p></span></font></p>
<p class=MsoNormal><font size=2 face=Arial><span lang=EN-GB style='font-size:
10.0pt;font-family:Arial'>I’m trying to setup Openswan installed on
Debian Sarge as client for a Cisco firewall and for a Clavister.<o:p></o:p></span></font></p>
<p class=MsoNormal><font size=2 face=Arial><span lang=EN-GB style='font-size:
10.0pt;font-family:Arial'>Both servers are using shared secrets which are
already inserted in the ipsec.secrets file.<o:p></o:p></span></font></p>
<p class=MsoNormal><font size=2 face=Arial><span lang=EN-GB style='font-size:
10.0pt;font-family:Arial'><o:p> </o:p></span></font></p>
<p class=MsoNormal><font size=2 face=Arial><span lang=EN-GB style='font-size:
10.0pt;font-family:Arial'>Any help will be very appreciated as I’m trying
to initiate the connection for 2 days now…<o:p></o:p></span></font></p>
<p class=MsoNormal><font size=2 face=Arial><span lang=EN-GB style='font-size:
10.0pt;font-family:Arial'><o:p> </o:p></span></font></p>
<p class=MsoNormal><font size=2 face=Arial><span lang=EN-GB style='font-size:
10.0pt;font-family:Arial'>So to begin here is the information the remote admins
gave me:<o:p></o:p></span></font></p>
<p class=MsoNormal><font size=2 face=Arial><span lang=EN-GB style='font-size:
10.0pt;font-family:Arial'><o:p> </o:p></span></font></p>
<p class=MsoNormal><font size=2 face=Arial><span lang=EN-GB style='font-size:
10.0pt;font-family:Arial'>First Tunnel (Clavister ver. 8.50):<o:p></o:p></span></font></p>
<p class=MsoNormal style='margin-left:35.4pt'><font size=2 face=Arial><span
lang=EN-GB style='font-size:10.0pt;font-family:Arial'>VPN Address: </span></font><font
size=2 face=Arial><span lang=NL-BE style='font-size:10.0pt;font-family:Arial'><a
href="http://www.xxx.yyy.zzz/" title="http://www.xxx.yyy.zzz/"><span
lang=EN-GB><span title="http://www.xxx.yyy.zzz/">www.xxx.yyy.zzz</span></span></a></span></font><font
size=2 face=Arial><span lang=EN-GB style='font-size:10.0pt;font-family:Arial'><o:p></o:p></span></font></p>
<p class=MsoNormal style='margin-left:35.4pt'><font size=2 face=Arial><span
lang=EN-GB style='font-size:10.0pt;font-family:Arial'>Connected lan:
10.10.4.64/26<o:p></o:p></span></font></p>
<p class=MsoNormal style='margin-left:35.4pt'><font size=2 face=Arial><span
lang=EN-GB style='font-size:10.0pt;font-family:Arial'><o:p> </o:p></span></font></p>
<p class=MsoNormal style='margin-left:35.4pt'><font size=2 face=Arial><span
lang=EN-GB style='font-size:10.0pt;font-family:Arial'>Ike settings:<o:p></o:p></span></font></p>
<p class=MsoNormal style='margin-left:35.4pt'><font size=2 face=Arial><span
lang=EN-GB style='font-size:10.0pt;font-family:Arial'>
Encryption method: 3des<o:p></o:p></span></font></p>
<p class=MsoNormal style='margin-left:35.4pt'><font size=2 face=Arial><span
lang=EN-GB style='font-size:10.0pt;font-family:Arial'>
Diffie-Helman group: 2<o:p></o:p></span></font></p>
<p class=MsoNormal style='margin-left:35.4pt'><font size=2 face=Arial><span
lang=EN-GB style='font-size:10.0pt;font-family:Arial'>
Pre-shared secret: mysecret1<o:p></o:p></span></font></p>
<p class=MsoNormal style='margin-left:35.4pt'><font size=2 face=Arial><span
lang=EN-GB style='font-size:10.0pt;font-family:Arial'>
Hash algorithm: sha1<o:p></o:p></span></font></p>
<p class=MsoNormal style='margin-left:35.4pt'><font size=2 face=Arial><span
lang=EN-GB style='font-size:10.0pt;font-family:Arial'>
Ike Keep alive interval: disabled<o:p></o:p></span></font></p>
<p class=MsoNormal style='margin-left:35.4pt'><font size=2 face=Arial><span
lang=EN-GB style='font-size:10.0pt;font-family:Arial'>
Ike lifetime: 3600<o:p></o:p></span></font></p>
<p class=MsoNormal style='margin-left:35.4pt'><font size=2 face=Arial><span
lang=EN-GB style='font-size:10.0pt;font-family:Arial'>IPSec Settings:<o:p></o:p></span></font></p>
<p class=MsoNormal style='margin-left:35.4pt'><font size=2 face=Arial><span
lang=EN-GB style='font-size:10.0pt;font-family:Arial'>
Encryption method: 3des<o:p></o:p></span></font></p>
<p class=MsoNormal style='margin-left:35.4pt'><font size=2 face=Arial><span
lang=EN-GB style='font-size:10.0pt;font-family:Arial'>
Diffie-Helman group: 2<o:p></o:p></span></font></p>
<p class=MsoNormal style='margin-left:35.4pt'><font size=2 face=Arial><span
lang=EN-GB style='font-size:10.0pt;font-family:Arial'>
Hash algorithm: sha1-96<o:p></o:p></span></font></p>
<p class=MsoNormal style='margin-left:35.4pt'><font size=2 face=Arial><span
lang=EN-GB style='font-size:10.0pt;font-family:Arial'>
Protocol: ESP<o:p></o:p></span></font></p>
<p class=MsoNormal style='margin-left:35.4pt'><font size=2 face=Arial><span
lang=EN-GB style='font-size:10.0pt;font-family:Arial'>
IPSec Lifetime: 3600 <o:p></o:p></span></font></p>
<p class=MsoNormal><font size=2 face=Arial><span lang=EN-GB style='font-size:
10.0pt;font-family:Arial'><o:p> </o:p></span></font></p>
<p class=MsoNormal><font size=2 face=Arial><span lang=EN-GB style='font-size:
10.0pt;font-family:Arial'>Second Tunnel (Cisco)<o:p></o:p></span></font></p>
<p class=MsoNormal><font size=2 face=Arial><span lang=EN-GB style='font-size:
10.0pt;font-family:Arial'>
VPN Address: aaa.bbb.ccc.ddd<o:p></o:p></span></font></p>
<p class=MsoNormal><font size=2 face=Arial><span lang=EN-GB style='font-size:
10.0pt;font-family:Arial'>
Connected lan: </span></font><font size=2 face="Courier New"><span lang=EN-GB
style='font-size:10.0pt;font-family:"Courier New"'>57.57.0.0/16<o:p></o:p></span></font></p>
<p class=MsoNormal><font size=2 face="Courier New"><span lang=EN-GB
style='font-size:10.0pt;font-family:"Courier New"'>
</span></font><font size=2 face=Arial><span lang=EN-GB style='font-size:10.0pt;
font-family:Arial'>ISAKMP<o:p></o:p></span></font></p>
<p class=MsoNormal style='margin-left:35.4pt;text-indent:35.4pt'><font size=2
face=Arial><span lang=EN-GB style='font-size:10.0pt;font-family:Arial'>encryption
3des<o:p></o:p></span></font></p>
<p class=MsoNormal style='margin-left:35.4pt;text-indent:35.4pt'><font size=2
face=Arial><span lang=EN-GB style='font-size:10.0pt;font-family:Arial'>hash md5<o:p></o:p></span></font></p>
<p class=MsoNormal style='margin-left:35.4pt;text-indent:35.4pt'><font size=2
face=Arial><span lang=EN-GB style='font-size:10.0pt;font-family:Arial'>authentication
pre-share<o:p></o:p></span></font></p>
<p class=MsoNormal style='margin-left:35.4pt;text-indent:35.4pt'><font size=2
face=Arial><span lang=EN-GB style='font-size:10.0pt;font-family:Arial'>lifetime
3600<o:p></o:p></span></font></p>
<p class=MsoNormal style='margin-left:35.4pt;text-indent:35.4pt'><font size=2
face=Arial><span lang=EN-GB style='font-size:10.0pt;font-family:Arial'>Pre-shared
secret: mysecret2<o:p></o:p></span></font></p>
<p class=MsoNormal style='margin-left:35.4pt'><font size=2 face=Arial><span
lang=EN-GB style='font-size:10.0pt;font-family:Arial'>IPSEC<o:p></o:p></span></font></p>
<p class=MsoNormal style='margin-left:35.4pt;text-indent:35.4pt'><font size=2
face=Arial><span style='font-size:10.0pt;font-family:Arial'>transform-set:
esp-3des esp-md5-hmac<o:p></o:p></span></font></p>
<p class=MsoNormal><font size=2 face=Arial><span style='font-size:10.0pt;
font-family:Arial'><o:p> </o:p></span></font></p>
<p class=MsoNormal><font size=2 face=Arial><span lang=EN-GB style='font-size:
10.0pt;font-family:Arial'>Here is the information concerning our network<o:p></o:p></span></font></p>
<p class=MsoNormal><font size=2 face=Arial><span lang=EN-GB style='font-size:
10.0pt;font-family:Arial'>
VPN Client address: ggg.hhh.iii.170<o:p></o:p></span></font></p>
<p class=MsoNormal><font size=2 face=Arial><span lang=EN-GB style='font-size:
10.0pt;font-family:Arial'>
VPN next hop: ggg.hhh.iii.169<o:p></o:p></span></font></p>
<p class=MsoNormal><font size=2 face=Arial><span lang=EN-GB style='font-size:
10.0pt;font-family:Arial'>
Connected LAN: 10.1.1.0/24<o:p></o:p></span></font></p>
<p class=MsoNormal><font size=2 face=Arial><span lang=EN-GB style='font-size:
10.0pt;font-family:Arial'>
OpenSwan Version: Linux Openswan U2.2.0/K2.6.8-2-386 (Installed on a Debian
Sarge)<o:p></o:p></span></font></p>
<p class=MsoNormal><font size=2 face=Arial><span lang=EN-GB style='font-size:
10.0pt;font-family:Arial'>
Firewall ports: esp, ah(probably not necessary in this case), udp 500<o:p></o:p></span></font></p>
<p class=MsoNormal><font size=2 face=Arial><span lang=EN-GB style='font-size:
10.0pt;font-family:Arial'><o:p> </o:p></span></font></p>
<p class=MsoNormal><font size=2 face=Arial><span lang=EN-GB style='font-size:
10.0pt;font-family:Arial'>Ipsec.secrets<o:p></o:p></span></font></p>
<p class=MsoNormal><font size=2 face=Arial><span lang=EN-GB style='font-size:
10.0pt;font-family:Arial'>
<i><span style='font-style:italic'>ggg.hhh.iii.170 </span></i></span></font><i><font
size=2 face=Arial><span lang=NL-BE style='font-size:10.0pt;font-family:Arial;
font-style:italic'><a href="http://www.xxx.yyy.zzz/"
title="http://www.xxx.yyy.zzz/"><span lang=EN-GB><span
title="http://www.xxx.yyy.zzz/">www.xxx.yyy.zzz</span></span></a></span></font></i><i><font
size=2 face=Arial><span lang=EN-GB style='font-size:10.0pt;font-family:Arial;
font-style:italic'>: PSK "mysecret1"<o:p></o:p></span></font></i></p>
<p class=MsoNormal style='text-indent:35.4pt'><i><font size=2 face=Arial><span
lang=EN-GB style='font-size:10.0pt;font-family:Arial;font-style:italic'>ggg.hhh.iii.170
aaa.bbb.ccc.ddd: PSK "mysecret2"<o:p></o:p></span></font></i></p>
<p class=MsoNormal><font size=2 face=Arial><span lang=EN-GB style='font-size:
10.0pt;font-family:Arial'><o:p> </o:p></span></font></p>
<p class=MsoNormal><font size=2 face=Arial><span lang=EN-GB style='font-size:
10.0pt;font-family:Arial'>Ipsec.conf<o:p></o:p></span></font></p>
<p class=MsoNormal><font size=2 face=Arial><span lang=EN-GB style='font-size:
10.0pt;font-family:Arial'>
<i><span style='font-style:italic'>version 2.0 #
conforms to second version of ipsec.conf specification<o:p></o:p></span></i></span></font></p>
<p class=MsoNormal style='margin-left:35.4pt'><i><font size=2 face=Arial><span
lang=EN-GB style='font-size:10.0pt;font-family:Arial;font-style:italic'>config
setup<o:p></o:p></span></font></i></p>
<p class=MsoNormal style='margin-left:35.4pt'><i><font size=2 face=Arial><span
lang=EN-GB style='font-size:10.0pt;font-family:Arial;font-style:italic'><o:p> </o:p></span></font></i></p>
<p class=MsoNormal style='margin-left:35.4pt'><i><font size=2 face=Arial><span
lang=EN-GB style='font-size:10.0pt;font-family:Arial;font-style:italic'>#Disable
Opportunistic Encryption<o:p></o:p></span></font></i></p>
<p class=MsoNormal style='margin-left:35.4pt'><i><font size=2 face=Arial><span
lang=EN-GB style='font-size:10.0pt;font-family:Arial;font-style:italic'>include
/etc/ipsec.d/examples/no_oe.conf<o:p></o:p></span></font></i></p>
<p class=MsoNormal style='margin-left:35.4pt'><i><font size=2 face=Arial><span
lang=EN-GB style='font-size:10.0pt;font-family:Arial;font-style:italic'><o:p> </o:p></span></font></i></p>
<p class=MsoNormal style='margin-left:35.4pt'><i><font size=2 face=Arial><span
lang=EN-GB style='font-size:10.0pt;font-family:Arial;font-style:italic'>conn
net-to-first<o:p></o:p></span></font></i></p>
<p class=MsoNormal style='margin-left:35.4pt'><i><font size=2 face=Arial><span
lang=EN-GB style='font-size:10.0pt;font-family:Arial;font-style:italic'>
type= tunnel<o:p></o:p></span></font></i></p>
<p class=MsoNormal style='margin-left:35.4pt'><i><font size=2 face=Arial><span
lang=EN-GB style='font-size:10.0pt;font-family:Arial;font-style:italic'>
left= ggg.hhh.iii.170<o:p></o:p></span></font></i></p>
<p class=MsoNormal style='margin-left:35.4pt'><i><font size=2 face=Arial><span
lang=EN-GB style='font-size:10.0pt;font-family:Arial;font-style:italic'>
leftnexthop= ggg.hhh.iii.169<o:p></o:p></span></font></i></p>
<p class=MsoNormal style='margin-left:35.4pt'><i><font size=2 face=Arial><span
lang=EN-GB style='font-size:10.0pt;font-family:Arial;font-style:italic'>
leftsubnet= 10.1.1.0/24<o:p></o:p></span></font></i></p>
<p class=MsoNormal style='margin-left:35.4pt'><i><font size=2 face=Arial><span
lang=EN-GB style='font-size:10.0pt;font-family:Arial;font-style:italic'>
right= </span></font></i><i><font
size=2 face=Arial><span lang=NL-BE style='font-size:10.0pt;font-family:Arial;
font-style:italic'><a href="http://www.xxx.yyy.zzz/"
title="http://www.xxx.yyy.zzz/"><span lang=EN-GB><span
title="http://www.xxx.yyy.zzz/">www.xxx.yyy.zzz</span></span></a></span></font></i><i><font
size=2 face=Arial><span lang=EN-GB style='font-size:10.0pt;font-family:Arial;
font-style:italic'><o:p></o:p></span></font></i></p>
<p class=MsoNormal style='margin-left:35.4pt'><i><font size=2 face=Arial><span
lang=EN-GB style='font-size:10.0pt;font-family:Arial;font-style:italic'>
rightsubnet= 10.10.4.64/26<o:p></o:p></span></font></i></p>
<p class=MsoNormal style='margin-left:35.4pt'><i><font size=2 face=Arial><span
lang=EN-GB style='font-size:10.0pt;font-family:Arial;font-style:italic'>
auto= add<o:p></o:p></span></font></i></p>
<p class=MsoNormal style='margin-left:35.4pt'><i><font size=2 face=Arial><span
lang=EN-GB style='font-size:10.0pt;font-family:Arial;font-style:italic'>
authby= secret<o:p></o:p></span></font></i></p>
<p class=MsoNormal style='margin-left:35.4pt'><i><font size=2 face=Arial><span
lang=EN-GB style='font-size:10.0pt;font-family:Arial;font-style:italic'>
esp= 3des-sha1-96<o:p></o:p></span></font></i></p>
<p class=MsoNormal style='margin-left:35.4pt'><i><font size=2 face=Arial><span
lang=EN-GB style='font-size:10.0pt;font-family:Arial;font-style:italic'>
keyexchange=ike<o:p></o:p></span></font></i></p>
<p class=MsoNormal style='margin-left:35.4pt'><i><font size=2 face=Arial><span
lang=EN-GB style='font-size:10.0pt;font-family:Arial;font-style:italic'>
ike= 3des-sha1<o:p></o:p></span></font></i></p>
<p class=MsoNormal style='margin-left:35.4pt'><i><font size=2 face=Arial><span
lang=EN-GB style='font-size:10.0pt;font-family:Arial;font-style:italic'>
pfs= no<o:p></o:p></span></font></i></p>
<p class=MsoNormal style='margin-left:35.4pt'><i><font size=2 face=Arial><span
lang=EN-GB style='font-size:10.0pt;font-family:Arial;font-style:italic'><o:p> </o:p></span></font></i></p>
<p class=MsoNormal style='margin-left:35.4pt'><i><font size=2 face=Arial><span
lang=EN-GB style='font-size:10.0pt;font-family:Arial;font-style:italic'><o:p> </o:p></span></font></i></p>
<p class=MsoNormal style='margin-left:35.4pt'><i><font size=2 face=Arial><span
lang=EN-GB style='font-size:10.0pt;font-family:Arial;font-style:italic'>conn
net-to-second<o:p></o:p></span></font></i></p>
<p class=MsoNormal style='margin-left:35.4pt'><i><font size=2 face=Arial><span
lang=EN-GB style='font-size:10.0pt;font-family:Arial;font-style:italic'>
type= tunnel<o:p></o:p></span></font></i></p>
<p class=MsoNormal style='margin-left:35.4pt'><i><font size=2 face=Arial><span
lang=EN-GB style='font-size:10.0pt;font-family:Arial;font-style:italic'>
left= ggg.hhh.iii.170<o:p></o:p></span></font></i></p>
<p class=MsoNormal style='margin-left:35.4pt'><i><font size=2 face=Arial><span
lang=EN-GB style='font-size:10.0pt;font-family:Arial;font-style:italic'>
leftnexthop= ggg.hhh.iii.169<o:p></o:p></span></font></i></p>
<p class=MsoNormal style='margin-left:35.4pt'><i><font size=2 face=Arial><span
lang=EN-GB style='font-size:10.0pt;font-family:Arial;font-style:italic'>
leftsubnet= 10.1.1.0/24<o:p></o:p></span></font></i></p>
<p class=MsoNormal style='margin-left:35.4pt'><i><font size=2 face=Arial><span
lang=EN-GB style='font-size:10.0pt;font-family:Arial;font-style:italic'>
right= aaa.bbb.ccc.ddd<o:p></o:p></span></font></i></p>
<p class=MsoNormal style='margin-left:35.4pt'><i><font size=2 face=Arial><span
lang=EN-GB style='font-size:10.0pt;font-family:Arial;font-style:italic'>
rightsubnet= 57.57.0.0/16<o:p></o:p></span></font></i></p>
<p class=MsoNormal style='margin-left:35.4pt'><i><font size=2 face=Arial><span
lang=EN-GB style='font-size:10.0pt;font-family:Arial;font-style:italic'>
esp= 3des-md5-96<o:p></o:p></span></font></i></p>
<p class=MsoNormal style='margin-left:35.4pt'><i><font size=2 face=Arial><span
lang=EN-GB style='font-size:10.0pt;font-family:Arial;font-style:italic'>
keyexchange= ike<o:p></o:p></span></font></i></p>
<p class=MsoNormal style='margin-left:35.4pt'><i><font size=2 face=Arial><span
lang=EN-GB style='font-size:10.0pt;font-family:Arial;font-style:italic'>
authby=secret<o:p></o:p></span></font></i></p>
<p class=MsoNormal style='margin-left:35.4pt'><i><font size=2 face=Arial><span
lang=EN-GB style='font-size:10.0pt;font-family:Arial;font-style:italic'>
pfs= no<o:p></o:p></span></font></i></p>
<p class=MsoNormal style='margin-left:35.4pt'><i><font size=2 face=Arial><span
lang=EN-GB style='font-size:10.0pt;font-family:Arial;font-style:italic'>
auto= add<o:p></o:p></span></font></i></p>
<p class=MsoNormal><font size=2 face=Arial><span lang=EN-GB style='font-size:
10.0pt;font-family:Arial'><o:p> </o:p></span></font></p>
<p class=MsoNormal><font size=2 face=Arial><span lang=EN-GB style='font-size:
10.0pt;font-family:Arial'>Here is the result I get:<o:p></o:p></span></font></p>
<p class=MsoNormal><font size=2 face=Arial><span lang=EN-GB style='font-size:
10.0pt;font-family:Arial'><o:p> </o:p></span></font></p>
<p class=MsoNormal><i><font size=2 face=Arial><span lang=EN-GB
style='font-size:10.0pt;font-family:Arial;font-style:italic'>
000 algorithm ESP encrypt: id=2, name=ESP_DES, ivlen=8, keysizemin=64,
keysizemax=64<o:p></o:p></span></font></i></p>
<p class=MsoNormal style='margin-left:35.4pt'><i><font size=2 face=Arial><span
lang=EN-GB style='font-size:10.0pt;font-family:Arial;font-style:italic'>000
algorithm ESP encrypt: id=3, name=ESP_3DES, ivlen=8, keysizemin=192,
keysizemax=192<o:p></o:p></span></font></i></p>
<p class=MsoNormal style='margin-left:35.4pt'><i><font size=2 face=Arial><span
lang=EN-GB style='font-size:10.0pt;font-family:Arial;font-style:italic'>000
algorithm ESP encrypt: id=7, name=ESP_BLOWFISH, ivlen=8, keysizemin=40,
keysizemax=448<o:p></o:p></span></font></i></p>
<p class=MsoNormal style='margin-left:35.4pt'><i><font size=2 face=Arial><span
lang=EN-GB style='font-size:10.0pt;font-family:Arial;font-style:italic'>000
algorithm ESP encrypt: id=11, name=ESP_NULL, ivlen=0, keysizemin=0,
keysizemax=0<o:p></o:p></span></font></i></p>
<p class=MsoNormal style='margin-left:35.4pt'><i><font size=2 face=Arial><span
lang=EN-GB style='font-size:10.0pt;font-family:Arial;font-style:italic'>000
algorithm ESP encrypt: id=12, name=ESP_AES, ivlen=8, keysizemin=128,
keysizemax=256<o:p></o:p></span></font></i></p>
<p class=MsoNormal style='margin-left:35.4pt'><i><font size=2 face=Arial><span
lang=EN-GB style='font-size:10.0pt;font-family:Arial;font-style:italic'>000
algorithm ESP encrypt: id=252, name=ESP_SERPENT, ivlen=8, keysizemin=128,
keysizemax=256<o:p></o:p></span></font></i></p>
<p class=MsoNormal style='margin-left:35.4pt'><i><font size=2 face=Arial><span
lang=EN-GB style='font-size:10.0pt;font-family:Arial;font-style:italic'>000
algorithm ESP encrypt: id=253, name=ESP_TWOFISH, ivlen=8, keysizemin=128,
keysizemax=256<o:p></o:p></span></font></i></p>
<p class=MsoNormal style='margin-left:35.4pt'><i><font size=2 face=Arial><span
lang=EN-GB style='font-size:10.0pt;font-family:Arial;font-style:italic'>000
algorithm ESP auth attr: id=1, name=AUTH_ALGORITHM_HMAC_MD5, keysizemin=128,
keysizemax=128<o:p></o:p></span></font></i></p>
<p class=MsoNormal style='margin-left:35.4pt'><i><font size=2 face=Arial><span
lang=EN-GB style='font-size:10.0pt;font-family:Arial;font-style:italic'>000
algorithm ESP auth attr: id=2, name=AUTH_ALGORITHM_HMAC_SHA1, keysizemin=160,
keysizemax=160<o:p></o:p></span></font></i></p>
<p class=MsoNormal style='margin-left:35.4pt'><i><font size=2 face=Arial><span
lang=EN-GB style='font-size:10.0pt;font-family:Arial;font-style:italic'>000
algorithm ESP auth attr: id=5, name=AUTH_ALGORITHM_HMAC_SHA2_256,
keysizemin=256, keysizemax=256<o:p></o:p></span></font></i></p>
<p class=MsoNormal style='margin-left:35.4pt'><i><font size=2 face=Arial><span
lang=EN-GB style='font-size:10.0pt;font-family:Arial;font-style:italic'>000
algorithm ESP auth attr: id=251, name=(null), keysizemin=0, keysizemax=0<o:p></o:p></span></font></i></p>
<p class=MsoNormal style='margin-left:35.4pt'><i><font size=2 face=Arial><span
lang=EN-GB style='font-size:10.0pt;font-family:Arial;font-style:italic'>000<o:p></o:p></span></font></i></p>
<p class=MsoNormal style='margin-left:35.4pt'><i><font size=2 face=Arial><span
lang=EN-GB style='font-size:10.0pt;font-family:Arial;font-style:italic'>000
algorithm IKE encrypt: id=7, name=OAKLEY_AES_CBC, blocksize=16, keydeflen=128<o:p></o:p></span></font></i></p>
<p class=MsoNormal style='margin-left:35.4pt'><i><font size=2 face=Arial><span
lang=EN-GB style='font-size:10.0pt;font-family:Arial;font-style:italic'>000
algorithm IKE encrypt: id=5, name=OAKLEY_3DES_CBC, blocksize=8, keydeflen=192<o:p></o:p></span></font></i></p>
<p class=MsoNormal style='margin-left:35.4pt'><i><font size=2 face=Arial><span
lang=EN-GB style='font-size:10.0pt;font-family:Arial;font-style:italic'>000
algorithm IKE hash: id=2, name=OAKLEY_SHA, hashsize=20<o:p></o:p></span></font></i></p>
<p class=MsoNormal style='margin-left:35.4pt'><i><font size=2 face=Arial><span
lang=EN-GB style='font-size:10.0pt;font-family:Arial;font-style:italic'>000 algorithm
IKE hash: id=1, name=OAKLEY_MD5, hashsize=16<o:p></o:p></span></font></i></p>
<p class=MsoNormal style='margin-left:35.4pt'><i><font size=2 face=Arial><span
lang=EN-GB style='font-size:10.0pt;font-family:Arial;font-style:italic'>000
algorithm IKE dh group: id=2, name=OAKLEY_GROUP_MODP1024, bits=1024<o:p></o:p></span></font></i></p>
<p class=MsoNormal style='margin-left:35.4pt'><i><font size=2 face=Arial><span
lang=EN-GB style='font-size:10.0pt;font-family:Arial;font-style:italic'>000
algorithm IKE dh group: id=5, name=OAKLEY_GROUP_MODP1536, bits=1536<o:p></o:p></span></font></i></p>
<p class=MsoNormal style='margin-left:35.4pt'><i><font size=2 face=Arial><span
lang=EN-GB style='font-size:10.0pt;font-family:Arial;font-style:italic'>000
algorithm IKE dh group: id=14, name=OAKLEY_GROUP_MODP2048, bits=2048<o:p></o:p></span></font></i></p>
<p class=MsoNormal style='margin-left:35.4pt'><i><font size=2 face=Arial><span
lang=EN-GB style='font-size:10.0pt;font-family:Arial;font-style:italic'>000
algorithm IKE dh group: id=15, name=OAKLEY_GROUP_MODP3072, bits=3072<o:p></o:p></span></font></i></p>
<p class=MsoNormal style='margin-left:35.4pt'><i><font size=2 face=Arial><span
lang=EN-GB style='font-size:10.0pt;font-family:Arial;font-style:italic'>000
algorithm IKE dh group: id=16, name=OAKLEY_GROUP_MODP4096, bits=4096<o:p></o:p></span></font></i></p>
<p class=MsoNormal style='margin-left:35.4pt'><i><font size=2 face=Arial><span
lang=EN-GB style='font-size:10.0pt;font-family:Arial;font-style:italic'>000
algorithm IKE dh group: id=17, name=OAKLEY_GROUP_MODP6144, bits=6144<o:p></o:p></span></font></i></p>
<p class=MsoNormal style='margin-left:35.4pt'><i><font size=2 face=Arial><span
lang=EN-GB style='font-size:10.0pt;font-family:Arial;font-style:italic'>000
algorithm IKE dh group: id=18, name=OAKLEY_GROUP_MODP8192, bits=8192<o:p></o:p></span></font></i></p>
<p class=MsoNormal style='margin-left:35.4pt'><i><font size=2 face=Arial><span
lang=EN-GB style='font-size:10.0pt;font-family:Arial;font-style:italic'>000<o:p></o:p></span></font></i></p>
<p class=MsoNormal style='margin-left:35.4pt'><i><font size=2 face=Arial><span
lang=EN-GB style='font-size:10.0pt;font-family:Arial;font-style:italic'>000
stats db_ops.c: {curr_cnt, total_cnt, maxsz} :context={0,220,36}
trans={0,220,336} attrs={0,220,224}<o:p></o:p></span></font></i></p>
<p class=MsoNormal style='margin-left:35.4pt'><i><font size=2 face=Arial><span
lang=EN-GB style='font-size:10.0pt;font-family:Arial;font-style:italic'>000<o:p></o:p></span></font></i></p>
<p class=MsoNormal style='margin-left:35.4pt'><i><font size=2 face=Arial><span
lang=EN-GB style='font-size:10.0pt;font-family:Arial;font-style:italic'>000
" net-to-first ": 10.1.1.0/24=== ggg.hhh.iii.170---
ggg.hhh.iii.169... </span></font></i><i><font size=2 face=Arial><span
lang=NL-BE style='font-size:10.0pt;font-family:Arial;font-style:italic'><a
href="http://www.xxx.yyy.zzz/" title="http://www.xxx.yyy.zzz/"><span
lang=EN-GB><span title="http://www.xxx.yyy.zzz/">www.xxx.yyy.zzz</span></span></a></span></font></i><i><font
size=2 face=Arial><span lang=EN-GB style='font-size:10.0pt;font-family:Arial;
font-style:italic'>===10.10.4.64/26; unrouted; eroute owner: #0<o:p></o:p></span></font></i></p>
<p class=MsoNormal style='margin-left:35.4pt'><i><font size=2 face=Arial><span
lang=EN-GB style='font-size:10.0pt;font-family:Arial;font-style:italic'>000
" net-to-first ": ike_life: 3600s; ipsec_life: 28800s;
rekey_margin: 540s; rekey_fuzz: 100%; keyingtries: 0<o:p></o:p></span></font></i></p>
<p class=MsoNormal style='margin-left:35.4pt'><i><font size=2 face=Arial><span
lang=EN-GB style='font-size:10.0pt;font-family:Arial;font-style:italic'>000
" net-to-first ": policy: PSK+ENCRYPT+TUNNEL+UP; prio:
24,26; interface: eth0;<o:p></o:p></span></font></i></p>
<p class=MsoNormal style='margin-left:35.4pt'><i><font size=2 face=Arial><span
lang=EN-GB style='font-size:10.0pt;font-family:Arial;font-style:italic'>000
" net-to-first ": newest ISAKMP SA: #69; newest IPsec SA:
#0;<o:p></o:p></span></font></i></p>
<p class=MsoNormal style='margin-left:35.4pt'><i><font size=2 face=Arial><span
lang=EN-GB style='font-size:10.0pt;font-family:Arial;font-style:italic'>000
" net-to-first ": IKE algorithm newest:
3DES_CBC_192-SHA-MODP1024<o:p></o:p></span></font></i></p>
<p class=MsoNormal style='margin-left:35.4pt'><i><font size=2 face=Arial><span
lang=EN-GB style='font-size:10.0pt;font-family:Arial;font-style:italic'>000
" net-to-first ": ESP algorithms wanted: 3_000-2, flags=-strict<o:p></o:p></span></font></i></p>
<p class=MsoNormal style='margin-left:35.4pt'><i><font size=2 face=Arial><span
lang=EN-GB style='font-size:10.0pt;font-family:Arial;font-style:italic'>000
" net-to-first ": ESP algorithms loaded: 3_000-2,
flags=-strict<o:p></o:p></span></font></i></p>
<p class=MsoNormal style='margin-left:35.4pt'><i><font size=2 face=Arial><span
lang=EN-GB style='font-size:10.0pt;font-family:Arial;font-style:italic'>000
" net-to-second ": 10.1.1.0/24=== ggg.hhh.iii --- ggg.hhh.iii...
aaa.bbb.ccc.ddd ===57.57.0.0/16; unrouted; eroute owner: #0<o:p></o:p></span></font></i></p>
<p class=MsoNormal style='margin-left:35.4pt'><i><font size=2 face=Arial><span
lang=EN-GB style='font-size:10.0pt;font-family:Arial;font-style:italic'>000
" net-to-second ": ike_life: 3600s; ipsec_life: 28800s;
rekey_margin: 540s; rekey_fuzz: 100%; keyingtries: 0<o:p></o:p></span></font></i></p>
<p class=MsoNormal style='margin-left:35.4pt'><i><font size=2 face=Arial><span
lang=EN-GB style='font-size:10.0pt;font-family:Arial;font-style:italic'>000
" net-to-second ": policy: PSK+ENCRYPT+TUNNEL+UP; prio:
24,16; interface: eth0;<o:p></o:p></span></font></i></p>
<p class=MsoNormal style='margin-left:35.4pt'><i><font size=2 face=Arial><span
lang=EN-GB style='font-size:10.0pt;font-family:Arial;font-style:italic'>000
" net-to-second ": newest ISAKMP SA: #0; newest IPsec SA:
#0;<o:p></o:p></span></font></i></p>
<p class=MsoNormal style='margin-left:35.4pt'><i><font size=2 face=Arial><span
lang=EN-GB style='font-size:10.0pt;font-family:Arial;font-style:italic'>000
" net-to-second ": IKE algorithms wanted: 5_000-1-5,
5_000-1-2, 5_000-2-5, 5_000-2-2, flags=-strict<o:p></o:p></span></font></i></p>
<p class=MsoNormal style='margin-left:35.4pt'><i><font size=2 face=Arial><span
lang=EN-GB style='font-size:10.0pt;font-family:Arial;font-style:italic'>000
" net-to-second ": IKE algorithms found:
5_192-1_128-5, 5_192-1_128-2, 5_192-2_160-5, 5_192-2_160-2,<o:p></o:p></span></font></i></p>
<p class=MsoNormal style='margin-left:35.4pt'><i><font size=2 face=Arial><span
lang=EN-GB style='font-size:10.0pt;font-family:Arial;font-style:italic'>000
" net-to-second ": ESP algorithms wanted: 3_000-1,
flags=-strict<o:p></o:p></span></font></i></p>
<p class=MsoNormal style='margin-left:35.4pt'><i><font size=2 face=Arial><span
lang=EN-GB style='font-size:10.0pt;font-family:Arial;font-style:italic'>000
" net-to-second ": ESP algorithms loaded: 3_000-1,
flags=-strict<o:p></o:p></span></font></i></p>
<p class=MsoNormal style='margin-left:35.4pt'><i><font size=2 face=Arial><span
lang=EN-GB style='font-size:10.0pt;font-family:Arial;font-style:italic'>000<o:p></o:p></span></font></i></p>
<p class=MsoNormal style='margin-left:35.4pt'><i><font size=2 face=Arial><span
lang=EN-GB style='font-size:10.0pt;font-family:Arial;font-style:italic'>000
#112: " net-to-first " STATE_QUICK_I1 (sent QI1, expecting QR1);
EVENT_RETRANSMIT in 8s<o:p></o:p></span></font></i></p>
<p class=MsoNormal style='margin-left:35.4pt'><i><font size=2 face=Arial><span
lang=EN-GB style='font-size:10.0pt;font-family:Arial;font-style:italic'>000
#69: " net-to-first " STATE_MAIN_I4 (ISAKMP SA established);
EVENT_SA_REPLACE in 1447s; newest ISAKMP<o:p></o:p></span></font></i></p>
<p class=MsoNormal style='margin-left:35.4pt'><i><font size=2 face=Arial><span
lang=EN-GB style='font-size:10.0pt;font-family:Arial;font-style:italic'>000
#111: " net-to-second " STATE_MAIN_I3 (sent MI3, expecting MR3);
EVENT_RETRANSMIT in 9s<o:p></o:p></span></font></i></p>
<p class=MsoNormal style='margin-left:35.4pt'><i><font size=2 face=Arial><span
lang=EN-GB style='font-size:10.0pt;font-family:Arial;font-style:italic'>000
#111: pending Phase 2 for " net-to-second " replacing #0<o:p></o:p></span></font></i></p>
<p class=MsoNormal style='margin-left:35.4pt'><i><font size=2 face=Arial><span
lang=EN-GB style='font-size:10.0pt;font-family:Arial;font-style:italic'>000
#111: pending Phase 2 for " net-to-second " replacing #0<o:p></o:p></span></font></i></p>
<p class=MsoNormal><font size=2 face=Arial><span lang=EN-GB style='font-size:
10.0pt;font-family:Arial'><o:p> </o:p></span></font></p>
<p class=MsoNormal><font size=2 face=Arial><span lang=EN-GB style='font-size:
10.0pt;font-family:Arial'><o:p> </o:p></span></font></p>
<p class=MsoNormal><font size=2 face=Arial><span lang=EN-GB style='font-size:
10.0pt;font-family:Arial'>So I meet different problems with both tunnels but I
running out of ideas.<o:p></o:p></span></font></p>
<p class=MsoNormal><font size=2 face=Arial><span lang=EN-GB style='font-size:
10.0pt;font-family:Arial'><o:p> </o:p></span></font></p>
<p class=MsoNormal><font size=2 face=Arial><span lang=EN-GB style='font-size:
10.0pt;font-family:Arial'>Thank in advance to people who will help me to solve
those problems.<o:p></o:p></span></font></p>
<p class=MsoNormal><font size=2 face=Arial><span lang=EN-GB style='font-size:
10.0pt;font-family:Arial'><o:p> </o:p></span></font></p>
<p class=MsoNormal><font size=2 face=Arial><span lang=EN-GB style='font-size:
10.0pt;font-family:Arial'>Best regards,<o:p></o:p></span></font></p>
<p class=MsoNormal style='mso-margin-top-alt:auto;mso-margin-bottom-alt:auto'><font
size=2 face=Arial><span lang=NL-BE style='font-size:10.0pt;font-family:Arial'>Benoît
Demiddeleer</span></font><o:p></o:p></p>
<p class=MsoNormal><font size=2 face=Arial><span style='font-size:10.0pt;
font-family:Arial'><o:p> </o:p></span></font></p>
</div>
</body>
</html>