<html xmlns:o="urn:schemas-microsoft-com:office:office" xmlns:w="urn:schemas-microsoft-com:office:word" xmlns:st1="urn:schemas-microsoft-com:office:smarttags" xmlns="http://www.w3.org/TR/REC-html40">
<head>
<meta http-equiv=Content-Type content="text/html; charset=iso-8859-1">
<meta name=Generator content="Microsoft Word 11 (filtered medium)">
<o:SmartTagType namespaceuri="urn:schemas-microsoft-com:office:smarttags"
name="City"/>
<o:SmartTagType namespaceuri="urn:schemas-microsoft-com:office:smarttags"
name="place"/>
<!--[if !mso]>
<style>
st1\:*{behavior:url(#default#ieooui) }
</style>
<![endif]-->
<style>
<!--
/* Style Definitions */
p.MsoNormal, li.MsoNormal, div.MsoNormal
        {margin:0in;
        margin-bottom:.0001pt;
        font-size:12.0pt;
        font-family:"Times New Roman";}
a:link, span.MsoHyperlink
        {color:blue;
        text-decoration:underline;}
a:visited, span.MsoHyperlinkFollowed
        {color:purple;
        text-decoration:underline;}
p
        {mso-margin-top-alt:auto;
        margin-right:0in;
        mso-margin-bottom-alt:auto;
        margin-left:0in;
        font-size:12.0pt;
        font-family:"Times New Roman";}
span.EmailStyle18
        {mso-style-type:personal;
        font-family:Arial;
        color:windowtext;}
span.EmailStyle19
        {mso-style-type:personal-reply;
        font-family:Arial;
        color:navy;}
@page Section1
        {size:8.5in 11.0in;
        margin:1.0in 1.25in 1.0in 1.25in;}
div.Section1
        {page:Section1;}
-->
</style>
</head>
<body lang=EN-US link=blue vlink=purple>
<div class=Section1>
<p class=MsoNormal style='text-autospace:none'><font size=2 color=navy
face="Courier New"><span style='font-size:10.0pt;font-family:"Courier New";
color:navy'>Hi!<o:p></o:p></span></font></p>
<p class=MsoNormal style='text-autospace:none'><font size=2 color=navy
face="Courier New"><span style='font-size:10.0pt;font-family:"Courier New";
color:navy'><o:p> </o:p></span></font></p>
<p class=MsoNormal style='text-autospace:none'><font size=2 face="Courier New"><span
style='font-size:10.0pt;font-family:"Courier New"'>I have an fedora core 5 with
OpensWan 2.4.4. I have an IPTABLES Firewall with Ipsec/Openswan on my server.<o:p></o:p></span></font></p>
<p class=MsoNormal style='text-autospace:none'><font size=2 face="Courier New"><span
style='font-size:10.0pt;font-family:"Courier New"'>My other end is a station
Windows XP with SP2 (dial-up conection)and Lynsys Ipsectool. I read the book
OpensWan by Paul and iīm trying to stablished the conection with my
network. At the Lynsys Tool appears that connection “ipsec tool
active”, but I canīt ping or access my netowork.<o:p></o:p></span></font></p>
<p class=MsoNormal style='text-autospace:none'><font size=2 face="Courier New"><span
style='font-size:10.0pt;font-family:"Courier New"'>Please help me!<o:p></o:p></span></font></p>
<p class=MsoNormal style='text-autospace:none'><font size=2 face="Courier New"><span
style='font-size:10.0pt;font-family:"Courier New"'>Please see my log.<o:p></o:p></span></font></p>
<p class=MsoNormal style='text-autospace:none'><font size=2 face="Courier New"><span
style='font-size:10.0pt;font-family:"Courier New"'><o:p> </o:p></span></font></p>
<p class=MsoNormal><font size=2 face=Arial><span style='font-size:10.0pt;
font-family:Arial'><o:p> </o:p></span></font></p>
<p class=MsoNormal><font size=2 face=Arial><span style='font-size:10.0pt;
font-family:Arial'>Ipsec whack –status<o:p></o:p></span></font></p>
<p class=MsoNormal><font size=2 face=Arial><span style='font-size:10.0pt;
font-family:Arial'><o:p> </o:p></span></font></p>
<p class=MsoNormal><font size=2 face=Arial><span style='font-size:10.0pt;
font-family:Arial'>000 "roadwarrior_jackson":
192.168.1.0/24===200.150.147.244[C=BR, ST=RJ, L=RJ, O=markway, CN=<st1:place
w:st="on"><st1:City w:st="on">jackson</st1:City></st1:place>,
E=jackson.schemes@markway.com.br]---200.150.147.241...%any; unrouted; eroute
owner: #0<o:p></o:p></span></font></p>
<p class=MsoNormal><font size=2 face=Arial><span style='font-size:10.0pt;
font-family:Arial'>000 "roadwarrior_jackson":
srcip=unset; dstip=unset; srcup=ipsec _updown; dstup=ipsec _updown;<o:p></o:p></span></font></p>
<p class=MsoNormal><font size=2 face=Arial><span style='font-size:10.0pt;
font-family:Arial'>000 "roadwarrior_jackson": CAs: 'C=BR,
ST=RJ, O=markway, CN=CA, E=fabio.ferreira@markway.com.br'...'%any'<o:p></o:p></span></font></p>
<p class=MsoNormal><font size=2 face=Arial><span style='font-size:10.0pt;
font-family:Arial'>000 "roadwarrior_jackson": ike_life:
3600s; ipsec_life: 28800s; rekey_margin: 540s; rekey_fuzz: 100%; keyingtries: 1<o:p></o:p></span></font></p>
<p class=MsoNormal><font size=2 face=Arial><span style='font-size:10.0pt;
font-family:Arial'>000 "roadwarrior_jackson": policy:
RSASIG+ENCRYPT+COMPRESS+TUNNEL+PFS; prio: 24,32; interface: eth0;<o:p></o:p></span></font></p>
<p class=MsoNormal><font size=2 face=Arial><span style='font-size:10.0pt;
font-family:Arial'>000 "roadwarrior_jackson": newest
ISAKMP SA: #0; newest IPsec SA: #0;<o:p></o:p></span></font></p>
<p class=MsoNormal><font size=2 face=Arial><span style='font-size:10.0pt;
font-family:Arial'>000 "roadwarrior_jackson"[21]:
192.168.1.0/24===200.150.147.244[C=BR, ST=RJ, L=RJ, O=markway, CN=<st1:place
w:st="on"><st1:City w:st="on">jackson</st1:City></st1:place>,
E=jackson.schemes@markway.com.br]---200.150.147.241...201.5.9.49; unrouted;
eroute owner: #0<o:p></o:p></span></font></p>
<p class=MsoNormal><font size=2 face=Arial><span style='font-size:10.0pt;
font-family:Arial'>000
"roadwarrior_jackson"[21]: srcip=unset; dstip=unset;
srcup=ipsec _updown; dstup=ipsec _updown;<o:p></o:p></span></font></p>
<p class=MsoNormal><font size=2 face=Arial><span style='font-size:10.0pt;
font-family:Arial'>000 "roadwarrior_jackson"[21]: CAs:
'C=BR, ST=RJ, O=markway, CN=CA, E=fabio.ferreira@markway.com.br'...'%any'<o:p></o:p></span></font></p>
<p class=MsoNormal><font size=2 face=Arial><span style='font-size:10.0pt;
font-family:Arial'>000 "roadwarrior_jackson"[21]:
ike_life: 3600s; ipsec_life: 28800s; rekey_margin: 540s; rekey_fuzz: 100%;
keyingtries: 1<o:p></o:p></span></font></p>
<p class=MsoNormal><font size=2 face=Arial><span style='font-size:10.0pt;
font-family:Arial'>000 "roadwarrior_jackson"[21]: policy:
RSASIG+ENCRYPT+COMPRESS+TUNNEL+PFS; prio: 24,32; interface: eth0;<o:p></o:p></span></font></p>
<p class=MsoNormal><font size=2 face=Arial><span style='font-size:10.0pt;
font-family:Arial'>000 "roadwarrior_jackson"[21]: newest
ISAKMP SA: #0; newest IPsec SA: #0;<o:p></o:p></span></font></p>
<p class=MsoNormal><font size=2 face=Arial><span style='font-size:10.0pt;
font-family:Arial'>000<o:p></o:p></span></font></p>
<p class=MsoNormal><font size=2 face=Arial><span style='font-size:10.0pt;
font-family:Arial'>000 #36: "roadwarrior_jackson"[21] 201.5.9.49:500
STATE_MAIN_R2 (sent MR2, expecting MI3); EVENT_RETRANSMIT in 19s; nodpd<o:p></o:p></span></font></p>
<p class=MsoNormal><font size=2 face=Arial><span style='font-size:10.0pt;
font-family:Arial'>000<o:p></o:p></span></font></p>
<div style='border:none;border-bottom:double windowtext 6.75pt;padding:0in 0in 1.0pt 0in'>
<p class=MsoNormal><font size=2 face=Arial><span style='font-size:10.0pt;
font-family:Arial'><o:p> </o:p></span></font></p>
</div>
<p class=MsoNormal><font size=2 face=Arial><span style='font-size:10.0pt;
font-family:Arial'>[root@frwmarkway frw]# tail -f /var/log/secure<o:p></o:p></span></font></p>
<p class=MsoNormal><font size=2 face=Arial><span style='font-size:10.0pt;
font-family:Arial'>Nov 28 15:22:40 frwmarkway pluto[26422]: packet from
201.5.9.49:500: ignoring Vendor ID payload [Vid-Initial-Contact]<o:p></o:p></span></font></p>
<p class=MsoNormal><font size=2 face=Arial><span style='font-size:10.0pt;
font-family:Arial'>Nov 28 15:22:40 frwmarkway pluto[26422]:
"roadwarrior_jackson"[23] 201.5.9.49 #42: responding to Main Mode
from unknown peer 201.5.9.49<o:p></o:p></span></font></p>
<p class=MsoNormal><font size=2 face=Arial><span style='font-size:10.0pt;
font-family:Arial'>Nov 28 15:22:40 frwmarkway pluto[26422]:
"roadwarrior_jackson"[23] 201.5.9.49 #42: transition from state
STATE_MAIN_R0 to state STATE_MAIN_R1<o:p></o:p></span></font></p>
<p class=MsoNormal><font size=2 face=Arial><span style='font-size:10.0pt;
font-family:Arial'>Nov 28 15:22:40 frwmarkway pluto[26422]:
"roadwarrior_jackson"[23] 201.5.9.49 #42: STATE_MAIN_R1: sent MR1,
expecting MI2<o:p></o:p></span></font></p>
<p class=MsoNormal><font size=2 face=Arial><span style='font-size:10.0pt;
font-family:Arial'>Nov 28 15:22:41 frwmarkway pluto[26422]:
"roadwarrior_jackson"[23] 201.5.9.49 #40: NAT-Traversal: Result using
draft-ietf-ipsec-nat-t-ike-02/03: no NAT detected<o:p></o:p></span></font></p>
<p class=MsoNormal><font size=2 face=Arial><span style='font-size:10.0pt;
font-family:Arial'>Nov 28 15:22:41 frwmarkway pluto[26422]:
"roadwarrior_jackson"[23] 201.5.9.49 #40: transition from state
STATE_MAIN_R1 to state STATE_MAIN_R2<o:p></o:p></span></font></p>
<p class=MsoNormal><font size=2 face=Arial><span style='font-size:10.0pt;
font-family:Arial'>Nov 28 15:22:41 frwmarkway pluto[26422]:
"roadwarrior_jackson"[23] 201.5.9.49 #40: STATE_MAIN_R2: sent MR2,
expecting MI3<o:p></o:p></span></font></p>
<p class=MsoNormal><font size=2 face=Arial><span style='font-size:10.0pt;
font-family:Arial'>Nov 28 15:22:41 frwmarkway pluto[26422]:
"roadwarrior_jackson"[23] 201.5.9.49 #40: byte 2 of ISAKMP Hash
Payload must be zero, but is not<o:p></o:p></span></font></p>
<p class=MsoNormal><font size=2 face=Arial><span style='font-size:10.0pt;
font-family:Arial'>Nov 28 15:22:41 frwmarkway pluto[26422]:
"roadwarrior_jackson"[23] 201.5.9.49 #40: malformed payload in packet<o:p></o:p></span></font></p>
<p class=MsoNormal><font size=2 face=Arial><span style='font-size:10.0pt;
font-family:Arial'>Nov 28 15:22:41 frwmarkway pluto[26422]:
"roadwarrior_jackson"[23] 201.5.9.49 #40: sending notification
PAYLOAD_MALFORMED to 201.5.9.49:500<o:p></o:p></span></font></p>
<div style='border:none;border-bottom:double windowtext 6.75pt;padding:0in 0in 1.0pt 0in'>
<p class=MsoNormal><font size=2 face=Arial><span style='font-size:10.0pt;
font-family:Arial'><o:p> </o:p></span></font></p>
</div>
<p class=MsoNormal><font size=2 face=Arial><span style='font-size:10.0pt;
font-family:Arial'><o:p> </o:p></span></font></p>
<p class=MsoNormal><font size=2 face=Arial><span style='font-size:10.0pt;
font-family:Arial'>Thanks,<o:p></o:p></span></font></p>
<p class=MsoNormal><font size=2 face=Arial><span style='font-size:10.0pt;
font-family:Arial'><o:p> </o:p></span></font></p>
<p class=MsoNormal><font size=2 face=Arial><span style='font-size:10.0pt;
font-family:Arial'>Fabio.<o:p></o:p></span></font></p>
<p class=MsoNormal><font size=2 face=Arial><span style='font-size:10.0pt;
font-family:Arial'><o:p> </o:p></span></font></p>
<p class=MsoNormal><font size=2 face=Arial><span style='font-size:10.0pt;
font-family:Arial'><o:p> </o:p></span></font></p>
</div>
</body>
</html>