<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">

<html>

<head>

  <meta content="text/html;charset=ISO-8859-1" http-equiv="Content-Type">

</head>

<body bgcolor="#ffffff" text="#000000">

<b style=""><span

 style="font-size: 10pt; font-family: &quot;Times New Roman&quot;;" lang="EN-US">What

I also recieved from the one i try to connect is this:<br>

Recommended Cisco Commands:</span></b>

<p class="MsoNormal"><span lang="EN-US">crypto isakmp policy x</span></p>

<p class="MsoNormal"><span lang="EN-US"><span style="">&nbsp;</span>encr

3des</span></p>

<p class="MsoNormal"><span lang="EN-US"><span style="">&nbsp;</span>authentication

pre-share</span></p>

<p class="MsoNormal"><span lang="EN-US"><span style="">&nbsp;</span>group 2</span></p>

<p class="MsoNormal"><span lang="EN-US"><span style="">&nbsp;</span>lifetime

500</span></p>

<p class="MsoNormal"><span lang="EN-US">!</span></p>

<p class="MsoNormal"><span lang="EN-US">crypto isakmp key aaaaaaaaa

address X.X.192.141</span></p>

<p class="MsoNormal"><span lang="EN-US">!</span></p>

<p class="MsoNormal"><span lang="EN-US">crypto ipsec transform-set

esp_sha_hamc

esp-3des esp-sha-hmac </span></p>

<p class="MsoNormal"><span lang="EN-US">!</span></p>

<p class="MsoNormal"><span lang="EN-US">crypto map Customer 2

ipsec-isakmp<span style="">&nbsp;&nbsp;&nbsp; </span></span></p>

<p class="MsoNormal"><span lang="EN-US"><span style="">&nbsp;</span>set

peer X.X.192.141</span></p>

<p class="MsoNormal"><span lang="EN-US"><span style="">&nbsp;</span>set

transform-set esp_sha_hamc </span></p>

<p class="MsoNormal"><span lang="EN-US"><span style="">&nbsp;</span>match

address xxx</span></p>

Is my setup below correct due to this?<br>

<br>

BR<br>

<br>

magnus<br>

<br>

Magnus Holmberg wrote:

<blockquote cite="mid460A5934.5050002@pepto.se" type="cite">

  <pre wrap="">It seems like my vpn connection have stopped working. Can someone tell 

me what the problem seems to be?

I cant think of anything changed in my end since it worked last time.

My log:

Mar 28 13:58:14 fw pluto[16617]: "MyConnection" #2: transition from 

state STATE_MAIN_I1 to state STATE_MAIN_I2

Mar 28 13:58:14 fw pluto[16617]: "MyConnection" #2: STATE_MAIN_I2: sent 

MI2, expecting MR2

Mar 28 13:58:14 fw pluto[16617]: "MyConnection" #2: ignoring unknown 

Vendor ID payload [8f770f35da2b083ce66f4cb98ff43f5a]

Mar 28 13:58:14 fw pluto[16617]: "MyConnection" #2: I did not send a 

certificate because I do not have one.

Mar 28 13:58:14 fw pluto[16617]: "MyConnection" #2: transition from 

state STATE_MAIN_I2 to state STATE_MAIN_I3

Mar 28 13:58:14 fw pluto[16617]: "MyConnection" #2: STATE_MAIN_I3: sent 

MI3, expecting MR3

Mar 28 13:58:14 fw pluto[16617]: "MyConnection" #2: next payload type of 

ISAKMP Hash Payload has an unknown value: 24

Mar 28 13:58:14 fw pluto[16617]: "MyConnection" #2: malformed payload in 

packet

Mar 28 13:58:14 fw pluto[16617]: | payload malformed after IV

Mar 28 13:58:14 fw pluto[16617]: |   85 b6 cb 12  ab 66 3b 53

Mar 28 13:58:14 fw pluto[16617]: "MyConnection" #2: sending notification 

PAYLOAD_MALFORMED to X.X.192.141:500

Mar 28 13:58:14 fw pluto[16617]: "MyConnection" #2: Main mode peer ID is 

ID_IPV4_ADDR: 'X.X.192.141'

Mar 28 13:58:14 fw pluto[16617]: "MyConnection" #2: transition from 

state STATE_MAIN_I3 to state STATE_MAIN_I4

Mar 28 13:58:14 fw pluto[16617]: "MyConnection" #2: STATE_MAIN_I4: 

ISAKMP SA established {auth=OAKLEY_PRESHARED_KEY 

cipher=oakley_3des_cbc_192 prf=oakley_sha group=modp1024}

Mar 28 13:58:14 fw pluto[16617]: "MyConnection" #2: Dead Peer Detection 

(RFC 3706): not enabled because peer did not advertise it

Mar 28 13:58:14 fw pluto[16617]: "MyConnection" #4: initiating Quick 

Mode PSK+ENCRYPT+TUNNEL+PFS+UP {using isakmp#2}

Mar 28 13:58:14 fw pluto[16617]: "MyConnection" #2: ignoring 

informational payload, type NO_PROPOSAL_CHOSEN

Mar 28 13:58:14 fw pluto[16617]: "MyConnection" #2: received and ignored 

informational message

And config:

config setup

        interfaces="ipsec0=eth0"

        syslog=auth.debug

        # Debug-logging controls:  "none" for (almost) none, "all" for lots.

        klipsdebug=all

        plutodebug=none

# Add connections here.

conn MyConnection

        authby=secret

        #auto=start

        auto=start

        dpddelay=3

        dpdtimeout=120

        dpdaction=restart

        rekey =yes

        #keyingtries=3

        keylife=30m

        ikelifetime=30m

        left=X.X.44.166

        leftnexthop=%direct

        leftsubnet=X.X.46.204/32

        pfs=yes

        right=X.X.192.141

        rightid=X.X.192.141

        rightnexthop=%direct

        rightsubnet=X.X.192.68/32

_______________________________________________

<a class="moz-txt-link-abbreviated" href="mailto:Users@openswan.org">Users@openswan.org</a>

<a class="moz-txt-link-freetext" href="http://lists.openswan.org/mailman/listinfo/users">http://lists.openswan.org/mailman/listinfo/users</a>

Building and Integrating Virtual Private Networks with Openswan: 

<a class="moz-txt-link-freetext" href="http://www.amazon.com/gp/product/1904811256/104-3099591-2946327?n=283155">http://www.amazon.com/gp/product/1904811256/104-3099591-2946327?n=283155</a>

  </pre>

</blockquote>

<br>

</body>

</html>