In all my game with openswan, i tryed to connect all: leopard mac windows. Work all.. There is a last system.. openswan with symbian.<br>The negotiation work but when I insert the password don't work... Say alway that password is incorrect.<br>
I have create with htpasswd file in /etc/ipsec.d/passwd with line: test:rekfkdr<br><br>This is configuration on ipsec.conf<br><br>conn E61<br> # Key exchange<br> ike=aes256-sha1-modp1536<br> # Data exchange<br>
esp=aes256-sha1<br> # Authentication method PSK<br> authby=secret<br> auto=add<br> keyingtries=3<br> rekey=no<br> pfs=no<br> # Modeconfig setting<br> modecfgpull=yes<br>
# local endpoint<br> left=<a href="http://123.123.123.1">123.123.123.1</a><br> leftxauthserver=yes<br> leftmodecfgserver=yes<br> leftsourceip=<a href="http://192.168.1.1">192.168.1.1</a><br>
leftsubnet=<a href="http://192.168.1.0/24">192.168.1.0/24</a><br> # remote endpoint<br> right=%any<br> rightxauthclient=yes<br> rightmodecfgclient=yes<br> rightsourceip=<a href="http://192.168.1.2">192.168.1.2</a><br>
rightsubnet=<a href="http://192.168.1.2/32">192.168.1.2/32</a><br><br clear="all"><br>The log say this:<br><br>May 9 17:59:33 vpnserver pluto[3567]: packet from <a href="http://123.123.123.123:500">123.123.123.123:500</a>: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-03] method set to=108<br>
May 9 17:59:33 vpnserver pluto[3567]: packet from <a href="http://123.123.123.123:500">123.123.123.123:500</a>: received Vendor ID payload [XAUTH]<br>May 9 17:59:33 vpnserver pluto[3567]: packet from <a href="http://123.123.123.123:500">123.123.123.123:500</a>: received Vendor ID payload [Cisco-Unity]<br>
May 9 17:59:33 vpnserver pluto[3567]: "E61"[3] <a href="http://123.123.123.123">123.123.123.123</a> #2: responding to Main Mode from unknown peer <a href="http://123.123.123.123">123.123.123.123</a><br>May 9 17:59:33 vpnserver pluto[3567]: "E61"[3] <a href="http://123.123.123.123">123.123.123.123</a> #2: transition from state STATE_MAIN_R0 to state STATE_MAIN_R1<br>
May 9 17:59:33 vpnserver pluto[3567]: "E61"[3] <a href="http://123.123.123.123">123.123.123.123</a> #2: STATE_MAIN_R1: sent MR1, expecting MI2<br>May 9 17:59:34 vpnserver pluto[3567]: "E61"[3] <a href="http://123.123.123.123">123.123.123.123</a> #2: ignoring unknown Vendor ID payload [e5cb38e444c95694a8dfaa8e0bfe424a]<br>
May 9 17:59:34 vpnserver pluto[3567]: "E61"[3] <a href="http://123.123.123.123">123.123.123.123</a> #2: NAT-Traversal: Result using draft-ietf-ipsec-nat-t-ike-02/03: no NAT detected<br>May 9 17:59:34 vpnserver pluto[3567]: "E61"[3] <a href="http://123.123.123.123">123.123.123.123</a> #2: transition from state STATE_MAIN_R1 to state STATE_MAIN_R2<br>
May 9 17:59:34 vpnserver pluto[3567]: "E61"[3] <a href="http://123.123.123.123">123.123.123.123</a> #2: STATE_MAIN_R2: sent MR2, expecting MI3<br>May 9 17:59:35 vpnserver pluto[3567]: "E61"[3] <a href="http://123.123.123.123">123.123.123.123</a> #2: Main mode peer ID is ID_KEY_ID: '@#0x6973696c696e65'<br>
May 9 17:59:35 vpnserver pluto[3567]: "E61"[3] <a href="http://123.123.123.123">123.123.123.123</a> #2: switched from "E61" to "E61"<br>May 9 17:59:35 vpnserver pluto[3567]: "E61"[4] <a href="http://123.123.123.123">123.123.123.123</a> #2: deleting connection "E61" instance with peer <a href="http://123.123.123.123">123.123.123.123</a> {isakmp=#0/ipsec=#0}<br>
May 9 17:59:35 vpnserver pluto[3567]: "E61"[4] <a href="http://123.123.123.123">123.123.123.123</a> #2: I did not send a certificate because I do not have one.<br>May 9 17:59:35 vpnserver pluto[3567]: "E61"[4] <a href="http://123.123.123.123">123.123.123.123</a> #2: transition from state STATE_MAIN_R2 to state STATE_MAIN_R3<br>
May 9 17:59:35 vpnserver pluto[3567]: "E61"[4] <a href="http://123.123.123.123">123.123.123.123</a> #2: STATE_MAIN_R3: sent MR3, ISAKMP SA established {auth=OAKLEY_PRESHARED_KEY cipher=aes_256 prf=oakley_sha group=modp1536}<br>
May 9 17:59:35 vpnserver pluto[3567]: "E61"[4] <a href="http://123.123.123.123">123.123.123.123</a> #2: XAUTH: Sending XAUTH Login/Password Request<br>May 9 17:59:35 vpnserver pluto[3567]: "E61"[4] <a href="http://123.123.123.123">123.123.123.123</a> #2: XAUTH: Sending Username/Password request (XAUTH_R0)<br>
May 9 17:59:49 vpnserver pluto[3567]: "E61"[4] <a href="http://123.123.123.123">123.123.123.123</a> #2: XAUTH: Unsupported XAUTH parameter XAUTH-TYPE received.<br>May 9 17:59:49 vpnserver pluto[3567]: XAUTH: User test: Attempting to login<br>
May 9 17:59:49 vpnserver pluto[3567]: XAUTH: pam authentication being called to authenticate user test<br>May 9 17:59:49 vpnserver pluto[3567]: (pam_unix) check pass; user unknown<br>May 9 17:59:49 vpnserver pluto[3567]: (pam_unix) authentication failure; logname= uid=0 euid=0 tty= ruser= rhost=<br>
May 9 17:59:51 vpnserver pluto[3567]: XAUTH: User test: Authentication Failed: Incorrect Username or Password<br>May 9 17:59:52 vpnserver pluto[3567]: "E61"[4] <a href="http://123.123.123.123">123.123.123.123</a> #2: Expecting MODE_CFG_REPLY, got ISAKMP_CFG_ACK instead.<br>
May 9 17:59:52 vpnserver pluto[3567]: "E61"[4] <a href="http://123.123.123.123">123.123.123.123</a> #2: Informational Exchange message is invalid because it has a Message ID of 0<br><br>Suggestion<br>Thanks!<br>
<br>-- <br>Denis Beltramo