<HTML><HEAD>
<META http-equiv=Content-Type content="text/html; charset=iso-8859-15">
<META content="MSHTML 6.00.6000.16608" name=GENERATOR></HEAD>
<BODY style="MARGIN: 4px 4px 1px; FONT: 10pt Microsoft Sans Serif">
<DIV>Hi,</DIV>
<DIV> </DIV>
<DIV>unfortunately with DOS commands</DIV>
<DIV> </DIV>
<DIV>preperation:</DIV>
<DIV> netsh advfirewall set global mainmode mmsecmethods dhgroup14:aes256-sha1,aes128-sha1,3des-sha1</DIV>
<DIV> </DIV>
<DIV>delete old Policy:</DIV>
<DIV> netsh advfirewall consec del rule name="StrongSwan"</DIV>
<DIV> </DIV>
<DIV>create new Policy (with pfs=yes"):</DIV>
<DIV> netsh advfirewall consec add rule name="StrongSwan" enable=yes mode=tunnel localtunnelendpoint=192.168.100.10 remotetunnelendpoint=192.168.100.1 endpoint1=192.168.100.10 endpoint2=10.0.0.0/8 action=requireinrequireout qmsecmethods=esp:sha1-aes256,esp:sha1-aes128,esp:sha1-3des auth1=computercert auth1ca="C=DE, O=...,OU=..." qmpfs=mainmode</DIV>
<DIV> </DIV>
<DIV>bye</DIV>
<DIV>UK</DIV>
<DIV> </DIV>
<DIV> </DIV>
<DIV>>>> </DIV>
<DIV style="PADDING-LEFT: 7px; MARGIN: 0px 0px 0px 15px; BORDER-LEFT: #050505 1px solid; BACKGROUND-COLOR: #f3f3f3">
<TABLE style="FONT-WEIGHT: normal; FONT-SIZE: 10pt; LINE-HEIGHT: normal; FONT-STYLE: normal; FONT-VARIANT: normal" bgColor=#f3f3f3>
<TBODY>
<TR vAlign=top>
<TD><STRONG>Von: </STRONG></TD>
<TD>Marek Gre¨ko <gresko@thr.sk></TD></TR>
<TR vAlign=top>
<TD><STRONG>An:</STRONG></TD>
<TD><users@openswan.org></TD></TR>
<TR vAlign=top>
<TD><STRONG>Datum:</STRONG></TD>
<TD>11.11.08 12:50</TD></TR>
<TR vAlign=top>
<TD><STRONG>Betreff:</STRONG></TD>
<TD>Re: [Openswan Users] Plain IPSec tunnel / NAT-T with Vista</TD></TR></TBODY></TABLE>Dna ¦t 6. november 2008 Beschorner Daniel napísal:<BR>> For all of you who are interested:<BR>><BR>> <A href="http://support.microsoft.com/kb/957624">http://support.microsoft.com/kb/957624</A><BR>><BR>> With this hotfix (free for download) Vista SP1 now plays with IPSEC<BR>> tunnels behind NAT as a client.<BR>> This never worked until now (http://support.microsoft.com/kb/944335).<BR>> Of course they didn't release it without still emphasizing that it is<BR>> evil...<BR>><BR>> However, I've just tested it, it works now.<BR>><BR><BR>Good news. But what userspace applications should be used? I cannot find <BR>ipseccmd.exe for Vista. So the ipsec.exe fails.<BR><BR>Thank you.<BR><BR>Marek<BR>_______________________________________________<BR>Users@openswan.org<BR><A href="http://lists.openswan.org/mailman/listinfo/users">http://lists.openswan.org/mailman/listinfo/users</A><BR>Building and Integrating Virtual Private Networks with Openswan: <BR><A href="http://www.amazon.com/gp/product/1904811256/104">http://www.amazon.com/gp/product/1904811256/104</A>-3099591-2946327?n=283155<BR></DIV><BR><BR>>>>
<DIV style="PADDING-LEFT: 7px; MARGIN: 0px 0px 0px 15px; BORDER-LEFT: #050505 1px solid; BACKGROUND-COLOR: #f3f3f3">
<TABLE style="FONT-WEIGHT: normal; FONT-SIZE: 10pt; LINE-HEIGHT: normal; FONT-STYLE: normal; FONT-VARIANT: normal" bgColor=#f3f3f3>
<TBODY>
<TR vAlign=top>
<TD><STRONG>Von: </STRONG></TD>
<TD>Marek Gre¨ko <gresko@thr.sk></TD></TR>
<TR vAlign=top>
<TD><STRONG>An:</STRONG></TD>
<TD><users@openswan.org></TD></TR>
<TR vAlign=top>
<TD><STRONG>Datum:</STRONG></TD>
<TD>11.11.08 12:50</TD></TR>
<TR vAlign=top>
<TD><STRONG>Betreff:</STRONG></TD>
<TD>Re: [Openswan Users] Plain IPSec tunnel / NAT-T with Vista</TD></TR></TBODY></TABLE>Dna ¦t 6. november 2008 Beschorner Daniel napísal:<BR>> For all of you who are interested:<BR>><BR>> <A href="http://support.microsoft.com/kb/957624">http://support.microsoft.com/kb/957624</A><BR>><BR>> With this hotfix (free for download) Vista SP1 now plays with IPSEC<BR>> tunnels behind NAT as a client.<BR>> This never worked until now (http://support.microsoft.com/kb/944335).<BR>> Of course they didn't release it without still emphasizing that it is<BR>> evil...<BR>><BR>> However, I've just tested it, it works now.<BR>><BR><BR>Good news. But what userspace applications should be used? I cannot find <BR>ipseccmd.exe for Vista. So the ipsec.exe fails.<BR><BR>Thank you.<BR><BR>Marek<BR>_______________________________________________<BR>Users@openswan.org<BR><A href="http://lists.openswan.org/mailman/listinfo/users">http://lists.openswan.org/mailman/listinfo/users</A><BR>Building and Integrating Virtual Private Networks with Openswan: <BR><A href="http://www.amazon.com/gp/product/1904811256/104">http://www.amazon.com/gp/product/1904811256/104</A>-3099591-2946327?n=283155<BR></DIV></BODY></HTML>