[Openswan dev] standalone pluto + VPN client Aggressive mode
+ PSK + XAUTH
Ken Bantoft
ken at xelerance.com
Fri Jul 16 16:27:37 CEST 2004
Check users lists for a patch for Aggressive Mode - might help you get
further along.
http://lists.openswan.org/pipermail/users/2004-July/001652.html
On Wed, 7 Jul 2004, Philippe Sultan wrote:
> Hello everybody,
>
> I have compiled pluto (openswan v1.0.6) without klips in order to get a
> standalone ISAKMP stack and make it work with a Cisco VPN client.
>
> The client works as a roadwarrior in IKE Aggressive mode + preshared
> keys + XAUTH. My /etc/ipsec.secrets file :
> %any: PSK "*********"
> :PSK "*********"
>
> The first message from the client is processed through the
> 'aggr_inI1_outR1()' function (Cisco client specifies a wrong value for
> the packet size in the ISAKMP HDR, but I think pluto should ignore this
> in my case), and after that by find_host_connections() ->
> find_host_pair_connections() -> find_host_pair().
>
> These functions (found in connections.c) always returns NULL which makes
> pluto discard the ISAKMP message.
>
> In fact, the 'for' loop in the find_host_pair() is never entered,
> because the static struct 'host_pairs' is set to NULL (and p =
> host_pairs at loop initialization).
>
> I would like to know when and how the host_pairs struct if filled.
> Shouldn't it be initialized before we enter find_host_pair()?
>
> Thanks in advance for any help.
>
> Philippe
>
> _______________________________________________
> Dev mailing list
> Dev at lists.openswan.org
> http://lists.openswan.org/mailman/listinfo/dev
>
--
Ken Bantoft VP Business Development
ken at xelerance.com Xelerance Corporation
sip://toronto.xelerance.com http://www.xelerance.com
More information about the Dev
mailing list