[Openswan dev] Freeswan-1.99 patch: SHA first, interop with interop note broken Checkpoint VPN-1

matt-openswan-dev at kindjal.net matt-openswan-dev at kindjal.net
Tue May 11 16:43:02 CEST 2004


Sanitized log attached, made with plutodebug=all.

The symptom you describe is exactly the one that I had.  The patch
worked for me.

MC

On Wed, 12 May 2004, Paul Wouters wrote:

> Is it possible for you to send us a log of the entire conversation,
> including full vendor id's? Perhaps we can then identify the case of
> broken Checkpoint VPN-1 products and for instance not offer md5 to them
> at all.
> 
> I did try your patch against one of my production customer boxes that
> have a broken VPN interop between Cehckpoint and our Openswan-1 machine,
> but it did not resolve my problem. (IPsec SA gets established, but the
> Checkpoint then eats up all ESP and never sends me anything).
> 
> Thanks for the information though. We will put it in our interop notes.
> 
> Paul 
-------------- next part --------------
A non-text attachment was scrubbed...
Name: vpn-1-fswan.log.gz
Type: application/x-gzip
Size: 3667 bytes
Desc: 
Url : http://lists.openswan.org/pipermail/dev/attachments/20040511/699feeae/vpn-1-fswan.log.bin


More information about the Dev mailing list