[Openswan dev]
Problems with interop between CVS HEAD and Super FreeS/WAN 1.99
Nate Carlson
natecars at natecarlson.com
Thu May 13 13:20:05 CEST 2004
Hey all,
I just tried out the current CVS HEAD version, and am having some
problems. Things work fine with 2.1.1 (mostly), but when I try a
connection with HEAD, I get (from the remote gateway):
May 13 12:12:00 vpn-gw pluto[7841]: packet from 65.193.16.110:32912: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-03]
May 13 12:12:00 vpn-gw pluto[7841]: packet from 65.193.16.110:32912: ignoring Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02]
May 13 12:12:00 vpn-gw pluto[7841]: "nat-10-roadwarrior-allnet"[14] 65.193.16.110:32912 #432: responding to Main Mode from unknown peer 65.193.16.110:32912
May 13 12:12:00 vpn-gw pluto[7841]: "nat-10-roadwarrior-allnet"[14] 65.193.16.110:32912 #432: Proposal Payload must be alone in Oakley SA; found ISAKMP_NEXT_P following Proposal
May 13 12:12:00 vpn-gw pluto[7841]: "nat-10-roadwarrior-allnet"[14] 65.193.16.110:32912 #432: sending notification PAYLOAD_MALFORMED to 65.193.16.110:32912
May 13 12:12:00 vpn-gw pluto[7841]: "nat-10-roadwarrior-allnet"[14] 65.193.16.110:32912: deleting connection "nat-10-roadwarrior-allnet" instance with peer 65.193.16.110
This is a pretty basic connection using an X.509 cert and such. The client
in question is a VMWare session on the 65.193.16.110 box, being NAT'd by
Vmware. Also tried it bridged on it's own public IP (just in case), get
the same error.
Exact same configs and such. This something I'm messing up in the build
process, or has the config changed between 2.1.1 and head? I did try
adding rightsendcert=always; no changes.
Thanks!
------------------------------------------------------------------------
| nate carlson | natecars at natecarlson.com | http://www.natecarlson.com |
| depriving some poor village of its idiot since 1981 |
------------------------------------------------------------------------
More information about the Dev
mailing list