[Openswan dev]
Paul Wouters
paul at xelerance.com
Wed Dec 7 17:00:30 CET 2005
On Wed, 7 Dec 2005, Harald Hoyer wrote:
> Could be reduced to:
a config change :)
rightprotoport=17/%any.
Ofcourse, this is a bug in the cisco3000. You should see if there is newer
firmware, or ugprade your door stop :)
The second part of your patch is likely no longer needed with 2.4.5, since
it has various fixes for aggressive mode and nat-t. Maybe 2.4.5dr3 already
works for you.
Paul
> > ------------------------------------------------------------------------
> >
> > --- openswan-2.3.1/programs/pluto/ipsec_doi.c.cisco 2005-03-27
> > 22:15:09.000000000 +0200
> > +++ openswan-2.3.1/programs/pluto/ipsec_doi.c 2005-04-22 11:51:14.231560872
> > +0200
> > @@ -2061,10 +2061,9 @@
> > && !(id->isaid_doi_specific_a == IPPROTO_UDP &&
> > id->isaid_doi_specific_b == IKE_UDP_PORT))
> > {
> > loglog(RC_LOG_SERIOUS, "protocol/port in Phase 1 ID Payload must be
> > 0/0 or %d/%d"
> > " but are %d/%d"
> > , IPPROTO_UDP, IKE_UDP_PORT
> > , id->isaid_doi_specific_a, id->isaid_doi_specific_b);
> > - return FALSE;
> > }
> > peer.kind = id->isaid_idtype;
> >
> _______________________________________________
> Dev mailing list
> Dev at openswan.org
> http://lists.openswan.org/mailman/listinfo/dev
>
--
"Happiness is never grand"
--- Mustapha Mond, World Controller (Brave New World)
More information about the Dev
mailing list