[OpenSWAN Users] [DETAILED REPORT] CANNOT get FreeSWAN 2.04 and LinkSys BEFSX41-CA(FR) to establish an IPsec tunnel

Paul Wouters paul at xtdnet.nl
Sun Dec 21 03:23:40 CET 2003


On Sat, 20 Dec 2003, Jeannot_Langlois wrote:

> (unsuccessful) hard work attempts at getting a FreeSWAN 2.04 gateway and 
> a LinkSys BEFSX41-CA(FR) router to establish a simple subnet-to-subnet 
> IPsec tunnel together using Pre-Shared Keys. 
> 
> I am sending this detailed report so maybe you guys can figure something 
> out of this that I couldn't, even after TONS of Googlezing :-).
> 
> ======> My current assumption is that something in the BEFSX41-CA(FR)'s 
> IPsec implementation is faulty. <======

You've done a really nice job of configuring. There isn't anything I see
wrong. One tiny thing is perhaps compile IPSEC_DEBUG next time, since you
still toggle that with the debug variables.
I'd say the remote end doesn't like something you're sending, so either
try to limit the scope of your attempts with explicitely setting ike=
and esp= statements, or else try using auto=add and see what happens when
the other end initiates, and freeswan is the responder.

If you get it to work, I'd like to have the information so we can add this
to our documentation.

Paul 



More information about the Users mailing list