[OpenSWAN Users] [DETAILED REPORT] CANNOT get FreeSWAN 2.04 and
LinkSys BEFSX41-CA(FR) to establish an IPsec tunnel
Jeannot_Langlois
jeannot at cableamos.com
Mon Dec 22 12:13:37 CET 2003
Paul Wouters wrote:
>On Sat, 20 Dec 2003, Jeannot_Langlois wrote:
>
>>(unsuccessful) hard work attempts at getting a FreeSWAN 2.04 gateway and
>>a LinkSys BEFSX41-CA(FR) router to establish a simple subnet-to-subnet
>>IPsec tunnel together using Pre-Shared Keys.
>>
>>I am sending this detailed report so maybe you guys can figure something
>>out of this that I couldn't, even after TONS of Googlezing :-).
>>
>>======> My current assumption is that something in the BEFSX41-CA(FR)'s
>>IPsec implementation is faulty. <======
>>
>>
>
>You've done a really nice job of configuring. There isn't anything I see
>wrong. One tiny thing is perhaps compile IPSEC_DEBUG next time, since you
>still toggle that with the debug variables.
>I'd say the remote end doesn't like something you're sending, so either
>try to limit the scope of your attempts with explicitely setting ike=
>and esp= statements, or else try using auto=add and see what happens when
>the other end initiates, and freeswan is the responder.
>
>If you get it to work, I'd like to have the information so we can add this
>to our documentation.
>
>Paul
>
>
>
Hi there,
I'll take note of these ideas.
We've already tried originating or answering from BOTH ends of the
tunnel (FreeSWAN / LinkSys), no luck.
About esp=... statements, isn't that used *ONLY* in manual-keying mode?
(the man page says manual-keying mode parameters are ignored in
automatic mode...)?
I see no problems about sending you my informations and documentations
*IF* I can get things to work.
Thanks for your suggestions.
Cheers,
--
Jeannot Langlois
B. Sc. Computer Science / B. Sc. Informatique
jeannot12 AT linuxmail DOT org
LINUX_LOGO
-------------- next part --------------
Skipped content of type multipart/related
More information about the Users
mailing list