[OpenSWAN Users] [DETAILED REPORT] CANNOT get FreeSWAN 2.04 and LinkSys BEFSX41-CA(FR) to establish an IPsec tunnel

Jeannot_Langlois jeannot at cableamos.com
Mon Dec 22 12:13:37 CET 2003

Paul Wouters wrote:

>On Sat, 20 Dec 2003, Jeannot_Langlois wrote:
>>(unsuccessful) hard work attempts at getting a FreeSWAN 2.04 gateway and 
>>a LinkSys BEFSX41-CA(FR) router to establish a simple subnet-to-subnet 
>>IPsec tunnel together using Pre-Shared Keys. 
>>I am sending this detailed report so maybe you guys can figure something 
>>out of this that I couldn't, even after TONS of Googlezing :-).
>>======> My current assumption is that something in the BEFSX41-CA(FR)'s 
>>IPsec implementation is faulty. <======
>You've done a really nice job of configuring. There isn't anything I see
>wrong. One tiny thing is perhaps compile IPSEC_DEBUG next time, since you
>still toggle that with the debug variables.
>I'd say the remote end doesn't like something you're sending, so either
>try to limit the scope of your attempts with explicitely setting ike=
>and esp= statements, or else try using auto=add and see what happens when
>the other end initiates, and freeswan is the responder.
>If you get it to work, I'd like to have the information so we can add this
>to our documentation.

Hi there,

I'll take note of these ideas.

We've already tried originating or answering from BOTH ends of the 
tunnel (FreeSWAN / LinkSys), no luck.

About esp=... statements, isn't that used *ONLY* in manual-keying mode? 
 (the man page says manual-keying mode parameters are ignored in 
automatic mode...)?

I see no problems about sending you my informations and documentations 
*IF* I can get things to work.

Thanks for your suggestions.


Jeannot Langlois
B. Sc.  Computer Science / B. Sc.  Informatique
jeannot12 AT linuxmail DOT org


-------------- next part --------------
Skipped content of type multipart/related

More information about the Users mailing list