[Openswan Users] Please, please help! WinXP Roadwarrior won't connect! (logs included)

Karim 'Kasi Mir' Senoucci kasi.mir at melzone.de
Fri Aug 13 11:41:15 CEST 2004

Hello all,

>I got this from WinXP roadwarriors before... I can't remember if it got
>fixed with "leftsendcert=always" on VPN server's ipsec.conf

The (Linux) VPN server doesn't understand this configuration option. On
the WinXP side I can include it in the ipsec.conf, but without any

>, or changing
>on roadwarriors' ipsec.conf rightca="C=xx, O=xx, OU=xx, CN=xx,
>E=xx at xx.xx" by the good one. Content inside "" it's very important to be
>exactly what Windows or IPSEC.exe needs, I mean, spaces (blanks) are
>important... It can be get in right way from MMC (Microsoft Management
>Console) --> Ipsec security policy (local machine) --> FreeSwan --> (any
>of your IP filters) --> authentication methods --> modify --> [and now
>choice the right one, copy it's description from the text box, and paste
>at your roadwarrior's ipsec.conf].

That doesn't help either, 'cause what is listed in the FreeSwan entries,
is *bit* *by* *bit* the same string that's listed in the ipsec.conf.
Aren't those security policy entries created by IPSEC.exe while reading
the ipsec.conf, so that they'll *automatically* be identical?

Has anyone got any other ideas?

Karim Senoucci

More information about the Users mailing list