[Openswan Users] path to madness
Eric S. Johansson
esj at harvee.org
Thu Dec 16 18:25:53 CET 2004
I'm still having trouble with this road warrior connection to ipcop.
The error messages the ever popular:
Dec 16 17:29:53 t2cop pluto: packet from 188.8.131.52:500:
initial Main Mode message received on 184.108.40.206:500 but no
connection has been authorized with policy=RSASIG
and I find it's frustrating that even with plutodebug=all, I don't get
anywhere near sufficient debugging information to tell me what's going
on (or at least in the form I can recognize).
My interpretation of what's going on is that something about the client
side certificate is not right. It's not being matched by the server
side corresponding certificate. and if the client can't produce an
identity and recognized by the firewall, nothing happens. (duh)
my expectation is that something will be able to tell me that the client
ascending "this" ID and the firewall is expecting "that" ID so I can try
to figure out why there's no match.
I've been all over the openswan sites (you don't have copies of the man
pages up) and haven't found what I think I need to know. I throw myself
on your mercy. For continuing on this path is the way to madness.
But if that's what we rely on [private and home schools], we
rely on something less than a notion of universal access and something
other than a system that unsettles a class system. If private schools
and home schooling are all we have, we have a much more static
society, rooted in generational class stasis.
More information about the Users