[Openswan Users] Interoperability problem with Windows XP

Magnus Hyllander mhypub1 at hyllander.org
Wed Jun 2 15:06:52 CEST 2004


Paul Wouters wrote:

>On Wed, 2 Jun 2004, Magnus Hyllander wrote:
>
>  
>
>>I ran into a problem with Openswan 2.1.2 and Windows XP. In the 
>>oakley.log in Windows XP I get the error message "Peer failed to send 
>>valid machine certificate". Looking for a solution I came across the 
>>following thread on the openswan dev list, which describes my problem 
>>exactly:
>>
>>http://lists.openswan.org/pipermail/dev/2004-April/000246.html
>>
>>I tried the suggestion to set "leftsendcert=always", and it does solves 
>>the problem. Just thought I would mention this in case anyone else has 
>>the same problem.
>>    
>>
>
>Did you put the proper certificate in /etc/ipsec.d/cacerts ? Is it loaded
>properly? Check with ipsec auto --listall
>
>Paul 
>
>
>  
>
Yes, all certificates are correct. My setup is an existing one that I 
have used with both SuperFreeswan and Freeswan 2.0x before switching to 
Openswan. "leftsendcert=always" was the only change to my existing 
configuration that I had to make to get it to work after the switch.

/Magnus
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.openswan.org/pipermail/users/attachments/20040602/11e4237b/attachment.htm


More information about the Users mailing list