[Openswan Users] Windows XP Roadwarrior (FreeSWAN 2.05 + x509
patch): IPsec policy problem
Paul Wouters
paul at xelerance.com
Mon Jun 21 17:46:14 CEST 2004
On Fri, 18 Jun 2004, Jeannot Langlois wrote:
> 1-Using the ipsec.exe tool from Mark Mueller and an ipsec.conf file - it
> worked;
> and
> 2-using MMC directly -- which is graphical and easier and doesn't
> require and ipsec.conf file -- it worked.
Can you tell me how you did 2) ? Would you be able to privde screen shots?
We did make 1) easier by creating out certimport.exe tool to import the X509
certificate, but I am very interested in how you configured everything fully
through the mmc without using ipsec.exe.
> PFS : y
> Auto : start
> Auth.Mode : MD5
> Rekeying : 3600S/50000K
> Error 0xcbbb0012 occurred:
>
> The authentication method specified is invalid or unsupported.
> conn rw
> left=%any
> right=192.168.89.1
> rightca="C=CA,L=Amos,O=Actares Inc,OU=Security,CN=certificates,emailAddress=security at actares.com"
> network=auto
> auto=start
> pfs=yes
An earlier post about this suggested trying to change "emailAddress" to "E"
> *NOTHING* gets logged to the Oakley log from the Windows XP machine
> (except when deleting and refreshing IPsec tunnel policies, of course.
Odd.
> On the Windows 2000 host however, in "TCP/IP properties" >> "Advanced"
> >> "Options" I can clearly see BOTH "TCP/IP Filtering" and "IP
> Security" options. The latter allows me to use the "IPsec tunnel"
> policy I've defined in MMC.
Perhaps XP Home edition has no ipsec?
Paul
--
<Reverend> IRC is just multiplayer notepad.
More information about the Users
mailing list