[Openswan Users] unsupported ID type ID_FQDN

José Julio Hernández Fernández jhernandez at sgi.es
Wed May 26 14:54:25 CEST 2004 

Hi,

I've got a server running SuSE Linux 9.0, with FreeS/WAN downloaded from
http://www.suse.de/~garloff/linux/FreeSWAN/ (2.04 for SuSE 9.0, with
X.509 and NAT-T support). NAT-T and X.509 certs run fine with SSH
Sentinel client for WinXP.

Now I need to configure connections with the IPsec client included with
Windows XP. I've applied Microsoft's Q818043 update for NAT-T, and
imported the certificates. But I've got the following error:


May 26 10:50:58 vpn2 pluto[10019]: packet from a.b.c.d:500: ignoring
Vendor ID payload [MS NT5 ISAKMPOAKLEY 00000004]
May 26 10:50:58 vpn2 pluto[10019]: packet from a.b.c.d:500: ignoring
Vendor ID payload [FRAGMENTATION]
May 26 10:50:58 vpn2 pluto[10019]: packet from a.b.c.d:500: received
Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02_n]
May 26 10:50:58 vpn2 pluto[10019]: packet from a.b.c.d:500: ignoring
Vendor ID payload [26244d38eddb61b3...]
May 26 10:50:58 vpn2 pluto[10019]: "test"[7] a.b.c.d #7: responding to
Main Mode from unknown peer a.b.c.d
May 26 10:50:58 vpn2 pluto[10019]: "test"[7] a.b.c.d #7: only
OAKLEY_GROUP_MODP1024 and OAKLEY_GROUP_MODP1536 support
ed.  Attribute OAKLEY_GROUP_DESCRIPTION
May 26 10:50:58 vpn2 pluto[10019]: "test"[7] a.b.c.d #7: NAT-Traversal:
Result using draft-ietf-ipsec-nat-t-ike-02/03: peer is NATed
May 26 10:50:58 vpn2 pluto[10019]: "test"[7] a.b.c.d #7: Peer ID is
ID_DER_ASN1_DN: 'C=US, ST=xxx, L=xxx, O=yyy, OU=yyy, CN=test03 at none.com,
E=test03 at none.com'
May 26 10:50:58 vpn2 pluto[10019]: "test"[7] a.b.c.d #7: issuer crl not
found
May 26 10:50:58 vpn2 pluto[10019]: "test_NAT"[7] a.b.c.d #7: deleting
connection "test" instance with peer a.b.c.d {isakmp=#0/ipsec=#0}
May 26 10:50:58 vpn2 pluto[10019]: | NAT-T: new mapping
a.b.c.d:500/45414)
May 26 10:50:58 vpn2 pluto[10019]: "test_NAT"[7] a.b.c.d:45414 #7: sent
MR3, ISAKMP SA established
May 26 10:50:58 vpn2 pluto[10019]: "test_NAT"[7] a.b.c.d:45414 #7:
unsupported ID type ID_FQDN
May 26 10:50:58 vpn2 pluto[10019]: "test_NAT"[7] a.b.c.d:45414 #7:
sending encrypted notification INVALID_ID_INFORMA
TION to a.b.c.d:45414


I've been googling, but without finding any useful help.
¿Is the someone who could help me on this problem?


Thanks in advance, JJ.

More information about the Users mailing list