[Openswan Users] Openswan 2.2 and Safenet Client
Rolf Offermanns
roffermanns at sysgo.com
Thu Nov 18 17:46:25 CET 2004
Paul Wouters wrote:
> On Thu, 18 Nov 2004, Alexander Hellkuhl wrote:
>
>> I'm trying to connect with a Safenet Client to a Debian Router with
>> Openswan 2.2 installed. The Client is not accepted. What means reqca=0 ?
>>
>> Regards Alexander
>>
>> Nov 18 15:21:00 firewall pluto[2819]: | refine_connection: checking
>> roadwarrior against roadwarrior, best=(none) with
>> match=0(id=1/ca=1/reqca=0)
>> Nov 18 15:21:00 firewall pluto[2819]: "roadwarrior"[1] xxx.xxx.xxx.xxx
>> #1:
>> no 5suitable connection for peer 'my at email.de'
>
>
> Try removing the @ symbol. It has a special meaning.
>
> (and mail me back if this indeed solved your problem)
>
I don't think this is the problem, since it works here.
The Email address *must* be contained in the certs. subjectAltName attribute.
Otherwise openswan will not accept it as id.
-Rolf
--
Rolf Offermanns <roffermanns at sysgo.com>
SYSGO AG Tel.: +49-6136-9948-0
Am Pfaffenstein 14 Fax: +49-6136-9948-10
55270 Klein-Winternhein http://www.sysgo.com
More information about the Users
mailing list