[Openswan Users] Openswan 2.2 and Safenet Client

Rolf Offermanns roffermanns at sysgo.com
Thu Nov 18 17:46:25 CET 2004


Paul Wouters wrote:
> On Thu, 18 Nov 2004, Alexander Hellkuhl wrote:
> 
>> I'm trying to connect with a Safenet Client to a Debian Router with
>> Openswan 2.2 installed. The Client is not accepted. What means reqca=0 ?
>>
>> Regards Alexander
>>
>> Nov 18 15:21:00 firewall pluto[2819]: | refine_connection: checking
>> roadwarrior against roadwarrior, best=(none) with
>> match=0(id=1/ca=1/reqca=0)
>> Nov 18 15:21:00 firewall pluto[2819]: "roadwarrior"[1] xxx.xxx.xxx.xxx 
>> #1:
>> no 5suitable connection for peer 'my at email.de'
> 
> 
> Try removing the @ symbol. It has a special meaning.
> 
> (and mail me back if this indeed solved your problem)
> 
I don't think this is the problem, since it works here.
The Email address *must* be contained in the certs. subjectAltName attribute.
Otherwise openswan will not accept it as id.

-Rolf
-- 
Rolf Offermanns <roffermanns at sysgo.com>
SYSGO AG     Tel.: +49-6136-9948-0
Am Pfaffenstein 14   Fax: +49-6136-9948-10
55270 Klein-Winternhein  http://www.sysgo.com



More information about the Users mailing list