[Openswan Users] Openswan 2.2 and Safenet Client

Alexander Hellkuhl openswan at axel-h.de
Fri Nov 19 00:33:11 CET 2004


First thanks a lot for the answers.

I don't think that the ID is the Problem.

pluto[9174]: |   match_id called with a=my at email.de b=my at email.de

They seem to match. I think there is a Problem with the requested CA. But
i don't even know the difference between the CA and the requested CA.

pluto[9174]: |   trusted_ca called with a=C=DE, ST=Germany, L=Essen,
O=Example Company, CN=Alexander Hellkuhl, E=hellkuhl at examplecompany.de
b=(empty)
pluto[9174]: |   trusted_ca called with a=(empty) b=C=DE, ST=Germany,
L=Essen, O=Example Company, CN=Alexander Hellkuhl,
E=hellkuhl at examplecompany.de

In the first line "a" contains the values of the CA and "b" is "(empty)",
in the second the opposite. Shouldn't they be the same?

Regards Alexander

Nov 19 02:09:32 firewall pluto[9174]: "roadwarrior"[1] 217.229.17.1 #1:
ignoring informational payload, type IPSEC_INITIAL_CONTACT
Nov 19 02:09:32 firewall pluto[9174]: "roadwarrior"[1] 217.229.17.1 #1:
Peer ID is ID_USER_FQDN: 'my at email.de'
Nov 19 02:09:32 firewall pluto[9174]: | reached self-signed root ca
Nov 19 02:09:32 firewall pluto[9174]: | requested CA: 'C=DE, ST=Germany,
L=Essen, O=Example Company, CN=Alexander Hellkuhl,
E=hellkuhl at examplecompany.de'
Nov 19 02:09:32 firewall pluto[9174]: | refine_connection: starting with
roadwarrior
Nov 19 02:09:32 firewall pluto[9174]: |   trusted_ca called with a=C=DE,
ST=Germany, L=Essen, O=Example Company, CN=Alexander Hellkuhl,
E=hellkuhl at examplecompany.de b=(empty)
Nov 19 02:09:32 firewall pluto[9174]: |    match_id a=my at email.de
b=my at email.de
Nov 19 02:09:32 firewall pluto[9174]: |   match_id called with
a=my at email.de b=my at email.de
Nov 19 02:09:32 firewall pluto[9174]: |   trusted_ca called with a=C=DE,
ST=Germany, L=Essen, O=Example Company, CN=Alexander Hellkuhl,
E=hellkuhl at examplecompany.de b=(empty)
Nov 19 02:09:32 firewall pluto[9174]: |   trusted_ca called with a=(empty)
b=C=DE, ST=Germany, L=Essen, O=Example Company, CN=Alexander Hellkuhl,
E=hellkuhl at examplecompany.de
Nov 19 02:09:32 firewall pluto[9174]: | refine_connection: checking
roadwarrior against roadwarrior, best=(none) with
match=0(id=1/ca=1/reqca=0)
Nov 19 02:09:32 firewall pluto[9174]: |    match_id a=my at email.de
b=my at email.de
Nov 19 02:09:32 firewall pluto[9174]: |   match_id called with
a=my at email.de b=my at email.de
Nov 19 02:09:32 firewall pluto[9174]: |   trusted_ca called with a=C=DE,
ST=Germany, L=Essen, O=Example Company, CN=Alexander Hellkuhl,
E=hellkuhl at examplecompany.de b=(empty)
Nov 19 02:09:32 firewall pluto[9174]: |   trusted_ca called with a=(empty)
b=C=DE, ST=Germany, L=Essen, O=Example Company, CN=Alexander Hellkuhl,
E=hellkuhl at examplecompany.de
Nov 19 02:09:32 firewall pluto[9174]: | refine_connection: checking
roadwarrior against roadwarrior, best=(none) with
match=0(id=1/ca=1/reqca=0)
Nov 19 02:09:32 firewall pluto[9174]: "roadwarrior"[1] 217.229.17.1 #1: no
suitable connection for peer 'my at email.de'
Nov 19 02:09:32 firewall pluto[9174]: "roadwarrior"[1] 217.229.17.1 #1:
sending encrypted notification INVALID_ID_INFORMATION to 217.229.17.1:500



More information about the Users mailing list