[Openswan Users] Some questions regarding setup.

Jobst Schmalenbach jobst at barrett.com.au
Thu Dec 15 14:30:14 CET 2005 

Hi,

I have been using open(free)swan for a long time but never found 
the time to get rid of a few issues although everything
is working just fine, I can ping, smbmount both ways, 
log in both ways and whatever bothways.

My setup:

    home     192.168.A.A/24
                 |
  router     2.6.11-1.1369 FC4
             Linux Openswan U2.3.1/K2.6.11-1.1369_FC4 (netkey)
                 |
             internet
                 |
  router     2.6.8-1.521 FC2
             Linux Openswan U2.3.0/K2.6.8-1.521 (netkey)
                 |
    work     192.168.B.B/24



BUT in the logs I get:

@ HOME:
~~~~~~~
Dec 15 10:13:21 HOMEHOST pluto[7511]: "VPN_HOME_CONSULT" #75: initiating Main Mode to replace #74
Dec 15 10:13:21 HOMEHOST pluto[7511]: "VPN_HOME_CONSULT" #75: received Vendor ID payload [Dead Peer Detection]
Dec 15 10:13:21 HOMEHOST pluto[7511]: "VPN_HOME_CONSULT" #75: transition from state STATE_MAIN_I1 to state STATE_MAIN_I2
Dec 15 10:13:21 HOMEHOST pluto[7511]: "VPN_HOME_CONSULT" #75: I did not send a certificate because I do not have one.
Dec 15 10:13:21 HOMEHOST pluto[7511]: "VPN_HOME_CONSULT" #75: transition from state STATE_MAIN_I2 to state STATE_MAIN_I3
Dec 15 10:13:22 HOMEHOST pluto[7511]: "VPN_HOME_CONSULT" #75: Main mode peer ID is ID_FQDN: '@BCG_VPN_HOME_CONSULT_RIGHT'
Dec 15 10:13:22 HOMEHOST pluto[7511]: "VPN_HOME_CONSULT" #75: transition from state STATE_MAIN_I3 to state STATE_MAIN_I4
Dec 15 10:13:22 HOMEHOST pluto[7511]: "VPN_HOME_CONSULT" #75: ISAKMP SA established

@ WORK:
~~~~~~~
Dec 15 10:12:25 WORKHOST pluto[2829]: packet from HOMEIP:500: ignoring unknown Vendor ID payload [4f454578616c467b5f6f606d]
Dec 15 10:12:25 WORKHOST pluto[2829]: packet from HOMEIP:500: received Vendor ID payload [Dead Peer Detection]
Dec 15 10:12:25 WORKHOST pluto[2829]: "VPN_HOME_CONSULT" #77: responding to Main Mode
Dec 15 10:12:25 WORKHOST pluto[2829]: "VPN_HOME_CONSULT" #77: transition from state STATE_MAIN_R0 to state STATE_MAIN_R1
Dec 15 10:12:25 WORKHOST pluto[2829]: "VPN_HOME_CONSULT" #77: transition from state STATE_MAIN_R1 to state STATE_MAIN_R2
Dec 15 10:12:25 WORKHOST pluto[2829]: "VPN_HOME_CONSULT" #77: Main mode peer ID is ID_FQDN: '@BCG_VPN_HOME_CONSULT_LEFT'
Dec 15 10:12:25 WORKHOST pluto[2829]: "VPN_HOME_CONSULT" #77: I did not send a certificate because I do not have one.
Dec 15 10:12:25 WORKHOST pluto[2829]: "VPN_HOME_CONSULT" #77: transition from state STATE_MAIN_R2 to state STATE_MAIN_R3
Dec 15 10:12:25 WORKHOST pluto[2829]: "VPN_HOME_CONSULT" #77: sent MR3, ISAKMP SA established



Questions:
~~~~~~~~~~~

  what does "ignoring unknown Vendor ID payload" mean?

  what does "I did not send a certificate because I do not have one." mean?



I actaully downloaded the complete mbox file of the mailing list archive and searched
for the terms. The last one comes up quite frequently but I did not find a solution.
I searched on the net -> dito.



jobst







-- 
I'm on a high cholesterol, high sugar, caffeine and liquor fad diet.

             __, Jobst Schmalenbach, Technical Director
   _ _.--'-n_/   Barrett Consulting Group P/L & The Meditation Room P/L      
 -(_)------(_)=  +61 3 9532 7677, POBox 277, Caulfield South, 3162, Australia

More information about the Users mailing list