[Openswan Users] Re: problem connecting: INVALID_CERTIFICATE
Paul Wouters
paul at xelerance.com
Fri Dec 16 15:18:49 CET 2005
On Thu, 15 Dec 2005, aram price wrote:
> virtual_private=%v4:10.0.0.0/8,%v4:172.16.0.0/12,%v4:192.168.0.0/16%v4:!10.10.1.0/24
Missing a comma there.
> Dec 15 19:24:31 vpnserver pluto[2780]: 1 bad entries in virtual_private - none
> loaded
As you can read in the logs here. So any connection from behind NAT will fail.
> Dec 15 19:24:44 vpnserver pluto[2780]: "l2tp-b-cert"[2] w.x.y.z #1: transition
> from state STATE_MAIN_R2 to state STATE_MAIN_R3
> Dec 15 19:24:44 vpnserver pluto[2780]: "l2tp-b-cert"[2] w.x.y.z #1:
> STATE_MAIN_R3: sent MR3, ISAKMP SA established {auth=OAKLEY_RSA_SIG
> cipher=oakley_3des_cbc_192 prf=oakley_sha group=modp1024}
> Dec 15 19:24:44 vpnserver pluto[2780]: "l2tp-b-cert"[2] w.x.y.z #1: ignoring
> informational payload, type INVALID_CERTIFICATE
I would try Windows first, X.509 on OSX is still very much untested and under
strange restrains. I hope it will be better when 10.4.4 comes out in the next
week.
Paul
More information about the Users
mailing list