[Openswan Users] OpenSWAN - Multiple issues

Daniel Bramkamp bramkamp at team-datentechnik.de
Wed Dec 21 11:49:32 CET 2005

Hi list,

I ran into some problems with an OpenSWAN installation. The gateway is 
currently running a rather old version (cvs2002Mar12_01:19:03) under 
Linux Kernel 2.4.27 with grsecurity patches applied. I have 3 
connections setup which are running fine. Yesterday I tried to setup a 
new connection, but I cannot get it to work. I tried 2 different 
routers, a Bintec VPN Access 5 (which is the same model that is used 
for the 3 working connections) and a LanCom 1621. The OpenSWAN side 
says "Informational Exchange message must be encrypted" when I use the 
BinTec and "INVALID_HASH_INFORMATION" when I try the LanCom. In both 
cases it tells me "sent MR3, ISAKMP SA established" before the error 
message. I did an update of OpenSWAN to version 2.4.4 and Kernel 2.4.32 
/ 2.6.14 (both with and without grsecurity). I still have the same 
problem with the new connection + the old connections are not working 
properly anymore after the update. For some reason the vpn connections 
and internet connection became so slow that I had to reinstall the old 
version. This happened on a Slackware 10.0 installation and on a recent 
Gentoo installation with different kernels, etc.. The definition of the 
new connection is the same as for the working connection. I am using 
certificates for authentication.

Help would be very much appreciated.

Thanks in advance.
Daniel Bramkamp

team! datentechnik GmbH & Co.KG
Werner von Siemens Straße 12a
49124 Georgsmarienhütte
Tel.: 05401-8226-0
Fax : 05401-8226-20
eMail: bramkamp at team-datentechnik.de

More information about the Users mailing list