[Openswan Users] WinXp+Openswan on certificates
Urmo
urmo at mindworks.ee
Thu Feb 3 17:10:58 CET 2005
Ok, now I added certificates to openswan and XpSp2 box. Connecting generates
this:
eb 3 17:00:17 wall pluto[12931]: | complete state transition with STF_OK
Feb 3 17:00:17 wall pluto[12931]: "roadwarrior"[1] 194.106.125.146:63510
#1: transition from state STATE_MAI
N_R1 to state STATE_MAIN_R2
Feb 3 17:00:17 wall pluto[12931]: | sending reply packet
Feb 3 17:00:17 wall pluto[12931]: | sending 356 bytes for STATE_MAIN_R1
through eth0 to 194.106.125.146:6351
0:
and then
Feb 3 17:00:18 wall pluto[12931]: "roadwarrior"[1] 194.106.125.146:63510
#1: next payload type of ISAKMP Has
h Payload has an unknown value: 242
Feb 3 17:00:18 wall pluto[12931]: "roadwarrior"[1] 194.106.125.146:63510
#1: malformed payload in packet
Feb 3 17:00:18 wall pluto[12931]: "roadwarrior"[1] 194.106.125.146:63510
#1: sending notification PAYLOAD_MA
LFORMED to 194.106.125.146:63510
What could be wrong? Last message is repeated with similar message, only
with Payload value 148 and then openswan hangs up.
My ipsec.conf:
config setup
interfaces="ipsec0=eth0"
nat_traversal=yes
virtual_private=%v4:10.0.0.0/8,%v4:172.16.0.0/12,%v4:192.168.0.0/16
klipsdebug=all
plutodebug=all
dumpdir=/tmp
conn %default
compress=yes
disablearrivalcheck=no
leftrsasigkey=%cert
rightrsasigkey=%cert
keyingtries = 1
conn roadwarrior
left = 194.106.125.147
leftsubnet = 192.168.0.0/24
leftcert=urmo_cert.pem
pfs = yes
right=%any
auto=add
More information about the Users
mailing list