[Openswan Users]
XAUTH rekey fails with "no file descriptor available for prompt"
Ronald Moesbergen
Ronald.Moesbergen at bkvision.nl
Sat Feb 5 13:24:08 CET 2005
Hi,
I have a VPN tunnel to a Cisco 3000 using XAUTH. The connection works
fine, but when it's time to rekey (after one hour), the following shows
up:
Feb 4 11:28:54 #15: sent AI2, ISAKMP SA established
Feb 4 11:28:54 #15: XAUTH: Bad Message: Enter Username and Password.
Feb 4 11:28:54 #15: XAUTH username requested, but no file descriptor
available for prompt
Feb 4 11:28:54 #15: sending encrypted notification
CERTIFICATE_UNAVAILABLE to x.x.x.x:500
Feb 4 11:29:04 #14: IPsec SA expired (LATEST!)
As you can see openswan needs the XAUTH username and password again, but
it tries to get it by prompting for it, which of course fails because
it's running in the background and there's no terminal (and no human)
available. I start this connection with the following command:
ipsec whack --initiate --name cisco --xauthname username --xauthpass
password
I'm using CVS-HEAD from last Thursday. Is there an option I should use
to make openswan remember the password so it can reuse it?
Thanks,
Ronald.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.openswan.org/pipermail/users/attachments/20050205/cc539e99/attachment.htm
More information about the Users
mailing list