[Openswan Users] Openswan 2.2.0 and Windows XP Sp2

RITTER, Philippe phr at cdm.smis.ch
Fri Jan 7 08:35:41 CET 2005


I am using openswan 2.2.0 on a debian. I will wait until 2.3.0 is available
on Debian sarge.

But I did some error in my certificate. I reinstalled all certificate. But
now I get this error on the route command. Can this be a problem with my
firewall rules or a config problem in openswan ?

Thanks for any help !

Regards
Philippe

Jan  7 08:31:52 gibraltar pluto[6279]: packet from 193.247.83.238:500:
ignoring Vendor ID payload [MS NT5 ISAKMPOAKLEY 00000004]
Jan  7 08:31:52 gibraltar pluto[6279]: packet from 193.247.83.238:500:
ignoring Vendor ID payload [FRAGMENTATION]
Jan  7 08:31:52 gibraltar pluto[6279]: packet from 193.247.83.238:500:
received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02_n]
Jan  7 08:31:52 gibraltar pluto[6279]: packet from 193.247.83.238:500:
ignoring Vendor ID payload [26244d38eddb61b3172a36e3d0cfb819]
Jan  7 08:31:52 gibraltar pluto[6279]: "cdm-phr"[1] 193.247.83.238 #3:
responding to Main Mode from unknown peer 193.247.83.238
Jan  7 08:31:52 gibraltar pluto[6279]: "cdm-phr"[1] 193.247.83.238 #3:
transition from state (null) to state STATE_MAIN_R1
Jan  7 08:31:52 gibraltar pluto[6279]: "cdm-phr"[1] 193.247.83.238 #3:
NAT-Traversal: Result using draft-ietf-ipsec-nat-t-ike-02/03: no NAT
detected
Jan  7 08:31:52 gibraltar pluto[6279]: "cdm-phr"[1] 193.247.83.238 #3:
transition from state STATE_MAIN_R1 to state STATE_MAIN_R2
Jan  7 08:31:53 gibraltar pluto[6279]: "cdm-phr"[1] 193.247.83.238 #3: Peer
ID is ID_DER_ASN1_DN: 'C=CH, ST=GE, L=Geneve, O=Caisse des medecins,
OU=SITC, CN=kali.cdm.smis.ch, E=phr at cdm.smis.ch'
Jan  7 08:31:53 gibraltar pluto[6279]: "cdm-phr"[2] 193.247.83.238 #3:
deleting connection "cdm-phr" instance with peer 193.247.83.238
{isakmp=#0/ipsec=#0}
Jan  7 08:31:53 gibraltar pluto[6279]: "cdm-phr"[2] 193.247.83.238 #3: I am
sending my cert
Jan  7 08:31:53 gibraltar pluto[6279]: "cdm-phr"[2] 193.247.83.238 #3:
transition from state STATE_MAIN_R2 to state STATE_MAIN_R3
Jan  7 08:31:53 gibraltar pluto[6279]: "cdm-phr"[2] 193.247.83.238 #3: sent
MR3, ISAKMP SA established
Jan  7 08:31:53 gibraltar pluto[6279]: "cdm-phr"[2] 193.247.83.238 #4:
responding to Quick Mode
Jan  7 08:31:53 gibraltar pluto[6279]: "cdm-phr"[2] 193.247.83.238 #4:
transition from state (null) to state STATE_QUICK_R1
Jan  7 08:31:54 gibraltar pluto[6279]: "cdm-phr"[2] 193.247.83.238 #4:
route-client output: /usr/lib/ipsec/_updown: doroute `ip route add
193.247.83.238/32 via 193.247.83.238 dev ppp0 ' failed (RTNETLINK answers:
Network is unreachable)
Jan  7 08:31:54 gibraltar pluto[6279]: "cdm-phr"[2] 193.247.83.238 #4:
transition from state STATE_QUICK_R1 to state STATE_QUICK_R2
Jan  7 08:31:54 gibraltar pluto[6279]: "cdm-phr"[2] 193.247.83.238 #4: IPsec
SA established {ESP=>0x4c5df440 <0xccb9baee}
Jan  7 08:33:23 gibraltar pluto[6279]: "cdm-phr"[2] 193.247.83.238 #3:
received Delete SA payload: deleting ISAKMP State #3
Jan  7 08:33:23 gibraltar pluto[6279]: packet from 193.247.83.238:500:
received and ignored informational message

-----Message d'origine-----
De : Paul Wouters 
Envoyé : jeudi, 6. janvier 2005 18:41
À : RITTER, Philippe
Cc : 'users at openswan.org'
Objet : Re: [Openswan Users] Openswan 2.2.0 and Windows XP Sp2


On Thu, 6 Jan 2005, RITTER, Philippe wrote:

> I'm trying to configure IP Sec like Nate Carlson described. But I always
get
> this error in my system. Can someone help me ?

> Jan  6 16:10:28 gibraltar pluto[4060]: "cdm-phr"[23] 193.247.83.238 #26:
> next payload type of ISAKMP Hash Payload has an unknown value: 133
> Jan  6 16:10:28 gibraltar pluto[4060]: "cdm-phr"[23] 193.247.83.238 #26:
> malformed payload in packet

Please upgrade your openswan. You are likely running a 2.3.0dr release?

Paul


More information about the Users mailing list