[Openswan Users] packet rejected: should have been encrypted
- more logs
Bram Bouwens
bbouwens at xs4all.nl
Tue Jul 5 11:30:58 CEST 2005
Paul Wouters wrote:
> On Mon, 4 Jul 2005, Bram Bouwens wrote:
>
>> For a more complete picture:
>>
>> - the openswan ipsec.conf at http://80.126.5.18/ipsec.conf
>> - the openswan log at http://80.126.5.18/secure.log (why does Pluto
>> restart????)
>
>
>> Starting Pluto (Openswan Version cvs2002Mar11_19:19:03
>
>
> Please try 2.3.1
>
Nou breekt m'n klomp...
# rpm -q openswan
openswan-2.3.1-21.rh7.3.at
So I downloaded the official sources and compiled the package myself.
# ipsec --version
Linux Openswan U2.3.1/K2.1.2rc3 (klips)
That's better....
>> - the windows ipsec.conf at http://80.126.5.18/winipsec.conf
>> - the windows oakley log at http://80.126.5.18/oakley.log (GetPacket
>> failed? CertFindExtenstion failed?)
>
>
> If you are unsure about whether the certificate has imported correctly, use
> certimport.exe to re-import the certificate. It's on ft.openswan.org.
OK, did that too, just to be sure. certimport.exe reported it already
had the equivalent cert.
>
>> I really don't see what's happening. I have been running
>> freeswan/openswan
>> for 4 years (linux-linux) with hardly any trouble, but this is pretty
>> vague to me.
>
>
> I am not sure what is happening either. I suspect a bug in the CVS version
> of openswan that you are running.
With 2.3.1 the behaviour is very much the same. I updated the logfiles pointed
to above.
So ... more suggestions are welcome.
Bram
More information about the Users
mailing list