[Openswan Users] packet rejected: should have been encrypted - more logs

Bram Bouwens bbouwens at xs4all.nl
Tue Jul 5 11:30:58 CEST 2005

Paul Wouters wrote:
> On Mon, 4 Jul 2005, Bram Bouwens wrote:
>> For a more complete picture:
>> - the openswan ipsec.conf at
>> - the openswan log at (why does Pluto 
>> restart????)
>> Starting Pluto (Openswan Version cvs2002Mar11_19:19:03
> Please try 2.3.1
Nou breekt m'n klomp...

# rpm -q openswan

So I downloaded the official sources and compiled the package myself.

# ipsec --version
Linux Openswan U2.3.1/K2.1.2rc3 (klips)

That's better....

>> - the windows ipsec.conf at
>> - the windows oakley log at (GetPacket 
>> failed? CertFindExtenstion failed?)
> If you are unsure about whether the certificate has imported correctly, use
> certimport.exe to re-import the certificate. It's on ft.openswan.org.

OK, did that too, just to be sure. certimport.exe reported it already
had the equivalent cert.
>> I really don't see what's happening. I have been running 
>> freeswan/openswan
>> for 4 years (linux-linux) with hardly any trouble, but this is pretty 
>> vague to me.
> I am not sure what is happening either. I suspect a bug in the CVS version
> of openswan that you are running.

With 2.3.1 the behaviour is very much the same. I updated the logfiles pointed
to above.

So ... more suggestions are welcome.


More information about the Users mailing list