[Openswan Users] High Assurance Soft Remote
Peter Osterberg
Peter_Osterberg at home.se
Tue Jul 12 16:52:54 CEST 2005
I have tried to setup OpenSwan to accept connections from a HighAssurance
client with no success what so ever, using x.509 ceritificates.
Ths OS config works prefeclty when I try to connect with the same cert
using Sentinel.
I've tried upgrading OS and I've tried every possible setting in
HighAssurance but the connection stops at the place every time with a logg
line reading:
Apr 1 11:19:21 fw pluto[18305]: packet from xxx.xxx.xxx.xxx:500: received
Vendor ID payload [draft-ietf-ipsec-nat-t-ike-00]
Apr 1 11:19:21 fw pluto[18305]: packet from xxx.xxx.xxx.xxx:500: received
Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02_n]
Apr 1 11:19:21 fw pluto[18305]: "bioinvent_roadwarrior"[32]
xxx.xxx.xxx.xxx #39: responding to Main Mode from unknown peer xxx.xxx.xxx.xxx
Apr 1 11:19:23 fw pluto[18305]: "bioinvent_roadwarrior"[32]
xxx.xxx.xxx.xxx #39: ignoring Vendor ID payload [47bbe7c993f1fc13...]
Apr 1 11:19:23 fw pluto[18305]: "bioinvent_roadwarrior"[32]
xxx.xxx.xxx.xxx #39: ignoring Vendor ID payload [da8e937880010000]
Apr 1 11:19:23 fw pluto[18305]: "bioinvent_roadwarrior"[32]
xxx.xxx.xxx.xxx #39: received Vendor ID payload [Dead Peer Detection]
Apr 1 11:19:23 fw pluto[18305]: "bioinvent_roadwarrior"[32]
xxx.xxx.xxx.xxx #39: ignoring Vendor ID payload [XAUTH]
Apr 1 11:19:23 fw pluto[18305]: "bioinvent_roadwarrior"[32]
xxx.xxx.xxx.xxx #39: NAT-Traversal: Result using
draft-ietf-ipsec-nat-t-ike-02/03: no NAT detected
Apr 1 11:20:33 fw pluto[18305]: "bioinvent_roadwarrior"[32]
xxx.xxx.xxx.xxx #39: max number of retransmissions (2) reached STATE_MAIN_R2
Apr 1 11:20:33 fw pluto[18305]: "bioinvent_roadwarrior"[32]
xxx.xxx.xxx.xxx: deleting connection "bioinvent_roadwarrior" instance with
peer xxx.xxx.xxx.x
Anybody?
More information about the Users
mailing list