[Openswan Users] win2000+certificates---openswan
=?gb2312?B?zMbd7cDZ?=
a1406 at 163.com
Sun May 8 17:05:45 CEST 2005
i have builded
win98+certificates ---openswan
winxp+psk-----openswan
success
but i can not build win2000+certificates-----openswan
when i connected,it shows "you do not have suitale certificates "
this time i found the /var/log/secure
May 8 16:03:23 localhost pluto[2503]: packet from 192.168.0.68:500: ignoring Vendor ID payload [MS NT5 ISAKMPOAKLEY 00000002]
May 8 16:03:23 localhost pluto[2503]: "testcert2000" #1: responding to Main Mode
May 8 16:03:23 localhost pluto[2503]: "testcert2000" #1: transition from state STATE_MAIN_R0 to state STATE_MAIN_R1
May 8 16:03:24 localhost pluto[2503]: "testcert2000" #1: transition from state STATE_MAIN_R1 to state STATE_MAIN_R2
May 8 16:03:24 localhost pluto[2503]: "testcert2000" #1: next payload type of ISAKMP Hash Payload has an unknown value: 72
May 8 16:03:24 localhost pluto[2503]: "testcert2000" #1: malformed payload in packet
May 8 16:03:24 localhost pluto[2503]: "testcert2000" #1: sending notification PAYLOAD_MALFORMED to 192.168.0.68:500
May 8 16:03:24 localhost pluto[2503]: "testcert2000" #1: failed to build notification for spisize=0
May 8 16:03:24 localhost pluto[2503]: "testcert2000" #1: byte 2 of ISAKMP Hash Payload must be zero, but is not
May 8 16:03:24 localhost pluto[2503]: "testcert2000" #1: malformed payload in packet
my ipsec.conf is like this
conn testcert2000
left=192.168.0.67
right=192.168.0.68
authby=rsasig
pfs=no
leftprotoport=17/1701
rightprotoport=17/1701
auto=add
rightrsasigkey=%cert
rightcert=/home/zhengshu/68client.crt
leftrsasigkey=%cert
leftcert=/home/zhengshu/67client.crt
my ipsec.secrets is like this
: RSA /home/zhengshu/67.key "123456789"
who knows what is wrong?
who can help me,thanks very very very much~
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.openswan.org/pipermail/users/attachments/20050508/41d2080c/attachment-0001.htm
More information about the Users
mailing list