[Openswan Users] Firewall rules for Openswan and Ipsec tool in
win xp...
Paul Wouters
paul at xelerance.com
Tue May 10 13:19:14 CEST 2005
On Tue, 10 May 2005, Deepak Naidu wrote:
> 5-10: 09:12:03:268:b08 Looking for IPSec only cert
> 5-10: 09:12:03:268:b08 failed to get chain 80092004
> 5-10: 09:12:03:268:b08 Looking for any cert
> 5-10: 09:12:03:268:b08 failed to get chain 80092004
> 5-10: 09:12:03:268:b08 ProcessFailure: sa:000F0668 centry:00000000 status:35ee
> 5-10: 09:12:03:268:b08 isadb_set_status sa:000F0668 centry:00000000 status 35ee
> 5-10: 09:12:03:268:b08 Key Exchange Mode (Main Mode)
> 5-10: 09:12:03:268:b08 Source IP Address 192.168.1.2 Source IP Address Mask 255.255.255.255 Destination IP Address 202.149.x.x Destination IP Address Mask 255.255.255.255 Protocol 0 Source Port 0 Destination Port 0 IKE Local Addr 192.168.1.2 IKE Peer Addr 202.149.x.x
> 5-10: 09:12:03:268:b08 Certificate based Identity. Peer IP Address: 202.149.x.x
> 5-10: 09:12:03:268:b08 Me
> 5-10: 09:12:03:268:b08 IKE failed to find valid machine certificate
You do not have a proper certificate loaded on the machine, or you have a wrong
rightca paramter in your windows' ipsec.conf file.
You can try to import the cert using certimport.exe, see
ftp://ftp.openswan.org/openswan/windows/certimport/
Paul
More information about the Users
mailing list