[Openswan Users] Fw: zywall 30w to FreeS/WAN on SLES 9.0 2.6
kernal question
Paul Wouters
paul at xelerance.com
Tue May 24 12:29:08 CEST 2005
On Mon, 23 May 2005, LeRoy Grubbs wrote:
> I have loaded Openswan and reset up the configuration. Getting farther but not quite there yet. Here's a link to the configuration files: http://www.advbuscomputing.com/zywall_config.html and a running log.
>
> Thanks in advance, this is encouraging.
I see you have it running now on your webpage. I do notice that you have
"Perfect Forward Secrecy set to "NONE". Change that to YES (or whatever option it has)
and remove "pfs=no" from your openswan configuration file. That is a more secure setup.
Paul
> LeRoy
>
> Messages -->
> May 24 13:05:36 UIWMO pluto[2083]: packet from 63.252.100.58:500: ignoring unknown Vendor ID payload [625027749d5ab97f5616c1602765cf480a3b7d0b]
> May 24 13:05:36 UIWMO pluto[2083]: packet from 63.252.100.58:500: initial Main Mode message received on 65.41.196.190:500 but no connection has been authorized
> May 24 13:05:40 UIWMO pluto[2083]: "ui" #3: initiating Main Mode to replace #1
> May 24 13:05:40 UIWMO pluto[2083]: | no IKE algorithms for this connection
> May 24 13:05:40 UIWMO pluto[2083]: "ui" #3: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-00]
> May 24 13:05:40 UIWMO pluto[2083]: "ui" #3: ignoring unknown Vendor ID payload [b858d1addd08c1e8adafea150608aa4497aa6cc8]
> May 24 13:05:40 UIWMO pluto[2083]: "ui" #3: enabling possible NAT-traversal with method draft-ietf-ipsec-nat-t-ike-02/03
> May 24 13:05:40 UIWMO pluto[2083]: "ui" #3: transition from state STATE_MAIN_I1 to state STATE_MAIN_I2
> May 24 13:05:41 UIWMO pluto[2083]: "ui" #3: I did not send a certificate because I do not have one.
> May 24 13:05:41 UIWMO pluto[2083]: "ui" #3: NAT-Traversal: Result using draft-ietf-ipsec-nat-t-ike-00/01: no NAT detected
> May 24 13:05:41 UIWMO pluto[2083]: "ui" #3: transition from state STATE_MAIN_I2 to state STATE_MAIN_I3
> May 24 13:05:41 UIWMO pluto[2083]: "ui" #3: Main mode peer ID is ID_IPV4_ADDR: '68.187.11.100'
> May 24 13:05:41 UIWMO pluto[2083]: "ui" #3: transition from state STATE_MAIN_I3 to state STATE_MAIN_I4
> May 24 13:05:41 UIWMO pluto[2083]: "ui" #3: ISAKMP SA established
> May 24 13:05:52 UIWMO pluto[2083]: packet from 63.252.100.58:500: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-00]
> May 24 13:05:52 UIWMO pluto[2083]: packet from 63.252.100.58:500: ignoring unknown Vendor ID payload [625027749d5ab97f5616c1602765cf480a3b7d0b]
> May 24 13:05:52 UIWMO pluto[2083]: packet from 63.252.100.58:500: initial Main Mode message received on 65.41.196.190:500 but no connection has been authorized
>
>
>
> _______________________________________________
> Users mailing list
> Users at openswan.org
> http://lists.openswan.org/mailman/listinfo/users
>
More information about the Users
mailing list