[Openswan Users] Connecting RH9 <-> Cisco
Paul Wouters
paul at xelerance.com
Fri Nov 4 01:59:45 CET 2005
On Thu, 3 Nov 2005, Oliver Schulze L. wrote:
> 003 "ipsec01" #7: received Vendor ID payload [XAUTH]
> 002 "ipsec01" #7: I did not send a certificate because I do not have one.
> 002 "ipsec01" #7: transition from state STATE_MAIN_I2 to state
> STATE_MAIN_I3
> 108 "ipsec01" #7: STATE_MAIN_I3: sent MI3, expecting MR3
> 003 "ipsec01" #7: Informational Exchange message is invalid because it
> has a Message ID of 0
> 010 "ipsec01" #7: STATE_MAIN_I3: retransmission; will wait 20s for
> response
This is probably an authentication failure.
Michael will change openswan to actually log this (potentially forged)
message so the error will become more clear. A bug report for this has
been created.
> It seems to be the same error. What parameter should the cisco admin
> check?
He should give you a list of all paramters you need to know.
> Can I test first with Aggressivce Mode and later with xauth?
Ofcouse. You can change some paramter, reload the connection and try again.
Paul
More information about the Users
mailing list