[Openswan Users] Connecting RH9 <-> Cisco
Oliver Schulze L.
oliver at samera.com.py
Fri Nov 4 16:28:23 CET 2005
Hi Paul,
many thanks for answering.
The parameters I have from the Cisco Admin are:
- sha for doing hash
- 3des for encrypting data
- isakmp: standard parameters
- ports: standard parameters
- using pre shared secret for starting the conection
It seems that I don't get past the ISAKMP negociation stage
Thanks
Oliver
Paul Wouters wrote:
>On Thu, 3 Nov 2005, Oliver Schulze L. wrote:
>
>
>
>>003 "ipsec01" #7: received Vendor ID payload [XAUTH]
>>002 "ipsec01" #7: I did not send a certificate because I do not have one.
>>002 "ipsec01" #7: transition from state STATE_MAIN_I2 to state
>>STATE_MAIN_I3
>>108 "ipsec01" #7: STATE_MAIN_I3: sent MI3, expecting MR3
>>003 "ipsec01" #7: Informational Exchange message is invalid because it
>>has a Message ID of 0
>>010 "ipsec01" #7: STATE_MAIN_I3: retransmission; will wait 20s for
>>response
>>
>>
>
>This is probably an authentication failure.
>Michael will change openswan to actually log this (potentially forged)
>message so the error will become more clear. A bug report for this has
>been created.
>
>
>
>>It seems to be the same error. What parameter should the cisco admin
>>check?
>>
>>
>
>He should give you a list of all paramters you need to know.
>
>
>
>>Can I test first with Aggressivce Mode and later with xauth?
>>
>>
>
>Ofcouse. You can change some paramter, reload the connection and try again.
>
>Paul
>
>
--
Oliver Schulze L.
<oliver at samera.com.py>
More information about the Users
mailing list