[Openswan Users] linksys (befsx41-ca) issues
Corey
corey_s at qwest.net
Sat Oct 8 23:22:30 CEST 2005
Having some problems - hoping I can get some help; linksys is being a pain.
I've seen that other's have successfully gotten their linksys befsx41 working
with FreeS/wan - but I'm not having any luck w/ OpenSwan.
These appear to be the two most prominent issues I'm seeing:
OAKLEY_DES_CBC is not supported. Attribute OAKLEY_ENCRYPTION_ALGORITHM
and shortly thereafter:
transition from state STATE_MAIN_R1 to state STATE_MAIN_R2
next payload type of ISAKMP Identification Payload has an unknown value: 33
I've read that that the OAKLEY_DES is unsupported because it is single DES and
insecure; that's fine, so I'm supposed to use 3DES on my linksys -- which I'm
doing. But for whatever reason, it's still failing. ( for you linksys users
out there - I can't get the thing to save '3DES' in the "Advanced Settings"
for "Proposal 1"... )
So then it goes onto the 'ISAKMP'... what's with the "unknown value: 33"? I
don't even know where that's coming from.
In my VPN settings on the linksys router, I've got the following configured:
Encryption: 3DES
Authentication: MD5
Key Management: Auto. (IKE)
PFS: (disabled/enabled) -- doesnt' seem to matter?
Pre-Shared Key: will only allow me to enter 24 characters in this field -- !?
( the preshared key in my ipsec.secrets file is some 71 characters )
So, as you can see - there seems to be a couple things working against me -
#1 the "Advanced Settings" won't allow me to save '3DES' ...
#2 the "Pre-Shared Key" field on the web interface for the router doesn't
allow for enough characters for the pre-shared key in my ipsec.secrets...
Anyone out there currently using the linksys befsx41-ca with OpenSwan in a
successfull manner?
Any help much appreciated!
I've already read/tried the following with no success:
http://www.livejournal.com/users/ldeviator/199614.html?mode=reply
http://wiki.openswan.org/index.php/Linksys BEFSX41
http://www.freeswan.ca/docs/BEFVP41/
http://www.freeswan.org/freeswan_snaps/CURRENT-SNAP/doc/faq.html#noDESsupport
I'm also completely new to FreeSwan/OpenSwan ... so that doesn't help my
situation at all...
Many thanks!
More information about the Users
mailing list