[Openswan Users] Creating Win XP vpn connection
Paul Wouters
paul at xelerance.com
Wed Apr 26 20:43:26 CEST 2006
On Wed, 26 Apr 2006, peters at exemplar-associates.com wrote:
> I am working on two issues with establishing the ipsec connection
>
> 1. =22no suitable connection for peer=22 error.
> 2. the ipsec.secrets file is not working.
1 might be caused by 2.
> Xray:=7E=24 sudo ipsec secrets
> Enter secret:
> 040 need passphrase for '/etc/ipsec.d/private/xray.exemplarassociates.key'
> 004 valid passphrase, private key loaded successfully
So that reads in the key, but did the corresponding public key and certificate
load?
> ipsec auto --listall
> only shows the CA and 2 revoked certificates which is odd.
That still makes sense if your gateway's configured public cert has expired
or was revoked in a CRL you load. Do you have a leftcert= that loads the
gateway's certificate that corresponds to the private key you are loading?
> Checking for RSA private key (/etc/ipsec.secrets) =5BFAILED=5D
> ipsec showhostkey: no default key in =22/etc/ipsec.secrets=22
That's fine, since you use X.509, not raw RSA.
Paul
--
Building and integrating Virtual Private Networks with Openswan:
http://www.amazon.com/gp/product/1904811256/104-3099591-2946327?n=283155
More information about the Users
mailing list