[Openswan Users] Windows Xp client to openswan
paul at xelerance.com
Wed Mar 15 18:33:05 CET 2006
On Wed, 15 Mar 2006, Can Akalin wrote:
> But I am lost at the Windows side. I added the certificate to the windows
> using MMC, downloaded ipsec.exe and ipseccmd.exe. I typed the ipsec and I
> got this error message;
Use lsipsectool.exe from sourceforge, instead of ipsec.exe. ipsec.exe is very
old, has no GUI, and is not really well maintained anymore. lsipsectool uses
the ipsec2k.dll library instead.
> IPSec Version 2.2.0 (c) 2001-2003 Marcus Mueller
> Getting running Config ...
> Microsoft's Windows XP identified
> Setting up IPSec ...*
> * Deactivating old policy...
> Removing old policy...*
> *Connection roadwarrior:
> MyTunnel : 192.168.1.63
> MyNet : 192.168.1.63/255.255.255.255
> PartnerTunnel: 192.168.1.55
> PartnerNet : 192.168.1.55/255.255.255.255
> CA (ID) : C=CA,ST=Ontario,L=Toronto,O=Springboard Retail*
> * PFS : y
> Auto : start
> Auth.Mode : MD5
> Rekeying : 3600S/50000K
> Error 0xcbbb0012 occurred:*
> *The authentication method specified is invalid or unsupported.*
> here is my ipsec.conf at the windows machine,
> *conn roadwarrior
> Retail,CN=can,emailAddress=can at springboardnetworks.com"
Is that "*" part of your config file? If so, remove them.
Also, is rightca= the Id of the Certificate Authority? It should NOT be the
personal certificate ID, but that of the CA.
> Can anyone help me to instruct what to do with ipsec.exe, ipsec.conf and
> ipseccmd.exe at the windows to get the VPN work?
Ditch it for lsipsectool.
Building and integrating Virtual Private Networks with Openswan:
More information about the Users