[Openswan Users] Creating Win XP vpn connection
peters at exemplar-associates.com
peters at exemplar-associates.com
Fri May 12 11:38:55 CEST 2006
On Monday, 8 May 2006 09:48:43, Jacco de Leeuw wrote:
> > I am not attempting to use NAT-T because we don't use NAT internally.
> > Also, my ipsec.conf has 17/1701 so I don't understand why it appears
> > as 17/0 in the log.
>=20
> Because the non-updated client is asking for it. Either install the NAT-T
> update on the client (even if you are not using NAT-T), or change =
ipsec.conf
> to 17/0 which will block updated clients including XP SP2. I myself would
> prefer updating the client.
>=20
> Jacco
Rather than upset any of my client settings straight-away, I thought
I would try setting the server to 17/0
I think it has made more progress and I haven't seen the message
=22IPsec SA established=22 before.
Does this mean the ipsec is now working and I should turn my attention
to l2tp ?
Thanks,
Peter
May 12 10:13:13 localhost pluto=5B7581=5D: packet from 192.168.x.y:500:
Informational Exchange is for an unknown (expired?) SA
May 12 10:13:44 localhost pluto=5B7581=5D: packet from 192.168.x.y:500:
ignoring Vendor ID payload =5BMS NT5 ISAKMPOAKLEY 00000003=5D
May 12 10:13:44 localhost pluto=5B7581=5D: =22mobile=22=5B2=5D 192.168.x.y =
=233:
responding to Main Mode from unknown peer 192.168.x.y
May 12 10:13:44 localhost pluto=5B7581=5D: =22mobile=22=5B2=5D 192.168.x.y =
=233:
transition from state STATE_MAIN_R0 to state STATE_MAIN_R1
May 12 10:13:44 localhost pluto=5B7581=5D: =22mobile=22=5B2=5D 192.168.x.y =
=233:
STATE_MAIN_R1: sent MR1, expecting MI2
May 12 10:13:44 localhost pluto=5B7581=5D: =22mobile=22=5B2=5D 192.168.x.y =
=233:
transition from state STATE_MAIN_R1 to state STATE_MAIN_R2
May 12 10:13:44 localhost pluto=5B7581=5D: =22mobile=22=5B2=5D 192.168.x.y =
=233:
STATE_MAIN_R2: sent MR2, expecting MI3
May 12 10:13:44 localhost pluto=5B7581=5D: =22mobile=22=5B2=5D 192.168.x.y =
=233:
Main mode peer ID is ID_DER_ASN1_DN: 'C=3Detc etc'
May 12 10:13:44 localhost pluto=5B7581=5D: =22mobile=22=5B2=5D 192.168.x.y =
=233:
I am sending my cert
May 12 10:13:44 localhost pluto=5B7581=5D: =22mobile=22=5B2=5D 192.168.x.y =
=233:
transition from state STATE_MAIN_R2 to state STATE_MAIN_R3
May 12 10:13:44 localhost pluto=5B7581=5D: =22mobile=22=5B2=5D 192.168.x.y =
=233:
STATE_MAIN_R3: sent MR3, ISAKMP SA established
=7Bauth=3DOAKLEY_RSA_SIG cipher=3Doakley_3des_cbc_192 prf=3Doakley_sha =
group=3Dmodp1024=7D
May 12 10:13:44 localhost pluto=5B7581=5D: =22mobile=22=5B2=5D 192.168.x.y =
=234:
responding to Quick Mode =7Bmsgid:64a00178=7D
May 12 10:13:44 localhost pluto=5B7581=5D: =22mobile=22=5B2=5D 192.168.x.y =
=234:
transition from state STATE_QUICK_R0 to state STATE_QUICK_R1
May 12 10:13:44 localhost pluto=5B7581=5D: =22mobile=22=5B2=5D 192.168.x.y =
=234:
STATE_QUICK_R1: sent QR1, inbound IPsec SA installed,expecting QI2
May 12 10:13:44 localhost pluto=5B7581=5D: =22mobile=22=5B2=5D 192.168.x.y =
=234:
transition from state STATE_QUICK_R1 to state STATE_QUICK_R2
May 12 10:13:44 localhost pluto=5B7581=5D: =22mobile=22=5B2=5D 192.168.x.y =
=234:
STATE_QUICK_R2: IPsec SA established
=7BESP=3D>0xe0bb4bb7 <0x4a0d0bd5 xfrm=3D3DES_0-HMAC_MD5 NATD=3Dnone =
DPD=3Dnone=7D
May 12 10:13:46 localhost pluto=5B7581=5D: =22mobile=22=5B2=5D 192.168.x.y =
=233:
received Delete SA(0xe0bb4bb7) payload: deleting IPSEC State =234
May 12 10:13:46 localhost pluto=5B7581=5D: =22mobile=22=5B2=5D 192.168.x.y =
=233:
received and ignored informational message
May 12 10:13:46 localhost pluto=5B7581=5D: =22mobile=22=5B2=5D 192.168.x.y =
=233:
received Delete SA payload: deleting ISAKMP State =233
May 12 10:13:46 localhost pluto=5B7581=5D: packet from 192.168.x.y:500:
received and ignored informational message
More information about the Users
mailing list