[Openswan Users] Openswan <-> WinXp with L2TP and X.509 behind NATs not working
paul at xelerance.com
Sat Nov 18 21:19:12 EST 2006
On Sat, 18 Nov 2006, Florian Hackenberger wrote:
> I've got a problem with the following setup:
> WinXP (192.168.0.37) -> 192.168.0.254 -> (188.8.131.52) INTERNET
> (184.108.40.206) <- 192.168.1.1 <- Linux (192.168.1.158)
> What puzzles me a bit is the following line:
> started looking for secret for C=AT, ST=Steiermark, L=Graz, O=Home, CN=Florian
> Hackenberger, E=f.hackenberger at chello.at->220.127.116.11 of kind PPK_PSK
> Why PPK_PSK? Is this a typo in the code or is it really looking for a PSK?
> However one of the next lines indicates an error (at least to me):
> concluding with best_match=0 best=(nil) (lineno=-1)
Do not enable plutodebug= for configuration issues.
> One of my guesses is that pluto does either not know about my CA (I have not
> found a configuration option for specifying a CA certificate), or tries PSK
> instead of X.509 authentication (no idea why it does so).
run ipsec auto --listall to look at the certificate, CA and private key
Building and integrating Virtual Private Networks with Openswan:
More information about the Users