[Openswan Users] L2TP / IPSEC (certificate) with Cisco Systems, Inc./VPN 3000 Concentrator
Jacco de Leeuw
jacco2 at dds.nl
Mon Oct 9 17:02:37 EDT 2006
Dick wrote:
> No, I'm not using NAT (I'm connecting from an Internet IP address)
Well, the Cisco server could be using NAT. Then again, the Windows
client works, so that cannot be it.
> ipsec auto --listcerts tells me:
000 pubkey: 512 RSA Key HIDEHIDEH, has private key
000 validity: not before Feb 18 10:54:20 2006 ok
000 not after Feb 18 11:04:20 2007 ok
This is your client cert, right? Then you are using rightid="CN=server"
or rightid=@server, and there is no rightcert= line?
Did you install the CA cert correctly? Check the Openswan startup
messages or use ipsec auto --listcerts
I suggest you also take a look at the Cisco logs (if possible) and
see why it is rejecting the connection.
Jacco
--
Jacco de Leeuw mailto:jacco2 at dds.nl
Zaandam, The Netherlands http://www.jacco2.dds.nl
More information about the Users
mailing list