[Openswan Users] L2TP / IPSEC (certificate) with Cisco Systems, Inc./VPN 3000 Concentrator
Dick
dm at chello.nl
Tue Oct 10 04:09:28 EDT 2006
Jacco de Leeuw <jacco2 <at> dds.nl> writes:
> Well, the Cisco server could be using NAT. Then again, the Windows
> client works, so that cannot be it.
The Cisco server is also connected directly to an Internet IP address
> This is your client cert, right? Then you are using rightid="CN=server"
> or rightid= <at> server, and there is no rightcert= line?
I've updated my configuration and nothing changed
> Did you install the CA cert correctly? Check the Openswan startup
> messages or use ipsec auto --listcerts
It isn't in listcerts but I think you mean --listcacerts, it's in there.
> I suggest you also take a look at the Cisco logs (if possible) and
> see why it is rejecting the connection.
We've looked into the Cisco logs but it seems there is nothing logged. I've
tried PSK and we saw an incoming connection on the Concentrator (but I got the
same errors)
greetings,
Dick
More information about the Users
mailing list