[Openswan Users] vista AuthIP
Marco Berizzi
pupilla at hotmail.com
Thu Dec 20 11:27:42 EST 2007
Jacco de Leeuw wrote:
>
> Paul Wouters wrote:
>
> > On Wed, 5 Sep 2007, Marco Berizzi wrote:
> >
> > Show us the logs on the openswan end. And preferable the OAKLEY.LOG
on
> > the windows end.
> >
> > Openswan just ignores unknown vendorid's, so the microsoft devel
team
> > seems to be wrong here. There is another reason for the failure.
> >
> >> Date: Wed, 5 Sep 2007 14:40:18 +0200
> >> From: Marco Berizzi <pupilla at hotmail.com>
> >>
> >> I have an interoperability problem with
> >> vista.
> >> [...]
> >> Basically what they [M$ development team] confirm is
> >> The 133 payload is an AuthIP payload, an IKE extension that we have
> >> introduced in Vista.
> >>
> >> The 133 payload is sent under exchange type 243. Looks like what is
> >> happening is that the linux implementation is accepting the
exchange
> >> type 243 packet (it should drop it) and failing the negotiation
when it
> >> finds a 133 payload in the packet.
>
> I have been informed (not by Microsoft) that this is a bug in Vista
and that
> it has been fixed starting from Windows Vista Service Pack 1 Beta
6001.17036
> v.652.
>
> For more details see:
> http://www.jacco2.dds.nl/networking/vista-openswan.html#pure_IPsec
Thanks Jacco.
I have applied vista beta sp1 and now vista talk with
openswan.
Here is the link for beta sp1:
http://www.microsoft.com/downloads/details.aspx?FamilyId=2FA54665-7716-47D9-B9B7-5CFDF71198CB&displaylang=en
More information about the Users
mailing list