[Openswan Users] l2tp ike phase 2 quick mode message

George Wu aihuawu at gmail.com
Sat Feb 3 04:10:28 EST 2007 

Hi, all:

I can set up openswan to talk to both openswan and strongswan.
But when I try it with Xp(SP2) or windows 2003 (SP1). Neither works.
My kernel is 2.6.17 using netkey.
My openswan is 2.4.5

It seems my /var/log/secure doesn't exists,  I use tcpdump port 500
to print the message.  Also on windows, I check the file oakley.log file.

I can see the phase 1 succeeds, the problem is with phase 2.
The following log file shows.
Xp sends openswan
        exchange: Oakley Quick Mode
Openswan replies:
        exchange: ISAKMP Informational Exchange
Any suggestions?

Thank you very much.

George Wu


Openswan box:  (192.168.1.131). 

15:27:57.797610 IP 192.168.1.128.500 > 192.168.1.131.500: isakmp: phase 2/others
 I oakley-quick[E]
15:28:00.057977 IP 192.168.1.131.500 > 192.168.1.128.500: isakmp: phase 2/others
 R inf[E]
15:28:02.026189 IP 192.168.1.131.500 > 192.168.1.128.500: isakmp: phase 2/others
 R inf[E]
15:28:03.083805 IP 192.168.1.128.500 > 192.168.1.131.500: isakmp: phase 2/others
 I oakley-quick[E]
15:28:04.902313 IP 192.168.1.131.500 > 192.168.1.128.500: isakmp: phase 2/others
 R inf[E]
15:28:07.810272 IP 192.168.1.128.500 > 192.168.1.131.500: isakmp: phase 2/others
 I oakley-quick[E]
15:28:09.619009 IP 192.168.1.131.500 > 192.168.1.128.500: isakmp: phase 2/others
 R inf[E]
15:28:12.735945 IP 192.168.1.128.500 > 192.168.1.131.500: isakmp: phase 2/others
 I inf[E]
15:28:13.898832 IP 192.168.1.131.500 > 192.168.1.128.500: isakmp: phase 2/others
 R inf[E]

Xp box  (192.168.1.128). 

 2-03: 16:00:49:7:7c8 Sending: SA = 0x018203C0 to 192.168.1.131:Type 2.500
 2-03: 16:00:49:7:7c8 ISAKMP Header: (V1.0), len = 1300
 2-03: 16:00:49:7:7c8   I-COOKIE 1402e523840656ca
 2-03: 16:00:49:7:7c8   R-COOKIE e0aa9e696a1964e6
 2-03: 16:00:49:7:7c8   exchange: Oakley Quick Mode
 2-03: 16:00:49:7:7c8   flags: 1 ( encrypted )
 2-03: 16:00:49:7:7c8   next payload: HASH
 2-03: 16:00:49:7:7c8   message ID: 1921faed
 2-03: 16:00:49:7:7c8 Ports S:f401 D:f401
 2-03: 16:00:49:741:868 
 2-03: 16:00:49:741:868 Receive: (get) SA = 0x018203c0 from 192.168.1.131.500
 2-03: 16:00:49:741:868 ISAKMP Header: (V1.0), len = 68
 2-03: 16:00:49:741:868   I-COOKIE 1402e523840656ca
 2-03: 16:00:49:741:868   R-COOKIE e0aa9e696a1964e6
 2-03: 16:00:49:741:868   exchange: ISAKMP Informational Exchange
 2-03: 16:00:49:741:868   flags: 1 ( encrypted )
 2-03: 16:00:49:741:868   next payload: HASH
 2-03: 16:00:49:741:868   message ID: 1740b820
 2-03: 16:00:49:741:868 processing HASH (Notify/Delete)
 2-03: 16:00:49:741:868 processing payload NOTIFY
 2-03: 16:00:49:741:868 notify: INVALID-ID-INFORMATION
 2-03: 16:00:49:741:868 isadb_set_status sa:018203C0 centry:00000000 status 3601
 2-03: 16:00:50:678:868 
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.openswan.org/pipermail/users/attachments/20070203/16ac2767/attachment.html

More information about the Users mailing list