[Openswan Users] Netgear DG834
Dale Taylor
dale at bluehall.net
Mon Feb 26 16:19:44 EST 2007
Hi
Im trying to configure a netgear DG834G VPN to connect to Openswan, ive
followed the instructions for the FVS338 (as its similar) but openswan keeps
throwing the following error when adding the connection:
003 ike string error: hash_alg not found, enc_alg="3des", auth_alg="sha1",
modp="modp1024"
I cant seem to find what the error means. Also I don't think that openswan
is talking to the remote device to try and establish a connection - is there
a log anywhere, cant see one in /var/log? Im certain openswan can connect to
this device as the version used in IPCOP used to work.
Here are the settings im using on openswan:
conn someone
type=tunnel
authby=secret
keyexchange=ike
auto=start
pfs=no
# aggrmode=yes
ike=3des-sha1-modp1024
esp=3des-sha1
# LOCAL
left=***server public IP***
leftsubnet=192.168.10.0/24
leftid=me at localid.org
# REMOTE
right=someone.dyndns.org
rightsubnet=192.168.254.0/24
rightnexthop=%defaultroute
rightid=id at remoteid.org
Secrets:
someone.dnydns.org **PUBLIC IP OPENSWAN** : PSK "**shared key***"
The netgear device has the following settings:
Policy Name: openswan
Remote VPN Endpoint: Fixed IP **servers public IP**
Local LAN: 192.168.254.0 / 255.255.255.0
Remote LAN: 192.168.10.0 / 255.255.255.0 (Connected via subnet address)
IKE: Responder Only
Exchange Mode: Main Mode (cant be changed)
DH Group: Auto (cant be changed in responder mode)
Local ID: FQUN id at remoteid.org
Remote ID: FQUN me at localid.org
Enc Alg: 3DES
Auth Alg: Auto (Cant be changed)
PSK: **shared key**
SA Lifetime: 3600
PFS: Off
Any ideas.. im open to offers??
Also anyone know any good hardware based firewalls that work very well and
are stable with openswan?
Any help is greatly appreciated.
--
Dale
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.openswan.org/pipermail/users/attachments/20070226/63a1f626/attachment.html
More information about the Users
mailing list