[Openswan Users] Netgear DG834

*TECH SUPPORT* techsupport at englandagency.com
Mon Feb 26 16:16:31 EST 2007


Hi

Im trying to configure a netgear DG834G VPN to connect to Openswan, ive
followed the instructions for the FVS338 (as its similar) but openswan
keeps throwing the following error when adding the connection:

003 ike string error: hash_alg not found, enc_alg="3des",
auth_alg="sha1", modp="modp1024"

I cant seem to find what the error means. Also I don't think that
openswan is talking to the remote device to try and establish a
connection - is there a log anywhere, cant see one in /var/log? Im
certain openswan can connect to this device as the version used in IPCOP
used to work.

Here are the settings im using on openswan:

conn someone
        type=tunnel
        authby=secret
        keyexchange=ike
        auto=start
        pfs=no
        # aggrmode=yes
        ike=3des-sha1-modp1024
        esp=3des-sha1
        # LOCAL
        left=***server public IP***
        leftsubnet=192.168.10.0/24
        leftid=me at localid.org
        # REMOTE
        right=someone.dyndns.org
        rightsubnet=192.168.254.0/24
        rightnexthop=%defaultroute
        rightid=id at remoteid.org

Secrets:
someone.dnydns.org **PUBLIC IP OPENSWAN** : PSK "**shared key***"

The netgear device has the following settings:

Policy Name: openswan
Remote VPN Endpoint: Fixed IP **servers public IP**
Local LAN: 192.168.254.0 / 255.255.255.0
Remote LAN: 192.168.10.0 / 255.255.255.0 (Connected via subnet address)
IKE: Responder Only
Exchange Mode: Main Mode (cant be changed)
DH Group: Auto (cant be changed in responder mode)
Local ID: FQUN id at remoteid.org 
Remote ID: FQUN me at localid.org 
Enc Alg: 3DES
Auth Alg: Auto (Cant be changed)
PSK: **shared key**
SA Lifetime: 3600
PFS: Off

Any ideas.. im open to offers??

Also anyone know any good hardware based firewalls that work very well
and are stable with openswan? 

Any help is greatly appreciated.

-- 
Dale 


More information about the Users mailing list