[Openswan Users] openswan to cisco pix ipsec problem (isakmp error)

Teodor Iacob theo at kappa.ro
Fri Jun 29 15:31:45 EDT 2007


Hi,

I'm trying to setup a linux box to connect to a Cisco Pix device for 
which you can find the config attached. Also attached you can find
the ipsec.conf and logs from both linux box and the cisco device.
I've been given by this provider the following comments to setup
this connection:

Encryption Phase 1(IKE):
Key management = IKE
Diffie-Hellman Group = 2
Encrypt Algorithm = 3DES
Hash Algorithm = SHA1
Authentication Method = Preshared
Life Time = 14400sec

Encryption Phase 2(IPSec):
Encapsulation = ESP
Encrypt Algorithm = 3DES
Hash Algorithm = SHA1
Perfect Forward Secrecy = NO
Life Time = 28800 sec

The connection is done over the internet with public ip addresses.
The linux box is running Fedora Core 6 with OpenSwan 2.4.5-2.1 (rpm package)
Any help is highly appreciated...

Thank you,

-- 

Teodor Iacob

-------------- next part --------------
An embedded and charset-unspecified text was scrubbed...
Name: cisco-log.txt
Url: http://lists.openswan.org/pipermail/users/attachments/20070629/a01e8d2d/attachment.txt 
-------------- next part --------------
An embedded and charset-unspecified text was scrubbed...
Name: linux-config.txt
Url: http://lists.openswan.org/pipermail/users/attachments/20070629/a01e8d2d/attachment-0001.txt 
-------------- next part --------------
An embedded and charset-unspecified text was scrubbed...
Name: linux-log.txt
Url: http://lists.openswan.org/pipermail/users/attachments/20070629/a01e8d2d/attachment-0002.txt 
-------------- next part --------------
An embedded and charset-unspecified text was scrubbed...
Name: pix-config.txt
Url: http://lists.openswan.org/pipermail/users/attachments/20070629/a01e8d2d/attachment-0003.txt 


More information about the Users mailing list