[Openswan Users] OpenSwan with XAUTH to sonicwall 2040
Gaiseric Vandal
gaiseric.vandal at gmail.com
Wed May 16 19:22:33 EDT 2007
I am attempting to connect to a Sonicwall Pro 2040 (with enhanced OS)
from Openswan on Fedora Core 6. This is with PSK (PreShared Key) and
XAUTH authentication. (Alternately, I have also been trying to connect
with OpenSWAN as an L2TP client, but I will address that in a separate
post.)
I am able to connect if I don't use XAUTH. (This means that I have
most of the settings correct.) If I use XAUTH can get through Phase I
but I never get through XAUTH and onto Phase 2.
I have tried with both RPM version of OpenSwan 2.4.7, as well as
compiling it myself. I compiled it with
USE_XAUTH?=true,
USE_NAT_TRAVERSAL?=true
USE_NAT_TRAVERSAL_TRANSPORT_MODE?=true
USE_XAUTHPAM?=true
The configuration is as follows (the VPN user is "left.")
__________________________________________________ _______________
conn xauth1
type=tunnel
#left=%defaultroute
left=192.168.1.x
leftsubnet=192.168.1.0/24
leftid=@GroupVPN
leftxauthclient=yes
#right=%any
right=sonicwall.public.ip.address
rightsubnet=192.168.0.0/24
rightid=@pro2040
rightxauthserver=yes
keyingtries=0
pfs=no
auto=add
auth=esp
esp=3des-sha1
ike=3des-sha1-modp1024
xauth=yes
authby=secret
aggrmode=no
dpddelay=5
dpdtimeout=60
dpdaction=clear
__________________________________________________ _______________
I try connect with either of the following commands
# ipsec whack --name xauth1 --xauthname=myname --xauthpass=mypassword
--initiate
# ipsec whack --name xauth1 --initiate
I had tried this is the past with the Sonicwall Pro100- again, I could
only connect with XAUTH disabled.
-Thanks
More information about the Users
mailing list