[Openswan Users] vista AuthIP

Jacco de Leeuw jacco2 at dds.nl
Mon Nov 12 12:07:48 EST 2007

Paul Wouters wrote:

> On Wed, 5 Sep 2007, Marco Berizzi wrote:
> Show us the logs on the openswan end. And preferable the OAKLEY.LOG on
> the windows end.
> Openswan just ignores unknown vendorid's, so the microsoft devel team
> seems to be wrong here. There is another reason for the failure.
>> Date: Wed, 5 Sep 2007 14:40:18 +0200
>> From: Marco Berizzi <pupilla at hotmail.com>
>> I have an interoperability problem with
>> vista.
>> [...]
>> Basically what they [M$ development team] confirm is
>> The 133 payload is an AuthIP payload, an IKE extension that we have
>> introduced in Vista.
>> The 133 payload is sent under exchange type 243. Looks like what is
>> happening is that the linux implementation is accepting the exchange
>> type 243 packet (it should drop it) and failing the negotiation when it
>> finds a 133 payload in the packet.

I have been informed (not by Microsoft) that this is a bug in Vista and that
it has been fixed starting from Windows Vista Service Pack 1 Beta 6001.17036

For more details see:

Jacco de Leeuw                         mailto:jacco2 at dds.nl
Zaandam, The Netherlands           http://www.jacco2.dds.nl

More information about the Users mailing list