[Openswan Users] openswan with sonicwall, payload malformed
Paul Wouters
paul at xelerance.com
Sat Sep 29 17:53:21 EDT 2007
On Sat, 29 Sep 2007, paul pantages wrote:
> [root at rigel pdp]# ipsec verify
> Checking your system to see if IPsec got installed and started correctly:
> Version check and ipsec on-path [OK]
> Linux Openswan U2.4.5/K2.6.20-1.2962.fc6 (netkey)
You should upgrade and try this with openswan 2.4.9.
> conn myclient
> left=172.16.1.35
> leftsubnet=172.16.1.35/32
Leave out the leftsubnet. Otherwise it seems fine.
You could try adding modecfgpull=yes?
> STATE_MAIN_I3
> 108 "myclient" #1: STATE_MAIN_I3: sent MI3, expecting MR3
> 003 "myclient" #1: Mode Config message is unacceptable because it is for
> an incomplete ISAKMP SA (state=STATE_MAIN_I3)
Odd. That might to suggest a buggy implementation on the Sonic Wall. Can
you see if you are running the latest firmware?
Paul
--
Building and integrating Virtual Private Networks with Openswan:
http://www.amazon.com/gp/product/1904811256/104-3099591-2946327?n=283155
More information about the Users
mailing list