[Openswan Users] Problem with OpenSwan and windows mobile 6.0
Denis Beltramo
denis at denisio.net
Tue Feb 19 04:01:23 EST 2008
This is all that i could say, windows mobile say only that is impossibile to
connect to network:
10:24:13.581013 IP 172.31.1.194.isakmp > 172.31.1.190.isakmp: isakmp: phase
1 I ident
10:24:13.582465 IP 172.31.1.190.isakmp > 172.31.1.194.isakmp: isakmp: phase
1 R ident
10:24:18.582216 arp who-has 172.31.1.194 tell 172.31.1.190
10:24:18.904019 arp reply 172.31.1.194 is-at 00:09:2d:da:cb:cc (oui Unknown)
10:24:22.587450 IP 172.31.1.194.isakmp > 172.31.1.190.isakmp: isakmp: phase
1 I ident
10:24:22.671162 IP 172.31.1.190.isakmp > 172.31.1.194.isakmp: isakmp: phase
1 R ident
10:24:26.014066 IP 172.31.1.194.isakmp > 172.31.1.190.isakmp: isakmp: phase
2/others I inf[E]
10:24:26.015237 IP 172.31.1.190.isakmp > 172.31.1.194.isakmp: isakmp: phase
2/others R inf
10:24:26.387174 IP 172.31.1.194.isakmp > 172.31.1.190.isakmp: isakmp: phase
2/others I inf[E]
10:24:26.686534 IP 172.31.1.194 > 172.31.1.190: ICMP 172.31.1.194 udp port
isakmp unreachable, length 76
10:24:32.686003 IP 172.31.1.190.isakmp > 172.31.1.194.isakmp: isakmp: phase
1 R ident
10:24:32.830541 IP 172.31.1.194 > 172.31.1.190: ICMP 172.31.1.194 udp port
isakmp unreachable, length 156
10:24:52.829565 IP 172.31.1.190.isakmp > 172.31.1.194.isakmp: isakmp: phase
1 R ident
10:24:52.899268 IP 172.31.1.194 > 172.31.1.190: ICMP 172.31.1.194 udp port
isakmp unreachable, length 156
ipsec.conf
version 2.0
config setup
interfaces=%defaultroute
virtual_private=%v4:
10.0.0.0/8,%v4:172.16.0.0/12,%v4:192.168.0.0/16,%v4:!172.31.1.0/24
klipsdebug=none
plutodebug=none
conn %default
keyingtries=3
compress=yes
disablearrivalcheck=no
authby=rsasig
leftrsasigkey=%cert
rightrsasigkey=%cert
keyexchange=ike
ikelifetime=240m
keylife=60m
conn roadwarrior-l2tp
leftprotoport=17/1701
rightprotoport=17/1701
also=roadwarrior
conn roadwarrior
left=172.31.1.190
leftcert=pubblica.pem
right=%any
auto=add
pfs=no
conn roadwarrior-all
leftsubnet=0.0.0.0/0
also=roadwarrior
conn roadwarrior-l2tp-updatedwin
leftprotoport=17/1701
rightprotoport=17/1701
also=roadwarrior
conn block
auto=ignore
conn private
auto=ignore
conn private-or-clear
auto=ignore
conn clear-or-private
auto=ignore
conn clear
auto=ignore
conn packetdefault
auto=ignore
On Feb 18, 2008 9:35 PM, Paul Wouters <paul at xelerance.com> wrote:
> On Mon, 18 Feb 2008, Denis Beltramo wrote:
>
> The best you can hope for is a misconfiguration. Do you have any logs on
> the mobile device?
>
> Paul
>
> > Date: Mon, 18 Feb 2008 17:44:59 +0100
> > From: Denis Beltramo <denis at denisio.net>
> > To: <users at openswan.org>
> > Subject: [Openswan Users] Problem with OpenSwan and windows mobile 6.0
> >
> > Hello,
> >
> > I havve this problem, i have a server with openswan and l2tpd, i have
> > configured and tested: between linux and linux work, between linux
> openswan
> > and windows xp home sp2 work, but between linux openswan server and
> windows
> > mobile 6 don't work.
> > this is ipsec barf output:
> > Feb 18 19:01:08 testradiu2 pluto[31465]: "roadwarrior"[2] 172.31.1.194#2:
> > responding to Main Mode from unknown peer 172.31.1.194
> > Feb 18 19:01:08 testradiu2 pluto[31465]: "roadwarrior"[2] 172.31.1.194#2:
> > transition from state STATE_MAIN_R0 to state STATE_MAIN_R1
> > Feb 18 19:01:08 testradiu2 pluto[31465]: "roadwarrior"[2] 172.31.1.194#2:
> > STATE_MAIN_R1: sent MR1, expecting MI2
> > Feb 18 19:01:17 testradiu2 pluto[31465]: "roadwarrior"[2] 172.31.1.194#2:
> > NAT-Traversal: Result using draft-ietf-ipsec-nat-t-ike-02/03: no NAT
> > detected
> > Feb 18 19:01:17 testradiu2 pluto[31465]: "roadwarrior"[2] 172.31.1.194#2:
> > transition from state STATE_MAIN_R1 to state STATE_MAIN_R2
> > Feb 18 19:01:17 testradiu2 pluto[31465]: "roadwarrior"[2] 172.31.1.194#2:
> > STATE_MAIN_R2: sent MR2, expecting MI3
> > Feb 18 19:01:20 testradiu2 pluto[31465]: "roadwarrior"[2] 172.31.1.194#2:
> > next payload type of ISAKMP Hash Payload has an unknown value: 76
> > Feb 18 19:01:20 testradiu2 pluto[31465]: "roadwarrior"[2] 172.31.1.194#2:
> > malformed payload in packet
> > Feb 18 19:01:20 testradiu2 pluto[31465]: "roadwarrior"[2] 172.31.1.194#2:
> > sending notification PAYLOAD_MALFORMED to 172.31.1.194:500
> > Feb 18 19:01:20 testradiu2 pluto[31465]: "roadwarrior"[2] 172.31.1.194#2:
> > next payload type of ISAKMP Hash Payload has an unknown value: 125
> > Feb 18 19:01:20 testradiu2 pluto[31465]: "roadwarrior"[2] 172.31.1.194#2:
> > malformed payload in packet
> > Feb 18 19:01:27 testradiu2 pluto[31465]: ERROR: asynchronous network
> error
> > report on eth0 (sport=500) for message to 172.31.1.194 port 500,
> complainant
> > 172.31.1.194: Connection refused [errno 111, origin ICMP type 3 code 3
> (not
> > authenticated)]
> > Feb 18 19:01:47 testradiu2 pluto[31465]: ERROR: asynchronous network
> error
> > report on eth0 (sport=500) for message to 172.31.1.194 port 500,
> complainant
> > 172.31.1.194: Connection refused [errno 111, origin ICMP type 3 code 3
> (not
> > authenticated)]
> > Feb 18 19:02:27 testradiu2 pluto[31465]: "roadwarrior"[2] 172.31.1.194#2:
> > max number of retransmissions (2) reached STATE_MAIN_R2
> > Feb 18 19:02:27 testradiu2 pluto[31465]: "roadwarrior"[2] 172.31.1.194:
> > deleting connection "roadwarrior" instance with peer
> > 172.31.1.194{isakmp=#0/ipsec=#0}
> >
> > Do you have any suggenstion?
> >
> > Thanks!
> >
> >
>
> --
> Building and integrating Virtual Private Networks with Openswan:
> http://www.amazon.com/gp/product/1904811256/104-3099591-2946327?n=283155
>
--
Denis Beltramo
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.openswan.org/pipermail/users/attachments/20080219/83721af5/attachment-0001.html
More information about the Users
mailing list