[Openswan Users] Getting XAuth

Rajitha Reddy RReddy at mocana.com
Tue Jul 15 17:01:58 EDT 2008 

Hello,



Can you please help with the following question?



I am trying to test my Xauth client with the Openswan Xauth server. Before that, I want to get the Openswan Xauth Server working with Openswan XAuth Client. But, I am getting a "encountered fatal error in state STATE_XAUTH_I1" on the client side.





On the openswan Xauth server, I have done the following to enable Xauth:



1.    Set USE_XAUTH=true in Makefile.inc



2.    make programs



3.    make install



4.    Configured single shared secret (PSK) in /etc/ipsec.secrets:

For ex: 0.0.0.0 1.2.3.4  : PSK "xauth"



5.    Created a file /etc/ipsec.d/passwd with username:passwd:conn_name



6.    Added leftxauthserver=yes in /etc/ipsec.conf



7.    The server and client address are already configured in /etc/ipsec.conf



I have carried out the same steps as above to get an openswan Xauth client except for step 6:



6.    Added leftxauthclient=yes in /etc/ipsec.conf



On the server, I start the ipsec service.



On the client side, I start the ipsec service & ipsec auto --up client. But, I am seeing the following error on the client side:



104 "bison2" #1: STATE_MAIN_I1: initiate

010 "bison2" #1: STATE_MAIN_I1: retransmission; will wait 20s for response

003 "bison2" #1: received Vendor ID payload [Openswan (this version) 2.6.14 ]

003 "bison2" #1: received Vendor ID payload [Dead Peer Detection]

003 "bison2" #1: received Vendor ID payload [XAUTH]

106 "bison2" #1: STATE_MAIN_I2: sent MI2, expecting MR2

108 "bison2" #1: STATE_MAIN_I3: sent MI3, expecting MR3

003 "bison2" #1: received Vendor ID payload [CAN-IKEv2]

004 "bison2" #1: STATE_MAIN_I4: ISAKMP SA established {auth=OAKLEY_PRESHARED_KEY cipher=oakley_3des_cbc_192 prf=oakley_sha group=modp1536}

041 "bison2" #1: bison2 prompt for Username:

Name enter:   user1

040 "bison2" #1: bison2 prompt for Password:

Enter secret:

004 "bison2" #1: STATE_XAUTH_I1: XAUTH client - awaiting CFG_set

037 "bison2" #1: encountered fatal error in state STATE_XAUTH_I1



I would like to know if I have configured the server and client correctly so that I can start testing my client. Can you please let me know if I am missing some steps?



Thanks for your time.

Rajitha.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.openswan.org/pipermail/users/attachments/20080715/8cc39c56/attachment.html

More information about the Users mailing list