[Openswan Users] Connection against a Lucent FW success!!!! but may be there's still room for improvement
Paul Wouters
paul at xelerance.com
Tue Sep 9 14:20:39 EDT 2008
On Tue, 9 Sep 2008, Rolando Zappacosta wrote:
> just have this finally working!!!! :-)) I'll post a howto on it, I promess. Now, and as I get this:
>
> RJZ-LNX pluto # ipsec auto --up Intranet
> 112 "Intranet" #1: STATE_AGGR_I1: initiate
> 003 "Intranet" #1: ignoring unknown Vendor ID payload [4c5647392e322e3234353a425249434b3a392e322e323435]
If you have the logs from the lucent side, to see what vendorid is logged
on their side, I'd be interested so we can add it to our own recognised
vendor list (and possible take action based on it)
> I wonder if I should do something else because of these ones:
> 1) 003 "Intranet" #1: discarding duplicate packet; already STATE_XAUTH_I1
> 2) 003 "Intranet" #2: ignoring informational payload, type IPSEC_RESPONDER_LIFETIME
Looks like a resend, you can ignore it.
> and this one from pluto's debug:
> 3) "Intranet" #1: XAUTH: Unsupported attribute: INTERNAL_ADDRESS_EXPIRY
You can also ignore this. Openswan does not support INTERNAL_ADDRESS_EXPIRY,
so it wont drop the IP address or ask for a new one.
Paul
More information about the Users
mailing list