[Openswan Users] XAUTH problem
Bill Carlson
billcarlson at wkks.org
Tue Sep 23 15:59:04 EDT 2008
On Mon, 22 Sep 2008, Dave Vree wrote:
> I had EXACTLY this same problem, except with a Sonicwall 4100. I posted
> the question and got the answer a couple weeks back.
>
> I got past it by adding "aggrmode=yes" to my connection definition.
Just to be clear, you get prompted for XAUTH username/password, right?
> Here's a few other things I did:
>
> a) Named the leftid "GroupVPN" -- if I name the leftID anything else,
> sonicwall won't connect...and yes I changed it in the secrets files too.
>
> b) Took out leftsubnet in config file...not needed....leftIP/32 is default
>
> c) Took out interfaces= in config file...not needed with netkey which is
> default in Ubuntu with its 2.6 kernel
Maybe this is my problem, if I don't have 'interfaces="ipsec0=eth0"', then
all network connections are stopped as soon as I start openswan. I do have
multiple interfaces.
> g) CRITICAL: Go into the Sonicwall configuration utility and set the
> following: VPN -> Settings -> GroupVPN configure -> Client tab->"Virtual
> Adapter Settings" from "DHCP lease" to "DHCP lease or Manual Configuration"
Yes, I already verified that was set.
> aggrmode=yes # Aggressive Mode Phase 1 negotiations (requires use of IKE)
Noted, thanks. I thought Aggressive was not recommended, but better than
nothing.
Bill Carlson
Anything is possible, given Time and Money.
More information about the Users
mailing list