[Openswan Users] Connecting to Checkpoint VPN-1

do do at ww55.hu
Sat Apr 4 16:51:26 EDT 2009


Hi,

Maybe I'm wrong but I think the best way is to find your problem(s) is to
allocate always the first error message.
Shut down the tunnel, start a tshark with -t a to have normal timestamps
and say ipsec whack --name tunnel_name --debug-all.
pull up the tunnel and check the tshark for the first informational packet
coming and check its time in your auth.log what has happened in
that packet. The reason of your problem should be there.

Regards
Peter

On Sat, 04 Apr 2009 14:07:14 +0400, Eugene Kotlyarov
<e.kotlyarov at gmail.com>
wrote:
> Hi
> 
> Nick Howitt wrote:
>> 
>> I am almost totally new to this, but I received these mesages when a 
>> Vigor router was trying initiate the connection using AES with 
>> Authentication. Forcing it to initiate with 3DES/MD5 or 3DES/SHA1 got 
>> round the problem, but in my case I did it at the router end, not the 
>> Openswan end.
>> 
> 
> Thanks for the idea, but I guess that's not the point, I already use
3des, 
> my settings are.
> 
>          ike=3des-md5-modp1024
>          esp=3des128-md5
> 
> With aes it didn't even passed phase 1 of connection
> 
> _______________________________________________
> Users at openswan.org
> http://lists.openswan.org/mailman/listinfo/users
> Building and Integrating Virtual Private Networks with Openswan: 
> http://www.amazon.com/gp/product/1904811256/104-3099591-2946327?n=283155

-- 
--
do


More information about the Users mailing list