[Openswan Users] Winxp could not connect to Linux OPENSWAN server
shawnlau
net17sharplau at 163.com
Fri Apr 10 08:25:58 EDT 2009
Hi all !
My openswan configure of LINUX VPN SERVER like below: it's almost
copy from /etc/ipsec.d/example/l2tp-cert.conf
conn l2tpx509
authby=rsasig
rekey=no
ikelifetime=8h
keylife=1h
type=transport
left=10.255.255.8
leftid=%fromcert
leftrsasigkey=%cert
leftcert=westcert.pem
leftprotoport=17/1701
right=%any
rightca=%same
rightrsasigkey=%cert
rightprotoport=17/%any
rightsubnet=vhost:%priv,%no
pfs=yes
auto=add
In this configure , I have a question. Which certificate file should be set
on leftcert=, the westcert.pem (my vpn gateway's pem file) or winxp.pem (the
pem file for winxp client)
After this config, In my winxp client , I have used ipsec.exe, and the
config file like below:
conn l2tpx509
left=%any
right=10.255.255.8
rightca="C=CN, S=JiangSu, O=NewPower, OU=CoreTech, CN=RootCASrv,
E=net17shawnlau at gmail.com"
network=auto
autp=start
pfs=yes
conn l2tpx509-net
left=%any
right=10.255.255.8
rightsubnet=192.168.88.128/25
rightca="C=CN, S=JiangSu, O=NewPower, OU=CoreTech, CN=RootCASrv,
E=net17shawnlau at gmail.com"
pfs=yes
network=auto
auto=start
When I boot ipsec.exe, from winxp client I ping the hosts of vpn network.
But result always: Negotiating IP Security
I have made a new key and pem file for windows, and transform the to PKCS#12
file. But the error still like above.
3kx and regards!
Shawn
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.openswan.org/pipermail/users/attachments/20090410/0f36bc0c/attachment-0001.html
More information about the Users
mailing list