[Openswan Users] malfomed payload errors
David McCullough
David_Mccullough at securecomputing.com
Sun Oct 11 18:59:53 EDT 2009
Jivin Geoff Galitz lays it down ...
> Good day,
>
> I am having trouble connecting to a Checkpoint FW-1. I don't have access to the remote logs. Here is the debug output:
>
> http://pastebin.com/m3f98e30a
>
> The config file is:
Which version of openswan are you using ?
Cheers,
Davidm
> ----------------------------------------------------------------------------------------------------------------
>
> version 2.0 # conforms to second version of ipsec.conf specification
>
>
>
> config setup
>
> plutodebug="control parsing emitting"
>
> nat_traversal=yes
>
> OE=off
>
> protostack=netkey
>
>
>
>
>
> conn remotet
>
>
>
> left=x.x.x.x # nat host ip
>
> leftid=x.x.x.x # public ip
>
> leftnexthop=%defaultroute
>
> right=x.x.x.x
>
> rightnexthop=%defaultroute
>
> auth=esp
>
> authby=secret
>
> auto=add
>
> pfs=yes
>
> ike=3des-sha1-modp1024
>
> esp=3des-sha1,aes-md5
>
> keyexchange=ike
>
> ikelifetime=1440m
>
> keylife=3660s
>
> # ikev2=yes
>
>
>
> ---------------------------------
> Geoff Galitz
> Blankenheim NRW, Germany
> http://www.galitz.org/
> http://german-way.com/blog/
>
>
>
>
> _______________________________________________
> Users at openswan.org
> http://lists.openswan.org/mailman/listinfo/users
> Building and Integrating Virtual Private Networks with Openswan:
> http://www.amazon.com/gp/product/1904811256/104-3099591-2946327?n=283155
--
David McCullough, david_mccullough at securecomputing.com, Ph:+61 734352815
McAfee - SnapGear http://www.snapgear.com http://www.uCdot.org
More information about the Users
mailing list