[Openswan Users] Client VPN on Vista OS

Sasa sasa at shoponweb.it
Thu Oct 15 05:50:04 EDT 2009


"Paul Wouters" wrote:
> openswan will refuse 1des for security reasons. Reconfigure the client to 
> use
> 3des or aes.

I have configured vpn client for to use 3des and now I have a different 
error message (with xp I haven't problem with my vpn connection), in log 
file I have:

Oct 15 11:09:29 fw pluto[15319]: packet from 89.97.x.y:4500: received Vendor 
ID payload [draft-ietf-ipsec-nat-t-ike-00]
Oct 15 11:09:29 fw pluto[15319]: packet from 89.97.x.y:4500: received Vendor 
ID payload [draft-ietf-ipsec-nat-t-ike-02_n] method set to=106
Oct 15 11:09:29 fw pluto[15319]: "left-road"[14] 89.97.x.y #36: responding 
to Main Mode from unknown peer 89.97.x.y
Oct 15 11:09:29 fw pluto[15319]: "left-road"[14] 89.97.x.y #36: transition 
from state STATE_MAIN_R0 to state STATE_MAIN_R1
Oct 15 11:09:29 fw pluto[15319]: "left-road"[14] 89.97.x.y #36: 
STATE_MAIN_R1: sent MR1, expecting MI2
Oct 15 11:09:29 fw pluto[15319]: "left-road"[14] 89.97.x.y #36: ignoring 
unknown Vendor ID payload 
[47bbe7c993f1fc13b4e6d0db565c68e501020101020101031031302e382e3720...]
Oct 15 11:09:29 fw pluto[15319]: "left-road"[14] 89.97.x.y #36: ignoring 
unknown Vendor ID payload [da8e937880010000]
Oct 15 11:09:29 fw pluto[15319]: "left-road"[14] 89.97.x.y #36: received 
Vendor ID payload [Dead Peer Detection]
Oct 15 11:09:29 fw pluto[15319]: "left-road"[14] 89.97.x.y #36: received 
Vendor ID payload [XAUTH]
Oct 15 11:09:29 fw pluto[15319]: "left-road"[14] 89.97.x.y #36: 
NAT-Traversal: Result using draft-ietf-ipsec-nat-t-ike-02/03: peer is NATed
Oct 15 11:09:29 fw pluto[15319]: "left-road"[14] 89.97.x.y #36: transition 
from state STATE_MAIN_R1 to state STATE_MAIN_R2
Oct 15 11:09:29 fw pluto[15319]: "left-road"[14] 89.97.x.y #36: 
STATE_MAIN_R2: sent MR2, expecting MI3
Oct 15 11:09:29 fw pluto[15319]: "left-road"[14] 89.97.x.y #36: ignoring 
informational payload, type IPSEC_REPLAY_STATUS
Oct 15 11:09:29 fw pluto[15319]: | protocol/port in Phase 1 ID Payload is 
17/0. accepted with port_floating NAT-T
Oct 15 11:09:29 fw pluto[15319]: "left-road"[14] 89.97.x.y #36: Main mode 
peer ID is ID_IPV4_ADDR: '10.0.1.221'
Oct 15 11:09:29 fw pluto[15319]: "left-road"[14] 89.97.x.y #36: I did not 
send a certificate because I do not have one.
Oct 15 11:09:29 fw pluto[15319]: "left-road"[14] 89.97.x.y #36: transition 
from state STATE_MAIN_R2 to state STATE_MAIN_R3
Oct 15 11:09:29 fw pluto[15319]: "left-road"[14] 89.97.x.y #36: 
STATE_MAIN_R3: sent MR3, ISAKMP SA established {auth=OAKLEY_PRESHARED_KEY 
cipher=oakley_3des_cbc_192 prf=oakley_sha group=modp1024}
Oct 15 11:09:29 fw pluto[15319]: "left-road"[14] 89.97.x.y #36: cannot 
respond to IPsec SA request because no connection is known for 
85.18.z.k...89.97.x.y[10.0.1.221]===10.0.1.221/32
Oct 15 11:09:29 fw pluto[15319]: "left-road"[14] 89.97.x.y #36: sending 
encrypted notification INVALID_ID_INFORMATION to 89.97.x.y:4500

Thanks.

------

   Salvatore.




More information about the Users mailing list