[Openswan Users] New Problems with Juniper SRX after FW Upgrade

Paul Wouters paul at xelerance.com
Fri Apr 9 11:24:25 EDT 2010


On Fri, 9 Apr 2010, Daniel.Fritz at geneva-id.com wrote:

> Date: Fri, 9 Apr 2010 09:21:02 +0200
> From: Daniel.Fritz at geneva-id.com
> To: users at openswan.org
> Subject: [Openswan Users] New Problems with Juniper SRX after FW Upgrade

> we got new problems with Juniper SRX after upgrade to JUNOS 10.1R1.8. It
> seams to be a problems with the proxy-id settings. I have tested all
> possible settings with internal and extenal IPs without success.

> Apr  9 09:13:58 id-soft pluto[29125]: "DUS" #2: protocol/port in Phase 1 ID
> Payload must be 0/0 or 17/500 but are 17/0
> Apr  9 09:13:58 id-soft pluto[29125]: "DUS" #2: sending encrypted
> notification INVALID_ID_INFORMATION to 217.1xx.1xx.242:500

Its broken on their end. However, I thought we allowed this through because so many
broken implementations that do this exist. What openswan version is this?

Paul


More information about the Users mailing list