[Openswan Users] 3DES-SHA still supported? What am I doing wrong?
charlessimon at hotmail.com
Mon Apr 11 12:17:05 EDT 2011
Please check your iptables rulesets - your default policy on the OUTPUT chain is DROP ( which IMHO is very restrictive ). A "tcpdump" on the outside interface would give you some more insight into the IKE packet sent and received and any issues with firewall / fragmentation.
- Simon Charles -
> Date: Mon, 11 Apr 2011 11:57:39 -0400
> From: paul at xelerance.com
> To: crackhd2 at gmail.com
> CC: users at openswan.org
> Subject: Re: [Openswan Users] 3DES-SHA still supported? What am I doing wrong?
> On Mon, 11 Apr 2011, Ben Schmidt wrote:
> > after I added "plutostderrlog=/var/log/pluto.log" in the config
> > Section of /etc/ipsec.conf and restarting openswan I got this log in
> > the newly created logfile: http://pastebin.com/cUZGR2z6
> It just shows the same. Your first packet is ignored. either it is
> filtered or the other side did not like it and did not respond. Check
> networking, firewalls and the configs on both ends. Easiest if you can
> get the remote end logs to see why it is ignoring you.
> Users at openswan.org
> Micropayments: https://flattr.com/thing/38387/IPsec-for-Linux-made-easy
> Building and Integrating Virtual Private Networks with Openswan:
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Users