[Openswan Users] IPsec on Ubuntu Linux Server 8.04 (Hardy)
Kaushal Shriyan
kaushalshriyan at gmail.com
Fri Jan 21 05:25:15 EST 2011
On Tue, Jan 18, 2011 at 8:36 PM, Paul Wouters <paul at xelerance.com> wrote:
> On Tue, 18 Jan 2011, Kaushal Shriyan wrote:
>
> Hi Paul
>>
>> Please have a look at http://paste.ubuntu.com/555411/
>>
>
> initiate on demand from 10.0.0.119:8 to 172.17.6.175:0 proto=1 state:
> fos_start because: acquire
>
> You did not add oe=no in your "config setup" or you removed it? please put
> it back there.
>
> "sonicwall" #1: STATE_MAIN_I4: ISAKMP SA established
> {auth=OAKLEY_PRESHARED_KEY cipher=oakley_3des_cbc_192 prf=oakley_md5
> group=modp1024}
>
> phase1 is up.
>
> "sonicwall" #2: STATE_QUICK_I2: sent QI2, IPsec SA established tunnel mode
> {ESP=>0x4287be14 <0xc60d8692 xfrm=3DES_0-HMAC_MD5 NATOA=none NATD=none
> DPD=enabled}
>
> phase2 is up.
>
> but meanwhile you also race with another connection which ends in:
>
> "sonicwall" #4: Oakley Transform [OAKLEY_3DES_CBC (192), OAKLEY_SHA1,
> OAKLEY_GROUP_MODP1024] refused due to strict flag
>
> So it seems the sonic wall might want esp=3des-sha1;modp1024
>
>
> Paul
>
Hi,
Please suggest me a good tutorial to understand IPSec and openswan
I am missing the concepts.
Thanks
Kaushal
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.openswan.org/pipermail/users/attachments/20110121/036c697c/attachment.html
More information about the Users
mailing list