[Users] (new!) FreeS/wan 1.99 + X509 patches + SSH Sentinel 1.4

Hello,

i have got a fine working lan-to-lan linux 1.99 FreeS/Wan installation, and now i wanna gain roadwarriors remote access to one of the two networks.

I have aptched with X509 patches and then recompiled the freeswan sources, i have then created the CA authority and the PKS12 client ertificates, as well described in the SSH Sentinel interoperability guide.

I have then imported the PKS12 certificates to the SSH-Sentinel windows client (latest version), and hen trying to launch the vpn connections, after negotiating the ike protocol (only phase 1), the connection cannot establish.

The output of ipsec barf is:

NITIAL_CONTACT
Mar 16 15:35:54 liverani pluto[32679]: "rw-cert-3des-novip"[5] IP_OF_THE_CLIENT #9: Peer ID is ID_DER_ASN1_DN: 'C=IT, ST=Italy, L=Cesena, O=Frantz, OU=Web, CN=francesco@colliniconsulting.it, E=collini@colliniconsulting.it'
Mar 16 15:35:54 liverani pluto[32679]: "rw-cert-3des-novip"[5] IP_OF_THE_CLIENT #9: unable to locate my private key for RSA Signature Mar 16 15:36:12 liverani pluto[32679]: "rw-cert-3des-novip"[4] IP_OF_THE_SERVER #8: discarding duplicate packet; already STATE_MAIN_R2
+ _________________________ date
+ date

Thank you very much, bye!

Do you need help?

In addition to our free technical library, Pantek provides professional IT services to companies who utilize Open Source software: Learn more about Pantek's Technical Support offerings Place an order for 24/7/365 Technical Support here Learn more about Pantek, who we are, and what we do Chat with a Live Operator Related lists.freeswan.org Links 1998-fall 1998-spring 1998-summer 1998-winter 1999-winter announce briefs bugs design freeswan-list hipsec ietf-sectest users users-admin Request more information about Pantek

Francesco Co.