Hosting Provided By

[Users] super-freeswan - sentinel - nat

From: Norbert Sendetzky <sen(at)codingtechnologies.com>
Date: Thu May 08 2003 - 12:24:47 EDT

Hi all

I want to use the nat traversal feature of ssh sentinel 1.4 in combination with the latest super-freeswan package (1.99.6.2) but ran into a wired problem:

Using udp encapsulation over port 4500 doesn't work (nat-t seems ok) and the log shows a line I havn't found anywhere on this list (or the internet):

packet from 62.128.12.25:500: ignoring Vendor ID payload [SSH Sentinel 1.4] packet from 62.128.12.25:500: ignoring Vendor ID payload [draft-huttunen-ipsec-esp-in-udp-00.txt] ...
"mw002"[1] 62.128.12.25 #9: sent MR3, ISAKMP SA established
"mw002"[1] 62.128.12.25 #10: invalid value 61440 for attribute
ENCAPSULATION_MODE in IPsec Transform
"mw002"[1] 62.128.12.25 #10: sending encrypted notification
BAD_PROPOSAL_SYNTAX to 62.128.12.25:500

I've compiled a stock 2.4.20 kernel in combination with super-freeswan 1.99.6.2 with almost all ipsec options enabled (only null cipher, etc. disabled). The pluto daemon is also listening on udp port 4500, but connections fail (see above message) before anything is sent to this port.

Can anyone please give me a hint what's going wrong or did anybody had similar problems?

Thanks in advance

-- 
_______________________________________________________________________
Dipl.-Inf. Norbert Sendetzky       |
SysAdmin & Software Engineer       | Coding Technologies
                                    |
phone: +49 (0) 911 92891 -36       | Deutschherrnstr. 15-19
fax:   +49 (0) 911 92891 -99       | 90429 Nuernberg, Germany
mailto:
sen(at)CodingTechnologies.com  | 
http://www.CodingTechnologies.com

_______________________________________________ Users mailing list Users@lists.freeswan.org http://lists.freeswan.org/mailman/listinfo/users

application/x-pkcs7-signature attachment: S/MIME Cryptographic Signature

Received on Thu May 8 13:09:34 2003

Do you need help?

This message: [ Message body ]
Next message: Jason Aley: "[Users] Freeswan + Checkpoint NG NO_PROPOSAL_CHOSEN"
Previous message: Aaron Smith: "[Users] Macintosh OS 9.x VPN Client"

Contemporary messages sorted: [ By Date ] [ By Thread ] [ By Subject ] [ By Author ] [ By messages with attachments ]

This archive was generated by hypermail 2.1.8 : Wed Aug 23 2006 - 13:01:30 EDT