Hosting Provided By

Re: [Users] Config Problem

From: Sam Sgro <sam(at)freeswan.org>
Date: Wed Oct 01 2003 - 03:02:40 EDT

-----BEGIN PGP SIGNED MESSAGE----- On Tuesday 30 September 2003 06:35, Armin Theis wrote:
> My XP-Client gets no packets back. It is quite obvious that there is a
> problem with 0.0.0.0/0

Looking at your barf, your negotiation never completes. Check the output of "ipsec auto --status":

000 #2: "armin" STATE_QUICK_I1 (sent QI1, expecting QR1); EVENT_RETRANSMIT in 5s

After the ISAKMP SA is established, you then receive:

"armin" #1: ignoring informational payload, type INVALID_ID_INFORMATION

Are you certain that you're specifying the correct ID information on the WinXP side? What does its configuration look like? You may find other, useful info if you let the WinXP roadwarrior connect to the FreeS/WAN box. You may also find useful info in the oakley.log file.

I highly recommend you clear out most of the extra, commented out data in your config file; it's hard to read. You configuration (excluding authentication/ID information) given your intent should look like this:

Do you need help?

conn me-to-world

	left=192.168.1.80
	leftsubnet=0.0.0.0/0
	right=192.168.1.127
	auto=add
	... (extra parameters after this)

-- Sam Sgro sam@freeswan.org

-----BEGIN PGP SIGNATURE-----

Version: 2.6.3ia
Charset: noconv
Comment: For the matching public key, finger the Reply-To: address.

iQCVAwUBP3p8FEOSC4btEQUtAQG08wQAnaVD+BBG/7NpyYnDWQwPh5MJNyhBRSBM hhj0uRtthZvq3hp64Kn+khJhPT8+2m4sHLrjrutDYLZpZg7ov4MYOFCfudt5BWc6 VXvFzpPD2FjHHmUsdcXhyazl62DGMXkAyizQklqQ9ky5MAwz/sgwjf+LMYLQdDOy 1Cp2jpmqvRQ=
=+yvO
-----END PGP SIGNATURE-----

FreeS/WAN Users mailing list
users@lists.freeswan.org
https://mj2.freeswan.org/cgi-bin/mj_wwwusr Received on Wed Oct 1 03:21:28 2003

This message: [ Message body ]
Next message: Cristian Marin: "[Users] FreeSwan <---> Watchguard Firebox"
Previous message: Arthur Meyer: "Re: [Users] Malformed RSA Keys"
In reply to: Armin Theis: "[Users] Config Problem"
In reply to Armin Theis: "[Users] Config Problem"

Contemporary messages sorted: [ By Date ] [ By Thread ] [ By Subject ] [ By Author ] [ By messages with attachments ]

This archive was generated by hypermail 2.1.8 : Wed Aug 23 2006 - 13:01:39 EDT