[Users] INVALID_COOKIE !?

From: bilbogm <bilbogm(at)gmx.de>
Date: Tue Apr 06 2004 - 09:04:43 EDT

Me again!

Don´t really know what I´ve changed, but now he tell me something about "INVALID_COOKIE" !? WHAT DOES THIS MEAN!? So I send you again all files to take a look

#IPSEC.CONF#
version 2.0

config setup

	myid=@my.linuxside.id
      interfaces=%defaultroute
	fragicmp=no
	overridemtu=1400

conn vpnconn
	type=tunnel
	left=%defaultroute 
	leftsubnet=192.168.40.0/24
	right=my.router.ip
	rightsubnet=192.168.200.0/24
	keyexchange=ike
	auto=add
	auth=esp
	authby=secret
	pfs=yes
	keylife=8.0h
	rekey=yes
	rekeymargin=9m
	ikelifetime=2.0h
	rekeyfuzz=100%
	keyingtries=3
	compress=no

conn block
        auto=ignore

conn clear
        auto=ignore

conn private
        auto=ignore

conn private-or-clear
        auto=ignore

conn clear-or-private
        auto=ignore

conn packetdefault
        auto=ignore 

#IPSEC.SECRETS#
@my.linuxside.id @my.routerside.id
  my.freeswan.ip my.router.ip : PSK "thekey"

#VIGOR CONFIGURATION#
COMMON SETTINGS
Profile Name = vpnconn
Enable this profile = x
Call direction = Dail out
Idle Timeout = 300

DAIL-OUT SETTINGS
IPSec-Tunnel = x
Server IP / Host Name for VPN = my.freeswan.ip IKE Pre-Shared Key = "thekey" IPSec Security Method = High (ESP) 3DES Authentication [Advanced]

	IKE phase 1 mode = Main mode
	IKE phase 1 proposal = 3DES_MD5_G2
	IKE phase 1 key lifetime = 28800
	IKE phase 2 key lifetime = 7200
	Perfekt Forward Secret = enable
	Local ID = @my.routerside.id

DAIL-IN SETTINGS
not used

TCP/IP NETWORK SETTINGS
My WAN IP = 0.0.0.0
Remote Gateway IP = 0.0.0.0
Remote Network IP = 192.168.40.0
Remote Network Mask = 255.255.255.0

#SYSLOG#
Apr 5 21:14:46 srv-03-001 ipsec_setup: ...FreeS/WAN IPsec started Apr 5 21:14:46 srv-03-001 pluto[12093]: Starting Pluto (FreeS/WAN Version 2.05 X.509-1.5.3 PLUTO_USES_KEYRR)
Apr 5 21:14:46 srv-03-001 pluto[12093]: Using KLIPS IPsec interface code Apr 5 21:14:46 srv-03-001 pluto[12093]: Changing to directory '/etc/ipsec.d/cacerts'
Apr 5 21:14:46 srv-03-001 pluto[12093]: loaded CA cert file 'cacert.pem' (1533 bytes)
Apr 5 21:14:46 srv-03-001 pluto[12093]: Changing to directory '/etc/ipsec.d/aacerts'
Apr 5 21:14:46 srv-03-001 pluto[12093]: Changing to directory '/etc/ipsec.d/ocspcerts'
Apr 5 21:14:46 srv-03-001 pluto[12093]: Changing to directory '/etc/ipsec.d/crls'
Apr 5 21:14:46 srv-03-001 pluto[12093]: loaded crl file 'crl.pem' (658 bytes)
Apr 5 21:14:46 srv-03-001 pluto[12093]: added connection description "vpnconn"
Apr 5 21:14:46 srv-03-001 pluto[12093]: listening for IKE messages Apr 5 21:14:46 srv-03-001 pluto[12093]: adding interface ipsec0/ppp0 217.88.174.142
Apr 5 21:14:46 srv-03-001 pluto[12093]: loading secrets from "/etc/ipsec.secrets"
Apr 5 21:14:57 srv-03-001 pluto[12093]: "vpnconn" #1: responding to Main Mode
Apr 5 21:14:58 srv-03-001 pluto[12093]: "vpnconn" #1: ignoring informational payload, type INVALID_COOKIE Apr 5 21:15:01 srv-03-001 pluto[12093]: "vpnconn" #2: responding to Main Mode
Apr 5 21:15:02 srv-03-001 pluto[12093]: "vpnconn" #2: ignoring informational payload, type INVALID_COOKIE Apr 5 21:15:07 srv-03-001 pluto[12093]: "vpnconn" #1: ignoring informational payload, type INVALID_COOKIE Apr 5 21:15:08 srv-03-001 pluto[12093]: "vpnconn" #3: responding to Main Mode
Apr 5 21:15:09 srv-03-001 pluto[12093]: "vpnconn" #3: ignoring informational payload, type INVALID_COOKIE Apr 5 21:15:11 srv-03-001 pluto[12093]: "vpnconn" #2: ignoring informational payload, type INVALID_COOKIE

Allready seen this !? Found nothing equal in Google :( which helps

Dennis

---

Virus checked by G DATA AntiVirusKit
Version: AVK 14.0.614 from 27.03.2004
Virus news: www.antiviruslab.com

---

Virus checked by G DATA AntiVirusKit
Version: AVK 14.0.614 from 27.03.2004
Virus news: www.antiviruslab.com

---

FreeS/WAN Users mailing list
users@lists.freeswan.org
https://mj2.freeswan.org/cgi-bin/mj_wwwusr Received on Tue Apr 6 09:12:13 2004