Note: This archive passes through spamassassin. Every mail marked with the subject "*****SPAM*****" has exceed a certain threshold of spam-like behaviour.

Re: [Users] W2K IPsec tool?

From: Andreas Haumer (andreas_at_xss.co.at)
Date: Wed Mar 13 2002 - 09:38:37 CET

Next message: mlafon_at_arkoon.net: "[Users] is zlib bug revelant for FreeS/WAN"
Previous message: Oliver Joa: "Re: [Users] Wireless vpn??"
Maybe in reply to: Nate Carlson: "Re: [Users] W2K IPsec tool?"
Next in thread: Nate Carlson: "Re: [Users] W2K IPsec tool?"
Reply: Nate Carlson: "Re: [Users] W2K IPsec tool?"
Reply: Andreas Haumer: "Re: [Users] W2K IPsec tool?"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Hi!

Thanks for the reply!

George Pop wrote:
>
> Hi Andreas,
>
> The ipsec tool will just set and activate the policy in Win2k, nothing
> else. It will not initiate a tunnel or something else. The only thing that
> you need is after running the ipsec tool to ping the network behind the
> freeswan gateway. You will see (if your ipsec.conf is correct) the message
> "Negotiating IP security" many times and after a while the reply to your
> pings. If you wown't get reply to your pings or worse no "Negotiating IP
> security" you have something wrong on at least on one side. The most simple

I did that. But the W2K box doesn't even try to bring up
the tunnel. There is _no single packet_ going from the
W2K box to the FreeS/WAN gateway (neither UDP port 500 no
IP proto 50 packets), and there is no "Negotiating IP security"
message to see, even if I ping the network behind the
FreeS/WAN gateway several times.
I also did a complete re-install of the W2K box (you
know, it's called "Windows", but you never know what is
going on inside...), but this didn't help either.
It's clear it's not a FreeS/WAN problem, as the FreeS/WAN
gateway isn't involved in any way yet.

> thing would be to make two freeswans talk together using certificates and
> after you are sure the config works make the connection from Win2k ..

This is what I try to do now.
I did setup lots of FreeS/WAN based IPsec tunnels in the
past years, and they all work well. So I now how to work
with IPsec, though only with PSK configurations so far.

With Linux & FreeS/WAN I have logfiles and tools like
strace and tcpdump to debug in case something is not working.
But on this damned W2K box I have nothing. This drives me crazy... :-(

- andreas

-- 
Andreas Haumer                     | mailto:andreas_at_xss.co.at
*x Software + Systeme              | http://www.xss.co.at/
Karmarschgasse 51/2/20             | Tel: +43-1-6060114-0
A-1100 Vienna, Austria             | Fax: +43-1-6060114-71
_______________________________________________
Users mailing list
Users_at_lists.freeswan.org
http://lists.freeswan.org/mailman/listinfo/users

Next message: mlafon_at_arkoon.net: "[Users] is zlib bug revelant for FreeS/WAN"
Previous message: Oliver Joa: "Re: [Users] Wireless vpn??"
Maybe in reply to: Nate Carlson: "Re: [Users] W2K IPsec tool?"
Next in thread: Nate Carlson: "Re: [Users] W2K IPsec tool?"
Reply: Nate Carlson: "Re: [Users] W2K IPsec tool?"
Reply: Andreas Haumer: "Re: [Users] W2K IPsec tool?"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.3 : Mon Jul 29 2002 - 05:19:42 CEST