I believe the RFC's specify that if the Freeswan or any VPN is acting as a
gateway the gateway cannot be run in Transport mode. Check the RFC's.
Andre
On Tue, 12 Mar 2002, kumar ritesh wrote:
>
>
> mairas and all ,
> i am facing the same problem as you have
> faced , when trying to connect freeswan vpn gateway
> with windows 2000 machine(as a roadwarrior)with
> openssl genrated certificate .. i have generated as
> per you mail in userlist of freeswan and i have
> followed the same procejure at the time of importing
> the certficate .. i am getting same error message in
> window2000 machine and freeswan as you have and i have
> also tried "Automatically select the certificate
> store" option
> then also it not working.. then same error message
> with "encrypted Informational Exchange message is
> invlaid because it is for incomplete ISAKMP SA"..
> my ipsec.conf file is as follows
>
> config setup
> interfaces="ipsec0=eth0"
> klipsdebug=none
> plutodebug=none
> plutoload=%search
> plutostart=%search
> uniqueids=yes
>
> conn %default
> keyingtries=0
>
>
>
> conn king
> type=transport
> left=%any
> right=192.168.5.2
> auth=esp
> authby=rsasig
> leftcert=win2000-cert.pem
> rightcert=freeswan.pem
> auto=add
> esp=3des-sha1-96
> please help me out guys who all know any solution for
> the above problem..
>
> thanks
> ritesh
>
>
>
>
> __________________________________________________
> Do You Yahoo!?
> Try FREE Yahoo! Mail - the world's greatest free email!
> http://mail.yahoo.com/
> _______________________________________________
> Users mailing list
> Users_at_lists.freeswan.org
> http://lists.freeswan.org/mailman/listinfo/users
>
_______________________________________________
Users mailing list
Users_at_lists.freeswan.org
http://lists.freeswan.org/mailman/listinfo/users
This archive was generated by hypermail 2.1.3 : Mon Jul 29 2002 - 05:19:45 CEST