I have setup a Linux VPN gateway with most recent Free S/WAN + X.509
patches.
When connecting with a Windows 2000 roadwarrior notebook (I use the tools
provided on vpn.ebootis.de) to the gateway via the Internet, I cannot ping
the VPN gateway.
But when looking into /var/log/messages I see some messages that indicate
that there was some connection between notebook and VPN gateway:
pr 22 14:37:10 slinux1 Pluto[1441]: | ***parse ISAKMP Security Association
Payl
oad:
Apr 22 14:37:10 slinux1 Pluto[1441]: | next payload type: ISAKMP_NEXT_VID
Apr 22 14:37:10 slinux1 Pluto[1441]: | length: 164
Apr 22 14:37:10 slinux1 Pluto[1441]: | DOI: ISAKMP_DOI_IPSEC
Apr 22 14:37:10 slinux1 Pluto[1441]: | ***parse ISAKMP Vendor ID Payload:
Apr 22 14:37:10 slinux1 Pluto[1441]: | next payload type:
ISAKMP_NEXT_NONE
Apr 22 14:37:10 slinux1 Pluto[1441]: | length: 24
Apr 22 14:37:10 slinux1 Pluto[1441]: packet from 62.246.10.107:500: ignoring
Ven
dor ID payload
Apr 22 14:37:10 slinux1 Pluto[1441]: | VID: 1e 2b 51 69 05 99 1c 7d 7c 96
fc
bf b5 87 e4 61
Apr 22 14:37:10 slinux1 Pluto[1441]: | 00 00 00 02
Apr 22 14:37:10 slinux1 Pluto[1441]: packet from 62.246.10.107:500: initial
Main
Mode message received on 192.168.1.18:500 but no connection has been
authorized
62.246.10.107 was the IP of notebook at this time and 192.168.1.18 is IP of
VPN gateway (private IP address, our Internet router forwards UDP port 500
to this address).
AFAIK, I have setup certificates correctly on both sides.
What am I doing wrong?
ipsec.conf files of VPN gateway and roadwarrior are attached.
TIA
Gerhard Hofmann
_______________________________________________
Users mailing list
Users_at_lists.freeswan.org
http://lists.freeswan.org/mailman/listinfo/users
This archive was generated by hypermail 2.1.3 : Mon Jul 29 2002 - 05:19:52 CEST