Note: This archive passes through spamassassin. Every mail marked with the subject "*****SPAM*****" has exceed a certain threshold of spam-like behaviour.

Re: [Users] Error message "only know how to do auth=esp or auth=ah"

From: Gerhard Gessler (gessler_at_iabg.de)
Date: Tue Apr 23 2002 - 19:16:00 CEST

Next message: Gerhard Gessler: "Re: [Users] Error message "only know how to do auth=esp or auth=ah""
Previous message: Harry Brueckner: "[Users] W2k does not talk"
In reply to: Gerhard Hofmann: "RE: [Users] Error message "only know how to do auth=esp or auth=ah""
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Gerhard Hofmann schrieb:
>
> Thanks for your hint!
>
> Now I do not get the message any more.
>
> /var/log/messages shows
> Apr 23 13:40:46 slinux1 Pluto[4073]: | instantiated "roadwarrior" for
> 62.246.15.119
>
> It seems that the roadwarrior connection to VPN gateway was successful.
> But I can't ping any machine on the net, neither the gateway nor any other
> machine.

Then you have to tell us more about your setup, configuration, etc.

Cheers,

Gerhard

>
> But this seems to be a different problem.
>
> > -----Original Message-----
> > From: Gerhard Gessler [mailto:gessler_at_iabg.de]
> > Sent: Tuesday, April 23, 2002 12:50 PM
> > To: Gerhard Hofmann
> > Cc: Freeswan List
> > Subject: Re: [Users] Error message "only know how to do auth=esp or
> > auth=ah"
> >
> >
> > Gerhard Hofmann schrieb:
> > >
> > > Hi list,
> > >
> > > I get an error message in /var/log/messages:
> > >
> > > ipsec__plutorun: ipsec_auto: fatal error in "roadwarrior
> > > > ": only know how to do auth=esp or auth=ah
> > >
> > > I have set auth=rsasig in the section "conn %default" in my ipsec.conf
> >
> > Hi Gerhard,
> >
> > I thing you are confusing here two things:
> >
> > With "authby" you can specify how the IKE-Daemons (Pluto) authenticate
> > each other (rsasig or PSK).
> > With "auth" you can specify if IP packet authentication on the network
> > layer is done via ESP header (default) or an additional AH header.
> >
> > So changing auth=rsasig to authby=rsasig should be enough for you if you
> > don't have any other special requirements.
> >
> > Hope this helps,
> >
> > Gerhard
> >
> > >
> > > What can cause this problem? I have installed X.509 patches so
> > I think this
> > > option should be valid.
> > >
> > > TIA
> > > Gerhard Hofmann
> > >
> > > _______________________________________________
> > > Users mailing list
> > > Users_at_lists.freeswan.org
> > > http://lists.freeswan.org/mailman/listinfo/users
> >
> >
> > --
> > ---------------------------------------------------
> > Gerhard Geßler
> >
> > Communication Networks, IABG mbH
> > Einsteinstr. 20
> > 85521 Ottobrunn, Germany
> >
> > Telefon: +49 89 6088 - 2021
> > Fax: +49 89 6088 - 2845
> >
> > E-Mail: gessler_at_iabg.de
> >

-- --------------------------------------------------- Gerhard Geßler

Communication Networks, IABG mbH Einsteinstr. 20 85521 Ottobrunn, Germany

Telefon: +49 89 6088 - 2021 Fax: +49 89 6088 - 2845

E-Mail: gessler_at_iabg.de _______________________________________________ Users mailing list Users_at_lists.freeswan.org http://lists.freeswan.org/mailman/listinfo/users

Next message: Gerhard Gessler: "Re: [Users] Error message "only know how to do auth=esp or auth=ah""
Previous message: Harry Brueckner: "[Users] W2k does not talk"
In reply to: Gerhard Hofmann: "RE: [Users] Error message "only know how to do auth=esp or auth=ah""
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.3 : Mon Jul 29 2002 - 05:19:53 CEST