To help track down my mistake here are the ipsec.conf from the linux box
and the ipsec.conf used for w2k:
linux:
-snip-
conn bssub-rw1
authby=rsasig
left=xxx.yyy.zzz.110
leftsubnet=192.168.0.0/24
leftnexthop=xxx.yyy.zzz.109
leftrsasigkey=%cert
leftid="C=DE, ST=NDS, O=Test AG, OU=test,
CN=test/Email=info_at_test-ag.de"
right=%any
rightsubnet=
rightnexthop=
rightrsasigkey=%cert
rightid="C=DE, ST=NDS, O=Test AG, OU=test-rw1,
CN=test-rw1/Email=info_at_test-ag.de"
auto=add
-snip-
w2k:
conn notebook
left=%any
right=xxx.yyy.zzz.110
rightsubnet=192.168.0.0/255.255.255.0
rightca="C=DE, S=NDS, L=Braunschweig, O=Test AG, OU=test, CN=test
E=info_at_test-ag.de"
network=both
auto=start
pfs=yes
And to leave nothing to the imagination :)
here is the output from openssl for the roadwarrior and gw certificate:
roadwarrior:
Issuer: C=DE, ST=NDS, L=Braunschweig, O=Test AG, OU=test,
CN=test/Email=info_at_test-ag.de
Subject: C=DE, ST=NDS, O=Test AG, OU=test-rw1,
CN=test-rw1/Email=info_at_test-ag.de
gateway:
Issuer: C=DE, ST=NDS, L=Braunschweig, O=Test AG, OU=test,
CN=test/Email=info_at_test-ag.de
Subject: C=DE, ST=NDS, O=Test AG, OU=test, CN=test/Email=info_at_test-ag.de
I really hope someone will find the error I'm overlooking so hard.
Ciao,
Philip
-- LINET Services Bunkus, Geisler und Reetz GbRRebenring 33 Tel.: 0531-280 191 71 38106 Braunschweig Fax.: 0531-280 191 72
http://www.linet-services.de mailto:info_at_linet-services.de
_______________________________________________ Users mailing list Users_at_lists.freeswan.org http://lists.freeswan.org/mailman/listinfo/users
This archive was generated by hypermail 2.1.3 : Mon Jul 29 2002 - 05:19:53 CEST