IPv6 readyNote: This archive passes through spamassassin. Every mail marked with the subject "*****SPAM*****" has exceed a certain threshold of spam-like behaviour.

[Users] Freeswan1.97(w/x509 patch) and Linksys BEFVP41

From: Neal Droste (NealDroste_at_telocity.com)
Date: Sat Jun 29 2002 - 18:05:10 CEST

Hi,

Since I've seen a few recent posts about using the Linksys EtherFast
Cable/DSL VPN Router, I thought I'd post on my experience.

Out of the box I couldn't get it working. A more up-to-date firmware
version was required which you can download from Linksys. Then I could
get it to complete a connection between my Freeswan VPN with a network
behind it and a home network behind the Linksys using a shared secret.
Using x509 certificates is not possible, but both ends have a fixed IP
address so that helps eliminate the possibility of someone else trying
to connect.

I had to adjust the Phase 1 and Phase 2 settings (some of them available
under the "more..." link under the VPN tab of the Linksys' web based
interface) to use Main Mode, 3DES, SHA, 1024-bit, 1200 sec. key
lifetime, and to use 3DES, MD5, PFS ON, 1024-bit, 1200 sec. key lifetime.

Neal

The log from the Linksys:

VPN Log
System Up Time: 0 days 01:08:25

2002-06-29 09:10:59 IKE[1] Rx << MM_I1 : xxx.xxx.xxx.xxx
2002-06-29 09:10:59 IKE[1] TX >> MM_R1 : xxx.xxx.xxx.xxx
2002-06-29 09:10:59 IKE[1] ISAKMP SA CKI=[60cdf1c8 88124c7f]
CKR=[c0221a00 83d97bf3]
2002-06-29 09:10:59 IKE[1] ISAKMP SA 3DES / SHA / PreShared / MODP_1024
/ 3600 sec
2002-06-29 09:10:59 IKE[1] Rx << MM_I2 : xxx.xxx.xxx.xxx
2002-06-29 09:10:59 IKE[1] Tx >> MM_R2 : xxx.xxx.xxx.xxx
2002-06-29 09:11:00 IKE[1] Rx << MM_I3 : xxx.xxx.xxx.xxx
2002-06-29 09:11:00 IKE[1] Tx >> MM_R3 : xxx.xxx.xxx.xxx
2002-06-29 09:11:00 IKE[1] Rx << QM_I1 : xxx.xxx.xxx.xxx
2002-06-29 09:11:00 IKE[1] TX >> QM_R1 : xxx.xxx.xxx.xxx
2002-06-29 09:11:01 IKE[1] Rx << QM_I2 : xxx.xxx.xxx.xxx
2002-06-29 09:11:01 IKE[1] ESP_SA 3DES / MD5 / 28800 sec /
SPI=[4ed15239:6883b4f8]
2002-06-29 09:11:01 IKE[1] Set up ESP tunnel with xxx.xxx.xxx.xxx Success !
2002-06-29 09:11:01
2002-06-29 09:30:57
2002-06-29 09:30:57 IKE[1] TX >> MM_I1 : xxx.xxx.xxx.xxx
2002-06-29 09:30:58 IKE[1] Rx << MM_R1 : xxx.xxx.xxx.xxx
2002-06-29 09:30:58 IKE[1] ISAKMP SA CKI=[8283c6ca 4187934f]
CKR=[54781617 4f94286d]
2002-06-29 09:30:58 IKE[1] ISAKMP SA 3DES / SHA / PreShared / MODP_1024
/ 1200 sec
2002-06-29 09:30:58 IKE[1] Tx >> MM_I2 : xxx.xxx.xxx.xxx
2002-06-29 09:30:58 IKE[1] Rx << MM_R2 : xxx.xxx.xxx.xxx
2002-06-29 09:30:58 IKE[1] Tx >> MM_I3 : xxx.xxx.xxx.xxx
2002-06-29 09:30:59 IKE[1] Rx << MM_R3 : xxx.xxx.xxx.xxx
2002-06-29 09:30:59 IKE[1] TX >> QM_I1 : xxx.xxx.xxx.xxx
2002-06-29 09:30:59 IKE[1] Rx << QM_R1 : xxx.xxx.xxx.xxx
2002-06-29 09:30:59 IKE[1] TX >> QM_I2 : xxx.xxx.xxx.xxx
2002-06-29 09:30:59 IKE[1] ESP_SA 3DES / MD5 / 1200 sec /
SPI=[84384b45:6883b4f9]
2002-06-29 09:30:59 IKE[1] Set up ESP tunnel with xxx.xxx.xxx.xxx Success !
2002-06-29 09:30:59
2002-06-29 09:46:28 IKE[1] Rx << MM_I1 : xxx.xxx.xxx.xxx
2002-06-29 09:46:28 IKE[1] TX >> MM_R1 : xxx.xxx.xxx.xxx
2002-06-29 09:46:28 IKE[1] ISAKMP SA CKI=[e97d42ad 2241b9cb]
CKR=[d628476d 66e28345]
2002-06-29 09:46:28 IKE[1] ISAKMP SA 3DES / SHA / PreShared / MODP_1024
/ 3600 sec
2002-06-29 09:46:28 IKE[1] Rx << MM_I2 : xxx.xxx.xxx.xxx
2002-06-29 09:46:28 IKE[1] Tx >> MM_R2 : xxx.xxx.xxx.xxx
2002-06-29 09:46:29 IKE[1] Rx << MM_I3 : xxx.xxx.xxx.xxx
2002-06-29 09:46:29 IKE[1] Tx >> MM_R3 : xxx.xxx.xxx.xxx
2002-06-29 09:46:30 IKE[1] Rx << QM_I1 : xxx.xxx.xxx.xxx
2002-06-29 09:46:30 IKE[1] TX >> QM_R1 : xxx.xxx.xxx.xxx
2002-06-29 09:46:31 IKE[1] Rx << QM_I2 : xxx.xxx.xxx.xxx
2002-06-29 09:46:31 IKE[1] ESP_SA 3DES / MD5 / 28800 sec /
SPI=[51aa9b78:6883b4fa]
2002-06-29 09:46:31 IKE[1] Set up ESP tunnel with xxx.xxx.xxx.xxx Success !
2002-06-29 09:46:31

_______________________________________________
Users mailing list
Users_at_lists.freeswan.org
http://lists.freeswan.org/mailman/listinfo/users

This archive was generated by hypermail 2.1.3 : Mon Jul 29 2002 - 05:20:17 CEST