Without an excerpt from the log file nothing can be done!
Andreas
samir_at_eyetap.org wrote:
> hi
> i am trying to setup a ipsec tunnel between a win2k and linux box on the
> same subnet. i've followed nate carlson's instructions very carefully and
> not been successful. thereafter, i mucked with the ipsec.conf on both
> sides, but still not results. after looking @ the logs on both machines,
> oakley.log tells me that Negotiation timed out...
> The log on the linux box doesn't even acknowledge that it has received any
> packets. there are a couple of klips debug msgs and NO pluto msgs..
> thereafter a tcpdump reveals that linux box isn't receiving any packets
> form the win2k box ?! weird !
> i suspect that something is failing very early in the connection
> negotiation....
> if any one can help me , that will be appreciated.
>
> win2k.ipsec.conf
> conn me-to-test
> right%any (also tried 138.100.16.39)
> left=138.100.16.27
> rightca="...."
> network=auto
> auto=start
> pfs=yes
>
> linux.ipsec.conf
> config setup
> interfaces="ipsec0=eth0"
> klipsdebug=all
> plutodebug=all
> plutoload=%search
> plutostart=%search
> uniqueids=yes
>
> conn %default
> keyingtries=0
> compress=yes
> disablearrivalcheck=no
> authby=rsasig
> leftrsasigkey=%cert
> rightrsasigkey=%cert
>
> conn me-to-test
> right=%any (also tried 138.100.16.39)
> left=138.100.16.27
> leftcert=othello.pem
> auto=add
> pfs=yes
>
>
>
> samir
======================================================================
Andreas Steffen e-mail: andreas.steffen_at_strongsec.com
strongSec GmbH phone: +41 76 340 25 56
Alter Zuerichweg 20 home: http://www.strongsec.com
CH-8952 Schlieren (Switzerland)
==========================================[strong internet security]==
_______________________________________________
Users mailing list
Users_at_lists.freeswan.org
http://lists.freeswan.org/mailman/listinfo/users
This archive was generated by hypermail 2.1.3 : Mon Jul 29 2002 - 05:20:19 CEST