Note: This archive passes through spamassassin. Every mail marked with the subject "*****SPAM*****" has exceed a certain threshold of spam-like behaviour.

Re: [Users] yup ! another win2k freeS/WAN problem

From: Andreas Steffen (andreas.steffen_at_strongsec.net)
Date: Wed Jul 10 2002 - 16:34:54 CEST

Next message: Joe Patterson: "RE: [Users] Certificate Not working in windows 2000"
Previous message: Andreas Steffen: "Re: [Users] need FreeS/Wan RPMS with x.509-patch included / cant make "make rpm""
In reply to: samir_at_eyetap.org: "Re: [Users] yup ! another win2k freeS/WAN problem"
Next in thread: samir_at_eyetap.org: "Re: [Users] yup ! another win2k freeS/WAN problem"
Reply: samir_at_eyetap.org: "Re: [Users] yup ! another win2k freeS/WAN problem"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

According to your FreeS/WAN log, Pluto not even gets started. Do you
see any error messages when you try to restart FreeS/WAN with

ipsec setup restart

Regards

Andreas

samir_at_eyetap.org wrote:
>
> attached are the logs from the win2k client and the linux server ...
>
> On Wed, 10 Jul 2002, Andreas Steffen wrote:
>
> > Without an excerpt from the log file nothing can be done!
> >
> > Andreas
> >
> > samir_at_eyetap.org wrote:
> > > hi
> > > i am trying to setup a ipsec tunnel between a win2k and linux box on the
> > > same subnet. i've followed nate carlson's instructions very carefully and
> > > not been successful. thereafter, i mucked with the ipsec.conf on both
> > > sides, but still not results. after looking @ the logs on both machines,
> > > oakley.log tells me that Negotiation timed out...
> > > The log on the linux box doesn't even acknowledge that it has received any
> > > packets. there are a couple of klips debug msgs and NO pluto msgs..
> > > thereafter a tcpdump reveals that linux box isn't receiving any packets
> > > form the win2k box ?! weird !
> > > i suspect that something is failing very early in the connection
> > > negotiation....
> > > if any one can help me , that will be appreciated.
> > >
> > > win2k.ipsec.conf
> > > conn me-to-test
> > > right%any (also tried 138.100.16.39)
> > > left=138.100.16.27
> > > rightca="...."
> > > network=auto
> > > auto=start
> > > pfs=yes
> > >
> > > linux.ipsec.conf
> > > config setup
> > > interfaces="ipsec0=eth0"
> > > klipsdebug=all
> > > plutodebug=all
> > > plutoload=%search
> > > plutostart=%search
> > > uniqueids=yes
> > >
> > > conn %default
> > > keyingtries=0
> > > compress=yes
> > > disablearrivalcheck=no
> > > authby=rsasig
> > > leftrsasigkey=%cert
> > > rightrsasigkey=%cert
> > >
> > > conn me-to-test
> > > right=%any (also tried 138.100.16.39)
> > > left=138.100.16.27
> > > leftcert=othello.pem
> > > auto=add
> > > pfs=yes
> > >
> > >
> > >
> > > samir
>

======================================================================
Andreas Steffen e-mail: andreas.steffen_at_strongsec.com
strongSec GmbH phone: +41 76 340 25 56
Alter Zürichweg 20 home: http://www.strongsec.com
CH-8952 Schlieren (Switzerland)
==========================================[strong internet security]==
_______________________________________________
Users mailing list
Users_at_lists.freeswan.org
http://lists.freeswan.org/mailman/listinfo/users

Next message: Joe Patterson: "RE: [Users] Certificate Not working in windows 2000"
Previous message: Andreas Steffen: "Re: [Users] need FreeS/Wan RPMS with x.509-patch included / cant make "make rpm""
In reply to: samir_at_eyetap.org: "Re: [Users] yup ! another win2k freeS/WAN problem"
Next in thread: samir_at_eyetap.org: "Re: [Users] yup ! another win2k freeS/WAN problem"
Reply: samir_at_eyetap.org: "Re: [Users] yup ! another win2k freeS/WAN problem"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.3 : Mon Jul 29 2002 - 05:20:20 CEST