From: af15_at_gmx.de
Date: Mon Aug 26 2002 - 12:12:00 CEST
Hi,
I get the error message "encrypted Informational Exchange message is invalid
because it is for incomplete ISAKMP SA" after ping from Win2k (roadrunner).
Linux computer: FreeS/WAN 1.9.7 including X.509 patch (Version 0.9.13), IP
192.168.1.4, certificate: host.com.pem
Win2k computer: installed strong encryption patch, IP 192.168.1.5,
certificate: win.com.p12
The network is realized with WLAN AccessPoint on Linux computer and
WLAN-card on Win2k:
Linux (192.168.1.4) ===cable=== AP (192.168.0.4) ---WLAN--- Win2000
(192.168.1.5)
I used the installation instructions from Nate Carlson.
With IPSec and preshared keys I can open a connection.
ipsec.conf on Linux computer:
config setup
interfaces="ipsec0=eth0"
klipsdebug=all
plutodebug=all
plutoload=%search
plutostart=%search
uniqueids=yes
conn %default
keyingtries=0
compress=yes
disablearrivalcheck=no
authby=rsasig
leftrsasigkey=%cert
rightrsasigkey=%cert
conn win
left=192.168.1.4
right=192.168.1.5
rightid="C=DE, ST=BW, L=Boeblingen, O=ATC, OU=WLAN, CN=win,
Email=win_at_atc-gmbh.com"
type=transport
pfs=yes
#auth=esp
#authby=secret
auto=add
ipsec.secrets on Linux computer:
: RSA host.com.key "[password for certificate]"
The complete output from 'ipsec barf' is attached.
Any ideas?
Andre
-- GMX - Die Kommunikationsplattform im Internet. http://www.gmx.net
_______________________________________________ Users mailing list Users_at_lists.freeswan.org http://lists.freeswan.org/mailman/listinfo/users
This archive was generated by hypermail 2.1.4 : Mon Aug 26 2002 - 17:19:49 CEST