From: Andreas Steffen (andreas.steffen_at_strongsec.net)
Date: Sun Sep 29 2002 - 01:05:47 CEST
You most probably have version 0.9.9 of the X.509 patch for freeswan-1.96.
You must upgrade to a least version 0.9.12 which introduced the new
configuration parameter
nocrsend=yes
in the setup section of ipsec.conf. This parameter suppresses the
sending of certificate request on which standard FreeS/WAN used to choke.
Regards
Andreas
Doug Leece wrote:
> Hi all,
>
> I have never seen this explicitly defined so I am hoping someone in the
> group can confirm the results I am getting are normal. Is it possible to
> have connections secured by x509 certificates and other connections
> secured with RSA. Currently every time I add the X509 certificates the
> tunnels that were working fine with RSA only now fail to create an SA. I
> am running 1.96 on both ends of the tunnels, trying to get Win2k boxes
> to connect in as road warriors with x509 authentiation.
>
> If someone has this working not only am I impressed I would like to see
> how you built your ipsec.conf file and would also like to know what
> version of Freeswan and 509 patch did the trick.
>
> Thanks in advance
>
> Doug Leece
> _______________________________________________
> Users mailing list
> Users_at_lists.freeswan.org
> http://lists.freeswan.org/mailman/listinfo/users
-- ====================================================================== Andreas Steffen e-mail: andreas.steffen_at_strongsec.com strongSec GmbH phone: +41 76 340 25 56 Alter Zürichweg 20 home: http://www.strongsec.com CH-8952 Schlieren (Switzerland) ==========================================[strong internet security]== _______________________________________________ Users mailing list Users_at_lists.freeswan.org http://lists.freeswan.org/mailman/listinfo/users
This archive was generated by hypermail 2.1.5 : Sun Sep 29 2002 - 05:20:17 CEST