From: Jarek Karpiel (karpiel_at_init.com.pl)
Date: Wed Oct 30 2002 - 13:29:30 CET
SPAM: -------------------- Start SpamAssassin results ----------------------
SPAM: This mail is probably spam. The original message has been altered
SPAM: so you can recognise or block similar unwanted mail in future.
SPAM: See http://spamassassin.org/tag/ for more details.
SPAM:
SPAM: Content analysis details: (9.30 hits, 5 required)
SPAM: USER_AGENT_OUTLOOK (-0.0 points) X-Mailer header indicates a non-spam MUA (Outlook)
SPAM: SPAM_PHRASE_00_01 (0.8 points) BODY: Spam phrases score is 00 to 01 (low)
SPAM: [score: 0]
SPAM: KNOWN_MAILING_LIST (-0.1 points) Email came from some known mailing list software
SPAM: RCVD_IN_DSBL (3.2 points) RBL: Received via a relay in list.dsbl.org
SPAM: [RBL check: found 97.88.186.213.list.dsbl.org]
SPAM: RCVD_IN_OSIRUSOFT_COM (0.4 points) RBL: Received via a relay in relays.osirusoft.com
SPAM: [RBL check: found 97.88.186.213.relays.osirusoft.com.]
SPAM: RCVD_IN_RFCI (2.3 points) RBL: Received via a relay in ipwhois.rfc-ignorant.org
SPAM: [RBL check: found 97.88.186.213.ipwhois.rfc-ignorant.org., type: 127.0.0.6]
SPAM: X_OSIRU_OPEN_RELAY (2.7 points) RBL: DNSBL: sender is Confirmed Open Relay
SPAM:
SPAM: -------------------- End of SpamAssassin results ---------------------
Hello all,
I'm having troubles with getting connected to Sonicwall XPRS2 from my
FreeSWAN 1.98b / RH 7.2. I get following log:
002 "G-W" #2: initiating Main Mode
104 "G-W" #2: STATE_MAIN_I1: initiate
106 "G-W" #2: STATE_MAIN_I2: sent MI2, expecting MR2
003 "G-W" #2: ignoring Vendor ID payload
003 "G-W" #2: ignoring Vendor ID payload
108 "G-W" #2: STATE_MAIN_I3: sent MI3, expecting MR3
003 "G-W" #2: encrypted Informational Exchange message is invalid because it
i
s for incomplete ISAKMP SA
Here is my ipsec.conf
basic configuration
config setup
# THIS SETTING MUST BE CORRECT or almost nothing will work;
# %defaultroute is okay for most simple cases.
interfaces=%defaultroute
# Debug-logging controls: "none" for (almost) none, "all" for lots.
klipsdebug=all
plutodebug=all
# Use auto= parameters in conn descriptions to control startup
actions.
plutoload=%search
plutostart=%search
# Close down old connection when new one using same ID shows up.
uniqueids=yes
# defaults for subsequent connection descriptions
# (these defaults will soon go away)
conn %default
keyingtries=0
disablearrivalcheck=no
#authby=rsasig
#leftrsasigkey=%dnsondemand
#rightrsasigkey=%dnsondemand
# connection description for opportunistic encryption
# (requires KEY record in your DNS reverse map; see doc/opportunism.howto)
conn me-to-anyone
left=%defaultroute
right=%opportunistic
keylife=1h
rekey=no
# for initiator only OE, uncomment and uncomment this
# after putting your key in your forward map
#leftid=@myhostname.example.com
# uncomment this next line to enable it
#auto=route
# sample VPN connection
conn G-W
# Left security gateway, subnet behind it, next hop toward right.
left=x.x.x.99
leftsubnet=172.16.150.0/24
leftnexthop=x.x.x.102
#leftfirewall=yes
# Right security gateway, subnet behind it, next hop toward left.
rightid=0040200RT0D4
right=y.y.y.253
rightsubnet=10.19.1.0/24
rightnexthop=y.y.y.250
rightfirewall=yes
# To authorize this connection, but not actually start it, at
startup,
# uncomment this.
#keyexchange=ike
#compress=yes
#keyingtries=3
authby=secret
auth=esp
esp=3des-hmac-md5
#type=tunnel
#ikelifetime=8h
#keylife=8h
pfs=no
auto=add
As far as the Sonicwall is concerned I don't have access to it, but Admin
set up the connection for me. He receives following logs on Sonicwall:
2002/10/29 04:10:28.768 - IKE Responder: No response - remote
party timeout or SA mis-match - Source:x.x.x.99, 500 -
Destination:y.y.y.253, 500 - -
Help me,
Greets,
Ketch
_______________________________________________
Users mailing list
Users_at_lists.freeswan.org
http://lists.freeswan.org/mailman/listinfo/users
This archive was generated by hypermail 2.1.5 : Thu Oct 31 2002 - 05:20:35 CET