From: madtv_at_gmx.de
Date: Thu Oct 31 2002 - 14:30:11 CET
> Hallo (sorry)!
>
> I try to connect with this
>
> right side 10.20.5.128
> a pc with
> redhat 7.3
> freeswan 1.98b
> x509 certificat
>
> left side 10.20.5.13
> windows
> sentinel 1.4
>
> When I try to connect from sentinel to freeswan i became an error messages
> !
> I think my certificats are all right ! Where is the problem ?
>
> Many thanks for your helps !
>
> ipsec.conf
>
> config setup
> # THIS SETTING MUST BE CORRECT or almost nothing will work;
> # %defaultroute is okay for most simple cases.
> interfaces=%defaultroute
> # Debug-logging controls: "none" for (almost) none, "all" for
> lots.
> klipsdebug=none
> plutodebug=all
> # Use auto= parameters in conn descriptions to control startup
> actions.
> plutoload=%search
> plutostart=%search
> # Close down old connection when new one using same ID shows up.
> uniqueids=yes
>
>
>
> # defaults for subsequent connection descriptions
> # (these defaults will soon go away)
> conn %default
> authby=rsasig
> compress=no
> pfs=yes
> rightrsasigkey=%cert
> leftrsasigkey=%cert
> left=%defaultroute
> leftsubnet=10.40.1.0/24
>
> # connecrt=freei description for opportunistic encryption
> # (requires KEY record in your DNS reverse map; see doc/opportunism.howto)
> conn roadwarrior
> right=%any
> auto=add
> # left=%defaultroute
> # leftsubnet=10.04.1.0/24
> # right=%any
> # auto=add
> # keyingtries=1
>
> conn sentinel
> right=%any
> rightid="C=DE, O=MOD, CN=sentinel/pc933"
> auto=add
>
>
>
> var/log/secure
>
> Oct 31 12:48:11 localhost pluto[2773]: | 51 e5 3c 93 cb 2a 00 00 01 16
> 4e 67
> 73 65 0a 26
> Oct 31 12:48:11 localhost pluto[2773]: | f4 ab 77 19 3d 09 91 17 66 0b
> 19 26
> c3 79 64 f6
> Oct 31 12:48:11 localhost pluto[2773]: | b1 c5 93 28 b2 f7 bf 17 c3 8d
> 88 be
> e9 0d 24 9d
> Oct 31 12:48:11 localhost pluto[2773]: | bd f0 a6 4a 12 d6 5d 74 0e 74
> f2 b6
> 47 e9 94 33
> Oct 31 12:48:11 localhost pluto[2773]: | 05 10 46 69 a2 c3 00 a0 33 39
> b3 eb
> d6 1b 19 4b
> Oct 31 12:48:11 localhost pluto[2773]: | 07 9a 4b 6b 80 41 80 b8 c3 a4
> af a9
> 0c 57 65 3e
> Oct 31 12:48:11 localhost pluto[2773]: | 2c 6f 8f c5 1a c7 14 c9 87 51
> 08 ea
> 52 db ab 09
> Oct 31 12:48:11 localhost pluto[2773]: | 13 b4 82 5f dc ee c0 0e 0d 24
> a9 35
> 9d 98 07 81
> Oct 31 12:48:11 localhost pluto[2773]: | 1e b0 09 3f 10 07 75 95 b9 b2
> 8d c6
> 3e 55 96 c0
> Oct 31 12:48:11 localhost pluto[2773]: | 82 53 c1 7a 06 60 75 cb f2 4b
> 93 e2
> e5 99 70 bd
> Oct 31 12:48:11 localhost pluto[2773]: | 55 6e e2 51 4a 61 d7 63 3b a0
> 8f 92
> 84 0b 70 32
> Oct 31 12:48:11 localhost pluto[2773]: | be ce 23 b2 12 5a c0 8c 8c d4
> 2a ce
> 54 35 57 13
> Oct 31 12:48:11 localhost pluto[2773]: | d4 a1 b8 7f 0b d2 8f 91 cb d6
> 25 85
> 1f a3 19 63
> Oct 31 12:48:11 localhost pluto[2773]: | d1 50 7a 4d 6b 8c 1d 52 a7 b3
> 76 e5
> 9b 2f f0 ba
> Oct 31 12:48:11 localhost pluto[2773]: | 41 3b 07 8a 67 72 bc e8 76 83
> 5c 87
> 93 9e 91 ac
> Oct 31 12:48:11 localhost pluto[2773]: | 3f 14 5a ad f1 3a 33 a6 b6 3e
> ec 80
> ad a6 58 00
> Oct 31 12:48:11 localhost pluto[2773]: | 7b 31 7c 5f 4b a2 35 95 3d c0
> e3 d6
> 98 e7 6a 4d
> Oct 31 12:48:11 localhost pluto[2773]: | c3 35 8f f8 ad 95 18 75 40 a3
> 76 76
> Oct 31 12:48:11 localhost pluto[2773]: | emitting 4 zero bytes of
> encryption
> pad
> ding into ISAKMP Message
> Oct 31 12:48:11 localhost pluto[2773]: | encrypting using OAKLEY_3DES_CBC
> Oct 31 12:48:11 localhost pluto[2773]: | next IV: dd 4d 0e 2a fa a7 15
> 5a
> Oct 31 12:48:11 localhost pluto[2773]: | emitting length of ISAKMP
> Message:
> 1052
> Oct 31 12:48:11 localhost pluto[2773]: | last encrypted block of Phase 1:
> Oct 31 12:48:11 localhost pluto[2773]: | dd 4d 0e 2a fa a7 15 5a
> Oct 31 12:48:11 localhost pluto[2773]: | sending 1052 bytes for
> STATE_MAIN_R2 th
> rough eth0 to 10.20.5.113:500:
> Oct 31 12:48:11 localhost pluto[2773]: | 62 29 14 95 88 00 00 0f 85 72
> 09 e4
> b1 06 e9 bc
> Oct 31 12:48:11 localhost pluto[2773]: | 05 10 02 01 00 00 00 00 00 00
> 04 1c
> 3c 12 02 e9
> Oct 31 12:48:11 localhost pluto[2773]: | ea 81 58 00 1a aa 5e 79 f5 96
> b4 dc
> cf 19 d3 c4
> Oct 31 12:48:11 localhost pluto[2773]: | c2 97 2a 63 96 43 c0 43 d2 47
> 36 3e
> 6b d5 99 9a
> Oct 31 12:48:11 localhost pluto[2773]: | 88 4b 6d 3a 21 7c 6c 9f 28 55
> bf ac
> 70 fa 25 f0
> Oct 31 12:48:11 localhost pluto[2773]: | 3a b7 f2 3e 1f d3 d3 d2 6f 44
> 45 b4
> e5 9c 5e c7
> Oct 31 12:48:11 localhost pluto[2773]: | 33 b2 89 7c a2 df cf 09 f4 63
> cd 75
> 1b af 97 27
> Oct 31 12:48:11 localhost pluto[2773]: | 4b 8c f3 e7 62 4b 75 01 5c 54
> 23 aa
> 3e 88 69 13
> Oct 31 12:48:11 localhost pluto[2773]: | af 05 a6 46 df 69 be fa 61 1b
> 25 ec
> 36 b2 18 b5
> Oct 31 12:48:11 localhost pluto[2773]: | e7 32 47 26 a2 0d 9f 86 59 2d
> 7b e0
> 18 88 91 06
> Oct 31 12:48:11 localhost pluto[2773]: | 69 0a e7 c2 40 15 39 6a 32 95
> a8 92
> 8a 47 d1 42
> Oct 31 12:48:11 localhost pluto[2773]: | cf dc 43 f8 4e 79 be 8b a0 3d
> 8d 8d
> 8d f2 8a a5
> Oct 31 12:48:11 localhost pluto[2773]: | 59 94 91 8f 63 e8 30 ca db 1d
> 9d 5a
> 85 6b e9 ea
> Oct 31 12:48:11 localhost pluto[2773]: | 3f c3 97 38 ad a1 8b f1 87 b8
> 13 46
> 8a 90 5b f1
> Oct 31 12:48:11 localhost pluto[2773]: | d7 f0 53 26 72 23 f4 19 98 80
> 69 e7
> 99 b9 36 55
> Oct 31 12:48:11 localhost pluto[2773]: | 32 15 ce 0e 38 bf 53 e1 4a ea
> 58 2e
> 7b d6 12 64
> Oct 31 12:48:11 localhost pluto[2773]: | 74 97 0f 37 c9 ea c5 eb 92 22
> 2b ac
> f6 bd 4d ec
> Oct 31 12:48:11 localhost pluto[2773]: | a0 69 34 d1 77 8a fb ef de 5e
> d8 63
> 0d 92 b5 5f
> Oct 31 12:48:11 localhost pluto[2773]: | 5b 72 c1 a3 b9 38 11 e5 d0 78
> 87 9f
> 66 58 dd ad
> Oct 31 12:48:11 localhost pluto[2773]: | 10 a1 0c 65 6d 10 c7 dc 21 68
> 86 f0
> 70 ee ca d9
> Oct 31 12:48:11 localhost pluto[2773]: | 81 32 7d 02 ea 88 d6 2d 4e 63
> 99 2a
> ab 8c 3f ad
> Oct 31 12:48:11 localhost pluto[2773]: | da a3 6f 48 eb 98 3a 7a 9c 99
> a5 f1
> a4 22 ad 7c
> Oct 31 12:48:11 localhost pluto[2773]: | 69 57 e5 90 bf a6 6e 19 67 e3
> 6b 22
> ce 4c 39 dd
> Oct 31 12:48:11 localhost pluto[2773]: | be c3 7f d7 28 a2 57 73 12 51
> 75 df
> b0 43 2d a6
> Oct 31 12:48:11 localhost pluto[2773]: | 9a fd 59 49 90 a4 9b 32 ed 4c
> e2 d6
> 72 19 ed 0f
> Oct 31 12:48:11 localhost pluto[2773]: | 61 43 e9 6e 31 66 37 ff 99 67
> 92 67
> 4c cb 4d b8
> Oct 31 12:48:11 localhost pluto[2773]: | 84 2b 1e 91 55 67 42 d6 cd fd
> a7 6b
> 51 14 8e f4
> Oct 31 12:48:11 localhost pluto[2773]: | e2 e3 08 03 01 fa 5f cb 65 54
> 65 7f
> 8c b4 8f e4
> Oct 31 12:48:11 localhost pluto[2773]: | ec 41 99 16 42 c3 53 55 3c 75
> 25 0d
> 32 cf 05 dc
> Oct 31 12:48:11 localhost pluto[2773]: | 0c 64 44 d0 94 67 e7 09 a2 3d
> cb 7d
> df 44 81 3b
> Oct 31 12:48:11 localhost pluto[2773]: | 60 fd 66 96 bd 6d 70 aa 8c 2d
> d2 27
> e0 7e ba 4f
> Oct 31 12:48:11 localhost pluto[2773]: | 3b 47 e7 9e 8a cd 54 75 af 84
> 3c 50
> c8 bc 4d a1
> Oct 31 12:48:11 localhost pluto[2773]: | 68 58 3c 41 8b d1 02 99 85 6e
> 8e 65
> 08 6a 0a 13
> Oct 31 12:48:11 localhost pluto[2773]: | 11 ef 85 fd b6 bd 97 ac 07 b3
> c5 79
> 46 00 34 22
> Oct 31 12:48:11 localhost pluto[2773]: | f3 4f ae 20 3e 2e 76 60 ad c6
> 14 1d
> 37 84 1c 3a
> Oct 31 12:48:11 localhost pluto[2773]: | 18 b2 ba 44 4f 54 90 89 d6 ee
> 63 ad
> af ba 16 53
> Oct 31 12:48:11 localhost pluto[2773]: | 90 98 36 a6 7e e6 e2 23 58 7e
> 61 63
> 32 0e f0 87
> Oct 31 12:48:11 localhost pluto[2773]: | 4c 3a b1 70 5a f1 83 0a 1b f4
> c2 28
> b0 a6 dc 4e
> Oct 31 12:48:11 localhost pluto[2773]: | 40 82 22 da 57 64 a9 1f 93 28
> 58 cb
> 03 a7 5a ee
> Oct 31 12:48:11 localhost pluto[2773]: | 8b b3 74 f5 7b 12 66 59 81 16
> f4 a8
> 31 1c f4 cb
> Oct 31 12:48:11 localhost pluto[2773]: | a0 8e 1b 26 b3 f0 26 44 13 0d
> ad 06
> c9 1d 47 e8
> Oct 31 12:48:11 localhost pluto[2773]: | db 2b b7 5e 35 37 ac 3e 00 cf
> dd ca
> 56 48 6e f9
> Oct 31 12:48:11 localhost pluto[2773]: | f2 d9 6c 89 38 85 65 f3 59 c5
> c9 5d
> fd 83 a8 2e
> Oct 31 12:48:11 localhost pluto[2773]: | 31 84 ac 27 ee 8e cd 4e cf 8d
> b7 7a
> e1 7f bd cb
> Oct 31 12:48:11 localhost pluto[2773]: | 7c 60 53 98 f8 38 7e cc a9 6d
> 3d 77
> 58 39 6e 52
> Oct 31 12:48:11 localhost pluto[2773]: | cc 18 49 44 d9 f8 77 ac eb e4
> ff 42
> 44 9a d9 6d
> Oct 31 12:48:11 localhost pluto[2773]: | aa 89 93 70 93 02 e1 86 77 ad
> 0f 49
> d6 0e 75 83
> Oct 31 12:48:11 localhost pluto[2773]: | 55 d6 15 72 ac b7 18 40 e5 a9
> d4 0b
> 10 bf 34 be
> Oct 31 12:48:11 localhost pluto[2773]: | a1 52 84 78 1f 8a d6 b4 d0 25
> 8b 13
> 8e 03 06 15
> Oct 31 12:48:11 localhost pluto[2773]: | 3a c6 d5 6d 35 0e 55 6c 8c 6f
> 22 22
> fd 9c d2 26
> Oct 31 12:48:11 localhost pluto[2773]: | 9f df d3 ec 3c b3 ba 03 19 97
> 91 06
> bc ea 4d 27
> Oct 31 12:48:11 localhost pluto[2773]: | 6d b3 54 d0 65 f0 30 f9 16 2a
> 77 06
> 12 b4 75 66
> Oct 31 12:48:11 localhost pluto[2773]: | 01 b4 5a 03 2f a1 dc 78 35 94
> 93 e0
> 68 02 f5 4f
> Oct 31 12:48:11 localhost pluto[2773]: | e4 3e c2 2c 07 48 50 9f 1c 4b
> 1c 24
> 77 2e 97 4f
> Oct 31 12:48:11 localhost pluto[2773]: | 8c bc ec 9e 0d 88 da 02 80 ab
> ab 62
> be 12 05 fb
> Oct 31 12:48:11 localhost pluto[2773]: | 81 43 18 72 a5 5d d4 a1 45 34
> 6a 0f
> 06 11 56 47
> Oct 31 12:48:11 localhost pluto[2773]: | b9 0d 1c 24 45 f3 33 51 38 0c
> 5e 0c
> 4c e9 7a 86
> Oct 31 12:48:11 localhost pluto[2773]: | 3d 84 5b 24 9c 34 56 1e 5a f9
> fc 29
> ef 31 83 56
> Oct 31 12:48:11 localhost pluto[2773]: | a9 7b 2b 92 e5 08 ef 6d 36 1c
> d4 dc
> 49 7a c4 21
> Oct 31 12:48:11 localhost pluto[2773]: | a0 e7 9a 6c 85 0b 1c 4e f4 7e
> fc a8
> 0e f3 d7 39
> Oct 31 12:48:11 localhost pluto[2773]: | 85 c9 d9 40 c5 3f ef ed e4 ee
> e4 94
> f8 03 b2 06
> Oct 31 12:48:11 localhost pluto[2773]: | 5f a4 d5 16 72 97 fe d2 aa d1
> 66 57
> 6e d6 75 ef
> Oct 31 12:48:11 localhost pluto[2773]: | 2d 89 e1 c3 63 3f 61 5d 23 1d
> af df
> 27 a8 a6 55
> Oct 31 12:48:11 localhost pluto[2773]: | 40 e8 e4 16 07 ab 67 2c ab 8b
> 08 0a
> aa e2 ff 8c
> Oct 31 12:48:11 localhost pluto[2773]: | 71 b0 d9 0f 67 6e 9b 66 90 a8
> d2 08
> 15 0d 9e dd
> Oct 31 12:48:11 localhost pluto[2773]: | 28 4a 08 ad dd 4d 0e 2a fa a7
> 15 5a
> Oct 31 12:48:11 localhost pluto[2773]: | inserting event EVENT_SA_REPLACE,
> timeo
> ut in 3330 seconds for #1
> Oct 31 12:48:11 localhost pluto[2773]: "roadwarrior"[1] 10.20.5.113 #1:
> sent
> MR3
> , ISAKMP SA established
> Oct 31 12:48:11 localhost pluto[2773]: | next event EVENT_SHUNT_SCAN in
> 104
> seco
> nds
> Oct 31 12:48:11 localhost pluto[2773]: |
> Oct 31 12:48:11 localhost pluto[2773]: | *received 372 bytes from
> 10.20.5.113:50
> 0 on eth0
> Oct 31 12:48:11 localhost pluto[2773]: | 62 29 14 95 88 00 00 0f 85 72
> 09 e4
> b1 06 e9 bc
> Oct 31 12:48:11 localhost pluto[2773]: | 0b 10 05 00 95 20 e7 12 00 00
> 01 74
> 00 00 01 58
> Oct 31 12:48:11 localhost pluto[2773]: | 00 00 00 01 01 10 00 19 62 29
> 14 95
> 88 00 00 0f
> Oct 31 12:48:11 localhost pluto[2773]: | 85 72 09 e4 b1 06 e9 bc 80 0c
> 00 01
> 80 03 00 01
> Oct 31 12:48:11 localhost pluto[2773]: | 00 03 01 12 00 00 01 16 00 00
> 00 00
> 00 00 00 00
> Oct 31 12:48:11 localhost pluto[2773]: | 00 00 00 00 00 00 00 00 00 00
> 00 00
> 00 00 00 00
> Oct 31 12:48:11 localhost last message repeated 15 times
> Oct 31 12:48:11 localhost pluto[2773]: | 00 00 00 00 00 00 00 06 00 16
> 53 69
> 67 6e 61 74
> Oct 31 12:48:11 localhost pluto[2773]: | 75 72 65 20 63 68 65 63 6b 20
> 66 61
> 69 6c 65 64
> Oct 31 12:48:11 localhost pluto[2773]: | 80 08 00 00
> Oct 31 12:48:11 localhost pluto[2773]: | **parse ISAKMP Message:
> Oct 31 12:48:11 localhost pluto[2773]: | initiator cookie:
> Oct 31 12:48:11 localhost pluto[2773]: | 62 29 14 95 88 00 00 0f
> Oct 31 12:48:11 localhost pluto[2773]: | responder cookie:
> Oct 31 12:48:11 localhost pluto[2773]: | 85 72 09 e4 b1 06 e9 bc
> Oct 31 12:48:11 localhost pluto[2773]: | next payload type:
> ISAKMP_NEXT_N
> Oct 31 12:48:11 localhost pluto[2773]: | ISAKMP version: ISAKMP Version
> 1.0
> Oct 31 12:48:11 localhost pluto[2773]: | exchange type:
> ISAKMP_XCHG_INFO
> Oct 31 12:48:11 localhost pluto[2773]: | flags: none
> Oct 31 12:48:11 localhost pluto[2773]: | message ID: 95 20 e7 12
> Oct 31 12:48:11 localhost pluto[2773]: | length: 372
> Oct 31 12:48:11 localhost pluto[2773]: | ICOOKIE: 62 29 14 95 88 00 00
> 0f
> Oct 31 12:48:11 localhost pluto[2773]: | RCOOKIE: 85 72 09 e4 b1 06 e9
> bc
> Oct 31 12:48:11 localhost pluto[2773]: | peer: 0a 14 05 71
> Oct 31 12:48:11 localhost pluto[2773]: | state hash entry 15
> Oct 31 12:48:11 localhost pluto[2773]: | state object #1 found, in
> STATE_MAIN_R3
> Oct 31 12:48:11 localhost pluto[2773]: "roadwarrior"[1] 10.20.5.113 #1:
> Informat
> ional Exchange message for an established ISAKMP SA must be encrypted
>
>
>
> [root_at_localhost root]# ipsec auto --listall
> 000
> 000 List of Public Keys:
> 000
> 000
> 000 List of User/Host Certificates:
> 000
> 000
> 000 List of CA Certificates:
> 000
> 000 Oct 31 12:09:56 2002, count: 1
> 000 subject: 'C=DE, L=Einbeck, O=MOD, OU=Hosting,
> CN=rootCA_fuerHosting'
> 000 issuer: 'C=DE, L=Einbeck, O=MOD, OU=Hosting,
> CN=rootCA_fuerHosting'
> 000 pubkey: 2048 RSA Key AwEAAbWeC
> 000 validity: not before Oct 31 09:19:46 2002 ok
> 000 not after Oct 30 09:19:46 2006 ok
> 000
> 000 List of CRLs:
> 000
> 000 Oct 31 12:09:56 2002, revoked certs: 0
> 000 issuer: 'C=DE, L=Einbeck, O=MOD, OU=Hosting,
> CN=rootCA_fuerHosting'
> 000 updates: this Oct 31 09:27:28 2002
> 000 next Nov 30 09:27:28 2002 ok
>
> --
> Markus Mönckemeyer
> Weserbergland
>
> +++ GMX - Mail, Messaging & more http://www.gmx.net +++
> NEU: Mit GMX ins Internet. Rund um die Uhr für 1 ct/ Min. surfen!
>
>
-- Markus Mönckemeyer Weserbergland +++ GMX - Mail, Messaging & more http://www.gmx.net +++ NEU: Mit GMX ins Internet. Rund um die Uhr für 1 ct/ Min. surfen! _______________________________________________ Users mailing list Users_at_lists.freeswan.org http://lists.freeswan.org/mailman/listinfo/users
This archive was generated by hypermail 2.1.5 : Fri Nov 01 2002 - 05:20:36 CET