From: Henning Holtschneider (hh_at_loca.net)
Date: Tue Dec 24 2002 - 15:01:56 CET
Am Don, 2002-12-19 um 10.18 schrieb Grallert Stephan:
> So am I! X1200 works perfectly with Freeswan.
Agreed. I haven't used a X1200 myself with Freeswan yet but I know a
couple of people who have. With the most recent software version (V.6.2
Rev. 5 (Patch 1) IPSec V. 2.1.1 from 2002/10/17 00:00:00) it even works
without having to set parameters through the SNMP shell!
> I had the key and the certificate request created in the Bintec and then signed it on my freeswan box.
> Afterwards imported it into the bintec. Works perfectly.
> You have to check two things:
> 1. Check the system date and time in the bintec and on your freeswan box!!!!
I couldn't agree more on this ;-)))
> 2. You might have to mark the certs, peer, own and ca in the bintec as trusted. Best done with Configuration Manager!
Everything should work fine if you mark the CA cert as trusted. If
that's not sufficient, something might be wrong with your certification
chain.
> 3. I had less problems, when I created the certificate requests with subjects in the following style:
> C=.., ST=.., O=.., OU=.., CN=.. (nothing more!)
That's right. Other subjects or strange alternate names seem to confuse
the Bintec IPsec software.
Regards,
<-gninneH<-
-- __ _ __ __ Henning Holtschneider / / ___ _______ _/ |/ /__ / /_ <henning_at_loca.net> / /__/ _ \/ __/ _ `/ / -_) __/ /____/\___/\__/\_,_/_/|_/\__/\__/ ...net happens! _______________________________________________ Users mailing list Users_at_lists.freeswan.org http://lists.freeswan.org/mailman/listinfo/users
This archive was generated by hypermail 2.1.5 : Wed Dec 25 2002 - 05:21:08 CET