On Wed, 2002-08-14 at 16:59, Jeff Lush wrote: > Hello all, > > I'm using the bering 1.0rc3 release and am attempting to setup freeswan 1.97 > ipsec on the firewall. I've closely followed the howto at > http://leaf.sourceforge.net/devel/jnilo/buipsec.html as well as studied > various documentation such as man pages etc. I believe I've setup everything > correctly, but cannot seem to connect from various ipsec clients. I'm trying > both the ssh sentianl client as well as a linksys ipsec vpn appliance, but > I've had no luck. The only error that shows up during startup is the error > regarding rp_filter being set to 1. I did as the documentation outlined and > set spoofprotect to no in the options file, but the error still comes up. > > Any ideas would be appreciated. > > Thanks, > > -Jeff Lush > > I'd be happy to provide whatever documentation is requested. Here is a bit > of a dump from ipsec barf. It details the connection info from the linksys > appliance: > > -- > Aug 13 16:13:29 firewall Pluto[19365]: "roadwarrior" 207.216.146.129 #4: > ignoring Delete SA payload Aug 13 16:13:29 firewall Pluto[19365]: > "roadwarrior" 207.216.146.129 #4: received and ignored informational message > Aug 13 16:13:39 firewall Pluto[19365]: "roadwarrior" 207.216.146.129 #5: > responding to Main Mode from unknown peer 207.216.146.129 > Aug 13 16:13:39 firewall Pluto[19365]: "roadwarrior" 207.216.146.129 #5: > OAKLEY_DES_CBC is not supported. Attribute OAKLEY_ENCRYPTION_ALGORITHM > Aug 13 16:13:39 firewall Pluto[19365]: "roadwarrior" 207.216.146.129 #5: > OAKLEY_DES_CBC is not supported. Attribute OAKLEY_ENCRYPTION_ALGORITHM > Aug 13 16:13:40 firewall Pluto[19365]: "roadwarrior" 207.216.146.129 #5: > Peer ID is ID_IPV4_ADDR: '207.216.146.129' > Aug 13 16:13:40 firewall Pluto[19365]: "roadwarrior" 207.216.146.129 #5: > sent MR3, ISAKMP SA established > Aug 13 16:13:40 firewall Pluto[19365]: "roadwarrior" 207.216.146.129 #5: ID > type of ISAKMP Identification Payload (IPsec DOI) has an unknown value: 0 > Aug 13 16:13:40 firewall Pluto[19365]: "roadwarrior" 207.216.146.129 #5: > malformed payload in packet Aug 13 16:16:09 firewall Pluto[19365]: > "roadwarrior" 207.216.146.129 #6: responding to Main Mode from unknown peer > 207.216.146.129 Aug 13 16:16:09 firewall Pluto[19365]: "roadwarrior" > 207.216.146.129 #6: OAKLEY_DES_CBC is not supported. Attribute > OAKLEY_ENCRYPTION_ALGORITHM
I don't think DES is support with FreeS/Wan, only 3DES. Stephen ------------------------------------------------------- This sf.net email is sponsored by: Dice - The leading online job board for high-tech professionals. Search and apply for tech jobs today! http://seeker.dice.com/seeker.epl?rel_code=31 ------------------------------------------------------------------------ leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
