> I'm now using the plain ipsec.lrp and tried using both PSK then RSA
> keying
> but the problem still lurks.
> Here are the barfs from the two IPSEC machines. I deaply apologize for
> this post.
> But I'm really stumped now. :o(
Well, the log messages on both ends look equally cryptic. In general, I
would say you have a problem with configuration. Since both config
files look OK, this likely means a problem with your public keys listed
in /etc/ipsec.conf and your private key in /etc/ipsec.secrets. Since
both these are getting chomped by ipsec barf, and I'm not sure if the
limited LEAF version properly creates key sums, you need to manually
verify you've actually got the right RSA public keys in your
/etc/ipsec.conf file. At this point, I think that's what's causing you
problems, but I can't be sure. If the LEAF version of barf is really
calculating checksums correctly, you *DO* have a mis-match between your
public keys listed in ipsec.conf and the actual keys in ispec.secrets:
> leftrsasigkey=[sums to 364c...]
> rightrsasigkey=[sums to 1636...]
> : RSA {
> # RSA 1024 bits SR3K-VPN1 Mon Sep 9 10:26:23 2002
> # for signatures only, UNSAFE FOR ENCRYPTION
> #pubkey=[sums to 5154...]
Note...doesn't match either *rsasigkey above.
> : RSA {
> # RSA 1024 bits SR3K-VPN1 Mon Sep 9 10:26:39 2002
> # for signatures only, UNSAFE FOR ENCRYPTION
> #pubkey=[sums to 7a9d...]
And neither does this...
Charles Steinkuehler
http://lrp.steinkuehler.net
http://c0wz.steinkuehler.net (lrp.c0wz.com mirror)
-------------------------------------------------------
This sf.net email is sponsored by:ThinkGeek
Welcome to geek heaven.
http://thinkgeek.com/sf
------------------------------------------------------------------------
leaf-user mailing list: [EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/leaf-user
SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
