Hallo LEAF World! Season's greeting to all LEAF users & developers.
I'm trying to get a Roadwarrior VPN system running with my lEAF uClibc2.0 Box. I'm following the Freeswan document from Nate Carlson, which uses the IPSEC.EXE utility from Marcus Müller (e.bootis VPN). All daemons well-fed, reporting no errors. (IPSEC, PLUTO, WHACK, KLIPS etc.). So far I have all certificates generated (from openssl CA on the LEAF box) and installed. I make a dial-up modem connection from XP and ping my firewall dyndns address firewall is on flat-rate ADSL). Using TCPDUMP on the LEAF Box ppp0 interface (MS boxes can't capture WAN connections under Ethereal sadly), I see 7 ISAKMP packets exchanged. 1. Proposal from XP 2. Proposal from LEAF 3. Key & nonce exchange from XP 4. Key & nonce excahnge + certificate request from LEAF 5. Informational packet (56 Byres encrypted) from XP 6. Repeat of 4 7. Repeat of 4 The LEAF auth.log shows the problem, but I can't see a solution. it seems clearly to lie with the XP box configuration. LEAF auth.log (brandmauer is the name of the LEAF box): =============================================== Jan 2 11:24:53 brandmauer pluto[16478]: packet from 213.6.55.126:500: ignoring Vendor ID payload [MS NT5 ISAKMPOAKLEY 00000003] Jan 2 11:24:53 brandmauer pluto[16478]: "roadwarrior-net"[2] 213.6.55.126 #2: responding to Main Mode from unknown peer 213.6.55.126 Jan 2 11:24:54 brandmauer pluto[16478]: "roadwarrior-net"[2] 213.6.55.126 #2: encrypted Informational Exchange message is invalid because it is for incomplete ISAKMP SA =============================================== I have the feeling it lies with the ipsec.conf information for the e.bootis VPN (ipsec.exe) system. Has anyone experienced similar problems ? Robert von Knobloch ------------------------------------------------------- This SF.net email is sponsored by: IBM Linux Tutorials. Become an expert in LINUX or just sharpen your skills. Sign up for IBM's Free Linux Tutorials. Learn everything from the bash shell to sys admin. Click now! http://ads.osdn.com/?ad_id=1278&alloc_id=3371&op=click ------------------------------------------------------------------------ leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
