hali! A celom, hogy egy VPN szerverhez tudjanak kapcsolodni a roadwarrior kliensek ipsec-en keresztul. Egyelore windowsok, de kesobb egyeb OS-ek (soho zyxel routerek). Ez alapjan probalkoztam: http://www.howtoforge.com/racoon_roadwarrior_vpn
Linuxos kliensem sajnos nincs, azzal nem tudom tesztelni. A windowsos letoltheto kliens egy kicsit mar mas, de megprobaltam hasonlora beallitani, mint ami itt szerepel, de nem mukodik. A linux-on ez van a logban, nem tul bobeszedu: Sep 17 20:17:57 vpn racoon: INFO: respond new phase 1 negotiation: x.x.x.x[500]<=>y.y.y.y[62635] Sep 17 20:17:57 vpn racoon: INFO: begin Aggressive mode. Sep 17 20:17:57 vpn racoon: INFO: received Vendor ID: draft-ietf-ipsra-isakmp-xauth-06.txt Sep 17 20:17:57 vpn racoon: INFO: received Vendor ID: draft-ietf-ipsec-nat-t-ike-00 Sep 17 20:17:57 vpn racoon: INFO: received Vendor ID: draft-ietf-ipsec-nat-t-ike-01 Sep 17 20:17:57 vpn racoon: INFO: received Vendor ID: draft-ietf-ipsec-nat-t-ike-02 Sep 17 20:17:57 vpn racoon: INFO: received Vendor ID: draft-ietf-ipsec-nat-t-ike-03 Sep 17 20:17:57 vpn racoon: INFO: received Vendor ID: RFC 3947 Sep 17 20:17:57 vpn racoon: INFO: received broken Microsoft ID: FRAGMENTATION Sep 17 20:17:57 vpn racoon: INFO: received Vendor ID: DPD Sep 17 20:17:57 vpn racoon: INFO: received Vendor ID: CISCO-UNITY Sep 17 20:18:32 vpn racoon: ERROR: phase1 negotiation failed due to time up. bbda92525c4d15fd:fe1eedf5ad2bd98b Sep 17 20:18:57 vpn racoon: ERROR: phase1 negotiation failed due to time up. 340af47a86205990:3388ceda4d3a1923 Mit szurok el, vagy mit kellene csinalni? Csinalta mar vki sikeresebben? Esetleg ha ezzel nem, openswannal? Ubuntu 8.04 Koszi, tompos racoon.conf: path certificate "/etc/openvpn/keys"; listen { adminsock disabled; } remote anonymous { exchange_mode aggressive,main; certificate_type x509 "server.crt" "server.key"; #claiming the options requested by other peer proposal_check claim; generate_policy on; verify_cert off; nat_traversal off; dpd_delay 20; ike_frag on; proposal { encryption_algorithm aes; hash_algorithm md5; authentication_method hybrid_rsa_server; dh_group 2; } } mode_cfg { network4 172.16.0.10; pool_size 20; netmask4 255.255.255.0; auth_source system; conf_source local; dns4 172.16.0.1; wins4 172.16.0.1; banner "/etc/racoon/motd"; } sainfo anonymous { pfs_group 2; lifetime time 1 hour; encryption_algorithm aes; authentication_algorithm hmac_md5; compression_algorithm deflate; } _________________________________________________ linux lista - linux@mlf.linux.rulez.org http://mlf2.linux.rulez.org/mailman/listinfo/linux