Ravno danes zjutraj sem naletel na OpenSwan in se lotil povezave z M0n0wall-om. Nekje se zatika saj vedno ob zagonu povezave dobim tole:
117 "atl" #1591: STATE_QUICK_I1: initiate 010 "atl" #1591: STATE_QUICK_I1: retransmission; will wait 20s for response V logu na m0n0wall-u dobim tole: # racoon: INFO: respond new phase 2 negotiation: 193.77.126.xxx[0]<=>84.255.243.xxx[0] # racoon: ERROR: failed to get sainfo. # racoon: ERROR: failed to get sainfo. # racoon: ERROR: failed to pre-process packet. V /var/log/secure pa tole: Nov 4 18:57:12 maja pluto[3091]: "atl" #1639: starting keying attempt 158 of an unlimited number Nov 4 18:57:12 maja pluto[3091]: "atl" #1650: initiating Quick Mode PSK+ENCRYPT+TUNNEL+PFS+UP to replace #1639 {using isakmp#1560} Nov 4 18:57:15 maja pluto[3091]: "atl" #1640: max number of retransmissions (2) reached STATE_QUICK_I1. No acceptable response to our first Quick Mode message: perhaps peer likes no proposal Moj ipsec.conf izgleda takole: # basic configuration config setup include /etc/ipsec.d/*.conf conn atl auth=esp authby=secret auto=start esp=3des-md5-1024 pfs=yes ike=3des-md5-1024 ikelifetime=3600s keylife=3600s left=84.255.243.xxx leftid=84.255.243.xxx leftsubnet=192.168.1.0/24 right=193.77.126.xxx rightid=193.77.126.xxx rightsubnet=192.168.0.0/24 type=tunnel Je nekaj v zvezi z racoon-om? Hvala. -- Klemen Humerca -----e-mail&web--------- [EMAIL PROTECTED] forum.humerca.com ------------------------ Jernej Simončič wrote: > On Sunday, November 4, 2007, 13:12:05, Uroą Golja wrote: > > >> Dobra novica je, da lahko na Fedoro najbrľ naąraufaą paketa racoon in >> ipsec-tools (ali nekaj podobnega, potrebjeą le orodje setkey) in s tem >> zvrtaą tunel do oddaljenega m0n0walla. Najbrľ boą imel več teľav na >> strani Fedore; na njej moraą v grobem narediti naslednje: >> > > Jaz imam vzpostavljen IPsec tunel med pfSensom (derivat m0n0walla, > http://www.pfsense.org/) in Debianom, kjer na Debianu uporabljam jedro > 2.6.18 in Openswan <http://www.openswan.org/>. Ima pa pfSense tudi > podporo za OpenVPN, vendar ga nisem uporabljal. > > _______________________________________________ lugos-list mailing list lugos-list@lugos.si http://liste2.lugos.si/cgi-bin/mailman/listinfo/lugos-list