On Wed, 2002-08-14 at 16:59, Jeff Lush wrote:
Hello all,
I'm using the bering 1.0rc3 release and am attempting to setup freeswan 1.97
ipsec on the firewall. I've closely followed the howto at
http://leaf.sourceforge.net/devel/jnilo/buipsec.html as well as studied
various documentation such as man pages etc. I believe I've setup everything
correctly, but cannot seem to connect from various ipsec clients. I'm trying
both the ssh sentianl client as well as a linksys ipsec vpn appliance, but
I've had no luck. The only error that shows up during startup is the error
regarding rp_filter being set to 1. I did as the documentation outlined and
set spoofprotect to no in the options file, but the error still comes up.
Any ideas would be appreciated.
Thanks,
-Jeff Lush
I'd be happy to provide whatever documentation is requested. Here is a bit
of a dump from ipsec barf. It details the connection info from the linksys
appliance:
--
Aug 13 16:13:29 firewall Pluto[19365]: roadwarrior 207.216.146.129 #4:
ignoring Delete SA payload Aug 13 16:13:29 firewall Pluto[19365]:
roadwarrior 207.216.146.129 #4: received and ignored informational message
Aug 13 16:13:39 firewall Pluto[19365]: roadwarrior 207.216.146.129 #5:
responding to Main Mode from unknown peer 207.216.146.129
Aug 13 16:13:39 firewall Pluto[19365]: roadwarrior 207.216.146.129 #5:
OAKLEY_DES_CBC is not supported. Attribute OAKLEY_ENCRYPTION_ALGORITHM
Aug 13 16:13:39 firewall Pluto[19365]: roadwarrior 207.216.146.129 #5:
OAKLEY_DES_CBC is not supported. Attribute OAKLEY_ENCRYPTION_ALGORITHM
Aug 13 16:13:40 firewall Pluto[19365]: roadwarrior 207.216.146.129 #5:
Peer ID is ID_IPV4_ADDR: '207.216.146.129'
Aug 13 16:13:40 firewall Pluto[19365]: roadwarrior 207.216.146.129 #5:
sent MR3, ISAKMP SA established
Aug 13 16:13:40 firewall Pluto[19365]: roadwarrior 207.216.146.129 #5: ID
type of ISAKMP Identification Payload (IPsec DOI) has an unknown value: 0
Aug 13 16:13:40 firewall Pluto[19365]: roadwarrior 207.216.146.129 #5:
malformed payload in packet Aug 13 16:16:09 firewall Pluto[19365]:
roadwarrior 207.216.146.129 #6: responding to Main Mode from unknown peer
207.216.146.129 Aug 13 16:16:09 firewall Pluto[19365]: roadwarrior
207.216.146.129 #6: OAKLEY_DES_CBC is not supported. Attribute
OAKLEY_ENCRYPTION_ALGORITHM
I don't think DES is support with FreeS/Wan, only 3DES.
Stephen
---
This sf.net email is sponsored by: Dice - The leading online job board
for high-tech professionals. Search and apply for tech jobs today!
http://seeker.dice.com/seeker.epl?rel_code=31
leaf-user mailing list: [EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/leaf-user
SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html