Re: [leaf-user] Bering rc3 and ipsec problems

2002-08-15 Thread Chad Carr 

On Wed, 14 Aug 2002 19:15:11 -0600
Jeff Lush [EMAIL PROTECTED] wrote:

 I have 3DES checked off on the appliance. Maybe this is the problem...

Did enabling 3DES work for you?  If not, send me the whole barf output offline and I 
will try to troubleshoot it.

-- 

Chad Carr  [EMAIL PROTECTED]



---
This sf.net email is sponsored by: OSDN - Tired of that same old
cell phone?  Get a new here for FREE!
https://www.inphonic.com/r.asp?r=sourceforge1refcode1=vs3390

leaf-user mailing list: [EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/leaf-user
SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html

Re: [leaf-user] Bering rc3 and ipsec problems

2002-08-14 Thread Stephen Lee 

On Wed, 2002-08-14 at 16:59, Jeff Lush wrote:
 Hello all,
 
 I'm using the bering 1.0rc3 release and am attempting to setup freeswan 1.97
 ipsec on the firewall. I've closely followed the howto at
 http://leaf.sourceforge.net/devel/jnilo/buipsec.html as well as studied
 various documentation such as man pages etc. I believe I've setup everything
 correctly, but cannot seem to connect from various ipsec clients. I'm trying
 both the ssh sentianl client as well as a linksys ipsec vpn appliance, but
 I've had no luck. The only error that shows up during startup is the error
 regarding rp_filter being set to 1. I did as the documentation outlined and
 set spoofprotect to no in the options file, but the error still comes up.
 
 Any ideas would be appreciated.
 
 Thanks,
 
 -Jeff Lush
 
 I'd be happy to provide whatever documentation is requested. Here is a bit
 of a dump from ipsec barf. It details the connection info from the linksys
 appliance:
 
 --
 Aug 13 16:13:29 firewall Pluto[19365]: roadwarrior 207.216.146.129 #4:
 ignoring Delete SA payload Aug 13 16:13:29 firewall Pluto[19365]:
 roadwarrior 207.216.146.129 #4: received and ignored informational message
 Aug 13 16:13:39 firewall Pluto[19365]: roadwarrior 207.216.146.129 #5:
 responding to Main Mode from unknown peer 207.216.146.129
 Aug 13 16:13:39 firewall Pluto[19365]: roadwarrior 207.216.146.129 #5:
 OAKLEY_DES_CBC is not supported. Attribute OAKLEY_ENCRYPTION_ALGORITHM
 Aug 13 16:13:39 firewall Pluto[19365]: roadwarrior 207.216.146.129 #5:
 OAKLEY_DES_CBC is not supported. Attribute OAKLEY_ENCRYPTION_ALGORITHM
 Aug 13 16:13:40 firewall Pluto[19365]: roadwarrior 207.216.146.129 #5:
 Peer ID is ID_IPV4_ADDR: '207.216.146.129'
 Aug 13 16:13:40 firewall Pluto[19365]: roadwarrior 207.216.146.129 #5:
 sent MR3, ISAKMP SA established
 Aug 13 16:13:40 firewall Pluto[19365]: roadwarrior 207.216.146.129 #5: ID
 type of ISAKMP Identification Payload (IPsec DOI) has an unknown value: 0
 Aug 13 16:13:40 firewall Pluto[19365]: roadwarrior 207.216.146.129 #5:
 malformed payload in packet Aug 13 16:16:09 firewall Pluto[19365]:
 roadwarrior 207.216.146.129 #6: responding to Main Mode from unknown peer
 207.216.146.129 Aug 13 16:16:09 firewall Pluto[19365]: roadwarrior
 207.216.146.129 #6: OAKLEY_DES_CBC is not supported. Attribute
 OAKLEY_ENCRYPTION_ALGORITHM

I don't think DES is support with FreeS/Wan, only 3DES.

Stephen




---
This sf.net email is sponsored by: Dice - The leading online job board
for high-tech professionals. Search and apply for tech jobs today!
http://seeker.dice.com/seeker.epl?rel_code=31

leaf-user mailing list: [EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/leaf-user
SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html