Richard Whittaker wrote: > have Nortel Contivity Client installed, I was able to figure out this is
> Mar 10 16:13:18 enterprise pluto[5202]: packet from 207.189.243.42:500: > af+type of ISAKMP Oakley attribute has an unknown value: 65535 > Mar 10 16:13:18 enterprise pluto[5202]: packet from 207.189.243.42:500: > sending notification BAD_PROPOSAL_SYNTAX to 207.189.243.42:500 Richard, this seems to be a protocol incompatibility between strongSwan and the Nortel VPN Client. I'm afraid that only the strongSwan developers can help with this problem or somebody else who is familiar with IKE and the strongSwan source code. I checked the website of this client and it says: "Provides full user-side functionality for secure access to enterprise networks over IP networks that use Nortel IP access routers and VPN servers." also "Supports both IPSec and SSL VPN protocols allowing users to connect to Nortel VPN Router and VPN Gateway systems with a single client version" One could infer that this client is meant to interoperate with Nortel systems only. I can imagine that Nortel deliberately broke interoperability with other IPsec products because they want you to buy their VPN gateway. But that's only a guess. You could try randomly tweaking the configuration options of the Nortel client and see if that makes a difference. Btw, is the Nortel client freely available or do you have to purchase a license. Daniel _______________________________________________ Users mailing list Users@lists.strongswan.org https://lists.strongswan.org/mailman/listinfo/users
