Merry xMas to all.
I am trying to set up a vpn tunnel with shrew vpn client to a Draytek Vigor
2955 using self signed certificates but it doesn't seem to work.
Scenario:
Mobile laptop with Ubuntu 10.10 os installed connecting to internet via HTC
Desire tethered phone.
I have been able to successfully establish a vpn connection using preshared
keys but cannot do the same using certificates (opensssl generated ones).
I created a CA and installed it's public key as root on the Vigor.
I used Vigor's interface to generate a certificate signing request, that I
copied on the laptop, signed it and tranferred it back to the Vigor as a local
certificate.
The draytek's web interfaces shows a "successfully imported" certificates
status for both Trusted root CA and the local certificate.
Then I generated a new certificate on the laptop and used it with shrew as
local certificate.
Then I started syslog monitoring on the vigor but it does not show any sign of
connection attempts from the vpn client and the staus of the client remains
still on "connecting" until negotiation timeout occurs.
I also set up a ipsec peer idetity on the vigor, together with a dial in
account.
Has anyone been able to use a X509 connection with shrew to a Draytek router?
The only available document in the web is written in German but refers to
preshared keys as indicated in shrewsoft website.
Can anyone help, please?
Stefano
_______________________________________________
vpn-help mailing list
[email protected]
http://lists.shrew.net/mailman/listinfo/vpn-help
