Hey Citeren Erich Titl <[EMAIL PROTECTED]>:
> Tom > > Tom Hendrickx wrote: >> Hi! thanks Charles for your reply, but I fear it didn't helped.. >> >> the subnet for the roadwarrior I got from here : >> http://wiki.openswan.org/index.php/Openswan/ExtrudedSubnetRoadWarrior > > This example only shows an extruded subnet consisting of a _single_ > address, not a subnet. _And_ it uses the %defaultroute and the %any > as addresses for the right party, e.g. the road warrior. Now the keys > in this case come from DNS, which might not be the case in your > environment. > Indeed, I work with selfmade certificats and keys.. RSA keys made by tinyCA2 > Please have a look at the auth.log and/or ipsec barf to see what > state your connection is in . > and looking at ipsec barf, the keys seems to be the problem.. on both sides it says: loading secrets from "/etc/ipsec.secrets" "/etc/ipsec.secrets" line 2: unrecognized key format: client-key.pem and after this at the authentication, it's unable to find the key for RSA Signature.. for configuring secrets I followed: http://leaf.sourceforge.net/doc/bucu-openswan.html and in secrets I have : ": client-key.pem test" for making my keys I followed: http://leaf.sourceforge.net/doc/bucu-tinyca.html regards, tom > cheers > > Erich > > > > ------------------------------------------------------------------------- This SF.net email is sponsored by the 2008 JavaOne(SM) Conference Don't miss this year's exciting event. There's still time to save $100. Use priority code J8TL2D2. http://ad.doubleclick.net/clk;198757673;13503038;p?http://java.sun.com/javaone ------------------------------------------------------------------------ leaf-user mailing list: leaf-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/leaf-user Support Request -- http://leaf-project.org/