Hey

Citeren Erich Titl <[EMAIL PROTECTED]>:

> Tom
>
> Tom Hendrickx wrote:
>> Hi! thanks Charles for your reply, but I fear it didn't helped..
>>
>> the subnet for the roadwarrior I got from here : 
>> http://wiki.openswan.org/index.php/Openswan/ExtrudedSubnetRoadWarrior
>
> This example only shows an extruded subnet consisting of a _single_ 
> address, not a subnet. _And_ it uses the %defaultroute and the %any 
> as addresses for the right party, e.g. the road warrior. Now the keys 
> in this case come from DNS, which might not be the case in your 
> environment.
>
Indeed, I work with selfmade certificats and keys.. RSA keys made by tinyCA2


> Please have a look at the auth.log and/or ipsec barf to see what 
> state your connection is in .
>
and looking at ipsec barf, the keys seems to be the problem..
on both sides it says:
loading secrets from "/etc/ipsec.secrets"
"/etc/ipsec.secrets" line 2: unrecognized key format: client-key.pem

and after this at the authentication, it's unable to find the key for 
RSA Signature..

for configuring secrets I followed:
http://leaf.sourceforge.net/doc/bucu-openswan.html

and in secrets I have : ": client-key.pem test"

for making my keys I followed:
http://leaf.sourceforge.net/doc/bucu-tinyca.html

regards,

tom



> cheers
>
> Erich
>
>
>
>



-------------------------------------------------------------------------
This SF.net email is sponsored by the 2008 JavaOne(SM) Conference 
Don't miss this year's exciting event. There's still time to save $100. 
Use priority code J8TL2D2. 
http://ad.doubleclick.net/clk;198757673;13503038;p?http://java.sun.com/javaone
------------------------------------------------------------------------
leaf-user mailing list: leaf-user@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/leaf-user
Support Request -- http://leaf-project.org/

Reply via email to