Re: Problem with vpnc connection - check group password !

[Amarendra Godbole]

On Sat, Mar 14, 2009 at 4:31 PM, Toma Bodar <tomas.bod...@gmail.com> wrote:
> I can't connect to company VPN network due(I haven't line 7 in config) :
>
> warning: unknown configuration directive in /etc/vpnc.conf at line 7
> hash comparison failed: (ISAKMP_N_AUTHENTICATION_FAILED)(24)
> check group password!
>
> My config :
>
> IPSec gateway ip-adress-of-our-gateway
> IPSec ID name-of-group
> IPSec secret group-password
> IKE Authmode psk
> Xauth username my-name
> NAT Traversal cisco-udp
>
> It's similar to setup in vpnc GUI under Linux Network manager
[...]

I use the following on OpenBSD and it works perfectly fine for me (even now):

IPSec gateway ip-addr-of-gw
IPSec ID name-of-group
IPSec obfuscated secret huge-string-of-gibberish-numbers
IKE Authmode psk
Xauth username my-name
# Added to prevent vpnc dropping connections with "Dead Peer Detection".
# As suggested on vpnc-devel (search google for link).
DPD idle timeout (our side) 0

The only change I see is no NAT line, a DPD line (that I added), and
plain-text password (while I use obfuscated one). Can you see if any
of these help? Meanwhile, you can also post the output of running vpnc
with --debug 99 (make sure to remove the passwords, as they get dumped
too), and hopefully we may be able to see what's going on. Thanks.

-Amarendra