Hi, thanks a lot for your reaction.I corrected it today, but it's curious.This setup is from what can I see in Linux Network manager.But if I want to use it on OpenBSD I must remove 'NAT' line and for IKE I must use IKE DH Group dh2
Then everything is ok 2009/3/17 Amarendra Godbole <[email protected]>: > On Sat, Mar 14, 2009 at 4:31 PM, Toma B Bod ar <[email protected]> wrote: >> I can't connect to company VPN network due(I haven't line 7 in config) : >> >> warning: unknown configuration directive in /etc/vpnc.conf at line 7 >> hash comparison failed: (ISAKMP_N_AUTHENTICATION_FAILED)(24) >> check group password! >> >> My config : >> >> IPSec gateway ip-adress-of-our-gateway >> IPSec ID name-of-group >> IPSec secret group-password >> IKE Authmode psk >> Xauth username my-name >> NAT Traversal cisco-udp >> >> It's similar to setup in vpnc GUI under Linux Network manager > [...] > > I use the following on OpenBSD and it works perfectly fine for me (even now): > > IPSec gateway ip-addr-of-gw > IPSec ID name-of-group > IPSec obfuscated secret huge-string-of-gibberish-numbers > IKE Authmode psk > Xauth username my-name > # Added to prevent vpnc dropping connections with "Dead Peer Detection". > # As suggested on vpnc-devel (search google for link). > DPD idle timeout (our side) 0 > > The only change I see is no NAT line, a DPD line (that I added), and > plain-text password (while I use obfuscated one). Can you see if any > of these help? Meanwhile, you can also post the output of running vpnc > with --debug 99 (make sure to remove the passwords, as they get dumped > too), and hopefully we may be able to see what's going on. Thanks. > > -Amarendra > > -- http://www.openbsd.org/lyrics.html
