Hi All,
I’m testing
IPsec interoperability between Solaris 10/opensolaris and Windows XP in IPv4.
After successfully configuring IPsec on solaris
and windows XP (details shown below),
I failed
to ping between the IPsec configured hosts and found the ISAKMP notification
data “Incorrect preshared key (invalid next payload value)”
when I looked at the captured packets between
the hosts using wireshark.
I’ve used preshared
key – “asdfghjklqwertyuiopzxcv” in Windows XP and the same key converted to
hexadecimal “666473616b6a68676577716c757974727a706f690a766378” been used in
solaris.
I’ve also tried as “echo “asdfghjklqwertyuiopzxcv”
| tr –d ‘\n’ | od –t x”
removing newline
character at the end.
But failed in both
cases.
#
echo “asdfghjklqwertyuiopzxcv” | od –t x
0000000
66647361 6b6a6867 6577716c 75797472
0000020
7a706f69 0a766378
0000030
IPsec
configuration on windows XP and solaris:
Phase 1 – main
mode
ESP Auth Algorithm
:
SHA1
ESP Crypt
Algorithm :
3des
DH Group : 2
(1024bit)
Life time :
14400 sec
Phase 2 – PFS
(Quick mode)
DH Group : 2
(1024bit)
ike.config file :
p1_lifetime_secs
14400
p1_nonce_len
20
{
label "Solaris – Windows using
ipv4"
local_addr 172.12.13.27
remote_addr 172.12.13.4
p1_xform {auth_method preshared
oakley_group 2 auth_alg sha1 encr_alg 3des}
p2_pfs 2
}
Could anybody please diagnose and see what’s wrong in the
configuration and any changes required in the above preshared key value
(supporting both windows XP & solaris) to resolve this issue?
Your help is highly appreciated.
Thanks in Advance,
KrishnaMohan
The INTERNET now has a personality. YOURS! See your Yahoo! Homepage.
http://in.yahoo.com/_______________________________________________
networking-discuss mailing list
networking-discuss@opensolaris.org
