* theologu <[EMAIL PROTECTED]> [07-10-05 14:33]:
> Am inceput sa fac configuratia cu openswan, reusesc sa ma conectez, dar
> nu trec de Phase1:
>
> 002 "conexiune" #1: initiating Main Mode
> 104 "conexiune" #1: STATE_MAIN_I1: initiate
> 002 "conexiune" #1: transition from state STATE_MAIN_I1 to state
> STATE_MAIN_I2
> 106 "conexiune" #1: STATE_MAIN_I2: sent MI2, expecting MR2
> 002 "conexiune" #1: I did not send a certificate because I do not have one.
> 002 "conexiune" #1: transition from state STATE_MAIN_I2 to state
> STATE_MAIN_I3
> 108 "conexiune" #1: STATE_MAIN_I3: sent MI3, expecting MR3
> 002 "conexiune" #1: Main mode peer ID is ID_IPV4_ADDR: 'xxx.xxx.xxx.xxx'
> 002 "conexiune" #1: transition from state STATE_MAIN_I3 to state
> STATE_MAIN_I4
> 004 "conexiune" #1: STATE_MAIN_I4: ISAKMP SA established
> {auth=OAKLEY_PRESHARED_KEY cipher=oakley_3des_cbc_192 prf=oakley_sha
> group=modp1024}
ok, tu aici propui 3des, el nu suporta decat DES
> 002 "conexiune" #2: initiating Quick Mode PSK+ENCRYPT+TUNNEL+PFS+UP
> {using isakmp#1}
de asemenea ai configurat Quick Mode, el cred ca nu accepta, sa nu
confund insa quick mode cu aggresive mode; de asemenea, ai PFS
(perfect forward secrecy) ceea ce e clar ca nu stie.
> STATE_MAIN_I4: ISAKMP SA established - deduc ca se autentifica cu
> preshared key, dar mai departe nu-i place ceva...
> sa fie oare "quick mode" ?
>
> =================================================
> informatiile pe care le am despre celalat capat:
> External IP of my Firewall xxx.xxx.xxx.xxx
> DES
> SHA
> Shared Key : un_cuvant
> My LAN 192.168.10.0 / 24
> Diffie Hellman groupe 1
> No perfect forword
> N aggressive mode
>
> Parameters SHA1 - DES are configured in both phase1 (configuration
> gateway) and phase2 (configuration tunnel) of the VPN configuration.
> Another information: in phase2 I have set the ESP mode for security
> association.
>
mitu
_______________________________________________
RLUG mailing list
[email protected]
http://lists.lug.ro/mailman/listinfo/rlug
