[rlug] Fw: FreeS/WAN IPsec 1.92 - Win PGPnet client VPN - road warriors

Thu, 11 Apr 2002 12:22:05 -0700 


Vreau sa conectez FreeS/WAN IPsec 1.92 ( Linux ) cu un clent PGPnet ( w2k- road 
warriors)

am urmatoarea configuratie :


172.16.1.0/29-------- eth0 ( 172.16.1.1/29) FreeS/WAN --eth1 ( 192.168.1.4) 
<----PGPnet client (192.168.1.3) 

Vreau sa o fac cu preshared key

In /etc/ipsec.conf am

config setup
        interfaces="ipsec0=eth1"
        klipsdebug=none
        plutodebug=none
        plutoload=%search
        plutostart=%search

conn %default
        keyingtries=0
        authby=secret

conn rw_pgp-syslog
     left=192.168.1.4
     leftsubnet=172.16.1.0/29
     right=%any
     pfs=no
     type=tunnel
     keyexchange=ike
     authby=secret
     auto=add
____________________________________
/etc/ipsec.secrets

192.168.1.4 0.0.0.0: PSK "secret"

______________________________________

Cind vreau sa ma conectez cu PGP client il da erorile: 

Apr 11 22:36:52 syslog Pluto[18936]: packet from 192.168.1.3:500: ignoring Vendor ID 
payload
Apr 11 22:36:52 syslog Pluto[18936]: "rw_pgp-syslog" #1: responding to Main Mode from 
unknown peer 192.168.1.3
Apr 11 22:36:52 syslog Pluto[18936]: "rw_pgp-syslog" #1: ignoring informational 
payload, type IPSEC_INITIAL_CONTACT
Apr 11 22:36:52 syslog Pluto[18936]: "rw_pgp-syslog" #1: STATE_MAIN_R3: sent MR3, 
ISAKMP SA established

Apr 11 22:36:52 syslog Pluto[18936]: "rw_pgp-syslog" #2: cannot respond to IPsec SA 
request because no connection is known for 192.168.1.4...192.168.1.3

Apr 11 22:36:54 syslog Pluto[18936]: "rw_pgp-syslog" #1: Quick Mode I1 message is 
unacceptable because it uses a previously used Message ID 0xcc486931 (perhaps this is 
a duplicated packet)


[root@syslog /root]# ipsec auto --status
000 interface ipsec0/eth1 192.168.1.4
000
000 "rw_pgp-syslog" instance: 172.16.1.0/29===192.168.1.4...192.168.1.3
000 "rw_pgp-syslog" instance:   ike_life: 3600s; ipsec_life: 28800s; rekey_margin: 
540s; rekey_fuzz: 100%; keyingtries: 0
000 "rw_pgp-syslog" instance:   policy: PSK+ENCRYPT+TUNNEL+DISABLEARRIVALCHECK; 
interface: eth1; unrouted
000 "rw_pgp-syslog" instance:   newest ISAKMP SA: #1; newest IPsec SA: #0; eroute 
owner: #0
000 "rw_pgp-syslog": 172.16.1.0/29===192.168.1.4...%any
000 "rw_pgp-syslog":   ike_life: 3600s; ipsec_life: 28800s; rekey_margin: 540s; 
rekey_fuzz: 100%; keyingtries: 0
000 "rw_pgp-syslog":   policy: PSK+ENCRYPT+TUNNEL+DISABLEARRIVALCHECK; interface: 
eth1; unrouted
000 "rw_pgp-syslog":   newest ISAKMP SA: #0; newest IPsec SA: #0; eroute owner: #0
000
000 #1: "rw_pgp-syslog":192.168.1.3 STATE_MAIN_R3 (sent MR3, ISAKMP SA established); 
EVENT_SA_REPLACE in 3225s; newest ISAKMP

Aveti idee ce se intampa?????

Multumesc 

George Serban



---
Pentru dezabonare, trimiteti mail la 
[EMAIL PROTECTED] cu subiectul 'unsubscribe rlug'.
REGULI, arhive si alte informatii: http://www.lug.ro/mlist/

















    











					Raspunde prin e-mail lui