On 01/13/09 15:57, Wouter Coppens wrote:
I don't have a PFS option in the phase 1 configuration.
Too bad. That would have been an easy fix.
Here is what I did so far:
Created a local user:
Username: sunray01
IKE User -> Simple identity: Ike id type: auto
Ike identity: [email protected]
Xauth User and set a password.
Try using USER_FQDN for the id type.
Created a new VPN gateway:
Name: SunrayThinC
Dialup user and selected sunray01 as user
entered the preshared key.
phase1: pre-g2-3des-md5; pre-g2-3des-sha, pre-g2-aes128-md5,
pre-g2-aes128-sha
Mode: aggressive
Nat-traversal enabled with UDP checksum
phase2: nopfs-esp-3des-md5, nopfs-esp-3des-sha, nopfs-esp-aes128-md5,
nopfs-esp-aes128-sha
( previously I had the same as in phase1 but it also didn't work)
On my sunray I configured:
Group: [email protected]
Key: preshared key
User: sunray01
password: password of sunray01
Any idea what is wrong?
Not offhand. This looks pretty similar to my test gateway configuration.
What I do remember is that the configuration of the gateway is really
finicky. It took me a long time to figure out one that worked, and it's
unclear that the knowledge is transferable. Aside from the id type, and
that I don't have UDP checksum enabled, yours looks almost exactly the
same as mine.
Kent
_______________________________________________
SunRay-Users mailing list
[email protected]
http://www.filibeto.org/mailman/listinfo/sunray-users
