On Tue, 21 Mar 2017, Nels Lindquist wrote:
All other tunnels (including L2TP roadwarriors) continue to work
fine, but all incoming XAUTH connections fail at the point when the
request for XAUTH credentials is made:
Mar 16 11:24:07 yeggate pluto[21352]: "xauth-rsa"[1] 184.151.222.0
#15: XAUTH: Sending Username/Password request (XAUTH_R0)
No response is received from the client (Shrew Soft VPN on Windows
7).
I've restarted clients, restarted ipsec, deleted and re-added
connection definitions, etc. all to no avail. The clients are able
to connect to two other test setups on different networks with no
difficulty, and I can find no relevant differences
configuration-wise. I tried setting xauthby to "alwaysok" but the
behaviour is the same.
We have seen something like this in the past when we would send two
packets during XAUTH that were too close together and could get
re-ordered, confusing the other end. But in 3.14 we added a small
delay that would prevent this re-ordering. If there is still a
timing issue, then perhaps you have different plutodebug= settings
between the network that works and the one that does not?
Otherwise, I wouldn't know either what's going on.
Paul
_______________________________________________
Swan mailing list
[email protected]
https://lists.libreswan.org/mailman/listinfo/swan
