Re: [Swan] Problem connecting with shrew vpnclient with version 3.24

Fri, 08 Jun 2018 11:04:42 -0700 

On Fri, 8 Jun 2018, antonio wrote:


cannot connect with shrew soft vpnclient to libreswan 3.24 (last version that 
worked was in version 3.20)  with psk+xauth:


(this was 3.23 as explained)


Jun 08 15:27:46 sol pluto[18056]: "tunnel8-aggr"[1] 192.168.10.170 #3: 
STATE_AGGR_R1: sent AR1, expecting AI2
Jun 08 15:27:46 sol pluto[18056]: "tunnel8-aggr"[1] 192.168.10.170 #3: Peer ID 
is ID_IPV4_ADDR: '192.168.10.170'
Jun 08 15:27:46 sol pluto[18056]: "tunnel8-aggr"[1] 192.168.10.170 #3: received 
Hash Payload does not match computed value
Jun 08 15:27:46 sol pluto[18056]: "tunnel8-aggr"[1] 192.168.10.170 #3: sending 
encrypted notification INVALID_HASH_INFORMATION to
192.168.10.170:33388
Jun 08 15:27:46 sol pluto[18056]: "tunnel8-aggr"[1] 192.168.10.170 #3: next 
payload type of ISAKMP Hash Payload has an unknown
value: 218 (0xda)
Jun 08 15:27:46 sol pluto[18056]: "tunnel8-aggr"[1] 192.168.10.170 #3: 
malformed payload in packet



The log when connecting with version 3.20:



Jun 08 15:24:34 sol pluto[12290]: "tunnel8-aggr"[2] 192.168.10.170 #3: 
STATE_AGGR_R1: sent AR1, expecting AI2
Jun 08 15:24:34 sol pluto[12290]: "tunnel8-aggr"[2] 192.168.10.170 #3: 
transition from state STATE_AGGR_R1 to state STATE_AGGR_R2
Jun 08 15:24:34 sol pluto[12290]: "tunnel8-aggr"[2] 192.168.10.170 #3: new NAT 
mapping for #3, was 192.168.10.170:33388, now
192.168.10.170:40182
Jun 08 15:24:34 sol pluto[12290]: "tunnel8-aggr"[2] 192.168.10.170 #3: 
STATE_AGGR_R2: ISAKMP SA established {auth=PRESHARED_KEY
cipher=aes_256 integ=md5 group=MODP1024}
Jun 08 15:24:34 sol pluto[12290]: "tunnel8-aggr"[2] 192.168.10.170 #3: ignoring 
informational payload IPSEC_INITIAL_CONTACT,
msgid=00000000, length=28
Jun 08 15:24:34 sol pluto[12290]: | ISAKMP Notification Payload
Jun 08 15:24:34 sol pluto[12290]: |   00 00 00 1c  00 00 00 01  01 10 60 02
Jun 08 15:24:34 sol pluto[12290]: "tunnel8-aggr"[2] 192.168.10.170 #3: received 
and ignored informational message
Jun 08 15:24:34 sol pluto[12290]: | event EVENT_v1_SEND_XAUTH #3 STATE_AGGR_R2
Jun 08 15:24:34 sol pluto[12290]: "tunnel8-aggr"[2] 192.168.10.170 #3: XAUTH: 
Sending Username/Password request (XAUTH_R0)


Would you be able to test 3.21 / 3.22 or maybe do a git bisect to help?
Or alternatively, if you can give me a shrew client config and the
libreswan server cofig, then I can try and run a git bisect to find
the issue.

Although perhaps first you can try and use a 3.24rcX candicate from
download.libreswan.org/development/ and see if the problem got fixed
already?

Paul
_______________________________________________
Swan mailing list
[email protected]
https://lists.libreswan.org/mailman/listinfo/swan






















					Reply via email to