On 8/17/2010 11:23 PM, Nathan Morrow wrote:
Well, I am still not finding easy as a word with VPNs.
Here is where I am:
1.
Apparently there is an issue using the wireless adapter in my HP
(Broadcom based). When using Ethernet I actually connect and get
communications on both ends. On the wireless I see stuff in the shrew
trace log, but nothing at the server.
Is there any way to use the built in wireless card.
Do you see the Shrew Soft LWF driver enabled for your wireless adapter?
What make/model of Wireless adapter are you using?
2.
If I try to use the netgear example on the shrew website (ike config
pull), I get
config message type is invalid for pull config”
in the shrew trace log and
[IKE] ISAKMP-SA established for WORKIP[4500]-REMOTEIP[4500] with
spi:2a66a846b45e6422:7b1231493b23d4cb_
[IKE] Sending Informational Exchange: notify payload[INITIAL-CONTACT]_
[IKE] Short payload_
in the netgear log.
Not sure what needs to change on the client side to make it a valid config.
I believe another user was experiencing problems with his netgear until
they upgraded the firmware. Are you running the latest version?
3.
If I change that mode to “Ike config push” and actually fill in all the
necessary info in the shrew client that was set to auto, it gets much
further, but then I get
resend 1 phase2 packet(s) 192.168.50.132:4500 -> WORKIP:4500
in the shrew trace log. And
No policy found: 192.168.2.5/32[0] 192.168.0.0/24[0] proto=any dir=in_
2010 Aug 18 04:16:57 [SpotswoodFVX538] [IKE] Failed to get proposal for
responder._
in the netgear log. Not sure if I am hosing everything with that
change. But I did get further.
As always, any help is appreciated. I am running 2.1.6 with DPD turned
off on both ends.
You should definitely be using 'ike config pull' with netgear. They use
the ipsec-tools based racoon daemon. If you still have problems after
upgrading your firmware, try gathering some debug output and sending it
to me directly. I'll have a look.
-Matthew
_______________________________________________
vpn-help mailing list
[email protected]
http://lists.shrew.net/mailman/listinfo/vpn-help
