On Mon, Aug 25, 2014 at 11:00 AM, <[email protected]> wrote: > > Am 25.08.2014 um 10:15 schrieb Alexis La Goutte - [email protected]: >> >> On Fri, Aug 22, 2014 at 10:16 AM, <[email protected]> wrote: >>> >>> Hello, >>> I use the trial of the pro Version v2.2.2 to do a Secure AD/Domain Login >>> >>> After entering the login credentials for the domain, a window opens up >>> with >>> "Key file Credentials Required". After entering the key for the >>> certificate, >>> I get the following error: >>> >>> Windows-Sicherheit (german = Windows-Security) >>> Failed to configure key daemon using VPN Site Configuration 'name of my >>> config' >>> >>> config loaded for site 'name of my config' >>> attached key daemon... >>> peer configured >>> iskamp proposal configured >>> esp proposal configured >>> client configured >>> remote id configured >>> server cert configured >>> client cert configured >>> client key file requires password >>> detached from key daemon >>> >>> It is also notable that the window "Key file Credentials Required" does >>> not >>> close after entering the passphrase for the certificate, but does not >>> react >>> anymore. >>> >>> My vpn-server is running on Endian Firewall Community release 2.4.1. The >>> Windows Server is 2008R2. The client is Windows 7-64bit. >>> If I try to connect after windows login, it works perfect. >>> >>> Thank you for your advice. >>> Greetings Konrad >>> >> Hi Konrad, >> >> Do you have check the Shrew log and vpn-server log ? >> >> Regards, > > Hi, thank you for your answer! > Using the Connect-before-login-method, there is no entry in the vpn-server > Log. > On the client, after activation of debugging via registry, i found the > following entries in iked.log > 14/08/25 10:47:49 ## : IKE Daemon, ver 2.2.2 > 14/08/25 10:47:49 ## : Copyright 2013 Shrew Soft Inc. > 14/08/25 10:47:49 ## : This product linked OpenSSL 1.0.1c 10 May 2012 > 14/08/25 10:47:49 ii : opened 'C:\Program Files\ShrewSoft\VPN > Client\debug\iked.log' > 14/08/25 10:47:49 ii : rebuilding vnet device list ... > 14/08/25 10:47:49 ii : device ROOT\VNET\0000 disabled > 14/08/25 10:47:49 ii : ipc server process thread begin ... > 14/08/25 10:47:49 ii : network process thread begin ... > 14/08/25 10:47:49 ii : pfkey process thread begin ... > 14/08/25 10:47:49 !! : unable to connect to pfkey interface > 14/08/25 10:49:04 ii : ipc client process thread begin ... > 14/08/25 10:49:04 <A : peer config add message > 14/08/25 10:49:04 <A : proposal config message > 14/08/25 10:49:04 <A : proposal config message > 14/08/25 10:49:04 <A : client config message > 14/08/25 10:49:04 <A : local id 'schuppan.ptw-ingenieure.de' message > 14/08/25 10:49:04 <A : remote certificate data message > 14/08/25 10:49:04 ii : remote certificate read complete ( 970 bytes ) > 14/08/25 10:49:04 <A : local certificate data message > 14/08/25 10:49:04 ii : local certificate read complete ( 878 bytes ) > 14/08/25 10:49:04 <A : local key data message > 14/08/25 10:49:04 !! : libeay : .\crypto\pkcs12\p12_kiss.c:110 > 14/08/25 10:49:04 !! : error:23076071:PKCS12 routines:PKCS12_parse:mac > verify failure > 14/08/25 10:49:04 !! : local key read failed, requesting password > 14/08/25 10:49:17 ii : ipc client process thread exit ... > > Note: I have secured the certificate with a 12-digit-password. > As always, connecting after login works without problems... > Greetings Konrad > Hi,
Please kept the list in CC. Do you have a prompt about ask the 12 digit password ? Regards, > _______________________________________________ vpn-help mailing list [email protected] https://lists.shrew.net/mailman/listinfo/vpn-help
