<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<meta content="text/html; charset=ISO-8859-1"
http-equiv="Content-Type">
</head>
<body bgcolor="#ffffff" text="#000000">
Hi,<br>
<br>
I succeed to pass phase1 but not phase2.<br>
<br>
<ul>
<li>Any idea ?</li>
<li>Can a Linux-based IPSEC tunnel can really contact a NETASQ
router ?</li>
</ul>
<br>
Here is my logs : <br>
<br>
Dec 16 19:28:43 Fedora-64-2 racoon: INFO: IPsec-SA request for
8x.xxx.xx.xx queued due to no phase1 found.<br>
Dec 16 19:28:43 Fedora-64-2 racoon: INFO: initiate new phase 1
negotiation: 192.168.50.181[500]<=>8x.xxx.xx.xx[500]<br>
Dec 16 19:28:43 Fedora-64-2 racoon: INFO: begin Aggressive mode.<br>
Dec 16 19:28:43 Fedora-64-2 racoon: INFO: received Vendor ID: DPD<br>
Dec 16 19:28:43 Fedora-64-2 racoon: NOTIFY: couldn't find the proper
pskey, try to get one by the peer's address.<br>
Dec 16 19:28:43 Fedora-64-2 racoon: INFO: ISAKMP-SA established
192.168.50.181[500]-8x.xxx.xx.xx[500]
spi:d246d525eb2367b9:370a599c26588a34<br>
Dec 16 19:28:44 Fedora-64-2 racoon: INFO: initiate new phase 2
negotiation: 192.168.50.181[500]<=>8x.xxx.xx.x[500]<br>
Dec 16 19:29:14 Fedora-64-2 racoon: INFO: IPsec-SA expired:
AH/Transport 8x.xxx.xx.xx[0]->192.168.50.181[0]
spi=72170590(0x44d3c5e)<br>
Dec 16 19:29:14 Fedora-64-2 racoon: WARNING: the expire message is
received but the handler has not been established.<br>
Dec 16 19:29:14 Fedora-64-2 racoon: INFO: IPsec-SA expired:
ESP/Transport 8x.xxx.xx.xx[0]->192.168.50.181[0]
spi=75860073(0x4858869)<br>
<br>
ANY help would be appreciated<br>
<br>
Best Regards<br>
<br>
Le 10/12/10 17:41, Kevin Fenzi a écrit :
<blockquote cite="mid:20101210094114.2ec4023d@ohm.scrye.com"
type="cite">
<pre wrap="">On Fri, 10 Dec 2010 10:09:10 +0100
Luc MAIGNAN <a class="moz-txt-link-rfc2396E" href="mailto:luc.maignan@winxpert.com"><luc.maignan@winxpert.com></a> wrote:
</pre>
<blockquote type="cite">
<pre wrap="">Hi,
one more time...
I have to setup a VPN IPSEC tunnel between a linux machine and a
physical router. The security mode of the router is 'IKE using
pre-shared key'
I cannot use openVPN because the router isn't compliant with.
I want so use openSwan to setup the IPSEC tunnel.
Am I right ?
How to configure the pre-shared key with openswan ?
</pre>
</blockquote>
<pre wrap="">
Try:
<a class="moz-txt-link-freetext" href="http://docs.fedoraproject.org/en-US/Fedora/14/html-single/Security_Guide/index.html#sect-Security_Guide-Virtual_Private_Networks_VPNs-IPsec">http://docs.fedoraproject.org/en-US/Fedora/14/html-single/Security_Guide/index.html#sect-Security_Guide-Virtual_Private_Networks_VPNs-IPsec</a>
kevin
</pre>
</blockquote>
<br>
</body>
</html>