[ previous ] [ next ] [ threads ]
 
 From:  "Josh McAllister" <josh at bluehornet dot com>
 To:  "Kevin Droz" <drozk at moeller dot com>
 Cc:  <m0n0wall at lists dot m0n0 dot ch>
 Subject:  RE: [m0n0wall] Monowall and Freeswan
 Date:  Thu, 3 Feb 2005 13:44:48 -0800 
This means the PSK doesn't match, or the format is incorrect. It's an
"authentication error". Though if you've gotten this far, I believe it
is matching the correct line in /etc/ipsec.secrets. As for your previous
message... nothing else matters until you get this part right. 

Josh McAllister

-----Original Message-----
From: Kevin Droz [mailto:drozk at moeller dot com] 
Sent: Thursday, February 03, 2005 2:06 PM
To: Josh McAllister
Subject: RE: [m0n0wall] Monowall and Freeswan

Another Update

I'm also getting this Error

state transition function for STATE_MAIN_I2 failed:
INVALID_KEY_INFORMATION

-----Original Message-----
From: Josh McAllister [mailto:josh at bluehornet dot com]
Sent: Thursday, February 03, 2005 2:01 PM
To: Kevin Droz; m0n0wall at lists dot m0n0 dot ch
Subject: RE: [m0n0wall] Monowall and Freeswan


You need to setup /etc/ipsec.secrets
x.x.x.x y.y.y.y : PSK "secret"

Where x.x.x.x is remote (m0n0)
And y.y.y.y is local (FreeSwan)

Josh McAllister
-----Original Message-----
From: Kevin Droz [mailto:drozk at moeller dot com] 
Sent: Thursday, February 03, 2005 10:30 AM
To: m0n0wall at lists dot m0n0 dot ch
Subject: [m0n0wall] Monowall and Freeswan

Hello Everyone,

I'm trying to make a IPSEC conection with a freeswan server. I used the
setup in the Documentation and getting an error. Here is my config file
and
error

Error: Can't authenticate: no preshared key found for `X.X.X.X' and
`X.X.X.X'.  Attribute OAKLEY_AUTHENTICATION_METHOD
Feb  3 12:27:52 router2 pluto[5243]: "vpn1" #11: no acceptable Oakley
Transform



Config File:

config setup
       interfaces=%defaultroute
       klipsdebug=none
       plutodebug=none
       uniqueids=yes

conn %default
       keyingtries=0
       #compress=yes

conn block
   auto=ignore

conn private
   auto=ignore

conn private-or-clear
   auto=ignore

conn clear-or-private
   auto=ignore

conn clear
   auto=ignore

conn packetdefault
   auto=ignore

conn vpn1
       type=tunnel
       left=ip.add.of.m0n0
       leftsubnet=m0n0.side.subnet/24
       leftnexthop=%defaultroute
       right=ip.add.of.freeswan
       rightsubnet=freeswan.side.subnet/24
       rightnexthop=%defaultroute
       authby=secret
       auth=esp
       esp=3des-md5-96
       pfs=no
       auto=start



Mono Config

m0n0-side:
Phase1
Neg. mode = main
Enc. Alg = 3DES
Hash Alg = MD5
DH key grp = 5

Phase2
Protocol = ESP
Uncheck all Enc. Alg. Except 3des
Hash alg = md5
PFS key group = off





---------------------------------------------------------------------
To unsubscribe, e-mail: m0n0wall dash unsubscribe at lists dot m0n0 dot ch
For additional commands, e-mail: m0n0wall dash help at lists dot m0n0 dot ch