[ previous ] [ next ] [ threads ]
 
 From:  "Dale Hirt" <dale at sbcltd dot com>
 To:  <m0n0wall at lists dot m0n0 dot ch>
 Subject:  Greenbow VPN Client and Monowall
 Date:  Fri, 11 Mar 2005 20:41:19 -0800
Hello list,
 
First off, may I say that Monowall rocks.  I am very pleased with all the hard work that has been
put into this product.  I currently use it as our firewall and also to establish vpn links with
vendors.  Operation has been flawless and setup has been for the most part easy.
 
I have set up two constant vpn links with other vpn gateways and they were no problem to set up.  I
am in the midst of attempting to set up vpn's for a few mobile users, and have run across a bit of a
problem that I am trying to understand.  At the moment, I don't know if it is merely the fact that I
am on cable broadband, which limits me seriously, or if this is something having to do with how
monowall is set up.
 
I downloaded and installed the GreenBow VPN Client and set it up with all required parameters for my
mobile vpn setup.  I am currently getting the following error when trying to connect to the vpn
tunnel:
 
202913 Default (SA SbcVpnPhase1-P1) SEND phase 1 Main Mode  [SA] [VID] [VID] [VID]
202913 Default (SA SbcVpnPhase1-P1) RECV phase 1 Main Mode  [SA] [VID]
202913 Default (SA SbcVpnPhase1-P1) SEND phase 1 Main Mode  [KEY_EXCH] [NONCE]
202913 Default (SA SbcVpnPhase1-P1) RECV phase 1 Main Mode  [KEY_EXCH] [NONCE] [VID]
202913 Default (SA SbcVpnPhase1-P1) SEND phase 1 Main Mode  [HASH] [ID]
202920 Default (SA SbcVpnPhase1-P1) SEND phase 1 Main Mode  [HASH] [ID]
202929 Default (SA SbcVpnPhase1-P1) SEND phase 1 Main Mode  [HASH] [ID]
202940 Default (SA SbcVpnPhase1-P1) SEND phase 1 Main Mode  [HASH] [ID]
202953 Default (SA SbcVpnPhase1-P1) SEND phase 1 Main Mode  [HASH] [ID]
203008 Default (SA SbcVpnPhase1-P1) SEND phase 1 Main Mode  [HASH] [ID]
203008 Default transport_send_messages: giving up on message 00CAD198
 
Obviously there is a problem in phase 1 with sending the ID.  What I don't quite know is why.
 
Does IPSEC (and hence monowall) require attempting to open a connection back to my laptop?  If so,
then I'm never going to get this working, but if not, then where should I look next?
 
I am in the midst of going through all the documentation I can find on GreenBow's site, but as there
is precious little that actually goes into detail, I'm a bit lost.  
 
All pointers gladly appreciated.
 
Thank you,
 
Dale Hirt